0x1ba0
[ 1530.897071][ T8067]  ? kasan_check_write+0x14/0x20
[ 1530.902033][ T8067]  ? __rwlock_init+0x130/0x130
[ 1530.906811][ T8067]  ? count_memcg_event_mm+0x300/0x300
[ 1530.912195][ T8067]  handle_mm_fault+0x29a6/0x6130
[ 1530.917156][ T8067]  ? finish_fault+0x220/0x220
[ 1530.921853][ T8067]  ? __down_read+0x1a0/0x1a0
[ 1530.926536][ T8067]  ? vmacache_find+0x566/0x5b0
[ 1530.931303][ T8067]  ? vmacache_update+0xb7/0x120
[ 1530.936161][ T8067]  ? find_vma+0x13c/0x150
[ 1530.940501][ T8067]  do_user_addr_fault+0x56f/0xaa0
[ 1530.945539][ T8067]  __do_page_fault+0xd3/0x1f0
[ 1530.950226][ T8067]  do_page_fault+0xce/0xe0
[ 1530.954651][ T8067]  ? page_fault+0x8/0x30
[ 1530.958908][ T8067]  page_fault+0x1e/0x30
[ 1530.963062][ T8067] RIP: 0033:0x40d2a1
[ 1530.966956][ T8067] Code: 3d f3 ad 34 00 00 0f 85 3b 08 00 00 e8 88 a7 04 00 85 c0 89 c5 0f 88 73 05 00 00 0f 84 f0 04 00 00 89 c6 bf 4c ed 4b 00 31 c0 <e8> ca 49 ff ff c7 44 24 30 00 00 00 00 e8 1d 52 ff ff 49 89 c6 48
[ 1530.986564][ T8067] RSP: 002b:00007ffff6b9e730 EFLAGS: 00010246
[ 1530.992633][ T8067] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000457aea
[ 1531.000865][ T8067] RDX: 0000000000000000 RSI: 0000000000003874 RDI: 00000000004bed4c
[ 1531.008847][ T8067] RBP: 0000000000003874 R08: 0000000000000001 R09: 0000555556c9a940
[ 1531.016821][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1531.024850][ T8067] R13: 00007ffff6b9e760 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1531.053972][ T8067] memory: usage 307176kB, limit 307200kB, failcnt 51043
[ 1531.073110][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1531.082345][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1531.092692][ T8067] Memory cgroup stats for /syz0: cache:6540KB rss:101128KB rss_huge:0KB shmem:6540KB mapped_file:3236KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6532KB active_anon:101112KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1531.120834][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=4792,uid=0
[ 1531.140085][ T8067] Memory cgroup out of memory: Killed process 4792 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1531.192964][T13659] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1531.203262][T13659] CPU: 0 PID: 13659 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1531.211155][T13659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1531.221220][T13659] Call Trace:
[ 1531.224515][T13659]  dump_stack+0x1d8/0x2f8
[ 1531.228887][T13659]  dump_header+0xdb/0xf40
[ 1531.233219][T13659]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1531.239029][T13659]  ? ___ratelimit+0x447/0x5d0
[ 1531.243702][T13659]  oom_kill_process+0x1a0/0x490
[ 1531.248571][T13659]  out_of_memory+0x76e/0x9e0
[ 1531.253161][T13659]  ? unregister_oom_notifier+0x20/0x20
[ 1531.258716][T13659]  ? kasan_check_read+0x11/0x20
[ 1531.263577][T13659]  try_charge+0x12ba/0x1710
[ 1531.268077][T13659]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1531.273869][T13659]  ? rcu_lock_release+0x4/0x20
[ 1531.278628][T13659]  ? rcu_lock_release+0x15/0x20
[ 1531.283573][T13659]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1531.289098][T13659]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1531.294382][T13659]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1531.300028][T13659]  wp_page_copy+0x391/0x18e0
[ 1531.304633][T13659]  ? rcu_lock_release+0x30/0x30
[ 1531.309498][T13659]  ? kasan_check_read+0x11/0x20
[ 1531.314345][T13659]  ? do_raw_spin_unlock+0x49/0x260
[ 1531.319461][T13659]  do_wp_page+0x609/0x1ba0
[ 1531.323868][T13659]  ? kasan_check_write+0x14/0x20
[ 1531.328815][T13659]  ? __rwlock_init+0x130/0x130
[ 1531.340943][T13659]  ? count_memcg_event_mm+0x300/0x300
[ 1531.346308][T13659]  handle_mm_fault+0x29a6/0x6130
[ 1531.351259][T13659]  ? finish_fault+0x220/0x220
[ 1531.355939][T13659]  ? __down_read+0x1a0/0x1a0
[ 1531.360516][T13659]  ? vmacache_find+0x251/0x5b0
[ 1531.365270][T13659]  ? find_vma+0x30/0x150
[ 1531.369510][T13659]  do_user_addr_fault+0x56f/0xaa0
[ 1531.374531][T13659]  __do_page_fault+0xd3/0x1f0
[ 1531.379217][T13659]  do_page_fault+0xce/0xe0
[ 1531.383626][T13659]  ? page_fault+0x8/0x30
[ 1531.387956][T13659]  page_fault+0x1e/0x30
[ 1531.392108][T13659] RIP: 0033:0x40e6b8
[ 1531.395979][T13659] Code: 8b 34 c6 4a 8d 04 2e 48 3d ff ff ff 7e 0f 86 77 ff ff ff bf d1 ea 4b 00 31 c0 e8 c3 35 ff ff 31 ff e8 0c 32 ff ff 0f 1f 40 00 <89> 3c b5 00 00 73 00 eb b6 31 ed 0f 1f 44 00 00 80 3d ae 1d 66 00
[ 1531.415576][T13659] RSP: 002b:00007ffff6b9e4b0 EFLAGS: 00010246
[ 1531.421642][T13659] RAX: 0000000007ee6468 RBX: 000000002be28806 RCX: 0000001b2ce20000
[ 1531.429595][T13659] RDX: 0000000000000000 RSI: 0000000000000468 RDI: ffffffff07ee6468
[ 1531.437559][T13659] RBP: 0000000000000009 R08: 0000000007ee6468 R09: 0000000007ee646c
[ 1531.446221][T13659] R10: 00007ffff6b9e650 R11: 0000000000000246 R12: 000000000075bfa8
[ 1531.454176][T13659] R13: 0000000080000000 R14: 00007f6874e5f008 R15: 0000000000000009
[ 1531.462540][T13659] memory: usage 306724kB, limit 307200kB, failcnt 51057
[ 1531.469543][T13659] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1531.477026][T13659] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1531.484225][T13659] Memory cgroup stats for /syz0: cache:6524KB rss:101012KB rss_huge:0KB shmem:6524KB mapped_file:3228KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6516KB active_anon:101016KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1531.506313][T13659] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5091,uid=0
[ 1531.521792][T13659] Memory cgroup out of memory: Killed process 5091 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:08 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00'}, 0x58)

15:48:08 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:08 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}})

15:48:08 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x700000000000000, 0x0}})

15:48:08 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}})

15:48:08 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

[ 1531.536466][ T1044] oom_reaper: reaped process 5091 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:08 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:08 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x800000000000000, 0x0}})

15:48:08 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}})

15:48:08 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}})

15:48:08 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00'}, 0x58)

15:48:08 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

15:48:08 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}})

15:48:08 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:08 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}})

15:48:08 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00'}, 0x58)

15:48:08 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x900000000000000, 0x0}})

15:48:08 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

15:48:08 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}})

15:48:08 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0xa00000000000000, 0x0}})

15:48:09 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:09 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000}})

15:48:09 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1532.215152][T13761] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1532.254482][T13761] CPU: 0 PID: 13761 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
15:48:09 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0xb00000000000000, 0x0}})

15:48:09 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}})

[ 1532.262402][T13761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1532.272471][T13761] Call Trace:
[ 1532.275772][T13761]  dump_stack+0x1d8/0x2f8
[ 1532.280115][T13761]  dump_header+0xdb/0xf40
[ 1532.284443][T13761]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1532.290252][T13761]  ? ___ratelimit+0x447/0x5d0
[ 1532.294969][T13761]  oom_kill_process+0x1a0/0x490
[ 1532.299837][T13761]  out_of_memory+0x76e/0x9e0
[ 1532.304440][T13761]  ? unregister_oom_notifier+0x20/0x20
[ 1532.309909][T13761]  ? kasan_check_read+0x11/0x20
15:48:09 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

[ 1532.314789][T13761]  try_charge+0x12ba/0x1710
[ 1532.319327][T13761]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1532.325148][T13761]  ? rcu_lock_release+0x4/0x20
[ 1532.329923][T13761]  ? rcu_lock_release+0x15/0x20
[ 1532.334785][T13761]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1532.340340][T13761]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1532.345814][T13761]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1532.351454][T13761]  wp_page_copy+0x391/0x18e0
[ 1532.356065][T13761]  ? reuse_swap_page+0xd47/0x1650
[ 1532.361094][T13761]  ? rcu_lock_release+0x30/0x30
[ 1532.365969][T13761]  ? kasan_check_read+0x11/0x20
[ 1532.370821][T13761]  ? do_raw_spin_unlock+0x49/0x260
[ 1532.375939][T13761]  do_wp_page+0x609/0x1ba0
[ 1532.380353][T13761]  ? kasan_check_write+0x14/0x20
[ 1532.385300][T13761]  ? __rwlock_init+0x130/0x130
[ 1532.390066][T13761]  ? count_memcg_event_mm+0x300/0x300
[ 1532.395453][T13761]  handle_mm_fault+0x29a6/0x6130
[ 1532.400497][T13761]  ? finish_fault+0x220/0x220
[ 1532.405371][T13761]  ? __down_read+0x1a0/0x1a0
[ 1532.409984][T13761]  ? vmacache_find+0x51b/0x5b0
[ 1532.414758][T13761]  ? vmacache_update+0xb7/0x120
[ 1532.419648][T13761]  ? find_vma+0x13c/0x150
[ 1532.424069][T13761]  do_user_addr_fault+0x56f/0xaa0
[ 1532.429106][T13761]  __do_page_fault+0xd3/0x1f0
[ 1532.433792][T13761]  do_page_fault+0xce/0xe0
[ 1532.438208][T13761]  ? page_fault+0x8/0x30
[ 1532.442450][T13761]  page_fault+0x1e/0x30
[ 1532.446598][T13761] RIP: 0033:0x457b1e
15:48:09 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

[ 1532.450491][T13761] Code: 00 00 85 c0 41 89 c5 0f 85 fc 00 00 00 64 8b 04 25 d0 02 00 00 41 39 c4 0f 84 12 02 00 00 48 8b 05 27 ec 61 00 48 85 c0 74 04 <48> 83 00 04 64 8b 04 25 d0 02 00 00 64 89 04 25 d4 02 00 00 0f 31
[ 1532.470106][T13761] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010206
[ 1532.476174][T13761] RAX: 0000000000a76248 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1532.484151][T13761] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1532.492135][T13761] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1532.500115][T13761] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1532.508099][T13761] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1532.700433][T13761] memory: usage 307200kB, limit 307200kB, failcnt 51081
[ 1532.717468][T13761] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1532.724958][T13761] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1532.787235][T13761] Memory cgroup stats for /syz0: cache:6540KB rss:101172KB rss_huge:0KB shmem:6540KB mapped_file:3236KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6532KB active_anon:101180KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1532.847209][T13761] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=13743,uid=0
[ 1532.863191][T13761] Memory cgroup out of memory: Killed process 13743 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:09 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'}, 0x58)

15:48:09 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000}})

15:48:09 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:09 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}})

15:48:09 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0xc00000000000000, 0x0}})

15:48:09 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

15:48:09 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:10 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0xd00000000000000, 0x0}})

15:48:10 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12}})

15:48:10 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}})

15:48:10 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

15:48:10 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1533.187817][T13810] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1533.273234][T13810] CPU: 0 PID: 13810 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1533.281164][T13810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1533.281177][T13810] Call Trace:
[ 1533.294535][T13810]  dump_stack+0x1d8/0x2f8
[ 1533.298878][T13810]  dump_header+0xdb/0xf40
[ 1533.303229][T13810]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1533.309562][T13810]  ? ___ratelimit+0x447/0x5d0
[ 1533.316250][T13810]  oom_kill_process+0x1a0/0x490
[ 1533.322066][T13810]  out_of_memory+0x76e/0x9e0
[ 1533.326667][T13810]  ? unregister_oom_notifier+0x20/0x20
[ 1533.332163][T13810]  ? kasan_check_read+0x11/0x20
[ 1533.332178][T13810]  try_charge+0x12ba/0x1710
[ 1533.332211][T13810]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1533.332228][T13810]  ? rcu_lock_release+0x4/0x20
[ 1533.332242][T13810]  ? rcu_lock_release+0x15/0x20
[ 1533.332250][T13810]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1533.332261][T13810]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1533.332276][T13810]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1533.332291][T13810]  wp_page_copy+0x391/0x18e0
[ 1533.378331][T13810]  ? reuse_swap_page+0xd47/0x1650
[ 1533.383373][T13810]  ? rcu_lock_release+0x30/0x30
[ 1533.388242][T13810]  ? kasan_check_read+0x11/0x20
[ 1533.393101][T13810]  ? do_raw_spin_unlock+0x49/0x260
[ 1533.398229][T13810]  do_wp_page+0x609/0x1ba0
[ 1533.402653][T13810]  ? kasan_check_write+0x14/0x20
[ 1533.407606][T13810]  ? __rwlock_init+0x130/0x130
[ 1533.412379][T13810]  ? count_memcg_event_mm+0x300/0x300
[ 1533.417789][T13810]  handle_mm_fault+0x29a6/0x6130
[ 1533.422757][T13810]  ? finish_fault+0x220/0x220
[ 1533.427457][T13810]  ? __down_read+0x1a0/0x1a0
[ 1533.432051][T13810]  ? vmacache_find+0x51b/0x5b0
[ 1533.436827][T13810]  ? vmacache_update+0xb7/0x120
[ 1533.441687][T13810]  ? find_vma+0x13c/0x150
[ 1533.446025][T13810]  do_user_addr_fault+0x56f/0xaa0
[ 1533.451063][T13810]  __do_page_fault+0xd3/0x1f0
[ 1533.455840][T13810]  do_page_fault+0xce/0xe0
[ 1533.460274][T13810]  ? page_fault+0x8/0x30
[ 1533.464524][T13810]  page_fault+0x1e/0x30
[ 1533.468680][T13810] RIP: 0033:0x4715d3
[ 1533.472579][T13810] Code: 00 4c 89 e7 89 8d 50 fb ff ff 45 31 ff 48 89 85 a8 fb ff ff 48 8b 42 08 48 89 85 b0 fb ff ff 48 8b 42 10 48 89 85 b8 fb ff ff <e8> 58 05 fd ff 8b 8d 50 fb ff ff 49 89 c6 48 89 85 68 fb ff ff 80
[ 1533.492183][T13810] RSP: 002b:00007ffff6b9df80 EFLAGS: 00010246
[ 1533.498234][T13810] RAX: 00007ffff6b9e670 RBX: 00007ffff6b9e4e0 RCX: 00000000fbad8001
[ 1533.506192][T13810] RDX: 00007ffff6b9e658 RSI: 0000000000000025 RDI: 00000000004bebe7
[ 1533.514164][T13810] RBP: 00007ffff6b9e4d0 R08: 0000000000000000 R09: 00007ffff6b9e658
[ 1533.522125][T13810] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000004bebe7
[ 1533.530085][T13810] R13: 00007ffff6b9e658 R14: 00007ffff6b9e658 R15: 0000000000000000
[ 1533.543593][T13810] memory: usage 307200kB, limit 307200kB, failcnt 51110
[ 1533.552067][T13810] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1533.560078][T13810] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1533.567028][T13810] Memory cgroup stats for /syz0: cache:6536KB rss:101176KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101184KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1533.591206][T13810] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5119,uid=0
[ 1533.606798][T13810] Memory cgroup out of memory: Killed process 5119 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:10 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}, 0x58)

15:48:10 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0xe00000000000000, 0x0}})

15:48:10 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}})

15:48:10 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25}})

15:48:10 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:10 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

[ 1533.621388][ T1044] oom_reaper: reaped process 5119 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:10 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}})

15:48:10 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x1000000000000000, 0x0}})

15:48:10 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:10 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9000000}})

15:48:10 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

15:48:10 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:10 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}, 0x58)

15:48:10 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7}})

15:48:10 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x1100000000000000, 0x0}})

[ 1533.995783][T13877] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1534.050798][T13877] CPU: 1 PID: 13877 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1534.058738][T13877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1534.068799][T13877] Call Trace:
[ 1534.072099][T13877]  dump_stack+0x1d8/0x2f8
[ 1534.076443][T13877]  dump_header+0xdb/0xf40
[ 1534.080787][T13877]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1534.086603][T13877]  ? ___ratelimit+0x447/0x5d0
[ 1534.091302][T13877]  oom_kill_process+0x1a0/0x490
[ 1534.096161][T13877]  out_of_memory+0x76e/0x9e0
[ 1534.100788][T13877]  ? unregister_oom_notifier+0x20/0x20
[ 1534.106264][T13877]  ? kasan_check_read+0x11/0x20
[ 1534.111131][T13877]  try_charge+0x12ba/0x1710
[ 1534.115661][T13877]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1534.121493][T13877]  ? rcu_lock_release+0x4/0x20
[ 1534.126280][T13877]  ? rcu_lock_release+0x15/0x20
[ 1534.131143][T13877]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1534.136701][T13877]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1534.142091][T13877]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1534.147731][T13877]  wp_page_copy+0x391/0x18e0
[ 1534.152509][T13877]  ? reuse_swap_page+0xd47/0x1650
[ 1534.157550][T13877]  ? rcu_lock_release+0x30/0x30
[ 1534.162414][T13877]  ? kasan_check_read+0x11/0x20
[ 1534.167272][T13877]  ? do_raw_spin_unlock+0x49/0x260
[ 1534.172390][T13877]  do_wp_page+0x609/0x1ba0
[ 1534.176811][T13877]  ? kasan_check_write+0x14/0x20
[ 1534.181758][T13877]  ? __rwlock_init+0x130/0x130
[ 1534.186597][T13877]  ? count_memcg_event_mm+0x300/0x300
[ 1534.191986][T13877]  handle_mm_fault+0x29a6/0x6130
[ 1534.197031][T13877]  ? finish_fault+0x220/0x220
[ 1534.201825][T13877]  ? __down_read+0x1a0/0x1a0
[ 1534.206421][T13877]  ? vmacache_find+0x251/0x5b0
[ 1534.211192][T13877]  ? find_vma+0x30/0x150
[ 1534.215443][T13877]  do_user_addr_fault+0x56f/0xaa0
[ 1534.220482][T13877]  __do_page_fault+0xd3/0x1f0
[ 1534.225170][T13877]  do_page_fault+0xce/0xe0
[ 1534.229595][T13877]  ? page_fault+0x8/0x30
[ 1534.233843][T13877]  page_fault+0x1e/0x30
[ 1534.237994][T13877] RIP: 0033:0x40f723
[ 1534.241891][T13877] Code: 9b 47 30 00 48 89 05 8c 47 30 00 c7 05 a2 47 30 00 01 00 00 00 48 c7 05 97 0d 66 00 00 00 00 00 c7 05 95 0d 66 00 00 00 00 00 <c7> 05 b3 4d 66 00 00 00 00 00 c3 49 c7 81 c0 02 00 00 a0 04 a7 00
[ 1534.261496][T13877] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010202
[ 1534.267569][T13877] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000a704a0
[ 1534.275545][T13877] RDX: 0000000000000001 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1534.283612][T13877] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1534.291587][T13877] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
15:48:11 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}})

15:48:11 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:11 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000}})

15:48:11 executing program 1:
syz_open_dev$usbmon(0x0, 0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:11 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000000}})

15:48:11 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd000000}})

15:48:11 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:11 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe000000}})

15:48:11 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1534.299562][T13877] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1534.321074][T13877] memory: usage 307200kB, limit 307200kB, failcnt 51164
[ 1534.342359][T13877] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1534.392134][T13877] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1534.411102][T13877] Memory cgroup stats for /syz0: cache:6540KB rss:101172KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101180KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1534.459705][T13877] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5188,uid=0
[ 1534.483616][T13877] Memory cgroup out of memory: Killed process 5188 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1534.611275][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1534.630467][ T8067] CPU: 0 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1534.638345][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1534.648402][ T8067] Call Trace:
[ 1534.651699][ T8067]  dump_stack+0x1d8/0x2f8
[ 1534.656045][ T8067]  dump_header+0xdb/0xf40
[ 1534.660411][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1534.666230][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1534.670922][ T8067]  oom_kill_process+0x1a0/0x490
[ 1534.675870][ T8067]  out_of_memory+0x76e/0x9e0
[ 1534.680471][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1534.685937][ T8067]  ? kasan_check_read+0x11/0x20
[ 1534.690796][ T8067]  try_charge+0x12ba/0x1710
[ 1534.695379][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1534.701191][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1534.706043][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1534.710874][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1534.716399][ T8067]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1534.721667][ T8067]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1534.727306][ T8067]  wp_page_copy+0x391/0x18e0
[ 1534.731920][ T8067]  ? reuse_swap_page+0xd47/0x1650
[ 1534.736929][ T8067]  ? rcu_lock_release+0x30/0x30
[ 1534.741789][ T8067]  ? kasan_check_read+0x11/0x20
[ 1534.746636][ T8067]  ? do_raw_spin_unlock+0x49/0x260
[ 1534.751773][ T8067]  do_wp_page+0x609/0x1ba0
[ 1534.756179][ T8067]  ? kasan_check_write+0x14/0x20
[ 1534.761141][ T8067]  ? __rwlock_init+0x130/0x130
[ 1534.765929][ T8067]  ? count_memcg_event_mm+0x300/0x300
[ 1534.771322][ T8067]  handle_mm_fault+0x29a6/0x6130
[ 1534.776353][ T8067]  ? finish_fault+0x220/0x220
[ 1534.781415][ T8067]  ? __down_read+0x1a0/0x1a0
[ 1534.786008][ T8067]  ? vmacache_find+0x251/0x5b0
[ 1534.790768][ T8067]  ? find_vma+0x30/0x150
[ 1534.795011][ T8067]  do_user_addr_fault+0x56f/0xaa0
[ 1534.800036][ T8067]  __do_page_fault+0xd3/0x1f0
[ 1534.804724][ T8067]  do_page_fault+0xce/0xe0
[ 1534.809160][ T8067]  ? page_fault+0x8/0x30
[ 1534.813472][ T8067]  page_fault+0x1e/0x30
[ 1534.817647][ T8067] RIP: 0033:0x457c4a
[ 1534.821533][ T8067] Code: 48 85 db 74 b6 41 bc ca 00 00 00 eb 0c 0f 1f 00 48 8b 5b 08 48 85 db 74 a2 48 8b 3b 48 8b 47 10 48 85 c0 74 05 ff d0 48 8b 3b <f0> ff 4f 28 0f 94 c0 84 c0 74 db 8b 47 2c 85 c0 74 d4 45 31 d2 ba
[ 1534.841149][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010246
[ 1534.847215][ T8067] RAX: 0000000000000000 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1534.855190][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a74fc8
[ 1534.868351][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1534.876928][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 00000000000000ca
[ 1534.884895][ T8067] R13: 0000000000003890 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1534.893367][ T8067] memory: usage 307060kB, limit 307200kB, failcnt 51166
[ 1534.901167][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1534.908782][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1534.915623][ T8067] Memory cgroup stats for /syz0: cache:6536KB rss:101136KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101132KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1534.937679][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5323,uid=0
15:48:11 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}, 0x58)

15:48:11 executing program 1:
r0 = syz_open_dev$loop(0x0, 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:11 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}})

15:48:11 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x1200000000000000, 0x0}})

15:48:11 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:11 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}})

[ 1534.953131][ T8067] Memory cgroup out of memory: Killed process 5323 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1534.968167][ T1044] oom_reaper: reaped process 5323 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:11 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000}})

15:48:11 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:12 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500}})

15:48:12 executing program 1:
r0 = syz_open_dev$loop(0x0, 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:12 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x2000000000000000, 0x0}})

15:48:12 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00'}, 0x58)

15:48:12 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:12 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600}})

15:48:12 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12000000}})

15:48:12 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x2500000000000000, 0x0}})

15:48:12 executing program 1:
r0 = syz_open_dev$loop(0x0, 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:12 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:12 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700}})

15:48:12 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x4000000000000000, 0x0}})

15:48:12 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}})

[ 1535.437455][T13961] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
15:48:12 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1535.502322][T13961] CPU: 0 PID: 13961 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1535.510248][T13961] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1535.520309][T13961] Call Trace:
[ 1535.523603][T13961]  dump_stack+0x1d8/0x2f8
[ 1535.527936][T13961]  dump_header+0xdb/0xf40
[ 1535.527951][T13961]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1535.527966][T13961]  ? ___ratelimit+0x447/0x5d0
[ 1535.527983][T13961]  oom_kill_process+0x1a0/0x490
[ 1535.527995][T13961]  out_of_memory+0x76e/0x9e0
15:48:12 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900}})

[ 1535.528010][T13961]  ? unregister_oom_notifier+0x20/0x20
[ 1535.552205][T13961]  ? kasan_check_read+0x11/0x20
[ 1535.552222][T13961]  try_charge+0x12ba/0x1710
[ 1535.552251][T13961]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1535.572837][T13961]  ? rcu_lock_release+0x4/0x20
[ 1535.577614][T13961]  ? rcu_lock_release+0x15/0x20
[ 1535.582468][T13961]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1535.588026][T13961]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1535.593326][T13961]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1535.598972][T13961]  wp_page_copy+0x391/0x18e0
[ 1535.603576][T13961]  ? reuse_swap_page+0xd47/0x1650
[ 1535.608603][T13961]  ? rcu_lock_release+0x30/0x30
[ 1535.608622][T13961]  ? kasan_check_read+0x11/0x20
[ 1535.608632][T13961]  ? do_raw_spin_unlock+0x49/0x260
[ 1535.608647][T13961]  do_wp_page+0x609/0x1ba0
[ 1535.608656][T13961]  ? kasan_check_write+0x14/0x20
[ 1535.608672][T13961]  ? __rwlock_init+0x130/0x130
[ 1535.637806][T13961]  ? count_memcg_event_mm+0x300/0x300
[ 1535.643281][T13961]  handle_mm_fault+0x29a6/0x6130
[ 1535.648247][T13961]  ? finish_fault+0x220/0x220
[ 1535.652950][T13961]  ? __down_read+0x1a0/0x1a0
[ 1535.657735][T13961]  ? vmacache_find+0x566/0x5b0
[ 1535.662514][T13961]  ? vmacache_update+0xb7/0x120
[ 1535.667542][T13961]  ? find_vma+0x13c/0x150
[ 1535.667557][T13961]  do_user_addr_fault+0x56f/0xaa0
[ 1535.667576][T13961]  __do_page_fault+0xd3/0x1f0
[ 1535.667587][T13961]  do_page_fault+0xce/0xe0
[ 1535.667599][T13961]  ? page_fault+0x8/0x30
[ 1535.667613][T13961]  page_fault+0x1e/0x30
[ 1535.680735][T13961] RIP: 0033:0x457b6b
[ 1535.680754][T13961] Code: 25 20 06 00 00 b8 e0 3f 41 00 48 89 15 5e ec 61 00 48 85 c0 74 08 4c 89 cf e8 81 c4 fb ff 45 85 f6 0f 85 58 01 00 00 48 85 db <48> c7 05 1a d4 2b 00 00 00 00 00 48 c7 05 ff d3 2b 00 00 00 00 00
[ 1535.680760][T13961] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010202
[ 1535.680768][T13961] RAX: 0000000000000000 RBX: 00007ffff6b9e6e0 RCX: 0000000000413ff3
[ 1535.680777][T13961] RDX: 00000338a4a7d557 RSI: 0000000000000018 RDI: 0000555556c9ac20
[ 1535.680782][T13961] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1535.680788][T13961] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1535.680793][T13961] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1535.738272][T13961] memory: usage 307200kB, limit 307200kB, failcnt 51190
[ 1535.800818][T13961] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1535.809139][T13961] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1535.816948][T13961] Memory cgroup stats for /syz0: cache:6536KB rss:101164KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101172KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1535.845257][T13961] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=13914,uid=0
[ 1535.874033][T13961] Memory cgroup out of memory: Killed process 13914 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:12 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\f\x00'}, 0x58)

15:48:12 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:12 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25000000}})

15:48:12 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:12 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00}})

15:48:12 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x5c00000000000000, 0x0}})

[ 1535.894940][ T1044] oom_reaper: reaped process 13914 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:48:12 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31384142}})

15:48:12 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:12 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0xe7ffffffffffffff, 0x0}})

15:48:12 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:13 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00}})

[ 1536.084460][T14014] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1536.169278][T14014] CPU: 1 PID: 14014 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1536.177211][T14014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1536.187281][T14014] Call Trace:
[ 1536.190592][T14014]  dump_stack+0x1d8/0x2f8
[ 1536.194928][T14014]  dump_header+0xdb/0xf40
[ 1536.199625][T14014]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1536.199637][T14014]  ? ___ratelimit+0x447/0x5d0
[ 1536.199652][T14014]  oom_kill_process+0x1a0/0x490
[ 1536.199664][T14014]  out_of_memory+0x76e/0x9e0
[ 1536.199675][T14014]  ? unregister_oom_notifier+0x20/0x20
[ 1536.199686][T14014]  ? kasan_check_read+0x11/0x20
[ 1536.199702][T14014]  try_charge+0x12ba/0x1710
[ 1536.234494][T14014]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1536.241023][T14014]  ? rcu_lock_release+0x4/0x20
[ 1536.245798][T14014]  ? rcu_lock_release+0x15/0x20
[ 1536.250662][T14014]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1536.256262][T14014]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1536.261554][T14014]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1536.267190][T14014]  wp_page_copy+0x391/0x18e0
[ 1536.267210][T14014]  ? reuse_swap_page+0xd47/0x1650
[ 1536.267222][T14014]  ? rcu_lock_release+0x30/0x30
[ 1536.267239][T14014]  ? kasan_check_read+0x11/0x20
[ 1536.276831][T14014]  ? do_raw_spin_unlock+0x49/0x260
[ 1536.276847][T14014]  do_wp_page+0x609/0x1ba0
[ 1536.296033][T14014]  ? kasan_check_write+0x14/0x20
[ 1536.300989][T14014]  ? __rwlock_init+0x130/0x130
[ 1536.305758][T14014]  ? count_memcg_event_mm+0x300/0x300
[ 1536.311135][T14014]  handle_mm_fault+0x29a6/0x6130
[ 1536.316080][T14014]  ? finish_fault+0x220/0x220
[ 1536.320770][T14014]  ? __down_read+0x1a0/0x1a0
[ 1536.325359][T14014]  ? vmacache_find+0x251/0x5b0
[ 1536.330127][T14014]  ? find_vma+0x30/0x150
[ 1536.334466][T14014]  do_user_addr_fault+0x56f/0xaa0
[ 1536.339502][T14014]  __do_page_fault+0xd3/0x1f0
[ 1536.344188][T14014]  do_page_fault+0xce/0xe0
[ 1536.348604][T14014]  ? page_fault+0x8/0x30
[ 1536.352850][T14014]  page_fault+0x1e/0x30
[ 1536.357089][T14014] RIP: 0033:0x40f6a6
15:48:13 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33424752}})

[ 1536.360979][T14014] Code: 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 0a 0e 66 00 00 00 00 00 <48> c7 05 e7 47 30 00 90 3e 71 00 31 d2 48 c7 05 d2 47 30 00 90 3e
[ 1536.380848][T14014] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
[ 1536.380859][T14014] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000a704a0
[ 1536.380865][T14014] RDX: 0000000000a704a0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1536.380870][T14014] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1536.380875][T14014] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1536.380881][T14014] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1536.392551][T14014] memory: usage 307200kB, limit 307200kB, failcnt 51233
[ 1536.420512][T14014] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1536.460780][T14014] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1536.468429][T14014] Memory cgroup stats for /syz0: cache:6536KB rss:101172KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101180KB inactive_file:0KB active_file:0KB unevictable:0KB
15:48:13 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\r\x00'}, 0x58)

15:48:13 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33524742}})

15:48:13 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0xfdfdffff00000000, 0x0}})

15:48:13 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:13 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:13 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00}})

[ 1536.501923][T14014] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5345,uid=0
[ 1536.519059][T14014] Memory cgroup out of memory: Killed process 5345 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:13 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:13 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0xfdfdffffffffffff, 0x0}})

15:48:13 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}})

15:48:13 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00}})

15:48:13 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0e\x00'}, 0x58)

15:48:13 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:13 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:13 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00}})

15:48:13 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:13 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0xfecaedfe00000000, 0x0}})

15:48:13 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42413831}})

[ 1536.889348][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1536.970251][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1536.978359][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1536.988423][ T8067] Call Trace:
[ 1536.991716][ T8067]  dump_stack+0x1d8/0x2f8
[ 1536.996045][ T8067]  dump_header+0xdb/0xf40
[ 1537.000382][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1537.006192][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1537.010886][ T8067]  oom_kill_process+0x1a0/0x490
[ 1537.015737][ T8067]  out_of_memory+0x76e/0x9e0
[ 1537.020335][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1537.025794][ T8067]  ? kasan_check_read+0x11/0x20
[ 1537.030656][ T8067]  try_charge+0x12ba/0x1710
[ 1537.035189][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1537.041013][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1537.041032][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1537.041046][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1537.051345][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1537.051354][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1537.051365][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1537.051379][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1537.051392][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1537.051406][ T8067]  ? kasan_check_write+0x14/0x20
[ 1537.051422][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1537.093045][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1537.098165][ T8067]  pte_alloc_one+0x1f/0x180
[ 1537.102680][ T8067]  __pte_alloc+0x20/0x2f0
[ 1537.107018][ T8067]  copy_page_range+0x23d5/0x2900
[ 1537.111963][ T8067]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1537.118066][ T8067]  ? trace_lock_acquire+0x190/0x190
[ 1537.123296][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1537.128505][ T8067]  ? kasan_check_write+0x14/0x20
[ 1537.133461][ T8067]  dup_mmap+0xa2d/0xe90
[ 1537.137644][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1537.142761][ T8067]  ? kasan_check_write+0x14/0x20
[ 1537.147702][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1537.147715][ T8067]  dup_mm+0x9e/0x340
[ 1537.147727][ T8067]  copy_process+0x25ff/0x5c80
[ 1537.147757][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1537.147778][ T8067]  _do_fork+0x180/0x5f0
[ 1537.147794][ T8067]  ? dup_mm+0x340/0x340
[ 1537.173454][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1537.178922][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1537.184993][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1537.190718][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1537.196355][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1537.201815][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1537.207540][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1537.212138][ T8067]  do_syscall_64+0xfe/0x140
15:48:13 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100}})

15:48:13 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:13 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200}})

15:48:14 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:14 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}})

[ 1537.216650][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1537.222544][ T8067] RIP: 0033:0x457aea
[ 1537.226441][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1537.246063][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1537.254478][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1537.254484][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1537.254489][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1537.254495][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1537.254500][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1537.285994][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 51293
[ 1537.319470][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1537.326996][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1537.340322][ T8067] Memory cgroup stats for /syz0: cache:6536KB rss:101148KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101156KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1537.362564][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5413,uid=0
[ 1537.378403][ T8067] Memory cgroup out of memory: Killed process 5413 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1537.398263][ T1044] oom_reaper: reaped process 5413 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:14 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00'}, 0x58)

15:48:14 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500}})

15:48:14 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:14 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42474752}})

15:48:14 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:14 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0}})

15:48:14 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:14 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}})

15:48:14 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:14 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42475233}})

15:48:14 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0xfffffffffffffdfd, 0x0}})

[ 1537.630883][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1537.644893][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1537.652809][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1537.662867][ T8067] Call Trace:
[ 1537.666167][ T8067]  dump_stack+0x1d8/0x2f8
[ 1537.670599][ T8067]  dump_header+0xdb/0xf40
[ 1537.674936][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1537.680756][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1537.685446][ T8067]  oom_kill_process+0x1a0/0x490
[ 1537.690304][ T8067]  out_of_memory+0x76e/0x9e0
[ 1537.694902][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1537.700369][ T8067]  ? kasan_check_read+0x11/0x20
[ 1537.705751][ T8067]  try_charge+0x12ba/0x1710
[ 1537.710294][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1537.716129][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1537.721630][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1537.727177][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1537.732380][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1537.737230][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1537.737248][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1537.737263][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1537.737276][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1537.737302][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1537.737314][ T8067]  __pmd_alloc+0x39/0x3d0
[ 1537.737330][ T8067]  copy_page_range+0x254c/0x2900
[ 1537.768275][ T8067]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1537.768294][ T8067]  ? trace_lock_acquire+0x190/0x190
[ 1537.768327][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1537.784491][ T8067]  ? __rb_insert_augmented+0x706/0x720
[ 1537.784504][ T8067]  ? kasan_check_write+0x14/0x20
[ 1537.784527][ T8067]  dup_mmap+0xa2d/0xe90
[ 1537.784554][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1537.815292][ T8067]  ? kasan_check_write+0x14/0x20
[ 1537.820249][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1537.824513][ T8067]  dup_mm+0x9e/0x340
[ 1537.828415][ T8067]  copy_process+0x25ff/0x5c80
[ 1537.833119][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1537.837554][ T8067]  _do_fork+0x180/0x5f0
[ 1537.841723][ T8067]  ? dup_mm+0x340/0x340
[ 1537.845889][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1537.852818][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1537.859015][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1537.859027][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1537.859037][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1537.859052][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1537.870409][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1537.870424][ T8067]  do_syscall_64+0xfe/0x140
[ 1537.870438][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1537.870447][ T8067] RIP: 0033:0x457aea
[ 1537.870457][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1537.870470][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
15:48:14 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47425247}})

[ 1537.928547][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1537.936527][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1537.944533][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1537.944548][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1537.960487][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1537.969480][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 51328
[ 1537.997228][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1538.004726][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1538.016678][ T8067] Memory cgroup stats for /syz0: cache:6540KB rss:101148KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101156KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1538.040875][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5440,uid=0
[ 1538.056489][ T8067] Memory cgroup out of memory: Killed process 5440 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:15 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00'}, 0x58)

15:48:15 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47524247}})

15:48:15 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:15 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00}})

15:48:15 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:15 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0xffffffffffffffe7, 0x0}})

15:48:15 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:15 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:15 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}})

15:48:15 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50424752}})

15:48:15 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff}})

15:48:15 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x12\x00'}, 0x58)

15:48:15 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:15 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:15 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52424752}})

15:48:15 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd}})

[ 1538.473256][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
15:48:15 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:15 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1538.603606][ T8067] CPU: 0 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1538.611467][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1538.621534][ T8067] Call Trace:
[ 1538.624833][ T8067]  dump_stack+0x1d8/0x2f8
[ 1538.629183][ T8067]  dump_header+0xdb/0xf40
[ 1538.633531][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1538.639354][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1538.644071][ T8067]  oom_kill_process+0x1a0/0x490
[ 1538.648957][ T8067]  out_of_memory+0x76e/0x9e0
[ 1538.653584][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1538.659060][ T8067]  ? kasan_check_read+0x11/0x20
[ 1538.663940][ T8067]  try_charge+0x12ba/0x1710
[ 1538.668475][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1538.674309][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1538.679086][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1538.684725][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1538.689936][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1538.694794][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1538.700527][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1538.705652][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1538.711038][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1538.716591][ T8067]  ? arch_stack_walk+0x98/0xe0
[ 1538.716609][ T8067]  ? kasan_check_write+0x14/0x20
[ 1538.716626][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1538.726419][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1538.726441][ T8067]  pte_alloc_one+0x1f/0x180
[ 1538.741070][ T8067]  __pte_alloc+0x20/0x2f0
[ 1538.745412][ T8067]  copy_page_range+0x23d5/0x2900
15:48:15 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:15 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:15 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7}})

[ 1538.750553][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1538.755266][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1538.760686][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1538.771647][ T8067]  dup_mmap+0xa2d/0xe90
[ 1538.775836][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1538.781015][ T8067]  ? kasan_check_write+0x14/0x20
[ 1538.785978][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1538.790242][ T8067]  dup_mm+0x9e/0x340
[ 1538.790256][ T8067]  copy_process+0x25ff/0x5c80
[ 1538.790286][ T8067]  ? fork_idle+0x1b0/0x1b0
15:48:15 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1538.790306][ T8067]  _do_fork+0x180/0x5f0
[ 1538.790321][ T8067]  ? dup_mm+0x340/0x340
[ 1538.790334][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1538.790344][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1538.790357][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1538.790366][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1538.790375][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1538.790384][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1538.790396][ T8067]  __x64_sys_clone+0xc1/0xd0
15:48:15 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}})

[ 1538.790408][ T8067]  do_syscall_64+0xfe/0x140
[ 1538.790423][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1538.790433][ T8067] RIP: 0033:0x457aea
[ 1538.790448][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1538.884620][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1538.893039][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1538.901019][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1538.909002][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1538.917012][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1538.925018][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1538.948424][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 51393
[ 1538.956585][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1538.984866][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1538.992511][ T8067] Memory cgroup stats for /syz0: cache:6536KB rss:101148KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101156KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1539.018736][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5461,uid=0
[ 1539.041633][ T8067] Memory cgroup out of memory: Killed process 5461 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1539.056697][ T1044] oom_reaper: reaped process 5461 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
[ 1539.094802][T14234] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1539.108635][T14234] CPU: 1 PID: 14234 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1539.116537][T14234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1539.126755][T14234] Call Trace:
[ 1539.130040][T14234]  dump_stack+0x1d8/0x2f8
[ 1539.134368][T14234]  dump_header+0xdb/0xf40
[ 1539.138725][T14234]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1539.144796][T14234]  ? ___ratelimit+0x447/0x5d0
[ 1539.149473][T14234]  oom_kill_process+0x1a0/0x490
[ 1539.154318][T14234]  out_of_memory+0x76e/0x9e0
[ 1539.158887][T14234]  ? unregister_oom_notifier+0x20/0x20
[ 1539.164326][T14234]  ? kasan_check_read+0x11/0x20
[ 1539.169173][T14234]  try_charge+0x12ba/0x1710
[ 1539.173693][T14234]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1539.179519][T14234]  ? rcu_lock_release+0x4/0x20
[ 1539.184310][T14234]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1539.189888][T14234]  ? memcg_kmem_put_cache+0x70/0x70
[ 1539.195697][T14234]  ? rcu_lock_release+0x15/0x20
[ 1539.200656][T14234]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1539.206606][T14234]  __memcg_kmem_charge+0x118/0x2f0
[ 1539.211739][T14234]  __alloc_pages_nodemask+0x377/0x790
[ 1539.217483][T14234]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1539.225471][T14234]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1539.231749][T14234]  ? copy_process+0x599/0x5c80
[ 1539.236624][T14234]  copy_process+0x613/0x5c80
[ 1539.242870][T14234]  ? psi_memstall_leave+0xf7/0x130
[ 1539.248949][T14234]  ? trace_lock_acquire+0x190/0x190
[ 1539.256975][T14234]  ? fork_idle+0x1b0/0x1b0
[ 1539.262413][T14234]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1539.268225][T14234]  ? trace_mm_vmscan_memcg_reclaim_end+0x213/0x250
[ 1539.276232][T14234]  ? try_to_free_mem_cgroup_pages+0x335/0x570
[ 1539.285426][T14234]  ? kasan_check_write+0x14/0x20
[ 1539.295635][T14234]  _do_fork+0x180/0x5f0
[ 1539.301276][T14234]  ? dup_mm+0x340/0x340
[ 1539.308234][T14234]  ? debug_smp_processor_id+0x1c/0x20
[ 1539.317320][T14234]  ? switch_fpu_return+0x10c/0x290
[ 1539.326592][T14234]  ? copy_init_fpstate_to_fpregs+0x150/0x150
[ 1539.338713][T14234]  ? css_put+0xfe/0x180
[ 1539.348114][T14234]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1539.362911][T14234]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1539.368621][T14234]  __x64_sys_clone+0xc1/0xd0
[ 1539.373197][T14234]  do_syscall_64+0xfe/0x140
[ 1539.377771][T14234]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1539.383658][T14234] RIP: 0033:0x45bee9
[ 1539.388395][T14234] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 1539.408326][T14234] RSP: 002b:00007ffff6b9e448 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1539.416729][T14234] RAX: ffffffffffffffda RBX: 00007f6872e5e700 RCX: 000000000045bee9
[ 1539.424694][T14234] RDX: 00007f6872e5e9d0 RSI: 00007f6872e5ddb0 RDI: 00000000003d0f00
[ 1539.432739][T14234] RBP: 00007ffff6b9e660 R08: 00007f6872e5e700 R09: 00007f6872e5e700
[ 1539.440733][T14234] R10: 00007f6872e5e9d0 R11: 0000000000000202 R12: 0000000000000000
[ 1539.449416][T14234] R13: 00007ffff6b9e4ff R14: 00007f6872e5e9c0 R15: 000000000075bf2c
[ 1539.459522][T14234] memory: usage 307004kB, limit 307200kB, failcnt 51429
[ 1539.466488][T14234] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1539.474123][T14234] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1539.482670][T14234] Memory cgroup stats for /syz0: cache:6532KB rss:101084KB rss_huge:0KB shmem:6532KB mapped_file:3228KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101092KB inactive_file:0KB active_file:0KB unevictable:0KB
15:48:16 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00'}, 0x58)

15:48:16 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:16 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}})

15:48:16 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52474233}})

15:48:16 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:16 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1539.505968][T14234] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5479,uid=0
[ 1539.521919][T14234] Memory cgroup out of memory: Killed process 5479 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1539.536699][ T1044] oom_reaper: reaped process 5479 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:16 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52474250}})

15:48:16 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:16 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}})

15:48:16 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:16 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1539.665765][T14255] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1539.811301][T14255] CPU: 1 PID: 14255 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1539.819508][T14255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1539.829743][T14255] Call Trace:
[ 1539.833064][T14255]  dump_stack+0x1d8/0x2f8
[ 1539.837436][T14255]  dump_header+0xdb/0xf40
[ 1539.841883][T14255]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1539.848055][T14255]  ? ___ratelimit+0x447/0x5d0
[ 1539.854459][T14255]  oom_kill_process+0x1a0/0x490
15:48:16 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1539.859328][T14255]  out_of_memory+0x76e/0x9e0
[ 1539.863986][T14255]  ? unregister_oom_notifier+0x20/0x20
[ 1539.869472][T14255]  ? kasan_check_read+0x11/0x20
[ 1539.874695][T14255]  try_charge+0x12ba/0x1710
[ 1539.879331][T14255]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1539.885162][T14255]  ? rcu_lock_release+0x4/0x20
[ 1539.890120][T14255]  ? rcu_lock_release+0x15/0x20
[ 1539.895062][T14255]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1539.901166][T14255]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1539.906479][T14255]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1539.912223][T14255]  shmem_getpage_gfp+0x1052/0x2dd0
[ 1539.917358][T14255]  ? __bfs+0x550/0x550
[ 1539.921631][T14255]  ? shmem_getpage+0xa0/0xa0
[ 1539.926318][T14255]  ? trace_hardirqs_on+0x74/0x80
[ 1539.931267][T14255]  ? iov_iter_fault_in_readable+0x2ba/0x5c0
[ 1539.937470][T14255]  shmem_write_begin+0xcb/0x1b0
[ 1539.937488][T14255]  generic_perform_write+0x2ac/0x550
[ 1539.937506][T14255]  ? grab_cache_page_write_begin+0xa0/0xa0
[ 1539.937517][T14255]  ? file_remove_privs+0x600/0x600
[ 1539.937531][T14255]  ? lock_acquire+0x158/0x250
[ 1539.937547][T14255]  __generic_file_write_iter+0x24b/0x520
[ 1539.954726][T14255]  generic_file_write_iter+0x41d/0x5a0
[ 1539.954748][T14255]  __vfs_write+0x617/0x7d0
[ 1539.954764][T14255]  ? __kernel_write+0x330/0x330
[ 1539.954787][T14255]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1539.965359][T14255]  ? __sb_start_write+0x199/0x360
[ 1539.965370][T14255]  ? kasan_check_read+0x11/0x20
[ 1539.965382][T14255]  vfs_write+0x227/0x510
[ 1539.965399][T14255]  ksys_write+0x16b/0x2a0
[ 1539.976703][T14255]  ? __ia32_sys_read+0x90/0x90
[ 1539.976718][T14255]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1539.976735][T14255]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1539.986152][T14255]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1539.986165][T14255]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1539.986174][T14255]  ? do_syscall_64+0x1d/0x140
[ 1539.986191][T14255]  __x64_sys_write+0x7b/0x90
[ 1539.997056][T14255]  do_syscall_64+0xfe/0x140
[ 1539.997072][T14255]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1539.997088][T14255] RIP: 0033:0x459519
[ 1540.006164][T14255] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1540.006171][T14255] RSP: 002b:00007f6872e5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1540.006181][T14255] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459519
[ 1540.006187][T14255] RDX: 0000000000000001 RSI: 00000000200004c0 RDI: 0000000000000003
[ 1540.006192][T14255] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1540.006204][T14255] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e5e6d4
[ 1540.015274][T14255] R13: 00000000004c58be R14: 00000000004df8c0 R15: 00000000ffffffff
[ 1540.022263][T14255] memory: usage 307124kB, limit 307200kB, failcnt 51444
[ 1540.036578][T14255] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1540.048161][T14255] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1540.063576][T14255] Memory cgroup stats for /syz0: cache:6528KB rss:101148KB rss_huge:0KB shmem:6528KB mapped_file:3228KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6520KB active_anon:101136KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1540.177587][T14255] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5572,uid=0
15:48:17 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00'}, 0x58)

15:48:17 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}})

15:48:17 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:17 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52474252}})

15:48:17 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1540.222288][T14255] Memory cgroup out of memory: Killed process 5572 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:0kB
15:48:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:17 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:17 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52474742}})

15:48:17 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:17 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000}})

15:48:17 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:17 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00'}, 0x58)

15:48:17 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:17 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000}})

15:48:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:17 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56595559}})

15:48:17 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:17 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x59555956}})

15:48:17 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}})

15:48:17 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:17 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:17 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'}, 0x58)

15:48:17 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}})

15:48:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:17 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c000000}})

15:48:17 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:17 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1540.998778][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1541.048831][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1541.056764][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1541.067130][ T8067] Call Trace:
[ 1541.071866][ T8067]  dump_stack+0x1d8/0x2f8
[ 1541.076223][ T8067]  dump_header+0xdb/0xf40
[ 1541.080661][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1541.086496][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1541.091196][ T8067]  oom_kill_process+0x1a0/0x490
[ 1541.096076][ T8067]  out_of_memory+0x76e/0x9e0
[ 1541.100686][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1541.106167][ T8067]  ? kasan_check_read+0x11/0x20
[ 1541.111074][ T8067]  try_charge+0x12ba/0x1710
[ 1541.115617][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1541.121466][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1541.126399][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1541.131959][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1541.137189][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1541.137199][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1541.137209][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1541.137224][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1541.137237][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1541.137258][ T8067]  ? arch_stack_walk+0x98/0xe0
[ 1541.137273][ T8067]  ? kasan_check_write+0x14/0x20
[ 1541.173802][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1541.178847][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1541.183977][ T8067]  pte_alloc_one+0x1f/0x180
[ 1541.188494][ T8067]  __pte_alloc+0x20/0x2f0
[ 1541.188508][ T8067]  copy_page_range+0x23d5/0x2900
[ 1541.188526][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1541.188557][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1541.197826][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1541.197846][ T8067]  dup_mmap+0xa2d/0xe90
[ 1541.197863][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1541.197875][ T8067]  ? kasan_check_write+0x14/0x20
[ 1541.197885][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1541.197902][ T8067]  dup_mm+0x9e/0x340
[ 1541.236183][ T8067]  copy_process+0x25ff/0x5c80
[ 1541.240893][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1541.245329][ T8067]  _do_fork+0x180/0x5f0
15:48:18 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:18 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:18 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff}})

15:48:18 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9000000}})

[ 1541.249497][ T8067]  ? dup_mm+0x340/0x340
[ 1541.253658][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1541.259033][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1541.259048][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1541.259057][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1541.259066][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1541.259075][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1541.259089][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1541.259102][ T8067]  do_syscall_64+0xfe/0x140
15:48:18 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1541.259120][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1541.302681][ T8067] RIP: 0033:0x457aea
[ 1541.306609][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1541.326318][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1541.334919][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
15:48:18 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}})

[ 1541.342935][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1541.350921][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1541.358909][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1541.366933][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1541.424514][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 51495
[ 1541.431646][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1541.439675][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1541.439683][ T8067] Memory cgroup stats for /syz0: cache:6540KB rss:101148KB rss_huge:0KB shmem:6540KB mapped_file:3236KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6532KB active_anon:101156KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1541.494502][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14318,uid=0
[ 1541.560908][ T8067] Memory cgroup out of memory: Killed process 14318 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:18 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}, 0x58)

15:48:18 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff}})

15:48:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:18 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:18 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000}})

15:48:18 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:18 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfecaedfe}})

15:48:18 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000000}})

15:48:18 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x0, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:18 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:18 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}, 0x58)

15:48:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:18 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeedcafe}})

15:48:18 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x0, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:18 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:18 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd000000}})

[ 1541.945201][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1541.958721][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1541.966549][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1541.976618][ T8067] Call Trace:
[ 1541.980183][ T8067]  dump_stack+0x1d8/0x2f8
[ 1541.984531][ T8067]  dump_header+0xdb/0xf40
[ 1541.988875][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
15:48:18 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd}})

[ 1541.994699][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1541.999400][ T8067]  oom_kill_process+0x1a0/0x490
[ 1542.004321][ T8067]  out_of_memory+0x76e/0x9e0
[ 1542.008921][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1542.014397][ T8067]  ? kasan_check_read+0x11/0x20
[ 1542.019504][ T8067]  try_charge+0x12ba/0x1710
[ 1542.019535][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1542.019557][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1542.034620][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1542.034634][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
15:48:18 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7}})

[ 1542.034649][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1542.050232][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1542.055804][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1542.060932][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1542.066329][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1542.071891][ T8067]  ? __schedule+0x660/0x9e0
[ 1542.076415][ T8067]  ? kasan_check_write+0x14/0x20
[ 1542.081391][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1542.086435][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1542.091562][ T8067]  pte_alloc_one+0x1f/0x180
15:48:19 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000}})

[ 1542.096082][ T8067]  __pte_alloc+0x20/0x2f0
[ 1542.100430][ T8067]  copy_page_range+0x23d5/0x2900
[ 1542.105391][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1542.110104][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1542.115322][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1542.120368][ T8067]  dup_mmap+0xa2d/0xe90
[ 1542.124542][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1542.129662][ T8067]  ? kasan_check_write+0x14/0x20
[ 1542.134608][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1542.138865][ T8067]  dup_mm+0x9e/0x340
[ 1542.142774][ T8067]  copy_process+0x25ff/0x5c80
[ 1542.147481][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1542.151918][ T8067]  _do_fork+0x180/0x5f0
[ 1542.156088][ T8067]  ? dup_mm+0x340/0x340
[ 1542.160262][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1542.165641][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1542.171720][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1542.177450][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1542.183096][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1542.188565][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
15:48:19 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x0, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:19 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe000000}})

[ 1542.194297][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1542.198903][ T8067]  do_syscall_64+0xfe/0x140
[ 1542.203420][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1542.209318][ T8067] RIP: 0033:0x457aea
[ 1542.213218][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1542.233020][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1542.241440][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1542.241448][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1542.241453][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1542.241458][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1542.241464][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1542.280850][ T8067] memory: usage 307184kB, limit 307200kB, failcnt 51555
15:48:19 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}})

[ 1542.293677][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1542.301314][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1542.317224][ T8067] Memory cgroup stats for /syz0: cache:6540KB rss:101136KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101144KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1542.362430][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14350,uid=0
[ 1542.381408][ T8067] Memory cgroup out of memory: Killed process 14350 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1542.396696][ T1044] oom_reaper: reaped process 14350 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:48:19 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00'}, 0x58)

15:48:19 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:19 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0x0, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:19 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:19 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}})

15:48:19 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}})

15:48:19 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0x0, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:19 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:19 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000}})

15:48:19 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000}})

15:48:19 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1542.689577][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1542.717354][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1542.725201][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1542.735275][ T8067] Call Trace:
15:48:19 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}})

[ 1542.738579][ T8067]  dump_stack+0x1d8/0x2f8
[ 1542.742917][ T8067]  dump_header+0xdb/0xf40
[ 1542.747265][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1542.753082][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1542.757775][ T8067]  oom_kill_process+0x1a0/0x490
[ 1542.762641][ T8067]  out_of_memory+0x76e/0x9e0
[ 1542.767251][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1542.772719][ T8067]  ? kasan_check_read+0x11/0x20
[ 1542.777575][ T8067]  try_charge+0x12ba/0x1710
[ 1542.777609][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1542.787921][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1542.787938][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1542.787949][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1542.787961][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1542.787970][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1542.787981][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1542.787997][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1542.824453][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1542.830031][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1542.835157][ T8067]  __pmd_alloc+0x39/0x3d0
[ 1542.839523][ T8067]  copy_page_range+0x254c/0x2900
[ 1542.844468][ T8067]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1542.850541][ T8067]  ? trace_lock_acquire+0x190/0x190
[ 1542.855782][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1542.861003][ T8067]  ? __rb_insert_augmented+0x706/0x720
[ 1542.861014][ T8067]  ? kasan_check_write+0x14/0x20
[ 1542.861034][ T8067]  dup_mmap+0xa2d/0xe90
[ 1542.861053][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1542.875619][ T8067]  ? kasan_check_write+0x14/0x20
[ 1542.875632][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1542.875645][ T8067]  dup_mm+0x9e/0x340
[ 1542.893985][ T8067]  copy_process+0x25ff/0x5c80
[ 1542.898692][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1542.903130][ T8067]  _do_fork+0x180/0x5f0
[ 1542.907319][ T8067]  ? dup_mm+0x340/0x340
[ 1542.911483][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1542.916880][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1542.922946][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1542.922957][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1542.922966][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1542.922975][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1542.922989][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1542.923001][ T8067]  do_syscall_64+0xfe/0x140
[ 1542.923016][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1542.923026][ T8067] RIP: 0033:0x457aea
[ 1542.923037][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1542.923047][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1542.992542][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1542.992556][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1543.008533][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1543.008540][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1543.008546][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1543.018563][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 51580
[ 1543.040454][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1543.053286][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1543.061261][ T8067] Memory cgroup stats for /syz0: cache:6544KB rss:101136KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101144KB inactive_file:8KB active_file:0KB unevictable:0KB
15:48:20 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\f\x00'}, 0x58)

15:48:20 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12000000}})

15:48:20 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000}})

15:48:20 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:20 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0x0, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:20 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1543.084755][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14478,uid=0
[ 1543.100381][ T8067] Memory cgroup out of memory: Killed process 14478 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1543.115382][ T1044] oom_reaper: reaped process 14478 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:48:20 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:20 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}})

15:48:20 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000000000000}})

[ 1543.251311][T14540] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1543.263753][T14540] CPU: 1 PID: 14540 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1543.271654][T14540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1543.271667][T14540] Call Trace:
[ 1543.285031][T14540]  dump_stack+0x1d8/0x2f8
[ 1543.289379][T14540]  dump_header+0xdb/0xf40
[ 1543.293726][T14540]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
15:48:20 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1543.299539][T14540]  ? ___ratelimit+0x447/0x5d0
[ 1543.304225][T14540]  oom_kill_process+0x1a0/0x490
[ 1543.309085][T14540]  out_of_memory+0x76e/0x9e0
[ 1543.313682][T14540]  ? unregister_oom_notifier+0x20/0x20
[ 1543.319149][T14540]  ? kasan_check_read+0x11/0x20
[ 1543.324008][T14540]  try_charge+0x12ba/0x1710
[ 1543.328540][T14540]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1543.334459][T14540]  ? rcu_lock_release+0x4/0x20
[ 1543.339235][T14540]  ? rcu_lock_release+0x15/0x20
[ 1543.344096][T14540]  ? get_mem_cgroup_from_mm+0x15b/0x170
15:48:20 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1543.344109][T14540]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1543.344126][T14540]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1543.344143][T14540]  wp_page_copy+0x391/0x18e0
[ 1543.365191][T14540]  ? reuse_swap_page+0xd47/0x1650
[ 1543.370220][T14540]  ? rcu_lock_release+0x30/0x30
[ 1543.370249][T14540]  ? kasan_check_read+0x11/0x20
[ 1543.379946][T14540]  ? do_raw_spin_unlock+0x49/0x260
[ 1543.385248][T14540]  do_wp_page+0x609/0x1ba0
[ 1543.389669][T14540]  ? kasan_check_write+0x14/0x20
[ 1543.394613][T14540]  ? __rwlock_init+0x130/0x130
15:48:20 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000}})

[ 1543.399404][T14540]  ? count_memcg_event_mm+0x300/0x300
[ 1543.399425][T14540]  handle_mm_fault+0x29a6/0x6130
[ 1543.399449][T14540]  ? finish_fault+0x220/0x220
[ 1543.414412][T14540]  ? vmacache_find+0x1fd/0x5b0
[ 1543.414423][T14540]  ? vmacache_update+0xb7/0x120
[ 1543.414437][T14540]  ? find_vma+0x13c/0x150
[ 1543.428395][T14540]  do_user_addr_fault+0x56f/0xaa0
[ 1543.433441][T14540]  __do_page_fault+0xd3/0x1f0
[ 1543.438123][T14540]  do_page_fault+0xce/0xe0
[ 1543.442539][T14540]  page_fault+0x1e/0x30
[ 1543.446695][T14540] RIP: 0010:__put_user_4+0x1c/0x30
[ 1543.451801][T14540] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 40 fd 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48
[ 1543.451808][T14540] RSP: 0018:ffff88803a5a7f08 EFLAGS: 00010293
[ 1543.451817][T14540] RAX: 00000000000038dd RBX: 00007fffffffeffd RCX: 0000555556c9ac10
[ 1543.451823][T14540] RDX: dffffc0000000000 RSI: ffff88809738eda0 RDI: 0000000000000282
[ 1543.451830][T14540] RBP: ffff88803a5a7f48 R08: dffffc0000000000 R09: ffffed1015d66bf8
[ 1543.451835][T14540] R10: ffffed1015d66bf8 R11: 1ffff11015d66bf7 R12: ffff8880aeb35100
[ 1543.451847][T14540] R13: dffffc0000000000 R14: 00000000000038dd R15: ffff88809738eaa8
[ 1543.517387][T14540]  ? schedule_tail+0xc9/0x1a0
[ 1543.522088][T14540]  ret_from_fork+0x8/0x30
[ 1543.526432][T14540] RIP: 0033:0x457aea
[ 1543.526454][T14540] Code: Bad RIP value.
[ 1543.526461][T14540] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1543.526470][T14540] RAX: 0000000000000000 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1543.526476][T14540] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1543.526488][T14540] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1543.586027][T14540] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1543.586042][T14540] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1543.609465][T14540] memory: usage 307200kB, limit 307200kB, failcnt 51638
[ 1543.646477][T14540] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1543.693620][T14540] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1543.706473][T14540] Memory cgroup stats for /syz0: cache:6536KB rss:101136KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101144KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1543.757032][T14540] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5621,uid=0
[ 1543.772683][T14540] Memory cgroup out of memory: Killed process 5621 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1543.787517][ T1044] oom_reaper: reaped process 5621 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
[ 1543.803617][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1543.814523][ T8067] CPU: 0 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1543.822333][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1543.832397][ T8067] Call Trace:
[ 1543.835695][ T8067]  dump_stack+0x1d8/0x2f8
[ 1543.840038][ T8067]  dump_header+0xdb/0xf40
[ 1543.844378][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1543.851521][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1543.856218][ T8067]  oom_kill_process+0x1a0/0x490
[ 1543.861083][ T8067]  out_of_memory+0x76e/0x9e0
[ 1543.865691][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1543.871154][ T8067]  ? kasan_check_read+0x11/0x20
[ 1543.876195][ T8067]  try_charge+0x12ba/0x1710
[ 1543.880691][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1543.886484][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1543.891319][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1543.896149][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1543.901683][ T8067]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1543.906972][ T8067]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1543.912613][ T8067]  wp_page_copy+0x391/0x18e0
[ 1543.917236][ T8067]  ? reuse_swap_page+0xd47/0x1650
[ 1543.922387][ T8067]  ? rcu_lock_release+0x30/0x30
[ 1543.927348][ T8067]  ? kasan_check_read+0x11/0x20
[ 1543.933512][ T8067]  ? do_raw_spin_unlock+0x49/0x260
[ 1543.938658][ T8067]  do_wp_page+0x609/0x1ba0
[ 1543.943213][ T8067]  ? kasan_check_write+0x14/0x20
[ 1543.948246][ T8067]  ? __rwlock_init+0x130/0x130
[ 1543.953758][ T8067]  ? count_memcg_event_mm+0x300/0x300
[ 1543.959620][ T8067]  handle_mm_fault+0x29a6/0x6130
[ 1543.964575][ T8067]  ? finish_fault+0x220/0x220
[ 1543.969283][ T8067]  ? __down_read+0x1a0/0x1a0
[ 1543.975628][ T8067]  ? vmacache_find+0x251/0x5b0
[ 1543.980941][ T8067]  ? find_vma+0x30/0x150
[ 1543.985174][ T8067]  do_user_addr_fault+0x56f/0xaa0
[ 1543.990186][ T8067]  __do_page_fault+0xd3/0x1f0
[ 1543.994850][ T8067]  do_page_fault+0xce/0xe0
[ 1543.999260][ T8067]  ? page_fault+0x8/0x30
[ 1544.003523][ T8067]  page_fault+0x1e/0x30
[ 1544.007668][ T8067] RIP: 0033:0x457c0e
[ 1544.011548][ T8067] Code: 5c 41 5d 41 5e 5d c3 48 c7 c2 d4 ff ff ff f7 d8 41 bd ff ff ff ff 64 89 02 64 8b 04 25 d0 02 00 00 41 39 c4 0f 85 2f 01 00 00 <64> 44 89 04 25 d4 02 00 00 45 85 f6 0f 85 7f 00 00 00 48 85 db 74
[ 1544.031159][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010246
[ 1544.037222][ T8067] RAX: 0000000000000001 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1544.045193][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1544.053169][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1544.061149][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1544.069125][ T8067] R13: 00000000000038dd R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1544.077469][ T8067] memory: usage 307032kB, limit 307200kB, failcnt 51640
[ 1544.084547][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1544.092102][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1544.099041][ T8067] Memory cgroup stats for /syz0: cache:6540KB rss:101124KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101132KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1544.121160][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5698,uid=0
[ 1544.136572][ T8067] Memory cgroup out of memory: Killed process 5698 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:21 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\r\x00'}, 0x58)

15:48:21 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:21 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000}})

15:48:21 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0x0, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:21 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:21 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25000000}})

[ 1544.151255][ T1044] oom_reaper: reaped process 5698 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:21 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:21 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:21 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0x0, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:21 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900000000000000}})

15:48:21 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x31384142}})

15:48:21 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:21 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0e\x00'}, 0x58)

15:48:21 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0x0, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:21 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:21 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00000000000000}})

15:48:21 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33424752}})

[ 1544.543479][T14615] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
15:48:21 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:21 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:21 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000}})

[ 1544.628189][T14615] CPU: 0 PID: 14615 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1544.636130][T14615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1544.646284][T14615] Call Trace:
[ 1544.649768][T14615]  dump_stack+0x1d8/0x2f8
[ 1544.649785][T14615]  dump_header+0xdb/0xf40
[ 1544.649799][T14615]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1544.649809][T14615]  ? ___ratelimit+0x447/0x5d0
[ 1544.649823][T14615]  oom_kill_process+0x1a0/0x490
[ 1544.649834][T14615]  out_of_memory+0x76e/0x9e0
[ 1544.649851][T14615]  ? unregister_oom_notifier+0x20/0x20
[ 1544.664990][T14615]  ? kasan_check_read+0x11/0x20
[ 1544.665015][T14615]  try_charge+0x12ba/0x1710
[ 1544.694308][T14615]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1544.700225][T14615]  ? rcu_lock_release+0x4/0x20
[ 1544.705017][T14615]  ? rcu_lock_release+0x15/0x20
[ 1544.709887][T14615]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1544.715451][T14615]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1544.720781][T14615]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1544.726431][T14615]  wp_page_copy+0x391/0x18e0
[ 1544.731123][T14615]  ? reuse_swap_page+0xd47/0x1650
[ 1544.736155][T14615]  ? rcu_lock_release+0x30/0x30
[ 1544.741239][T14615]  ? kasan_check_read+0x11/0x20
[ 1544.746377][T14615]  ? do_raw_spin_unlock+0x49/0x260
[ 1544.751534][T14615]  do_wp_page+0x609/0x1ba0
[ 1544.755965][T14615]  ? kasan_check_write+0x14/0x20
[ 1544.760931][T14615]  ? __rwlock_init+0x130/0x130
[ 1544.765709][T14615]  ? count_memcg_event_mm+0x300/0x300
[ 1544.771208][T14615]  handle_mm_fault+0x29a6/0x6130
[ 1544.776162][T14615]  ? finish_fault+0x220/0x220
[ 1544.776185][T14615]  ? __down_read+0x1a0/0x1a0
[ 1544.776199][T14615]  ? vmacache_find+0x51b/0x5b0
[ 1544.790407][T14615]  ? vmacache_update+0xb7/0x120
[ 1544.795358][T14615]  ? find_vma+0x13c/0x150
[ 1544.799705][T14615]  do_user_addr_fault+0x56f/0xaa0
[ 1544.804872][T14615]  __do_page_fault+0xd3/0x1f0
[ 1544.809653][T14615]  do_page_fault+0xce/0xe0
[ 1544.814110][T14615]  ? page_fault+0x8/0x30
[ 1544.818456][T14615]  page_fault+0x1e/0x30
[ 1544.822616][T14615] RIP: 0033:0x40f678
15:48:21 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:21 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00000000000000}})

15:48:21 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x33524742}})

15:48:21 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x0, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1544.826510][T14615] Code: 48 8b 05 43 48 30 00 48 89 08 48 8b 15 41 48 30 00 48 89 42 08 48 8b 05 26 48 30 00 48 89 05 2f 48 30 00 49 8d 81 c0 02 00 00 <48> 89 05 31 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48
[ 1544.846115][T14615] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
[ 1544.852211][T14615] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000713ea0
[ 1544.860184][T14615] RDX: 000000000040f4b0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1544.860191][T14615] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1544.860196][T14615] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1544.860201][T14615] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1544.881191][T14615] memory: usage 307200kB, limit 307200kB, failcnt 51663
[ 1544.900216][T14615] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1544.947926][T14615] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1544.977828][T14615] Memory cgroup stats for /syz0: cache:6544KB rss:101156KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101164KB inactive_file:8KB active_file:0KB unevictable:0KB
[ 1545.013747][T14615] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14602,uid=0
[ 1545.035899][T14615] Memory cgroup out of memory: Killed process 14602 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:22 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00'}, 0x58)

15:48:22 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:22 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x0, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:22 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}})

15:48:22 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00000000000000}})

15:48:22 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1545.155446][T14666] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
15:48:22 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x0, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:22 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:22 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:22 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4056d0c0}})

15:48:22 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00000000000000}})

[ 1545.339831][T14666] CPU: 0 PID: 14666 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1545.349171][T14666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1545.359504][T14666] Call Trace:
[ 1545.359530][T14666]  dump_stack+0x1d8/0x2f8
[ 1545.359544][T14666]  dump_header+0xdb/0xf40
[ 1545.359557][T14666]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1545.359567][T14666]  ? ___ratelimit+0x447/0x5d0
[ 1545.359581][T14666]  oom_kill_process+0x1a0/0x490
[ 1545.359592][T14666]  out_of_memory+0x76e/0x9e0
[ 1545.359603][T14666]  ? unregister_oom_notifier+0x20/0x20
[ 1545.359614][T14666]  ? kasan_check_read+0x11/0x20
[ 1545.359629][T14666]  try_charge+0x12ba/0x1710
[ 1545.359664][T14666]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1545.369405][T14666]  ? rcu_lock_release+0x4/0x20
[ 1545.369420][T14666]  ? rcu_lock_release+0x15/0x20
[ 1545.369428][T14666]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1545.369439][T14666]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1545.369455][T14666]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1545.369467][T14666]  wp_page_copy+0x391/0x18e0
[ 1545.369484][T14666]  ? reuse_swap_page+0xd47/0x1650
[ 1545.369495][T14666]  ? rcu_lock_release+0x30/0x30
[ 1545.369514][T14666]  ? kasan_check_read+0x11/0x20
[ 1545.369523][T14666]  ? do_raw_spin_unlock+0x49/0x260
[ 1545.369537][T14666]  do_wp_page+0x609/0x1ba0
[ 1545.369545][T14666]  ? kasan_check_write+0x14/0x20
[ 1545.369560][T14666]  ? __rwlock_init+0x130/0x130
[ 1545.455695][T14666]  ? count_memcg_event_mm+0x300/0x300
[ 1545.475040][T14666]  handle_mm_fault+0x29a6/0x6130
[ 1545.490232][T14666]  ? finish_fault+0x220/0x220
[ 1545.494932][T14666]  ? __down_read+0x1a0/0x1a0
[ 1545.499557][T14666]  ? vmacache_find+0x251/0x5b0
[ 1545.504334][T14666]  ? find_vma+0x30/0x150
[ 1545.508588][T14666]  do_user_addr_fault+0x56f/0xaa0
[ 1545.513717][T14666]  __do_page_fault+0xd3/0x1f0
[ 1545.518411][T14666]  do_page_fault+0xce/0xe0
[ 1545.522893][T14666]  ? page_fault+0x8/0x30
[ 1545.527151][T14666]  page_fault+0x1e/0x30
[ 1545.531313][T14666] RIP: 0033:0x40f6a6
15:48:22 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1545.535220][T14666] Code: 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 0a 0e 66 00 00 00 00 00 <48> c7 05 e7 47 30 00 90 3e 71 00 31 d2 48 c7 05 d2 47 30 00 90 3e
[ 1545.554967][T14666] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
[ 1545.561043][T14666] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000a704a0
[ 1545.569025][T14666] RDX: 0000000000a704a0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1545.577104][T14666] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1545.577117][T14666] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1545.593293][T14666] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1545.627492][T14666] memory: usage 307196kB, limit 307200kB, failcnt 51687
[ 1545.636847][T14666] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1545.645762][T14666] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1545.653201][T14666] Memory cgroup stats for /syz0: cache:6536KB rss:101160KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101168KB inactive_file:0KB active_file:0KB unevictable:0KB
15:48:22 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x12\x00'}, 0x58)

15:48:22 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x0, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:22 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:22 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}})

15:48:22 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42413831}})

15:48:22 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1545.689713][T14666] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14650,uid=0
[ 1545.705295][T14666] Memory cgroup out of memory: Killed process 14650 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1545.721692][ T1044] oom_reaper: reaped process 14650 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:48:22 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000}})

15:48:22 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42474752}})

15:48:22 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x0, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:22 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:22 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1545.940221][T14710] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
15:48:22 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x0, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1546.001157][T14710] CPU: 0 PID: 14710 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1546.009954][T14710] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1546.020349][T14710] Call Trace:
[ 1546.023928][T14710]  dump_stack+0x1d8/0x2f8
[ 1546.028311][T14710]  dump_header+0xdb/0xf40
[ 1546.028328][T14710]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1546.028338][T14710]  ? ___ratelimit+0x447/0x5d0
[ 1546.028352][T14710]  oom_kill_process+0x1a0/0x490
[ 1546.028364][T14710]  out_of_memory+0x76e/0x9e0
[ 1546.028376][T14710]  ? unregister_oom_notifier+0x20/0x20
[ 1546.028387][T14710]  ? kasan_check_read+0x11/0x20
[ 1546.028409][T14710]  try_charge+0x12ba/0x1710
[ 1546.039976][T14710]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1546.039995][T14710]  ? rcu_lock_release+0x4/0x20
[ 1546.040009][T14710]  ? rcu_lock_release+0x15/0x20
[ 1546.040017][T14710]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1546.040028][T14710]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1546.040044][T14710]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1546.040056][T14710]  wp_page_copy+0x391/0x18e0
[ 1546.040075][T14710]  ? reuse_swap_page+0xd47/0x1650
[ 1546.040085][T14710]  ? rcu_lock_release+0x30/0x30
[ 1546.040103][T14710]  ? kasan_check_read+0x11/0x20
[ 1546.040114][T14710]  ? do_raw_spin_unlock+0x49/0x260
[ 1546.040128][T14710]  do_wp_page+0x609/0x1ba0
[ 1546.040137][T14710]  ? kasan_check_write+0x14/0x20
[ 1546.040152][T14710]  ? __rwlock_init+0x130/0x130
[ 1546.139421][T14710]  ? count_memcg_event_mm+0x300/0x300
[ 1546.149640][T14710]  handle_mm_fault+0x29a6/0x6130
[ 1546.149663][T14710]  ? finish_fault+0x220/0x220
[ 1546.149683][T14710]  ? __down_read+0x1a0/0x1a0
[ 1546.149691][T14710]  ? vmacache_find+0x566/0x5b0
[ 1546.149699][T14710]  ? vmacache_update+0xb7/0x120
[ 1546.149710][T14710]  ? find_vma+0x13c/0x150
[ 1546.149723][T14710]  do_user_addr_fault+0x56f/0xaa0
[ 1546.149750][T14710]  __do_page_fault+0xd3/0x1f0
[ 1546.183587][T14710]  do_page_fault+0xce/0xe0
[ 1546.183601][T14710]  ? page_fault+0x8/0x30
[ 1546.183612][T14710]  page_fault+0x1e/0x30
[ 1546.183622][T14710] RIP: 0033:0x457b6b
[ 1546.183636][T14710] Code: 25 20 06 00 00 b8 e0 3f 41 00 48 89 15 5e ec 61 00 48 85 c0 74 08 4c 89 cf e8 81 c4 fb ff 45 85 f6 0f 85 58 01 00 00 48 85 db <48> c7 05 1a d4 2b 00 00 00 00 00 48 c7 05 ff d3 2b 00 00 00 00 00
[ 1546.227121][T14710] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010202
[ 1546.233556][T14710] RAX: 0000000000000000 RBX: 00007ffff6b9e6e0 RCX: 0000000000413ff3
[ 1546.242062][T14710] RDX: 0000033e4690f84e RSI: 0000000000000018 RDI: 0000555556c9ac20
[ 1546.250127][T14710] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1546.250142][T14710] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1546.266653][T14710] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1546.288086][T14710] memory: usage 307200kB, limit 307200kB, failcnt 51720
[ 1546.307848][T14710] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1546.315807][T14710] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1546.328582][T14710] Memory cgroup stats for /syz0: cache:6540KB rss:101152KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101160KB inactive_file:8KB active_file:0KB unevictable:0KB
15:48:23 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:23 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00'}, 0x58)

15:48:23 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:23 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x42475233}})

15:48:23 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:23 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200000000000000}})

[ 1546.352786][T14710] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14697,uid=0
[ 1546.370981][T14710] Memory cgroup out of memory: Killed process 14697 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:23 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:23 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:23 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:23 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}})

15:48:23 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47425247}})

15:48:23 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00'}, 0x58)

15:48:23 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0x0, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:23 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:23 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:23 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x47524247}})

15:48:23 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500000000000000}})

15:48:23 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50424752}})

15:48:23 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:23 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0x0, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:23 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1546.867018][T14798] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1546.969504][T14798] CPU: 1 PID: 14798 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1546.977472][T14798] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1546.987532][T14798] Call Trace:
[ 1546.991015][T14798]  dump_stack+0x1d8/0x2f8
[ 1546.995459][T14798]  dump_header+0xdb/0xf40
[ 1546.999816][T14798]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1547.005635][T14798]  ? ___ratelimit+0x447/0x5d0
[ 1547.010332][T14798]  oom_kill_process+0x1a0/0x490
[ 1547.015200][T14798]  out_of_memory+0x76e/0x9e0
[ 1547.019826][T14798]  ? unregister_oom_notifier+0x20/0x20
[ 1547.025296][T14798]  ? kasan_check_read+0x11/0x20
[ 1547.030164][T14798]  try_charge+0x12ba/0x1710
[ 1547.034705][T14798]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1547.040552][T14798]  ? rcu_lock_release+0x4/0x20
[ 1547.045337][T14798]  ? rcu_lock_release+0x15/0x20
[ 1547.050215][T14798]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1547.055822][T14798]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1547.061129][T14798]  mem_cgroup_try_charge_delay+0x25/0xa0
15:48:23 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000}})

15:48:23 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1547.066778][T14798]  wp_page_copy+0x391/0x18e0
[ 1547.071386][T14798]  ? reuse_swap_page+0xd47/0x1650
[ 1547.076426][T14798]  ? rcu_lock_release+0x30/0x30
[ 1547.076445][T14798]  ? kasan_check_read+0x11/0x20
[ 1547.076456][T14798]  ? do_raw_spin_unlock+0x49/0x260
[ 1547.076472][T14798]  do_wp_page+0x609/0x1ba0
[ 1547.076487][T14798]  ? kasan_check_write+0x14/0x20
[ 1547.100733][T14798]  ? __rwlock_init+0x130/0x130
[ 1547.105508][T14798]  ? count_memcg_event_mm+0x300/0x300
[ 1547.110908][T14798]  handle_mm_fault+0x29a6/0x6130
[ 1547.115875][T14798]  ? finish_fault+0x220/0x220
[ 1547.120565][T14798]  ? __down_read+0x1a0/0x1a0
[ 1547.125159][T14798]  ? vmacache_find+0x251/0x5b0
[ 1547.129927][T14798]  ? find_vma+0x30/0x150
[ 1547.134268][T14798]  do_user_addr_fault+0x56f/0xaa0
[ 1547.139314][T14798]  __do_page_fault+0xd3/0x1f0
[ 1547.144007][T14798]  do_page_fault+0xce/0xe0
[ 1547.148453][T14798]  ? page_fault+0x8/0x30
[ 1547.148464][T14798]  page_fault+0x1e/0x30
[ 1547.148473][T14798] RIP: 0033:0x40f6a6
[ 1547.148483][T14798] Code: 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 0a 0e 66 00 00 00 00 00 <48> c7 05 e7 47 30 00 90 3e 71 00 31 d2 48 c7 05 d2 47 30 00 90 3e
[ 1547.148495][T14798] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
[ 1547.156871][T14798] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000a704a0
[ 1547.156882][T14798] RDX: 0000000000a704a0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1547.202345][T14798] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1547.210314][T14798] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1547.218273][T14798] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1547.233297][T14798] memory: usage 307200kB, limit 307200kB, failcnt 51771
[ 1547.240751][T14798] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1547.249349][T14798] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1547.256383][T14798] Memory cgroup stats for /syz0: cache:6536KB rss:101156KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101164KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1547.278514][T14798] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14771,uid=0
[ 1547.295862][T14798] Memory cgroup out of memory: Killed process 14771 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1547.325900][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1547.336103][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1547.343917][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1547.354016][ T8067] Call Trace:
[ 1547.357322][ T8067]  dump_stack+0x1d8/0x2f8
[ 1547.361654][ T8067]  dump_header+0xdb/0xf40
[ 1547.365971][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1547.371974][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1547.376638][ T8067]  oom_kill_process+0x1a0/0x490
[ 1547.381473][ T8067]  out_of_memory+0x76e/0x9e0
[ 1547.386048][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1547.391490][ T8067]  ? kasan_check_read+0x11/0x20
[ 1547.396320][ T8067]  try_charge+0x12ba/0x1710
[ 1547.400814][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1547.406603][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1547.411354][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1547.416183][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1547.421726][ T8067]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1547.427000][ T8067]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1547.432634][ T8067]  wp_page_copy+0x391/0x18e0
[ 1547.437218][ T8067]  ? reuse_swap_page+0xd47/0x1650
[ 1547.442268][ T8067]  ? rcu_lock_release+0x30/0x30
[ 1547.447219][ T8067]  ? kasan_check_read+0x11/0x20
[ 1547.452061][ T8067]  ? do_raw_spin_unlock+0x49/0x260
[ 1547.457188][ T8067]  do_wp_page+0x609/0x1ba0
[ 1547.461627][ T8067]  ? kasan_check_write+0x14/0x20
[ 1547.466555][ T8067]  ? __rwlock_init+0x130/0x130
[ 1547.471457][ T8067]  ? count_memcg_event_mm+0x300/0x300
[ 1547.476823][ T8067]  handle_mm_fault+0x29a6/0x6130
[ 1547.481765][ T8067]  ? finish_fault+0x220/0x220
[ 1547.486450][ T8067]  ? __down_read+0x1a0/0x1a0
[ 1547.491021][ T8067]  ? vmacache_find+0x251/0x5b0
[ 1547.495875][ T8067]  ? find_vma+0x30/0x150
[ 1547.500116][ T8067]  do_user_addr_fault+0x56f/0xaa0
[ 1547.505140][ T8067]  __do_page_fault+0xd3/0x1f0
[ 1547.509806][ T8067]  do_page_fault+0xce/0xe0
[ 1547.514230][ T8067]  ? page_fault+0x8/0x30
[ 1547.518487][ T8067]  page_fault+0x1e/0x30
[ 1547.522624][ T8067] RIP: 0033:0x457c4a
[ 1547.526500][ T8067] Code: 48 85 db 74 b6 41 bc ca 00 00 00 eb 0c 0f 1f 00 48 8b 5b 08 48 85 db 74 a2 48 8b 3b 48 8b 47 10 48 85 c0 74 05 ff d0 48 8b 3b <f0> ff 4f 28 0f 94 c0 84 c0 74 db 8b 47 2c 85 c0 74 d4 45 31 d2 ba
[ 1547.546109][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010246
[ 1547.552204][ T8067] RAX: 0000000000000000 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1547.560186][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a74fc8
[ 1547.568157][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1547.576123][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 00000000000000ca
[ 1547.584204][ T8067] R13: 00000000000038fb R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1547.593891][ T8067] memory: usage 307096kB, limit 307200kB, failcnt 51772
[ 1547.602339][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1547.610576][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1547.617528][ T8067] Memory cgroup stats for /syz0: cache:6540KB rss:101124KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101128KB inactive_file:0KB active_file:4KB unevictable:0KB
[ 1547.639610][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5723,uid=0
[ 1547.655331][ T8067] Memory cgroup out of memory: Killed process 5723 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:24 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00'}, 0x58)

15:48:24 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4241383100000000}})

15:48:24 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:24 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0xef, 0x10000)
r2 = syz_genetlink_get_family_id$team(&(0x7f00000000c0)='team\x00')
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000100)={<r3=>0x0, @dev, @remote}, &(0x7f0000000140)=0xc)
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000000180)={<r4=>0x0, @broadcast, @broadcast}, &(0x7f00000001c0)=0xc)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000200)={{{@in, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in=@remote}, 0x0, @in=@local}}, &(0x7f0000000300)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x27, &(0x7f00000003c0)={@local, @local, <r6=>0x0}, &(0x7f0000000400)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000440)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000480)=0x14)
getsockopt$inet6_mreq(0xffffffffffffff9c, 0x29, 0x1d, &(0x7f00000004c0)={@rand_addr, <r8=>0x0}, &(0x7f0000000500)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000006c0)={{{@in6=@empty, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{@in=@local}, 0x0, @in=@loopback}}, &(0x7f0000000540)=0xe8)
accept4$packet(0xffffffffffffffff, &(0x7f0000000580)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f00000007c0)=0x14, 0x80800)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000840)={0x11, 0x0, <r11=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000880)=0x14)
recvmsg(0xffffffffffffffff, &(0x7f00000022c0)={&(0x7f0000001d40)=@hci={0x1f, <r12=>0x0}, 0x80, &(0x7f0000002140)=[{&(0x7f0000001dc0)=""/6, 0x6}, {&(0x7f0000001e00)=""/73, 0x49}, {&(0x7f0000001e80)=""/81, 0x51}, {&(0x7f0000001f00)=""/176, 0xb0}, {&(0x7f0000001fc0)=""/67, 0x43}, {&(0x7f0000002040)=""/32, 0x20}, {&(0x7f0000002080)=""/86, 0x56}, {&(0x7f0000002100)=""/30, 0x1e}], 0x8, &(0x7f00000021c0)=""/228, 0xe4}, 0x40002000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f00000023c0)={'gre0\x00', <r13=>0x0})
getsockopt$inet_pktinfo(0xffffffffffffff9c, 0x0, 0x8, &(0x7f0000002400)={<r14=>0x0, @multicast1, @multicast1}, &(0x7f0000002440)=0xc)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000002480)={{{@in6=@mcast2, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r15=>0x0}}, {{@in=@dev}, 0x0, @in6=@remote}}, &(0x7f0000002580)=0xe8)
getsockname$packet(0xffffffffffffffff, &(0x7f00000025c0)={0x11, 0x0, <r16=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000002600)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000006000)={{{@in=@remote, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r17=>0x0}}, {{@in6=@local}, 0x0, @in6=@remote}}, &(0x7f0000006100)=0xe8)
getsockname(0xffffffffffffff9c, &(0x7f0000006140)=@ll={0x11, 0x0, <r18=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000061c0)=0x80)
accept$packet(0xffffffffffffffff, &(0x7f00000062c0)={0x11, 0x0, <r19=>0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000006300)=0x14)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000007800)={{{@in6=@loopback, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0}}, {{@in=@remote}, 0x0, @in=@initdev}}, &(0x7f0000007900)=0xe8)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000079c0)={0x11, 0x0, <r21=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000007a00)=0x14)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000007c00)={{{@in=@initdev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r22=>0x0}}, {{@in6=@empty}, 0x0, @in6=@remote}}, &(0x7f0000007d00)=0xe8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000007d40)={'\x00', <r23=>0x0})
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000007d80)={<r24=>0x0, @empty, @dev}, &(0x7f0000007dc0)=0xc)
accept4$packet(0xffffffffffffff9c, &(0x7f0000007e40)={0x11, 0x0, <r25=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000007e80)=0x14, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000007f80)={{{@in6=@initdev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r26=>0x0}}, {{@in6=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000008080)=0xe8)
getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x27, &(0x7f00000080c0)={@local, @remote, <r27=>0x0}, &(0x7f0000008100)=0xc)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000008140)={<r28=>0x0, @multicast2, @local}, &(0x7f0000008180)=0xc)
getsockname$packet(0xffffffffffffffff, &(0x7f0000008440)={0x11, 0x0, <r29=>0x0}, &(0x7f0000008480)=0x14)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f00000084c0)={{{@in6=@remote, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r30=>0x0}}, {{@in6=@empty}, 0x0, @in=@remote}}, &(0x7f00000085c0)=0xe8)
sendmsg$TEAM_CMD_NOOP(r1, &(0x7f0000009140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000009100)={&(0x7f0000008600)={0xadc, r2, 0x4, 0x70bd2b, 0x25dfdbfd, {}, [{{0x8, 0x1, r3}, {0x40, 0x2, [{0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r4}}}]}}, {{0x8, 0x1, r5}, {0x25c, 0x2, [{0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x7}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x800}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24, 0x1, 'user_linkup\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r6}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x20}}, {0x8}}}, {0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0x1c, 0x4, 'hash_to_port_mapping\x00'}}}, {0x5c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x2c, 0x4, [{0x7f, 0xe8, 0xee9e, 0x6}, {0x6, 0x6, 0x1, 0x1}, {0x8, 0x100, 0x100000001}, {0x6, 0x39d, 0xffffffffffffff9e, 0x7fff}, {0x0, 0x4, 0xffffffffffff7ffd, 0x2}]}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r7}}}, {0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x8}, {0x8, 0x4, 0x7}}, {0x8, 0x6, r8}}}]}}, {{0x8, 0x1, r9}, {0xb8, 0x2, [{0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r10}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r11}}, {0x8}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0x9d}}}]}}, {{0x8, 0x1, r12}, {0x1ac, 0x2, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r13}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r14}}}, {0x44, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x14, 0x4, [{0xfffffffffffffe00, 0x0, 0x3ff, 0x1f}, {0x2, 0x7, 0x5, 0x4}]}}}, {0x7c, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x4c, 0x4, [{0x8, 0x7fffffff, 0x100000001, 0x9}, {0x6, 0x401, 0x1, 0xb93}, {0x3, 0x4, 0x5, 0x7}, {0x61f, 0x4, 0x80, 0x2}, {0x5, 0xffffffffc8f32779, 0x9, 0xc9f2}, {0x7ff, 0x7, 0x4, 0x6}, {0x9, 0x6, 0x3880, 0xffff}, {0x1ff, 0x0, 0x3, 0x81}, {0x4, 0x8000, 0x80000001, 0x1}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0xfffffffffffff881}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r15}}}]}}, {{0x8, 0x1, r16}, {0x7c, 0x2, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r17}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x6}}}]}}, {{0x8, 0x1, r18}, {0x134, 0x2, [{0x38, 0x1, @mcast_rejoin_count={{0x24, 0x1, 'mcast_rejoin_count\x00'}, {0x8}, {0x8, 0x4, 0x2}}}, {0x3c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x8}, {0xc, 0x4, 'hash\x00'}}}, {0x44, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x14, 0x4, [{0x73, 0x9, 0x0, 0x9}, {0x6, 0x6, 0x5, 0x7}]}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x1000}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x101}}, {0x8, 0x6, r19}}}]}}, {{0x8, 0x1, r20}, {0x7c, 0x2, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8}}, {0x8, 0x6, r21}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x6}}}]}}, {{0x8, 0x1, r22}, {0x220, 0x2, [{0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r23}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0xfffffffffffffff7}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x8}, {0x8, 0x4, r24}}, {0x8}}}, {0x40, 0x1, @lb_hash_stats={{{0x24, 0x1, 'lb_hash_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8}}}, {0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x8}, {0x8, 0x4, r25}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x7ff}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x24eb}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r26}}}, {0x40, 0x1, @lb_port_stats={{{0x24, 0x1, 'lb_port_stats\x00'}, {0x8}, {0x8}}, {0x8, 0x6, r27}}}]}}, {{0x8, 0x1, r28}, {0x134, 0x2, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8}}}, {0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x8}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r29}}}, {0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x8}, {0x8, 0x4, 0x4}}}, {0x44, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x8}, {0x14, 0x4, [{0x6c1d, 0x0, 0x8, 0x4}, {0xfe, 0x653, 0x80, 0xc7c3}]}}}, {0x3c, 0x1, @user_linkup_enabled={{{0x24, 0x1, 'user_linkup_enabled\x00'}, {0x8}, {0x4}}, {0x8, 0x6, r30}}}]}}]}, 0xadc}, 0x1, 0x0, 0x0, 0x54}, 0x4040)

15:48:24 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52424752}})

15:48:24 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0x0, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1547.669885][ T1044] oom_reaper: reaped process 5723 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:24 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:24 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52474233}})

15:48:24 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4247523300000000}})

15:48:24 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0x0, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:24 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:24 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52474250}})

15:48:24 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00'}, 0x58)

15:48:24 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:24 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4742524700000000}})

15:48:24 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:24 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52474252}})

15:48:24 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:25 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x2000, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f0000000040))
socket$vsock_dgram(0x28, 0x2, 0x0)
mknodat(r1, &(0x7f00000000c0)='./file0\x00', 0xc000, 0x10001)

15:48:25 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:25 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4752424700000000}})

[ 1548.187974][T14882] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
15:48:25 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x52474742}})

[ 1548.270028][T14882] CPU: 1 PID: 14882 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1548.277975][T14882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1548.288040][T14882] Call Trace:
[ 1548.291340][T14882]  dump_stack+0x1d8/0x2f8
[ 1548.295693][T14882]  dump_header+0xdb/0xf40
[ 1548.300036][T14882]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1548.305858][T14882]  ? ___ratelimit+0x447/0x5d0
[ 1548.310559][T14882]  oom_kill_process+0x1a0/0x490
[ 1548.315430][T14882]  out_of_memory+0x76e/0x9e0
[ 1548.320044][T14882]  ? unregister_oom_notifier+0x20/0x20
[ 1548.325531][T14882]  ? kasan_check_read+0x11/0x20
[ 1548.330400][T14882]  try_charge+0x12ba/0x1710
[ 1548.334940][T14882]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1548.340775][T14882]  ? rcu_lock_release+0x4/0x20
[ 1548.345561][T14882]  ? rcu_lock_release+0x15/0x20
[ 1548.350429][T14882]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1548.355998][T14882]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1548.361362][T14882]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1548.367021][T14882]  wp_page_copy+0x391/0x18e0
[ 1548.371635][T14882]  ? reuse_swap_page+0xd47/0x1650
[ 1548.376677][T14882]  ? rcu_lock_release+0x30/0x30
[ 1548.381557][T14882]  ? kasan_check_read+0x11/0x20
[ 1548.386424][T14882]  ? do_raw_spin_unlock+0x49/0x260
[ 1548.391588][T14882]  do_wp_page+0x609/0x1ba0
[ 1548.396014][T14882]  ? kasan_check_write+0x14/0x20
[ 1548.400969][T14882]  ? __rwlock_init+0x130/0x130
[ 1548.405776][T14882]  ? count_memcg_event_mm+0x300/0x300
[ 1548.411167][T14882]  handle_mm_fault+0x29a6/0x6130
[ 1548.416127][T14882]  ? finish_fault+0x220/0x220
15:48:25 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:25 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x0, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1548.420828][T14882]  ? __down_read+0x1a0/0x1a0
[ 1548.425428][T14882]  ? vmacache_find+0x566/0x5b0
[ 1548.430252][T14882]  ? vmacache_update+0xb7/0x120
[ 1548.435152][T14882]  ? find_vma+0x13c/0x150
[ 1548.439498][T14882]  do_user_addr_fault+0x56f/0xaa0
[ 1548.444760][T14882]  __do_page_fault+0xd3/0x1f0
[ 1548.449443][T14882]  do_page_fault+0xce/0xe0
[ 1548.449455][T14882]  ? page_fault+0x8/0x30
[ 1548.449465][T14882]  page_fault+0x1e/0x30
[ 1548.449474][T14882] RIP: 0033:0x457b6b
[ 1548.449485][T14882] Code: 25 20 06 00 00 b8 e0 3f 41 00 48 89 15 5e ec 61 00 48 85 c0 74 08 4c 89 cf e8 81 c4 fb ff 45 85 f6 0f 85 58 01 00 00 48 85 db <48> c7 05 1a d4 2b 00 00 00 00 00 48 c7 05 ff d3 2b 00 00 00 00 00
[ 1548.449489][T14882] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010202
[ 1548.449498][T14882] RAX: 0000000000000000 RBX: 00007ffff6b9e6e0 RCX: 0000000000413ff3
[ 1548.449503][T14882] RDX: 0000033f7a335048 RSI: 0000000000000018 RDI: 0000555556c9ac20
[ 1548.449509][T14882] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1548.449514][T14882] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1548.449519][T14882] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1548.474425][T14882] memory: usage 307200kB, limit 307200kB, failcnt 51813
[ 1548.493826][T14882] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1548.511107][T14882] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1548.526029][T14882] Memory cgroup stats for /syz0: cache:6540KB rss:101152KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101160KB inactive_file:0KB active_file:4KB unevictable:0KB
[ 1548.540963][T14882] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14825,uid=0
[ 1548.582840][T14882] Memory cgroup out of memory: Killed process 14825 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1548.612854][ T1044] oom_reaper: reaped process 14825 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:48:25 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00'}, 0x58)

15:48:25 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x56595559}})

15:48:25 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x0, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:25 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffff9c, 0x29, 0x23, &(0x7f0000000140)={{{@in6, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@empty}, 0x0, @in=@empty}}, &(0x7f0000000240)=0xe8)
lstat(&(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/btrfs-control\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000a00)={<r4=>0x0, @in={{0x2, 0x4e23, @rand_addr=0x4}}, 0x1, 0x6}, &(0x7f0000000ac0)=0x90)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000b00)={r4, 0x4, 0x30}, 0xc)
r5 = dup(r0)
getsockopt$netrom_NETROM_T4(r5, 0x103, 0x6, &(0x7f0000000800)=0x80000001, &(0x7f0000000980)=0x4)
stat(&(0x7f0000000b40)='./file2\x00', &(0x7f0000000b80)={0x0, 0x0, 0x0, 0x0, <r6=>0x0})
getresuid(&(0x7f0000000400), &(0x7f0000000440)=<r7=>0x0, &(0x7f0000000480))
r8 = getegid()
getresgid(&(0x7f00000004c0), &(0x7f0000000500)=<r9=>0x0, &(0x7f0000000540))
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
getgroups(0x6, &(0x7f0000000740)=[0xffffffffffffffff, <r11=>0x0, 0xffffffffffffffff, 0x0, 0xee01, 0xee00])
r12 = getegid()
fstat(r0, &(0x7f0000000780)={0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0})
ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f00000003c0))
lstat(&(0x7f0000000940)='./file1\x00', &(0x7f0000000840)={0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0})
lsetxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='system.posix_acl_access\x00', &(0x7f00000008c0)={{}, {0x1, 0x5}, [{0x2, 0x2, r1}, {0x2, 0x2, r2}, {0x2, 0x0, r6}, {0x2, 0x1, r7}], {0x4, 0x6}, [{0x8, 0x6, r8}, {0x8, 0x2, r9}, {0x8, 0x4, r10}, {0x8, 0x4, r11}, {0x8, 0x4, r12}, {0x8, 0x6, r13}, {0x8, 0x3, r14}]}, 0x7c, 0x2)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
mount$9p_fd(0x0, &(0x7f0000000340)='./file2\x00', &(0x7f0000000380)='9p\x00', 0x8, &(0x7f0000000c00)={'trans=fd,', {'rfdno', 0x3d, r5}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@mmap='mmap'}], [{@appraise='appraise'}, {@subj_role={'subj_role', 0x3d, '^ppp1'}}, {@context={'context', 0x3d, 'staff_u'}}, {@context={'context', 0x3d, 'sysadm_u'}}, {@euid_lt={'euid<', r1}}]}})
utimes(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={{0x0, 0x2710}, {0x77359400}})

15:48:25 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5247423300000000}})

15:48:25 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:25 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x59555956}})

15:48:25 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_ENUMAUDOUT(r0, 0xc0345642, &(0x7f00000000c0)={0xfffffffffffffad6, "b87d1cdb2a51c27f6fdbf4a5ec1f73f37da5474e37b6b5e18f8978ae8c4d0baf", 0x1, 0x1})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000100)={0x0, 0xff7f7f5f, 0x3, @discrete={0x7fffffff, 0x401}})
ioctl$VIDIOC_ENUMOUTPUT(r0, 0xc0485630, &(0x7f0000000000)={0xfffffffffffffffb, "a722187c2692433243abb044eb051e0868b84331b8ae64e66d34a715e2e5c951", 0x1, 0x7, 0x1, 0x8, 0x4})

15:48:25 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:25 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x0, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:25 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5247425000000000}})

15:48:25 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c000000}})

[ 1548.932301][T14935] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1548.974517][T14935] CPU: 1 PID: 14935 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1548.982459][T14935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1548.992547][T14935] Call Trace:
[ 1548.995858][T14935]  dump_stack+0x1d8/0x2f8
[ 1549.000194][T14935]  dump_header+0xdb/0xf40
[ 1549.004528][T14935]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1549.010343][T14935]  ? ___ratelimit+0x447/0x5d0
[ 1549.010361][T14935]  oom_kill_process+0x1a0/0x490
[ 1549.010373][T14935]  out_of_memory+0x76e/0x9e0
[ 1549.010385][T14935]  ? unregister_oom_notifier+0x20/0x20
[ 1549.010395][T14935]  ? kasan_check_read+0x11/0x20
[ 1549.010410][T14935]  try_charge+0x12ba/0x1710
[ 1549.010436][T14935]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1549.045132][T14935]  ? rcu_lock_release+0x4/0x20
[ 1549.049956][T14935]  ? rcu_lock_release+0x15/0x20
[ 1549.054907][T14935]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1549.060487][T14935]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1549.060505][T14935]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1549.060516][T14935]  wp_page_copy+0x391/0x18e0
[ 1549.060533][T14935]  ? reuse_swap_page+0xd47/0x1650
[ 1549.060543][T14935]  ? rcu_lock_release+0x30/0x30
[ 1549.060560][T14935]  ? kasan_check_read+0x11/0x20
[ 1549.060576][T14935]  ? do_raw_spin_unlock+0x49/0x260
[ 1549.096984][T14935]  do_wp_page+0x609/0x1ba0
[ 1549.101530][T14935]  ? kasan_check_write+0x14/0x20
[ 1549.106452][T14935]  ? __rwlock_init+0x130/0x130
[ 1549.111200][T14935]  ? count_memcg_event_mm+0x300/0x300
[ 1549.116564][T14935]  handle_mm_fault+0x29a6/0x6130
[ 1549.121501][T14935]  ? finish_fault+0x220/0x220
[ 1549.126166][T14935]  ? __down_read+0x1a0/0x1a0
[ 1549.130736][T14935]  ? vmacache_find+0x51b/0x5b0
[ 1549.135482][T14935]  ? vmacache_update+0xb7/0x120
[ 1549.140318][T14935]  ? find_vma+0x13c/0x150
[ 1549.144638][T14935]  do_user_addr_fault+0x56f/0xaa0
[ 1549.149658][T14935]  __do_page_fault+0xd3/0x1f0
[ 1549.154327][T14935]  do_page_fault+0xce/0xe0
[ 1549.158761][T14935]  ? page_fault+0x8/0x30
[ 1549.162996][T14935]  page_fault+0x1e/0x30
[ 1549.167140][T14935] RIP: 0033:0x40f678
[ 1549.171029][T14935] Code: 48 8b 05 43 48 30 00 48 89 08 48 8b 15 41 48 30 00 48 89 42 08 48 8b 05 26 48 30 00 48 89 05 2f 48 30 00 49 8d 81 c0 02 00 00 <48> 89 05 31 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48
[ 1549.190854][T14935] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
[ 1549.196996][T14935] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000713ea0
[ 1549.204953][T14935] RDX: 000000000040f4b0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1549.212912][T14935] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1549.220906][T14935] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1549.228869][T14935] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1549.249314][T14935] memory: usage 307200kB, limit 307200kB, failcnt 51844
[ 1549.256709][T14935] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1549.267189][T14935] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1549.274496][T14935] Memory cgroup stats for /syz0: cache:6536KB rss:101156KB rss_huge:0KB shmem:6536KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6528KB active_anon:101164KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1549.298655][T14935] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14859,uid=0
15:48:26 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00'}, 0x58)

15:48:26 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000140)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = msgget(0x0, 0x54c)
msgrcv(r1, &(0x7f00000000c0)={0x0, ""/36}, 0x2c, 0x0, 0x800)
r2 = syz_open_dev$swradio(&(0x7f0000000100)='/dev/swradio#\x00', 0x1, 0x2)
ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, &(0x7f0000000040))

15:48:26 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x0, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:26 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5247425200000000}})

15:48:26 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:26 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc0d05640}})

[ 1549.314741][T14935] Memory cgroup out of memory: Killed process 14859 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:26 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff}})

15:48:26 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5247474200000000}})

15:48:26 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x0, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:26 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$VIDIOC_OVERLAY(r0, 0x4004560e, &(0x7f0000000000)=0x1ff)

15:48:26 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1549.473676][T14970] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
15:48:26 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x0, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1549.621547][T14970] CPU: 0 PID: 14970 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1549.629479][T14970] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1549.629484][T14970] Call Trace:
[ 1549.629506][T14970]  dump_stack+0x1d8/0x2f8
[ 1549.629520][T14970]  dump_header+0xdb/0xf40
[ 1549.629534][T14970]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1549.629545][T14970]  ? ___ratelimit+0x447/0x5d0
[ 1549.629558][T14970]  oom_kill_process+0x1a0/0x490
[ 1549.629569][T14970]  out_of_memory+0x76e/0x9e0
[ 1549.629582][T14970]  ? unregister_oom_notifier+0x20/0x20
[ 1549.629594][T14970]  ? kasan_check_read+0x11/0x20
[ 1549.629608][T14970]  try_charge+0x12ba/0x1710
[ 1549.629637][T14970]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1549.629660][T14970]  ? rcu_lock_release+0x4/0x20
[ 1549.629677][T14970]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1549.629689][T14970]  ? memcg_kmem_put_cache+0x70/0x70
[ 1549.629703][T14970]  ? rcu_lock_release+0x15/0x20
[ 1549.629712][T14970]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1549.629723][T14970]  __memcg_kmem_charge+0x118/0x2f0
[ 1549.629748][T14970]  __alloc_pages_nodemask+0x377/0x790
[ 1549.629770][T14970]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1549.667188][T14970]  alloc_pages_current+0x2fb/0x540
[ 1549.667205][T14970]  __pmd_alloc+0x39/0x3d0
[ 1549.667218][T14970]  handle_mm_fault+0x3115/0x6130
[ 1549.667241][T14970]  ? finish_fault+0x220/0x220
[ 1549.667262][T14970]  ? __down_read+0x1a0/0x1a0
[ 1549.667270][T14970]  ? vmacache_find+0x566/0x5b0
[ 1549.667279][T14970]  ? vmacache_update+0xb7/0x120
[ 1549.667291][T14970]  ? find_vma+0x13c/0x150
[ 1549.667305][T14970]  do_user_addr_fault+0x56f/0xaa0
[ 1549.667324][T14970]  __do_page_fault+0xd3/0x1f0
[ 1549.667336][T14970]  do_page_fault+0xce/0xe0
[ 1549.667348][T14970]  ? page_fault+0x8/0x30
[ 1549.667362][T14970]  page_fault+0x1e/0x30
[ 1549.703332][T14970] RIP: 0033:0x4019f7
[ 1549.703344][T14970] Code: 00 00 00 48 83 ec 08 48 8b 15 bd ea 66 00 48 8b 05 ae ea 66 00 48 39 d0 48 8d 8a 00 00 00 01 72 17 48 39 c8 73 12 48 8d 50 04 <89> 38 48 89 15 90 ea 66 00 48 83 c4 08 c3 48 89 c6 bf 38 96 4c 00
[ 1549.703349][T14970] RSP: 002b:00007ffff6b9e570 EFLAGS: 00010287
[ 1549.703357][T14970] RAX: 0000001b2be20000 RBX: 0000000000000000 RCX: 0000001b2ce20000
[ 1549.703362][T14970] RDX: 0000001b2be20004 RSI: 00007ffff6b9e330 RDI: 0000000000000000
[ 1549.703368][T14970] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000004
[ 1549.703379][T14970] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000001
[ 1549.732707][T14970] R13: 00007ffff6b9e760 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1549.765166][T14970] memory: usage 307200kB, limit 307200kB, failcnt 51871
[ 1549.813792][T14970] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1549.851588][T14970] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1549.867968][T14970] Memory cgroup stats for /syz0: cache:6536KB rss:101156KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101164KB inactive_file:0KB active_file:4KB unevictable:0KB
[ 1549.883192][T14970] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=14913,uid=0
[ 1549.894192][T14970] Memory cgroup out of memory: Killed process 14913 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:26 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00'}, 0x58)

15:48:26 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff}})

15:48:26 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5955595600000000}})

15:48:26 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:26 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:26 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
lremovexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@random={'user.', '/dev/video35\x00'})

15:48:26 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000140)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
lremovexattr(&(0x7f0000000240)='./file1\x00', &(0x7f0000000280)=@known='trusted.overlay.upper\x00')
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.upper\x00', &(0x7f00000000c0)={0x0, 0xfb, 0x53, 0x2, 0x9, "adca4f2997d97db19755b5d5423535a1", "0e1633571b437495356e03b4f43fb29d3f020e6d7973d095741dd9969494bce9a14b2392d9f7469e51b463ab7e5ce508def6ad52ad6c6e76a2e9847fb43f"}, 0x53, 0x2)

15:48:27 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:27 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:27 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00000000000000}})

15:48:27 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfecaedfe}})

15:48:27 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff}})

15:48:27 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00'}, 0x58)

15:48:27 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:27 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x0, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:27 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @raw_data="508813c13586790606a72f1d59007113046729794665325d1549b10a63f43048bd96f7e96cf2f89c4fb13440be45da486603d9c1ba1874a60c56dd39978a667f17af92e54201c3bbbc43c6b850e25c1f7ccbe5705d353451da859d3c002e21c7db76d8f3c6dc2b7c4bf76055231f3038b3875a3a2fd20992734c3491b5029f18d5002dbdce23010dd761dbed1bd2db2cd9c96d754ef620f049601a9a218da7afe7ae76ea84e0f6d25e6127925ae95f76b740e6b2efb912481a568333c61cde593dca1c33bc7c5de5"})

15:48:27 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeedcafe}})

15:48:27 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:27 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:27 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000}})

15:48:27 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snapshot\x00', 0x3a1001, 0x0)
getsockopt$inet_sctp_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f00000001c0)=ANY=[@ANYRES32=<r2=>0x0, @ANYBLOB="0800d2321308"], &(0x7f0000000200)=0xa)
socket$inet6_udplite(0xa, 0x2, 0x88)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000240)={r2, 0xffffffffffffffff}, &(0x7f0000000280)=0x8)
r3 = semget$private(0x0, 0x7, 0x121)
semtimedop(r3, &(0x7f0000000000)=[{0x3, 0x19, 0x800}, {0x0, 0x2, 0x1000}, {0x0, 0x1000000000000000, 0x1000}, {0x2, 0x1, 0x1800}, {0x2, 0xe755}, {0x4, 0x7, 0x1000}, {0x2, 0x276, 0x800}, {0x6, 0x4, 0x1000}], 0x8, &(0x7f0000000040)={0x0, 0x989680})
ioctl$VIDIOC_G_AUDOUT(r0, 0x80345631, &(0x7f00000000c0))
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000100)={0x0, <r4=>0x0}, &(0x7f0000000140)=0xc)
ioctl$VIDIOC_G_FMT(r1, 0xc0d05604, &(0x7f0000000340)={0x0, @pix_mp={0x40, 0x3, 0x3433535a, 0x4, 0x1, [{0x2, 0x80}, {0x313, 0x3f}, {0x2, 0x3c0}, {0xff, 0x81}, {0x0, 0x4}, {0x4, 0x1000}, {0x4}, {0x40, 0x1}], 0x2, 0x7, 0x6, 0x3, 0x3}})
ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000540)=""/68)
setfsuid(r4)
fcntl$getflags(r0, 0x408)
r5 = getpid()
ptrace$getregs(0xe, r5, 0x3, &(0x7f00000006c0)=""/4096)
r6 = pkey_alloc(0x0, 0xfffffffffffffffd)
pkey_mprotect(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, r6)

15:48:27 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd}})

15:48:27 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:27 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1550.611556][T15056] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 1550.716406][T15056] CPU: 0 PID: 15056 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1550.724373][T15056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1550.734455][T15056] Call Trace:
[ 1550.737775][T15056]  dump_stack+0x1d8/0x2f8
[ 1550.742139][T15056]  dump_header+0xdb/0xf40
[ 1550.746568][T15056]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1550.752387][T15056]  ? ___ratelimit+0x447/0x5d0
[ 1550.757105][T15056]  oom_kill_process+0x1a0/0x490
[ 1550.761971][T15056]  out_of_memory+0x76e/0x9e0
[ 1550.761985][T15056]  ? unregister_oom_notifier+0x20/0x20
[ 1550.761996][T15056]  ? kasan_check_read+0x11/0x20
[ 1550.762011][T15056]  try_charge+0x12ba/0x1710
[ 1550.777171][T15056]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1550.777196][T15056]  ? rcu_lock_release+0x4/0x20
[ 1550.777212][T15056]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1550.787520][T15056]  ? memcg_kmem_put_cache+0x70/0x70
[ 1550.787535][T15056]  ? rcu_lock_release+0x15/0x20
[ 1550.787542][T15056]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1550.787553][T15056]  __memcg_kmem_charge+0x118/0x2f0
[ 1550.787567][T15056]  __alloc_pages_nodemask+0x377/0x790
[ 1550.787580][T15056]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1550.787602][T15056]  ? kasan_check_write+0x14/0x20
[ 1550.834565][T15056]  ? do_raw_spin_lock+0x143/0x3a0
[ 1550.839605][T15056]  alloc_pages_current+0x2fb/0x540
[ 1550.844823][T15056]  pte_alloc_one+0x1f/0x180
[ 1550.849336][T15056]  __do_fault+0xdf/0x390
[ 1550.853595][T15056]  ? __pmd_alloc+0x36a/0x3d0
[ 1550.858188][T15056]  handle_mm_fault+0x29b8/0x6130
[ 1550.858212][T15056]  ? finish_fault+0x220/0x220
[ 1550.858232][T15056]  ? __down_read+0x1a0/0x1a0
[ 1550.858240][T15056]  ? vmacache_find+0x566/0x5b0
[ 1550.858249][T15056]  ? vmacache_update+0xb7/0x120
[ 1550.858263][T15056]  ? find_vma+0x13c/0x150
[ 1550.872455][T15056]  do_user_addr_fault+0x56f/0xaa0
[ 1550.891833][T15056]  __do_page_fault+0xd3/0x1f0
[ 1550.896520][T15056]  do_page_fault+0xce/0xe0
[ 1550.900944][T15056]  ? page_fault+0x8/0x30
[ 1550.905193][T15056]  page_fault+0x1e/0x30
[ 1550.909351][T15056] RIP: 0033:0x4019f7
[ 1550.913281][T15056] Code: 00 00 00 48 83 ec 08 48 8b 15 bd ea 66 00 48 8b 05 ae ea 66 00 48 39 d0 48 8d 8a 00 00 00 01 72 17 48 39 c8 73 12 48 8d 50 04 <89> 38 48 89 15 90 ea 66 00 48 83 c4 08 c3 48 89 c6 bf 38 96 4c 00
[ 1550.932895][T15056] RSP: 002b:00007ffff6b9e570 EFLAGS: 00010287
[ 1550.932906][T15056] RAX: 0000001b2be20000 RBX: 0000000000000000 RCX: 0000001b2ce20000
[ 1550.932911][T15056] RDX: 0000001b2be20004 RSI: 00007ffff6b9e330 RDI: 0000000000000000
[ 1550.932916][T15056] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000004
[ 1550.932922][T15056] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000001
[ 1550.932927][T15056] R13: 00007ffff6b9e760 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1550.934086][T15056] memory: usage 307200kB, limit 307200kB, failcnt 51932
[ 1550.955703][T15056] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1550.993712][T15056] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1551.004527][T15056] Memory cgroup stats for /syz0: cache:6536KB rss:101156KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101164KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1551.026689][T15056] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15036,uid=0
[ 1551.042218][T15056] Memory cgroup out of memory: Killed process 15036 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:28 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00'}, 0x58)

15:48:28 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff}})

15:48:28 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video35\x00', 0x2, 0x0)
write$selinux_attr(r0, &(0x7f0000000000)='system_u:object_r:iptables_initrc_exec_t:s0\x00', 0x2c)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f0000000100)={{0x1da, 0x4}, {0x2, 0x200}, 0x5f8, 0x2, 0x9})

15:48:28 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:28 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:28 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7}})

[ 1551.057894][ T1044] oom_reaper: reaped process 15036 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:48:28 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfecaedfe00000000}})

15:48:28 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
prctl$PR_CAPBSET_DROP(0x18, 0x21)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0xf, @pix={0x4, 0x1, 0x31363553, 0x0, 0x80000000, 0x2, 0x0, 0x386, 0x0, 0x6, 0x2, 0x7}})

15:48:28 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000}})

15:48:28 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:28 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1551.306674][T15103] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
15:48:28 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}})

[ 1551.352515][T15103] CPU: 0 PID: 15103 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1551.360526][T15103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1551.370704][T15103] Call Trace:
[ 1551.374017][T15103]  dump_stack+0x1d8/0x2f8
[ 1551.378357][T15103]  dump_header+0xdb/0xf40
[ 1551.382695][T15103]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1551.388525][T15103]  ? ___ratelimit+0x447/0x5d0
[ 1551.393324][T15103]  oom_kill_process+0x1a0/0x490
[ 1551.398270][T15103]  out_of_memory+0x76e/0x9e0
[ 1551.402868][T15103]  ? unregister_oom_notifier+0x20/0x20
[ 1551.408336][T15103]  ? kasan_check_read+0x11/0x20
[ 1551.408351][T15103]  try_charge+0x12ba/0x1710
[ 1551.408379][T15103]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1551.408401][T15103]  ? rcu_lock_release+0x4/0x20
[ 1551.408416][T15103]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1551.408427][T15103]  ? memcg_kmem_put_cache+0x70/0x70
[ 1551.408440][T15103]  ? rcu_lock_release+0x15/0x20
[ 1551.408449][T15103]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1551.408459][T15103]  __memcg_kmem_charge+0x118/0x2f0
[ 1551.408472][T15103]  __alloc_pages_nodemask+0x377/0x790
[ 1551.408485][T15103]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1551.408501][T15103]  ? kasan_check_write+0x14/0x20
[ 1551.408511][T15103]  ? do_raw_spin_lock+0x143/0x3a0
[ 1551.408528][T15103]  alloc_pages_current+0x2fb/0x540
[ 1551.428455][T15103]  pte_alloc_one+0x1f/0x180
[ 1551.428468][T15103]  __do_fault+0xdf/0x390
[ 1551.428476][T15103]  ? __pmd_alloc+0x36a/0x3d0
[ 1551.428490][T15103]  handle_mm_fault+0x29b8/0x6130
[ 1551.428512][T15103]  ? finish_fault+0x220/0x220
[ 1551.428533][T15103]  ? __down_read+0x1a0/0x1a0
[ 1551.428541][T15103]  ? vmacache_find+0x566/0x5b0
[ 1551.428549][T15103]  ? vmacache_update+0xb7/0x120
[ 1551.428563][T15103]  ? find_vma+0x13c/0x150
[ 1551.439299][T15103]  do_user_addr_fault+0x56f/0xaa0
[ 1551.439320][T15103]  __do_page_fault+0xd3/0x1f0
[ 1551.439332][T15103]  do_page_fault+0xce/0xe0
[ 1551.439343][T15103]  ? page_fault+0x8/0x30
[ 1551.439353][T15103]  page_fault+0x1e/0x30
[ 1551.439363][T15103] RIP: 0033:0x4019f7
[ 1551.439380][T15103] Code: 00 00 00 48 83 ec 08 48 8b 15 bd ea 66 00 48 8b 05 ae ea 66 00 48 39 d0 48 8d 8a 00 00 00 01 72 17 48 39 c8 73 12 48 8d 50 04 <89> 38 48 89 15 90 ea 66 00 48 83 c4 08 c3 48 89 c6 bf 38 96 4c 00
[ 1551.449750][T15103] RSP: 002b:00007ffff6b9e570 EFLAGS: 00010287
[ 1551.449760][T15103] RAX: 0000001b2be20000 RBX: 0000000000000000 RCX: 0000001b2ce20000
[ 1551.449765][T15103] RDX: 0000001b2be20004 RSI: 00007ffff6b9e330 RDI: 0000000000000000
[ 1551.449771][T15103] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000004
[ 1551.449776][T15103] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000001
[ 1551.449782][T15103] R13: 00007ffff6b9e760 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1551.465833][T15103] memory: usage 307200kB, limit 307200kB, failcnt 51980
[ 1551.474930][T15103] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1551.484430][T15103] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1551.493522][T15103] Memory cgroup stats for /syz0: cache:6536KB rss:101156KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101164KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1551.533079][T15103] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15085,uid=0
[ 1551.557356][T15103] Memory cgroup out of memory: Killed process 15085 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1551.702118][ T1044] oom_reaper: reaped process 15085 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
[ 1551.721253][T15129] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1551.733419][T15129] CPU: 0 PID: 15129 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1551.741321][T15129] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1551.751411][T15129] Call Trace:
[ 1551.754840][T15129]  dump_stack+0x1d8/0x2f8
[ 1551.759283][T15129]  dump_header+0xdb/0xf40
[ 1551.763635][T15129]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1551.769471][T15129]  ? ___ratelimit+0x447/0x5d0
[ 1551.774172][T15129]  oom_kill_process+0x1a0/0x490
[ 1551.779122][T15129]  out_of_memory+0x76e/0x9e0
[ 1551.783716][T15129]  ? unregister_oom_notifier+0x20/0x20
[ 1551.789175][T15129]  ? kasan_check_read+0x11/0x20
[ 1551.794753][T15129]  try_charge+0x12ba/0x1710
[ 1551.799304][T15129]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1551.805121][T15129]  ? rcu_lock_release+0x4/0x20
[ 1551.810011][T15129]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1551.815721][T15129]  ? memcg_kmem_put_cache+0x70/0x70
[ 1551.820974][T15129]  ? rcu_lock_release+0x15/0x20
[ 1551.825817][T15129]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1551.831348][T15129]  __memcg_kmem_charge+0x118/0x2f0
[ 1551.836463][T15129]  __alloc_pages_nodemask+0x377/0x790
[ 1551.841837][T15129]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1551.847386][T15129]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1551.853844][T15129]  ? copy_process+0x599/0x5c80
[ 1551.858616][T15129]  copy_process+0x613/0x5c80
[ 1551.863230][T15129]  ? percpu_counter_add_batch+0x169/0x190
[ 1551.868947][T15129]  ? alloc_file+0x89/0x4c0
[ 1551.873362][T15129]  ? fork_idle+0x1b0/0x1b0
[ 1551.877788][T15129]  _do_fork+0x180/0x5f0
[ 1551.881951][T15129]  ? dup_mm+0x340/0x340
[ 1551.886104][T15129]  ? debug_smp_processor_id+0x1c/0x20
[ 1551.891467][T15129]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1551.897534][T15129]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1551.903258][T15129]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1551.908900][T15129]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1551.914347][T15129]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1551.920063][T15129]  __x64_sys_clone+0xc1/0xd0
[ 1551.924660][T15129]  do_syscall_64+0xfe/0x140
[ 1551.929163][T15129]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1551.935037][T15129] RIP: 0033:0x459519
[ 1551.938915][T15129] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1551.958522][T15129] RSP: 002b:00007f6872e5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1551.966929][T15129] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459519
[ 1551.974888][T15129] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 04000000000003fe
[ 1551.982861][T15129] RBP: 000000000075bf20 R08: ffffffffffffffff R09: 0000000000000000
[ 1551.990954][T15129] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e5e6d4
[ 1551.999589][T15129] R13: 00000000004bf97d R14: 00000000004d1358 R15: 00000000ffffffff
[ 1552.018278][T15129] memory: usage 307136kB, limit 307200kB, failcnt 52015
[ 1552.025877][T15129] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1552.034906][T15129] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1552.041853][T15129] Memory cgroup stats for /syz0: cache:6528KB rss:101112KB rss_huge:0KB shmem:6528KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6520KB active_anon:101120KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1552.071625][T15129] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5742,uid=0
15:48:29 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'}, 0x58)

15:48:29 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:29 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="ba20118b7707cc1e9e2ab043f4604e5331a4678d40fa7c5c075b9cb8eaf2d5627e09f1383458dbf06875bd380f7012167e13885ef29c14c8c170b9ffa5a967ea375b500f0d48a8c6e597e74ff9d6983d3a04999a8611c2086d40985cde59a1212ee79cb1f3ad04a2cf9d4844f1124975beae1889023279fca5b215ad4f54098e5aad", 0x82, 0xfffffffffffffff9)
r2 = request_key(&(0x7f0000000380)='.request_key_auth\x00', &(0x7f00000003c0)={'syz', 0x0}, &(0x7f0000000400)='system\x00', 0xfffffffffffffff8)
keyctl$link(0x8, r1, r2)
clock_gettime(0x0, &(0x7f00000000c0)={<r3=>0x0, <r4=>0x0})
utimes(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)={{0x0, 0x7530}, {r3, r4/1000+30000}})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='attr/current\x00')
clock_gettime(0x0, &(0x7f00000001c0)={<r6=>0x0, <r7=>0x0})
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(r5, 0xc0385720, &(0x7f0000000200)={0x1, {r6, r7+10000000}, 0x1, 0xee})
ioctl$KVM_ASSIGN_DEV_IRQ(r5, 0x4040ae70, &(0x7f0000000180)={0x800, 0x3, 0xfffffffffffffffa, 0x206})
r8 = syz_genetlink_get_family_id$fou(&(0x7f0000000480)='fou\x00')
ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000580))
r9 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x2, 0x2)
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r9, 0xc0385720, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, [0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x600]})
keyctl$setperm(0x5, r1, 0x8000000)
sendmsg$FOU_CMD_DEL(r5, &(0x7f0000000540)={&(0x7f0000000440)={0x10, 0x0, 0x0, 0x180}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, r8, 0x508, 0x70bd2c, 0x25dfdbfc, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @local}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x8040)
ioctl$int_out(r0, 0x0, &(0x7f0000000000))

15:48:29 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}})

15:48:29 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:29 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}})

[ 1552.095911][T15129] Memory cgroup out of memory: Killed process 5742 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1552.113138][ T1044] oom_reaper: reaped process 5742 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:29 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0x0, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:29 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd}})

15:48:29 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:29 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000}})

15:48:29 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}, 0x58)

15:48:29 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
munlock(&(0x7f0000ffb000/0x2000)=nil, 0x2000)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @pix_mp={0x7fffffff, 0x6, 0x56555959, 0x4, 0x7, [{0x83, 0x4}, {0x3, 0x4}, {0x2f7, 0xfd}, {0x7ff, 0x6}, {0x3}, {0x8001, 0x800}, {0x0, 0x6}, {0xc7, 0x2b9}], 0x8, 0x5, 0x1, 0x3, 0x5}})

15:48:29 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7}})

15:48:29 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:29 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:29 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}})

15:48:29 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}})

15:48:29 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}, 0x58)

15:48:29 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:29 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = accept4(0xffffffffffffff9c, &(0x7f0000000240)=@caif=@util, &(0x7f0000000600)=0x80, 0x80800)
sendto$llc(r1, &(0x7f0000000300)="d36f55b7abf0fea7384e1f4b8b8d19711db49f4d4477092fdc80019e8c49272308be92feb922aaa88820d8d0085cc4bd503ef1a7d290fbd15f27d2380cfdb68ea3446fba69fbdd43d77bbffdce63e375c0f7d74507e7ee0171b44138cbd28f58cd217474", 0x64, 0x4000000, &(0x7f0000000380)={0x1a, 0x33f, 0x4, 0x6, 0x3, 0x200, @link_local}, 0x10)
syz_genetlink_get_family_id$team(&(0x7f0000000000)='team\x00')
clock_gettime(0x0, &(0x7f0000000040)={<r2=>0x0, <r3=>0x0})
r4 = semget(0x1, 0x4000003, 0x200)
semctl$IPC_RMID(r4, 0x0, 0x0)
ioctl$VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f0000000100)={0x2, 0x7, 0x4, 0x21440, {r2, r3/1000+30000}, {0x3, 0x0, 0x1, 0x7, 0x435c, 0x3, "9a0c82ba"}, 0x80, 0x1, @fd, 0x4})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000016c0)={0x1, @sliced={0xd44, [0xfffffffffffffdff, 0x380000000000, 0x5, 0x80000000, 0x7f, 0x100000000, 0x3, 0x0, 0x5, 0xffffffffffff17a4, 0x10001, 0x8, 0x80000000, 0x8, 0x7, 0x5, 0x8, 0xffffffffffff19d9, 0x1, 0x72d, 0x0, 0x7fffffff, 0x3ff, 0x6537639a, 0x7, 0x4, 0x2, 0xffffffffffffff80, 0x5, 0x3, 0x80000001, 0x10000, 0x2, 0x3f, 0x8, 0x6a2a, 0x0, 0x6, 0x5, 0x1, 0x20, 0x9, 0xffff, 0xfffffffffffffff7, 0x35, 0x2, 0x100, 0xffff], 0x9}})
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vga_arbiter\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r5, 0x40045542, &(0x7f0000000200)=0x4)
ioctl$KVM_GET_CPUID2(r5, 0xc008ae91, &(0x7f00000003c0)={0x4, 0x0, [{}, {}, {}, {}]})
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f0000000540), &(0x7f0000000580)=0x4)
getsockname$ax25(r1, &(0x7f00000004c0)={{0x3, @rose}, [@rose, @bcast, @default, @default, @null, @rose, @rose, @netrom]}, &(0x7f0000000180)=0x48)
r6 = syz_open_dev$vcsn(&(0x7f00000005c0)='/dev/vcs#\x00', 0x100000, 0x20005)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r6, 0x40045532, &(0x7f00000000c0)=0x3)
sendto$llc(r6, &(0x7f00000006c0)="03fbd59410491cf39bf9059a2fe1de721ef9a0bf69548f8c121c92ad368785adb4d46a5ed1049931a6544f3de52876d51feec0e8efff6954a1ed34c3b9e18e3447888a97a7ae982e18a7769a8d476f3bf6e1e3315f6e6d55f99cf925ea81ab017d903c03adcfc389584c80e89a48bf3e20f44171df06afca5362a05ba1ae5f597e50408799c9934ce216104b4f937bd30d767e0146937b72b43d8d2f562d6ab46231becdad664e1ae7e91bac80bdf5d8e225a49e06d521818de0f708b5cadf111ebda1ce443f5956f711e75e2825d5c668b062143ceb9a684e00a3dad05805a9aa166654ee0ef7982f4a1e8429964fb046258c51bf020096315ed627ba75876e803f12a3ac37fe20e75ed5f4abe3e8b59ccc8d28f4323a78044f80b503dcc2b89d5a50d9383e5a0c828f23f1c4c32291306f311856b5d5b5d707ad76fe69f8f3cf2922ab133e07b27a595dcefd2b503242856f94b4e10cde1538ff01a8c9bae7829402c92b6367d21b7f9423636554c3de6411b0dc8f805442275edc087b5b932c3081c3f2e25b2aa35b6fadac74d1a7537b78b0eb6d39e9048d070ff287e19b1f9903977264471abff9b5965f33ae6b53ef7be6f0b524e119a10bc55508ddcda9eb81695b571312286071f2d914f1b14a2bbb575ce883c810610dc4a100a195c33613458afde272ae56e891db420c46e175e9f6acbb2f6c0dd51158e975612ad99d99d29923bf820b655b2b4841d69b63503bbb1bbb0d262271ec46470c08febbccbce63de117aa71e452d6d9b2c45f236a1206566f48993bbe37ef0fc7713166a49fa6961886895b9506e6bc6302ac5ddb0b7e5ead2abe868b88e11729ec532d171a7fded0d5a8d71ad32ee3873bd9e123536c1ebaf079eeae2dcaabe813099748c2e2b475c027a8916543057e517b81ec1870c35b37fd18d71f288f3ba8192fdd121f5e849c52907a28945661c3d87c03ca6305e0b940b7b91f9f180a342bfb8ff228b6b33e7d2d998aa60d1447fec2ea5d616f0a216774c9bb13a1396e6f028bb25521f03465df20ac5c581cd3ae0b41385ad8057097af3b853fbf46f66e78a042965cfbd6175528829116de4e44507e3b9fa7baa54d63026d10f52753f459051e80fa7411053809cf156b1dd370af1de0f9d1d84a65ab15bf222ede5b6f768abe01154d0777e35a4360855f77b756f2f55fa896aeb8e831bcc05b44d183ec6f7fb8b55dcd111d5b7f33c5ffdf891fbb400eb21849daf857d0d60aa53fd93331fc8baa78c77208119ff28ece7a4378c96118978a2b982f560864adfd7121a4a4972caecb0eb15675a61c54df6dea9e9e72c7016b62b18a8f7bd05e1149466c7fccf5c66cb2d5c04bdd82056ccd138f0c40ceb8370880a58b75922269a8732e44ae4f43cb35c5c3e476678773e0c1ea7a3b9ec35bd938f3e6309fe439b7f3470fd9abbe2020309064d2e5726db1495df387334c81dcf0b961edd79af3acf72fd1e797f6bbccceaed5f54725e6d99e1f145d7b697e3d226745ce71150cb296a7c3636bf6b34af9bc93a69a653a253de45f806bbd45b9144df5b32dd6e78a5155f0c48f836819ba1d445d050232df35d4282a9a73c384f0830aa1c740cdfe9b55dca17df0c9c3bbbf4a2ea989cf056344463752fbf31203314000afbaffffe0e8186ff7311d14862d353cc5c8b0aacffcaf22f6d9d989943cde57bd4641329b02b91e5198d7143acc5dbe5f5799ea2a69bfebebafb6e6a183ee16886b1876655b52eef543795eb0120acf7b1173e42a5f46b471ab7ac84d9ce20d05a3308c0f9ffd9a9a235fad6ab31c7b8700a81234f61272df8c7861d7e9b004eaefa798add94f1b3de68bfe09894408fbebe1f26ee18c3357a21822419769e896809356db29d2697f6b9de41c4214a1268de9bbbdd8e01d3c70664bfa3442d266e15ca99dde27f6dd66945c0f3ccf87c90c242bdacf918f6c4928b67dbc8a54522d5627383af2a8250f85c9bcfa531f0de4133eadb835d573553b2f6ed07e6d5c87e43e7bed02474ca0026bf55d74a1850e31b756d3de77188ee0d5fdb8eaf698099934963f7b67d854a7eba7efbc121dbd26ca525642c8d16ae1b20c929c34c90497731e5b664b96637728efb223e0a457e65bef2ebc6b867f6f118d061b6e7c78839488cff773633db92c1ec343fe62e5101b2bae12c49b05851137fa2fecd99849ee7eb3c308384c3f4e2123c7330957bdba28ba191dd474ef0ca395ffd72a64945520b390db7722d7dde5250dd170096154415564702cda45d6d70372b3856045dc03ccb28bdc5d9196db5f072745d392a50791655b425e438416712aa721bdb81c5aacb728862815f66453b2d27a3906f5474c976e11a34ca73101c8c4351996aae6701ca0cb27a034ec017619d297ad2223db6e6e05915a16b9eb10a2776c99830d47986dfb81a89bf34115eff9cae8ce08be6a16db9cd8986eb2918352ebbcc11f2ef8c0b89b2d9c7156c046bd9809fab76492b94689757a592fb3d29aa456c744079db49da494f63fc343e0372c22529138f1ee4c3cc74d69fd1b0145a318ac1de4cd635c7319c0de95b88e44738374583e9eaeb8ef33e0d11039509f21ce22167ba90e614dd39f1eae647ae89e49beb567670186f2ea257ac8321374a09671f43ef0fe938c88af89f47ff9b42e7279d3153f911855be68808c63f217ed6c407f56ada242ce5d4d0e5a79259203af27fee7df0eca9e4a578dce3b49530d90e11e19b616d9af8769ea45a3ee521ed45482c68e591132729a692ed4dcfa2e414b004bd14cd599ee6a538872daae9c9873539ed604b6233725587e96681c50f22009fa678f2561659492c2d29e686529697a55036c16f3ca9b6cf0c41dcea2d685e8baacdf5949f46bd7ced039e1cc5bad9a227fb6437e7a91ae29b9dce9d060b8910ca0ca43f4276e3d260f38bf6b6d6a0260ac9ece3e2525527bc98193dbe7a2cfbf8a34122f182292f5f0dea7857dbd50d3e62f8ed15e61a63a1de1f26b33d28dacdacb3e401e09e8bdc694f885bbc21f06038b04199ebfaab8e15892fe1cf02c971d78de57a3df8b48bf6d4ad4a795fa9874811731da00e20d31a48a2658cfda8ec25730a27c307c9b9fac53b462d137838ae3f11f855f6c5df9284e97fbd72134526ab6a2c94ef970561ab08dd448dc65a614aa181e04db7d30949767b9f21f0ac75c2ccc1a9c790a5010a22345396da1687933720997965a8707b8fe0f10da97f6cf93b628b79de30a96b57bc4fa605729b271b360ad56e87148a67a5068f4328f7a37eb196dd3c419b2a7d19f6877fc237c661b8d9620cfa961237b2c8c99fa216539fbdb977c12c186199dd69f076278d1bd88a9725245c78b82fe4cc1c5ee8784d322c79e24ea1a540e15bec40b7f9b2708068e880604bf0c371131d9a6ec6a60ff1ed97c55624625cc1672752fcb46d567113774f0c5985f8e18f6be10a3a7d6cfead1f9af47881943d4e50d36429049491bc7f6f8afaf144de925560f27811d7079ce0e54ec57ae57c011cfed60c66abf740b4ada5d626d071cce539f8a08e8e208662c5f55a3c297468fb7daff1992fb7723a86ab554a41d3205635224b74228bbdbf3dd3949d9268c5392d768f00702065191e672c005c5f6c6c54531a3fe4c601eb336c9c21fe53eeea307cb37469e6f1171eb6a2d360299f2a963de8b48ddccb01f59f36d12c74de5a6e19c6637590497488740309028f022be5ab342d21ab2f38041227ea958deabe7e344a4cb024db476c7dec603256fce50d1ab4ade1c3074cbae163c7e77a47b333a538b389f24442cf81ee4d901b4b84235b9ff58058033ca69e1a33fe40cd54691f7d335a82e4c7833cc297b8576a672ba110dcf8a6824b0b4bf43a89909ab455c13b386370e3978c73544eaad73b13d660bd9a4c2625497929acaac41afb1c8ec140b1f19bc09493a90fa2de9f0166a459c564a3577a8a0430a61a7587f033ce6dc07a961ae1b4851d7629771226474c72ad3a7aacb544a013c8c70939a3fa32aeb454e176a65f931665d5a879e310eaece286412b80b8b7b3c7acf5947d2604acc58bfbae663467ae0fa2511d75ebf3dd76cfaed81bb342b92d7e50cedea82158366b4867a604a69b26b2424a847a01973bfdbb71bbb883ae1906ed5c5d8454cf427b0faa9c6959a587760f9a431142e5bb8c4337abbc03ebaa5fe77d753bfa4ad8abde0aef2850f316c263d31cd9b35197ba6586fcc70624d203790443ab1f2563815d518f02bb473cb7bb9cbe25232c773b2a4118b8edb0e5a110020e9e008ace141b5f9d7445c2af959c5386dc26c93eadb0aeab6b890c3aa3d01cffe4dacd5e6a066fc6da04ff21eae917ed6136468fa782230bd6f34a885b95882f152d58e95931cb5152fa864a9938d61edde2d33d328567d97c44fd429f4a116550b0dc86123db36607640d0e098025eab2584020f807a95da4080c3b921b2646a35282edf6e003e12a1a6ec979ddbd3b230b4b881b214a42d97132cd25063134c4e6b50b95d4bc98ca7f268179307c86e3b24d83d047dabc92088086a3faedf4b13b1959311c9cac243016e4aceee9996ae73e680a470d42f33a88edbc504e918b1dfd9e47df40de6944e295146a65e940c5c3c34544549e49f41f1f2422034fe1da6bdff13d7e83d84adbfe75cc6b9621e9a0805e6c1e9c341250069de659a7effb93fc992095762e984ba3e2fb3a841b95ebaa470088aad2260929ab8b83dc3322718ee32875ca984a47992332d0abf585dae3257f6704da7ca7311eb433e2adaf23953ece55fc6d154490113e5b7819ba86412969b83d6a480a1773918059b92018cab712f95de2c17e25b2a4317d9325ffcd68a39558913de335c2a371b76dd1bfa07991d799e5efe708659ef9421fa1d94b4cc15565408e36c3771dbda28b8087c97f7ebe1f24300832d7b170c9e89ea1e8f809284ffeed5d85456bbd91cab31d99a061fd01f98e514b3ff6e4b8932249fb59c99b0952175df97260b7ea4e00084ed2ffd0cdf7ef7b951ebe751492d785e82338d92a97c3e53bd5f33197807cc24c5e694b36fd3739226a7103335b31835e62202d5c8c537a5f1cf73ee59340f96cf7989f9b662962b0e53839a90f6fa9bcb934312ea8592ff8a935416ebc8053fefe850ceb5a9d2c4cdd623b101966ddd145dd79b175794fe8603e2e4042d708e047893092425979f5009b7ee1900fafc04cea2ed0412d49d9bb4ac3469afc0f490f2404f85327888c7ea8b24f9a410ef225d16b43eed3327652770459f2fc27eb7900376cd94d8c40539cf86ffadbb17fd118dc6227207b9a4dfe08141c7b7ca8c90bfa426a6da6d7630296e09d164b38cafab4c6733c4b7651612ba9af582defc0065265787898c739fee79bac8b83e896adac62c678762f9ffca3265fbc20b704bfe50d6aaeb8821acf8c9c7ecee4cc936bac4e618614e582a9029e4158dfdb3db2fe96a17ee88eb982e08fab67044eb15c36d98f753886e2e8881b736b3f9aea27b819698447a5b514cb73585d10a25b1d2130fdba93ca33371a2b0bad637701eb539849c11d32e39ac249d63e715ff0d03402b84b8315708467b214018e92e8b2a4b71a98b67d1c8bf6c8dc75df24c86628df750a689730a28b5ffebdd64dc07bcdd859236353b4bdef1e04793d5155314d91a4e3650fd1d3f6b18013966892ca76bf2395563e4e7f7b9b4a1c48d54c6e549b805d93797ad4ba04c25cb6b4ca92949ab66a44b1154aa34b5b789", 0x1000, 0x40, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000480)='/dev/snd/controlC#\x00', 0xffffffffffffff01, 0x800)
fadvise64(r6, 0x3, 0x3, 0x1)

15:48:29 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000}})

15:48:29 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:29 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:29 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:29 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000000000000}})

15:48:29 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:29 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x100)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x2, 0x7}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r1, &(0x7f0000000100)={0x3, 0x40, 0xfa00, {{0xa, 0x4e21, 0x6, @remote, 0x6}, {0xa, 0x4e23, 0x16c, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x2}, r2, 0x6c}}, 0x48)

[ 1552.865783][T15209] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
15:48:29 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:29 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000}})

[ 1553.000762][T15209] CPU: 1 PID: 15209 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1553.008691][T15209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1553.018754][T15209] Call Trace:
[ 1553.022061][T15209]  dump_stack+0x1d8/0x2f8
[ 1553.026409][T15209]  dump_header+0xdb/0xf40
[ 1553.030758][T15209]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1553.036859][T15209]  ? ___ratelimit+0x447/0x5d0
[ 1553.041568][T15209]  oom_kill_process+0x1a0/0x490
[ 1553.046442][T15209]  out_of_memory+0x76e/0x9e0
[ 1553.051487][T15209]  ? unregister_oom_notifier+0x20/0x20
[ 1553.056964][T15209]  ? kasan_check_read+0x11/0x20
[ 1553.061822][T15209]  try_charge+0x12ba/0x1710
[ 1553.066360][T15209]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1553.072179][T15209]  ? rcu_lock_release+0x4/0x20
[ 1553.076938][T15209]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1553.082485][T15209]  ? memcg_kmem_put_cache+0x70/0x70
[ 1553.087680][T15209]  ? rcu_lock_release+0x15/0x20
[ 1553.092527][T15209]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1553.098066][T15209]  __memcg_kmem_charge+0x118/0x2f0
[ 1553.103172][T15209]  __alloc_pages_nodemask+0x377/0x790
[ 1553.108538][T15209]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1553.114083][T15209]  ? kasan_check_write+0x14/0x20
[ 1553.119033][T15209]  ? do_raw_spin_lock+0x143/0x3a0
[ 1553.124094][T15209]  alloc_pages_current+0x2fb/0x540
[ 1553.129205][T15209]  pte_alloc_one+0x1f/0x180
[ 1553.133712][T15209]  __do_fault+0xdf/0x390
[ 1553.137955][T15209]  ? __pmd_alloc+0x36a/0x3d0
[ 1553.142625][T15209]  handle_mm_fault+0x29b8/0x6130
[ 1553.147559][T15209]  ? finish_fault+0x220/0x220
[ 1553.152269][T15209]  ? __down_read+0x1a0/0x1a0
[ 1553.156879][T15209]  ? vmacache_find+0x566/0x5b0
[ 1553.161645][T15209]  ? vmacache_update+0xb7/0x120
[ 1553.166485][T15209]  ? find_vma+0x13c/0x150
[ 1553.170957][T15209]  do_user_addr_fault+0x56f/0xaa0
[ 1553.175995][T15209]  __do_page_fault+0xd3/0x1f0
[ 1553.180667][T15209]  do_page_fault+0xce/0xe0
[ 1553.185080][T15209]  ? page_fault+0x8/0x30
[ 1553.189336][T15209]  page_fault+0x1e/0x30
[ 1553.193521][T15209] RIP: 0033:0x4019f7
[ 1553.197401][T15209] Code: 00 00 00 48 83 ec 08 48 8b 15 bd ea 66 00 48 8b 05 ae ea 66 00 48 39 d0 48 8d 8a 00 00 00 01 72 17 48 39 c8 73 12 48 8d 50 04 <89> 38 48 89 15 90 ea 66 00 48 83 c4 08 c3 48 89 c6 bf 38 96 4c 00
[ 1553.216993][T15209] RSP: 002b:00007ffff6b9e570 EFLAGS: 00010287
[ 1553.223056][T15209] RAX: 0000001b2be20000 RBX: 0000000000000000 RCX: 0000001b2ce20000
[ 1553.231033][T15209] RDX: 0000001b2be20004 RSI: 00007ffff6b9e330 RDI: 0000000000000000
[ 1553.239005][T15209] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000004
[ 1553.246992][T15209] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000001
[ 1553.254967][T15209] R13: 00007ffff6b9e760 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1553.272446][T15209] memory: usage 307200kB, limit 307200kB, failcnt 52048
[ 1553.288478][T15209] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1553.296112][T15209] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1553.309749][T15209] Memory cgroup stats for /syz0: cache:6528KB rss:101164KB rss_huge:0KB shmem:6524KB mapped_file:3228KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6516KB active_anon:101172KB inactive_file:0KB active_file:4KB unevictable:0KB
[ 1553.337086][T15209] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15134,uid=0
[ 1553.353004][T15209] Memory cgroup out of memory: Killed process 15134 (syz-executor.0) total-vm:72840kB, anon-rss:160kB, file-rss:35788kB, shmem-rss:0kB
15:48:30 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}, 0x58)

15:48:30 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:30 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:30 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000}})

15:48:30 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:30 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0xfffffffffffffffe, 0x40000)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0xc08c5334, &(0x7f00000000c0)={0xffffffffffffff3b, 0xffff, 0x9, 'queue0\x00', 0x9})

15:48:30 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:30 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:30 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x20, 0x400000)
write$binfmt_elf64(r0, &(0x7f00000006c0)={{0x7f, 0x45, 0x4c, 0x46, 0x5, 0x6, 0x88e, 0x1ff, 0x63, 0x3, 0x7, 0x8, 0x34f, 0x40, 0x22, 0x5, 0x8, 0x38, 0x2, 0x6, 0x2, 0x2}, [{0x5, 0x6, 0x4, 0x81, 0x1, 0x80, 0x4, 0x7ff}], "c97ec062bbdf188021f8adfedadd3f4dbe05a91e3b4e378e17798f70205332748259cd6185bd904dffdab5508ea515b248cde5d24c984637c5cfa9d9ca6ea1904293fc9c188a810c809e183b22695d62069af9a9f4999195853e", [[], [], [], [], [], []]}, 0x6d2)
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffff9c, 0xc0106426, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{<r2=>0x0}]})
ioctl$DRM_IOCTL_GET_CTX(r1, 0xc0086423, &(0x7f0000000100)={r2, 0x3})

15:48:30 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900000000000000}})

15:48:30 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:30 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x0, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1553.799266][T15265] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 1553.816717][T15265] CPU: 1 PID: 15265 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1553.824640][T15265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1553.834710][T15265] Call Trace:
[ 1553.838005][T15265]  dump_stack+0x1d8/0x2f8
[ 1553.838021][T15265]  dump_header+0xdb/0xf40
[ 1553.838037][T15265]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1553.838047][T15265]  ? ___ratelimit+0x447/0x5d0
[ 1553.838063][T15265]  oom_kill_process+0x1a0/0x490
[ 1553.846740][T15265]  out_of_memory+0x76e/0x9e0
[ 1553.867411][T15265]  ? unregister_oom_notifier+0x20/0x20
[ 1553.872881][T15265]  ? kasan_check_read+0x11/0x20
[ 1553.877745][T15265]  try_charge+0x12ba/0x1710
[ 1553.882330][T15265]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1553.888130][T15265]  ? rcu_lock_release+0x4/0x20
[ 1553.892891][T15265]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1553.898426][T15265]  ? memcg_kmem_put_cache+0x70/0x70
[ 1553.903612][T15265]  ? rcu_lock_release+0x15/0x20
[ 1553.908446][T15265]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1553.913972][T15265]  __memcg_kmem_charge+0x118/0x2f0
[ 1553.919071][T15265]  __alloc_pages_nodemask+0x377/0x790
[ 1553.924428][T15265]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1553.929956][T15265]  ? __put_page+0x11e/0x160
[ 1553.934441][T15265]  ? do_huge_pmd_anonymous_page+0xbef/0x1940
[ 1553.940407][T15265]  alloc_pages_current+0x2fb/0x540
[ 1553.945522][T15265]  pte_alloc_one+0x1f/0x180
[ 1553.950010][T15265]  __pte_alloc+0x20/0x2f0
[ 1553.954325][T15265]  handle_mm_fault+0x5529/0x6130
[ 1553.959281][T15265]  ? finish_fault+0x220/0x220
[ 1553.963965][T15265]  ? __down_read+0x1a0/0x1a0
[ 1553.968550][T15265]  ? vmacache_find+0x566/0x5b0
[ 1553.973298][T15265]  ? vmacache_update+0xb7/0x120
[ 1553.978136][T15265]  ? find_vma+0x13c/0x150
[ 1553.982460][T15265]  do_user_addr_fault+0x56f/0xaa0
[ 1553.987506][T15265]  __do_page_fault+0xd3/0x1f0
[ 1553.992171][T15265]  do_page_fault+0xce/0xe0
[ 1553.996571][T15265]  ? page_fault+0x8/0x30
[ 1554.000802][T15265]  page_fault+0x1e/0x30
[ 1554.004940][T15265] RIP: 0033:0x440761
[ 1554.008817][T15265] Code: 8d 15 e3 80 0a 00 8b 0c 8a 8b 04 82 29 c8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 fa 20 48 89 f8 73 77 f6 c2 01 74 0b 0f b6 0e <88> 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6
[ 1554.028404][T15265] RSP: 002b:00007ffff6b9e578 EFLAGS: 00010202
[ 1554.034456][T15265] RAX: 0000000020000080 RBX: 0000000000760000 RCX: 0000000000000088
[ 1554.042414][T15265] RDX: 0000000000000005 RSI: 0000000000760020 RDI: 0000000020000080
[ 1554.050391][T15265] RBP: 0000000000000000 R08: 000000000000ffff R09: 0000000000000000
[ 1554.058364][T15265] R10: 0000000000438af0 R11: 0000000000000012 R12: 0000000000760008
[ 1554.066344][T15265] R13: 00000000004c58ad R14: 00000000000000c8 R15: fffffffffffffffe
[ 1554.075269][T15265] memory: usage 307200kB, limit 307200kB, failcnt 52108
[ 1554.082735][T15265] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1554.090288][T15265] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1554.097253][T15265] Memory cgroup stats for /syz0: cache:6532KB rss:101156KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101164KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1554.119419][T15265] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15188,uid=0
[ 1554.136430][T15265] Memory cgroup out of memory: Killed process 15188 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1554.151433][ T1044] oom_reaper: reaped process 15188 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
[ 1554.175683][T15286] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1554.188438][T15286] CPU: 1 PID: 15286 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1554.197393][T15286] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1554.207948][T15286] Call Trace:
[ 1554.212289][T15286]  dump_stack+0x1d8/0x2f8
[ 1554.216626][T15286]  dump_header+0xdb/0xf40
[ 1554.221216][T15286]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1554.227176][T15286]  ? ___ratelimit+0x447/0x5d0
[ 1554.232359][T15286]  oom_kill_process+0x1a0/0x490
[ 1554.237216][T15286]  out_of_memory+0x76e/0x9e0
[ 1554.242360][T15286]  ? unregister_oom_notifier+0x20/0x20
[ 1554.247839][T15286]  ? kasan_check_read+0x11/0x20
[ 1554.252968][T15286]  try_charge+0x12ba/0x1710
[ 1554.257782][T15286]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1554.263773][T15286]  ? rcu_lock_release+0x4/0x20
[ 1554.269626][T15286]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1554.275162][T15286]  ? memcg_kmem_put_cache+0x70/0x70
[ 1554.280347][T15286]  ? rcu_lock_release+0x15/0x20
[ 1554.285181][T15286]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1554.290713][T15286]  __memcg_kmem_charge+0x118/0x2f0
[ 1554.295814][T15286]  __alloc_pages_nodemask+0x377/0x790
[ 1554.301174][T15286]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1554.306709][T15286]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1554.312435][T15286]  ? copy_process+0x599/0x5c80
[ 1554.317202][T15286]  copy_process+0x613/0x5c80
[ 1554.321786][T15286]  ? percpu_counter_add_batch+0x169/0x190
[ 1554.327490][T15286]  ? alloc_file+0x89/0x4c0
[ 1554.331896][T15286]  ? fork_idle+0x1b0/0x1b0
[ 1554.336324][T15286]  _do_fork+0x180/0x5f0
[ 1554.340485][T15286]  ? dup_mm+0x340/0x340
[ 1554.344624][T15286]  ? debug_smp_processor_id+0x1c/0x20
[ 1554.350003][T15286]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1554.356170][T15286]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1554.361889][T15286]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1554.367526][T15286]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1554.372989][T15286]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1554.378713][T15286]  __x64_sys_clone+0xc1/0xd0
[ 1554.383296][T15286]  do_syscall_64+0xfe/0x140
[ 1554.387783][T15286]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1554.393662][T15286] RIP: 0033:0x459519
[ 1554.397556][T15286] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1554.417155][T15286] RSP: 002b:00007f6872e5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1554.425578][T15286] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459519
[ 1554.433553][T15286] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 04000000000003fe
[ 1554.441521][T15286] RBP: 000000000075bf20 R08: ffffffffffffffff R09: 0000000000000000
[ 1554.449493][T15286] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e5e6d4
[ 1554.457654][T15286] R13: 00000000004bf97d R14: 00000000004d1358 R15: 00000000ffffffff
[ 1554.476814][T15286] memory: usage 307136kB, limit 307200kB, failcnt 52135
[ 1554.484138][T15286] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1554.491726][T15286] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1554.498639][T15286] Memory cgroup stats for /syz0: cache:6528KB rss:101112KB rss_huge:0KB shmem:6528KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6520KB active_anon:101120KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1554.520723][T15286] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15241,uid=0
[ 1554.536257][T15286] Memory cgroup out of memory: Killed process 15241 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:31 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00'}, 0x58)

15:48:31 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:31 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:31 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00000000000000}})

15:48:31 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
stat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getresuid(&(0x7f00000002c0), &(0x7f0000000300)=<r2=>0x0, &(0x7f0000000340))
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000040)='./file0\x00', 0x4, 0x1, &(0x7f00000001c0)=[{&(0x7f00000000c0)="2ced05bf47664b6a3a65af49e0b926aa5e4a593474fa777686086288d928e0e6600b41a7636b278c49554cbd83938b74787b8f84c75cffef72939f215e10028771abaeb138d95b13f02f95ee39de883cead3d25947e23326fa91c1cabdeb4b213228527d9b323d35eddd79d13f39a49a51e34f2c28fea307e707130ab522283e65593c15a7216925632691ee354c8bc8beae4a2f10b6ba97959e3ec4ecd42b11318cfbb2effa4a6fb9c7f03089011c5388707c9176e3d48e5c61a12aee432cfc490893efcfb6bffb", 0xc8, 0xdfc4}], 0x1000000, &(0x7f0000000380)={[{@fat=@gid={'gid', 0x3d, r1}}, {@fat=@tz_utc='tz=UTC'}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x3}}, {@nodots='nodots'}], [{@fsuuid={'fsuuid', 0x3d, {[0x77, 0x35, 0x0, 0x268b43c728a649e7, 0x7f, 0x30, 0x30, 0x32], 0x2d, [0x65, 0x39, 0x74, 0x67], 0x2d, [0x7e, 0x62, 0x37, 0x37], 0x2d, [0x0, 0x39, 0x66, 0x61], 0x2d, [0x36, 0x7b, 0x31, 0x36, 0x0, 0x77, 0x65, 0x64]}}}, {@context={'context', 0x3d, 'user_u'}}, {@fowner_eq={'fowner', 0x3d, r2}}]})

15:48:31 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1554.551624][ T1044] oom_reaper: reaped process 15241 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:48:31 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:31 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:31 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000}})

15:48:31 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:31 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000000)={0x0, @reserved})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612)

15:48:31 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\f\x00'}, 0x58)

15:48:31 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:31 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00000000000000}})

15:48:31 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:31 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
sendmsg$nl_crypto(r0, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000040)={&(0x7f00000000c0)=@getstat={0xe0, 0x15, 0x100, 0x70bd26, 0x25dfdbfd, {{'wp256-generic\x00'}, [], [], 0x400, 0x400}, ["", "", "", "", "", "", "", "", "", ""]}, 0xe0}, 0x1, 0x0, 0x0, 0x10}, 0x804)

15:48:31 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:31 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\r\x00'}, 0x58)

15:48:31 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:31 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:32 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00000000000000}})

15:48:32 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x200400, 0x0)
ioctl$KVM_INTERRUPT(r1, 0x4004ae86, &(0x7f00000003c0)=0x9)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f0000000000)={0x1, 0x0, 0x103, 0x3, {0xffff, 0x5, 0xfffffffffffffff8}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
getsockopt$TIPC_SOCK_RECVQ_DEPTH(0xffffffffffffffff, 0x10f, 0x84, &(0x7f0000000200), &(0x7f0000000240)=0x4)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000400)={[0x8d30, 0x100, 0x7, 0x80000001, 0x80000001, 0x2749985d, 0x8, 0x7, 0x1, 0x2, 0x401, 0x10001, 0x10000, 0x1, 0x9, 0x3], 0x2004, 0x48080})
r2 = syz_open_dev$audion(&(0x7f0000000140)='/dev/audio#\x00', 0x10, 0x2)
getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r2, 0x84, 0x1e, &(0x7f0000000540), &(0x7f0000000580)=0x9e3)
r3 = getuid()
r4 = getegid()
chown(&(0x7f0000000340)='./file0\x00', r3, r4)
ioctl$SIOCAX25GETINFO(r2, 0x89ed, &(0x7f00000000c0))
ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffffff, 0xc0106426, &(0x7f00000002c0)={0x5, &(0x7f0000000280)=[{<r5=>0x0}, {}, {}, {}, {}]})
ioctl$DRM_IOCTL_LOCK(r2, 0x4008642a, &(0x7f0000000300)={r5, 0x5})
syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_bt_bnep_BNEPGETCONNINFO(r2, 0x800442d3, &(0x7f0000000380)={0x0, 0x6, 0x7ff, @empty, 'veth1_to_team\x00'})

[ 1555.158209][T15363] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1555.190694][T15363] CPU: 0 PID: 15363 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
15:48:32 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00000000000000}})

[ 1555.198664][T15363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1555.208740][T15363] Call Trace:
[ 1555.212046][T15363]  dump_stack+0x1d8/0x2f8
[ 1555.216373][T15363]  dump_header+0xdb/0xf40
[ 1555.220701][T15363]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1555.226513][T15363]  ? ___ratelimit+0x447/0x5d0
[ 1555.226532][T15363]  oom_kill_process+0x1a0/0x490
[ 1555.226546][T15363]  out_of_memory+0x76e/0x9e0
[ 1555.240651][T15363]  ? unregister_oom_notifier+0x20/0x20
[ 1555.240674][T15363]  ? kasan_check_read+0x11/0x20
[ 1555.250995][T15363]  try_charge+0x12ba/0x1710
[ 1555.255524][T15363]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1555.261343][T15363]  ? rcu_lock_release+0x4/0x20
[ 1555.266109][T15363]  ? rcu_lock_release+0x15/0x20
[ 1555.270957][T15363]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1555.276506][T15363]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1555.281805][T15363]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1555.287452][T15363]  wp_page_copy+0x391/0x18e0
[ 1555.292057][T15363]  ? reuse_swap_page+0xd47/0x1650
[ 1555.297094][T15363]  ? rcu_lock_release+0x30/0x30
[ 1555.301977][T15363]  ? kasan_check_read+0x11/0x20
15:48:32 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}})

[ 1555.306864][T15363]  ? do_raw_spin_unlock+0x49/0x260
[ 1555.311992][T15363]  do_wp_page+0x609/0x1ba0
[ 1555.316415][T15363]  ? kasan_check_write+0x14/0x20
[ 1555.321366][T15363]  ? __rwlock_init+0x130/0x130
[ 1555.326144][T15363]  ? count_memcg_event_mm+0x300/0x300
[ 1555.331530][T15363]  handle_mm_fault+0x29a6/0x6130
[ 1555.336486][T15363]  ? finish_fault+0x220/0x220
[ 1555.341196][T15363]  ? __down_read+0x1a0/0x1a0
[ 1555.345829][T15363]  ? vmacache_find+0x251/0x5b0
[ 1555.350603][T15363]  ? find_vma+0x30/0x150
[ 1555.354848][T15363]  do_user_addr_fault+0x56f/0xaa0
[ 1555.359898][T15363]  __do_page_fault+0xd3/0x1f0
[ 1555.364586][T15363]  do_page_fault+0xce/0xe0
[ 1555.369026][T15363]  ? page_fault+0x8/0x30
[ 1555.373282][T15363]  page_fault+0x1e/0x30
[ 1555.377441][T15363] RIP: 0033:0x40f6a6
[ 1555.381339][T15363] Code: 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 0a 0e 66 00 00 00 00 00 <48> c7 05 e7 47 30 00 90 3e 71 00 31 d2 48 c7 05 d2 47 30 00 90 3e
[ 1555.400952][T15363] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
15:48:32 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000}})

15:48:32 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:32 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:32 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1555.407023][T15363] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000a704a0
[ 1555.415119][T15363] RDX: 0000000000a704a0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1555.423102][T15363] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1555.423115][T15363] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1555.439625][T15363] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
15:48:32 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1555.532831][T15363] memory: usage 307200kB, limit 307200kB, failcnt 52162
[ 1555.542677][T15363] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1555.556673][T15363] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1555.597845][T15363] Memory cgroup stats for /syz0: cache:6532KB rss:101148KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101156KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1555.659092][T15363] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5784,uid=0
[ 1555.683889][T15363] Memory cgroup out of memory: Killed process 5784 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1555.698711][ T1044] oom_reaper: reaped process 5784 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
[ 1555.735828][T15363] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1555.746894][T15363] CPU: 0 PID: 15363 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1555.754792][T15363] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1555.766771][T15363] Call Trace:
[ 1555.770068][T15363]  dump_stack+0x1d8/0x2f8
[ 1555.774650][T15363]  dump_header+0xdb/0xf40
[ 1555.779096][T15363]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1555.785461][T15363]  ? ___ratelimit+0x447/0x5d0
[ 1555.791924][T15363]  oom_kill_process+0x1a0/0x490
[ 1555.796860][T15363]  out_of_memory+0x76e/0x9e0
[ 1555.810023][T15363]  ? unregister_oom_notifier+0x20/0x20
[ 1555.817198][T15363]  ? kasan_check_read+0x11/0x20
[ 1555.823020][T15363]  try_charge+0x12ba/0x1710
[ 1555.827956][T15363]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1555.834762][T15363]  ? rcu_lock_release+0x4/0x20
[ 1555.840905][T15363]  ? rcu_lock_release+0x15/0x20
[ 1555.850876][T15363]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1555.859889][T15363]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1555.865334][T15363]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1555.874623][T15363]  wp_page_copy+0x391/0x18e0
[ 1555.879879][T15363]  ? rcu_lock_release+0x30/0x30
[ 1555.885715][T15363]  ? kasan_check_read+0x11/0x20
[ 1555.892447][T15363]  ? do_raw_spin_unlock+0x49/0x260
[ 1555.898505][T15363]  do_wp_page+0x609/0x1ba0
[ 1555.904080][T15363]  ? kasan_check_write+0x14/0x20
[ 1555.910565][T15363]  ? __rwlock_init+0x130/0x130
[ 1555.917783][T15363]  ? count_memcg_event_mm+0x300/0x300
[ 1555.923765][T15363]  handle_mm_fault+0x29a6/0x6130
[ 1555.930472][T15363]  ? finish_fault+0x220/0x220
[ 1555.938499][T15363]  ? __down_read+0x1a0/0x1a0
[ 1555.949985][T15363]  ? vmacache_find+0x251/0x5b0
[ 1555.957279][T15363]  ? find_vma+0x30/0x150
[ 1555.963318][T15363]  do_user_addr_fault+0x56f/0xaa0
[ 1555.968975][T15363]  __do_page_fault+0xd3/0x1f0
[ 1555.975124][T15363]  do_page_fault+0xce/0xe0
[ 1555.979740][T15363]  ? page_fault+0x8/0x30
[ 1555.990090][T15363]  page_fault+0x1e/0x30
[ 1555.999618][T15363] RIP: 0033:0x40e6b8
[ 1556.011244][T15363] Code: 8b 34 c6 4a 8d 04 2e 48 3d ff ff ff 7e 0f 86 77 ff ff ff bf d1 ea 4b 00 31 c0 e8 c3 35 ff ff 31 ff e8 0c 32 ff ff 0f 1f 40 00 <89> 3c b5 00 00 73 00 eb b6 31 ed 0f 1f 44 00 00 80 3d ae 1d 66 00
[ 1556.046404][T15363] RSP: 002b:00007ffff6b9e4b0 EFLAGS: 00010246
[ 1556.054365][T15363] RAX: 0000000025d5a043 RBX: 000000000ba50688 RCX: 0000001b2ce20000
[ 1556.068101][T15363] RDX: 0000000000000000 RSI: 0000000000000043 RDI: ffffffff25d5a043
[ 1556.079495][T15363] RBP: 000000000000000e R08: 0000000025d5a043 R09: 0000000025d5a047
[ 1556.101334][T15363] R10: 00007ffff6b9e650 R11: 0000000000000246 R12: 000000000075bfa8
[ 1556.111189][T15363] R13: 0000000080000000 R14: 00007f6874e5f008 R15: 000000000000000e
[ 1556.121573][T15363] memory: usage 307020kB, limit 307200kB, failcnt 52193
[ 1556.130859][T15363] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1556.138411][T15363] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1556.145267][T15363] Memory cgroup stats for /syz0: cache:6528KB rss:101096KB rss_huge:0KB shmem:6524KB mapped_file:3228KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6516KB active_anon:101104KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1556.167328][T15363] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5950,uid=0
15:48:33 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0e\x00'}, 0x58)

15:48:33 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:33 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200000000000000}})

15:48:33 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x9, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @sdr={0x39555f5d, 0x8}})
r2 = syz_open_dev$radio(&(0x7f00000001c0)='/dev/radio#\x00', 0x1, 0x2)
getpeername$netlink(r2, &(0x7f0000000200), &(0x7f0000000240)=0xc)
ioctl$VIDIOC_G_MODULATOR(r1, 0xc0445636, &(0x7f0000000280)={0x8000, "4b4c05a5bb0190a69b77f7deb3ffb72650e3b06ae849a0603905760fd5d6acbf", 0xb01, 0x3, 0x0, 0x4, 0x5})
ioctl$UI_SET_FFBIT(r2, 0x4004556b, 0x3e)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video36\x00', 0x2, 0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x48000, 0x0)
bind$unix(r3, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f00000000c0)={0x8000000, 0x724ee42b, 0x3e})

15:48:33 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:33 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1556.182722][T15363] Memory cgroup out of memory: Killed process 5950 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1556.200608][ T1044] oom_reaper: reaped process 5950 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:33 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:33 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0x0, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:33 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}})

15:48:33 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:33 executing program 5:
openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x200040, 0x0)
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000480)={0x2, @win={{0x2, 0x2, 0x1, 0x3}, 0x7, 0x4, &(0x7f00000003c0)={{0x2020000000, 0x401, 0x59, 0x9}, &(0x7f0000000380)={{0x9, 0xffff, 0x81, 0xb1}, &(0x7f0000000340)={{0x7b, 0x7776, 0xc9a, 0x17}}}}, 0x6, &(0x7f0000000400)="82542aabd7b42f97e30dcfed2c06a847f1fec0e8205621359c00b669ec371e01e890da933ee8abe36bffb1ea06336923b832012704dccfc7a9a3a6acc12ca26da678fc4585c2f089e98b20001c42817051297d2bbe79fcdae651", 0x1}})

15:48:33 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00'}, 0x58)

15:48:33 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:33 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:33 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:33 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, &(0x7f0000000040)={0x3, 0x9, 0x2, 0x7ff, 0x1f})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0x4000002, @sliced={0x9, [0xff, 0xffffffffffffffff, 0x8, 0x0, 0x7, 0xb70, 0x5, 0xfff, 0x8, 0x8, 0x5, 0x62a, 0x6, 0x7fff, 0xe7, 0x8, 0x6, 0x1000, 0x3ff, 0x7fffffff, 0x80, 0x3f, 0xffff, 0x6, 0x6, 0x2, 0x800, 0xfff, 0x400, 0x0, 0x8000, 0x8, 0xfffffffffffffffe, 0x81, 0xc561, 0x7, 0x3f, 0x5, 0x6, 0x7f, 0x7, 0x6, 0x80000001, 0x80, 0x3, 0x0, 0x800000000000000, 0x80000000], 0x7}})

15:48:33 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500000000000000}})

15:48:33 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1556.604133][T15451] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1556.668435][T15451] CPU: 0 PID: 15451 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1556.676373][T15451] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1556.686436][T15451] Call Trace:
[ 1556.689745][T15451]  dump_stack+0x1d8/0x2f8
[ 1556.694286][T15451]  dump_header+0xdb/0xf40
[ 1556.698650][T15451]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1556.698663][T15451]  ? ___ratelimit+0x447/0x5d0
[ 1556.698678][T15451]  oom_kill_process+0x1a0/0x490
[ 1556.698689][T15451]  out_of_memory+0x76e/0x9e0
[ 1556.698701][T15451]  ? unregister_oom_notifier+0x20/0x20
[ 1556.698711][T15451]  ? kasan_check_read+0x11/0x20
[ 1556.698725][T15451]  try_charge+0x12ba/0x1710
[ 1556.698763][T15451]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1556.698781][T15451]  ? rcu_lock_release+0x4/0x20
[ 1556.698795][T15451]  ? rcu_lock_release+0x15/0x20
[ 1556.698803][T15451]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1556.698818][T15451]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1556.760475][T15451]  mem_cgroup_try_charge_delay+0x25/0xa0
15:48:33 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1556.766135][T15451]  wp_page_copy+0x391/0x18e0
[ 1556.770750][T15451]  ? reuse_swap_page+0xd47/0x1650
[ 1556.775787][T15451]  ? rcu_lock_release+0x30/0x30
[ 1556.780689][T15451]  ? kasan_check_read+0x11/0x20
[ 1556.785574][T15451]  ? do_raw_spin_unlock+0x49/0x260
[ 1556.790727][T15451]  do_wp_page+0x609/0x1ba0
[ 1556.795191][T15451]  ? kasan_check_write+0x14/0x20
[ 1556.800151][T15451]  ? __rwlock_init+0x130/0x130
[ 1556.804933][T15451]  ? count_memcg_event_mm+0x300/0x300
[ 1556.810367][T15451]  handle_mm_fault+0x29a6/0x6130
[ 1556.815336][T15451]  ? finish_fault+0x220/0x220
[ 1556.820047][T15451]  ? __down_read+0x1a0/0x1a0
[ 1556.824653][T15451]  ? vmacache_find+0x51b/0x5b0
[ 1556.829447][T15451]  ? vmacache_update+0xb7/0x120
[ 1556.834315][T15451]  ? find_vma+0x13c/0x150
[ 1556.838687][T15451]  do_user_addr_fault+0x56f/0xaa0
[ 1556.843748][T15451]  __do_page_fault+0xd3/0x1f0
[ 1556.848445][T15451]  do_page_fault+0xce/0xe0
[ 1556.852877][T15451]  ? page_fault+0x8/0x30
[ 1556.857134][T15451]  page_fault+0x1e/0x30
[ 1556.861303][T15451] RIP: 0033:0x457b1e
15:48:33 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1556.865203][T15451] Code: 00 00 85 c0 41 89 c5 0f 85 fc 00 00 00 64 8b 04 25 d0 02 00 00 41 39 c4 0f 84 12 02 00 00 48 8b 05 27 ec 61 00 48 85 c0 74 04 <48> 83 00 04 64 8b 04 25 d0 02 00 00 64 89 04 25 d4 02 00 00 0f 31
[ 1556.884810][T15451] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010206
[ 1556.884827][T15451] RAX: 0000000000a76248 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1556.898947][T15451] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1556.906933][T15451] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
15:48:33 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:33 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000}})

15:48:33 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1556.906941][T15451] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1556.906946][T15451] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1556.929857][T15451] memory: usage 307200kB, limit 307200kB, failcnt 52224
[ 1556.972929][T15451] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1557.000481][T15451] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1557.038585][T15451] Memory cgroup stats for /syz0: cache:6540KB rss:101136KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101144KB inactive_file:8KB active_file:0KB unevictable:0KB
[ 1557.096196][T15451] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5972,uid=0
[ 1557.126541][T15451] Memory cgroup out of memory: Killed process 5972 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:34 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00'}, 0x58)

15:48:34 executing program 5:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x22a801, 0x0)
write$P9_RREADDIR(r0, &(0x7f00000000c0)={0xa6, 0x29, 0x1, {0xfffe0000000000, [{{0x18, 0x0, 0x7}, 0x0, 0xe2, 0x7, './file0'}, {{0xa1, 0x4, 0x4}, 0xffff, 0x2, 0x7, './file0'}, {{0x3, 0x2, 0x6}, 0x4, 0x9a3e, 0x7, './file0'}, {{0x4, 0x0, 0x3}, 0x10001, 0xfc00000000000000, 0x7, './file0'}, {{0x8, 0x0, 0x1}, 0xfffffffffffffffe, 0x2, 0x7, './file0'}]}}, 0xa6)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)

15:48:34 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:34 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:34 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4056d0c000000000}})

15:48:34 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1557.151186][ T1044] oom_reaper: reaped process 5972 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:34 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:34 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:34 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:34 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x12\x00'}, 0x58)

15:48:34 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4241383100000000}})

15:48:34 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @sdr={0x34343459, 0x5}})

15:48:34 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:34 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:34 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1557.507934][T15519] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1557.537407][T15519] CPU: 1 PID: 15519 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1557.545337][T15519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1557.555433][T15519] Call Trace:
[ 1557.558746][T15519]  dump_stack+0x1d8/0x2f8
[ 1557.563093][T15519]  dump_header+0xdb/0xf40
[ 1557.567430][T15519]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1557.567442][T15519]  ? ___ratelimit+0x447/0x5d0
[ 1557.567459][T15519]  oom_kill_process+0x1a0/0x490
[ 1557.567474][T15519]  out_of_memory+0x76e/0x9e0
[ 1557.587423][T15519]  ? unregister_oom_notifier+0x20/0x20
[ 1557.592903][T15519]  ? kasan_check_read+0x11/0x20
[ 1557.597779][T15519]  try_charge+0x12ba/0x1710
[ 1557.602318][T15519]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1557.608146][T15519]  ? rcu_lock_release+0x4/0x20
[ 1557.612930][T15519]  ? rcu_lock_release+0x15/0x20
[ 1557.617830][T15519]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1557.623391][T15519]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1557.628717][T15519]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1557.634395][T15519]  wp_page_copy+0x391/0x18e0
[ 1557.639014][T15519]  ? reuse_swap_page+0xd47/0x1650
[ 1557.644080][T15519]  ? rcu_lock_release+0x30/0x30
[ 1557.648954][T15519]  ? kasan_check_read+0x11/0x20
[ 1557.653920][T15519]  ? do_raw_spin_unlock+0x49/0x260
[ 1557.659047][T15519]  do_wp_page+0x609/0x1ba0
[ 1557.663476][T15519]  ? kasan_check_write+0x14/0x20
[ 1557.668435][T15519]  ? __rwlock_init+0x130/0x130
[ 1557.668449][T15519]  ? count_memcg_event_mm+0x300/0x300
[ 1557.668466][T15519]  handle_mm_fault+0x29a6/0x6130
[ 1557.668489][T15519]  ? finish_fault+0x220/0x220
[ 1557.683565][T15519]  ? __down_read+0x1a0/0x1a0
[ 1557.683577][T15519]  ? vmacache_find+0x51b/0x5b0
[ 1557.683591][T15519]  ? vmacache_update+0xb7/0x120
[ 1557.702466][T15519]  ? find_vma+0x13c/0x150
[ 1557.709696][T15519]  do_user_addr_fault+0x56f/0xaa0
[ 1557.716070][T15519]  __do_page_fault+0xd3/0x1f0
[ 1557.722075][T15519]  do_page_fault+0xce/0xe0
[ 1557.726513][T15519]  ? page_fault+0x8/0x30
[ 1557.730769][T15519]  page_fault+0x1e/0x30
[ 1557.734928][T15519] RIP: 0033:0x40f678
[ 1557.738832][T15519] Code: 48 8b 05 43 48 30 00 48 89 08 48 8b 15 41 48 30 00 48 89 42 08 48 8b 05 26 48 30 00 48 89 05 2f 48 30 00 49 8d 81 c0 02 00 00 <48> 89 05 31 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48
15:48:34 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:34 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1557.758471][T15519] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
[ 1557.764560][T15519] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000713ea0
[ 1557.764568][T15519] RDX: 000000000040f4b0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1557.764573][T15519] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1557.764579][T15519] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1557.764585][T15519] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
15:48:34 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4247523300000000}})

15:48:34 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video35\x00', 0x2, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vga_arbiter\x00', 0x0, 0x0)
ioctl$RTC_AIE_OFF(r1, 0x7002)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1557.797045][T15519] memory: usage 307196kB, limit 307200kB, failcnt 52270
15:48:34 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:34 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x0, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1557.875334][T15519] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1557.897911][T15519] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1557.935067][T15519] Memory cgroup stats for /syz0: cache:6532KB rss:101144KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101152KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1558.014590][T15519] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=5988,uid=0
[ 1558.039089][T15519] Memory cgroup out of memory: Killed process 5988 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:35 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00'}, 0x58)

15:48:35 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:35 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4742524700000000}})

15:48:35 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @pix_mp={0x9, 0xfff, 0x30313953, 0xf, 0xb, [{0x40, 0x7}, {0x4}, {0x6}, {0x5, 0xfffffffffffffff9}, {0x5, 0x1}, {0x10000, 0x9}, {0x9, 0x8}, {0x80000001, 0x9}], 0x7, 0x7, 0x0, 0x3}})

15:48:35 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:35 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x0, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:35 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:35 executing program 5:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
connect$unix(r0, &(0x7f0000000000)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:35 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x0, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:35 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:35 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4752424700000000}})

[ 1558.292868][T15580] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1558.386308][T15580] CPU: 1 PID: 15580 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1558.399496][T15580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1558.415357][T15580] Call Trace:
[ 1558.418685][T15580]  dump_stack+0x1d8/0x2f8
[ 1558.423143][T15580]  dump_header+0xdb/0xf40
[ 1558.427598][T15580]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1558.436469][T15580]  ? ___ratelimit+0x447/0x5d0
[ 1558.445106][T15580]  oom_kill_process+0x1a0/0x490
[ 1558.445122][T15580]  out_of_memory+0x76e/0x9e0
[ 1558.445133][T15580]  ? unregister_oom_notifier+0x20/0x20
[ 1558.445144][T15580]  ? kasan_check_read+0x11/0x20
[ 1558.445160][T15580]  try_charge+0x12ba/0x1710
[ 1558.468093][T15580]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1558.468114][T15580]  ? rcu_lock_release+0x4/0x20
[ 1558.468129][T15580]  ? rcu_lock_release+0x15/0x20
[ 1558.468138][T15580]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1558.468148][T15580]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1558.468163][T15580]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1558.468175][T15580]  wp_page_copy+0x391/0x18e0
[ 1558.468192][T15580]  ? reuse_swap_page+0xd47/0x1650
[ 1558.480947][T15580]  ? rcu_lock_release+0x30/0x30
[ 1558.480965][T15580]  ? kasan_check_read+0x11/0x20
[ 1558.480975][T15580]  ? do_raw_spin_unlock+0x49/0x260
[ 1558.480990][T15580]  do_wp_page+0x609/0x1ba0
[ 1558.481000][T15580]  ? kasan_check_write+0x14/0x20
[ 1558.481014][T15580]  ? __rwlock_init+0x130/0x130
[ 1558.481024][T15580]  ? count_memcg_event_mm+0x300/0x300
[ 1558.481044][T15580]  handle_mm_fault+0x29a6/0x6130
[ 1558.501992][T15580]  ? finish_fault+0x220/0x220
[ 1558.502017][T15580]  ? __down_read+0x1a0/0x1a0
15:48:35 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1558.502026][T15580]  ? vmacache_find+0x251/0x5b0
[ 1558.502041][T15580]  ? find_vma+0x30/0x150
[ 1558.513622][T15580]  do_user_addr_fault+0x56f/0xaa0
[ 1558.513644][T15580]  __do_page_fault+0xd3/0x1f0
[ 1558.513656][T15580]  do_page_fault+0xce/0xe0
[ 1558.513668][T15580]  ? page_fault+0x8/0x30
[ 1558.513683][T15580]  page_fault+0x1e/0x30
[ 1558.551789][T15580] RIP: 0033:0x40f6a6
[ 1558.563238][T15580] Code: 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 0a 0e 66 00 00 00 00 00 <48> c7 05 e7 47 30 00 90 3e 71 00 31 d2 48 c7 05 d2 47 30 00 90 3e
[ 1558.563246][T15580] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
[ 1558.563254][T15580] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000a704a0
[ 1558.563260][T15580] RDX: 0000000000a704a0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1558.563267][T15580] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1558.563272][T15580] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1558.563278][T15580] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1558.613031][T15580] memory: usage 307200kB, limit 307200kB, failcnt 52305
[ 1558.701414][T15580] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1558.710979][T15580] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1558.721704][T15580] Memory cgroup stats for /syz0: cache:6532KB rss:101148KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101156KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1558.750679][T15580] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15565,uid=0
[ 1558.766876][T15580] Memory cgroup out of memory: Killed process 15565 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1558.786244][ T1044] oom_reaper: reaped process 15565 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
[ 1558.788271][T15580] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1558.807513][T15580] CPU: 0 PID: 15580 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1558.815414][T15580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1558.825647][T15580] Call Trace:
[ 1558.828934][T15580]  dump_stack+0x1d8/0x2f8
[ 1558.833269][T15580]  dump_header+0xdb/0xf40
[ 1558.837604][T15580]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1558.843404][T15580]  ? ___ratelimit+0x447/0x5d0
[ 1558.848167][T15580]  oom_kill_process+0x1a0/0x490
[ 1558.853015][T15580]  out_of_memory+0x76e/0x9e0
[ 1558.857616][T15580]  ? unregister_oom_notifier+0x20/0x20
[ 1558.863073][T15580]  ? kasan_check_read+0x11/0x20
[ 1558.867925][T15580]  try_charge+0x12ba/0x1710
[ 1558.872443][T15580]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1558.878263][T15580]  ? rcu_lock_release+0x4/0x20
[ 1558.883144][T15580]  ? rcu_lock_release+0x15/0x20
[ 1558.888009][T15580]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1558.893550][T15580]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1558.898926][T15580]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1558.904575][T15580]  wp_page_copy+0x391/0x18e0
[ 1558.909159][T15580]  ? reuse_swap_page+0xd47/0x1650
[ 1558.914265][T15580]  ? rcu_lock_release+0x30/0x30
[ 1558.919220][T15580]  ? kasan_check_read+0x11/0x20
[ 1558.924154][T15580]  ? do_raw_spin_unlock+0x49/0x260
[ 1558.929270][T15580]  do_wp_page+0x609/0x1ba0
[ 1558.933706][T15580]  ? kasan_check_write+0x14/0x20
[ 1558.938672][T15580]  ? __rwlock_init+0x130/0x130
[ 1558.943434][T15580]  ? count_memcg_event_mm+0x300/0x300
[ 1558.948805][T15580]  handle_mm_fault+0x29a6/0x6130
[ 1558.953751][T15580]  ? finish_fault+0x220/0x220
[ 1558.958440][T15580]  ? __down_read+0x1a0/0x1a0
[ 1558.963024][T15580]  ? vmacache_find+0x251/0x5b0
[ 1558.967775][T15580]  ? find_vma+0x30/0x150
[ 1558.972110][T15580]  do_user_addr_fault+0x56f/0xaa0
[ 1558.977139][T15580]  __do_page_fault+0xd3/0x1f0
[ 1558.982010][T15580]  do_page_fault+0xce/0xe0
[ 1558.986455][T15580]  ? page_fault+0x8/0x30
[ 1558.990696][T15580]  page_fault+0x1e/0x30
[ 1558.994896][T15580] RIP: 0033:0x40f6a6
[ 1558.998785][T15580] Code: 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 0a 0e 66 00 00 00 00 00 <48> c7 05 e7 47 30 00 90 3e 71 00 31 d2 48 c7 05 d2 47 30 00 90 3e
[ 1559.018393][T15580] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
[ 1559.024455][T15580] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000a704a0
[ 1559.032412][T15580] RDX: 0000000000a704a0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1559.040375][T15580] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1559.048346][T15580] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1559.056302][T15580] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1559.064962][T15580] memory: usage 306904kB, limit 307200kB, failcnt 52311
[ 1559.072077][T15580] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1559.079653][T15580] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:48:36 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00'}, 0x58)

15:48:36 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0xffffffffffffffff, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$amidi(&(0x7f0000000200)='/dev/amidi#\x00', 0xffb, 0x40000)
ioctl$TUNGETFILTER(r1, 0x801054db, &(0x7f00000000c0)=""/253)
ioctl$KVM_SET_SIGNAL_MASK(r1, 0x4004ae8b, &(0x7f00000006c0)=ANY=[@ANYBLOB="46000000fa221c699996f5026c8ee9f93ecf7d374763c411bc9f3bafeca41adbdc0021c3b16b2fd6a429a7caace65ff85f1ac398bf336850aa1eaa74e3b18998fa41bbed1f0000004330a0cabead0943d167436662f2cf8a318e7425bf1ac7d2cf3cd48e8ef55682ab6885ac7986c04cfa5362da92170bfd1de382a7cd4cbdf9c816c32efe29dc6c280aca029349240fb1bdae089c966eba6537b44fa1fcf38da107b82abca3fce0e54ff24a55fe9acee986ba9afa35d13fbff68f0e11f73e82e560fbcaaca85209e8fa8076bba9bc787192d74e1d4118e718dd537d3e18335ff96909d53440648fbea58fe1f6ef06ffe8947d0d625fabea31645da85ddee65642d6abdca810c8182c7804315b7198d7f22d0b4929960faca3ded77b1458c31a9d468e93f9258aca65a0166337545baded53a49ac6cb9c3c147d57d05e6053e1d79439c73504dbab19eafca6e472277af9438e60c416bddabb7764827dbcddd7ae898c4fca545755c1ad29226f2585bcf2b966e1382db687aeca4eb01b733b04dd"])
eventfd2(0x8001, 0x1)
openat$uhid(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uhid\x00', 0x802, 0x0)

[ 1559.086526][T15580] Memory cgroup stats for /syz0: cache:6524KB rss:101032KB rss_huge:0KB shmem:6524KB mapped_file:3228KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6516KB active_anon:101040KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1559.108717][T15580] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6058,uid=0
[ 1559.124169][T15580] Memory cgroup out of memory: Killed process 6058 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:36 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x0, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:36 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5247423300000000}})

15:48:36 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:36 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:36 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:36 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x8, 0x2449c2)
epoll_pwait(r1, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}], 0x7, 0x9, &(0x7f0000000040)={0x4}, 0x8)

15:48:36 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5247425000000000}})

15:48:36 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x0, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:36 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:36 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00'}, 0x58)

15:48:36 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1559.486354][T15649] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1559.516248][T15649] CPU: 0 PID: 15649 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1559.524171][T15649] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1559.534232][T15649] Call Trace:
[ 1559.534257][T15649]  dump_stack+0x1d8/0x2f8
[ 1559.534272][T15649]  dump_header+0xdb/0xf40
[ 1559.534285][T15649]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1559.534295][T15649]  ? ___ratelimit+0x447/0x5d0
[ 1559.534309][T15649]  oom_kill_process+0x1a0/0x490
[ 1559.534320][T15649]  out_of_memory+0x76e/0x9e0
[ 1559.534331][T15649]  ? unregister_oom_notifier+0x20/0x20
[ 1559.534341][T15649]  ? kasan_check_read+0x11/0x20
[ 1559.534356][T15649]  try_charge+0x12ba/0x1710
[ 1559.534387][T15649]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1559.534408][T15649]  ? rcu_lock_release+0x4/0x20
[ 1559.581422][T15649]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1559.597525][T15649]  ? memcg_kmem_put_cache+0x70/0x70
[ 1559.602766][T15649]  ? rcu_lock_release+0x15/0x20
[ 1559.607624][T15649]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1559.613261][T15649]  __memcg_kmem_charge+0x118/0x2f0
[ 1559.618387][T15649]  __alloc_pages_nodemask+0x377/0x790
[ 1559.623780][T15649]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1559.629337][T15649]  ? __lock_acquire+0xcf7/0x1a40
15:48:36 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5247425200000000}})

15:48:36 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:36 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x0, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:36 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:36 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video35\x00', 0x2, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x80, 0x0)
r2 = memfd_create(&(0x7f0000000000)='wlan0]\x00', 0x1)
fcntl$getownex(r0, 0x10, &(0x7f0000000100))
fcntl$setflags(r2, 0x2, 0x1)
getsockopt$inet6_opts(r1, 0x29, 0x0, &(0x7f00000001c0)=""/154, &(0x7f0000000080)=0x9a)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1559.629361][T15649]  alloc_pages_current+0x2fb/0x540
[ 1559.629377][T15649]  pte_alloc_one+0x1f/0x180
[ 1559.629391][T15649]  handle_mm_fault+0x3503/0x6130
[ 1559.629399][T15649]  ? trace_lock_acquire+0x190/0x190
[ 1559.629421][T15649]  ? finish_fault+0x220/0x220
[ 1559.629440][T15649]  ? __down_read+0x1a0/0x1a0
[ 1559.629447][T15649]  ? vmacache_find+0x51b/0x5b0
[ 1559.629456][T15649]  ? vmacache_update+0xb7/0x120
[ 1559.629467][T15649]  ? find_vma+0x13c/0x150
[ 1559.629481][T15649]  do_user_addr_fault+0x56f/0xaa0
[ 1559.629501][T15649]  __do_page_fault+0xd3/0x1f0
[ 1559.629513][T15649]  do_page_fault+0xce/0xe0
[ 1559.629531][T15649]  ? page_fault+0x8/0x30
[ 1559.649003][T15649]  page_fault+0x1e/0x30
[ 1559.649016][T15649] RIP: 0033:0x457aea
[ 1559.649039][T15649] Code: Bad RIP value.
[ 1559.649044][T15649] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010246
[ 1559.649052][T15649] RAX: 0000000000000000 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1559.649058][T15649] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1559.649064][T15649] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1559.649070][T15649] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
15:48:36 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:36 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5247474200000000}})

15:48:36 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:36 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5955595600000000}})

[ 1559.649075][T15649] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1559.718490][T15649] memory: usage 307200kB, limit 307200kB, failcnt 52331
[ 1559.814235][T15649] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
15:48:36 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x0, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1559.846369][T15649] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1559.859538][T15649] Memory cgroup stats for /syz0: cache:6540KB rss:101136KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101144KB inactive_file:8KB active_file:0KB unevictable:0KB
[ 1559.882472][T15649] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15606,uid=0
[ 1559.898865][T15649] Memory cgroup out of memory: Killed process 15606 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:37 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00'}, 0x58)

15:48:37 executing program 5:
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:37 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:37 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:37 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00000000000000}})

15:48:37 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x0, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:37 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x0, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:37 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
getsockopt$inet6_udp_int(r0, 0x11, 0x67, &(0x7f0000000000), &(0x7f0000000040)=0x4)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:37 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:37 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff}})

15:48:37 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:37 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x0, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:37 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00'}, 0x58)

15:48:37 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x9, 0x200200)
ioctl$IMDELTIMER(r1, 0x80044941, &(0x7f0000000040))

15:48:37 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:37 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000}})

15:48:37 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:37 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x0, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1560.506412][T15745] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
15:48:37 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1560.596530][T15745] CPU: 0 PID: 15745 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1560.614194][T15745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1560.624267][T15745] Call Trace:
[ 1560.624292][T15745]  dump_stack+0x1d8/0x2f8
[ 1560.631912][T15745]  dump_header+0xdb/0xf40
[ 1560.636343][T15745]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1560.636356][T15745]  ? ___ratelimit+0x447/0x5d0
[ 1560.636375][T15745]  oom_kill_process+0x1a0/0x490
[ 1560.636392][T15745]  out_of_memory+0x76e/0x9e0
[ 1560.656406][T15745]  ? unregister_oom_notifier+0x20/0x20
[ 1560.661889][T15745]  ? kasan_check_read+0x11/0x20
[ 1560.666854][T15745]  try_charge+0x12ba/0x1710
[ 1560.671395][T15745]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1560.677217][T15745]  ? rcu_lock_release+0x4/0x20
[ 1560.677232][T15745]  ? rcu_lock_release+0x15/0x20
[ 1560.677241][T15745]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1560.677252][T15745]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1560.677268][T15745]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1560.677279][T15745]  wp_page_copy+0x391/0x18e0
[ 1560.677298][T15745]  ? reuse_swap_page+0xd47/0x1650
[ 1560.677312][T15745]  ? rcu_lock_release+0x30/0x30
[ 1560.694151][T15745]  ? kasan_check_read+0x11/0x20
[ 1560.738134][T15745]  ? do_raw_spin_unlock+0x49/0x260
[ 1560.747634][T15745]  do_wp_page+0x609/0x1ba0
[ 1560.753584][T15745]  ? kasan_check_write+0x14/0x20
[ 1560.759842][T15745]  ? __rwlock_init+0x130/0x130
[ 1560.767107][T15745]  ? count_memcg_event_mm+0x300/0x300
[ 1560.772993][T15745]  handle_mm_fault+0x29a6/0x6130
[ 1560.778403][T15745]  ? finish_fault+0x220/0x220
[ 1560.778425][T15745]  ? __down_read+0x1a0/0x1a0
[ 1560.778433][T15745]  ? vmacache_find+0x51b/0x5b0
[ 1560.778441][T15745]  ? vmacache_update+0xb7/0x120
[ 1560.778452][T15745]  ? find_vma+0x13c/0x150
[ 1560.778465][T15745]  do_user_addr_fault+0x56f/0xaa0
[ 1560.778483][T15745]  __do_page_fault+0xd3/0x1f0
[ 1560.778494][T15745]  do_page_fault+0xce/0xe0
15:48:37 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x0, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:37 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff}})

15:48:37 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:37 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:37 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x1, 0x2)
write$UHID_CREATE(r1, &(0x7f00000001c0)={0x0, 'syz1\x00', 'syz1\x00', 'syz1\x00', &(0x7f00000000c0)=""/228, 0xe4, 0x5, 0x6, 0x7, 0x2, 0x8000}, 0x120)

[ 1560.778512][T15745]  ? page_fault+0x8/0x30
[ 1560.851505][T15745]  page_fault+0x1e/0x30
[ 1560.856152][T15745] RIP: 0033:0x457b1e
[ 1560.856169][T15745] Code: 00 00 85 c0 41 89 c5 0f 85 fc 00 00 00 64 8b 04 25 d0 02 00 00 41 39 c4 0f 84 12 02 00 00 48 8b 05 27 ec 61 00 48 85 c0 74 04 <48> 83 00 04 64 8b 04 25 d0 02 00 00 64 89 04 25 d4 02 00 00 0f 31
[ 1560.888450][T15745] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010206
[ 1560.888461][T15745] RAX: 0000000000a76248 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1560.888467][T15745] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1560.888472][T15745] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1560.888476][T15745] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1560.888482][T15745] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1560.896129][T15745] memory: usage 307200kB, limit 307200kB, failcnt 52375
[ 1561.070393][T15745] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1561.081674][T15745] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1561.090345][T15745] Memory cgroup stats for /syz0: cache:6532KB rss:101136KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101144KB inactive_file:0KB active_file:0KB unevictable:0KB
15:48:38 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00'}, 0x58)

15:48:38 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:38 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:38 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfecaedfe00000000}})

15:48:38 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x0, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:38 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x3, 0x2)
ioctl$KVM_CHECK_EXTENSION(r1, 0xae03, 0x80)
preadv(r1, &(0x7f0000000240)=[{&(0x7f0000000080)=""/59, 0x3b}, {&(0x7f00000000c0)=""/115, 0x73}, {&(0x7f0000000140)=""/13, 0xd}, {&(0x7f0000000180)=""/170, 0xaa}], 0x4, 0x0)

[ 1561.117813][T15745] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15633,uid=0
[ 1561.133869][T15745] Memory cgroup out of memory: Killed process 15633 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1561.149327][ T1044] oom_reaper: reaped process 15633 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:48:38 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}})

15:48:38 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x0, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:38 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:38 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x0, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:38 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:38 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd}})

15:48:38 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00'}, 0x58)

15:48:38 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:38 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x0, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:38 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
splice(r0, &(0x7f0000000000)=0x4a, r0, &(0x7f0000000040), 0x7, 0x2)
r1 = syz_open_dev$mouse(&(0x7f00000000c0)='/dev/input/mouse#\x00', 0x5c, 0x40)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TIMER(r1, 0xc0605345, &(0x7f0000000440)={0x5, 0x3, {0xffffffffffffffff, 0x1, 0x8001, 0x3, 0x24000000}})
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f00000002c0)={{{@in=@remote, @in6=@mcast1}}, {{@in=@dev}, 0x0, @in=@local}}, &(0x7f00000003c0)=0xe8)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000400)={0x41, 0x4, 0x8000000000000}, 0x10)
getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000100), &(0x7f0000000140)=0x4)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0x0, @pix={0x0, 0x7, 0x35375f5c, 0x4, 0x0, 0x3, 0x3, 0x40, 0x1, 0xf, 0x3, 0x1}})

15:48:38 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:38 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7}})

15:48:38 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x0, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:38 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:38 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)

15:48:38 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}})

15:48:38 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:38 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00'}, 0x58)

15:48:38 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:38 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:38 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:38 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1561.916013][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
15:48:38 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000240)='/dev/video35\x00', 0x2, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x8000, 0x0)
setsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000140)=0x1, 0xfffffffffffffce4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffff9c, 0x8933, &(0x7f0000000180)={'vcan0\x00', <r2=>0x0})
recvfrom$packet(r1, &(0x7f00000000c0)=""/105, 0x69, 0x40010061, &(0x7f00000001c0)={0x11, 0x9, r2, 0x1, 0x0, 0x6, @random="639448700b1f"}, 0x14)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
pwritev(r0, &(0x7f00000007c0)=[{&(0x7f0000000080)="a5fb17f4120042b82cdf23a40480fff0dd983947c17f29c56f294eb062a2f82ca1842753143e0a3aa715034cdb4b9072fc0dbc4f5b17f354", 0x38}, {&(0x7f0000000280)="41ccac3a2922a7903f47cb46cdca1adff42bfa40ff7de5334e45ce86662b33e54eb3887cec54d70c91c42dd98a90faaecb3a6ab47c9b9e2753f4613a4e1bc66f251e02bebc653820a228", 0x4a}, {&(0x7f0000000300)="515fe469088ec6c4f463fd651be5463c210ff3ac250f2b9556a0218be9e3bac15aa69ffe90d558fff8999926eba82e0457cb8505ba43ab8a73cf4f5653dfb3e4b80bc7f615240fcbb7dd03f5a0fd71136200155c47832b7e36a310186b6aaf662646cf1f23eec05370217413328f9169765756b578a8efc77946c95bf1fba68f2c8c099429f234b4befb2a86b97551a3615d8429c032b7fdf541f0dc291b3364bfd6aeeb498139e912f0e40d1a09", 0xae}, {&(0x7f0000000200)="8f6da69636c8bf0e40458a35020d04366c8bf7319fd6e80f9458", 0x1a}, {&(0x7f00000003c0)="77f2573803923fb1e692222dbd168f3a39ce7d5465a630d468ed0ca4984745ca5e8cfc3aabec0cb03c819217776820bcc893825a3420a8969a47eb685e2674d1055fe9b9e1c08d04b43bcb89879ad8fa1e6d5aa92de810", 0x57}, {&(0x7f0000000440)="f8f9bb46f5525447295514e4e8849441c33c4abadddc2257ff0a969a63", 0x1d}, {&(0x7f0000000480)="8122f7d0470ba952dbb6bddd5c1f55191ae7f5c6787696df794ab9af20b28c80939a385989778a08422894452f6bf1d36f1becb2bb8c1a1c63deb970f8df03ea6dee32cc6a008619a5a1f9ed94f35c1b3f5ef351f4f0d8597a7568a465c4059f67a3c815bb5f80945f9d040ea243e4d8dc7ae96489c15d2ca14999b0013c98d0704690021f33854cba1080b12160d87ce327886acbfd10a3d27bdc07133fa2c32b5b747f95b900a9f8cb05c84929000a7134f7ad864f0406a1ff8687379d23398e4f67d28014112cf6cd9b00cce3bfbcee7ba8a5f2ba9ed079c9ad0dbacd043220", 0xe1}, {&(0x7f00000006c0)="685e604aa13ff7e1718d3bb0f5048a8073cedde442d8204e4f9d002fe0ea8f3e1c172b3d1e6f2fb59d22773e19a2c420159abafab2c01fc66b22e44a7c184c11acbfb2b7ef6df6debf4c47e220b526213c4439e4afe227251b886bea6d0842d85be99171e7e8e373b4a36a76b9bc4586ac1ee43e246d970f11a3be14f94253944f65033a598fd2af2891433b4378bc34806ac5a6db2ebc28fd639754fa508d1cf41a2bd384f8ff1158f00412163aa182fdc6c3b1d8c3a4aaa4561496770dad42e01da0720057a49c3aca3c98", 0xcc}], 0x8, 0x0)
flistxattr(r1, &(0x7f0000000040)=""/8, 0x8)

15:48:38 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1562.001049][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1562.008916][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1562.019010][ T8067] Call Trace:
[ 1562.022313][ T8067]  dump_stack+0x1d8/0x2f8
[ 1562.026659][ T8067]  dump_header+0xdb/0xf40
[ 1562.031004][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1562.036825][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1562.041515][ T8067]  oom_kill_process+0x1a0/0x490
[ 1562.046397][ T8067]  out_of_memory+0x76e/0x9e0
15:48:38 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1562.050998][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1562.056471][ T8067]  ? kasan_check_read+0x11/0x20
[ 1562.061339][ T8067]  try_charge+0x12ba/0x1710
[ 1562.065904][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1562.071739][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1562.076531][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1562.082095][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1562.087417][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1562.092278][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
15:48:39 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:39 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:39 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000007c0)='/dev/vcs\x00', 0x40080, 0x0)
ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000000080)={0x6d3, 0x7, 0xe3a3})
ioctl$KDGKBMETA(r1, 0x4b62, &(0x7f0000000040))
accept(r1, &(0x7f0000000800)=@nfc_llcp, &(0x7f0000000880)=0x80)

[ 1562.097930][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1562.103245][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1562.108634][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1562.114321][ T8067]  ? arch_stack_walk+0x98/0xe0
[ 1562.119363][ T8067]  ? kasan_check_write+0x14/0x20
[ 1562.124302][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1562.129426][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1562.134550][ T8067]  pte_alloc_one+0x1f/0x180
[ 1562.139066][ T8067]  __pte_alloc+0x20/0x2f0
[ 1562.143626][ T8067]  copy_page_range+0x23d5/0x2900
15:48:39 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

[ 1562.149033][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1562.153795][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1562.159142][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1562.166207][ T8067]  dup_mmap+0xa2d/0xe90
[ 1562.171098][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1562.176336][ T8067]  ? kasan_check_write+0x14/0x20
[ 1562.181416][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1562.185838][ T8067]  dup_mm+0x9e/0x340
[ 1562.189755][ T8067]  copy_process+0x25ff/0x5c80
[ 1562.194594][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1562.199083][ T8067]  _do_fork+0x180/0x5f0
[ 1562.203273][ T8067]  ? dup_mm+0x340/0x340
[ 1562.207982][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1562.213549][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1562.219739][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1562.225514][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1562.231711][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1562.231725][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1562.231740][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1562.231754][ T8067]  do_syscall_64+0xfe/0x140
[ 1562.231770][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1562.231781][ T8067] RIP: 0033:0x457aea
[ 1562.231792][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1562.231798][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1562.231809][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1562.231815][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1562.231822][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1562.231829][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1562.231835][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1562.306759][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 52453
[ 1562.325676][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1562.349750][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1562.356759][ T8067] Memory cgroup stats for /syz0: cache:6532KB rss:101124KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101132KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1562.395193][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15843,uid=0
[ 1562.412562][ T8067] Memory cgroup out of memory: Killed process 15843 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1562.428013][ T1044] oom_reaper: reaped process 15843 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:48:39 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:39 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00'}, 0x58)

15:48:39 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:39 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:39 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:39 executing program 5:
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video36\x00', 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x0, 0xd, 0x0, "e681f9d289c63738185d783c279dd946257ed9887017801431eb75d7ee7ac682"})
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
pkey_alloc(0x0, 0x1)
syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0xffffffff, 0xc000)

15:48:39 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:39 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x0, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:39 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:39 executing program 5:
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x200, 0x0)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000040)={0x36, 0x6, 0x0, {0x5, 0x5, 0xd, 0x0, 'eth1GPLmd5sum'}}, 0x36)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x3, @raw_data="32b8761ae868fb0a613f6aa43bcd31f3fd1a5d7d5c84b55a932e5bee8de4bacbd313e5ee672fbfa75956cfce780ad5f9d05ad9d3581833e62d7820aff6d9b213600e0c8071e584702c61648b82d35daa20074c25a9a4d02f51b6e4eb7c4c3bd21f4ed9fdd9a575fbca22c5ace3af2ad3c50d11a17b34535cbb0af458de4f1dbaf38fec726e62a03a79d0527faeabd11b836b14ce4b58fdc69469cc5f44665d6fea5175cf3a5a1216acaadfab19b5f5df37e0bb5effac322069a5cc9e8e5ed0a3274c51238014a9b6"})

15:48:39 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:39 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:39 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
fanotify_init(0x0, 0x1002)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1562.760974][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1562.796574][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1562.805034][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1562.805046][ T8067] Call Trace:
[ 1562.818403][ T8067]  dump_stack+0x1d8/0x2f8
[ 1562.822741][ T8067]  dump_header+0xdb/0xf40
[ 1562.827086][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1562.832907][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1562.837599][ T8067]  oom_kill_process+0x1a0/0x490
[ 1562.842466][ T8067]  out_of_memory+0x76e/0x9e0
[ 1562.847072][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1562.852533][ T8067]  ? kasan_check_read+0x11/0x20
[ 1562.857390][ T8067]  try_charge+0x12ba/0x1710
[ 1562.862006][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1562.867862][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1562.867879][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1562.867891][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1562.867903][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1562.867912][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1562.867926][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1562.878226][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1562.888264][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1562.888278][ T8067]  ? arch_stack_walk+0x98/0xe0
[ 1562.888295][ T8067]  ? kasan_check_write+0x14/0x20
[ 1562.888305][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1562.888319][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1562.888333][ T8067]  pte_alloc_one+0x1f/0x180
[ 1562.888350][ T8067]  __pte_alloc+0x20/0x2f0
[ 1562.899019][ T8067]  copy_page_range+0x23d5/0x2900
[ 1562.899039][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1562.899072][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1562.899084][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1562.899103][ T8067]  dup_mmap+0xa2d/0xe90
[ 1562.899121][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1562.914868][ T8067]  ? kasan_check_write+0x14/0x20
[ 1562.914880][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1562.914893][ T8067]  dup_mm+0x9e/0x340
[ 1562.914907][ T8067]  copy_process+0x25ff/0x5c80
[ 1562.930669][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1562.930693][ T8067]  _do_fork+0x180/0x5f0
[ 1562.995276][ T8067]  ? dup_mm+0x340/0x340
[ 1562.999449][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1563.004823][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1563.010899][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1563.010911][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1563.010920][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1563.010929][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1563.010948][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1563.027757][ T8067]  do_syscall_64+0xfe/0x140
[ 1563.042552][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1563.048456][ T8067] RIP: 0033:0x457aea
[ 1563.052381][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1563.072261][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1563.080686][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1563.088775][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1563.096756][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1563.104743][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1563.112706][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1563.121566][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 52506
[ 1563.132630][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1563.140317][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1563.147242][ T8067] Memory cgroup stats for /syz0: cache:6532KB rss:101124KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101132KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1563.169389][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15901,uid=0
[ 1563.184905][ T8067] Memory cgroup out of memory: Killed process 15901 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1563.199800][ T1044] oom_reaper: reaped process 15901 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
[ 1563.225292][T15947] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1563.239482][T15947] CPU: 1 PID: 15947 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1563.247873][T15947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1563.258106][T15947] Call Trace:
[ 1563.261400][T15947]  dump_stack+0x1d8/0x2f8
[ 1563.265724][T15947]  dump_header+0xdb/0xf40
[ 1563.270050][T15947]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1563.275843][T15947]  ? ___ratelimit+0x447/0x5d0
[ 1563.280614][T15947]  oom_kill_process+0x1a0/0x490
[ 1563.285454][T15947]  out_of_memory+0x76e/0x9e0
[ 1563.290031][T15947]  ? unregister_oom_notifier+0x20/0x20
[ 1563.295474][T15947]  ? kasan_check_read+0x11/0x20
[ 1563.300308][T15947]  try_charge+0x12ba/0x1710
[ 1563.304813][T15947]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1563.310610][T15947]  ? rcu_lock_release+0x4/0x20
[ 1563.315533][T15947]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1563.321079][T15947]  ? memcg_kmem_put_cache+0x70/0x70
[ 1563.326282][T15947]  ? rcu_lock_release+0x15/0x20
[ 1563.331137][T15947]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1563.336809][T15947]  __memcg_kmem_charge+0x118/0x2f0
[ 1563.341936][T15947]  __alloc_pages_nodemask+0x377/0x790
[ 1563.347529][T15947]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1563.353068][T15947]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1563.358864][T15947]  ? copy_process+0x599/0x5c80
[ 1563.363616][T15947]  copy_process+0x613/0x5c80
[ 1563.368197][T15947]  ? psi_memstall_leave+0xf7/0x130
[ 1563.373617][T15947]  ? trace_lock_acquire+0x190/0x190
[ 1563.378805][T15947]  ? fork_idle+0x1b0/0x1b0
[ 1563.383210][T15947]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1563.388915][T15947]  ? trace_mm_vmscan_memcg_reclaim_end+0x213/0x250
[ 1563.395403][T15947]  ? try_to_free_mem_cgroup_pages+0x335/0x570
[ 1563.401463][T15947]  ? kasan_check_write+0x14/0x20
[ 1563.406387][T15947]  _do_fork+0x180/0x5f0
[ 1563.410530][T15947]  ? dup_mm+0x340/0x340
[ 1563.414681][T15947]  ? debug_smp_processor_id+0x1c/0x20
[ 1563.420179][T15947]  ? switch_fpu_return+0x10c/0x290
[ 1563.425309][T15947]  ? copy_init_fpstate_to_fpregs+0x150/0x150
[ 1563.431291][T15947]  ? css_put+0xfe/0x180
[ 1563.435448][T15947]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1563.440893][T15947]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1563.446703][T15947]  __x64_sys_clone+0xc1/0xd0
[ 1563.451283][T15947]  do_syscall_64+0xfe/0x140
[ 1563.455856][T15947]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1563.461731][T15947] RIP: 0033:0x45bee9
[ 1563.465607][T15947] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 1563.485301][T15947] RSP: 002b:00007ffff6b9e448 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1563.493696][T15947] RAX: ffffffffffffffda RBX: 00007f6872e5e700 RCX: 000000000045bee9
[ 1563.501672][T15947] RDX: 00007f6872e5e9d0 RSI: 00007f6872e5ddb0 RDI: 00000000003d0f00
[ 1563.509716][T15947] RBP: 00007ffff6b9e660 R08: 00007f6872e5e700 R09: 00007f6872e5e700
[ 1563.517671][T15947] R10: 00007f6872e5e9d0 R11: 0000000000000202 R12: 0000000000000000
[ 1563.525627][T15947] R13: 00007ffff6b9e4ff R14: 00007f6872e5e9c0 R15: 000000000075bf2c
[ 1563.534449][T15947] memory: usage 307016kB, limit 307200kB, failcnt 52543
[ 1563.541787][T15947] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1563.549352][T15947] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:48:40 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'}, 0x58)

15:48:40 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:40 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:40 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x0, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:40 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:40 executing program 5:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x20000, 0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000000c0)={{{@in=@broadcast, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@remote}, 0x0, @in6=@mcast1}}, &(0x7f00000001c0)=0xe8)
getresgid(&(0x7f0000000200)=<r2=>0x0, &(0x7f0000000240), &(0x7f0000000280))
fchownat(r0, &(0x7f0000000040)='./file0\x00', r1, r2, 0x1000)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f00000002c0)={{0x100000000, 0x7, 0x7, 0xffffffffffffffff, 0x918, 0x6}, 0x3, 0x0, 0x0, 0x0, 0x8, "82be3a68fa69a7bb71f7733ec6cccc61f41ab163c9df41bf5ef18a6c6d6f0c7fc134fb28543f80bc4cff60de54a9233f01f30087d9459f26b21b23a186f5eecb4f5fdbd9f6b15dc312d8beb149b3d63280b3a00eb121ed9036a742462a94bdfe8812a3cb3d27036d65f1c4e28f54b18f847d58d20773165797c1bf20f105b600"})
r3 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r3, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1563.556459][T15947] Memory cgroup stats for /syz0: cache:6528KB rss:101060KB rss_huge:0KB shmem:6524KB mapped_file:3228KB dirty:4KB writeback:0KB swap:0KB inactive_anon:6516KB active_anon:101068KB inactive_file:0KB active_file:4KB unevictable:0KB
[ 1563.578625][T15947] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6191,uid=0
[ 1563.594112][T15947] Memory cgroup out of memory: Killed process 6191 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1563.609134][ T1044] oom_reaper: reaped process 6191 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:40 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x0, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:40 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:40 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1a, &(0x7f00000001c0)={<r2=>0x0, 0xd4, "610b9c28b7e620dd0f2a9834115a9f160b954db378e1e9ad7ad9ad7d5128ee3dadbed2ca8fa9210641a2f431f43d4165a9bd1b8c98a64e5d337473ce6a2f10260f579ffc5e84473560d8ae9505041c454f4aa61c6876d320e4fda50d3537d8af6e11d1bc235182bc87490d5257c4fb8a3105705ad49fcb271b8bcbf6cc4955b51c5a3ab1adc256262f6b2136d01f513913293021f7db733b7bc13f657985ba6e33e00ad6f258a661d16984fa2e6d286256f61b43033933fa5335697820d62d402bfed6830a8804ec40884c2be6c333118b51ab92"}, &(0x7f00000002c0)=0xdc)
setsockopt$inet_sctp6_SCTP_AUTH_KEY(r1, 0x84, 0x17, &(0x7f0000000300)={r2, 0x40, 0x30, "0ec0f276948715554e061787e5072eda6cf7036213e58185fac8b2e91eea48b550b2095696d2caa8ce1b458476bed7cb"}, 0x38)

15:48:40 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:40 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:40 executing program 5:
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x4000, 0x0)
getsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
ioctl$TIOCLINUX5(r0, 0x541c, &(0x7f0000000040)={0x5, 0x2, 0x56, 0xffffffffffffff01, 0xaaae})
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000140)=r0, 0xaa)

15:48:40 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:40 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}, 0x58)

15:48:40 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x0, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:40 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:40 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1564.003928][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
15:48:41 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:41 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1564.068793][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1564.076627][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1564.086689][ T8067] Call Trace:
[ 1564.090035][ T8067]  dump_stack+0x1d8/0x2f8
[ 1564.094390][ T8067]  dump_header+0xdb/0xf40
[ 1564.098737][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1564.104587][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1564.109285][ T8067]  oom_kill_process+0x1a0/0x490
[ 1564.114139][ T8067]  out_of_memory+0x76e/0x9e0
[ 1564.114153][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1564.114165][ T8067]  ? kasan_check_read+0x11/0x20
[ 1564.114187][ T8067]  try_charge+0x12ba/0x1710
[ 1564.124275][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1564.139491][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1564.144273][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1564.144287][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1564.144302][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1564.159870][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
15:48:41 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:41 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1564.165604][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1564.171000][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1564.176385][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1564.181937][ T8067]  ? arch_stack_walk+0x98/0xe0
[ 1564.186740][ T8067]  ? kasan_check_write+0x14/0x20
[ 1564.191682][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1564.196725][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1564.201857][ T8067]  pte_alloc_one+0x1f/0x180
[ 1564.206375][ T8067]  __pte_alloc+0x20/0x2f0
[ 1564.210709][ T8067]  copy_page_range+0x23d5/0x2900
[ 1564.215658][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1564.220366][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1564.225612][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1564.230647][ T8067]  dup_mmap+0xa2d/0xe90
[ 1564.230668][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1564.230681][ T8067]  ? kasan_check_write+0x14/0x20
[ 1564.230691][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1564.230705][ T8067]  dup_mm+0x9e/0x340
[ 1564.239963][ T8067]  copy_process+0x25ff/0x5c80
[ 1564.239996][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1564.262120][ T8067]  _do_fork+0x180/0x5f0
15:48:41 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:41 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1564.266287][ T8067]  ? dup_mm+0x340/0x340
[ 1564.270459][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1564.275841][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1564.281924][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1564.287650][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1564.293292][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1564.298755][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1564.304490][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1564.309170][ T8067]  do_syscall_64+0xfe/0x140
[ 1564.313683][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1564.319574][ T8067] RIP: 0033:0x457aea
[ 1564.319589][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1564.343078][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1564.343090][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1564.343095][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
15:48:41 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000000))
ioctl$VIDIOC_S_FBUF(r0, 0x4030560b, &(0x7f0000000040)={0x34, 0x30, &(0x7f00000000c0)="14a93df90d5e3176e3bba90c34f7b1e272a7d7a3544cc1133533643cedcb1aedc2638b4f83fb67f67b89a8f8dd222da1095380a64a8af7edc76291ca0c754e352dd7a0812ab6b716143bdb513543e77fa3c0485d47d602a6263906f5be111439498ca7a27f0d0c6c7e27", {0x0, 0xfd2, 0x3e317d5f, 0x6, 0x4ac, 0xfe, 0x0, 0x9}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:41 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1564.343100][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1564.343106][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1564.343110][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1564.356690][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 52592
[ 1564.495379][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1564.514856][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1564.541331][ T8067] Memory cgroup stats for /syz0: cache:6536KB rss:101132KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101140KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1564.573154][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=15971,uid=0
[ 1564.590136][ T8067] Memory cgroup out of memory: Killed process 15971 (syz-executor.0) total-vm:72840kB, anon-rss:160kB, file-rss:35788kB, shmem-rss:4kB
[ 1564.605121][ T1044] oom_reaper: reaped process 15971 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
[ 1564.634293][T16035] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1564.646593][T16035] CPU: 0 PID: 16035 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1564.654498][T16035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1564.664562][T16035] Call Trace:
[ 1564.667874][T16035]  dump_stack+0x1d8/0x2f8
[ 1564.672205][T16035]  dump_header+0xdb/0xf40
[ 1564.676524][T16035]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1564.682319][T16035]  ? ___ratelimit+0x447/0x5d0
[ 1564.687019][T16035]  oom_kill_process+0x1a0/0x490
[ 1564.691869][T16035]  out_of_memory+0x76e/0x9e0
[ 1564.696442][T16035]  ? unregister_oom_notifier+0x20/0x20
[ 1564.701883][T16035]  ? kasan_check_read+0x11/0x20
[ 1564.706717][T16035]  try_charge+0x12ba/0x1710
[ 1564.711220][T16035]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1564.717031][T16035]  ? rcu_lock_release+0x4/0x20
[ 1564.722259][T16035]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1564.727802][T16035]  ? memcg_kmem_put_cache+0x70/0x70
[ 1564.733194][T16035]  ? rcu_lock_release+0x15/0x20
[ 1564.738034][T16035]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1564.743574][T16035]  __memcg_kmem_charge+0x118/0x2f0
[ 1564.748690][T16035]  __alloc_pages_nodemask+0x377/0x790
[ 1564.754058][T16035]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1564.759685][T16035]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1564.766360][T16035]  ? copy_process+0x599/0x5c80
[ 1564.771128][T16035]  copy_process+0x613/0x5c80
[ 1564.775719][T16035]  ? psi_memstall_leave+0xf7/0x130
[ 1564.780868][T16035]  ? trace_lock_acquire+0x190/0x190
[ 1564.786073][T16035]  ? fork_idle+0x1b0/0x1b0
[ 1564.790476][T16035]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1564.796267][T16035]  ? trace_mm_vmscan_memcg_reclaim_end+0x213/0x250
[ 1564.802750][T16035]  ? try_to_free_mem_cgroup_pages+0x335/0x570
[ 1564.808805][T16035]  ? kasan_check_write+0x14/0x20
[ 1564.813778][T16035]  ? check_preemption_disabled+0x47/0x280
[ 1564.819526][T16035]  _do_fork+0x180/0x5f0
[ 1564.823671][T16035]  ? dup_mm+0x340/0x340
[ 1564.827815][T16035]  ? switch_fpu_return+0x1ca/0x290
[ 1564.832960][T16035]  ? copy_init_fpstate_to_fpregs+0x150/0x150
[ 1564.838935][T16035]  ? css_put+0xfe/0x180
[ 1564.843085][T16035]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1564.848533][T16035]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1564.854445][T16035]  __x64_sys_clone+0xc1/0xd0
[ 1564.859039][T16035]  do_syscall_64+0xfe/0x140
[ 1564.863536][T16035]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1564.869508][T16035] RIP: 0033:0x45bee9
[ 1564.873478][T16035] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 1564.893066][T16035] RSP: 002b:00007ffff6b9e448 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1564.901462][T16035] RAX: ffffffffffffffda RBX: 00007f6872e5e700 RCX: 000000000045bee9
[ 1564.909427][T16035] RDX: 00007f6872e5e9d0 RSI: 00007f6872e5ddb0 RDI: 00000000003d0f00
[ 1564.917404][T16035] RBP: 00007ffff6b9e660 R08: 00007f6872e5e700 R09: 00007f6872e5e700
[ 1564.925365][T16035] R10: 00007f6872e5e9d0 R11: 0000000000000202 R12: 0000000000000000
[ 1564.933320][T16035] R13: 00007ffff6b9e4ff R14: 00007f6872e5e9c0 R15: 000000000075bf2c
[ 1564.941560][T16035] memory: usage 307016kB, limit 307200kB, failcnt 52631
[ 1564.948575][T16035] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1564.956084][T16035] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1564.963002][T16035] Memory cgroup stats for /syz0: cache:6528KB rss:101060KB rss_huge:0KB shmem:6524KB mapped_file:3228KB dirty:4KB writeback:0KB swap:0KB inactive_anon:6516KB active_anon:101028KB inactive_file:0KB active_file:0KB unevictable:0KB
15:48:41 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}, 0x58)

15:48:41 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x0, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:41 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:41 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0xb, @sliced={0x101, [0x4, 0x100000000, 0x80, 0x8000, 0xffff, 0x1, 0x6, 0x81, 0x9, 0x80, 0x1, 0x8001, 0x3f, 0x9, 0x1, 0x0, 0x4, 0x1, 0x10000, 0x0, 0x1d26, 0x9, 0x6, 0xb6f, 0x65a, 0x4, 0x5, 0x4, 0x3, 0x4, 0x6, 0xff00000000000000, 0x8, 0x4, 0x9, 0x80, 0xc0, 0x7fff, 0x6, 0x8, 0xffffffffffff0d1b, 0x9, 0x0, 0x1, 0x90e7, 0x4, 0x578d, 0x8000], 0x2}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0x7, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:41 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:41 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1564.985070][T16035] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6217,uid=0
[ 1565.000493][T16035] Memory cgroup out of memory: Killed process 6217 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1565.015175][ T1044] oom_reaper: reaped process 6217 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:42 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x0, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:42 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}, 0x58)

15:48:42 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = msgget$private(0x0, 0x400)
msgctl$IPC_STAT(r1, 0x2, &(0x7f00000000c0)=""/158)

15:48:42 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x0, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:42 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/rpc\x00')
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000040)={0x2, 0x4})
ioctl$TIOCGPTPEER(r0, 0x5441, 0x5)
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x0, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:42 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00'}, 0x58)

15:48:42 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x0, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:42 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x0, 0xc1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:42 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\f\x00'}, 0x58)

15:48:42 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}})

15:48:42 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:42 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = socket$xdp(0x2c, 0x3, 0x0)
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000000))

15:48:42 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:43 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}})

15:48:43 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:43 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\r\x00'}, 0x58)

15:48:43 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:43 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$sock_SIOCBRDELBR(r1, 0x89a1, &(0x7f00000000c0)='bcsh0\x00')

15:48:43 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:43 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}})

15:48:43 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:43 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:43 executing program 5:
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=<r0=>0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x0, 0x2)
fcntl$getown(r1, 0x9)
tkill(r0, 0x3c)
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r2, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
connect(r1, &(0x7f00000000c0)=@nl=@unspec, 0x80)

15:48:43 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:43 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}})

15:48:43 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0e\x00'}, 0x58)

15:48:43 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:43 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

15:48:43 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}})

15:48:43 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1566.652281][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1566.708946][ T8067] CPU: 0 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1566.716894][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1566.726950][ T8067] Call Trace:
[ 1566.730244][ T8067]  dump_stack+0x1d8/0x2f8
[ 1566.734579][ T8067]  dump_header+0xdb/0xf40
[ 1566.738920][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1566.744743][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1566.749433][ T8067]  oom_kill_process+0x1a0/0x490
[ 1566.754303][ T8067]  out_of_memory+0x76e/0x9e0
[ 1566.758899][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1566.764363][ T8067]  ? kasan_check_read+0x11/0x20
[ 1566.769219][ T8067]  try_charge+0x12ba/0x1710
[ 1566.773748][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1566.779572][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1566.784345][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1566.789892][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1566.795184][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1566.800030][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1566.805581][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1566.810708][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1566.816096][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1566.821640][ T8067]  ? stack_trace_save+0x111/0x1e0
[ 1566.821652][ T8067]  ? stack_trace_snprint+0x150/0x150
[ 1566.821665][ T8067]  ? __lock_acquire+0xcf7/0x1a40
[ 1566.821678][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1566.821692][ T8067]  get_zeroed_page+0x17/0x40
[ 1566.821702][ T8067]  __pud_alloc+0x37/0x210
[ 1566.821714][ T8067]  copy_page_range+0x25cb/0x2900
15:48:43 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
readv(r0, &(0x7f0000000800)=[{&(0x7f0000000340)=""/239, 0xef}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00505)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f00000002c0)=""/71, 0x47}, {0x0}, {0x0}, {0x0}], 0x4}, 0x2)
r4 = dup(r3)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r5, 0x0, 0xccf3, 0x0, 0x0, 0x800e0050e)
shutdown(r4, 0x0)
readv(r2, &(0x7f0000000540)=[{&(0x7f0000000100)=""/222, 0xde}], 0x1)
shutdown(r5, 0x0)
shutdown(r2, 0x0)

15:48:43 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}})

15:48:43 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:43 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1566.821725][ T8067]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1566.821748][ T8067]  ? trace_lock_acquire+0x190/0x190
[ 1566.821781][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1566.821792][ T8067]  ? __rb_insert_augmented+0x706/0x720
[ 1566.821807][ T8067]  ? kasan_check_write+0x14/0x20
[ 1566.856209][ T8067]  dup_mmap+0xa2d/0xe90
[ 1566.856230][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1566.856246][ T8067]  ? kasan_check_write+0x14/0x20
[ 1566.897423][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1566.901667][ T8067]  dup_mm+0x9e/0x340
[ 1566.901682][ T8067]  copy_process+0x25ff/0x5c80
[ 1566.901714][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1566.914684][ T8067]  _do_fork+0x180/0x5f0
[ 1566.918852][ T8067]  ? dup_mm+0x340/0x340
[ 1566.923020][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1566.923031][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1566.923046][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1566.923063][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1566.945976][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1566.951440][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1566.957164][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1566.961782][ T8067]  do_syscall_64+0xfe/0x140
[ 1566.966290][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1566.972177][ T8067] RIP: 0033:0x457aea
[ 1566.972189][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1566.972194][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
15:48:43 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:43 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
getsockopt$inet6_int(r1, 0x29, 0x37, 0x0, &(0x7f0000000040)=0xe8911674)
setsockopt$RDS_GET_MR(r1, 0x114, 0x2, &(0x7f0000000180)={{&(0x7f00000000c0)=""/156, 0x9c}, &(0x7f0000000000), 0x11}, 0x20)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:44 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1566.972203][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1566.972209][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1566.972215][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1566.972221][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1566.972226][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1567.034824][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 52673
[ 1567.091550][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1567.102747][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1567.115394][ T8067] Memory cgroup stats for /syz0: cache:6532KB rss:101124KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101132KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1567.139163][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6239,uid=0
[ 1567.160873][ T8067] Memory cgroup out of memory: Killed process 6239 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:44 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00'}, 0x58)

15:48:44 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:44 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}})

15:48:44 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000140)='/dev/video35\x00', 0x2, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000000)=<r1=>0x0)
ptrace$pokeuser(0x6, r1, 0x4, 0xffffffff)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:44 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:44 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
shutdown(0xffffffffffffffff, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r1, &(0x7f0000000040)=[{&(0x7f0000000000)=""/37, 0x25}], 0x1000000000000062)
r2 = dup(r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xccf3, 0x0, 0x0, 0x800e0050e)
shutdown(r2, 0x0)
recvmsg(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000980)=""/4096, 0x1000}, {0x0}, {0x0}, {0x0}], 0x4}, 0x0)
shutdown(r3, 0x0)
shutdown(r0, 0x0)

15:48:44 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}})

15:48:44 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:44 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x8, 0x200)
ioctl$KDSKBLED(r1, 0x4b65, 0x2)

15:48:44 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1567.354060][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1567.455352][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1567.463218][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1567.473549][ T8067] Call Trace:
[ 1567.476847][ T8067]  dump_stack+0x1d8/0x2f8
[ 1567.481195][ T8067]  dump_header+0xdb/0xf40
[ 1567.485553][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1567.491897][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1567.496586][ T8067]  oom_kill_process+0x1a0/0x490
[ 1567.501446][ T8067]  out_of_memory+0x76e/0x9e0
[ 1567.506074][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1567.511546][ T8067]  ? kasan_check_read+0x11/0x20
[ 1567.516583][ T8067]  try_charge+0x12ba/0x1710
[ 1567.521111][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1567.526942][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1567.531718][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1567.537357][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1567.542618][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1567.547470][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1567.553668][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1567.558796][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1567.564160][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1567.569690][ T8067]  ? arch_stack_walk+0x98/0xe0
[ 1567.574785][ T8067]  ? kasan_check_write+0x14/0x20
[ 1567.579723][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1567.584738][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1567.590011][ T8067]  pte_alloc_one+0x1f/0x180
[ 1567.595217][ T8067]  __pte_alloc+0x20/0x2f0
[ 1567.599570][ T8067]  copy_page_range+0x23d5/0x2900
[ 1567.604516][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1567.609201][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1567.614608][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1567.619755][ T8067]  dup_mmap+0xa2d/0xe90
[ 1567.623906][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1567.629023][ T8067]  ? kasan_check_write+0x14/0x20
[ 1567.634069][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1567.638297][ T8067]  dup_mm+0x9e/0x340
[ 1567.642190][ T8067]  copy_process+0x25ff/0x5c80
[ 1567.646905][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1567.651335][ T8067]  _do_fork+0x180/0x5f0
[ 1567.655490][ T8067]  ? dup_mm+0x340/0x340
[ 1567.659641][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1567.664993][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1567.671071][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1567.676783][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1567.682399][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1567.688391][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1567.694139][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1567.698741][ T8067]  do_syscall_64+0xfe/0x140
[ 1567.703255][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1567.718340][ T8067] RIP: 0033:0x457aea
[ 1567.723345][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1567.742940][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1567.751355][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1567.759315][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1567.767272][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1567.775232][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1567.783187][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
15:48:44 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:44 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000000740)=[{&(0x7f0000000000)=""/17, 0x11}], 0x1)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x26ba, 0x0, 0x0, 0x800e00517)
shutdown(r0, 0x0)
accept4(r1, 0x0, 0x0, 0x0)
recvfrom$inet(r1, 0x0, 0xfffffe75, 0x1004007e, 0x0, 0x800e0050e)
shutdown(r1, 0x0)

[ 1567.814515][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 52707
[ 1567.867290][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1567.889627][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1567.907639][ T8067] Memory cgroup stats for /syz0: cache:6536KB rss:101124KB rss_huge:0KB shmem:6532KB mapped_file:3232KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6524KB active_anon:101132KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1567.930369][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6257,uid=0
[ 1567.947635][ T8067] Memory cgroup out of memory: Killed process 6257 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1567.967831][ T1044] oom_reaper: reaped process 6257 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:44 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00'}, 0x58)

15:48:44 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa}})

15:48:44 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:44 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:44 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$VIDIOC_SUBDEV_ENUM_FRAME_INTERVAL(r0, 0xc040564b, &(0x7f0000000000)={0xfff, 0x0, 0x3008, 0x40, 0x3, {0x31, 0x7fff}})
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x440000, 0x0)

15:48:44 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000000740)=[{&(0x7f0000000000)=""/17, 0x11}], 0x1)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x26ba, 0x0, 0x0, 0x800e00517)
shutdown(r0, 0x0)
lseek(r0, 0x0, 0x0)
recvfrom$inet(r1, 0x0, 0xfffffe75, 0x1004007e, 0x0, 0x800e0050e)
shutdown(r1, 0x0)

15:48:45 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:45 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:45 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}})

15:48:45 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
socketpair$tipc(0x1e, 0x7, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612)

[ 1568.114695][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1568.198255][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1568.206116][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1568.216440][ T8067] Call Trace:
[ 1568.219742][ T8067]  dump_stack+0x1d8/0x2f8
[ 1568.224083][ T8067]  dump_header+0xdb/0xf40
[ 1568.228425][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1568.234361][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1568.239238][ T8067]  oom_kill_process+0x1a0/0x490
[ 1568.244196][ T8067]  out_of_memory+0x76e/0x9e0
[ 1568.248985][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1568.254456][ T8067]  ? kasan_check_read+0x11/0x20
[ 1568.259411][ T8067]  try_charge+0x12ba/0x1710
[ 1568.263951][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1568.269788][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1568.274567][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1568.280119][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1568.280133][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1568.280141][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1568.280152][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1568.280169][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1568.290221][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1568.311868][ T8067]  ? arch_stack_walk+0x98/0xe0
[ 1568.316658][ T8067]  ? kasan_check_write+0x14/0x20
[ 1568.321701][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1568.326913][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1568.332127][ T8067]  pte_alloc_one+0x1f/0x180
[ 1568.336649][ T8067]  __pte_alloc+0x20/0x2f0
[ 1568.340987][ T8067]  copy_page_range+0x23d5/0x2900
[ 1568.345936][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1568.350732][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1568.350746][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1568.350764][ T8067]  dup_mmap+0xa2d/0xe90
[ 1568.350782][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1568.350795][ T8067]  ? kasan_check_write+0x14/0x20
[ 1568.350805][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1568.350816][ T8067]  dup_mm+0x9e/0x340
[ 1568.350828][ T8067]  copy_process+0x25ff/0x5c80
[ 1568.350857][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1568.388761][ T8067]  _do_fork+0x180/0x5f0
[ 1568.388784][ T8067]  ? dup_mm+0x340/0x340
[ 1568.397665][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1568.397676][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1568.397688][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1568.397698][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1568.397720][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1568.397731][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1568.397745][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1568.397759][ T8067]  do_syscall_64+0xfe/0x140
[ 1568.447049][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1568.452954][ T8067] RIP: 0033:0x457aea
[ 1568.457138][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1568.476856][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1568.487198][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
15:48:45 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc}})

15:48:45 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
readv(r0, &(0x7f0000000800)=[{&(0x7f0000000340)=""/239, 0xef}, {0x0}, {0x0}, {0x0}, {0x0}], 0x5)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00505)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f00000002c0)=""/71, 0x47}, {0x0}, {0x0}, {0x0}], 0x4}, 0x2)
r4 = dup(r3)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r5, 0x0, 0xccf3, 0x0, 0x0, 0x800e0050e)
shutdown(r4, 0x0)
readv(r2, &(0x7f0000000540)=[{&(0x7f0000000100)=""/222, 0xde}, {0x0}], 0x2)
shutdown(r5, 0x0)
shutdown(r2, 0x0)

[ 1568.497368][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1568.506948][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1568.506963][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1568.526063][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1568.541758][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 52781
[ 1568.548919][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1568.556817][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1568.569609][ T8067] Memory cgroup stats for /syz0: cache:6532KB rss:101124KB rss_huge:0KB shmem:6528KB mapped_file:3228KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6520KB active_anon:101132KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1568.592184][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6306,uid=0
[ 1568.609411][ T8067] Memory cgroup out of memory: Killed process 6306 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1568.628370][ T1044] oom_reaper: reaped process 6306 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
[ 1568.632393][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1568.651534][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1568.659588][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1568.669635][ T8067] Call Trace:
[ 1568.672919][ T8067]  dump_stack+0x1d8/0x2f8
[ 1568.677796][ T8067]  dump_header+0xdb/0xf40
[ 1568.682503][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1568.688329][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1568.703803][ T8067]  oom_kill_process+0x1a0/0x490
[ 1568.708648][ T8067]  out_of_memory+0x76e/0x9e0
[ 1568.713269][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1568.718712][ T8067]  ? kasan_check_read+0x11/0x20
[ 1568.723572][ T8067]  try_charge+0x12ba/0x1710
[ 1568.728099][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1568.733901][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1568.738766][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1568.744303][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1568.749500][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1568.754355][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1568.759915][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1568.765014][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1568.770519][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1568.776402][ T8067]  ? arch_stack_walk+0x98/0xe0
[ 1568.781254][ T8067]  ? kasan_check_write+0x14/0x20
[ 1568.786263][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1568.791551][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1568.796746][ T8067]  pte_alloc_one+0x1f/0x180
[ 1568.801380][ T8067]  __pte_alloc+0x20/0x2f0
[ 1568.805818][ T8067]  copy_page_range+0x23d5/0x2900
[ 1568.810809][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1568.815490][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1568.821203][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1568.826260][ T8067]  dup_mmap+0xa2d/0xe90
[ 1568.830414][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1568.835523][ T8067]  ? kasan_check_write+0x14/0x20
[ 1568.840447][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1568.844785][ T8067]  dup_mm+0x9e/0x340
[ 1568.849398][ T8067]  copy_process+0x25ff/0x5c80
[ 1568.854217][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1568.858641][ T8067]  _do_fork+0x180/0x5f0
[ 1568.862784][ T8067]  ? dup_mm+0x340/0x340
[ 1568.866927][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1568.872301][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1568.878353][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1568.884075][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1568.889696][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1568.895153][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1568.900872][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1568.905452][ T8067]  do_syscall_64+0xfe/0x140
[ 1568.909945][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1568.915818][ T8067] RIP: 0033:0x457aea
[ 1568.919705][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1568.939558][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1568.947957][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1568.956222][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1568.964195][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1568.972222][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1568.980198][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1568.989315][ T8067] memory: usage 306904kB, limit 307200kB, failcnt 52790
[ 1568.996935][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1569.004502][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1569.004510][ T8067] Memory cgroup stats for /syz0: cache:6520KB rss:101008KB rss_huge:0KB shmem:6520KB mapped_file:3224KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6512KB active_anon:101016KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1569.004572][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6326,uid=0
15:48:45 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x12\x00'}, 0x58)

15:48:45 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd}})

15:48:45 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x0, 0x0)
setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f0000000100)={0x6c, @broadcast, 0x4e22, 0x3, 'nq\x00', 0x4, 0x458a, 0x1a}, 0x2c)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000000)={0x1, 0x0, {0xffff, 0xf1c, 0x201e, 0x0, 0x0, 0x0, 0x0, 0x1}})

15:48:45 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:45 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:45 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
readv(r0, &(0x7f0000000800)=[{&(0x7f0000000340)=""/239, 0xef}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00505)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001a00)=[{&(0x7f00000002c0)=""/71, 0x47}, {0x0}, {0x0}, {0x0}, {0x0}], 0x5}, 0x0)
r4 = dup(r3)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r5, 0x0, 0xccf3, 0x0, 0x0, 0x800e0050e)
shutdown(r4, 0x0)
readv(r2, &(0x7f0000000540)=[{&(0x7f0000000100)=""/222, 0xde}, {0x0}, {0x0}], 0x3)
shutdown(r5, 0x0)
shutdown(r2, 0x0)

[ 1569.004659][ T8067] Memory cgroup out of memory: Killed process 6326 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:46 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:46 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:46 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe}})

15:48:46 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000140)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x22002, 0x0)
getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000040)={<r2=>0x0, 0x3, 0x8000, 0x5}, &(0x7f0000000080)=0x10)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000180)={r2, @in6={{0xa, 0x4e23, 0x4800ab82, @ipv4={[], [], @local}, 0x2}}}, &(0x7f00000000c0)=0x84)

[ 1569.173160][T16377] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1569.190306][T16377] CPU: 0 PID: 16377 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1569.198226][T16377] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1569.208555][T16377] Call Trace:
[ 1569.211854][T16377]  dump_stack+0x1d8/0x2f8
[ 1569.216205][T16377]  dump_header+0xdb/0xf40
15:48:46 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10}})

[ 1569.220546][T16377]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1569.226361][T16377]  ? ___ratelimit+0x447/0x5d0
[ 1569.231061][T16377]  oom_kill_process+0x1a0/0x490
[ 1569.235921][T16377]  out_of_memory+0x76e/0x9e0
[ 1569.240607][T16377]  ? unregister_oom_notifier+0x20/0x20
[ 1569.246283][T16377]  ? kasan_check_read+0x11/0x20
[ 1569.251171][T16377]  try_charge+0x12ba/0x1710
[ 1569.256047][T16377]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1569.261877][T16377]  ? rcu_lock_release+0x4/0x20
[ 1569.266658][T16377]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1569.266673][T16377]  ? memcg_kmem_put_cache+0x70/0x70
[ 1569.266689][T16377]  ? rcu_lock_release+0x15/0x20
[ 1569.266699][T16377]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1569.266712][T16377]  __memcg_kmem_charge+0x118/0x2f0
[ 1569.266734][T16377]  __alloc_pages_nodemask+0x377/0x790
[ 1569.266749][T16377]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1569.308385][T16377]  ? rcu_read_lock_sched_held+0x127/0x1c0
15:48:46 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11}})

[ 1569.319362][T16377]  ? copy_process+0x599/0x5c80
[ 1569.319378][T16377]  copy_process+0x613/0x5c80
[ 1569.319415][T16377]  ? fork_idle+0x1b0/0x1b0
[ 1569.319437][T16377]  _do_fork+0x180/0x5f0
[ 1569.319452][T16377]  ? dup_mm+0x340/0x340
[ 1569.319466][T16377]  ? debug_smp_processor_id+0x1c/0x20
[ 1569.319475][T16377]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1569.319489][T16377]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1569.319506][T16377]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1569.344348][T16377]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1569.344362][T16377]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1569.344379][T16377]  __x64_sys_clone+0xc1/0xd0
[ 1569.344394][T16377]  do_syscall_64+0xfe/0x140
[ 1569.344411][T16377]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1569.344421][T16377] RIP: 0033:0x459519
[ 1569.344436][T16377] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1569.381210][T16377] RSP: 002b:00007f6872e3cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1569.381222][T16377] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459519
[ 1569.381228][T16377] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 04000000000003fe
[ 1569.381234][T16377] RBP: 000000000075bfc8 R08: ffffffffffffffff R09: 0000000000000000
[ 1569.381240][T16377] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e3d6d4
[ 1569.381245][T16377] R13: 00000000004bf97d R14: 00000000004d1358 R15: 00000000ffffffff
[ 1569.407440][T16377] memory: usage 307116kB, limit 307200kB, failcnt 52826
[ 1569.494620][T16377] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1569.519832][T16377] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1569.530603][T16377] Memory cgroup stats for /syz0: cache:6532KB rss:101112KB rss_huge:0KB shmem:6528KB mapped_file:3228KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6520KB active_anon:101120KB inactive_file:0KB active_file:4KB unevictable:0KB
[ 1569.557837][T16377] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6348,uid=0
[ 1569.635097][T16377] Memory cgroup out of memory: Killed process 6348 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:46 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00'}, 0x58)

15:48:46 executing program 5:
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)

15:48:46 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:46 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12}})

15:48:46 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:46 executing program 1:
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/rpc\x00')
ioctl$VHOST_SET_VRING_BASE(r0, 0x4008af12, &(0x7f0000000040)={0x2, 0x4})
ioctl$TIOCGPTPEER(r0, 0x5441, 0x5)
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:46 executing program 5:
syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x8, 0x40)
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:46 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:46 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:46 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25}})

15:48:46 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00'}, 0x58)

15:48:46 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

15:48:46 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c}})

15:48:46 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:46 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r0, 0xc0585605, &(0x7f0000000000)={0x1, 0x0, {0x9, 0x9, 0x0, 0x7, 0xa, 0x1, 0x1, 0x7}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0x40000, @pix={0x3, 0x9, 0x32315258, 0x6, 0x8, 0x4, 0xf, 0x3, 0x1, 0x7, 0x2, 0x7}})

15:48:46 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1570.064597][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
15:48:47 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:47 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7}})

15:48:47 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1570.170555][ T8067] CPU: 0 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1570.178771][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1570.189183][ T8067] Call Trace:
[ 1570.192480][ T8067]  dump_stack+0x1d8/0x2f8
[ 1570.197174][ T8067]  dump_header+0xdb/0xf40
[ 1570.201549][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1570.207796][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1570.207814][ T8067]  oom_kill_process+0x1a0/0x490
15:48:47 executing program 5:
r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x2, 0x40081)
accept$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f00000000c0)=0x14)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000140)={'vcan0\x00', r1})
add_key(&(0x7f0000000180)='asymmetric\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f00000006c0)="4b464b6417ef7600f90200198bf45bfc19e017ae62611b1b0ad0bb296b6ee16e44bf714e53d2f99691e60b69cf9117d39cb3438566fd02c12a52f55b9328384dca5b5ffb44aae5ade10872779ecb876f6115219027726359371723d3c9b6dea164cd5b3244f028f7f14d7a823a6f00db304457fdc83ddf4295ae9104122906acf7f8135fdeb82dca72ebf1670a82234e90ea699ee301f3d7715a364ca1698978232128114a92277f1015fd61c79aa9c5d83c5cc8308af4830ade69e57ada6996541d3f01637cde8bc3b52960aa6652f7b01cd238e030898c4101acba160727e1fcb537564ff74fb26fde29dfc06d9cb74e0027e769b6f7904ea777b5eca2fea9c3a47f5838c64cb13c20298f153c0a6c96ce761f512908c6d4f7440b75c6433fdd3287641c7f9bc6eccaf18633a82f5946e0a5fe789a91724a3b29e8cb2c9cfe5c9c434649c044b1af64f938eb7bc8ff44a577b7319d55ed41b8223287cb48d694707a4ed805daeaf481dd8c6aa3a8ca9fc9eea22b20af7d0ce9fcbe34d912488591c17ea33ff449a73955ac1b08538ac49db97297937c9a8aaff7314049ff06109b107a8b0d773dc7ef0ee20decd650ad75fc4c7cc1495dbe090c54a0d2ee89f41e6fca6a1ab35b6e03fad3f8f69f138743be3eb15c79bfe71aab02cb16b408f64cd50e80e9c677f2a77d859290d8f5cffa45983000728c607e612b84f69002fab68096a270a796a4fde4fd525d856910535896a4fc01223c30df766246a07c81aafb86d6796ebec5371a7641ee7616a12fd710d5bf9137dd8279c673587b410b46b42f0cb98d623dcf9a84379db421d5b4960c2d1e0308617d395f378b7414458f0a8ea7a89e4ff042d1ae27e3c761b7ab1fddb0f420e5bbb0aa48fb4c12ed891118427424b640641753cc4f4cadaefcc816277ca5001f9b9c94e9d453561ee62399fd1d7c415da2fc2796fdc7b9611c322c37ecee67af55ebc3d898ec8d3a1d09a7403ca4b93aab388c46c4a1ae1fce4c1b38084a5c490900080cfcffa2970b9ba29cf7df27ecabd982b585ef6445f25febb80f73c138d128f41eee1c08fb17f70b902a587f83a25ddf29c62dbc693f567eb02197f4b1740ee35fd8bbf3da865054bb128288c4d766908adcb53d509953e3dcb65f06b0c072f2307d69d072cbd986260824710015076139331010c942322d1ee50449dc0ab5848626354777c6540cced379d040298b0d4e9b41f70ae2bbaf5cb8b06e7347354d46746a23a5943e103c5c4cba0dafad37def12aa658cd2f1090dc0596017b8d001ef8ec4b094a3f0f5fe7c057b08395d480649d539ac35ddaca9b736a8215c52faf61469e4dd19681053dc7d95b3032782e7c41b62d030cabd261ec21c524a7f7c01fd6ea33b090cabe77fc9303825fac2315508a6634c50d3a307379b19ba30bc2fe85f575e103d976c687b18828e00b010bc46cb6711343875174b53d8caeb280fcb4b7b087af21e9cad5f263b56ee2db5578ce7b1d458e06188c4270df82695ca091be339d6e6163c57cd7f8583df785c0565ea06c1171b7277ab0d27e7733e530c3130a7fc2c9cf8f8d9aeedaefb2d6e3ac9e57ca1eeab1cbd49c0d70090170953bbe79b5de4185d6266e34aa61ab8e35ea80c5d46b4fe5fbee83988f2873aa376c6cb19e815e1c4a6a68d4d0161237bcac0d20bee14c3d7eebc9b82dbdf40c0cd9b1982aceec82723ac25bc4e674579329a855f9f17431f95eac950cdb7b737b8e2f403e1b4e1ff7182c86dd7773470dcc85e6fcc7b74664781b2fa0174880776c6f7089cdc32bb771d11caec3390889b8e612a70e3bc6652d360673ebb8a3ee98ff89bf1854802c0bae607618f47721aad486fca3e72934271efc63bd7bdfdaf70fda16c0e186e53f78ed496138ee4b05d7b092882771d686b5a8204c5ce6a1c951759778a19c0fa6fd522f5ea1f913ec2d5261fe73ea67833f0efcbd4f8b92d78625a71fdafc33539973740194de25d28c58cc98baf7e4dcd62fa69d9129f7065d4c9e5b91580a6dee999ff062a7ba4736aee3cc9f442094467389559c396c0323d374cbb01fb64f2bf2443a0c904d03e39354d92ba432e1ad0990122de8c1b6ce3c940a2dd17db46b5c4243ba6c9d21e7fc704eac2a258d19a814dd966b3358d6d0260c279f07bb289fc57597ad1dca0632ce64985f9e21f4e6e2de729b4f2705b8a92813788d3f896739eb1a34e5a5c602966aebb56c4ed1d3086dd9144e0bde8516c7625e26c82ba05b0fe0912f645e449f24fb12fa5ff0149054243673417bb9b36cfeedf8870fdd892b4e67ab0d7fc388dbfff310c5e48901e2de9dadca9db40183e83ebf59e6f47cde99a4036153a46a3626f28875c378f6dd5d3470e30629c62efb7f74bbd42f6c9d22527f56a6ca5d1012b9d2bb3f6d10d2d6936bcd52b570ac9c2ed2ba8220623c2c80e50a5beef25e7c7bf3535d9cfc45aba1cb0c7d9871955f01cba115586b3ca162d3427ca3a7e3f029bf014cfa85b6edf2d90ad2867ecf6bf7948e62e9be26145318417894b17249a68ad074565cba81a386cf633101bae70a99617db9cd563505c5f77dffa91d5a0cd63ad49643b45f95c314e5041ee48ae2cd99d4ae4b7cb5e6e1d3f2db4ccd0ec6d741f7cbb8a49058fd9fd5e8116350b284cb7b9fd7ca5dadee5a5323c7ee33631b2f8e82c841cf3c00aa973fdcdc5c2bfebf255ba2f559004881519957e9ac1c65dd554ab1f7bd739c133b6a644cbd0b3100630cda2ecca93a479499b1eda0d2062964f57bc984c31bd1cb3e42ffad2260d00e6fcbb1cbe97f9820b4b4e49703b211c97fdeb2c7be586b30030ecc5bb0ce8cc7d19d9024d07457644a312b8d44dda2d0bcf5fc669968308e1afe393bfa96ad9aecebe85da83a0fb8b6531e148c8bdb01eb3f5b5f81563b14ed5f629100f6b6c3b891694acfa76a63b70b2c5e19ec476b0eccfa3ef6bc94331109d6eed8c1419617d9fe21fdb6aa115553ca0eb070e741e88ce2e7e83fb7a318e7746c1681ffe1bd404f51ae2204d2a34ca9c2eed478b25e7d4a66acd5f412fc4bda67c1a2a597c76ee376b5e2c6ad2daac792c97acf932ec97b0aa70c27066761b947d3e4917eb05a9288edd8fa57db8f605eb76b2115f361fe6540eab5004806b0db985a1507ed21c9302fd09b95531a42f2bee7445a0f52aa4f79b41d4c22379c22565d9905455e7756cb20ac0f9a3a34bee3269205bdaefbc594b47a812b782cab0200b1d13d5a184ee6ef0ffaec2a11f20eb5d61baabfc17bc8768dc42963ef4ce6470efb64276bdc448cb22a074bdcdd84535352bffd3c0a15db2403d44d6a2d29bb029fd64a6d5c12383838dbf5f900add90d3c1ccdc6f0fa0789318f25bfc1a33ed3d1000ea135ff29b84c558b311bf7e7f6553d77c2f3d87d8635d35d33b45c4f51327fb4b24f2ba353f4bb19a6e73dfb773bda7cce783ac9c7cbcb1134aa60624e7edfaa7e61eb7bff02533570801f15dc5c3655eaea868daee2693fdf12e283e7c0ecbebeac549a3ed8c7373914f6c8e898cf2ff10631da68da7130766df17d0ca0fc05abab98fb05b7a40be4b88834b2e3b73d1cebf3df5b1674e6f740efe4899fdfec7ba4ffdb4914331818feb12c64a64c06dedb6ab8ba4d3debd73352dec345e75c8baafb609641780dfaf3fff7108ed916ef2a34afbcb538d3a68cac111a24f050220c7f6d406e3400dbae0bcb8bbe95d2b007c543c752361430f4965b73fa27042a6e2a09bf3f84ad394b4d7e3fbe105b6e228c3b3ea5acb71c3111adaaaee6a6c1919b42e03d4000bc4da1a3ba5ffe7af3a90bc0d764fd92077ea87f928f14d89dcb2fe5da1d1f9520e41b47a4360ac19266a1a31f17e9c8a186011ef6999d86a6990d8a5f512f1301cee75b35453e36246a8249ac3a24a29efab79b5fb007b3a6a6e8f887958439c23fe8c0113b69770f53b8bf026c185e53b79c19b2633d49c60ac4ee3637a6d445afab11f97d00de51bb8fb5dc921ae3f3b159c73352c816370eac054d0e677fde951a9738d39791ac055e18adb9781530505198fd56ec506cbb4ae1bf56ef6d928ab23f16d8d3ec15b6c1f9ef6be760acddaebc9dc918ad2197f6d43eb47d48073fa96c761ebae97ff3e4b7cee9a374fa1f925c7aa3e67b38b2ae3e6646f08895a18565006aac22b1d76dc045b58aab2ee609a34390aa6cd705e244f8b259f792b557b6bcae5cdac998d2b8166a42de57c422ef18a545abf7929059f074a31be4996df8743410607a7e1793bf32af63c75d1d398db4f9f086500ed53d6854cb89dcf62ed63a2cd52be070b0c452a7b9e423a2363ef0e5e7d9fbcfb7c156a189de72cc7876e9b828344c9772d09f7686e7273293d2e63bbe8ba655cd8ea4c954f8ea79415f0382b91d69e914e0be3fdeedcf13273734d8433d440064cf51c45dcdb884037cb494093c5f9aa6f7333de7ad816f3cdef6c44e9115920b0d2284005f5d091363e9cff7898b4fb1227ba0557b5a1d6db25d7b45947b537bf947f69d68f916a2ea54b9d6a66c626af39e19971441b29f89f1bace2f3044ad2e7ab6655939b29461d8635b739c49aa962fc78aeb2910cab0e4b28749f3a191f89a177b29a54262ad2900b3cd83cecffe9c2cc04cf54618a65bdbd1f215c1f8d000336cb16801d8998c2eec9a9210e5393bfa5c49315c88bdea13caa05ac64bcde3e8c89eff6a476c49b2784e7a9feecfab1f430fe091c31114705fc241d7f6c400b27854ce8367d8101d5f290def0208b346684eaf85d9f266b6285f066170aa65f7021dd5902562a1ace897f50403d0e8af171469d13767bafe5a13004ed0de9e088296599369b9ded5160a20cb6e9d280678b1b8243c652b00070535919dc08afa7feb96f1564049ef274bf2930034715c26edb99214f9d7a52691f04d22c1e30cab22c780c9785dddd085f12a341916da624308f64f5e7a8684f26a71875f1477cec9959586e86bcd327a2eab707a9b0f129bbc01bd0594a439667cc23415ef25c161d15a4782527d8ca85fd507ae5bab6152ba0c446943f905f27cd6089893328d11a0e718361ac5dc627213dcb510c23f8cc1ee83ecb1f4a90aded38f6372c603dc7dd805f72274eaded9d5972973647ad67208111cd201a3af37e22c6a5d7ecf4545dd5c131f3be109cfb626c3521edb25c00bce16488885e366acc65971718d8ae1e2482120e332a7aa721e705524efaac9ec6550f59c60bc5fee5912677cfe622bfa843fe8e41d70ee4a725b0068e74efebd298b198d2c6c4b576352f8cf29df72bc0ec88de0e1862c964555fecab92d92035fbf3cac6ee617fd38569d163ac04c1b59392d710f10421b9302ff69f328e70248e464b061adceaaa4b87139770bb25feb11be6a4aa5c9e7b5d32f873a031471e4383d21adbded0d048164c1059a054f6e1ccc9e6ca23b266d385f1e1eb6226b98fce9a10fd004040c77cc8cece4cf239caced65c22dd8aed12c8f3213f922957e60d2f366ff9fd2a6975cdf16e3d74aa19e4bbe9c36c01d1c6765b9c701a1cd9b4726e9db3ccf1a8409ab1abcdb90077817c8c0d6ff83557b7278b5816e1ba5f45c917fa5747ea1361f22cd78be2d31c5766d55c66dab62f70c59d0cbade804eceaf5114424d25ff5d7530286bdde2420ca37012422704f274b0210e393b0aa24c8c6e8f3e1d4fd74e45e806113c0fbbd3d9453b68fb1869a605c16c7f3e589818539357745a2dfdc1dfd7e54891a3d4391d48bfc5441cfde161498", 0x1000, 0xfffffffffffffffd)
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r2, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
write$selinux_attr(r0, &(0x7f0000000100)='system_u:object_r:net_conf_t:s0\x00', 0x20)

[ 1570.207826][ T8067]  out_of_memory+0x76e/0x9e0
[ 1570.207838][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1570.207856][ T8067]  ? kasan_check_read+0x11/0x20
[ 1570.217494][ T8067]  try_charge+0x12ba/0x1710
[ 1570.237321][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1570.243699][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1570.248753][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1570.254397][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1570.254411][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1570.254420][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1570.254432][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1570.254450][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1570.283022][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1570.283036][ T8067]  ? arch_stack_walk+0x98/0xe0
[ 1570.283055][ T8067]  ? kasan_check_write+0x14/0x20
[ 1570.283065][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1570.283081][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1570.309288][ T8067]  pte_alloc_one+0x1f/0x180
[ 1570.313801][ T8067]  __pte_alloc+0x20/0x2f0
15:48:47 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

15:48:47 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000340)='/dev/video35\x00', 0x2, 0x0)
r1 = accept4(0xffffffffffffff9c, &(0x7f0000000000)=@x25={0x9, @remote}, &(0x7f00000000c0)=0x80, 0x80800)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00')
r3 = syz_open_dev$mice(&(0x7f00000002c0)='/dev/input/mice\x00', 0x0, 0xa8000)
ioctl$UFFDIO_ZEROPAGE(r3, 0xc020aa04, &(0x7f0000000300)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}, 0x1})
r4 = request_key(&(0x7f0000000180)='keyring\x00', &(0x7f0000000380)={'syz', 0x1}, &(0x7f00000003c0)='security.evm\x00', 0xfffffffffffffffe)
keyctl$describe(0x6, r4, &(0x7f0000000480), 0x0)
sendmsg$TIPC_CMD_SET_LINK_PRI(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="3000da534744c85c1ff50f167d993502dd5b78f2ed0000", @ANYRES16=r2, @ANYBLOB="010029bd7000fedbdf25010000000000000008410000001400188000000169623a767863616e31000000"], 0x30}}, 0x80)
ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000080)={{&(0x7f0000ffc000/0x4000)=nil, 0x4000}, 0x1})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
fsetxattr$security_evm(r1, &(0x7f0000000240)='security.evm\x00', &(0x7f0000000280)=@md5={0x1, "04b50d034c4e4facd095cbeba67dca13"}, 0x11, 0x0)

[ 1570.318575][ T8067]  copy_page_range+0x23d5/0x2900
[ 1570.323560][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1570.328264][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1570.333559][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1570.338596][ T8067]  dup_mmap+0xa2d/0xe90
[ 1570.342774][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1570.347900][ T8067]  ? kasan_check_write+0x14/0x20
[ 1570.353284][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1570.357627][ T8067]  dup_mm+0x9e/0x340
[ 1570.357641][ T8067]  copy_process+0x25ff/0x5c80
[ 1570.357672][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1570.357693][ T8067]  _do_fork+0x180/0x5f0
[ 1570.357721][ T8067]  ? dup_mm+0x340/0x340
[ 1570.375095][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1570.375108][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1570.375122][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1570.375137][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1570.402059][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1570.407706][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1570.413533][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1570.418138][ T8067]  do_syscall_64+0xfe/0x140
[ 1570.423483][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1570.429383][ T8067] RIP: 0033:0x457aea
[ 1570.433370][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1570.453157][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1570.461771][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1570.469840][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1570.477836][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1570.485840][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1570.493827][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1570.548359][ T8067] memory: usage 307176kB, limit 307200kB, failcnt 52862
[ 1570.556296][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1570.569792][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1570.579791][ T8067] Memory cgroup stats for /syz0: cache:6532KB rss:101124KB rss_huge:0KB shmem:6528KB mapped_file:3228KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6520KB active_anon:101132KB inactive_file:0KB active_file:4KB unevictable:0KB
[ 1570.617388][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=16375,uid=0
[ 1570.636573][ T8067] Memory cgroup out of memory: Killed process 16375 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1570.651748][ T1044] oom_reaper: reaped process 16375 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:48:47 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x80\x00'}, 0x58)

15:48:47 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:47 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:47 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300}})

15:48:47 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

15:48:47 executing program 5:
r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x6, 0x0)
ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f00000000c0)={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1d}}, {0x6, @dev={[], 0x16}}, 0x2, {0x2, 0x4e24, @multicast2}, 'yam0\x00'})
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:47 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500}})

15:48:47 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:47 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1570.819960][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1570.845639][ T8067] CPU: 0 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1570.853657][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1570.863719][ T8067] Call Trace:
[ 1570.867106][ T8067]  dump_stack+0x1d8/0x2f8
[ 1570.871443][ T8067]  dump_header+0xdb/0xf40
[ 1570.875788][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1570.881679][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1570.881697][ T8067]  oom_kill_process+0x1a0/0x490
[ 1570.881710][ T8067]  out_of_memory+0x76e/0x9e0
[ 1570.881721][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1570.881741][ T8067]  ? kasan_check_read+0x11/0x20
[ 1570.881755][ T8067]  try_charge+0x12ba/0x1710
[ 1570.881784][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1570.881805][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1570.921382][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1570.921398][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1570.921413][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1570.921429][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1570.932153][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1570.932169][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1570.932185][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1570.932204][ T8067]  ? check_preemption_disabled+0x47/0x280
[ 1570.932216][ T8067]  ? kasan_check_write+0x14/0x20
15:48:47 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

[ 1570.932231][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1570.974326][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1570.979459][ T8067]  pte_alloc_one+0x1f/0x180
[ 1570.983974][ T8067]  __pte_alloc+0x20/0x2f0
[ 1570.988309][ T8067]  copy_page_range+0x23d5/0x2900
[ 1570.993262][ T8067]  ? finish_lock_switch+0x31/0x40
[ 1570.998320][ T8067]  ? retint_kernel+0x2b/0x2b
[ 1571.002931][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1571.008131][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1571.013154][ T8067]  dup_mmap+0xa2d/0xe90
15:48:47 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1571.017322][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1571.022435][ T8067]  ? kasan_check_write+0x14/0x20
[ 1571.027370][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1571.031618][ T8067]  dup_mm+0x9e/0x340
[ 1571.035515][ T8067]  copy_process+0x25ff/0x5c80
[ 1571.040203][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1571.040231][ T8067]  _do_fork+0x180/0x5f0
[ 1571.040247][ T8067]  ? dup_mm+0x340/0x340
[ 1571.040261][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1571.040271][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1571.040285][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1571.040294][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1571.040302][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1571.040313][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1571.040326][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1571.091568][ T8067]  do_syscall_64+0xfe/0x140
[ 1571.096078][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1571.102015][ T8067] RIP: 0033:0x457aea
15:48:48 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1571.105916][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1571.125636][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1571.134087][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1571.142063][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1571.150040][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1571.158019][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1571.165997][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1571.196890][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 52928
[ 1571.218492][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1571.225976][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1571.225986][ T8067] Memory cgroup stats for /syz0: cache:6528KB rss:101132KB rss_huge:0KB shmem:6528KB mapped_file:3228KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6520KB active_anon:101140KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1571.294981][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=16485,uid=0
[ 1571.310610][ T8067] Memory cgroup out of memory: Killed process 16485 (syz-executor.0) total-vm:72840kB, anon-rss:160kB, file-rss:35784kB, shmem-rss:4kB
[ 1571.325643][ T1044] oom_reaper: reaped process 16485 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:48 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'}, 0x58)

15:48:48 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_G_STD(r0, 0x80085617, &(0x7f0000000000)=<r1=>0x0)
ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f0000000040)=r1)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x4000, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000100)={<r3=>0xffffffffffffffff}, 0x106, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r2, &(0x7f0000000180)={0x15, 0x110, 0xfa00, {r3, 0x8, 0x0, 0x0, 0x0, @in={0x2, 0x4e23, @local}, @in={0x2, 0x4e20, @broadcast}}}, 0x118)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:48 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

15:48:48 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:48 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600}})

15:48:48 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:48 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:48 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:48 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1571.463152][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
15:48:48 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700}})

[ 1571.517399][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1571.525233][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1571.525244][ T8067] Call Trace:
[ 1571.538617][ T8067]  dump_stack+0x1d8/0x2f8
[ 1571.542960][ T8067]  dump_header+0xdb/0xf40
[ 1571.547304][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1571.553128][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1571.557822][ T8067]  oom_kill_process+0x1a0/0x490
[ 1571.562686][ T8067]  out_of_memory+0x76e/0x9e0
15:48:48 executing program 5:
r0 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2)
ioctl$BLKSECDISCARD(r0, 0x127d, &(0x7f0000000040)=0x3)
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioperm(0xb, 0x7, 0xff)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1571.567297][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1571.572773][ T8067]  ? kasan_check_read+0x11/0x20
[ 1571.577645][ T8067]  try_charge+0x12ba/0x1710
[ 1571.582166][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1571.582190][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1571.592765][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1571.598415][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1571.603652][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1571.608510][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
15:48:48 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1571.614070][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1571.619200][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1571.624593][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1571.630173][ T8067]  ? stack_trace_save+0x111/0x1e0
[ 1571.635214][ T8067]  ? stack_trace_snprint+0x150/0x150
[ 1571.640525][ T8067]  ? __lock_acquire+0xcf7/0x1a40
[ 1571.645563][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1571.650692][ T8067]  get_zeroed_page+0x17/0x40
[ 1571.655388][ T8067]  __pud_alloc+0x37/0x210
[ 1571.659772][ T8067]  copy_page_range+0x25cb/0x2900
[ 1571.664990][ T8067]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1571.671109][ T8067]  ? trace_lock_acquire+0x190/0x190
[ 1571.676350][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1571.681698][ T8067]  ? __rb_insert_augmented+0x706/0x720
[ 1571.687204][ T8067]  ? kasan_check_write+0x14/0x20
[ 1571.692222][ T8067]  dup_mmap+0xa2d/0xe90
[ 1571.692250][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1571.692264][ T8067]  ? kasan_check_write+0x14/0x20
[ 1571.692280][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1571.701823][ T8067]  dup_mm+0x9e/0x340
[ 1571.701837][ T8067]  copy_process+0x25ff/0x5c80
[ 1571.701868][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1571.701890][ T8067]  _do_fork+0x180/0x5f0
[ 1571.701912][ T8067]  ? dup_mm+0x340/0x340
[ 1571.733723][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1571.739193][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1571.745286][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1571.751116][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1571.756878][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1571.762352][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1571.768097][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1571.772709][ T8067]  do_syscall_64+0xfe/0x140
[ 1571.777239][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1571.783482][ T8067] RIP: 0033:0x457aea
[ 1571.787377][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1571.787383][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1571.787392][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1571.787398][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1571.787403][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1571.787409][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1571.787415][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1571.858398][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 52969
[ 1571.877489][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1571.887619][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1571.894497][ T8067] Memory cgroup stats for /syz0: cache:6532KB rss:101112KB rss_huge:0KB shmem:6524KB mapped_file:3224KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6516KB active_anon:101120KB inactive_file:8KB active_file:0KB unevictable:0KB
[ 1571.921070][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6449,uid=0
[ 1571.937786][ T8067] Memory cgroup out of memory: Killed process 6449 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:48 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00'}, 0x58)

15:48:48 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900}})

15:48:48 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
syz_mount_image$nfs4(&(0x7f0000000000)='nfs4\x00', &(0x7f0000000040)='./file0\x00', 0x8, 0x3, &(0x7f0000000380)=[{&(0x7f00000001c0)="4e5d36cc32931026ee51f0acef8474fb2788bc91b1dc3a5e3054eb77d6a413d91f", 0x21, 0x1000}, {&(0x7f0000000200)="9374b6d65745633cf82bb0da9e1d7fffa21c352e4638eb37c0a9f9c174a258d52e92be24666a3c5a55c72624c0241c331b7ed41aa9a08d33e9cdaf744be5559b86238824e139abd35d4371f2c1e5aa662168889fb134add2ef34359019ad1bef5d8702c10488ebea30d129cdb6b6393ef48bcecf69d078def36ccd90e4eb92ccc88e9428d034b61692a2bebb9c1685897ed13c8b21faa115974434b9e2582e1294d20958758a5d551f21a7d231be31aeb6a03c7543b32912d2b820d277d9f545a197bb324edc7ca980f2b672b42e93c8be", 0xd1, 0x2a53}, {&(0x7f0000000300)="61bbedb239f9b2766f1a72bc6c76564523a8a6fba94c728c3d7c9b8a433506c9cf0d0738b5e2522a638e879a2efb0c037d8a574b7d0bdbc6d6b58886a48ffea1fe86e75228e72eaa", 0x48, 0x16d}], 0x20401, &(0x7f0000000400)='\x00')
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0x4, @sliced={0x6, [0x1, 0x7fff, 0x1, 0x5, 0xfffffffffffff801, 0x5, 0x3, 0x1, 0x7b, 0x0, 0x5, 0x10000, 0x3, 0x87, 0x3, 0x0, 0x4a3, 0x4, 0x80000000, 0x7fff, 0x2, 0x591d00c9, 0x2, 0x491a, 0x7, 0x7, 0x4, 0x0, 0xffffffffffffffe1, 0xfffffffffffffa48, 0x1f, 0x5, 0x80000000, 0x8, 0x8, 0x7, 0x5, 0x5, 0x1, 0xffffffffffffffff, 0x3, 0x1, 0x6, 0x100, 0x2, 0x4, 0x4, 0x2], 0x7}})

15:48:48 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:48 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

15:48:48 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:48 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:49 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00}})

15:48:49 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:49 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:49 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

[ 1572.203337][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1572.234082][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1572.241936][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
15:48:49 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
fsetxattr$security_smack_transmute(r0, &(0x7f0000000040)='security.SMACK64TRANSMUTE\x00', &(0x7f00000000c0)='TRUE', 0xfffffffffffffd76, 0x2)
ioctl$VIDIOC_G_CTRL(r0, 0xc008561b, &(0x7f0000000140)={0x7, 0x3})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x42, 0x0)
ioctl$TCSETAW(r1, 0x5407, &(0x7f0000000100)={0x40, 0x6, 0xfffffffffffffffc, 0x6, 0x1b, 0x7, 0x8, 0x2, 0x7, 0x7})

[ 1572.241948][ T8067] Call Trace:
[ 1572.255391][ T8067]  dump_stack+0x1d8/0x2f8
[ 1572.259731][ T8067]  dump_header+0xdb/0xf40
[ 1572.264069][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1572.269882][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1572.274577][ T8067]  oom_kill_process+0x1a0/0x490
[ 1572.279442][ T8067]  out_of_memory+0x76e/0x9e0
[ 1572.284046][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1572.289505][ T8067]  ? kasan_check_read+0x11/0x20
[ 1572.289522][ T8067]  try_charge+0x12ba/0x1710
[ 1572.289553][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1572.289576][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1572.289592][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1572.309592][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1572.309609][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1572.309617][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1572.309628][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1572.309643][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1572.309658][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1572.331298][ T8067]  ? stack_trace_save+0x111/0x1e0
[ 1572.331311][ T8067]  ? stack_trace_snprint+0x150/0x150
[ 1572.331325][ T8067]  ? __lock_acquire+0xcf7/0x1a40
[ 1572.331339][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1572.331353][ T8067]  get_zeroed_page+0x17/0x40
[ 1572.331370][ T8067]  __pud_alloc+0x37/0x210
[ 1572.347366][ T8067]  copy_page_range+0x25cb/0x2900
[ 1572.347380][ T8067]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1572.347397][ T8067]  ? trace_lock_acquire+0x190/0x190
[ 1572.347428][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1572.362748][ T8067]  ? __rb_insert_augmented+0x706/0x720
[ 1572.362760][ T8067]  ? kasan_check_write+0x14/0x20
[ 1572.362780][ T8067]  dup_mmap+0xa2d/0xe90
[ 1572.387806][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1572.387822][ T8067]  ? kasan_check_write+0x14/0x20
[ 1572.387832][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1572.387844][ T8067]  dup_mm+0x9e/0x340
[ 1572.387857][ T8067]  copy_process+0x25ff/0x5c80
[ 1572.387887][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1572.403710][ T8067]  _do_fork+0x180/0x5f0
[ 1572.403729][ T8067]  ? dup_mm+0x340/0x340
[ 1572.403744][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1572.403759][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1572.417922][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1572.417935][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1572.417945][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1572.417956][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1572.417971][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1572.417984][ T8067]  do_syscall_64+0xfe/0x140
[ 1572.418001][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1572.427151][ T8067] RIP: 0033:0x457aea
[ 1572.427162][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1572.427168][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1572.427178][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1572.427185][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1572.427191][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1572.427197][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1572.427202][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1572.570602][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 52984
[ 1572.587535][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1572.595029][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1572.604809][ T8067] Memory cgroup stats for /syz0: cache:6532KB rss:101112KB rss_huge:0KB shmem:6524KB mapped_file:3224KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6516KB active_anon:101120KB inactive_file:4KB active_file:4KB unevictable:0KB
[ 1572.657496][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6471,uid=0
[ 1572.676692][ T8067] Memory cgroup out of memory: Killed process 6471 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1572.693070][ T1044] oom_reaper: reaped process 6471 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:49 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00'}, 0x58)

15:48:49 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00}})

15:48:49 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:49 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_S_MODULATOR(r0, 0x40445637, &(0x7f0000000000)={0x100, "17f1ab406d37c49e89e016f02aed6e092749742afe9b2bf61101339c493b4273", 0x20, 0x8001, 0x80000001, 0x8, 0x2})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:49 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
getpgid(0x0)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

15:48:49 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:49 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:49 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:49 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, 0x0, &(0x7f0000000000))

15:48:49 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00}})

15:48:49 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:49 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1572.919856][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1572.997994][ T8067] CPU: 0 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1573.005914][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1573.016067][ T8067] Call Trace:
[ 1573.019376][ T8067]  dump_stack+0x1d8/0x2f8
[ 1573.023722][ T8067]  dump_header+0xdb/0xf40
[ 1573.028087][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1573.033936][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1573.038641][ T8067]  oom_kill_process+0x1a0/0x490
[ 1573.043526][ T8067]  out_of_memory+0x76e/0x9e0
[ 1573.048135][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1573.053699][ T8067]  ? kasan_check_read+0x11/0x20
[ 1573.058568][ T8067]  try_charge+0x12ba/0x1710
[ 1573.063103][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1573.068937][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1573.073709][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1573.079268][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1573.084480][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1573.089335][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1573.094890][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1573.100017][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1573.105418][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1573.110983][ T8067]  ? kasan_check_write+0x14/0x20
[ 1573.115920][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1573.120954][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1573.126083][ T8067]  pte_alloc_one+0x1f/0x180
[ 1573.130607][ T8067]  __pte_alloc+0x20/0x2f0
[ 1573.134942][ T8067]  copy_page_range+0x23d5/0x2900
[ 1573.139881][ T8067]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1573.145958][ T8067]  ? trace_lock_acquire+0x190/0x190
[ 1573.151189][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1573.156388][ T8067]  ? kasan_check_write+0x14/0x20
[ 1573.161338][ T8067]  dup_mmap+0xa2d/0xe90
[ 1573.165507][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1573.170623][ T8067]  ? kasan_check_write+0x14/0x20
[ 1573.175575][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1573.179826][ T8067]  dup_mm+0x9e/0x340
[ 1573.183722][ T8067]  copy_process+0x25ff/0x5c80
[ 1573.188434][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1573.192863][ T8067]  _do_fork+0x180/0x5f0
[ 1573.197060][ T8067]  ? dup_mm+0x340/0x340
[ 1573.201221][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1573.206594][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1573.212673][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1573.218664][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1573.218675][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1573.218685][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1573.218699][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1573.218711][ T8067]  do_syscall_64+0xfe/0x140
[ 1573.218733][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1573.218742][ T8067] RIP: 0033:0x457aea
[ 1573.218753][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1573.218758][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1573.218768][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1573.218774][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1573.218780][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1573.218786][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1573.218792][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1573.226912][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 53026
[ 1573.330588][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1573.338505][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1573.345364][ T8067] Memory cgroup stats for /syz0: cache:6520KB rss:101112KB rss_huge:0KB shmem:6520KB mapped_file:3220KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6512KB active_anon:101120KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1573.368102][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6493,uid=0
[ 1573.383587][ T8067] Memory cgroup out of memory: Killed process 6493 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:50 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00'}, 0x58)

15:48:50 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
getpgid(0x0)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

15:48:50 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:50 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:50 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00}})

15:48:50 executing program 5:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000100)='/dev/audio\x00', 0x41, 0x0)
ioctl$KVM_DEASSIGN_PCI_DEVICE(r0, 0x4040ae72, &(0x7f0000000140)={0x82, 0x9, 0x637a, 0x6, 0x5})
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
setxattr$security_smack_transmute(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.SMACK64TRANSMUTE\x00', &(0x7f00000000c0)='TRUE', 0x4, 0x1)

[ 1573.398645][ T1044] oom_reaper: reaped process 6493 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:50 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00}})

15:48:50 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @sdr={0x38414761, 0x3}})

15:48:50 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
getpgid(0x0)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, 0x0, 0x0)
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)

15:48:50 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:50 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:50 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00'}, 0x58)

15:48:50 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:50 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
fcntl$setpipe(r0, 0x407, 0x3)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:50 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:50 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100}})

[ 1573.801574][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
15:48:50 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r1 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r1, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
getpgid(0x0)
r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, 0x0, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})

[ 1573.847277][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1573.856827][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1573.866891][ T8067] Call Trace:
[ 1573.870192][ T8067]  dump_stack+0x1d8/0x2f8
[ 1573.874631][ T8067]  dump_header+0xdb/0xf40
[ 1573.878972][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1573.884873][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1573.889570][ T8067]  oom_kill_process+0x1a0/0x490
15:48:50 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1573.894695][ T8067]  out_of_memory+0x76e/0x9e0
[ 1573.899301][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1573.905294][ T8067]  ? kasan_check_read+0x11/0x20
[ 1573.910162][ T8067]  try_charge+0x12ba/0x1710
[ 1573.914781][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1573.921241][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1573.926211][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1573.932044][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1573.937285][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1573.942153][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
15:48:50 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
getpgid(0x0)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)
r4 = add_key$keyring(&(0x7f0000000780)='keyring\x00', &(0x7f0000000800)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
request_key(&(0x7f0000000640)='cifs.idmap\x00', &(0x7f0000000680)={'syz'}, 0x0, r4)
add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000740)={'syz', 0x3}, 0x0, 0x0, r4)

[ 1573.947711][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1573.953304][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1573.958729][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1573.964410][ T8067]  ? kasan_check_write+0x14/0x20
[ 1573.969358][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1573.974399][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1573.979610][ T8067]  pte_alloc_one+0x1f/0x180
[ 1573.984231][ T8067]  __pte_alloc+0x20/0x2f0
[ 1573.988583][ T8067]  copy_page_range+0x23d5/0x2900
15:48:50 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1573.993544][ T8067]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1573.999633][ T8067]  ? trace_lock_acquire+0x190/0x190
[ 1574.004959][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1574.010187][ T8067]  ? kasan_check_write+0x14/0x20
[ 1574.015159][ T8067]  dup_mmap+0xa2d/0xe90
[ 1574.019426][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1574.024552][ T8067]  ? kasan_check_write+0x14/0x20
[ 1574.029496][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1574.033752][ T8067]  dup_mm+0x9e/0x340
[ 1574.037663][ T8067]  copy_process+0x25ff/0x5c80
[ 1574.042389][ T8067]  ? fork_idle+0x1b0/0x1b0
15:48:51 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1574.046830][ T8067]  _do_fork+0x180/0x5f0
[ 1574.051002][ T8067]  ? dup_mm+0x340/0x340
[ 1574.055166][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1574.060548][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1574.066715][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1574.072446][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1574.078092][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1574.083562][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1574.089296][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1574.093937][ T8067]  do_syscall_64+0xfe/0x140
15:48:51 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
getpgid(0x0)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)
r4 = add_key$keyring(&(0x7f0000000780)='keyring\x00', &(0x7f0000000800)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
request_key(&(0x7f0000000640)='cifs.idmap\x00', &(0x7f0000000680)={'syz'}, 0x0, r4)
add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000740)={'syz', 0x3}, 0x0, 0x0, r4)
io_setup(0xfe, &(0x7f00000008c0))

15:48:51 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1574.098453][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1574.104530][ T8067] RIP: 0033:0x457aea
[ 1574.108436][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1574.128219][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1574.136646][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1574.144658][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1574.152642][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1574.160622][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1574.168601][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1574.194072][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 53078
[ 1574.252881][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1574.262744][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1574.287809][ T8067] Memory cgroup stats for /syz0: cache:6520KB rss:101112KB rss_huge:0KB shmem:6520KB mapped_file:3220KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6512KB active_anon:101120KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1574.322013][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6523,uid=0
[ 1574.339149][ T8067] Memory cgroup out of memory: Killed process 6523 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:51 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00'}, 0x58)

15:48:51 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x1ff, 0x90000)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000040)=0x3, 0x4)
socket$inet6(0xa, 0x2, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000200)=ANY=[@ANYBLOB="0180c2000000ffffffffffff86dd60614ab100080000fe800000080000000000000000000000ff0200000000000000000000000010012c00000000089078"], 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000100)={0x10000, 0x3000, 0x1, 0x8, 0xffffffffffffffc0})

15:48:51 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:51 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200}})

15:48:51 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:51 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
getpgid(0x0)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)
r4 = add_key$keyring(&(0x7f0000000780)='keyring\x00', &(0x7f0000000800)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
request_key(&(0x7f0000000640)='cifs.idmap\x00', &(0x7f0000000680)={'syz'}, 0x0, r4)
add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000740)={'syz', 0x3}, 0x0, 0x0, r4)
io_setup(0xfe, &(0x7f00000008c0))
timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))

[ 1574.354712][ T1044] oom_reaper: reaped process 6523 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:51 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:51 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000}})

15:48:51 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x40000000000001, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1574.553805][T16747] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1574.624861][T16747] CPU: 1 PID: 16747 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1574.632870][T16747] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1574.643186][T16747] Call Trace:
[ 1574.646494][T16747]  dump_stack+0x1d8/0x2f8
[ 1574.651280][T16747]  dump_header+0xdb/0xf40
[ 1574.655627][T16747]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1574.662639][T16747]  ? ___ratelimit+0x447/0x5d0
[ 1574.662658][T16747]  oom_kill_process+0x1a0/0x490
15:48:51 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500}})

15:48:51 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:51 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1574.662671][T16747]  out_of_memory+0x76e/0x9e0
[ 1574.662686][T16747]  ? unregister_oom_notifier+0x20/0x20
[ 1574.672201][T16747]  ? kasan_check_read+0x11/0x20
[ 1574.672218][T16747]  try_charge+0x12ba/0x1710
[ 1574.672255][T16747]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1574.699077][T16747]  ? rcu_lock_release+0x4/0x20
[ 1574.704044][T16747]  ? rcu_lock_release+0x15/0x20
[ 1574.708901][T16747]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1574.714456][T16747]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1574.719752][T16747]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1574.725396][T16747]  wp_page_copy+0x391/0x18e0
[ 1574.730080][T16747]  ? reuse_swap_page+0xd47/0x1650
[ 1574.735103][T16747]  ? rcu_lock_release+0x30/0x30
[ 1574.739959][T16747]  ? kasan_check_read+0x11/0x20
[ 1574.744812][T16747]  ? do_raw_spin_unlock+0x49/0x260
[ 1574.750278][T16747]  do_wp_page+0x609/0x1ba0
[ 1574.754697][T16747]  ? kasan_check_write+0x14/0x20
[ 1574.759659][T16747]  ? __rwlock_init+0x130/0x130
[ 1574.759674][T16747]  ? count_memcg_event_mm+0x300/0x300
[ 1574.759697][T16747]  handle_mm_fault+0x29a6/0x6130
[ 1574.769843][T16747]  ? finish_fault+0x220/0x220
[ 1574.769867][T16747]  ? __down_read+0x1a0/0x1a0
[ 1574.769875][T16747]  ? vmacache_find+0x251/0x5b0
[ 1574.769888][T16747]  ? find_vma+0x30/0x150
[ 1574.769901][T16747]  do_user_addr_fault+0x56f/0xaa0
[ 1574.769923][T16747]  __do_page_fault+0xd3/0x1f0
[ 1574.802865][T16747]  do_page_fault+0xce/0xe0
[ 1574.807291][T16747]  ? page_fault+0x8/0x30
[ 1574.811570][T16747]  page_fault+0x1e/0x30
[ 1574.815725][T16747] RIP: 0033:0x40f6a6
[ 1574.819626][T16747] Code: 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 0a 0e 66 00 00 00 00 00 <48> c7 05 e7 47 30 00 90 3e 71 00 31 d2 48 c7 05 d2 47 30 00 90 3e
[ 1574.839236][T16747] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
[ 1574.839246][T16747] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000a704a0
[ 1574.839252][T16747] RDX: 0000000000a704a0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1574.839258][T16747] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1574.839263][T16747] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1574.839276][T16747] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1574.857106][T16747] memory: usage 307200kB, limit 307200kB, failcnt 53111
[ 1574.906272][T16747] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1574.914740][T16747] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1574.922179][T16747] Memory cgroup stats for /syz0: cache:6520KB rss:101136KB rss_huge:0KB shmem:6520KB mapped_file:3220KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6512KB active_anon:101144KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1574.946130][T16747] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=16730,uid=0
[ 1574.965612][T16747] Memory cgroup out of memory: Killed process 16730 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:51 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'}, 0x58)

15:48:51 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @pix_mp={0x10, 0xe0, 0x7579565f, 0x0, 0x0, [{0xe00000000000000, 0x7ff}, {0xa6a, 0xffff}, {0x1, 0x1}, {0x3ff}, {0x97c, 0x9}, {0x3, 0x9}, {0x7, 0x5d80}, {0x3ff, 0x5dd16123}], 0x80000000, 0x80000000, 0xf, 0x3, 0x7}})
ioctl$VIDIOC_SUBDEV_S_CROP(r0, 0xc038563c, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x3, 0x0, 0x3}})
ioctl$VIDIOC_RESERVED(r0, 0x5601, 0x0)

15:48:51 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:51 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:51 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000}})

15:48:51 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
getpgid(0x0)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)
r4 = add_key$keyring(&(0x7f0000000780)='keyring\x00', &(0x7f0000000800)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
request_key(&(0x7f0000000640)='cifs.idmap\x00', &(0x7f0000000680)={'syz'}, 0x0, r4)
add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000740)={'syz', 0x3}, 0x0, 0x0, r4)
io_setup(0xfe, &(0x7f00000008c0))
timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))

15:48:52 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:52 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00}})

15:48:52 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000001c0)={0xe, @raw_data="451e57b425cac5a91ee83c95a1693e2281bb7a9a568d5e1087add11f5ad134efb0bb2d5350053e3da2d92a78e69c922417cc5229b62fc1695b5571805cb0da81026eff11caee8df719d89bf4bc31cdb046837db9e6303fce2f01dca947f9ecef8d3d86f0384464c1e176817eb3d423d4e84a41c081a23a25a0bb6faa9c44962e72d6ec21e2e0ffd760e81d5742df77c6e8758617c525196534ad2d705c7e2dd0c8f6f706c92fef8c0f9526b4ebf21e1fd61d0d084831ca26e19430273bf38061ff1be55d66d028b4"})

15:48:52 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1575.133345][T16792] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
15:48:52 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1575.287101][T16792] CPU: 1 PID: 16792 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1575.295126][T16792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1575.305177][T16792] Call Trace:
[ 1575.308473][T16792]  dump_stack+0x1d8/0x2f8
[ 1575.308488][T16792]  dump_header+0xdb/0xf40
[ 1575.308501][T16792]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1575.308512][T16792]  ? ___ratelimit+0x447/0x5d0
[ 1575.308532][T16792]  oom_kill_process+0x1a0/0x490
[ 1575.332473][T16792]  out_of_memory+0x76e/0x9e0
15:48:52 executing program 5:
r0 = creat(&(0x7f0000000000)='./file0\x00', 0x40080)
ioctl$KVM_DIRTY_TLB(r0, 0x4010aeaa, &(0x7f0000000040)={0xd9, 0x55bbc420})
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$LOOP_SET_CAPACITY(r0, 0x4c07)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$SCSI_IOCTL_DOORLOCK(r0, 0x5380)
ioctl$KVM_SET_XSAVE(r0, 0x5000aea5, &(0x7f00000006c0)={"0530ee0476ede6b5ace7c396f5da4e74e91cecdc78e55e7c8fbc1516fcf4d27def2c8978dc17d755ad7ef50f41f0685abee83d565035e61dd1b25ad8ee27aa258fd577884c28a2a32d6f644760d826b78f1dbf6a9d902b354e1ef7b149b40a436cf3236ae2c8dd9cd772e6bf077e95ed7bd649dbd374abf9c489cbc62a967b8502459db8e823c8d1efcc5fd388bf50a54f2c39011bcc75e14900d9e05a8f50e11f67de676125922b4efd38f6363d9e0664a24c6235add41fbf7770e57e83e8d625b9ed3caa75ce77f33bb28c6cdafbceb80941e1bb42789492b9437de12bafa06a664a95b862954966d098ce3796e213e26c478ecdb35f0b0fcb0f079c4a934f2744f10e7e088f7d03960ed3ad9c25520fcc5e2cba6a3fddb0de7d8ed51fb54479ce43607186ee410bca6335c3322b022da156efb9c2e3f42dd826cfc72fd3e7fadfa32cac95543ed1f77d20810d10e7bb303fb5abcee41c3e84fdc357e886f8d7e9eef3594d4c59889e2336eefb8e34bb538fb58ff9952fc58da2a72862d3076dfa87245dd5e3aa0a8f7758bd446f1779bf776a692ea7468bd6fc9ea2b8c02c4f972626f0a80afbd281453ea13b06d15fd33c01a0ed5ccaeccfa0721bd7f90db101e7e290a884c041a15770bdde6b062e6798640292ea548eb961ccf2a187283e15886fb284386f9a5be832f9f1c0d554565969b58e7fa352af0162f5182a133b1d5fc8f0cdce4568769b37bce308eb2e6be8a3cd183dd00532ebb23d4615b1d5c8ccfa4d91f2a9525aa7d681359113d1d20717da5b6b415a421689d7bf30837fe69e7b9ade8287974e673b1367fa2aebc1a48c7d2eab0540d5199c5552191617a934b5a392839004011af29da65c7015c4c667d8b8cadb159db51f2ac0687d6045cc6ccc664f43adbb9de49891bd92efab2fd85a43f2b55d65676580686afeedf047c3930bd2d4b5ef1d5d77c9704f4a0e01c3b71bde5819ca338ff2ac7f72c5823d1eca19e64647d38ea7f0b1c475e4fadcbb573ca248490c68820738636e4bcb208088cb64d920ee8ce98b4346d7557817a33b27658270733c43c25bd2e03c33beba8f47bacea18aa5389f931e8fb687809576c5ec8ebcd95c1abaa4ba2ea51ba892189b8f310cb8be578c3814ceba16aa873db125856296d8890130d6fc7a1c68c07a6fa4d211f2114e1fbad313f0c7756b2ffae99253a7550386a6b7226fddd023940dacaf9b4fa9c7397aa429e375d5ee1fe370346f8190f01153ead63f582437edc6f9d5a678d3795256c3951fb77292d7dc6eae81c4acda85e972904f252f2ca6f39177281059b2b27445fdc147217a81e13bc65438cc186049acd4e97ab709c4b8314d6c1f39913ae7acd8c16426c77650dc2dc33689af2f11efb01d8c2fa14b6f9500"})

[ 1575.337081][T16792]  ? unregister_oom_notifier+0x20/0x20
[ 1575.342556][T16792]  ? kasan_check_read+0x11/0x20
[ 1575.347509][T16792]  try_charge+0x12ba/0x1710
[ 1575.352047][T16792]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1575.357878][T16792]  ? rcu_lock_release+0x4/0x20
[ 1575.362671][T16792]  ? rcu_lock_release+0x15/0x20
[ 1575.367533][T16792]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1575.367546][T16792]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1575.367562][T16792]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1575.367578][T16792]  wp_page_copy+0x391/0x18e0
[ 1575.378432][T16792]  ? reuse_swap_page+0xd47/0x1650
[ 1575.378445][T16792]  ? rcu_lock_release+0x30/0x30
[ 1575.378461][T16792]  ? kasan_check_read+0x11/0x20
[ 1575.378471][T16792]  ? do_raw_spin_unlock+0x49/0x260
[ 1575.378485][T16792]  do_wp_page+0x609/0x1ba0
[ 1575.378500][T16792]  ? kasan_check_write+0x14/0x20
[ 1575.417970][T16792]  ? __rwlock_init+0x130/0x130
[ 1575.422744][T16792]  ? count_memcg_event_mm+0x300/0x300
[ 1575.428139][T16792]  handle_mm_fault+0x29a6/0x6130
[ 1575.433198][T16792]  ? finish_fault+0x220/0x220
[ 1575.437899][T16792]  ? __down_read+0x1a0/0x1a0
[ 1575.442513][T16792]  ? vmacache_find+0x251/0x5b0
[ 1575.447476][T16792]  ? find_vma+0x30/0x150
[ 1575.451720][T16792]  do_user_addr_fault+0x56f/0xaa0
[ 1575.457011][T16792]  __do_page_fault+0xd3/0x1f0
[ 1575.461670][T16792]  do_page_fault+0xce/0xe0
[ 1575.466066][T16792]  ? page_fault+0x8/0x30
[ 1575.470298][T16792]  page_fault+0x1e/0x30
[ 1575.474431][T16792] RIP: 0033:0x40f6a6
[ 1575.478323][T16792] Code: 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 0a 0e 66 00 00 00 00 00 <48> c7 05 e7 47 30 00 90 3e 71 00 31 d2 48 c7 05 d2 47 30 00 90 3e
[ 1575.497913][T16792] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
[ 1575.503961][T16792] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000a704a0
[ 1575.511916][T16792] RDX: 0000000000a704a0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1575.519867][T16792] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1575.527818][T16792] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1575.535770][T16792] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1575.548530][T16792] memory: usage 307200kB, limit 307200kB, failcnt 53137
[ 1575.555488][T16792] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1575.555501][T16792] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1575.579257][T16792] Memory cgroup stats for /syz0: cache:6520KB rss:101136KB rss_huge:0KB shmem:6520KB mapped_file:3220KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6512KB active_anon:101144KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1575.602058][T16792] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=16772,uid=0
[ 1575.636394][T16792] Memory cgroup out of memory: Killed process 16772 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:52 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}, 0x58)

15:48:52 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040)=<r1=>0x0)
sched_getparam(r1, &(0x7f00000000c0))
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r2 = fcntl$getown(r0, 0x9)
sched_getparam(r2, &(0x7f0000000000))

15:48:52 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:52 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ff}})

15:48:52 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:52 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
getpgid(0x0)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)
r4 = add_key$keyring(&(0x7f0000000780)='keyring\x00', &(0x7f0000000800)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
request_key(&(0x7f0000000640)='cifs.idmap\x00', &(0x7f0000000680)={'syz'}, 0x0, r4)
add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000740)={'syz', 0x3}, 0x0, 0x0, r4)
io_setup(0xfe, &(0x7f00000008c0))
timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
memfd_create(&(0x7f0000000900)='\x00\x05\xdb\x1f]\x0f>\x04\xdb\xbf\x02\x04\x80\xff\xc5\xaf\xe4*\xa6\n\xc1\x05\xdc\x87\x1ct\xea\b\xa1!3\\\xe9\xe7\xac\"\xed\x96F\xec\xdcd\xcan6\x1d\xb3|\xbd\xe2\xc6\xf3\t\xf7\x89K\xc5AG\xf2\xc2]{\xd8\x02iD\xb0\xefXv\x92\xc1\xceg\a\"\x0f\xe0\"w`6\x89', 0x0)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000280)=0x2, 0x4)

15:48:52 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfd}})

15:48:52 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$VIDIOC_SUBDEV_G_CROP(r0, 0xc038563b, &(0x7f0000000000)={0x1, 0x0, {0x7fff, 0x5, 0x90e, 0x6}})

[ 1575.812941][T16833] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1575.847548][T16833] CPU: 0 PID: 16833 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1575.856912][T16833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1575.866968][T16833] Call Trace:
[ 1575.870265][T16833]  dump_stack+0x1d8/0x2f8
[ 1575.870280][T16833]  dump_header+0xdb/0xf40
[ 1575.870293][T16833]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1575.870304][T16833]  ? ___ratelimit+0x447/0x5d0
[ 1575.870318][T16833]  oom_kill_process+0x1a0/0x490
[ 1575.870330][T16833]  out_of_memory+0x76e/0x9e0
[ 1575.870341][T16833]  ? unregister_oom_notifier+0x20/0x20
[ 1575.870352][T16833]  ? kasan_check_read+0x11/0x20
15:48:52 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:52 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1575.870367][T16833]  try_charge+0x12ba/0x1710
[ 1575.870395][T16833]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1575.919685][T16833]  ? rcu_lock_release+0x4/0x20
[ 1575.924478][T16833]  ? rcu_lock_release+0x15/0x20
[ 1575.924490][T16833]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1575.924502][T16833]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1575.924525][T16833]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1575.945800][T16833]  wp_page_copy+0x391/0x18e0
[ 1575.950414][T16833]  ? reuse_swap_page+0xd47/0x1650
[ 1575.955445][T16833]  ? rcu_lock_release+0x30/0x30
15:48:52 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffe7}})

[ 1575.960310][T16833]  ? kasan_check_read+0x11/0x20
[ 1575.965172][T16833]  ? do_raw_spin_unlock+0x49/0x260
[ 1575.970299][T16833]  do_wp_page+0x609/0x1ba0
[ 1575.974718][T16833]  ? kasan_check_write+0x14/0x20
[ 1575.979669][T16833]  ? __rwlock_init+0x130/0x130
[ 1575.984442][T16833]  ? count_memcg_event_mm+0x300/0x300
[ 1575.989918][T16833]  handle_mm_fault+0x29a6/0x6130
[ 1575.989943][T16833]  ? finish_fault+0x220/0x220
[ 1575.989964][T16833]  ? __down_read+0x1a0/0x1a0
[ 1575.989972][T16833]  ? vmacache_find+0x51b/0x5b0
[ 1575.989981][T16833]  ? vmacache_update+0xb7/0x120
[ 1575.989991][T16833]  ? find_vma+0x13c/0x150
[ 1575.990004][T16833]  do_user_addr_fault+0x56f/0xaa0
[ 1575.990025][T16833]  __do_page_fault+0xd3/0x1f0
[ 1575.990043][T16833]  do_page_fault+0xce/0xe0
[ 1576.027799][T16833]  ? page_fault+0x8/0x30
[ 1576.027812][T16833]  page_fault+0x1e/0x30
[ 1576.027821][T16833] RIP: 0033:0x40f678
[ 1576.027831][T16833] Code: 48 8b 05 43 48 30 00 48 89 08 48 8b 15 41 48 30 00 48 89 42 08 48 8b 05 26 48 30 00 48 89 05 2f 48 30 00 49 8d 81 c0 02 00 00 <48> 89 05 31 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48
15:48:52 executing program 5:
getgroups(0x8, &(0x7f0000000040)=[0xee01, 0xee01, <r0=>0xee00, 0xee00, 0xffffffffffffffff, 0x0, 0xee01, 0xee00])
setgid(r0)
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0xc, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/netfilter\x00')
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f00000000c0)={0x0, 0x20, 0x5, 0x0, 0x0, [], [], [], 0x6, 0xaf6})

[ 1576.027836][T16833] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
[ 1576.027844][T16833] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000713ea0
[ 1576.027851][T16833] RDX: 000000000040f4b0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1576.027857][T16833] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1576.027863][T16833] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1576.027870][T16833] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1576.059221][T16833] memory: usage 307200kB, limit 307200kB, failcnt 53160
[ 1576.134624][T16833] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1576.149849][T16833] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1576.156754][T16833] Memory cgroup stats for /syz0: cache:6520KB rss:101132KB rss_huge:0KB shmem:6520KB mapped_file:3220KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6512KB active_anon:101140KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1576.244718][T16833] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=16817,uid=0
[ 1576.261673][T16833] Memory cgroup out of memory: Killed process 16817 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:53 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}, 0x58)

15:48:53 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:53 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:53 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
fsopen(&(0x7f0000000000)='fuse\x00', 0x1)
ioctl$VIDIOC_G_TUNER(r0, 0xc054561d, &(0x7f00000000c0)={0x4, "fb2c650999b6a1bd370135ea9938ca03ea699fde8d20231de7919c36aec0a598", 0x5, 0x25, 0x600000000, 0x8, 0x6, 0x2, 0x9, 0x2})

15:48:53 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000}})

15:48:53 executing program 1:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r2 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r2, 0xd, &(0x7f00000004c0)=""/101)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$sock_SIOCGPGRP(r0, 0x8904, 0x0)
getpgid(0x0)
r3 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, 0x0, 0x0)
ioctl$BLKTRACESETUP(r3, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
perf_event_open(&(0x7f0000000080)={0x3, 0x70, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x8, 0x2003, 0xe, 0xd00, 0x7f, 0x2, 0xfffffffffffffff8, 0x0, 0xffffffffffffffff, 0x8001, 0x4, 0x9e6f, 0x73d9, 0x6, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x4, 0x0, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1, 0x6, 0x401, 0x4, 0x0, 0x200, 0x0, 0x80000000, 0x6, @perf_bp={0x0, 0x8}, 0x100, 0x0, 0x5, 0x6, 0x0, 0x8880, 0xc1f}, 0x0, 0x0, r1, 0x0)
r4 = add_key$keyring(&(0x7f0000000780)='keyring\x00', &(0x7f0000000800)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
request_key(&(0x7f0000000640)='cifs.idmap\x00', &(0x7f0000000680)={'syz'}, 0x0, r4)
add_key$keyring(&(0x7f0000000140)='keyring\x00', &(0x7f0000000740)={'syz', 0x3}, 0x0, 0x0, r4)
io_setup(0xfe, &(0x7f00000008c0))
timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
memfd_create(&(0x7f0000000900)='\x00\x05\xdb\x1f]\x0f>\x04\xdb\xbf\x02\x04\x80\xff\xc5\xaf\xe4*\xa6\n\xc1\x05\xdc\x87\x1ct\xea\b\xa1!3\\\xe9\xe7\xac\"\xed\x96F\xec\xdcd\xcan6\x1d\xb3|\xbd\xe2\xc6\xf3\t\xf7\x89K\xc5AG\xf2\xc2]{\xd8\x02iD\xb0\xefXv\x92\xc1\xceg\a\"\x0f\xe0\"w`6\x89', 0x0)
setsockopt$inet_int(r0, 0x0, 0xb, &(0x7f0000000280)=0x2, 0x4)

15:48:53 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:53 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:53 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}})

15:48:53 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000000c0)={0x80000000, 0xf8, 0x3, {0x4, @sliced={0x800, [0x3, 0x6, 0xca6, 0x2, 0x4, 0x1, 0x7, 0xb08, 0x7fff, 0x5, 0x7, 0x4, 0x1000000000000, 0x0, 0x100, 0x1000, 0xfffffffffffffffc, 0x800, 0xaeff, 0x2, 0x7, 0x920e, 0x9, 0x47, 0xe25, 0x1ff, 0x6, 0x401, 0xff, 0x9, 0x1, 0x8, 0x8, 0x2, 0x5, 0x8, 0x100, 0x200000000000000, 0x5, 0x3, 0x5, 0x45c, 0x8, 0xb2, 0x3, 0x5, 0x100000001, 0x2], 0x7af6}}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1576.488790][T16877] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1576.520231][T16877] CPU: 0 PID: 16877 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1576.528158][T16877] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1576.538215][T16877] Call Trace:
[ 1576.538234][T16877]  dump_stack+0x1d8/0x2f8
[ 1576.538249][T16877]  dump_header+0xdb/0xf40
[ 1576.538263][T16877]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1576.538278][T16877]  ? ___ratelimit+0x447/0x5d0
[ 1576.538293][T16877]  oom_kill_process+0x1a0/0x490
[ 1576.538305][T16877]  out_of_memory+0x76e/0x9e0
[ 1576.538316][T16877]  ? unregister_oom_notifier+0x20/0x20
[ 1576.538327][T16877]  ? kasan_check_read+0x11/0x20
[ 1576.538343][T16877]  try_charge+0x12ba/0x1710
[ 1576.538373][T16877]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1576.538394][T16877]  ? rcu_lock_release+0x4/0x20
[ 1576.595521][T16877]  ? rcu_lock_release+0x15/0x20
[ 1576.600381][T16877]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1576.605939][T16877]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1576.611240][T16877]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1576.616889][T16877]  wp_page_copy+0x391/0x18e0
[ 1576.621499][T16877]  ? reuse_swap_page+0xd47/0x1650
[ 1576.626533][T16877]  ? rcu_lock_release+0x30/0x30
[ 1576.631405][T16877]  ? kasan_check_read+0x11/0x20
15:48:53 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000}})

[ 1576.636627][T16877]  ? do_raw_spin_unlock+0x49/0x260
[ 1576.641758][T16877]  do_wp_page+0x609/0x1ba0
[ 1576.646186][T16877]  ? kasan_check_write+0x14/0x20
[ 1576.651242][T16877]  ? __rwlock_init+0x130/0x130
[ 1576.656018][T16877]  ? count_memcg_event_mm+0x300/0x300
[ 1576.661408][T16877]  handle_mm_fault+0x29a6/0x6130
[ 1576.666396][T16877]  ? finish_fault+0x220/0x220
[ 1576.666421][T16877]  ? __down_read+0x1a0/0x1a0
[ 1576.675659][T16877]  ? vmacache_find+0x51b/0x5b0
[ 1576.680438][T16877]  ? vmacache_update+0xb7/0x120
[ 1576.685300][T16877]  ? find_vma+0x13c/0x150
15:48:53 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1576.689638][T16877]  do_user_addr_fault+0x56f/0xaa0
[ 1576.694715][T16877]  __do_page_fault+0xd3/0x1f0
[ 1576.699400][T16877]  do_page_fault+0xce/0xe0
[ 1576.703820][T16877]  ? page_fault+0x8/0x30
[ 1576.708068][T16877]  page_fault+0x1e/0x30
[ 1576.712225][T16877] RIP: 0033:0x40f678
[ 1576.716133][T16877] Code: 48 8b 05 43 48 30 00 48 89 08 48 8b 15 41 48 30 00 48 89 42 08 48 8b 05 26 48 30 00 48 89 05 2f 48 30 00 49 8d 81 c0 02 00 00 <48> 89 05 31 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48
[ 1576.736238][T16877] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
[ 1576.742315][T16877] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000713ea0
[ 1576.750299][T16877] RDX: 000000000040f4b0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1576.758283][T16877] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1576.766265][T16877] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1576.774255][T16877] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1576.806465][T16877] memory: usage 307200kB, limit 307200kB, failcnt 53196
[ 1576.813700][T16877] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1576.822121][T16877] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1576.835066][T16877] Memory cgroup stats for /syz0: cache:6520KB rss:101128KB rss_huge:0KB shmem:6520KB mapped_file:3220KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6512KB active_anon:101136KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1576.873711][T16877] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=16860,uid=0
[ 1576.889409][T16877] Memory cgroup out of memory: Killed process 16860 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1576.920061][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1576.934542][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1576.942377][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1576.952460][ T8067] Call Trace:
[ 1576.955744][ T8067]  dump_stack+0x1d8/0x2f8
[ 1576.960064][ T8067]  dump_header+0xdb/0xf40
[ 1576.964386][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1576.970188][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1576.974859][ T8067]  oom_kill_process+0x1a0/0x490
[ 1576.979704][ T8067]  out_of_memory+0x76e/0x9e0
[ 1576.984289][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1576.989754][ T8067]  ? kasan_check_read+0x11/0x20
[ 1576.994597][ T8067]  try_charge+0x12ba/0x1710
[ 1576.999120][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1577.004926][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1577.009682][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1577.014521][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1577.020082][ T8067]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1577.025360][ T8067]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1577.030985][ T8067]  wp_page_copy+0x391/0x18e0
[ 1577.035652][ T8067]  ? reuse_swap_page+0xd47/0x1650
[ 1577.040662][ T8067]  ? rcu_lock_release+0x30/0x30
[ 1577.045626][ T8067]  ? kasan_check_read+0x11/0x20
[ 1577.050465][ T8067]  ? do_raw_spin_unlock+0x49/0x260
[ 1577.055591][ T8067]  do_wp_page+0x609/0x1ba0
[ 1577.060084][ T8067]  ? kasan_check_write+0x14/0x20
[ 1577.065019][ T8067]  ? __rwlock_init+0x130/0x130
[ 1577.069954][ T8067]  ? count_memcg_event_mm+0x300/0x300
[ 1577.075324][ T8067]  handle_mm_fault+0x29a6/0x6130
[ 1577.080265][ T8067]  ? finish_fault+0x220/0x220
[ 1577.085023][ T8067]  ? __down_read+0x1a0/0x1a0
[ 1577.089619][ T8067]  ? vmacache_find+0x251/0x5b0
[ 1577.094369][ T8067]  ? find_vma+0x30/0x150
[ 1577.098599][ T8067]  do_user_addr_fault+0x56f/0xaa0
[ 1577.103730][ T8067]  __do_page_fault+0xd3/0x1f0
[ 1577.108395][ T8067]  do_page_fault+0xce/0xe0
[ 1577.112826][ T8067]  ? page_fault+0x8/0x30
[ 1577.117059][ T8067]  page_fault+0x1e/0x30
[ 1577.121200][ T8067] RIP: 0033:0x457c4a
[ 1577.125081][ T8067] Code: 48 85 db 74 b6 41 bc ca 00 00 00 eb 0c 0f 1f 00 48 8b 5b 08 48 85 db 74 a2 48 8b 3b 48 8b 47 10 48 85 c0 74 05 ff d0 48 8b 3b <f0> ff 4f 28 0f 94 c0 84 c0 74 db 8b 47 2c 85 c0 74 d4 45 31 d2 ba
[ 1577.144953][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010246
[ 1577.151027][ T8067] RAX: 0000000000000000 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1577.158991][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a74fc8
[ 1577.166947][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1577.174925][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 00000000000000ca
[ 1577.182885][ T8067] R13: 00000000000039f2 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1577.192287][ T8067] memory: usage 307036kB, limit 307200kB, failcnt 53196
[ 1577.199647][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1577.207113][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1577.216999][ T8067] Memory cgroup stats for /syz0: cache:6524KB rss:101100KB rss_huge:0KB shmem:6520KB mapped_file:3220KB dirty:4KB writeback:0KB swap:0KB inactive_anon:6512KB active_anon:101108KB inactive_file:0KB active_file:4KB unevictable:0KB
[ 1577.239576][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6546,uid=0
[ 1577.256078][ T8067] Memory cgroup out of memory: Killed process 6546 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:54 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}, 0x58)

15:48:54 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000}})

15:48:54 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:54 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000000)={0x8000001, 0x3ff, 0x3})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:54 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:54 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x2})
timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)

[ 1577.270793][ T1044] oom_reaper: reaped process 6546 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:54 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5000000}})

15:48:54 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_ENUMAUDIO(r0, 0xc0345641, &(0x7f0000000000)={0x6, "4427074bbfee2e49e9a4d220e25d62709065d3927fdd2a39249442d72d3ca324", 0x3, 0x1})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f00000000c0)={0x0, 0x0, 0x102, 0x7, {0x1000, 0x40, 0x3, 0x6}})
r1 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vfio/vfio\x00', 0x20000, 0x0)
ioctl$DRM_IOCTL_IRQ_BUSID(r1, 0xc0106403, &(0x7f0000000080)={0x57, 0xa78, 0x4f})

15:48:54 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:54 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:54 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000}})

15:48:54 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00'}, 0x58)

15:48:54 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:54 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
prctl$PR_SET_PDEATHSIG(0x1, 0x15)

15:48:54 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:54 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x2})
timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet(0x2, 0x0, 0x0)

[ 1577.644483][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
15:48:54 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7000000}})

15:48:54 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1577.729052][ T8067] CPU: 0 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1577.736900][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1577.746956][ T8067] Call Trace:
[ 1577.750251][ T8067]  dump_stack+0x1d8/0x2f8
[ 1577.754582][ T8067]  dump_header+0xdb/0xf40
[ 1577.758923][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1577.764742][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1577.769424][ T8067]  oom_kill_process+0x1a0/0x490
[ 1577.769438][ T8067]  out_of_memory+0x76e/0x9e0
[ 1577.769450][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1577.769460][ T8067]  ? kasan_check_read+0x11/0x20
[ 1577.769475][ T8067]  try_charge+0x12ba/0x1710
[ 1577.769503][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1577.769525][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1577.769542][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1577.769554][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1577.769568][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1577.769576][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1577.769587][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1577.769600][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1577.769612][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1577.769621][ T8067]  ? trace_hardirqs_off+0x46/0x80
[ 1577.769633][ T8067]  ? retint_kernel+0x1b/0x2b
[ 1577.769655][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1577.810596][ T8067]  pte_alloc_one+0x1f/0x180
[ 1577.810611][ T8067]  __pte_alloc+0x20/0x2f0
[ 1577.810626][ T8067]  copy_page_range+0x23d5/0x2900
[ 1577.820666][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1577.820700][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1577.820712][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1577.820737][ T8067]  dup_mmap+0xa2d/0xe90
[ 1577.820754][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1577.820768][ T8067]  ? kasan_check_write+0x14/0x20
[ 1577.820778][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1577.820789][ T8067]  dup_mm+0x9e/0x340
[ 1577.820801][ T8067]  copy_process+0x25ff/0x5c80
[ 1577.820832][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1577.918341][ T8067]  _do_fork+0x180/0x5f0
[ 1577.922528][ T8067]  ? dup_mm+0x340/0x340
[ 1577.926695][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1577.932099][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1577.938179][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1577.943901][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1577.949652][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1577.955122][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1577.960884][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1577.965720][ T8067]  do_syscall_64+0xfe/0x140
[ 1577.970242][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1577.976135][ T8067] RIP: 0033:0x457aea
[ 1577.980037][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1578.001641][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1578.010058][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1578.018209][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
15:48:54 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x2})
timerfd_settime(0xffffffffffffffff, 0x0, 0x0, 0x0)
socket$inet(0x2, 0x1, 0x0)

15:48:54 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:54 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1578.026222][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1578.034218][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1578.034238][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
15:48:55 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}})

15:48:55 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x2})
timerfd_settime(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

[ 1578.242701][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 53224
[ 1578.266451][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1578.274610][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1578.287231][ T8067] Memory cgroup stats for /syz0: cache:6528KB rss:101112KB rss_huge:0KB shmem:6520KB mapped_file:3220KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6512KB active_anon:101120KB inactive_file:8KB active_file:0KB unevictable:0KB
[ 1578.319430][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=16900,uid=0
15:48:55 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\f\x00'}, 0x58)

15:48:55 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:55 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:55 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x2})
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:48:55 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x2})
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:48:55 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9000000}})

[ 1578.335744][ T8067] Memory cgroup out of memory: Killed process 16900 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1578.350771][ T1044] oom_reaper: reaped process 16900 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:48:55 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}})

15:48:55 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:55 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x2})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:48:55 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1578.531327][T17001] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
15:48:55 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb000000}})

[ 1578.597278][T17001] CPU: 1 PID: 17001 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1578.605298][T17001] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1578.615448][T17001] Call Trace:
[ 1578.618755][T17001]  dump_stack+0x1d8/0x2f8
[ 1578.623104][T17001]  dump_header+0xdb/0xf40
[ 1578.627452][T17001]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1578.633487][T17001]  ? ___ratelimit+0x447/0x5d0
[ 1578.638272][T17001]  oom_kill_process+0x1a0/0x490
[ 1578.643134][T17001]  out_of_memory+0x76e/0x9e0
15:48:55 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1578.647744][T17001]  ? unregister_oom_notifier+0x20/0x20
[ 1578.647757][T17001]  ? kasan_check_read+0x11/0x20
[ 1578.647772][T17001]  try_charge+0x12ba/0x1710
[ 1578.647800][T17001]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1578.659508][T17001]  ? rcu_lock_release+0x4/0x20
[ 1578.659525][T17001]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1578.659537][T17001]  ? memcg_kmem_put_cache+0x70/0x70
[ 1578.659549][T17001]  ? rcu_lock_release+0x15/0x20
[ 1578.659557][T17001]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1578.659575][T17001]  __memcg_kmem_charge+0x118/0x2f0
[ 1578.700963][T17001]  __alloc_pages_nodemask+0x377/0x790
[ 1578.706347][T17001]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1578.711919][T17001]  ? __lock_acquire+0xcf7/0x1a40
[ 1578.717015][T17001]  alloc_pages_current+0x2fb/0x540
[ 1578.722411][T17001]  pte_alloc_one+0x1f/0x180
[ 1578.726933][T17001]  handle_mm_fault+0x3503/0x6130
[ 1578.732181][T17001]  ? trace_lock_acquire+0x190/0x190
[ 1578.737424][T17001]  ? finish_fault+0x220/0x220
[ 1578.742218][T17001]  ? __down_read+0x1a0/0x1a0
[ 1578.746821][T17001]  ? vmacache_find+0x51b/0x5b0
[ 1578.751595][T17001]  ? vmacache_update+0xb7/0x120
[ 1578.756545][T17001]  ? find_vma+0x13c/0x150
[ 1578.761331][T17001]  do_user_addr_fault+0x56f/0xaa0
[ 1578.766368][T17001]  __do_page_fault+0xd3/0x1f0
[ 1578.771050][T17001]  do_page_fault+0xce/0xe0
[ 1578.771063][T17001]  ? page_fault+0x8/0x30
[ 1578.771072][T17001]  page_fault+0x1e/0x30
[ 1578.771082][T17001] RIP: 0033:0x457aea
[ 1578.771103][T17001] Code: Bad RIP value.
[ 1578.771116][T17001] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010246
[ 1578.797955][T17001] RAX: 0000000000000000 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1578.797962][T17001] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1578.797969][T17001] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1578.797974][T17001] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1578.797980][T17001] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1578.829353][T17001] memory: usage 307200kB, limit 307200kB, failcnt 53268
[ 1578.851002][T17001] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1578.860314][T17001] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1578.871921][T17001] Memory cgroup stats for /syz0: cache:6524KB rss:101120KB rss_huge:0KB shmem:6520KB mapped_file:3220KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6512KB active_anon:101128KB inactive_file:0KB active_file:4KB unevictable:0KB
[ 1578.927438][T17001] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6603,uid=0
[ 1578.943548][T17001] Memory cgroup out of memory: Killed process 6603 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1578.958897][ T1044] oom_reaper: reaped process 6603 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
[ 1578.966714][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1578.990531][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1578.998366][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1579.008599][ T8067] Call Trace:
[ 1579.011902][ T8067]  dump_stack+0x1d8/0x2f8
[ 1579.016253][ T8067]  dump_header+0xdb/0xf40
[ 1579.020617][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1579.026428][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1579.031121][ T8067]  oom_kill_process+0x1a0/0x490
[ 1579.035960][ T8067]  out_of_memory+0x76e/0x9e0
[ 1579.040540][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1579.045982][ T8067]  ? kasan_check_read+0x11/0x20
[ 1579.050825][ T8067]  try_charge+0x12ba/0x1710
[ 1579.055337][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1579.061133][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1579.065882][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1579.070737][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1579.076289][ T8067]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1579.081587][ T8067]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1579.087299][ T8067]  wp_page_copy+0x391/0x18e0
[ 1579.092088][ T8067]  ? reuse_swap_page+0xd47/0x1650
[ 1579.097100][ T8067]  ? rcu_lock_release+0x30/0x30
[ 1579.101943][ T8067]  ? kasan_check_read+0x11/0x20
[ 1579.106801][ T8067]  ? do_raw_spin_unlock+0x49/0x260
[ 1579.111923][ T8067]  do_wp_page+0x609/0x1ba0
[ 1579.116327][ T8067]  ? kasan_check_write+0x14/0x20
[ 1579.121252][ T8067]  ? __rwlock_init+0x130/0x130
[ 1579.126196][ T8067]  ? count_memcg_event_mm+0x300/0x300
[ 1579.131570][ T8067]  handle_mm_fault+0x29a6/0x6130
[ 1579.136605][ T8067]  ? finish_fault+0x220/0x220
[ 1579.141275][ T8067]  ? __down_read+0x1a0/0x1a0
[ 1579.145852][ T8067]  ? vmacache_find+0x566/0x5b0
[ 1579.150707][ T8067]  ? vmacache_update+0xb7/0x120
[ 1579.155945][ T8067]  ? find_vma+0x13c/0x150
[ 1579.160273][ T8067]  do_user_addr_fault+0x56f/0xaa0
[ 1579.165377][ T8067]  __do_page_fault+0xd3/0x1f0
[ 1579.170050][ T8067]  do_page_fault+0xce/0xe0
[ 1579.174458][ T8067]  ? page_fault+0x8/0x30
[ 1579.178690][ T8067]  page_fault+0x1e/0x30
[ 1579.182828][ T8067] RIP: 0033:0x40d2a1
[ 1579.186707][ T8067] Code: 3d f3 ad 34 00 00 0f 85 3b 08 00 00 e8 88 a7 04 00 85 c0 89 c5 0f 88 73 05 00 00 0f 84 f0 04 00 00 89 c6 bf 4c ed 4b 00 31 c0 <e8> ca 49 ff ff c7 44 24 30 00 00 00 00 e8 1d 52 ff ff 49 89 c6 48
[ 1579.206649][ T8067] RSP: 002b:00007ffff6b9e730 EFLAGS: 00010246
[ 1579.212720][ T8067] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000457aea
[ 1579.220710][ T8067] RDX: 0000000000000000 RSI: 0000000000003a01 RDI: 00000000004bed4c
[ 1579.229301][ T8067] RBP: 0000000000003a01 R08: 0000000000000001 R09: 0000555556c9a940
[ 1579.237262][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1579.245236][ T8067] R13: 00007ffff6b9e760 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1579.254846][ T8067] memory: usage 307072kB, limit 307200kB, failcnt 53280
[ 1579.262170][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1579.269700][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1579.276611][ T8067] Memory cgroup stats for /syz0: cache:6524KB rss:101100KB rss_huge:0KB shmem:6520KB mapped_file:3220KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6512KB active_anon:101108KB inactive_file:0KB active_file:4KB unevictable:0KB
[ 1579.299167][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6695,uid=0
[ 1579.315113][ T8067] Memory cgroup out of memory: Killed process 6695 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:48:56 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\r\x00'}, 0x58)

15:48:56 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc000000}})

15:48:56 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x2})
timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:48:56 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:56 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x2})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:48:56 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1579.329822][ T1044] oom_reaper: reaped process 6695 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:48:56 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd000000}})

15:48:56 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:56 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0e\x00'}, 0x58)

15:48:56 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:56 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:48:56 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:48:56 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1579.607743][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
15:48:56 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

[ 1579.663510][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1579.679583][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1579.691213][ T8067] Call Trace:
[ 1579.694523][ T8067]  dump_stack+0x1d8/0x2f8
[ 1579.698948][ T8067]  dump_header+0xdb/0xf40
[ 1579.703287][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1579.709105][ T8067]  ? ___ratelimit+0x447/0x5d0
15:48:56 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

[ 1579.713801][ T8067]  oom_kill_process+0x1a0/0x490
[ 1579.718681][ T8067]  out_of_memory+0x76e/0x9e0
[ 1579.723279][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1579.723292][ T8067]  ? kasan_check_read+0x11/0x20
[ 1579.723309][ T8067]  try_charge+0x12ba/0x1710
[ 1579.723338][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1579.738118][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1579.738136][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1579.738145][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1579.738159][ T8067]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1579.753638][ T8067]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1579.753653][ T8067]  wp_page_copy+0x391/0x18e0
[ 1579.753672][ T8067]  ? reuse_swap_page+0xd47/0x1650
[ 1579.753685][ T8067]  ? rcu_lock_release+0x30/0x30
[ 1579.774704][ T8067]  ? kasan_check_read+0x11/0x20
[ 1579.789577][ T8067]  ? do_raw_spin_unlock+0x49/0x260
[ 1579.794703][ T8067]  do_wp_page+0x609/0x1ba0
[ 1579.799128][ T8067]  ? kasan_check_write+0x14/0x20
[ 1579.804081][ T8067]  ? __rwlock_init+0x130/0x130
[ 1579.808855][ T8067]  ? count_memcg_event_mm+0x300/0x300
15:48:56 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:56 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

[ 1579.814294][ T8067]  handle_mm_fault+0x29a6/0x6130
[ 1579.819268][ T8067]  ? finish_fault+0x220/0x220
[ 1579.823967][ T8067]  ? __down_read+0x1a0/0x1a0
[ 1579.828564][ T8067]  ? vmacache_find+0x566/0x5b0
[ 1579.833331][ T8067]  ? vmacache_update+0xb7/0x120
[ 1579.838182][ T8067]  ? find_vma+0x13c/0x150
[ 1579.838195][ T8067]  do_user_addr_fault+0x56f/0xaa0
[ 1579.838215][ T8067]  __do_page_fault+0xd3/0x1f0
[ 1579.838233][ T8067]  do_page_fault+0xce/0xe0
[ 1579.858156][ T8067]  ? page_fault+0x8/0x30
15:48:56 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1579.862407][ T8067]  page_fault+0x1e/0x30
[ 1579.866573][ T8067] RIP: 0033:0x40d2a1
[ 1579.870470][ T8067] Code: 3d f3 ad 34 00 00 0f 85 3b 08 00 00 e8 88 a7 04 00 85 c0 89 c5 0f 88 73 05 00 00 0f 84 f0 04 00 00 89 c6 bf 4c ed 4b 00 31 c0 <e8> ca 49 ff ff c7 44 24 30 00 00 00 00 e8 1d 52 ff ff 49 89 c6 48
[ 1579.890085][ T8067] RSP: 002b:00007ffff6b9e730 EFLAGS: 00010246
[ 1579.896160][ T8067] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000457aea
[ 1579.904137][ T8067] RDX: 0000000000000000 RSI: 0000000000003a0b RDI: 00000000004bed4c
[ 1579.912119][ T8067] RBP: 0000000000003a0b R08: 0000000000000001 R09: 0000555556c9a940
[ 1579.920112][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1579.928098][ T8067] R13: 00007ffff6b9e760 R14: 0000000000000000 R15: 00007ffff6b9e770
15:48:56 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe000000}})

15:48:56 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1579.956071][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 53323
[ 1579.963200][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1580.007567][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1580.014459][ T8067] Memory cgroup stats for /syz0: cache:6520KB rss:101120KB rss_huge:0KB shmem:6520KB mapped_file:3220KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6512KB active_anon:101128KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1580.103789][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17023,uid=0
[ 1580.119921][ T8067] Memory cgroup out of memory: Killed process 17023 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1580.156220][T17052] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1580.168790][T17052] CPU: 0 PID: 17052 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1580.176733][T17052] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1580.186800][T17052] Call Trace:
[ 1580.190092][T17052]  dump_stack+0x1d8/0x2f8
[ 1580.194431][T17052]  dump_header+0xdb/0xf40
[ 1580.199987][T17052]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1580.205833][T17052]  ? ___ratelimit+0x447/0x5d0
[ 1580.210556][T17052]  oom_kill_process+0x1a0/0x490
[ 1580.215442][T17052]  out_of_memory+0x76e/0x9e0
[ 1580.220046][T17052]  ? unregister_oom_notifier+0x20/0x20
[ 1580.225513][T17052]  ? kasan_check_read+0x11/0x20
[ 1580.230363][T17052]  try_charge+0x12ba/0x1710
[ 1580.234896][T17052]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1580.240694][T17052]  ? rcu_lock_release+0x4/0x20
[ 1580.245444][T17052]  ? rcu_lock_release+0x15/0x20
[ 1580.250287][T17052]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1580.255850][T17052]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1580.261133][T17052]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1580.266754][T17052]  wp_page_copy+0x391/0x18e0
[ 1580.271331][T17052]  ? reuse_swap_page+0xd47/0x1650
[ 1580.276334][T17052]  ? rcu_lock_release+0x30/0x30
[ 1580.281175][T17052]  ? kasan_check_read+0x11/0x20
[ 1580.286100][T17052]  ? do_raw_spin_unlock+0x49/0x260
[ 1580.291572][T17052]  do_wp_page+0x609/0x1ba0
[ 1580.296058][T17052]  ? kasan_check_write+0x14/0x20
[ 1580.301002][T17052]  ? __rwlock_init+0x130/0x130
[ 1580.305749][T17052]  ? count_memcg_event_mm+0x300/0x300
[ 1580.311117][T17052]  handle_mm_fault+0x29a6/0x6130
[ 1580.316060][T17052]  ? finish_fault+0x220/0x220
[ 1580.320752][T17052]  ? __down_read+0x1a0/0x1a0
[ 1580.325325][T17052]  ? vmacache_find+0x51b/0x5b0
[ 1580.330074][T17052]  ? vmacache_update+0xb7/0x120
[ 1580.334917][T17052]  ? find_vma+0x13c/0x150
[ 1580.339246][T17052]  do_user_addr_fault+0x56f/0xaa0
[ 1580.344257][T17052]  __do_page_fault+0xd3/0x1f0
[ 1580.348923][T17052]  do_page_fault+0xce/0xe0
[ 1580.353352][T17052]  ? page_fault+0x8/0x30
[ 1580.357594][T17052]  page_fault+0x1e/0x30
[ 1580.361795][T17052] RIP: 0033:0x457b1e
[ 1580.365677][T17052] Code: 00 00 85 c0 41 89 c5 0f 85 fc 00 00 00 64 8b 04 25 d0 02 00 00 41 39 c4 0f 84 12 02 00 00 48 8b 05 27 ec 61 00 48 85 c0 74 04 <48> 83 00 04 64 8b 04 25 d0 02 00 00 64 89 04 25 d4 02 00 00 0f 31
[ 1580.385282][T17052] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010206
[ 1580.391348][T17052] RAX: 0000000000a76248 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1580.399335][T17052] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1580.407301][T17052] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1580.415264][T17052] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1580.423216][T17052] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1580.431942][T17052] memory: usage 306908kB, limit 307200kB, failcnt 53323
[ 1580.439016][T17052] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1580.446486][T17052] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1580.453446][T17052] Memory cgroup stats for /syz0: cache:6512KB rss:101008KB rss_huge:0KB shmem:6512KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6504KB active_anon:101012KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1580.475492][T17052] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17042,uid=0
[ 1580.491083][T17052] Memory cgroup out of memory: Killed process 17042 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:57 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00'}, 0x58)

15:48:57 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:48:57 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:57 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:57 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000}})

15:48:57 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

[ 1580.505873][ T1044] oom_reaper: reaped process 17042 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:48:57 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:57 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))

15:48:57 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000}})

15:48:57 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:57 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:48:57 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00'}, 0x58)

15:48:57 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12000000}})

15:48:57 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:57 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:48:57 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1580.923922][T17136] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
15:48:57 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000}})

15:48:57 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

[ 1580.996254][T17136] CPU: 0 PID: 17136 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1581.004183][T17136] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1581.015024][T17136] Call Trace:
[ 1581.018321][T17136]  dump_stack+0x1d8/0x2f8
[ 1581.022666][T17136]  dump_header+0xdb/0xf40
[ 1581.027002][T17136]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1581.032811][T17136]  ? ___ratelimit+0x447/0x5d0
[ 1581.037504][T17136]  oom_kill_process+0x1a0/0x490
[ 1581.042358][T17136]  out_of_memory+0x76e/0x9e0
[ 1581.046953][T17136]  ? unregister_oom_notifier+0x20/0x20
[ 1581.052413][T17136]  ? kasan_check_read+0x11/0x20
[ 1581.057279][T17136]  try_charge+0x12ba/0x1710
[ 1581.061807][T17136]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1581.067639][T17136]  ? rcu_lock_release+0x4/0x20
[ 1581.072404][T17136]  ? rcu_lock_release+0x15/0x20
[ 1581.077249][T17136]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1581.082803][T17136]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1581.088093][T17136]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1581.093730][T17136]  wp_page_copy+0x391/0x18e0
[ 1581.098329][T17136]  ? reuse_swap_page+0xd47/0x1650
[ 1581.103357][T17136]  ? rcu_lock_release+0x30/0x30
[ 1581.108221][T17136]  ? kasan_check_read+0x11/0x20
[ 1581.113070][T17136]  ? do_raw_spin_unlock+0x49/0x260
[ 1581.118193][T17136]  do_wp_page+0x609/0x1ba0
[ 1581.122611][T17136]  ? kasan_check_write+0x14/0x20
[ 1581.122628][T17136]  ? __rwlock_init+0x130/0x130
[ 1581.122640][T17136]  ? count_memcg_event_mm+0x300/0x300
[ 1581.122658][T17136]  handle_mm_fault+0x29a6/0x6130
[ 1581.132358][T17136]  ? finish_fault+0x220/0x220
[ 1581.132384][T17136]  ? __down_read+0x1a0/0x1a0
[ 1581.142758][T17136]  ? vmacache_find+0x51b/0x5b0
[ 1581.142770][T17136]  ? vmacache_update+0xb7/0x120
[ 1581.142783][T17136]  ? find_vma+0x13c/0x150
[ 1581.142800][T17136]  do_user_addr_fault+0x56f/0xaa0
[ 1581.142820][T17136]  __do_page_fault+0xd3/0x1f0
[ 1581.152062][T17136]  do_page_fault+0xce/0xe0
[ 1581.152075][T17136]  ? page_fault+0x8/0x30
[ 1581.152086][T17136]  page_fault+0x1e/0x30
[ 1581.152096][T17136] RIP: 0033:0x457b1e
15:48:58 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:58 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x25000000}})

[ 1581.152109][T17136] Code: 00 00 85 c0 41 89 c5 0f 85 fc 00 00 00 64 8b 04 25 d0 02 00 00 41 39 c4 0f 84 12 02 00 00 48 8b 05 27 ec 61 00 48 85 c0 74 04 <48> 83 00 04 64 8b 04 25 d0 02 00 00 64 89 04 25 d4 02 00 00 0f 31
[ 1581.212447][T17136] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010206
[ 1581.218520][T17136] RAX: 0000000000a76248 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1581.226528][T17136] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1581.234529][T17136] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
15:48:58 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:48:58 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1581.242592][T17136] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1581.250572][T17136] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
15:48:58 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1581.385586][T17136] memory: usage 307200kB, limit 307200kB, failcnt 53356
[ 1581.395100][T17136] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1581.415340][T17136] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1581.435430][T17136] Memory cgroup stats for /syz0: cache:6520KB rss:101124KB rss_huge:0KB shmem:6520KB mapped_file:3220KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6512KB active_anon:101132KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1581.466253][T17136] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17090,uid=0
15:48:58 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x12\x00'}, 0x58)

15:48:58 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:48:58 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:58 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:48:58 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000}})

15:48:58 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1581.500127][T17136] Memory cgroup out of memory: Killed process 17090 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:48:58 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:48:58 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c000000}})

15:48:58 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:58 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:58 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

[ 1581.695621][T17184] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
15:48:58 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1581.793479][T17184] CPU: 1 PID: 17184 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1581.801433][T17184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1581.811588][T17184] Call Trace:
[ 1581.814900][T17184]  dump_stack+0x1d8/0x2f8
[ 1581.819266][T17184]  dump_header+0xdb/0xf40
[ 1581.823613][T17184]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1581.829428][T17184]  ? ___ratelimit+0x447/0x5d0
[ 1581.834120][T17184]  oom_kill_process+0x1a0/0x490
[ 1581.839007][T17184]  out_of_memory+0x76e/0x9e0
[ 1581.843609][T17184]  ? unregister_oom_notifier+0x20/0x20
[ 1581.849084][T17184]  ? kasan_check_read+0x11/0x20
[ 1581.855515][T17184]  try_charge+0x12ba/0x1710
[ 1581.860049][T17184]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1581.865868][T17184]  ? rcu_lock_release+0x4/0x20
[ 1581.870670][T17184]  ? rcu_lock_release+0x15/0x20
[ 1581.870685][T17184]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1581.881169][T17184]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1581.881187][T17184]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1581.881201][T17184]  wp_page_copy+0x391/0x18e0
[ 1581.896704][T17184]  ? reuse_swap_page+0xd47/0x1650
[ 1581.901744][T17184]  ? rcu_lock_release+0x30/0x30
[ 1581.906922][T17184]  ? kasan_check_read+0x11/0x20
[ 1581.915021][T17184]  ? do_raw_spin_unlock+0x49/0x260
[ 1581.923020][T17184]  do_wp_page+0x609/0x1ba0
[ 1581.927533][T17184]  ? kasan_check_write+0x14/0x20
[ 1581.934848][T17184]  ? __rwlock_init+0x130/0x130
[ 1581.941121][T17184]  ? count_memcg_event_mm+0x300/0x300
[ 1581.947093][T17184]  handle_mm_fault+0x29a6/0x6130
[ 1581.956844][T17184]  ? finish_fault+0x220/0x220
[ 1581.963386][T17184]  ? __down_read+0x1a0/0x1a0
[ 1581.968072][T17184]  ? vmacache_find+0x251/0x5b0
[ 1581.973776][T17184]  ? find_vma+0x30/0x150
[ 1581.979959][T17184]  do_user_addr_fault+0x56f/0xaa0
[ 1581.988140][T17184]  __do_page_fault+0xd3/0x1f0
[ 1581.994832][T17184]  do_page_fault+0xce/0xe0
[ 1582.002204][T17184]  ? page_fault+0x8/0x30
[ 1582.020936][T17184]  page_fault+0x1e/0x30
[ 1582.030026][T17184] RIP: 0033:0x40f6a6
[ 1582.036996][T17184] Code: 0e 66 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 0a 0e 66 00 00 00 00 00 <48> c7 05 e7 47 30 00 90 3e 71 00 31 d2 48 c7 05 d2 47 30 00 90 3e
[ 1582.063915][T17184] RSP: 002b:00007ffff6b9e6d8 EFLAGS: 00010246
[ 1582.072372][T17184] RAX: 0000555556c9ac00 RBX: 00007ffff6b9e6e0 RCX: 0000000000a704a0
[ 1582.082810][T17184] RDX: 0000000000a704a0 RSI: 0000000000713e90 RDI: 0000555556c9ac20
[ 1582.091831][T17184] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1582.099807][T17184] R10: 0000555556c9ac10 R11: 0000000000000202 R12: 0000000000000001
[ 1582.107782][T17184] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1582.178477][T17184] memory: usage 307200kB, limit 307200kB, failcnt 53392
[ 1582.186449][T17184] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1582.195620][T17184] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1582.202941][T17184] Memory cgroup stats for /syz0: cache:6520KB rss:101124KB rss_huge:0KB shmem:6516KB mapped_file:3220KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6508KB active_anon:101132KB inactive_file:4KB active_file:0KB unevictable:0KB
15:48:59 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00'}, 0x58)

15:48:59 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:59 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:48:59 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:48:59 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffff}})

15:48:59 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1582.225092][T17184] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17114,uid=0
[ 1582.240747][T17184] Memory cgroup out of memory: Killed process 17114 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1582.255752][ T1044] oom_reaper: reaped process 17114 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:48:59 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff}})

15:48:59 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:59 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:48:59 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:48:59 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:48:59 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1582.528423][T17230] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 1582.614546][T17230] CPU: 1 PID: 17230 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1582.622473][T17230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1582.632623][T17230] Call Trace:
[ 1582.635924][T17230]  dump_stack+0x1d8/0x2f8
[ 1582.640274][T17230]  dump_header+0xdb/0xf40
[ 1582.644612][T17230]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1582.650425][T17230]  ? ___ratelimit+0x447/0x5d0
[ 1582.655146][T17230]  oom_kill_process+0x1a0/0x490
[ 1582.660128][T17230]  out_of_memory+0x76e/0x9e0
[ 1582.664757][T17230]  ? unregister_oom_notifier+0x20/0x20
[ 1582.670245][T17230]  ? kasan_check_read+0x11/0x20
[ 1582.670262][T17230]  try_charge+0x12ba/0x1710
[ 1582.670291][T17230]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1582.670315][T17230]  ? rcu_lock_release+0x4/0x20
[ 1582.679802][T17230]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1582.679815][T17230]  ? memcg_kmem_put_cache+0x70/0x70
[ 1582.679829][T17230]  ? rcu_lock_release+0x15/0x20
[ 1582.679838][T17230]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1582.679849][T17230]  __memcg_kmem_charge+0x118/0x2f0
[ 1582.679870][T17230]  __alloc_pages_nodemask+0x377/0x790
[ 1582.690543][T17230]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1582.690571][T17230]  alloc_pages_current+0x2fb/0x540
[ 1582.701305][T17230]  __pmd_alloc+0x39/0x3d0
[ 1582.701320][T17230]  handle_mm_fault+0x3115/0x6130
[ 1582.701342][T17230]  ? finish_fault+0x220/0x220
[ 1582.701364][T17230]  ? __down_read+0x1a0/0x1a0
[ 1582.701373][T17230]  ? vmacache_find+0x566/0x5b0
[ 1582.701381][T17230]  ? vmacache_update+0xb7/0x120
[ 1582.701395][T17230]  ? find_vma+0x13c/0x150
[ 1582.711790][T17230]  do_user_addr_fault+0x56f/0xaa0
[ 1582.722271][T17230]  __do_page_fault+0xd3/0x1f0
[ 1582.722288][T17230]  do_page_fault+0xce/0xe0
[ 1582.779749][T17230]  ? page_fault+0x8/0x30
[ 1582.784055][T17230]  page_fault+0x1e/0x30
[ 1582.788243][T17230] RIP: 0033:0x4019f7
[ 1582.792143][T17230] Code: 00 00 00 48 83 ec 08 48 8b 15 bd ea 66 00 48 8b 05 ae ea 66 00 48 39 d0 48 8d 8a 00 00 00 01 72 17 48 39 c8 73 12 48 8d 50 04 <89> 38 48 89 15 90 ea 66 00 48 83 c4 08 c3 48 89 c6 bf 38 96 4c 00
[ 1582.811744][T17230] RSP: 002b:00007ffff6b9e570 EFLAGS: 00010287
[ 1582.817815][T17230] RAX: 0000001b2be20000 RBX: 0000000000000000 RCX: 0000001b2ce20000
[ 1582.825790][T17230] RDX: 0000001b2be20004 RSI: 00007ffff6b9e330 RDI: 0000000000000000
[ 1582.833760][T17230] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000004
[ 1582.841737][T17230] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000001
[ 1582.849710][T17230] R13: 00007ffff6b9e760 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1582.859533][T17230] memory: usage 307204kB, limit 307200kB, failcnt 53446
[ 1582.866493][T17230] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1582.874265][T17230] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1582.881213][T17230] Memory cgroup stats for /syz0: cache:6516KB rss:101132KB rss_huge:0KB shmem:6512KB mapped_file:3216KB dirty:4KB writeback:0KB swap:0KB inactive_anon:6504KB active_anon:101140KB inactive_file:0KB active_file:4KB unevictable:0KB
[ 1582.904620][T17230] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6713,uid=0
[ 1582.920089][T17230] Memory cgroup out of memory: Killed process 6713 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1582.934867][ T1044] oom_reaper: reaped process 6713 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
[ 1582.964142][T17251] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1582.975711][T17251] CPU: 1 PID: 17251 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1582.983615][T17251] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1582.993687][T17251] Call Trace:
[ 1582.997001][T17251]  dump_stack+0x1d8/0x2f8
[ 1583.001504][T17251]  dump_header+0xdb/0xf40
[ 1583.005842][T17251]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1583.011680][T17251]  ? ___ratelimit+0x447/0x5d0
[ 1583.016374][T17251]  oom_kill_process+0x1a0/0x490
[ 1583.021257][T17251]  out_of_memory+0x76e/0x9e0
[ 1583.025869][T17251]  ? unregister_oom_notifier+0x20/0x20
[ 1583.031340][T17251]  ? kasan_check_read+0x11/0x20
[ 1583.036228][T17251]  try_charge+0x12ba/0x1710
[ 1583.040961][T17251]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1583.047066][T17251]  ? rcu_lock_release+0x4/0x20
[ 1583.051870][T17251]  ? rcu_lock_release+0x15/0x20
[ 1583.056750][T17251]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1583.062312][T17251]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1583.067613][T17251]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1583.073277][T17251]  shmem_getpage_gfp+0x1052/0x2dd0
[ 1583.078412][T17251]  ? __bfs+0x550/0x550
[ 1583.082508][T17251]  ? shmem_getpage+0xa0/0xa0
[ 1583.087110][T17251]  ? trace_hardirqs_on+0x74/0x80
[ 1583.092388][T17251]  ? iov_iter_fault_in_readable+0x2ba/0x5c0
[ 1583.098293][T17251]  shmem_write_begin+0xcb/0x1b0
[ 1583.103164][T17251]  generic_perform_write+0x2ac/0x550
[ 1583.108473][T17251]  ? grab_cache_page_write_begin+0xa0/0xa0
[ 1583.114463][T17251]  ? file_remove_privs+0x600/0x600
[ 1583.119604][T17251]  ? lock_acquire+0x158/0x250
[ 1583.124321][T17251]  __generic_file_write_iter+0x24b/0x520
[ 1583.129982][T17251]  generic_file_write_iter+0x41d/0x5a0
[ 1583.135468][T17251]  __vfs_write+0x617/0x7d0
[ 1583.139901][T17251]  ? __kernel_write+0x330/0x330
[ 1583.144773][T17251]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1583.150501][T17251]  ? __sb_start_write+0x199/0x360
[ 1583.155556][T17251]  ? kasan_check_read+0x11/0x20
[ 1583.160415][T17251]  vfs_write+0x227/0x510
[ 1583.164679][T17251]  ksys_write+0x16b/0x2a0
[ 1583.169010][T17251]  ? __ia32_sys_read+0x90/0x90
[ 1583.173788][T17251]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1583.179592][T17251]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1583.185265][T17251]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1583.190726][T17251]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1583.196670][T17251]  ? do_syscall_64+0x1d/0x140
[ 1583.201628][T17251]  __x64_sys_write+0x7b/0x90
[ 1583.206602][T17251]  do_syscall_64+0xfe/0x140
[ 1583.211136][T17251]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1583.217030][T17251] RIP: 0033:0x459519
[ 1583.220927][T17251] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1583.240533][T17251] RSP: 002b:00007f6872e5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1583.249031][T17251] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459519
[ 1583.257009][T17251] RDX: 0000000000000001 RSI: 00000000200004c0 RDI: 0000000000000003
[ 1583.265269][T17251] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1583.273249][T17251] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e5e6d4
[ 1583.281234][T17251] R13: 00000000004c58be R14: 00000000004df8c0 R15: 00000000ffffffff
[ 1583.290543][T17251] memory: usage 307148kB, limit 307200kB, failcnt 53475
[ 1583.297596][T17251] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1583.305054][T17251] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1583.311992][T17251] Memory cgroup stats for /syz0: cache:6508KB rss:101092KB rss_huge:0KB shmem:6504KB mapped_file:3212KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6496KB active_anon:101092KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1583.334149][T17251] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6730,uid=0
[ 1583.349714][T17251] Memory cgroup out of memory: Killed process 6730 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:49:00 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00'}, 0x58)

15:49:00 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:00 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfecaedfe}})

15:49:00 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:00 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:00 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

[ 1583.364618][ T1044] oom_reaper: reaped process 6730 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:49:00 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:00 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:00 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:00 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeedcafe}})

15:49:00 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:00 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00'}, 0x58)

15:49:00 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:00 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffdfd}})

15:49:00 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:00 executing program 5:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:00 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:00 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:00 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffe7}})

15:49:00 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:00 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:00 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'}, 0x58)

15:49:00 executing program 5:
r0 = syz_open_dev$loop(0x0, 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:00 executing program 5:
r0 = syz_open_dev$loop(0x0, 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:00 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:00 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000}})

15:49:00 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:01 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:01 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000}})

15:49:01 executing program 5:
r0 = syz_open_dev$loop(0x0, 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

[ 1584.104292][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1584.168719][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1584.184521][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1584.194593][ T8067] Call Trace:
[ 1584.197891][ T8067]  dump_stack+0x1d8/0x2f8
[ 1584.202229][ T8067]  dump_header+0xdb/0xf40
[ 1584.206564][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1584.212378][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1584.217068][ T8067]  oom_kill_process+0x1a0/0x490
[ 1584.221936][ T8067]  out_of_memory+0x76e/0x9e0
[ 1584.226535][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1584.231997][ T8067]  ? kasan_check_read+0x11/0x20
[ 1584.232013][ T8067]  try_charge+0x12ba/0x1710
[ 1584.232041][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1584.232058][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1584.232077][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1584.256944][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1584.262762][ T8067]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1584.262779][ T8067]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1584.262790][ T8067]  wp_page_copy+0x391/0x18e0
[ 1584.262812][ T8067]  ? reuse_swap_page+0xd47/0x1650
[ 1584.283304][ T8067]  ? rcu_lock_release+0x30/0x30
[ 1584.288170][ T8067]  ? kasan_check_read+0x11/0x20
[ 1584.293030][ T8067]  ? do_raw_spin_unlock+0x49/0x260
[ 1584.298155][ T8067]  do_wp_page+0x609/0x1ba0
[ 1584.302588][ T8067]  ? kasan_check_write+0x14/0x20
[ 1584.307540][ T8067]  ? __rwlock_init+0x130/0x130
[ 1584.307555][ T8067]  ? count_memcg_event_mm+0x300/0x300
[ 1584.307578][ T8067]  handle_mm_fault+0x29a6/0x6130
[ 1584.317896][ T8067]  ? finish_fault+0x220/0x220
[ 1584.317917][ T8067]  ? __down_read+0x1a0/0x1a0
[ 1584.317925][ T8067]  ? vmacache_find+0x251/0x5b0
[ 1584.317937][ T8067]  ? find_vma+0x30/0x150
[ 1584.317950][ T8067]  do_user_addr_fault+0x56f/0xaa0
[ 1584.317969][ T8067]  __do_page_fault+0xd3/0x1f0
[ 1584.350853][ T8067]  do_page_fault+0xce/0xe0
[ 1584.355290][ T8067]  ? page_fault+0x8/0x30
[ 1584.359551][ T8067]  page_fault+0x1e/0x30
[ 1584.363718][ T8067] RIP: 0033:0x457c0e
[ 1584.367613][ T8067] Code: 5c 41 5d 41 5e 5d c3 48 c7 c2 d4 ff ff ff f7 d8 41 bd ff ff ff ff 64 89 02 64 8b 04 25 d0 02 00 00 41 39 c4 0f 85 2f 01 00 00 <64> 44 89 04 25 d4 02 00 00 45 85 f6 0f 85 7f 00 00 00 48 85 db 74
[ 1584.387667][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010246
[ 1584.387678][ T8067] RAX: 0000000000000001 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1584.387683][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1584.387688][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
15:49:01 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}})

15:49:01 executing program 5:
syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:01 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1584.387693][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1584.387698][ T8067] R13: 0000000000003a2c R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1584.424794][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 53508
[ 1584.490712][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1584.510392][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1584.549296][ T8067] Memory cgroup stats for /syz0: cache:6512KB rss:101100KB rss_huge:0KB shmem:6512KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6504KB active_anon:101108KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1584.571605][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17279,uid=0
[ 1584.587813][ T8067] Memory cgroup out of memory: Killed process 17279 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1584.602434][ T1044] oom_reaper: reaped process 17279 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
[ 1584.616684][T17332] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1584.628416][T17332] CPU: 1 PID: 17332 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1584.636317][T17332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1584.646372][T17332] Call Trace:
[ 1584.649685][T17332]  dump_stack+0x1d8/0x2f8
[ 1584.654000][T17332]  dump_header+0xdb/0xf40
[ 1584.658316][T17332]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1584.664104][T17332]  ? ___ratelimit+0x447/0x5d0
[ 1584.668768][T17332]  oom_kill_process+0x1a0/0x490
[ 1584.673609][T17332]  out_of_memory+0x76e/0x9e0
[ 1584.678190][T17332]  ? unregister_oom_notifier+0x20/0x20
[ 1584.683797][T17332]  ? kasan_check_read+0x11/0x20
[ 1584.688757][T17332]  try_charge+0x12ba/0x1710
[ 1584.693254][T17332]  ? trace_hardirqs_on_caller+0x74/0x80
[ 1584.698785][T17332]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1584.704570][T17332]  ? rcu_lock_release+0x4/0x20
[ 1584.709314][T17332]  ? rcu_lock_release+0x15/0x20
[ 1584.714153][T17332]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1584.719680][T17332]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1584.724954][T17332]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1584.730565][T17332]  wp_page_copy+0x391/0x18e0
[ 1584.735140][T17332]  ? reuse_swap_page+0xd47/0x1650
[ 1584.740163][T17332]  ? rcu_lock_release+0x30/0x30
[ 1584.744999][T17332]  ? kasan_check_read+0x11/0x20
[ 1584.749857][T17332]  ? do_raw_spin_unlock+0x49/0x260
[ 1584.754975][T17332]  do_wp_page+0x609/0x1ba0
[ 1584.759380][T17332]  ? kasan_check_write+0x14/0x20
[ 1584.764301][T17332]  ? __rwlock_init+0x130/0x130
[ 1584.769044][T17332]  ? count_memcg_event_mm+0x300/0x300
[ 1584.774396][T17332]  handle_mm_fault+0x29a6/0x6130
[ 1584.779328][T17332]  ? finish_fault+0x220/0x220
[ 1584.783984][T17332]  ? vmacache_find+0x1fd/0x5b0
[ 1584.788725][T17332]  ? vmacache_update+0xb7/0x120
[ 1584.793552][T17332]  ? find_vma+0x13c/0x150
[ 1584.797863][T17332]  do_user_addr_fault+0x56f/0xaa0
[ 1584.802870][T17332]  __do_page_fault+0xd3/0x1f0
[ 1584.808742][T17332]  do_page_fault+0xce/0xe0
[ 1584.813247][T17332]  page_fault+0x1e/0x30
[ 1584.817414][T17332] RIP: 0010:__put_user_4+0x1c/0x30
[ 1584.822603][T17332] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 40 fd 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48
[ 1584.842200][T17332] RSP: 0018:ffff888057dbff08 EFLAGS: 00010293
[ 1584.848360][T17332] RAX: 0000000000003a2c RBX: 00007fffffffeffd RCX: 0000555556c9ac10
[ 1584.856316][T17332] RDX: dffffc0000000000 RSI: ffff8880568c2aa0 RDI: 0000000000000282
[ 1584.864272][T17332] RBP: ffff888057dbff48 R08: dffffc0000000000 R09: ffffed1015d66bf8
[ 1584.872250][T17332] R10: ffffed1015d66bf8 R11: 1ffff11015d66bf7 R12: ffff8880aeb35100
[ 1584.880206][T17332] R13: dffffc0000000000 R14: 0000000000003a2c R15: ffff8880568c27a8
[ 1584.888265][T17332]  ? schedule_tail+0xc9/0x1a0
[ 1584.896564][T17332]  ret_from_fork+0x8/0x30
[ 1584.900884][T17332] RIP: 0033:0x457aea
[ 1584.904783][T17332] Code: Bad RIP value.
[ 1584.908825][T17332] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1584.917218][T17332] RAX: 0000000000000000 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1584.925178][T17332] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1584.933136][T17332] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1584.941095][T17332] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1584.949069][T17332] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1584.958006][T17332] memory: usage 306916kB, limit 307200kB, failcnt 53510
[ 1584.964946][T17332] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1584.972495][T17332] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1584.979632][T17332] Memory cgroup stats for /syz0: cache:6504KB rss:100996KB rss_huge:0KB shmem:6504KB mapped_file:3212KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6496KB active_anon:100992KB inactive_file:0KB active_file:0KB unevictable:0KB
15:49:01 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}, 0x58)

15:49:01 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:01 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:01 executing program 5:
syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:01 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:01 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300000000000000}})

[ 1585.001732][T17332] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17305,uid=0
[ 1585.017283][T17332] Memory cgroup out of memory: Killed process 17305 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1585.036365][ T1044] oom_reaper: reaped process 17305 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:49:02 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:02 executing program 5:
syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:02 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000}})

15:49:02 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:02 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:02 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:02 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}, 0x58)

15:49:02 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x500000000000000}})

15:49:02 executing program 5:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, 0x0)

15:49:02 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:02 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x600000000000000}})

15:49:02 executing program 5:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, 0x0)

15:49:02 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:02 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, 0x0, 0x0)
lstat(0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x10000, 0x26})

15:49:02 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1585.493478][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1585.606523][ T8067] CPU: 0 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1585.614371][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1585.624436][ T8067] Call Trace:
[ 1585.627750][ T8067]  dump_stack+0x1d8/0x2f8
[ 1585.632173][ T8067]  dump_header+0xdb/0xf40
[ 1585.636529][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1585.642369][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1585.647063][ T8067]  oom_kill_process+0x1a0/0x490
[ 1585.651928][ T8067]  out_of_memory+0x76e/0x9e0
[ 1585.656531][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1585.662019][ T8067]  ? kasan_check_read+0x11/0x20
[ 1585.668359][ T8067]  try_charge+0x12ba/0x1710
[ 1585.678500][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1585.684338][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1585.689214][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1585.694779][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1585.700002][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1585.704861][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1585.710417][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1585.715541][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1585.722424][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1585.727983][ T8067]  ? arch_stack_walk+0x98/0xe0
[ 1585.732847][ T8067]  ? kasan_check_write+0x14/0x20
[ 1585.737797][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1585.742885][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1585.748033][ T8067]  pte_alloc_one+0x1f/0x180
[ 1585.752551][ T8067]  __pte_alloc+0x20/0x2f0
15:49:02 executing program 5:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, 0x0)

15:49:02 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:02 executing program 5:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x0, 0x0, 0x10000, 0x26})

[ 1585.756879][ T8067]  copy_page_range+0x23d5/0x2900
[ 1585.761918][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1585.766622][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1585.771840][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1585.776883][ T8067]  dup_mmap+0xa2d/0xe90
[ 1585.781063][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1585.786185][ T8067]  ? kasan_check_write+0x14/0x20
[ 1585.791308][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1585.795569][ T8067]  dup_mm+0x9e/0x340
[ 1585.799472][ T8067]  copy_process+0x25ff/0x5c80
[ 1585.804179][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1585.808630][ T8067]  _do_fork+0x180/0x5f0
[ 1585.812798][ T8067]  ? dup_mm+0x340/0x340
[ 1585.816994][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1585.822376][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1585.828639][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1585.834773][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1585.841059][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1585.846631][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1585.852480][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1585.857092][ T8067]  do_syscall_64+0xfe/0x140
[ 1585.862699][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1585.872075][ T8067] RIP: 0033:0x457aea
[ 1585.876530][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1585.897419][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1585.906023][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1585.914111][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1585.922369][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1585.930522][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1585.938783][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1585.953415][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 53551
[ 1585.960516][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1585.968051][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1585.975001][ T8067] Memory cgroup stats for /syz0: cache:6512KB rss:101100KB rss_huge:0KB shmem:6512KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6504KB active_anon:101108KB inactive_file:0KB active_file:0KB unevictable:0KB
15:49:02 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00'}, 0x58)

15:49:02 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:02 executing program 5:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x0, 0x0, 0x10000, 0x26})

15:49:02 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:02 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:49:02 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x700000000000000}})

[ 1585.997361][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17398,uid=0
[ 1586.013228][ T8067] Memory cgroup out of memory: Killed process 17398 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1586.028172][ T1044] oom_reaper: reaped process 17398 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:49:03 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:03 executing program 5:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x0, 0x0, 0x10000, 0x26})

15:49:03 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800000000000000}})

15:49:03 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f0000000000)={0x2, [0xfff, 0x5]})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = socket(0x2, 0x2, 0x7f)
sendmsg$nl_route(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10020}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=@ipv6_getrule={0x20, 0x22, 0x11a, 0x70bd2b, 0x25dfdbfd, {0xa, 0x94, 0x10, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x3, 0x10000}, ["", "", "", "", "", "", "", "", "", ""]}, 0x20}, 0x1, 0x0, 0x0, 0x2000c0c0}, 0x840)

15:49:03 executing program 1:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x5c000000, 0x0, 0x0, 0x0, 0x0}})

15:49:03 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x900000000000000}})

[ 1586.338248][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1586.396244][ T8067] CPU: 0 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1586.404079][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1586.414147][ T8067] Call Trace:
[ 1586.417439][ T8067]  dump_stack+0x1d8/0x2f8
[ 1586.421773][ T8067]  dump_header+0xdb/0xf40
[ 1586.426109][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1586.431925][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1586.436633][ T8067]  oom_kill_process+0x1a0/0x490
[ 1586.441510][ T8067]  out_of_memory+0x76e/0x9e0
[ 1586.446103][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1586.451561][ T8067]  ? kasan_check_read+0x11/0x20
[ 1586.456422][ T8067]  try_charge+0x12ba/0x1710
[ 1586.460950][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1586.466774][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1586.471549][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1586.476493][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1586.482058][ T8067]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1586.487602][ T8067]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1586.493231][ T8067]  wp_page_copy+0x391/0x18e0
[ 1586.497848][ T8067]  ? reuse_swap_page+0xd47/0x1650
[ 1586.503017][ T8067]  ? rcu_lock_release+0x30/0x30
[ 1586.507852][ T8067]  ? kasan_check_read+0x11/0x20
[ 1586.512680][ T8067]  ? do_raw_spin_unlock+0x49/0x260
[ 1586.517787][ T8067]  do_wp_page+0x609/0x1ba0
[ 1586.522220][ T8067]  ? kasan_check_write+0x14/0x20
[ 1586.527176][ T8067]  ? __rwlock_init+0x130/0x130
[ 1586.531933][ T8067]  ? count_memcg_event_mm+0x300/0x300
[ 1586.537297][ T8067]  handle_mm_fault+0x29a6/0x6130
[ 1586.542419][ T8067]  ? finish_fault+0x220/0x220
[ 1586.547086][ T8067]  ? __down_read+0x1a0/0x1a0
[ 1586.551676][ T8067]  ? vmacache_find+0x251/0x5b0
[ 1586.556423][ T8067]  ? find_vma+0x30/0x150
[ 1586.560670][ T8067]  do_user_addr_fault+0x56f/0xaa0
[ 1586.565681][ T8067]  __do_page_fault+0xd3/0x1f0
[ 1586.570344][ T8067]  do_page_fault+0xce/0xe0
[ 1586.574770][ T8067]  ? page_fault+0x8/0x30
[ 1586.579014][ T8067]  page_fault+0x1e/0x30
[ 1586.583157][ T8067] RIP: 0033:0x457c0e
[ 1586.587049][ T8067] Code: 5c 41 5d 41 5e 5d c3 48 c7 c2 d4 ff ff ff f7 d8 41 bd ff ff ff ff 64 89 02 64 8b 04 25 d0 02 00 00 41 39 c4 0f 85 2f 01 00 00 <64> 44 89 04 25 d4 02 00 00 45 85 f6 0f 85 7f 00 00 00 48 85 db 74
[ 1586.606911][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00010246
[ 1586.612966][ T8067] RAX: 0000000000000001 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1586.620923][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1586.628877][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1586.636837][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1586.644796][ T8067] R13: 0000000000003a3b R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1586.653565][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 53600
[ 1586.660751][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1586.668264][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1586.675110][ T8067] Memory cgroup stats for /syz0: cache:6512KB rss:101100KB rss_huge:0KB shmem:6512KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6504KB active_anon:101108KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1586.697476][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17443,uid=0
[ 1586.712959][ T8067] Memory cgroup out of memory: Killed process 17443 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1586.727842][ T1044] oom_reaper: reaped process 17443 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
[ 1586.736555][T17469] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0
[ 1586.755125][T17469] CPU: 1 PID: 17469 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1586.763028][T17469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1586.773069][T17469] Call Trace:
[ 1586.776359][T17469]  dump_stack+0x1d8/0x2f8
[ 1586.780687][T17469]  dump_header+0xdb/0xf40
[ 1586.785013][T17469]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1586.791350][T17469]  ? ___ratelimit+0x447/0x5d0
[ 1586.796477][T17469]  oom_kill_process+0x1a0/0x490
[ 1586.801340][T17469]  out_of_memory+0x76e/0x9e0
[ 1586.805949][T17469]  ? unregister_oom_notifier+0x20/0x20
[ 1586.811503][T17469]  ? kasan_check_read+0x11/0x20
[ 1586.816347][T17469]  try_charge+0x12ba/0x1710
[ 1586.820882][T17469]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1586.826716][T17469]  ? rcu_lock_release+0x4/0x20
[ 1586.831577][T17469]  ? rcu_lock_release+0x15/0x20
[ 1586.836465][T17469]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1586.842010][T17469]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1586.847327][T17469]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1586.852986][T17469]  wp_page_copy+0x391/0x18e0
[ 1586.857584][T17469]  ? reuse_swap_page+0xd47/0x1650
[ 1586.862622][T17469]  ? rcu_lock_release+0x30/0x30
[ 1586.867482][T17469]  ? kasan_check_read+0x11/0x20
[ 1586.872334][T17469]  ? do_raw_spin_unlock+0x49/0x260
[ 1586.877450][T17469]  do_wp_page+0x609/0x1ba0
[ 1586.881852][T17469]  ? kasan_check_write+0x14/0x20
[ 1586.886780][T17469]  ? __rwlock_init+0x130/0x130
[ 1586.891705][T17469]  ? count_memcg_event_mm+0x300/0x300
[ 1586.897071][T17469]  handle_mm_fault+0x29a6/0x6130
[ 1586.902003][T17469]  ? finish_fault+0x220/0x220
[ 1586.906685][T17469]  ? vmacache_find+0x1fd/0x5b0
[ 1586.911451][T17469]  ? vmacache_update+0xb7/0x120
[ 1586.916289][T17469]  ? find_vma+0x13c/0x150
[ 1586.920600][T17469]  do_user_addr_fault+0x56f/0xaa0
[ 1586.925613][T17469]  __do_page_fault+0xd3/0x1f0
[ 1586.930275][T17469]  do_page_fault+0xce/0xe0
[ 1586.934674][T17469]  page_fault+0x1e/0x30
[ 1586.938840][T17469] RIP: 0010:__put_user_4+0x1c/0x30
[ 1586.943961][T17469] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 40 fd 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48
[ 1586.963567][T17469] RSP: 0018:ffff88803d787f08 EFLAGS: 00010293
[ 1586.969618][T17469] RAX: 0000000000003a3b RBX: 00007fffffffeffd RCX: 0000555556c9ac10
[ 1586.977579][T17469] RDX: dffffc0000000000 RSI: ffff88808edc0a20 RDI: 0000000000000282
[ 1586.985549][T17469] RBP: ffff88803d787f48 R08: dffffc0000000000 R09: ffffed1015d66bf8
[ 1586.993540][T17469] R10: ffffed1015d66bf8 R11: 1ffff11015d66bf7 R12: ffff8880aeb35100
[ 1587.001519][T17469] R13: dffffc0000000000 R14: 0000000000003a3b R15: ffff88808edc0728
[ 1587.009511][T17469]  ? schedule_tail+0xc9/0x1a0
[ 1587.014184][T17469]  ret_from_fork+0x8/0x30
[ 1587.018499][T17469] RIP: 0033:0x457aea
[ 1587.022383][T17469] Code: Bad RIP value.
[ 1587.026434][T17469] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1587.034839][T17469] RAX: 0000000000000000 RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1587.042799][T17469] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1587.050756][T17469] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1587.058714][T17469] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1587.066671][T17469] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1587.077360][T17469] memory: usage 306916kB, limit 307200kB, failcnt 53602
[ 1587.084355][T17469] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1587.091869][T17469] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1587.098772][T17469] Memory cgroup stats for /syz0: cache:6504KB rss:100996KB rss_huge:0KB shmem:6504KB mapped_file:3212KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6496KB active_anon:101004KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1587.120848][T17469] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6748,uid=0
15:49:04 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\f\x00'}, 0x58)

15:49:04 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:04 executing program 5:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400, 0x0, 0x0, 0x26})

15:49:04 executing program 2:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x40000, 0x0)
r1 = fcntl$getown(0xffffffffffffff9c, 0x9)
write$P9_RGETLOCK(r0, &(0x7f0000000040)={0x2b, 0x37, 0x1, {0x2, 0x7f, 0x4, r1, 0xd, '/dev/video35\x00'}}, 0x2b)
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r2, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:04 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa00000000000000}})

15:49:04 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0xffffffffffffffff, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

[ 1587.136282][T17469] Memory cgroup out of memory: Killed process 6748 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1587.151060][ T1044] oom_reaper: reaped process 6748 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:49:04 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb00000000000000}})

15:49:04 executing program 5:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400})

15:49:04 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:04 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x400, 0x0)
ioctl$VIDIOC_DBG_G_CHIP_INFO(r0, 0xc0c85666, &(0x7f00000000c0)={{0x5, @addr=0x101}, "f0ae8150c164f83593cc4d2812ed9656de6075ba1002d1ad8b491d4f8e6da1b4", 0x1})
setsockopt$IP_VS_SO_SET_EDIT(r1, 0x0, 0x483, &(0x7f0000000040)={0x7f, @broadcast, 0x4e20, 0x2, 'ovf\x00', 0x36, 0x1, 0x74}, 0x2c)

15:49:04 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0xffffffffffffffff, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

[ 1587.341468][T17510] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1587.373463][T17510] CPU: 0 PID: 17510 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1587.381493][T17510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1587.381506][T17510] Call Trace:
[ 1587.394874][T17510]  dump_stack+0x1d8/0x2f8
[ 1587.399312][T17510]  dump_header+0xdb/0xf40
[ 1587.403654][T17510]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1587.409480][T17510]  ? ___ratelimit+0x447/0x5d0
[ 1587.414176][T17510]  oom_kill_process+0x1a0/0x490
[ 1587.419476][T17510]  out_of_memory+0x76e/0x9e0
[ 1587.424080][T17510]  ? unregister_oom_notifier+0x20/0x20
[ 1587.429553][T17510]  ? kasan_check_read+0x11/0x20
[ 1587.434419][T17510]  try_charge+0x12ba/0x1710
[ 1587.438967][T17510]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1587.444820][T17510]  ? rcu_lock_release+0x4/0x20
[ 1587.444840][T17510]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1587.444854][T17510]  ? memcg_kmem_put_cache+0x70/0x70
[ 1587.444868][T17510]  ? rcu_lock_release+0x15/0x20
[ 1587.465487][T17510]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1587.471927][T17510]  __memcg_kmem_charge+0x118/0x2f0
[ 1587.477259][T17510]  __alloc_pages_nodemask+0x377/0x790
[ 1587.483091][T17510]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1587.488752][T17510]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1587.494583][T17510]  ? copy_process+0x599/0x5c80
[ 1587.499394][T17510]  copy_process+0x613/0x5c80
[ 1587.504112][T17510]  ? fork_idle+0x1b0/0x1b0
[ 1587.508668][T17510]  _do_fork+0x180/0x5f0
[ 1587.512939][T17510]  ? dup_mm+0x340/0x340
[ 1587.517283][T17510]  ? debug_smp_processor_id+0x1c/0x20
[ 1587.522972][T17510]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1587.529052][T17510]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1587.534970][T17510]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1587.540654][T17510]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1587.546130][T17510]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1587.551884][T17510]  __x64_sys_clone+0xc1/0xd0
[ 1587.556765][T17510]  do_syscall_64+0xfe/0x140
[ 1587.561566][T17510]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1587.567463][T17510] RIP: 0033:0x459519
15:49:04 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

[ 1587.571455][T17510] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1587.598031][T17510] RSP: 002b:00007f6872e3cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1587.614556][T17510] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459519
[ 1587.624656][T17510] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 04000000000003fe
[ 1587.633363][T17510] RBP: 000000000075bfc8 R08: ffffffffffffffff R09: 0000000000000000
[ 1587.642698][T17510] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e3d6d4
[ 1587.642706][T17510] R13: 00000000004bf97d R14: 00000000004d1358 R15: 00000000ffffffff
[ 1587.670246][T17510] memory: usage 307120kB, limit 307200kB, failcnt 53621
[ 1587.701629][T17510] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1587.710761][T17510] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1587.720571][T17510] Memory cgroup stats for /syz0: cache:6516KB rss:101088KB rss_huge:0KB shmem:6512KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6504KB active_anon:101096KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1587.778884][T17510] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6769,uid=0
15:49:04 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\r\x00'}, 0x58)

15:49:04 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
times(&(0x7f0000000000))
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:04 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:04 executing program 5:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x0, 0x400})

15:49:04 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc00000000000000}})

15:49:04 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

[ 1587.835014][T17510] Memory cgroup out of memory: Killed process 6769 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:49:04 executing program 2:
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpuacct.usage_percpu_user\x00', 0x0, 0x0)
ioctl$VIDIOC_CROPCAP(r0, 0xc02c563a, &(0x7f00000001c0)={0x4, {0xffffffff, 0xf9, 0x5, 0x401}, {0x1c9e, 0x6, 0x87, 0x1}, {0xed3, 0x8a5}})
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x400000, 0x0)
ioctl$CAPI_GET_ERRCODE(r1, 0x80024321, &(0x7f0000000000))
syz_kvm_setup_cpu$x86(r0, r1, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000000c0)="0f019caed8df0e940f0120c4839d6da7827c2f690866460f182667660fe3bda2470000b9800000c00f3235008000000f3066b86e008ed066440fc73067660f38813c2ab9800000c00f3235000100000f30", 0x51}], 0x1, 0x4, &(0x7f0000000180)=[@dstype3={0x7, 0xc}], 0x1)

15:49:04 executing program 5:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:49:04 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd00000000000000}})

15:49:04 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:04 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:49:05 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00000000000000}})

[ 1588.203933][T17554] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1588.241700][T17554] CPU: 0 PID: 17554 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1588.249633][T17554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1588.259704][T17554] Call Trace:
[ 1588.259728][T17554]  dump_stack+0x1d8/0x2f8
[ 1588.259744][T17554]  dump_header+0xdb/0xf40
[ 1588.259757][T17554]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1588.259768][T17554]  ? ___ratelimit+0x447/0x5d0
[ 1588.259782][T17554]  oom_kill_process+0x1a0/0x490
[ 1588.259800][T17554]  out_of_memory+0x76e/0x9e0
[ 1588.259821][T17554]  ? unregister_oom_notifier+0x20/0x20
[ 1588.267425][T17554]  ? kasan_check_read+0x11/0x20
[ 1588.267441][T17554]  try_charge+0x12ba/0x1710
[ 1588.267470][T17554]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1588.267492][T17554]  ? rcu_lock_release+0x4/0x20
[ 1588.267508][T17554]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1588.267520][T17554]  ? memcg_kmem_put_cache+0x70/0x70
[ 1588.267533][T17554]  ? rcu_lock_release+0x15/0x20
[ 1588.267541][T17554]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1588.267551][T17554]  __memcg_kmem_charge+0x118/0x2f0
[ 1588.267567][T17554]  __alloc_pages_nodemask+0x377/0x790
[ 1588.267588][T17554]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1588.278023][T17554]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1588.278042][T17554]  ? copy_process+0x599/0x5c80
[ 1588.278055][T17554]  copy_process+0x613/0x5c80
[ 1588.278076][T17554]  ? percpu_counter_add_batch+0x169/0x190
[ 1588.278087][T17554]  ? alloc_file+0x89/0x4c0
[ 1588.278109][T17554]  ? fork_idle+0x1b0/0x1b0
[ 1588.288853][T17554]  _do_fork+0x180/0x5f0
[ 1588.288871][T17554]  ? dup_mm+0x340/0x340
[ 1588.288885][T17554]  ? debug_smp_processor_id+0x1c/0x20
[ 1588.288895][T17554]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1588.288908][T17554]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1588.288918][T17554]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1588.288927][T17554]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1588.288937][T17554]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1588.288953][T17554]  __x64_sys_clone+0xc1/0xd0
[ 1588.435897][T17554]  do_syscall_64+0xfe/0x140
[ 1588.440412][T17554]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1588.446316][T17554] RIP: 0033:0x459519
[ 1588.450200][T17554] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1588.470351][T17554] RSP: 002b:00007f6872e5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1588.478923][T17554] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459519
[ 1588.487405][T17554] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 04000000000003fe
[ 1588.496149][T17554] RBP: 000000000075bf20 R08: ffffffffffffffff R09: 0000000000000000
[ 1588.507968][T17554] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e5e6d4
[ 1588.519221][T17554] R13: 00000000004bf97d R14: 00000000004d1358 R15: 00000000ffffffff
[ 1588.527782][T17554] memory: usage 307140kB, limit 307200kB, failcnt 53656
[ 1588.535642][T17554] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1588.543324][T17554] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1588.550298][T17554] Memory cgroup stats for /syz0: cache:6512KB rss:101088KB rss_huge:0KB shmem:6512KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6504KB active_anon:101096KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1588.572584][T17554] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17506,uid=0
[ 1588.588601][T17554] Memory cgroup out of memory: Killed process 17506 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:49:05 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0e\x00'}, 0x58)

15:49:05 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:05 executing program 2:
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)

15:49:05 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:49:05 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000}})

15:49:05 executing program 5:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe00000000000000}})

[ 1588.603564][ T1044] oom_reaper: reaped process 17506 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:49:05 executing program 5:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:49:05 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000}})

15:49:05 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000000)={0x18000000000, 0x3ff})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:05 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:05 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(0xffffffffffffffff, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))

15:49:05 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1588.966268][T17607] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1588.978967][T17607] CPU: 1 PID: 17607 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1588.986899][T17607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1588.997012][T17607] Call Trace:
[ 1589.000312][T17607]  dump_stack+0x1d8/0x2f8
[ 1589.004651][T17607]  dump_header+0xdb/0xf40
[ 1589.009119][T17607]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1589.014934][T17607]  ? ___ratelimit+0x447/0x5d0
[ 1589.019602][T17607]  oom_kill_process+0x1a0/0x490
[ 1589.024443][T17607]  out_of_memory+0x76e/0x9e0
[ 1589.029039][T17607]  ? unregister_oom_notifier+0x20/0x20
[ 1589.034589][T17607]  ? kasan_check_read+0x11/0x20
[ 1589.039435][T17607]  try_charge+0x12ba/0x1710
[ 1589.043939][T17607]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1589.049741][T17607]  ? rcu_lock_release+0x4/0x20
[ 1589.054507][T17607]  ? rcu_lock_release+0x15/0x20
[ 1589.059342][T17607]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1589.064868][T17607]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1589.071096][T17607]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1589.076718][T17607]  shmem_getpage_gfp+0x1052/0x2dd0
[ 1589.081833][T17607]  ? shmem_getpage+0xa0/0xa0
[ 1589.086412][T17607]  ? iov_iter_fault_in_readable+0x2ba/0x5c0
[ 1589.092292][T17607]  shmem_write_begin+0xcb/0x1b0
[ 1589.097157][T17607]  generic_perform_write+0x2ac/0x550
[ 1589.102446][T17607]  ? grab_cache_page_write_begin+0xa0/0xa0
[ 1589.108242][T17607]  ? file_remove_privs+0x600/0x600
[ 1589.113348][T17607]  ? lock_acquire+0x158/0x250
[ 1589.118012][T17607]  __generic_file_write_iter+0x24b/0x520
[ 1589.123653][T17607]  generic_file_write_iter+0x41d/0x5a0
[ 1589.129102][T17607]  __vfs_write+0x617/0x7d0
[ 1589.133522][T17607]  ? __kernel_write+0x330/0x330
[ 1589.138810][T17607]  ? preempt_schedule+0xdb/0x120
[ 1589.143747][T17607]  ? __sb_start_write+0x18c/0x360
[ 1589.148766][T17607]  ? __sb_start_write+0x30f/0x360
[ 1589.153778][T17607]  ? __sb_start_write+0x314/0x360
[ 1589.158817][T17607]  ? kasan_check_read+0x11/0x20
[ 1589.163808][T17607]  vfs_write+0x227/0x510
[ 1589.168047][T17607]  ksys_write+0x16b/0x2a0
[ 1589.172370][T17607]  ? __ia32_sys_read+0x90/0x90
[ 1589.177151][T17607]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1589.182877][T17607]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1589.188502][T17607]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1589.194214][T17607]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1589.199935][T17607]  ? do_syscall_64+0x1d/0x140
[ 1589.204634][T17607]  __x64_sys_write+0x7b/0x90
[ 1589.209256][T17607]  do_syscall_64+0xfe/0x140
[ 1589.214964][T17607]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1589.220847][T17607] RIP: 0033:0x459519
[ 1589.224733][T17607] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1589.257505][T17607] RSP: 002b:00007f6872e5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1589.265920][T17607] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459519
[ 1589.273901][T17607] RDX: 0000000000000001 RSI: 00000000200004c0 RDI: 0000000000000005
[ 1589.281867][T17607] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1589.289828][T17607] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e5e6d4
[ 1589.297806][T17607] R13: 00000000004c58be R14: 00000000004df8c0 R15: 00000000ffffffff
[ 1589.307708][T17607] memory: usage 307200kB, limit 307200kB, failcnt 53704
[ 1589.314765][T17607] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1589.322361][T17607] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1589.329288][T17607] Memory cgroup stats for /syz0: cache:6508KB rss:101088KB rss_huge:0KB shmem:6508KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6500KB active_anon:101096KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1589.351402][T17607] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17566,uid=0
[ 1589.366893][T17607] Memory cgroup out of memory: Killed process 17566 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1589.382022][ T1044] oom_reaper: reaped process 17566 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
[ 1589.385469][T17592] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1589.404364][T17592] CPU: 1 PID: 17592 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1589.412272][T17592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1589.422487][T17592] Call Trace:
[ 1589.425767][T17592]  dump_stack+0x1d8/0x2f8
[ 1589.430089][T17592]  dump_header+0xdb/0xf40
[ 1589.434508][T17592]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1589.440306][T17592]  ? ___ratelimit+0x447/0x5d0
[ 1589.445002][T17592]  oom_kill_process+0x1a0/0x490
[ 1589.449875][T17592]  out_of_memory+0x76e/0x9e0
[ 1589.454574][T17592]  ? unregister_oom_notifier+0x20/0x20
[ 1589.460110][T17592]  ? kasan_check_read+0x11/0x20
[ 1589.464952][T17592]  try_charge+0x12ba/0x1710
[ 1589.469452][T17592]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1589.475250][T17592]  ? rcu_lock_release+0x4/0x20
[ 1589.480031][T17592]  ? rcu_lock_release+0x15/0x20
[ 1589.484868][T17592]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1589.490407][T17592]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1589.495710][T17592]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1589.501375][T17592]  handle_mm_fault+0x3238/0x6130
[ 1589.506480][T17592]  ? vm_mmap_pgoff+0x1a4/0x240
[ 1589.511286][T17592]  ? finish_fault+0x220/0x220
[ 1589.515972][T17592]  ? __down_read+0x1a0/0x1a0
[ 1589.520545][T17592]  ? vmacache_find+0x51b/0x5b0
[ 1589.525305][T17592]  ? vmacache_update+0xb7/0x120
[ 1589.530152][T17592]  ? find_vma+0x13c/0x150
[ 1589.534493][T17592]  do_user_addr_fault+0x56f/0xaa0
[ 1589.539529][T17592]  __do_page_fault+0xd3/0x1f0
[ 1589.544560][T17592]  do_page_fault+0xce/0xe0
[ 1589.548964][T17592]  ? page_fault+0x8/0x30
[ 1589.553191][T17592]  page_fault+0x1e/0x30
[ 1589.557440][T17592] RIP: 0033:0x410e5f
[ 1589.561342][T17592] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41
[ 1589.581155][T17592] RSP: 002b:00007ffff6b9e490 EFLAGS: 00010206
[ 1589.587212][T17592] RAX: 00007f6872dfc000 RBX: 0000000000020000 RCX: 000000000045956a
[ 1589.595363][T17592] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000
[ 1589.603325][T17592] RBP: 00007ffff6b9e570 R08: ffffffffffffffff R09: 0000000000000000
[ 1589.611288][T17592] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffff6b9e660
[ 1589.619251][T17592] R13: 00007f6872e1c700 R14: 0000000000000002 R15: 000000000075c07c
[ 1589.628145][T17592] memory: usage 306872kB, limit 307200kB, failcnt 53704
[ 1589.635094][T17592] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1589.642668][T17592] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:49:06 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00'}, 0x58)

15:49:06 executing program 5:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:49:06 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1200000000000000}})

15:49:06 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:06 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r0, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})

15:49:06 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1589.649713][T17592] Memory cgroup stats for /syz0: cache:6500KB rss:100972KB rss_huge:0KB shmem:6500KB mapped_file:3212KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6492KB active_anon:100980KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1589.671805][T17592] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6834,uid=0
[ 1589.687286][T17592] Memory cgroup out of memory: Killed process 6834 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:49:06 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000000000}})

15:49:06 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:06 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

15:49:06 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
socketpair(0x7, 0x0, 0x8, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
setsockopt$inet6_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000040), 0x4)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:06 executing program 5:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:49:06 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x12\x00'}, 0x58)

15:49:06 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)

15:49:06 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2500000000000000}})

15:49:06 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:07 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x200100, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0)

15:49:07 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00'}, 0x58)

15:49:07 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)

15:49:07 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000000000000}})

15:49:07 executing program 5:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:49:07 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:07 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)

15:49:07 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:07 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5c00000000000000}})

15:49:07 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:07 executing program 5:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r1 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r1, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:49:07 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe7ffffffffffffff}})

15:49:07 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000000c0)={0x1f, 0x7, 0x1, {0xb, @pix_mp={0x9, 0x4, 0x0, 0x5, 0x2, [{0x3, 0xa90b}, {0x1, 0x5e}, {0x10000, 0x4}, {0x5, 0x20}, {0x81, 0x800}, {0x4, 0x1}, {0x3, 0x952}, {0x1b, 0x1}], 0x1, 0x0, 0x6, 0x2, 0x5}}})

[ 1590.494538][T17694] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1590.557462][T17694] CPU: 0 PID: 17694 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1590.566272][T17694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1590.577133][T17694] Call Trace:
[ 1590.580582][T17694]  dump_stack+0x1d8/0x2f8
[ 1590.585431][T17694]  dump_header+0xdb/0xf40
[ 1590.592137][T17694]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1590.598611][T17694]  ? ___ratelimit+0x447/0x5d0
[ 1590.603491][T17694]  oom_kill_process+0x1a0/0x490
[ 1590.609808][T17694]  out_of_memory+0x76e/0x9e0
[ 1590.609822][T17694]  ? unregister_oom_notifier+0x20/0x20
[ 1590.609833][T17694]  ? kasan_check_read+0x11/0x20
[ 1590.609855][T17694]  try_charge+0x12ba/0x1710
[ 1590.609883][T17694]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1590.609905][T17694]  ? rcu_lock_release+0x4/0x20
[ 1590.609920][T17694]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1590.609939][T17694]  ? memcg_kmem_put_cache+0x70/0x70
[ 1590.620562][T17694]  ? rcu_lock_release+0x15/0x20
[ 1590.620572][T17694]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1590.620583][T17694]  __memcg_kmem_charge+0x118/0x2f0
[ 1590.620600][T17694]  __alloc_pages_nodemask+0x377/0x790
[ 1590.620612][T17694]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1590.620625][T17694]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1590.620643][T17694]  ? copy_process+0x599/0x5c80
[ 1590.620655][T17694]  copy_process+0x613/0x5c80
[ 1590.620669][T17694]  ? psi_memstall_leave+0xf7/0x130
[ 1590.620695][T17694]  ? trace_lock_acquire+0x190/0x190
[ 1590.620705][T17694]  ? fork_idle+0x1b0/0x1b0
[ 1590.620715][T17694]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1590.620736][T17694]  ? trace_mm_vmscan_memcg_reclaim_end+0x213/0x250
[ 1590.620752][T17694]  ? try_to_free_mem_cgroup_pages+0x335/0x570
[ 1590.727401][T17694]  ? kasan_check_write+0x14/0x20
[ 1590.732352][T17694]  ? check_preemption_disabled+0x47/0x280
[ 1590.738084][T17694]  _do_fork+0x180/0x5f0
[ 1590.742254][T17694]  ? dup_mm+0x340/0x340
[ 1590.746420][T17694]  ? switch_fpu_return+0x1ca/0x290
[ 1590.751539][T17694]  ? copy_init_fpstate_to_fpregs+0x150/0x150
[ 1590.757611][T17694]  ? css_put+0xfe/0x180
[ 1590.761806][T17694]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1590.767267][T17694]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1590.767281][T17694]  __x64_sys_clone+0xc1/0xd0
[ 1590.767296][T17694]  do_syscall_64+0xfe/0x140
[ 1590.767310][T17694]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1590.767319][T17694] RIP: 0033:0x45bee9
[ 1590.767329][T17694] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 1590.767335][T17694] RSP: 002b:00007ffff6b9e448 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1590.767345][T17694] RAX: ffffffffffffffda RBX: 00007f6872e3d700 RCX: 000000000045bee9
[ 1590.767351][T17694] RDX: 00007f6872e3d9d0 RSI: 00007f6872e3cdb0 RDI: 00000000003d0f00
[ 1590.767357][T17694] RBP: 00007ffff6b9e660 R08: 00007f6872e3d700 R09: 00007f6872e3d700
[ 1590.767363][T17694] R10: 00007f6872e3d9d0 R11: 0000000000000202 R12: 0000000000000000
[ 1590.767369][T17694] R13: 00007ffff6b9e4ff R14: 00007f6872e3d9c0 R15: 000000000075bfd4
[ 1590.768683][T17694] memory: usage 307144kB, limit 307200kB, failcnt 53726
[ 1590.778193][T17694] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1590.877621][T17694] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1590.884540][T17694] Memory cgroup stats for /syz0: cache:6512KB rss:101084KB rss_huge:0KB shmem:6512KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6504KB active_anon:101092KB inactive_file:0KB active_file:0KB unevictable:0KB
15:49:07 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00'}, 0x58)

15:49:07 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:07 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f00000009c0)={{{@in6=@remote, @in=@remote}}, {{@in6=@dev}, 0x0, @in6=@mcast2}}, &(0x7f0000000380)=0xe8)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

15:49:07 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffff00000000}})

15:49:07 executing program 5:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r1 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r1, 0xd, &(0x7f00000004c0)=""/101)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:49:07 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video35\x00', 0x2, 0x0)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/dev_snmp6\x00')
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r1, 0x84, 0x6b, &(0x7f00000000c0)=[@in6={0xa, 0x4e21, 0x6, @rand_addr="6ea64d444c5826538b1267ba90cf2cae", 0x8}], 0x1c)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x20800, 0x0)
ioctl$UI_GET_VERSION(r2, 0x8004552d, &(0x7f0000000040))

[ 1590.909030][T17694] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6909,uid=0
[ 1590.924947][T17694] Memory cgroup out of memory: Killed process 6909 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:49:07 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

15:49:07 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:07 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f00000001c0)=<r1=>0x0)
r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/qat_adf_ctl\x00', 0x80000, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000002c0)={0xffffffffffffffff, r0, 0x0, 0xd, &(0x7f0000000280)='/dev/usbmon#\x00', <r3=>0x0}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000300)={r1, r2, 0x0, 0xd, &(0x7f0000000240)='/dev/video35\x00', r3}, 0x30)
ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000000)=<r4=>0x0)
r5 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x54cf, 0x2)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffff9c, 0x0, 0xd, &(0x7f0000000100)='/dev/video35\x00', <r6=>0xffffffffffffffff}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={r4, r5, 0x0, 0x1, &(0x7f00000000c0)='\x00', r6}, 0x30)

15:49:08 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfdfdffffffffffff}})

15:49:08 executing program 5:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r1 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r1, 0xd, &(0x7f00000004c0)=""/101)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:49:08 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1591.156711][T17733] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1591.211108][T17733] CPU: 1 PID: 17733 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1591.219041][T17733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1591.229103][T17733] Call Trace:
[ 1591.232398][T17733]  dump_stack+0x1d8/0x2f8
[ 1591.236739][T17733]  dump_header+0xdb/0xf40
[ 1591.241078][T17733]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1591.246890][T17733]  ? ___ratelimit+0x447/0x5d0
[ 1591.251576][T17733]  oom_kill_process+0x1a0/0x490
[ 1591.256515][T17733]  out_of_memory+0x76e/0x9e0
[ 1591.261109][T17733]  ? unregister_oom_notifier+0x20/0x20
[ 1591.266575][T17733]  ? kasan_check_read+0x11/0x20
[ 1591.271431][T17733]  try_charge+0x12ba/0x1710
[ 1591.275961][T17733]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1591.281785][T17733]  ? rcu_lock_release+0x4/0x20
[ 1591.286556][T17733]  ? rcu_lock_release+0x15/0x20
[ 1591.291516][T17733]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1591.297068][T17733]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1591.302374][T17733]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1591.308039][T17733]  wp_page_copy+0x391/0x18e0
[ 1591.308058][T17733]  ? reuse_swap_page+0xd47/0x1650
[ 1591.308070][T17733]  ? rcu_lock_release+0x30/0x30
[ 1591.308087][T17733]  ? kasan_check_read+0x11/0x20
[ 1591.317672][T17733]  ? do_raw_spin_unlock+0x49/0x260
[ 1591.317686][T17733]  do_wp_page+0x609/0x1ba0
[ 1591.317710][T17733]  ? kasan_check_write+0x14/0x20
[ 1591.317726][T17733]  ? __rwlock_init+0x130/0x130
[ 1591.317736][T17733]  ? count_memcg_event_mm+0x300/0x300
[ 1591.317758][T17733]  handle_mm_fault+0x29a6/0x6130
[ 1591.363708][T17733]  ? finish_fault+0x220/0x220
[ 1591.368388][T17733]  ? __down_read+0x1a0/0x1a0
[ 1591.372959][T17733]  ? vmacache_find+0x51b/0x5b0
[ 1591.377716][T17733]  ? vmacache_update+0xb7/0x120
[ 1591.382561][T17733]  ? find_vma+0x13c/0x150
[ 1591.386878][T17733]  do_user_addr_fault+0x56f/0xaa0
[ 1591.391882][T17733]  __do_page_fault+0xd3/0x1f0
[ 1591.396534][T17733]  do_page_fault+0xce/0xe0
[ 1591.400932][T17733]  ? page_fault+0x8/0x30
[ 1591.405167][T17733]  page_fault+0x1e/0x30
[ 1591.409311][T17733] RIP: 0033:0x40c762
[ 1591.413186][T17733] Code: 50 80 60 20 01 48 89 48 10 48 8b 4c 24 60 48 89 48 18 8b 4c 24 68 89 48 24 8b 4c 24 30 89 48 28 31 c0 48 8b 8c 04 20 01 00 00 <48> 89 8c 02 50 bf 75 00 48 83 c0 08 48 83 f8 48 75 e6 49 63 c6 0f
[ 1591.432779][T17733] RSP: 002b:00007ffff6b9e580 EFLAGS: 00010287
[ 1591.438840][T17733] RAX: 0000000000000008 RBX: 0000000000000064 RCX: 0000000000002000
[ 1591.446796][T17733] RDX: 00000000000000a8 RSI: 00007f6872e3cdb0 RDI: 000000000075bfd0
[ 1591.454850][T17733] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007f6872e3d700
[ 1591.462818][T17733] R10: 00007f6872e3d9d0 R11: 0000000000000202 R12: 000000000075bfc8
[ 1591.470774][T17733] R13: 0000000000000006 R14: 0000000000000001 R15: 000000000075bfd4
[ 1591.543312][T17733] memory: usage 307140kB, limit 307200kB, failcnt 53751
[ 1591.550427][T17733] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1591.563006][T17733] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:49:08 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00'}, 0x58)

15:49:08 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:08 executing program 2:
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:08 executing program 1:
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

15:49:08 executing program 5:
r0 = syz_open_dev$usbmon(0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x80)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x3f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_mtu(r0, 0x0, 0xa, 0x0, &(0x7f0000000400))
r1 = shmget(0x1, 0x3000, 0x12a0, &(0x7f0000ffb000/0x3000)=nil)
stat(&(0x7f0000000880)='./file0\x00', &(0x7f0000000c40))
shmctl$SHM_STAT(r1, 0xd, &(0x7f00000004c0)=""/101)
lstat(&(0x7f0000000580)='./file0\x00', &(0x7f00000002c0))
r2 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r2, 0x1276, 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000080)={[], 0x8000, 0x400, 0x2, 0x10000, 0x26})
timerfd_settime(r0, 0x1, &(0x7f0000000000)={{0x77359400}, {0x0, 0x989680}}, &(0x7f0000000240))
socket$inet(0x2, 0x1, 0x0)

15:49:08 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfecaedfe00000000}})

[ 1591.570995][T17733] Memory cgroup stats for /syz0: cache:6516KB rss:101080KB rss_huge:0KB shmem:6512KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6504KB active_anon:101088KB inactive_file:0KB active_file:4KB unevictable:0KB
[ 1591.594655][T17733] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17703,uid=0
[ 1591.610214][T17733] Memory cgroup out of memory: Killed process 17703 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1591.625050][ T1044] oom_reaper: reaped process 17703 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:49:08 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = openat(0xffffffffffffffff, &(0x7f0000000200)='./file0\x00', 0x4000, 0x201)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000280)=ANY=[@ANYBLOB='\a\x00@\x00', @ANYRES32=<r2=>0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000300)={r2, @in6={{0xa, 0x4e24, 0x10000, @loopback, 0x1}}, [0x603, 0x0, 0x8, 0x3f, 0x0, 0xd28, 0x80, 0x8, 0x0, 0xacc, 0x100000000, 0x10000, 0x1, 0x9, 0x7]}, &(0x7f0000000400)=0x100)
ioctl$UI_BEGIN_FF_UPLOAD(r1, 0xc06855c8, &(0x7f00000000c0)={0x0, 0x5, {0x51, 0xb2e7, 0x3474, {0x2, 0x6}, {0x1, 0x289}, @rumble={0xeb49, 0x50}}, {0x53, 0x5, 0xe6b3, {0x1ff80, 0x661}, {0x100000000, 0x6}, @ramp={0x9, 0x6, {0x6, 0x2, 0x9, 0x7}}}})
ioctl$VIDIOC_S_AUDOUT(r1, 0x40345632, &(0x7f0000000000)={0x9, "8bbaa266d6f7a24e105d647db299559266fad1ba421b91b945f6fb39cd0dd520", 0x2, 0x1})
fstatfs(r1, &(0x7f0000000240)=""/54)
ioctl$VIDIOC_G_AUDOUT(r1, 0x80345631, &(0x7f0000000040))
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$KVM_TPR_ACCESS_REPORTING(r1, 0xc028ae92, &(0x7f0000000440)={0x3, 0xc53})
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000000140)={{0x8, 0x7fff}, 'port0\x00', 0x0, 0x100000, 0x7fffffff, 0x100, 0x7435, 0x9, 0x682, 0x0, 0x1, 0x9})

15:49:08 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000}})

15:49:08 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

15:49:08 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:08 executing program 1:
r0 = syz_open_dev$loop(0x0, 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

15:49:08 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffdfd}})

[ 1591.900439][T17771] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1591.934153][T17771] CPU: 1 PID: 17771 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1591.942093][T17771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1591.952253][T17771] Call Trace:
[ 1591.955555][T17771]  dump_stack+0x1d8/0x2f8
[ 1591.959911][T17771]  dump_header+0xdb/0xf40
[ 1591.964271][T17771]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1591.970095][T17771]  ? ___ratelimit+0x447/0x5d0
[ 1591.974795][T17771]  oom_kill_process+0x1a0/0x490
[ 1591.979869][T17771]  out_of_memory+0x76e/0x9e0
[ 1591.984581][T17771]  ? unregister_oom_notifier+0x20/0x20
[ 1591.990585][T17771]  ? kasan_check_read+0x11/0x20
[ 1591.990601][T17771]  try_charge+0x12ba/0x1710
[ 1591.990630][T17771]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1591.990648][T17771]  ? rcu_lock_release+0x4/0x20
[ 1592.005803][T17771]  ? rcu_lock_release+0x15/0x20
[ 1592.005814][T17771]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1592.005828][T17771]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1592.015530][T17771]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1592.015544][T17771]  wp_page_copy+0x391/0x18e0
[ 1592.015562][T17771]  ? reuse_swap_page+0xd47/0x1650
[ 1592.026469][T17771]  ? rcu_lock_release+0x30/0x30
[ 1592.026488][T17771]  ? kasan_check_read+0x11/0x20
[ 1592.026499][T17771]  ? do_raw_spin_unlock+0x49/0x260
[ 1592.026515][T17771]  do_wp_page+0x609/0x1ba0
[ 1592.061060][T17771]  ? kasan_check_write+0x14/0x20
[ 1592.066013][T17771]  ? __rwlock_init+0x130/0x130
[ 1592.070814][T17771]  ? count_memcg_event_mm+0x300/0x300
[ 1592.076206][T17771]  handle_mm_fault+0x29a6/0x6130
[ 1592.081180][T17771]  ? finish_fault+0x220/0x220
[ 1592.085893][T17771]  ? __down_read+0x1a0/0x1a0
[ 1592.090498][T17771]  ? vmacache_find+0x51b/0x5b0
[ 1592.095269][T17771]  ? vmacache_update+0xb7/0x120
[ 1592.100130][T17771]  ? find_vma+0x13c/0x150
[ 1592.104462][T17771]  do_user_addr_fault+0x56f/0xaa0
[ 1592.109504][T17771]  __do_page_fault+0xd3/0x1f0
[ 1592.114191][T17771]  do_page_fault+0xce/0xe0
[ 1592.118633][T17771]  ? page_fault+0x8/0x30
[ 1592.122977][T17771]  page_fault+0x1e/0x30
[ 1592.127136][T17771] RIP: 0033:0x40c762
[ 1592.131030][T17771] Code: 50 80 60 20 01 48 89 48 10 48 8b 4c 24 60 48 89 48 18 8b 4c 24 68 89 48 24 8b 4c 24 30 89 48 28 31 c0 48 8b 8c 04 20 01 00 00 <48> 89 8c 02 50 bf 75 00 48 83 c0 08 48 83 f8 48 75 e6 49 63 c6 0f
[ 1592.150885][T17771] RSP: 002b:00007ffff6b9e580 EFLAGS: 00010287
[ 1592.156946][T17771] RAX: 0000000000000008 RBX: 0000000000000064 RCX: 0000000000002000
[ 1592.164910][T17771] RDX: 00000000000000a8 RSI: 00007f6872e3cdb0 RDI: 000000000075bfd0
[ 1592.172981][T17771] RBP: 0000000000000000 R08: 0000000000000000 R09: 00007f6872e3d700
[ 1592.181022][T17771] R10: 00007f6872e3d9d0 R11: 0000000000000202 R12: 000000000075bfc8
[ 1592.188983][T17771] R13: 0000000000000006 R14: 0000000000000001 R15: 000000000075bfd4
[ 1592.198946][T17771] memory: usage 307200kB, limit 307200kB, failcnt 53800
[ 1592.206108][T17771] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1592.214121][T17771] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1592.221253][T17771] Memory cgroup stats for /syz0: cache:6508KB rss:101084KB rss_huge:0KB shmem:6508KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6500KB active_anon:101092KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1592.243502][T17771] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17740,uid=0
[ 1592.272078][T17771] Memory cgroup out of memory: Killed process 17740 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1592.301009][ T1044] oom_reaper: reaped process 17740 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
[ 1592.301127][T17776] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1592.340731][T17776] CPU: 0 PID: 17776 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1592.353460][T17776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1592.368003][T17776] Call Trace:
[ 1592.371292][T17776]  dump_stack+0x1d8/0x2f8
[ 1592.375709][T17776]  dump_header+0xdb/0xf40
[ 1592.380288][T17776]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1592.386108][T17776]  ? ___ratelimit+0x447/0x5d0
[ 1592.390784][T17776]  oom_kill_process+0x1a0/0x490
[ 1592.395627][T17776]  out_of_memory+0x76e/0x9e0
[ 1592.400215][T17776]  ? unregister_oom_notifier+0x20/0x20
[ 1592.406048][T17776]  ? kasan_check_read+0x11/0x20
[ 1592.411027][T17776]  try_charge+0x12ba/0x1710
[ 1592.415530][T17776]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1592.421353][T17776]  ? rcu_lock_release+0x4/0x20
[ 1592.426123][T17776]  ? rcu_lock_release+0x15/0x20
[ 1592.431101][T17776]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1592.436671][T17776]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1592.441978][T17776]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1592.447624][T17776]  shmem_getpage_gfp+0x1052/0x2dd0
[ 1592.452761][T17776]  ? shmem_getpage+0xa0/0xa0
[ 1592.457463][T17776]  ? iov_iter_fault_in_readable+0x2ba/0x5c0
[ 1592.464352][T17776]  shmem_write_begin+0xcb/0x1b0
[ 1592.471830][T17776]  generic_perform_write+0x2ac/0x550
[ 1592.487605][T17776]  ? grab_cache_page_write_begin+0xa0/0xa0
[ 1592.498856][T17776]  ? file_remove_privs+0x600/0x600
[ 1592.511828][T17776]  ? lock_acquire+0x158/0x250
[ 1592.517595][T17776]  __generic_file_write_iter+0x24b/0x520
[ 1592.523255][T17776]  generic_file_write_iter+0x41d/0x5a0
[ 1592.528730][T17776]  __vfs_write+0x617/0x7d0
[ 1592.533137][T17776]  ? __kernel_write+0x330/0x330
[ 1592.537985][T17776]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1592.543691][T17776]  ? __sb_start_write+0x199/0x360
[ 1592.548739][T17776]  ? kasan_check_read+0x11/0x20
[ 1592.553673][T17776]  vfs_write+0x227/0x510
[ 1592.557916][T17776]  ksys_write+0x16b/0x2a0
[ 1592.562241][T17776]  ? __ia32_sys_read+0x90/0x90
[ 1592.567016][T17776]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1592.572759][T17776]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1592.578488][T17776]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1592.583966][T17776]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1592.589705][T17776]  ? do_syscall_64+0x1d/0x140
[ 1592.594418][T17776]  __x64_sys_write+0x7b/0x90
[ 1592.599078][T17776]  do_syscall_64+0xfe/0x140
[ 1592.603573][T17776]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1592.609501][T17776] RIP: 0033:0x459519
[ 1592.613392][T17776] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1592.636252][T17776] RSP: 002b:00007f6872e5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1592.644655][T17776] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459519
15:49:09 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00'}, 0x58)

15:49:09 executing program 5:
r0 = socket$nl_route(0x10, 0x3, 0x0)
pwritev(r0, 0x0, 0x0, 0x0)

15:49:09 executing program 1:
r0 = syz_open_dev$loop(0x0, 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

15:49:09 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = getpgrp(0x0)
syz_open_procfs$namespace(r1, &(0x7f0000000040)='ns/ipc\x00')
ioctl$VIDIOC_G_FREQUENCY(r0, 0xc02c5638, &(0x7f0000000000)={0x7fff, 0x3, 0xfffffffffffffffe})

15:49:09 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:09 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffe7}})

[ 1592.652633][T17776] RDX: 0000000000000001 RSI: 00000000200004c0 RDI: 0000000000000005
[ 1592.660598][T17776] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1592.668583][T17776] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e5e6d4
[ 1592.676658][T17776] R13: 00000000004c58be R14: 00000000004df8c0 R15: 00000000ffffffff
[ 1592.687002][T17776] memory: usage 306940kB, limit 307200kB, failcnt 53800
15:49:09 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1592.722870][T17776] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
15:49:09 executing program 1:
r0 = syz_open_dev$loop(0x0, 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

15:49:09 executing program 5:
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000240)=ANY=[], 0xfffffe04)
splice(r0, 0x0, r3, 0x0, 0x20000000003, 0x0)
write$binfmt_script(r1, &(0x7f0000000000)={'#! ', './file0'}, 0xb)

15:49:09 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}})

15:49:09 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00'}, 0x58)

15:49:09 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1592.803437][T17776] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1592.823697][T17776] Memory cgroup stats for /syz0: cache:6508KB rss:101084KB rss_huge:0KB shmem:6508KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6496KB active_anon:101092KB inactive_file:0KB active_file:0KB unevictable:0KB
15:49:09 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

15:49:09 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:09 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x20001, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000000c0)={0x6, @raw_data="ac715a32c04b79b873087719edee1a2bfabbce8c823e0e7f84c54aa5a20140d0ebd2e0c4703f0af6576849246201b16efeea3b7af19024deb38a8604cf379ce41a106e9a90d212af9ad5e5062c0a7de0400accabefaa600e8e6039091423cc816c4cf6f6314bfc48c9900c84a97961455aa7f4ca161d7efe6c4ab0108e96f136951f86510eedc71f174610376f8997c901f8c508ec191bb03def2b12be25a4dc0835bb19e40ded7c4360a0038336cc8a68c22f3953f1da595fed8d9438e6c1e3d8c10552541d36eb"})
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_DISABLE(r1, &(0x7f0000000340)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100001}, 0xc, &(0x7f0000000300)={&(0x7f00000006c0)={0x4f0, r2, 0x2, 0x70bd26, 0x25dfdbfc, {}, [@TIPC_NLA_BEARER={0x40, 0x1, [@TIPC_NLA_BEARER_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffeffffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz1\x00'}]}, @TIPC_NLA_SOCK={0x1c, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7fff}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_NET={0x20, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xb4b}, @TIPC_NLA_NET_ID={0x8, 0x1, 0xfca}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xf3}]}, @TIPC_NLA_LINK={0xe0, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}]}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x200}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fff}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2e2ad568}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x93e}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}]}]}, @TIPC_NLA_LINK={0xa4, 0x4, [@TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x92}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x24, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1b}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1d}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8001}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}, @TIPC_NLA_SOCK={0x2c, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xe4b5}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}]}, @TIPC_NLA_BEARER={0x174, 0x1, [@TIPC_NLA_BEARER_NAME={0x14, 0x1, @l2={'ib', 0x3a, 'veth0_to_hsr\x00'}}, @TIPC_NLA_BEARER_NAME={0x14, 0x1, @l2={'ib', 0x3a, 'bond_slave_1\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x81, @remote, 0x3}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x1ff, @loopback, 0x4}}}}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x800}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffffffffe85}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x451cc318}]}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x11}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x19}}}, {0x14, 0x2, @in={0x2, 0x4e21, @rand_addr=0x16e}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x4}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @local}}, {0x20, 0x2, @in6={0xa, 0x4e22, 0x3, @local, 0x6}}}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @multicast2}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0xfffffffffffffffc, @local}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'ip6tnl0\x00'}}]}, @TIPC_NLA_MEDIA={0x64, 0x5, [@TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2ac}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_TOL={0x8}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x20}]}]}, @TIPC_NLA_NODE={0x8, 0x6, [@TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_MEDIA={0xd0, 0x5, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_PRIO={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x8}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x44, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x20}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffffffff60d}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7ff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2000000}]}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfffffffffffffff8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x534ff11f}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x500}]}]}]}, 0x4f0}, 0x1, 0x0, 0x0, 0x40}, 0x40000)
ioctl$sock_x25_SIOCADDRT(r1, 0x890b, &(0x7f00000001c0)={@null='               \x00', 0x2, 'team_slave_1\x00'})

15:49:09 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:10 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1593.077592][T17776] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6931,uid=0
[ 1593.109001][T17776] Memory cgroup out of memory: Killed process 6931 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:49:10 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:10 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

15:49:10 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$VIDIOC_G_MODULATOR(r0, 0xc0445636, &(0x7f0000000000)={0x29e8, "95e0ddcd86d0ceb8e8be7529fb0409591c65be3d3c61a6ca0dd3aad1916838df", 0x0, 0x6, 0xfffffffffffffc05, 0x16, 0x1})

[ 1593.199527][ T1044] oom_reaper: reaped process 6931 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
[ 1593.376744][T17776] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1593.397541][T17776] CPU: 0 PID: 17776 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1593.405676][T17776] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1593.416563][T17776] Call Trace:
[ 1593.419869][T17776]  dump_stack+0x1d8/0x2f8
[ 1593.424281][T17776]  dump_header+0xdb/0xf40
[ 1593.428631][T17776]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1593.434537][T17776]  ? ___ratelimit+0x447/0x5d0
[ 1593.439269][T17776]  oom_kill_process+0x1a0/0x490
[ 1593.444144][T17776]  out_of_memory+0x76e/0x9e0
[ 1593.448751][T17776]  ? unregister_oom_notifier+0x20/0x20
[ 1593.454318][T17776]  ? kasan_check_read+0x11/0x20
[ 1593.459197][T17776]  try_charge+0x12ba/0x1710
[ 1593.463823][T17776]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1593.469751][T17776]  ? rcu_lock_release+0x4/0x20
[ 1593.474540][T17776]  ? rcu_lock_release+0x15/0x20
[ 1593.479489][T17776]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1593.485056][T17776]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1593.490450][T17776]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1593.496191][T17776]  shmem_getpage_gfp+0x1052/0x2dd0
[ 1593.501350][T17776]  ? shmem_getpage+0xa0/0xa0
[ 1593.505986][T17776]  ? iov_iter_fault_in_readable+0x2ba/0x5c0
[ 1593.511923][T17776]  shmem_write_begin+0xcb/0x1b0
[ 1593.516795][T17776]  generic_perform_write+0x2ac/0x550
[ 1593.522111][T17776]  ? grab_cache_page_write_begin+0xa0/0xa0
[ 1593.527940][T17776]  ? file_remove_privs+0x600/0x600
[ 1593.533249][T17776]  ? lock_acquire+0x158/0x250
[ 1593.537969][T17776]  __generic_file_write_iter+0x24b/0x520
[ 1593.543653][T17776]  generic_file_write_iter+0x41d/0x5a0
[ 1593.549338][T17776]  __vfs_write+0x617/0x7d0
[ 1593.554155][T17776]  ? __kernel_write+0x330/0x330
[ 1593.559462][T17776]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1593.567738][T17776]  ? __sb_start_write+0x199/0x360
[ 1593.574430][T17776]  ? kasan_check_read+0x11/0x20
[ 1593.579309][T17776]  vfs_write+0x227/0x510
[ 1593.584008][T17776]  ksys_write+0x16b/0x2a0
[ 1593.588387][T17776]  ? __ia32_sys_read+0x90/0x90
[ 1593.594553][T17776]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1593.600288][T17776]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1593.607585][T17776]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1593.614026][T17776]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1593.620616][T17776]  ? do_syscall_64+0x1d/0x140
[ 1593.625407][T17776]  __x64_sys_write+0x7b/0x90
[ 1593.630277][T17776]  do_syscall_64+0xfe/0x140
[ 1593.634793][T17776]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1593.640902][T17776] RIP: 0033:0x459519
[ 1593.644810][T17776] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1593.665021][T17776] RSP: 002b:00007f6872e5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1593.686130][T17776] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459519
[ 1593.694294][T17776] RDX: 0000000000000001 RSI: 00000000200004c0 RDI: 0000000000000005
[ 1593.702263][T17776] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1593.710742][T17776] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e5e6d4
[ 1593.720244][T17776] R13: 00000000004c58be R14: 00000000004df8c0 R15: 00000000ffffffff
15:49:10 executing program 5:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vhost-vsock\x00', 0x2, 0x0)
close(r0)

15:49:10 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:10 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:10 executing program 1:
r0 = syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x0)
ioctl$BLKTRACETEARDOWN(r0, 0x1276, 0x0)

15:49:10 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
socketpair(0x10, 0x1, 0xfffffffffffffff8, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0x1, 0x0, 0x7, 0x4}, &(0x7f0000000300)=0x18)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffff9c, 0x84, 0xf, &(0x7f00000000c0)={<r4=>r3, @in={{0x2, 0x4e22, @local}}, 0x9, 0x4, 0x400, 0x42, 0x8}, &(0x7f0000000040)=0x98)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000240)={r4, 0x90, &(0x7f0000000180)=[@in6={0xa, 0x4e23, 0x6, @mcast2, 0x9}, @in={0x2, 0x4e20, @empty}, @in6={0xa, 0x4e22, 0x7, @loopback, 0xa7c}, @in6={0xa, 0x4e23, 0xfffffffffffffffa, @dev={0xfe, 0x80, [], 0x25}, 0xb3}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x10}}, @in6={0xa, 0x4e22, 0x0, @mcast1, 0xbd}]}, &(0x7f0000000280)=0x10)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:10 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00'}, 0x58)

[ 1593.733826][T17776] memory: usage 307140kB, limit 307200kB, failcnt 53902
[ 1593.744742][T17776] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
15:49:10 executing program 1:
syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)

[ 1593.807305][T17776] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
15:49:10 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:10 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:10 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x400000, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000000040)='htcp\x00', 0x5)

[ 1593.870109][T17776] Memory cgroup stats for /syz0: cache:6508KB rss:101092KB rss_huge:0KB shmem:6508KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6500KB active_anon:101100KB inactive_file:0KB active_file:0KB unevictable:0KB
15:49:10 executing program 1:
syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)

15:49:10 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:10 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x5, 0x4)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

[ 1593.958779][T17776] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17776,uid=0
[ 1593.974936][T17776] Memory cgroup out of memory: Killed process 17776 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:49:11 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1594.058943][ T1044] oom_reaper: reaped process 17776 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
[ 1594.075245][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1594.104076][ T8067] CPU: 0 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1594.112117][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1594.122278][ T8067] Call Trace:
[ 1594.125596][ T8067]  dump_stack+0x1d8/0x2f8
[ 1594.129926][ T8067]  dump_header+0xdb/0xf40
[ 1594.129968][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1594.129978][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1594.129993][ T8067]  oom_kill_process+0x1a0/0x490
[ 1594.130005][ T8067]  out_of_memory+0x76e/0x9e0
[ 1594.130021][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1594.160938][ T8067]  ? kasan_check_read+0x11/0x20
[ 1594.165804][ T8067]  try_charge+0x12ba/0x1710
[ 1594.170337][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1594.176168][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1594.180968][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1594.180982][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1594.180996][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1594.191732][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1594.191744][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1594.191759][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1594.191772][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1594.191797][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1594.191809][ T8067]  __pmd_alloc+0x39/0x3d0
[ 1594.191823][ T8067]  copy_page_range+0x254c/0x2900
[ 1594.191834][ T8067]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1594.191856][ T8067]  ? trace_lock_acquire+0x190/0x190
[ 1594.254350][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1594.260288][ T8067]  ? __rb_insert_augmented+0x706/0x720
[ 1594.267373][ T8067]  ? kasan_check_write+0x14/0x20
[ 1594.273744][ T8067]  dup_mmap+0xa2d/0xe90
[ 1594.278374][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1594.283841][ T8067]  ? kasan_check_write+0x14/0x20
[ 1594.290444][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1594.290456][ T8067]  dup_mm+0x9e/0x340
[ 1594.290468][ T8067]  copy_process+0x25ff/0x5c80
[ 1594.290499][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1594.290520][ T8067]  _do_fork+0x180/0x5f0
[ 1594.290535][ T8067]  ? dup_mm+0x340/0x340
[ 1594.290554][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1594.325784][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1594.332177][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1594.338089][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1594.338102][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1594.338112][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1594.338125][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1594.338137][ T8067]  do_syscall_64+0xfe/0x140
[ 1594.338152][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1594.338162][ T8067] RIP: 0033:0x457aea
[ 1594.338173][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1594.338178][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
15:49:11 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$VIDIOC_ENUMINPUT(r0, 0xc050561a, &(0x7f0000000000)={0xe95, "c4a4038fb0cfbd4cb109d90f4419f06a30e0d25fd52eea5483148bde5810e7c7", 0x2, 0x2, 0x5, 0x40000, 0x4000000, 0xe})

15:49:11 executing program 1:
syz_open_dev$loop(&(0x7f00000001c0)='/dev/loop#\x00', 0x0, 0x80200)
ioctl$BLKTRACETEARDOWN(0xffffffffffffffff, 0x1276, 0x0)

15:49:11 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x5, 0x4)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

[ 1594.404264][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1594.404279][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1594.421164][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1594.430279][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1594.430286][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1594.452339][ T8067] memory: usage 306876kB, limit 307200kB, failcnt 53922
[ 1594.464645][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1594.482588][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1594.489987][ T8067] Memory cgroup stats for /syz0: cache:6504KB rss:100976KB rss_huge:0KB shmem:6504KB mapped_file:3212KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6496KB active_anon:100984KB inactive_file:0KB active_file:0KB unevictable:0KB
15:49:11 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00'}, 0x58)

15:49:11 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:11 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:11 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x100, 0x0)
ioctl$DRM_IOCTL_RM_MAP(r1, 0x4028641b, &(0x7f0000000040)={&(0x7f0000ff8000/0x5000)=nil, 0x9, 0x3, 0x0, &(0x7f0000ff9000/0x3000)=nil, 0x8})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:11 executing program 1:
r0 = socket$inet(0x10, 0x10000000000003, 0x2010000000006)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000000c0)="4c0000001200ff09fffefd956fa283b724a6008000000000000000683540150024001d001fc41180b598bc593ab6821148a730de33a49868c62b2ca654a6613b6aabf35d0f1cbc882b079881", 0x4c}], 0x1}, 0x0)

15:49:11 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x5, 0x4)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

[ 1594.512645][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17815,uid=0
[ 1594.531059][ T8067] Memory cgroup out of memory: Killed process 17815 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1594.614317][T17932] __nla_validate_parse: 34 callbacks suppressed
[ 1594.614332][T17932] netlink: 60 bytes leftover after parsing attributes in process `syz-executor.1'.
15:49:11 executing program 1:
pipe(&(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-generic\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
write$binfmt_script(r1, &(0x7f0000000240)=ANY=[], 0xfffffe04)
splice(r0, 0x0, r3, 0x0, 0x20000000003, 0x0)

15:49:11 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:11 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:11 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00'}, 0x58)

15:49:11 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x5, 0x4)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:11 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x3, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x42000, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f00000000c0)=0x2, 0x4)
syslog(0xb, &(0x7f0000000100)=""/82, 0x52)
openat$dlm_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-control\x00', 0x2000, 0x0)

15:49:11 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:11 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:11 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00'}, 0x58)

15:49:11 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x5, 0x4)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:11 executing program 2:
msgget$private(0x0, 0x400)
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video35\x00', 0x2, 0x0)
r1 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x3, 0x2)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0x40405515, &(0x7f0000000040)={0x4, 0x1, 0x80000001, 0x6, '\x00', 0xfffffffffffffff8})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:11 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1595.084379][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1595.139781][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1595.147644][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1595.157818][ T8067] Call Trace:
[ 1595.161117][ T8067]  dump_stack+0x1d8/0x2f8
[ 1595.165462][ T8067]  dump_header+0xdb/0xf40
[ 1595.169808][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1595.175616][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1595.180308][ T8067]  oom_kill_process+0x1a0/0x490
[ 1595.185203][ T8067]  out_of_memory+0x76e/0x9e0
[ 1595.189816][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1595.195285][ T8067]  ? kasan_check_read+0x11/0x20
[ 1595.200148][ T8067]  try_charge+0x12ba/0x1710
[ 1595.204709][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1595.210540][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1595.215323][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1595.220889][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1595.226102][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1595.230956][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1595.236541][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1595.241752][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1595.247131][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1595.252769][ T8067]  ? arch_stack_walk+0x98/0xe0
[ 1595.257555][ T8067]  ? kasan_check_write+0x14/0x20
[ 1595.262500][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1595.267536][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1595.272662][ T8067]  pte_alloc_one+0x1f/0x180
[ 1595.277174][ T8067]  __pte_alloc+0x20/0x2f0
[ 1595.281510][ T8067]  copy_page_range+0x23d5/0x2900
[ 1595.286468][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1595.291174][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1595.296561][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1595.301688][ T8067]  dup_mmap+0xa2d/0xe90
[ 1595.305967][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1595.311090][ T8067]  ? kasan_check_write+0x14/0x20
[ 1595.316064][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1595.320317][ T8067]  dup_mm+0x9e/0x340
[ 1595.324224][ T8067]  copy_process+0x25ff/0x5c80
[ 1595.328960][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1595.333393][ T8067]  _do_fork+0x180/0x5f0
[ 1595.337540][ T8067]  ? dup_mm+0x340/0x340
[ 1595.341679][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1595.347195][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1595.353286][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1595.359023][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1595.364639][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1595.370084][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1595.375794][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1595.380678][ T8067]  do_syscall_64+0xfe/0x140
[ 1595.385451][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1595.391419][ T8067] RIP: 0033:0x457aea
[ 1595.395321][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1595.414929][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1595.423352][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1595.431314][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1595.439301][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1595.447294][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1595.455255][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1595.473052][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 53957
[ 1595.480715][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1595.489585][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1595.496440][ T8067] Memory cgroup stats for /syz0: cache:6512KB rss:101096KB rss_huge:0KB shmem:6512KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6504KB active_anon:101104KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1595.518731][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=17865,uid=0
[ 1595.534294][ T8067] Memory cgroup out of memory: Killed process 17865 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1595.549170][ T1044] oom_reaper: reaped process 17865 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:49:12 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
getsockopt$netlink(r0, 0x10e, 0xb, &(0x7f00000020c0)=""/4096, &(0x7f0000000100)=0x1000)

15:49:12 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x5, 0x4)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:12 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:12 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
write$cgroup_int(r0, &(0x7f0000000040)=0x7ff, 0x12)
setsockopt$inet6_MRT6_ADD_MFC(r0, 0x29, 0xcc, &(0x7f0000000080)={{0xa, 0x4e20, 0x8, @local, 0x6}, {0xa, 0x4e22, 0x4, @dev={0xfe, 0x80, [], 0x1c}, 0x8}, 0x6, [0x5, 0x401, 0x80, 0x8000, 0xffffffff, 0xffffffffffff0000, 0x2, 0xfff]}, 0x5c)

15:49:12 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1595.588378][T17999] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 1595.601702][T17999] CPU: 1 PID: 17999 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1595.609610][T17999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1595.619681][T17999] Call Trace:
[ 1595.622979][T17999]  dump_stack+0x1d8/0x2f8
[ 1595.622997][T17999]  dump_header+0xdb/0xf40
[ 1595.623012][T17999]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
15:49:12 executing program 1:
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
getsockopt$IP6T_SO_GET_ENTRIES(r0, 0x29, 0x41, &(0x7f0000000100)={'mangle\x00', 0x4, "1e13d86f"}, 0x0)

[ 1595.623027][T17999]  ? ___ratelimit+0x447/0x5d0
[ 1595.642157][T17999]  oom_kill_process+0x1a0/0x490
[ 1595.647199][T17999]  out_of_memory+0x76e/0x9e0
[ 1595.651815][T17999]  ? unregister_oom_notifier+0x20/0x20
[ 1595.657281][T17999]  ? kasan_check_read+0x11/0x20
[ 1595.662145][T17999]  try_charge+0x12ba/0x1710
[ 1595.666844][T17999]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1595.680910][T17999]  ? rcu_lock_release+0x4/0x20
[ 1595.685692][T17999]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1595.691259][T17999]  ? memcg_kmem_put_cache+0x70/0x70
[ 1595.696471][T17999]  ? rcu_lock_release+0x15/0x20
[ 1595.701348][T17999]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1595.701360][T17999]  __memcg_kmem_charge+0x118/0x2f0
[ 1595.701375][T17999]  __alloc_pages_nodemask+0x377/0x790
[ 1595.701389][T17999]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1595.701413][T17999]  alloc_pages_current+0x2fb/0x540
[ 1595.701428][T17999]  __pmd_alloc+0x39/0x3d0
[ 1595.733417][T17999]  handle_mm_fault+0x3115/0x6130
15:49:12 executing program 2:
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r0 = syz_open_dev$vcsn(&(0x7f0000000140)='/dev/vcs#\x00', 0x4, 0x0)
ioctl$TIOCSSOFTCAR(r0, 0x541a, &(0x7f0000000180)=0x6)
r1 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x1, 0x0)
accept$inet6(r1, 0x0, &(0x7f0000000100))
get_mempolicy(&(0x7f0000000040), &(0x7f0000000080), 0x3, &(0x7f0000ffd000/0x2000)=nil, 0x0)
ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000000)=<r2=>0x0)
ptrace$cont(0x9, r2, 0x101, 0x401)

[ 1595.738669][T17999]  ? finish_fault+0x220/0x220
[ 1595.743366][T17999]  ? __down_read+0x1a0/0x1a0
[ 1595.747986][T17999]  ? vmacache_find+0x566/0x5b0
[ 1595.752757][T17999]  ? vmacache_update+0xb7/0x120
[ 1595.757613][T17999]  ? find_vma+0x13c/0x150
[ 1595.761956][T17999]  do_user_addr_fault+0x56f/0xaa0
[ 1595.767030][T17999]  __do_page_fault+0xd3/0x1f0
[ 1595.771716][T17999]  do_page_fault+0xce/0xe0
[ 1595.776146][T17999]  ? page_fault+0x8/0x30
[ 1595.780400][T17999]  page_fault+0x1e/0x30
[ 1595.784557][T17999] RIP: 0033:0x4019f7
15:49:12 executing program 1:
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000002540)={'veth0_to_bond\x00', <r1=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000002580)={@remote, 0x0, r1})

[ 1595.788481][T17999] Code: 00 00 00 48 83 ec 08 48 8b 15 bd ea 66 00 48 8b 05 ae ea 66 00 48 39 d0 48 8d 8a 00 00 00 01 72 17 48 39 c8 73 12 48 8d 50 04 <89> 38 48 89 15 90 ea 66 00 48 83 c4 08 c3 48 89 c6 bf 38 96 4c 00
[ 1595.808357][T17999] RSP: 002b:00007ffff6b9e570 EFLAGS: 00010287
[ 1595.808367][T17999] RAX: 0000001b2be20000 RBX: 0000000000000000 RCX: 0000001b2ce20000
[ 1595.808373][T17999] RDX: 0000001b2be20004 RSI: 00007ffff6b9e330 RDI: 0000000000000000
[ 1595.808378][T17999] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000004
[ 1595.808384][T17999] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000001
[ 1595.808389][T17999] R13: 00007ffff6b9e760 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1595.827932][T17999] memory: usage 307024kB, limit 307200kB, failcnt 54001
[ 1595.909434][T17999] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1595.921611][T17999] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1595.929190][T17999] Memory cgroup stats for /syz0: cache:6508KB rss:101016KB rss_huge:0KB shmem:6504KB mapped_file:3212KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6496KB active_anon:101024KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1595.962417][T17999] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=6955,uid=0
[ 1595.978399][T17999] Memory cgroup out of memory: Killed process 6955 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:49:12 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'}, 0x58)

15:49:12 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x5, 0x4)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:12 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:12 executing program 2:
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x5, 0x200000)
getsockopt$inet_tcp_buf(r0, 0x6, 0x1f, &(0x7f0000000040)=""/18, &(0x7f00000000c0)=0x12)
r1 = shmget(0x0, 0x4000, 0x114, &(0x7f0000ffc000/0x4000)=nil)
shmctl$SHM_UNLOCK(r1, 0xc)
getsockopt$inet_dccp_int(r0, 0x21, 0xf, &(0x7f0000000100), &(0x7f0000000140)=0x4)
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r2, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:12 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:12 executing program 1:
r0 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0)
ioctl$BLKPG(r0, 0x1269, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0})

15:49:13 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:13 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:13 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000300)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0xffffffffffffffff, @vbi={0x2, 0x3, 0x401, 0x50313134, [0x5, 0x3], [0x2, 0x7fff], 0x1}})

15:49:13 executing program 1:
getpid()
write(0xffffffffffffffff, 0x0, 0x0)
getgroups(0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, 0x0, 0x0)
lstat(0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x2400, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xfffffffffffffffd, 0x0, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0xfff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
ioctl$BINDER_GET_NODE_DEBUG_INFO(0xffffffffffffffff, 0xc018620b, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0xb, 0x6, 0x209e21, 0x3, 0x1}, 0x2c)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000340)={r0, &(0x7f0000000380), 0x0}, 0x18)

15:49:13 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:13 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1596.298376][T18056] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1596.386791][T18056] CPU: 1 PID: 18056 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1596.394732][T18056] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1596.404809][T18056] Call Trace:
[ 1596.408206][T18056]  dump_stack+0x1d8/0x2f8
[ 1596.408227][T18056]  dump_header+0xdb/0xf40
[ 1596.408242][T18056]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1596.408252][T18056]  ? ___ratelimit+0x447/0x5d0
[ 1596.408273][T18056]  oom_kill_process+0x1a0/0x490
[ 1596.427438][T18056]  out_of_memory+0x76e/0x9e0
[ 1596.427453][T18056]  ? unregister_oom_notifier+0x20/0x20
[ 1596.427465][T18056]  ? kasan_check_read+0x11/0x20
[ 1596.427480][T18056]  try_charge+0x12ba/0x1710
[ 1596.436945][T18056]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1596.457581][T18056]  ? rcu_lock_release+0x4/0x20
[ 1596.462398][T18056]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1596.467967][T18056]  ? memcg_kmem_put_cache+0x70/0x70
[ 1596.473270][T18056]  ? rcu_lock_release+0x15/0x20
[ 1596.478135][T18056]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1596.483727][T18056]  __memcg_kmem_charge+0x118/0x2f0
[ 1596.488846][T18056]  __alloc_pages_nodemask+0x377/0x790
[ 1596.494343][T18056]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1596.500052][T18056]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1596.505777][T18056]  ? copy_process+0x599/0x5c80
[ 1596.510836][T18056]  copy_process+0x613/0x5c80
[ 1596.515429][T18056]  ? fork_idle+0x1b0/0x1b0
[ 1596.528699][T18056]  _do_fork+0x180/0x5f0
[ 1596.533207][T18056]  ? dup_mm+0x340/0x340
[ 1596.537355][T18056]  ? debug_smp_processor_id+0x1c/0x20
[ 1596.542715][T18056]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1596.548799][T18056]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1596.554977][T18056]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1596.560614][T18056]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1596.566090][T18056]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1596.571890][T18056]  __x64_sys_clone+0xc1/0xd0
[ 1596.576481][T18056]  do_syscall_64+0xfe/0x140
[ 1596.580985][T18056]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1596.586872][T18056] RIP: 0033:0x459519
[ 1596.590749][T18056] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1596.610337][T18056] RSP: 002b:00007f6872e3cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1596.618824][T18056] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459519
[ 1596.627152][T18056] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 04000000000003fe
[ 1596.635490][T18056] RBP: 000000000075bfc8 R08: ffffffffffffffff R09: 0000000000000000
[ 1596.643558][T18056] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e3d6d4
[ 1596.651517][T18056] R13: 00000000004bf97d R14: 00000000004d1358 R15: 00000000ffffffff
[ 1596.677200][T18056] memory: usage 307132kB, limit 307200kB, failcnt 54028
[ 1596.684178][T18056] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1596.697047][T18056] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1596.705098][T18056] Memory cgroup stats for /syz0: cache:6508KB rss:101076KB rss_huge:0KB shmem:6508KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6500KB active_anon:101084KB inactive_file:0KB active_file:0KB unevictable:0KB
15:49:13 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}, 0x58)

15:49:13 executing program 5:
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:13 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:13 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="c0dca5055e0bcfec7be070")
setsockopt$inet_mreqn(r0, 0x0, 0x20, &(0x7f0000000340)={@initdev, @multicast2}, 0xc)

15:49:13 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:13 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:13 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000100)="71e67a15cdf0319fa22748f9a91c66b3", 0x10)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x117, 0x5, 0x0, 0x0)
r1 = accept4$alg(r0, 0x0, 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0xfffffe90)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
recvmmsg(r1, &(0x7f0000006880)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000017c0)=""/4096, 0x1000}], 0x1, &(0x7f0000000600)=""/154, 0x9a}}], 0x1, 0x0, 0x0)

[ 1596.729087][T18056] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7057,uid=0
[ 1596.745272][T18056] Memory cgroup out of memory: Killed process 7057 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1596.760315][ T1044] oom_reaper: reaped process 7057 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:49:13 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000440)='/dev/input/mice\x00', 0x0, 0x40)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f0000000700))
epoll_pwait(r1, &(0x7f0000000680)=[{}, {}, {}, {}, {}, {}], 0x6, 0x8, &(0x7f0000000480)={0x7f}, 0x8)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0x7, @raw_data="1c79aa0372ed3f6af62e7a99bba798d8f5d8ada671b5a6fdb0ad38b495564a04285f0f886652b3c692ac831676b6f1d4bcc20f02a81be10c2406c33c333fe95f5bacabddb0f0e2b18507f98ee06ad45e02ef8f178e79d454ecf69af374f64a4b35fc1a670d6c06e4ccb2461024a1a4dc0e2a6ae11c80ffd510fc576ef0a94709a4eb54dbd6bc07522b899972ec8ca0cdc041278beb556bf29a09aaf4b0fdda288e74870161c18e9d8917ad5b7c081efbe789ef25936b4b75da01dcd224c5f5958fa83fddf04b11b2"})
r2 = syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x9, 0x400040)
ioctl$VIDIOC_G_CROP(r2, 0xc014563b, &(0x7f0000000500)={0x5, {0x3, 0x2, 0x0, 0x8}})
setsockopt$inet6_icmp_ICMP_FILTER(r2, 0x1, 0x1, &(0x7f0000000580)={0xfff}, 0x4)
sendmsg$inet(r2, &(0x7f00000004c0)={&(0x7f0000000040)={0x2, 0x4e20, @remote}, 0x10, &(0x7f00000003c0)=[{&(0x7f00000001c0)="0d59e1e3a94179fa01b4d906e47c763d9299f0af52d15172b9c5764196f3f616b05706f287b482ae08ad4de810220b25a69cb37ec03fdaa89bfda26fdac292c0b8ecc60394550818c1e37e03687418211d5e43c14801db48625a1cabc14d4b871206e132ea34a688c0fd6f874607c7545c358c10e1289b8b5e303355d0ce582216e669b0eb8113111f81205fe8a6060ffc175913349efe39cf8bb3789d65a32e8c4557e179a1db27b7585e0a3109b31c", 0xb0}, {&(0x7f0000000280)="18b151acda2868b67891f14f696c539a214a09ca57e13537b46ad259b69e6e94b4213afefe763ffe3769016eccdd896bd6f082b2c6fd9c9454578de241689f71b74f603fa5cea9ea8165b5d863d9ef9c367677eadaebdf0c19", 0x59}, {&(0x7f0000000300)="3644400dfd6a", 0x6}, {&(0x7f0000000340)="229be86f148206e6d06e8636fa7faf98252b60fadeae2b0c215a65adc300c3a8605d7c021cefa3edd4af0ae870fd436e7be40cc090231f36ac01f1023b950824af5ef03c3f2ad4c2920203e955b42ce4d355101767e969c5321678ce72542bd40359b9171f1ffc", 0x67}], 0x4, &(0x7f00000005c0)=ANY=[@ANYBLOB="110043f5c0ad64aa11ae26ae5ed200000000170000000000010000001f000000000000001400000000000000000000000100000000000000000000002000000000000000000000000700000000830cf7d750cc62c91efec07500002ed57d9df25ad900200000000000000000000000070000000183090000000000000014137f0000011400000000000000000000000200000002"], 0x88}, 0x4000)
openat$mixer(0xffffffffffffff9c, &(0x7f0000000400)='/dev/mixer\x00', 0x2000, 0x0)
ioctl$BLKSECTGET(r2, 0x1267, &(0x7f0000000540))

15:49:13 executing program 2:
r0 = openat$md(0xffffffffffffff9c, &(0x7f0000000000)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKRESETZONE(r0, 0x40101283, &(0x7f0000000040)={0x2000000000000000, 0x7})
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/mixer\x00', 0x8a00, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0x40405515, &(0x7f00000001c0)={0xa, 0x6, 0x7fffffff, 0x8, 'syz0\x00', 0x40})
r2 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x1f, 0x2000)
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f0000000200)={0x0, 0x0, 0x1, 0x34a})
ioctl$DRM_IOCTL_AGP_ALLOC(r2, 0xc0206434, &(0x7f0000000240)={0x0, <r3=>0x0, 0x10001, 0x1})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000100)={0x8001, <r4=>r3, 0x10001, 0x9})
ioctl$DRM_IOCTL_AGP_FREE(r2, 0x40206435, &(0x7f0000000140)={0x1, r4, 0x10001, 0xfffffffffffffffc})
r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r5, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:13 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:13 executing program 5:
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:13 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1597.034049][T18087] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1597.082806][T18087] CPU: 1 PID: 18087 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1597.091186][T18087] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1597.101625][T18087] Call Trace:
[ 1597.104961][T18087]  dump_stack+0x1d8/0x2f8
[ 1597.109780][T18087]  dump_header+0xdb/0xf40
[ 1597.114157][T18087]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1597.120320][T18087]  ? ___ratelimit+0x447/0x5d0
[ 1597.125805][T18087]  oom_kill_process+0x1a0/0x490
[ 1597.131006][T18087]  out_of_memory+0x76e/0x9e0
[ 1597.135603][T18087]  ? unregister_oom_notifier+0x20/0x20
[ 1597.141149][T18087]  ? kasan_check_read+0x11/0x20
[ 1597.146015][T18087]  try_charge+0x12ba/0x1710
[ 1597.150549][T18087]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1597.156717][T18087]  ? rcu_lock_release+0x4/0x20
[ 1597.161760][T18087]  ? rcu_lock_release+0x15/0x20
[ 1597.166962][T18087]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1597.172962][T18087]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1597.178347][T18087]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1597.184057][T18087]  handle_mm_fault+0x3238/0x6130
[ 1597.189183][T18087]  ? finish_fault+0x220/0x220
[ 1597.193942][T18087]  ? __down_read+0x1a0/0x1a0
[ 1597.198533][T18087]  ? vmacache_find+0x51b/0x5b0
[ 1597.203889][T18087]  ? vmacache_update+0xb7/0x120
[ 1597.208990][T18087]  ? find_vma+0x13c/0x150
[ 1597.213493][T18087]  do_user_addr_fault+0x56f/0xaa0
[ 1597.218893][T18087]  __do_page_fault+0xd3/0x1f0
[ 1597.223648][T18087]  do_page_fault+0xce/0xe0
[ 1597.228090][T18087]  ? page_fault+0x8/0x30
[ 1597.232427][T18087]  page_fault+0x1e/0x30
[ 1597.236661][T18087] RIP: 0033:0x45becd
[ 1597.241436][T18087] Code: 5b 5d f3 c3 66 0f 1f 84 00 00 00 00 00 48 c7 c0 ea ff ff ff 48 85 ff 0f 84 30 8e fb ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 <48> 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8
[ 1597.261575][T18087] RSP: 002b:00007ffff6b9e448 EFLAGS: 00010202
[ 1597.267653][T18087] RAX: ffffffffffffffea RBX: 00007f6872e1c700 RCX: 00007f6872e1c700
[ 1597.275613][T18087] RDX: 00000000003d0f00 RSI: 00007f6872e1bdb0 RDI: 0000000000410250
[ 1597.283841][T18087] RBP: 00007ffff6b9e660 R08: 00007f6872e1c9d0 R09: 00007f6872e1c700
[ 1597.291799][T18087] R10: 00007f6872e1bdc0 R11: 0000000000000246 R12: 0000000000000000
[ 1597.299862][T18087] R13: 00007ffff6b9e4ff R14: 00007f6872e1c9c0 R15: 000000000075c07c
[ 1597.309178][T18087] memory: usage 307136kB, limit 307200kB, failcnt 54071
[ 1597.316256][T18087] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1597.324309][T18087] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1597.331247][T18087] Memory cgroup stats for /syz0: cache:6508KB rss:101080KB rss_huge:0KB shmem:6508KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6500KB active_anon:101088KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1597.353329][T18087] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=18055,uid=0
15:49:14 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}, 0x58)

15:49:14 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:14 executing program 5:
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:14 executing program 2:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x80200, 0x0)
recvfrom$inet(r0, &(0x7f00000000c0)=""/189, 0xbd, 0x40000000, &(0x7f0000000040)={0x2, 0x4e24, @empty}, 0x10)
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$IMGETCOUNT(r0, 0x80044943, &(0x7f0000000180))
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
fchmod(r0, 0x2)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f00000009c0)=<r2=>0x0)
process_vm_writev(r2, &(0x7f0000000480)=[{&(0x7f0000000200)=""/15, 0xf}, {&(0x7f0000000240)=""/226, 0xe2}, {&(0x7f0000000340)=""/31, 0x1f}, {&(0x7f0000000380)=""/194, 0xc2}], 0x4, &(0x7f0000000940)=[{&(0x7f00000004c0)=""/207, 0xcf}, {&(0x7f00000006c0)=""/161, 0xa1}, {&(0x7f0000000780)=""/60, 0x3c}, {&(0x7f00000007c0)=""/83, 0x53}, {&(0x7f0000000840)=""/215, 0xd7}], 0x5, 0x0)

[ 1597.372063][T18087] Memory cgroup out of memory: Killed process 18055 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1597.387028][ T1044] oom_reaper: reaped process 18055 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:49:14 executing program 5:
r0 = socket(0x0, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:14 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$get_keyring_id(0x0, r1, 0x10000000000100)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
syslog(0xa, 0x0, 0x0)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x0, 0x460000)
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(0xffffffffffffff9c, 0x84, 0x72, &(0x7f0000000140)={<r3=>0x0, 0x6, 0x30}, &(0x7f0000000180)=0xc)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r2, 0x84, 0x1, &(0x7f00000001c0)={r3, 0x0, 0x3f, 0x10001, 0x7fffffff, 0x5}, 0x14)
r4 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x2000)
ioctl$RTC_UIE_ON(r4, 0x7003)

[ 1597.593846][T18137] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1597.611653][T18137] CPU: 1 PID: 18137 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1597.619597][T18137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1597.629829][T18137] Call Trace:
[ 1597.633109][T18137]  dump_stack+0x1d8/0x2f8
[ 1597.637459][T18137]  dump_header+0xdb/0xf40
[ 1597.641795][T18137]  ? _raw_spin_unlock_irqrestore+0xd1/0xe0
[ 1597.647604][T18137]  ? ___ratelimit+0x447/0x5d0
[ 1597.652286][T18137]  oom_kill_process+0x1a0/0x490
[ 1597.657128][T18137]  out_of_memory+0x76e/0x9e0
[ 1597.661749][T18137]  ? unregister_oom_notifier+0x20/0x20
[ 1597.667202][T18137]  ? kasan_check_read+0x11/0x20
[ 1597.672051][T18137]  try_charge+0x12ba/0x1710
[ 1597.676556][T18137]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1597.682382][T18137]  ? rcu_lock_release+0x4/0x20
[ 1597.687186][T18137]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1597.692753][T18137]  ? memcg_kmem_put_cache+0x70/0x70
[ 1597.698303][T18137]  ? rcu_lock_release+0x15/0x20
[ 1597.703148][T18137]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1597.708720][T18137]  __memcg_kmem_charge+0x118/0x2f0
[ 1597.721400][T18137]  __alloc_pages_nodemask+0x377/0x790
[ 1597.726943][T18137]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1597.732481][T18137]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1597.738238][T18137]  ? copy_process+0x599/0x5c80
[ 1597.743015][T18137]  copy_process+0x613/0x5c80
[ 1597.747626][T18137]  ? __lock_acquire+0xcf7/0x1a40
[ 1597.752603][T18137]  ? fork_idle+0x1b0/0x1b0
[ 1597.757052][T18137]  _do_fork+0x180/0x5f0
[ 1597.761245][T18137]  ? dup_mm+0x340/0x340
[ 1597.765403][T18137]  ? debug_smp_processor_id+0x1c/0x20
[ 1597.770777][T18137]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1597.776863][T18137]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1597.782897][T18137]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1597.788722][T18137]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1597.794185][T18137]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1597.799902][T18137]  __x64_sys_clone+0xc1/0xd0
[ 1597.804501][T18137]  do_syscall_64+0xfe/0x140
[ 1597.809023][T18137]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1597.814933][T18137] RIP: 0033:0x459519
[ 1597.818873][T18137] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1597.840600][T18137] RSP: 002b:00007f6872e3cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1597.849017][T18137] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459519
[ 1597.856986][T18137] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 04000000000003fe
[ 1597.864979][T18137] RBP: 000000000075bfc8 R08: ffffffffffffffff R09: 0000000000000000
[ 1597.872964][T18137] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e3d6d4
[ 1597.880938][T18137] R13: 00000000004bf97d R14: 00000000004d1358 R15: 00000000ffffffff
15:49:14 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
recvfrom$inet(r1, &(0x7f0000000180)=""/37, 0x25, 0x0, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0x4e5cc83, 0x0, 0x0, 0x800e00549)
shutdown(r0, 0x0)
getpgrp(0xffffffffffffffff)
recvfrom$inet(r2, 0x0, 0x55c1, 0x0, 0x0, 0x800e00545)
shutdown(r2, 0x0)

15:49:14 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:14 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
setxattr$trusted_overlay_origin(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.origin\x00', &(0x7f00000000c0)='y\x00', 0x2, 0x1)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x80, 0x0)
removexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='com.apple.FinderInfo\x00')
ioctl$SCSI_IOCTL_STOP_UNIT(r1, 0x6)

15:49:14 executing program 5:
r0 = socket(0x0, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

[ 1597.891734][T18137] memory: usage 307108kB, limit 307200kB, failcnt 54099
[ 1597.899239][T18137] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1597.907107][T18137] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1597.914249][T18137] Memory cgroup stats for /syz0: cache:6504KB rss:101084KB rss_huge:0KB shmem:6504KB mapped_file:3212KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6496KB active_anon:101092KB inactive_file:0KB active_file:0KB unevictable:0KB
15:49:14 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:14 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000280)='/dev/video35\x00', 0x2, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vsock\x00', 0x0, 0x0)
ioctl$BLKTRACESTART(r1, 0x1274, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0xf, @raw_data="51c78d21e63bf207a64fb3ba2bec46636005148f6f11716c557f432820647a888061ebfb186d9e8b4fda7c1cb3a5c0f87956bf9c39d4e1b9acd66a3f4d110a447455366a217382e6cc00469e6292ff535eb9dd171953469ef265c4ff0259522612c36c6842b095fadd77198f79349350788b202a71822b4c16bda3b55c7a70311e69a972b7e9cf8a0f33a83fb7419aa7ec9fcc46e66c807b6de1d3d054ae9931108372d331db7fa8e7fd9dfad42af696a200e22976db5bf0880076b72d2545fcbecacd727b9c94c1"})
r2 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
ioctl$VIDIOC_ENUM_DV_TIMINGS(r0, 0xc0945662, &(0x7f00000000c0)={0x5089, 0x0, [], {0x0, @reserved}})
ioctl$CAPI_NCCI_GETUNIT(r2, 0x80044327, &(0x7f0000000040)=0x3)

[ 1598.003545][T18137] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=18105,uid=0
[ 1598.077721][T18137] Memory cgroup out of memory: Killed process 18105 (syz-executor.0) total-vm:72840kB, anon-rss:160kB, file-rss:35788kB, shmem-rss:4kB
[ 1598.116458][T18160] Unknown ioctl 4724
[ 1598.134028][T18163] Unknown ioctl 4724
15:49:15 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}, 0x58)

15:49:15 executing program 2:
r0 = msgget$private(0x0, 0x4c)
msgctl$MSG_STAT(r0, 0xb, &(0x7f00000006c0)=""/4096)
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x0, 0x0)
ioctl$RTC_AIE_OFF(r2, 0x7002)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:15 executing program 5:
r0 = socket(0x0, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:15 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:15 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000000))
recvfrom(r1, &(0x7f0000000040)=""/45, 0x2d, 0x100, &(0x7f00000000c0)=@rxrpc=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x15}}}, 0x80)
ioctl$VIDIOC_QUERYCAP(r0, 0x80685600, &(0x7f0000000140))

15:49:15 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:15 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)=""/20, 0x14}], 0x1}, 0x2)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x8164, 0x0, 0x0, 0x800e00547)
shutdown(r0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
read(r2, &(0x7f0000000100)=""/99, 0x63)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r2, 0x0)
r4 = socket$inet6_sctp(0x1c, 0x10000000005, 0x84)
recvmsg(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)=[{0x0, 0x363}, {0x0}, {0x0}], 0x10000000000001c2}, 0x0)
shutdown(r3, 0x0)
shutdown(r1, 0x0)

15:49:15 executing program 5:
r0 = socket(0xa, 0x0, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:15 executing program 2:
ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffff9c, 0xc0086420, &(0x7f0000000080)={<r0=>0x0})
ioctl$DRM_IOCTL_DMA(0xffffffffffffffff, 0xc0406429, &(0x7f00000001c0)={r0, 0x7, &(0x7f00000000c0)=[0xca5b, 0x100000000, 0xfffffffffffffff7, 0x1f, 0x9, 0x4, 0x0], &(0x7f0000000100)=[0x101, 0xaa3, 0x3, 0x7, 0x4, 0xdc07], 0x22, 0x1, 0x1, &(0x7f0000000140)=[0xee], &(0x7f0000000180)=[0x100000001]})
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:15 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\v\x00'}, 0x58)

15:49:15 executing program 2:
r0 = dup2(0xffffffffffffff9c, 0xffffffffffffff9c)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x1c, r1, 0x804, 0x9e, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20000000}, 0x8005)
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r2, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:15 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\f\x00'}, 0x58)

15:49:15 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:15 executing program 5:
r0 = socket(0xa, 0x0, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

[ 1598.506460][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1598.562870][ T8067] CPU: 1 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1598.570710][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1598.581211][ T8067] Call Trace:
[ 1598.584532][ T8067]  dump_stack+0x1d8/0x2f8
[ 1598.588884][ T8067]  dump_header+0xdb/0xf40
[ 1598.593410][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1598.600273][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1598.605420][ T8067]  oom_kill_process+0x1a0/0x490
[ 1598.610408][ T8067]  out_of_memory+0x76e/0x9e0
[ 1598.615057][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1598.620528][ T8067]  ? kasan_check_read+0x11/0x20
[ 1598.625591][ T8067]  try_charge+0x12ba/0x1710
[ 1598.630146][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1598.635990][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1598.640888][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1598.646541][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1598.651788][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1598.656960][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
15:49:15 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r2 = semget(0x2, 0x2, 0xa)
semtimedop(r2, &(0x7f00000000c0)=[{0x0, 0xfffffffffffffffd, 0x1800}, {0x1, 0x400, 0x1800}, {0x7, 0x1, 0x1800}, {0x2, 0x100, 0x1000}, {0x1, 0x0, 0x800}, {0x3, 0x4, 0x1000}, {0x7, 0x3, 0x1800}, {0x3, 0x4, 0x1000}, {0x7, 0x6, 0x800}], 0x9, &(0x7f0000000100)={0x0, 0x1c9c380})
ioctl$VIDIOC_G_INPUT(r0, 0x80045626, &(0x7f0000000040))

15:49:15 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_G_AUDIO(r0, 0x80345621, &(0x7f0000000380))
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x81, 0x400000)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000440)={<r2=>0x0, 0x10, &(0x7f0000000400)=[@in={0x2, 0x4e21, @rand_addr=0x1000}]}, &(0x7f0000000480)=0x10)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f00000000c0)={<r3=>r2, @in6={{0xa, 0x4e23, 0x400, @ipv4={[], [], @broadcast}, 0x5}}, 0x0, 0x3}, &(0x7f0000000180)=0x90)
setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000300)={{0xa, 0x4e21, 0x1, @local, 0xfff}, {0xa, 0x4e24, 0x2a5, @ipv4={[], [], @local}, 0x2}, 0x2, [0x1, 0x80000001, 0xfd, 0x4, 0xe4, 0x8001, 0x4, 0x6]}, 0x5c)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000001c0)={0x2260000000000000, 0x2, 0x7, 0x5, r3}, 0x10)
ioctl$VIDIOC_S_FMT(r1, 0xc0d05605, &(0x7f0000000200)={0x800000000000020, @sdr={0x50424752}})
ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000040)=0x3)
ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f00000003c0)={0x7, 0x10001})

[ 1598.662608][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1598.667837][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1598.673273][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1598.684868][ T8067]  ? arch_stack_walk+0x98/0xe0
[ 1598.690709][ T8067]  ? kasan_check_write+0x14/0x20
[ 1598.698742][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1598.703790][ T8067]  alloc_pages_current+0x2fb/0x540
[ 1598.708925][ T8067]  pte_alloc_one+0x1f/0x180
[ 1598.713477][ T8067]  __pte_alloc+0x20/0x2f0
[ 1598.717830][ T8067]  copy_page_range+0x23d5/0x2900
[ 1598.722793][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1598.727512][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1598.727526][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1598.727544][ T8067]  dup_mmap+0xa2d/0xe90
[ 1598.727566][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1598.747359][ T8067]  ? kasan_check_write+0x14/0x20
[ 1598.752583][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1598.756843][ T8067]  dup_mm+0x9e/0x340
[ 1598.760831][ T8067]  copy_process+0x25ff/0x5c80
[ 1598.765514][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1598.769937][ T8067]  _do_fork+0x180/0x5f0
[ 1598.774326][ T8067]  ? dup_mm+0x340/0x340
[ 1598.778489][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1598.783852][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1598.789931][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1598.795668][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1598.801528][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1598.807012][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1598.812764][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1598.818507][ T8067]  do_syscall_64+0xfe/0x140
[ 1598.823989][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1598.830580][ T8067] RIP: 0033:0x457aea
[ 1598.834675][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1598.855061][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1598.863492][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1598.871837][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1598.880568][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1598.888533][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1598.896500][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1598.913255][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 54131
[ 1598.923988][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1598.943945][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1598.951755][ T8067] Memory cgroup stats for /syz0: cache:6508KB rss:101080KB rss_huge:0KB shmem:6508KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6500KB active_anon:101088KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1598.974576][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7319,uid=0
[ 1598.991141][ T8067] Memory cgroup out of memory: Killed process 7319 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1599.010962][ T1044] oom_reaper: reaped process 7319 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:49:16 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f0000000080)={0x2, 0x4, 0x3})
r1 = openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x0, 0x40)
ioctl$CAPI_GET_SERIAL(r1, 0xc0044308, &(0x7f0000000100)=0x3)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r0, 0x4020565b, &(0x7f0000000040)={0x8001009, 0xe7a, 0x3})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000240)={0x10000000001, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:16 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x1, 0x400200)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='9p\x00', 0x1d000, &(0x7f0000000100)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@access_any='access=any'}], [{@dont_measure='dont_measure'}, {@fsname={'fsname', 0x3d, '/dev/video35\x00'}}, {@permit_directio='permit_directio'}, {@pcr={'pcr', 0x3d, 0x17}}, {@obj_user={'obj_user', 0x3d, '/dev/video35\x00'}}]}})

15:49:16 executing program 5:
r0 = socket(0xa, 0x0, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:16 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, &(0x7f0000000780)=""/4096, 0x1000, 0x0, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x26ba, 0x0, 0x0, 0x800e00517)
shutdown(r0, 0x0)
setsockopt$inet_mreq(r0, 0x0, 0xc, &(0x7f0000000000)={@local, @multicast2}, 0x8)
recvfrom$inet(r1, 0x0, 0xfffffe75, 0x0, 0x0, 0x800e0050e)
shutdown(r1, 0x0)

15:49:16 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1599.051023][T18238] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1599.065784][T18238] CPU: 1 PID: 18238 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1599.074228][T18238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1599.092412][T18238] Call Trace:
[ 1599.096710][T18238]  dump_stack+0x1d8/0x2f8
[ 1599.103833][T18238]  dump_header+0xdb/0xf40
[ 1599.108710][T18238]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1599.114730][T18238]  ? ___ratelimit+0x447/0x5d0
[ 1599.119453][T18238]  oom_kill_process+0x1a0/0x490
[ 1599.124405][T18238]  out_of_memory+0x76e/0x9e0
[ 1599.129098][T18238]  ? unregister_oom_notifier+0x20/0x20
[ 1599.134572][T18238]  ? kasan_check_read+0x11/0x20
[ 1599.139437][T18238]  try_charge+0x12ba/0x1710
[ 1599.139469][T18238]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1599.139487][T18238]  ? rcu_lock_release+0x4/0x20
[ 1599.149908][T18238]  ? rcu_lock_release+0x15/0x20
[ 1599.149918][T18238]  ? get_mem_cgroup_from_mm+0x15b/0x170
15:49:16 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r1, 0xc0a85352, &(0x7f00000000c0)={{0x3, 0xac4f}, 'port0\x00', 0x41, 0x8, 0x4, 0x6, 0x6a, 0x8, 0x3, 0x0, 0x5, 0x4})

[ 1599.149929][T18238]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1599.149946][T18238]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1599.149959][T18238]  wp_page_copy+0x391/0x18e0
[ 1599.149977][T18238]  ? reuse_swap_page+0xd47/0x1650
[ 1599.149988][T18238]  ? rcu_lock_release+0x30/0x30
[ 1599.150005][T18238]  ? kasan_check_read+0x11/0x20
[ 1599.150014][T18238]  ? do_raw_spin_unlock+0x49/0x260
[ 1599.150034][T18238]  do_wp_page+0x609/0x1ba0
[ 1599.207315][T18238]  ? kasan_check_write+0x14/0x20
15:49:16 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1599.212768][T18238]  ? __rwlock_init+0x130/0x130
[ 1599.217740][T18238]  ? count_memcg_event_mm+0x300/0x300
[ 1599.217758][T18238]  handle_mm_fault+0x29a6/0x6130
[ 1599.217781][T18238]  ? finish_fault+0x220/0x220
[ 1599.217801][T18238]  ? __down_read+0x1a0/0x1a0
[ 1599.217810][T18238]  ? vmacache_find+0x566/0x5b0
[ 1599.217819][T18238]  ? vmacache_update+0xb7/0x120
[ 1599.217838][T18238]  ? find_vma+0x13c/0x150
[ 1599.252014][T18238]  do_user_addr_fault+0x56f/0xaa0
[ 1599.257103][T18238]  __do_page_fault+0xd3/0x1f0
[ 1599.261880][T18238]  do_page_fault+0xce/0xe0
[ 1599.266982][T18238]  ? page_fault+0x8/0x30
[ 1599.273766][T18238]  page_fault+0x1e/0x30
[ 1599.273778][T18238] RIP: 0033:0x40c5cd
[ 1599.273789][T18238] Code: 74 28 41 8b 07 85 c0 0f 85 f0 00 00 00 41 83 c6 01 48 81 c5 a8 00 00 00 41 83 fe 10 75 d7 bf d8 eb 4b 00 31 c0 e8 c3 55 ff ff <c6> 45 f8 01 44 89 75 f4 48 89 ef c6 45 15 00 c7 45 fc 00 00 00 00
[ 1599.273800][T18238] RSP: 002b:00007ffff6b9e580 EFLAGS: 00010246
[ 1599.303317][T18238] RAX: 0000000000000001 RBX: 000000000075bf2c RCX: 00007ffff6b9e638
[ 1599.303324][T18238] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000
[ 1599.303329][T18238] RBP: 000000000075bf2c R08: 00007ffff6b9e640 R09: 0000000000760070
[ 1599.303335][T18238] R10: 0000000000438af0 R11: 0000000000000012 R12: 000000000075bf20
[ 1599.303340][T18238] R13: 0000000000000002 R14: 0000000000000000 R15: 000000000075bf2c
[ 1599.329005][T18238] memory: usage 307020kB, limit 307200kB, failcnt 54168
[ 1599.399054][T18238] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1599.406636][T18238] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1599.430340][T18238] Memory cgroup stats for /syz0: cache:6500KB rss:101000KB rss_huge:0KB shmem:6500KB mapped_file:3212KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6492KB active_anon:101008KB inactive_file:0KB active_file:0KB unevictable:0KB
15:49:16 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\r\x00'}, 0x58)

15:49:16 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$VIDIOC_DBG_G_REGISTER(r0, 0xc0385650, &(0x7f0000000000)={{0x5, @name="e7b6f3664ce502d1f9036eae102830066ae6f801ff47fd36c1d2627d6f638777"}, 0x8, 0x9, 0x9})

15:49:16 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:16 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0xf, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:16 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000000), 0x155}, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x8164, 0x0, 0x0, 0x800e00547)
shutdown(r0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
read(r2, &(0x7f0000000100)=""/99, 0x63)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r2, 0x0)
r4 = socket$inet6_sctp(0x1c, 0x10000000005, 0x84)
recvmsg(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}], 0x3}, 0x0)
shutdown(r3, 0x0)
shutdown(r1, 0x0)

15:49:16 executing program 5:
r0 = socket(0xa, 0x3, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

[ 1599.486936][T18238] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7346,uid=0
[ 1599.511622][T18238] Memory cgroup out of memory: Killed process 7346 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:49:16 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:16 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @sliced={0x10001, [0x9, 0x2, 0x2, 0x8, 0x22f, 0x8001, 0x1f, 0x10000, 0x7fffffff, 0x3, 0x4, 0x0, 0x6, 0xfff, 0x4, 0x5, 0x3, 0x2, 0xd09c, 0x2, 0xfffffffffffffffb, 0xffffffffffffffff, 0x101, 0x96b7, 0xff, 0x4, 0x1, 0x7ff, 0x34, 0x80000001, 0x40, 0x0, 0x0, 0x2e7, 0x5, 0x100000000, 0xffff, 0x7f, 0x7, 0x3f, 0x7, 0x2, 0x3, 0x5, 0x6, 0x800, 0x7fffffff, 0x6], 0x1}})

15:49:16 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x7, @pix={0x200, 0x1ff, 0xf7715279, 0x0, 0x1, 0x9, 0x0, 0x6, 0x1, 0x3, 0x0, 0x5}})

15:49:16 executing program 5:
r0 = socket(0xa, 0x3, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:16 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:16 executing program 3:
socket$isdn_base(0x22, 0x3, 0x0)
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1599.834169][T18309] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1599.899927][T18309] CPU: 0 PID: 18309 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1599.907854][T18309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1599.917910][T18309] Call Trace:
[ 1599.917928][T18309]  dump_stack+0x1d8/0x2f8
[ 1599.917944][T18309]  dump_header+0xdb/0xf40
[ 1599.917958][T18309]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1599.917969][T18309]  ? ___ratelimit+0x447/0x5d0
[ 1599.917985][T18309]  oom_kill_process+0x1a0/0x490
[ 1599.917998][T18309]  out_of_memory+0x76e/0x9e0
[ 1599.918012][T18309]  ? unregister_oom_notifier+0x20/0x20
[ 1599.918023][T18309]  ? kasan_check_read+0x11/0x20
[ 1599.918038][T18309]  try_charge+0x12ba/0x1710
[ 1599.918068][T18309]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1599.930071][T18309]  ? rcu_lock_release+0x4/0x20
[ 1599.930088][T18309]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1599.930100][T18309]  ? memcg_kmem_put_cache+0x70/0x70
[ 1599.930113][T18309]  ? rcu_lock_release+0x15/0x20
[ 1599.930122][T18309]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1599.930134][T18309]  __memcg_kmem_charge+0x118/0x2f0
[ 1599.930149][T18309]  __alloc_pages_nodemask+0x377/0x790
[ 1599.930163][T18309]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1599.955589][T18309]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1599.970745][T18309]  ? copy_process+0x599/0x5c80
[ 1599.970768][T18309]  copy_process+0x613/0x5c80
[ 1600.027827][T18309]  ? fork_idle+0x1b0/0x1b0
[ 1600.032647][T18309]  _do_fork+0x180/0x5f0
[ 1600.036841][T18309]  ? dup_mm+0x340/0x340
[ 1600.041033][T18309]  ? debug_smp_processor_id+0x1c/0x20
[ 1600.046413][T18309]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1600.052502][T18309]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1600.058216][T18309]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1600.069265][T18309]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1600.074744][T18309]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1600.080464][T18309]  __x64_sys_clone+0xc1/0xd0
[ 1600.085078][T18309]  do_syscall_64+0xfe/0x140
[ 1600.089594][T18309]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1600.095467][T18309] RIP: 0033:0x459519
[ 1600.099351][T18309] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1600.118959][T18309] RSP: 002b:00007f6872e3cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1600.127380][T18309] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459519
[ 1600.135349][T18309] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 04000000000003fe
[ 1600.143306][T18309] RBP: 000000000075bfc8 R08: ffffffffffffffff R09: 0000000000000000
[ 1600.151278][T18309] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e3d6d4
[ 1600.159333][T18309] R13: 00000000004bf97d R14: 00000000004d1358 R15: 00000000ffffffff
[ 1600.174179][T18309] memory: usage 307132kB, limit 307200kB, failcnt 54186
[ 1600.181554][T18309] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1600.189199][T18309] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1600.196050][T18309] Memory cgroup stats for /syz0: cache:6508KB rss:101068KB rss_huge:0KB shmem:6508KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6500KB active_anon:101076KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1600.218244][T18309] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=18306,uid=0
[ 1600.233739][T18309] Memory cgroup out of memory: Killed process 18306 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:49:17 executing program 5:
r0 = socket(0xa, 0x3, 0x0)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:17 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0e\x00'}, 0x58)

15:49:17 executing program 2:
syz_open_dev$sndseq(&(0x7f0000000200)='/dev/snd/seq\x00', 0x0, 0x0)
accept4$nfc_llcp(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000140)=0x60, 0x80000)
r0 = openat$cgroup(0xffffffffffffffff, &(0x7f0000000180)='syz0\x00', 0x200002, 0x0)
r1 = dup(r0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r1, 0x29, 0x45, &(0x7f0000000000)={'NETMAP\x00'}, &(0x7f0000000040)=0x1e)
setsockopt$ARPT_SO_SET_REPLACE(r1, 0x0, 0x60, &(0x7f0000000280)={'filter\x00', 0x7, 0x4, 0x438, 0x0, 0x230, 0x230, 0x350, 0x350, 0x350, 0x4, &(0x7f0000000240), {[{{@arp={@dev={0xac, 0x14, 0x14, 0x2a}, @multicast2, 0xff, 0xff000000, @mac=@local, {[0xff, 0xff, 0x0, 0x0, 0xff]}, @empty, {[0xff, 0xff, 0x0, 0x0, 0xff]}, 0x1000200000, 0x8, 0x9f, 0x1, 0xe, 0xa20f, 'ifb0\x00', 'ip6gre0\x00', {}, {}, 0x0, 0x4}, 0xf0, 0x118}, @unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x6, 0x1, 0x3}}}, {{@uncond, 0xf0, 0x118}, @unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x0, 0x100}}}, {{@arp={@dev={0xac, 0x14, 0x14, 0x27}, @local, 0xffffffff, 0xffffff00, @mac=@random="21297419d70e", {[0x0, 0x0, 0x0, 0x0, 0x0, 0xff]}, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, {[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0xb6, 0x800, 0x7fffffff, 0x400, 0xfffffffffffffff8, 0x1, 'irlan0\x00', 'bcsh0\x00', {}, {0xff}, 0x0, 0x1}, 0xf0, 0x120}, @unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1, {0x6, 0x413, 0x8}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x488)
openat$vim2m(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video35\x00', 0x2, 0x0)
ioctl$RTC_RD_TIME(r1, 0x80247009, &(0x7f0000000080))
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000740)=[@in6={0xa, 0x4e22, 0xecba, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x6}, @in={0x2, 0x4e21, @loopback}, @in6={0xa, 0x4e23, 0x0, @local, 0x80000001}], 0x48)

15:49:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:17 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/snapshot\x00', 0x0, 0x0)
setsockopt$inet6_dccp_int(r1, 0x21, 0x11, &(0x7f0000000040)=0x9, 0x4)

15:49:17 executing program 1:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@local, @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, @local, @broadcast=0xe0000001}, @icmp}}}}, 0x0)
preadv(r0, &(0x7f0000000200)=[{0x0}, {0x0}, {0x0}], 0x3, 0x0)
recvfrom$inet(r0, 0x0, 0x0, 0x0, 0x0, 0x800e00c7e)

[ 1600.248475][ T1044] oom_reaper: reaped process 18306 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:49:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:17 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video35\x00', 0x2, 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x3, 0x2480)
ioctl$PPPIOCSNPMODE(r1, 0x4008744b, &(0x7f0000000040)={0xc0ff, 0x3})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
ioctl$sock_inet6_SIOCADDRT(r1, 0x890b, &(0x7f0000000100)={@local, @local, @local, 0x7, 0x2, 0x5, 0x100, 0x8, 0x1, r2})

15:49:17 executing program 3:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000280)='/dev/dsp\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0x40045542, &(0x7f00000002c0)=0x3ff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1, 0x7ff}, 0x23, 0xfffffffffffffffd, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x6, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000040)={<r2=>0x0})
ioctl$DRM_IOCTL_GET_SAREA_CTX(r0, 0xc010641d, &(0x7f00000000c0)={r2, &(0x7f00000006c0)=""/4096})
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
listen(r1, 0x9)
setsockopt(r3, 0x10d, 0x800000000d, &(0x7f00001c9fff)="03", 0x1)
connect$inet(r3, &(0x7f0000e5c000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x20}}, 0x10)
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c06, 0xffffffffffffffff)
setsockopt$inet6_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000340)='tls\x00', 0x4)
syz_open_dev$adsp(&(0x7f0000000240)='/dev/adsp#\x00', 0x101, 0x0)
r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r4, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:17 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:17 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x10\x00'}, 0x58)

15:49:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1600.552764][ T8067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0
[ 1600.567369][ T8067] CPU: 0 PID: 8067 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1600.575190][ T8067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1600.585250][ T8067] Call Trace:
[ 1600.588551][ T8067]  dump_stack+0x1d8/0x2f8
[ 1600.592893][ T8067]  dump_header+0xdb/0xf40
[ 1600.597228][ T8067]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1600.603042][ T8067]  ? ___ratelimit+0x447/0x5d0
[ 1600.607760][ T8067]  oom_kill_process+0x1a0/0x490
[ 1600.612616][ T8067]  out_of_memory+0x76e/0x9e0
[ 1600.617237][ T8067]  ? unregister_oom_notifier+0x20/0x20
[ 1600.622709][ T8067]  ? kasan_check_read+0x11/0x20
[ 1600.627590][ T8067]  try_charge+0x12ba/0x1710
[ 1600.627622][ T8067]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1600.627648][ T8067]  ? rcu_lock_release+0x4/0x20
[ 1600.627664][ T8067]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1600.627677][ T8067]  ? memcg_kmem_put_cache+0x70/0x70
[ 1600.627690][ T8067]  ? rcu_lock_release+0x15/0x20
[ 1600.627698][ T8067]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1600.627710][ T8067]  __memcg_kmem_charge+0x118/0x2f0
[ 1600.627730][ T8067]  __alloc_pages_nodemask+0x377/0x790
[ 1600.642835][ T8067]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1600.642849][ T8067]  ? arch_stack_walk+0x98/0xe0
[ 1600.642867][ T8067]  ? kasan_check_write+0x14/0x20
[ 1600.642878][ T8067]  ? do_raw_spin_lock+0x143/0x3a0
[ 1600.642894][ T8067]  alloc_pages_current+0x2fb/0x540
15:49:17 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:17 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:17 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1600.700084][ T8067]  pte_alloc_one+0x1f/0x180
[ 1600.700101][ T8067]  __pte_alloc+0x20/0x2f0
[ 1600.700114][ T8067]  copy_page_range+0x23d5/0x2900
[ 1600.700130][ T8067]  ? do_syscall_64+0xfe/0x140
[ 1600.700163][ T8067]  ? vm_normal_page_pmd+0x3d0/0x3d0
[ 1600.700176][ T8067]  ? init_admin_reserve+0xc0/0xc0
[ 1600.700195][ T8067]  dup_mmap+0xa2d/0xe90
[ 1600.700213][ T8067]  ? __delayed_free_task+0x20/0x20
[ 1600.700226][ T8067]  ? kasan_check_write+0x14/0x20
[ 1600.700242][ T8067]  ? mm_init+0x5cc/0x6e0
[ 1600.747275][ T8067]  dup_mm+0x9e/0x340
15:49:17 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:17 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @sliced={0x9, [0x0, 0x3, 0x0, 0x0, 0x100000001, 0x6, 0x4, 0x8, 0x180000000, 0x5, 0x3, 0x2, 0x4, 0x5, 0x1, 0x1ff, 0x9, 0x80000001, 0x34c8421, 0x6, 0x1, 0x4, 0x6, 0x70, 0x3, 0x7, 0x9, 0x654b, 0x1, 0xb228, 0x5, 0x7, 0x6, 0x400, 0x5, 0x9, 0x4, 0xefd, 0x1, 0x7, 0x9, 0x1, 0x8, 0x400, 0x0, 0x7, 0x3, 0xd0], 0x10001}})
r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0xff, 0x111042)
connect$vsock_dgram(r1, &(0x7f0000000200)={0x28, 0x0, 0xffffffff, @host}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpu.stat\x00', 0x0, 0x0)
write$P9_RMKDIR(r0, &(0x7f0000000140)={0x14, 0x49, 0x2, {0x73, 0x0, 0x6}}, 0x14)
r3 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ubi_ctrl\x00', 0x400, 0x0)
ioctl$EXT4_IOC_MIGRATE(r3, 0x6609)
r4 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x100000001, 0x2000)
ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000000100)={r3, r4})
openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x30280, 0x0)

[ 1600.751200][ T8067]  copy_process+0x25ff/0x5c80
[ 1600.755906][ T8067]  ? fork_idle+0x1b0/0x1b0
[ 1600.760603][ T8067]  _do_fork+0x180/0x5f0
[ 1600.764768][ T8067]  ? dup_mm+0x340/0x340
[ 1600.768933][ T8067]  ? debug_smp_processor_id+0x1c/0x20
[ 1600.774391][ T8067]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1600.780639][ T8067]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1600.786371][ T8067]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1600.792046][ T8067]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1600.797532][ T8067]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1600.803275][ T8067]  __x64_sys_clone+0xc1/0xd0
[ 1600.807882][ T8067]  do_syscall_64+0xfe/0x140
[ 1600.807897][ T8067]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1600.807906][ T8067] RIP: 0033:0x457aea
[ 1600.807916][ T8067] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00
[ 1600.807921][ T8067] RSP: 002b:00007ffff6b9e6e0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1600.807931][ T8067] RAX: ffffffffffffffda RBX: 00007ffff6b9e6e0 RCX: 0000000000457aea
[ 1600.807937][ T8067] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011
[ 1600.807942][ T8067] RBP: 00007ffff6b9e720 R08: 0000000000000001 R09: 0000555556c9a940
[ 1600.807948][ T8067] R10: 0000555556c9ac10 R11: 0000000000000246 R12: 0000000000000001
[ 1600.807954][ T8067] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1600.916239][ T8067] memory: usage 307200kB, limit 307200kB, failcnt 54225
[ 1600.940119][ T8067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1600.950582][ T8067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1600.960534][ T8067] Memory cgroup stats for /syz0: cache:6512KB rss:101084KB rss_huge:0KB shmem:6508KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6500KB active_anon:101092KB inactive_file:4KB active_file:0KB unevictable:0KB
[ 1600.994608][ T8067] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=18346,uid=0
[ 1601.015788][ T8067] Memory cgroup out of memory: Killed process 18346 (syz-executor.0) total-vm:72840kB, anon-rss:156kB, file-rss:35788kB, shmem-rss:4kB
[ 1601.031558][ T1044] oom_reaper: reaped process 18346 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
[ 1601.075353][T18384] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000
[ 1601.088401][T18384] CPU: 1 PID: 18384 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1601.096502][T18384] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1601.106842][T18384] Call Trace:
[ 1601.110154][T18384]  dump_stack+0x1d8/0x2f8
[ 1601.114497][T18384]  dump_header+0xdb/0xf40
[ 1601.118838][T18384]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1601.124690][T18384]  ? ___ratelimit+0x447/0x5d0
[ 1601.129385][T18384]  oom_kill_process+0x1a0/0x490
[ 1601.134251][T18384]  out_of_memory+0x76e/0x9e0
[ 1601.138842][T18384]  ? unregister_oom_notifier+0x20/0x20
[ 1601.138854][T18384]  ? kasan_check_read+0x11/0x20
[ 1601.138867][T18384]  try_charge+0x12ba/0x1710
[ 1601.138896][T18384]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1601.138917][T18384]  ? rcu_lock_release+0x4/0x20
[ 1601.164272][T18384]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1601.169836][T18384]  ? memcg_kmem_put_cache+0x70/0x70
[ 1601.175053][T18384]  ? rcu_lock_release+0x15/0x20
[ 1601.179913][T18384]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1601.185473][T18384]  __memcg_kmem_charge+0x118/0x2f0
[ 1601.190862][T18384]  __alloc_pages_nodemask+0x377/0x790
[ 1601.190877][T18384]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1601.190895][T18384]  ? kasan_check_write+0x14/0x20
[ 1601.206714][T18384]  ? do_raw_spin_lock+0x143/0x3a0
[ 1601.206734][T18384]  alloc_pages_current+0x2fb/0x540
[ 1601.206750][T18384]  pte_alloc_one+0x1f/0x180
[ 1601.206763][T18384]  __do_fault+0xdf/0x390
15:49:18 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
recvfrom$inet(r1, &(0x7f0000000180)=""/37, 0x25, 0x0, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0x4e5cc83, 0x0, 0x0, 0x800e00549)
shutdown(r0, 0x0)
getpgrp(0xffffffffffffffff)
recvfrom$inet(r2, 0x0, 0x55c1, 0x2, 0x0, 0x800e00545)
shutdown(r2, 0x0)

15:49:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:18 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = add_key(&(0x7f0000000000)='syzkaller\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="8418897c7ca77a9b9810d5be6e45e7bbc9bde349a745e7cbdfc9e3b22912fea76040a537ddf7390a7d3e6e86cdeba05280416b9e049f383d45d26486d4e9a2d5caf43b3c33590db50129a5f698d94aa2b2c9027574c94dbf75cac5e3d9d4da458f7e4bc8847ab90f88f0364baf50b35b6adffde1c017ea4668a005fde2a9e0d809ab07541c5c43350286d49af800526bc54109de8aff4fb699938d9671aa66ed6c1acbdd0cbfcc5292977917190b566325f7d42a6603a08f136235", 0xbb, 0xffffffffffffffff)
keyctl$clear(0x7, r1)
ioctl$VIDIOC_S_FBUF(r0, 0x4030560b, &(0x7f0000000180)={0x81, 0x20, &(0x7f00000006c0)="68f6f21e14dfd6fcbc8b950e29d6fdfa827dc28373a1964084ebc8aa0523e335ac1f96b7342aee151a6d688f04c5b574af3460b4d00f1ab6e082ac5082cd5b128c7dd1ed5748024f5c85297b810a533acdfb85307e739b0f7cf57582376128466969d0bf605d2d4cb44fc6fa7685b71ebe26ebc5603886f89db05f889dc8f0050f3d2c0dcedff26a6682285f49d37d3607983378d5abc52c445996b4c9adc9f98915f47887bf4fc3f53f8f528e5cd2df2fc5f6f58f944244e9fc8f529e3506694d1bf9215c97a694c29fc0989a51c0a767162a514b781001d7ad4ed0ba20b2d9d80d9ddb9c026c17da322a33b0dffb94d5c4ba2e126283da66d75ea182ccbd4487b63306ad5cd8e52409d431d981578df70f90ee0f73922ef9bfd4aa56e28750ec853d7a628c96e2c6d1fbaa10a8fa70bddc68359fee8d57a821b6bf68f0f40927c13892a4ad323a61394b6495a3405df04c2baffb9718b3745d78a9870a62805cbbb0c31e89e112b3f165e1ebb438c9587838dcf0c288d68395a0a69331fa4cc590fb7c7527b55fb422c9e9041a6f6ba1a74e02cb3c25da2530400ca8f1196501e761172affbdc3d4a59a3ceca6a40304065363fe55aaf0167680faf092fb0b1d75975a7b647de41ab4f0ca8fd18e131e4f459f17f471f1367469c30e0f1b0e67dde1ef35244deb46662b9a993f9a6be961fdd4274c5320724412281571f6e5db3e65bf2bf50c63b26f8265f59e28007a893d08a0a55d2a51e94ade0f6380a74391a21e84811ef91c66daa08862a154a37f1cb7927b97ed45ebc8d0d577ab9b00d13e9e28cec9193554000de45c49da043a61eb94941801f0c6d601b3c48ea953e26b408fd193d43f0a6ca1808405e5fe1e3e2365b4ca65fd7c9c6b04ceeae5e8ef2f6d07dfd8a344ec25a46b49a6aa812644cb8b8fde96e261734cb6602cfbe87395a64acd8b82604eacc217fb2be7608718e08ac60f3ab94927d19d14ec0e6cd4c6b4c02ba25e40dc71f67fa8b0b932083bf892015c1b957a3c8e937fd69d504b5c137f0a5fd7735fd3b2968c4523a69b55b69afa519144dd1bf44762382380ded985937710495f0297a185e85126abd133f5536e39f65f41c1209afb07761c73aa9a9f473920c91182e530d00be8bd6ee3ee979583f5a66a3694c03a3c7a61415bb8baff927120701f79afd10c8160baff5001aba82ff093f582daa1a1d09137400e486c7a3c0ac5f7af830a5286b8e4d17bb322008d9413b4c38408d5f26a3b99a0b0fb969136f927ac13fe3fa7c25124cf5c943680c5faab8e955f52cd6bb9b9e879bdca40cf2dc509eff6be1d481422903d628100e0d8f833cc7a7c88a2114b36696bd8c22b1e2b1386d6dd4586a5b1b676490125f4e18204287af5764a2e84b11f4861103d5f6341a802ea77459f4d2750a5e48408b46b7ba3b0f1470b07b380b558be2636de19079bec653d2ad441d7db3e6726bfe0fc883480f46e9c422cae59d05253aa4f0c50f1280e26c56113c28e1038709433d491f44bde73c59e5e1813e480ca5cd205cfd45ba625dc5f1582050d2005b6329935eaa6b6e7bfc5792b450d0e5a9f73f9ea2102a21b5acf3fe0b4a696cb2655a3071304b196175b0255fcd11b1cf36eb43d25265c797187f22b1b47e8dc7cfec9fc23be993f7801ef4d9d25ae6cd4c5088feadf3a5607cca54d7d92bfba06a52f79ce7e9f1100b354b262d137c00a4c7a79b8d25f7aa6e034b0ea34d1d63ec78a2fe270bbc534b612b8954eed45121a86ed4ece24769d8ef91040fede4372b1ac19a1d4fed3eada4598f4db2744d3b4768377cf9751cf23e73e47c49277705eafb71c87fad212f08801037d9da80331d77c31e43a2776d73abeb0b6ebe8cde6dd9fd0c8c65f72217492cceee8acd068e56b1d3a6e850f1b55f9136476c4a777c74d320c7f2603b6e5a8f9155680074ed41e1d3bcd61b9f3bbcd997f046e9c609494e52978be8f0469df28eec660dca83bd4d71fed6f05fb4a99eb80c7c1862a03747862a0bebacd40ac2baeb9084c9c7878ce2f3ff9f97851f0f946559fffca47e2318bb0cb8e47dbeeb9f7ceca7ffe55b284210558f5d12e08d5625ecbd4be0ffe818dc4cab64081e4ab81c507cf66749d2e21187d1659866e4dcccfb240bea81c4da09b8f30567773ce0b3eae7137ba9b105ff246e70d6b82fb76db071dcce843fdf35739631a5951aa1f87be969b71358df9cd8077c3a7ff4b05a391898536fff7265b8455fa885a0711c62948302886a1ba400bfec048c437b172f0603ce4891c0f827a8dc29c0a51d18aada3c17f6239984aa9fb448ec0e7613b166003d6089e11aa69a4e5a2149decd2aebda8b185bdf44f3d1fa2c7f8ef605f5b93b139301fb692b30e63135d7e6b4a23948cfad7d01e877d1dcf4f45ba4bb3703be5d1631f8417ffbf73a497fe08a1f413f9b468e4d3a60a9ace28909450c2f520230569b735b71db4f8262bdaf07e523988fc3524dd063651a96b9d2c935e42069962985cc860917e06a62494fb38a477484e92fb87f7a25cd6a4f4058dc54554a0b1891aaf71f2f93bc0ce533236e5549745a0155c6efd1a97ca44867bf6c68620ca53a549bf01378a7b3d4e384ab6ab107384cd1b9df9134e0bc959e55538dbf44ac95ba08e2be644583da05ef646a5d6bf5b58b361519d7500e3cfe449fa0b52789bea336a5c9a8346913e84093e47378008edd9382040dfa452ca89d5a0959b48814e8354c15e943494e6d80c2fc3791d576a8e3ba2ce635c26c2f430f29a5bd92ce44f458b330378495a11cbbbbe0f04ef9fece6d1f27b403d1703763d55a78d9a915d91350e04ad507e5bb19f9d5bf7dc88a4a5bd18fe9111aba1b2057c3dfd7597c59bc1039155974be59cabdf7e1230c89cc25a09d0f79f6ae99b386ebe2b7f1dab5386ea37c45decd4584543a95335aa1f0867c328439530b2fd0ba46496c62eda26243e9b7c76c64c82c62cfabef975bec7d65abdf9c9091dea8a74542cc02469abcd508ac2d9d49893c67096905a294de6753852c754b37c6613128d19bc4eb0edc46bf6c7aa0356a2df967d880695b7b3e21f41829296e21593c47d37772e495e8e1bc93aab6491b31dd0bd21ea3c8e8f5381a7586c4559c86d6ba7033966ed08c8646b6eaef84ca1d3b31abd12c52ef940d0c2c35faa96272cbe9517a20149558bb7958fde2ae9b134e6072d4b8fe19bb0d8d5fc9db1deb64551d78b17921b57b3202b5b107df5c446917715cd931f42b99053d610e2ff56d791b1e131b5e09b82cdad68f5a70bdeae3223271052c4b6ee5413c758aeafc9786849120a6b623dbc5fea531d86af043793a199baa3351177cdaa39a909248f885f8f931ac1d54f46dc00e18dc442c262d3c2e628481c0c08a3f47ec7679adde767221faa0a9b3fe0b1f9201a86ea62baab572e2f18bcad085b363b4d25f91c28ff60d12e5054b9eb6c9b7ed0cae198c1a438010493cc4271dd26929391b9ca8f121b877c8acab97697dae4f9ca3c9f6e432b025cedc73ea63d654e3d924247ad262cb5a8452f8b93c4175302e3b4d56f643f9d047c3a69966b5be75a68ff8a47d02e887bcee3a3fa440c69e375be0e79be6f2ff6a6cebd26177d521d05ade75ea16ba3f91dd9ab76bc089c3121aeba15e695a1801d9cb18efd0eeb80f81d483455c0bdb96de4fac4f2026446b45f4e67d360269bae101f55baf1fcffbf38b58174911631803ff614082341848ea6cf6e0671c05cb783305917d3a04c775f7b3021ff4104d49ba2f73f68526b9bbfdf2191ba57c9ca12020208f58f50cd83f5061e411e5d093fe1eca4d8ac019aa8bf4923be5946ec172a14a8656488eeb56c0c16d1f8266e3e9a92fb9f00672b25803b25a275b1ca7040f2c85e2e98753150b2fb5de7510cda8caa9d041051943421dd2aae334a60f911abd547a9eae5f94799ec9bb6cc4ddac8845fa5074ceb1c1d5b05f118c5095e3624a19d78af3c3e2b7a21c2a895e3af962291862b4b6aa6809b785f7d682816197c38806846c749da79aafd37a2c9722868238ced166aaa522e3b820b4d9a0894d29aefa015256aa5a03e5f77b8b606c44081150179f5837e47f8895faa51c3f88768df332384e57d601fe8a2753c5306fe0680c94757560dae54480f94c98a89f70a07c1001a6537476aa4c4c22b07ce61ed5c131500d2ba89a8b8fcc1921bb7ae96dd81b62529301fd8b6d91b1c3b5d06148af329cbb01740cffcf941427a463e877a666701090de75d444d804c0951f2ebe879b582d7ecfb0a2a8c000ebae2e8e0d852364bb15d213efbdd839e19e47e47541874cc7dbbecd1eea04998904ba5aaf2399806b6ab30768d6ea290c2d4ceff869643ebdcac6fa5241e965d2255d387e0c4be8eb254a6c82e08c398b3aade948c824bfa9cb83fb84802b4dd320893c40be75515f4f2225cc3fdda303d03d9df04d215d333e4640f6d561e87732cdcbdd4330627dde220b29c837c83fd39b48f041055d23efa63f5c168bf12eee2030cf200c265a08a626e12017d78c44f7cf96e4e756069cc0ba8913f73d34a5c8953e95bd24db5532f1abfea7c018830bfd1d762105cf59737909812909f4c9475dab5d66a8947e1393f1101cedce57186a6d9e50226e02a9ea2b40d17924f0c59e87b39473878de0b3d2887963fefa686c08ddaecde0bfa80df9842c99ac92d8de3abdc062a388ad1bdca150e8833234744aa5964be86f1d0d2ec3e3813d0b59c2d2e1e0c753c8fa8cc8c752b70e9ccf2d8983158f3af907f55fb7968bcaa5f7f253d7768454236a5da6e15508ea6b66738cc58d371334ff714758907386762a47758b40f54ffae0526b80339cd1d95be62e9209dada7785b803004ab939d797235f84ad79eadb8a5612d6332323a560690f9086a6db7cec5e5795f9c860d96ea6b998474df050a0a6a204af679978ade9f54635155ccfc4cb879693b3ff910989e05fbe6f5d955b720330e4fe3a54a9bf5a3fc2ec096f535814fa5cb5865dc7c8e67da00685e2895436777391e61b0f9b6fb903a19f30186c33aea19b1f69d3c644243ff150f2ad237b8b45e05f8d04218d6d5a8b742785aceb60b5789cf71aac1ab125b6ecb6e4e141f6c8b4264c3a085a6e3a1e3613799d2588d83e553d2adcb2ace7d0950d1ce7b327e1881a128a6d33eb243e5002e08947bb8aee0d94b615971655e891c63c584821719ca0c35612a0d9ba0eb016e5329454e615c22f11d9e26a7ae50024e418989f39d5f3d7b0dffb844457457ec70ed64e141643acd1b11774f1e5e5fd92b89e3538fd989e776ee3eaf57a7c36a1978c03ed169a67448b2d25b8a2e37edaee83cf6ec3979ae9f9caf5ace25f03d4b7888f3203dc6a9578ef66661ce4bf9644783cc1e8fa7e2d5eadddc3a693469d12683da4a847bea04e311cedeef6c231c45aeb6eca2e2b66f14c652a0f4ac47bb6b4a4953ab9a6eaaf7ef415eef997bb86bd085e83dfb561783a7ae383c996910032237feda4ebeab1cbfed1b19c16c75c25aefcc738cda923aa516ad8804d1b167bdfb19e1af2f0c52b045dc7c70d2ebd3a98a40e10320900cb3d623e57bed36b2c3bb2bea7fa9638f491910dc7aa93ae09f70bf4b2815c9b6cf7f9b5de081a33d02f1b048bfbca14b76208988abfdc7df02b46fe71ba206e76a4ac152ae57eda112eb8cf73b2e5ecea34d045756c890d27bfa0beeff64d631d2700931a7926edeede78989b2ece398e786f97bdd959f79dcba255b94cc39", {0x260, 0x101, 0x30314247, 0x6, 0x3, 0x40000000000000, 0x0, 0x3}})

15:49:18 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, 0x0, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:18 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0x1, 0x28, &(0x7f0000000040)={0x0, <r1=>0x0}}, 0x10)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000000c0)={r1, 0xff9, 0x10}, 0xc)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1601.206771][T18384]  ? __pmd_alloc+0x36a/0x3d0
[ 1601.206787][T18384]  handle_mm_fault+0x29b8/0x6130
[ 1601.235317][T18384]  ? finish_fault+0x220/0x220
[ 1601.240020][T18384]  ? __down_read+0x1a0/0x1a0
[ 1601.244622][T18384]  ? vmacache_find+0x566/0x5b0
[ 1601.249430][T18384]  ? vmacache_update+0xb7/0x120
[ 1601.254294][T18384]  ? find_vma+0x13c/0x150
[ 1601.258635][T18384]  do_user_addr_fault+0x56f/0xaa0
[ 1601.263675][T18384]  __do_page_fault+0xd3/0x1f0
[ 1601.268353][T18384]  do_page_fault+0xce/0xe0
[ 1601.272772][T18384]  ? page_fault+0x8/0x30
[ 1601.277021][T18384]  page_fault+0x1e/0x30
[ 1601.281175][T18384] RIP: 0033:0x4019f7
[ 1601.285089][T18384] Code: 00 00 00 48 83 ec 08 48 8b 15 bd ea 66 00 48 8b 05 ae ea 66 00 48 39 d0 48 8d 8a 00 00 00 01 72 17 48 39 c8 73 12 48 8d 50 04 <89> 38 48 89 15 90 ea 66 00 48 83 c4 08 c3 48 89 c6 bf 38 96 4c 00
[ 1601.285096][T18384] RSP: 002b:00007ffff6b9e570 EFLAGS: 00010287
[ 1601.285105][T18384] RAX: 0000001b2be20000 RBX: 0000000000000000 RCX: 0000001b2ce20000
[ 1601.285111][T18384] RDX: 0000001b2be20004 RSI: 00007ffff6b9e330 RDI: 0000000000000000
[ 1601.285117][T18384] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000004
[ 1601.285124][T18384] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000001
[ 1601.285130][T18384] R13: 00007ffff6b9e760 R14: 0000000000000000 R15: 00007ffff6b9e770
[ 1601.289811][T18384] memory: usage 307020kB, limit 307200kB, failcnt 54264
[ 1601.336332][T18384] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1601.380368][T18384] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1601.392101][T18384] Memory cgroup stats for /syz0: cache:6500KB rss:100996KB rss_huge:0KB shmem:6500KB mapped_file:3212KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6492KB active_anon:101004KB inactive_file:0KB active_file:0KB unevictable:0KB
15:49:18 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x11\x00'}, 0x58)

15:49:18 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x8001, 0x20000)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000040)={0x8, 0x5, 0x0, 0x3, 0x9, 0x9, 0x1, 0xfffffffffffffff7, 0x3, 0x1, 0x6, 0x4})
memfd_create(&(0x7f00000000c0)='$vboxnet0{bdev/mime_typevmnet1\x00', 0x5)

15:49:18 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, 0x0, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:18 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:18 executing program 1:

[ 1601.436018][T18384] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7369,uid=0
[ 1601.459279][T18384] Memory cgroup out of memory: Killed process 7369 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:49:18 executing program 1:

15:49:18 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, 0x0, 0x0)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:18 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:18 executing program 3:
r0 = open(&(0x7f0000000000)='./file0\x00', 0x200000, 0x4)
getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000240)={<r1=>0x0, @multicast2, @initdev}, &(0x7f0000000280)=0xc)
sendmsg$nl_route_sched(r0, &(0x7f0000000380)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)=@newtclass={0x64, 0x28, 0x0, 0x70bd29, 0x25dfdbfc, {0x0, r1, {0xfff3}, {0x10, 0xc}, {0x1e, 0xfff3}}, [@TCA_RATE={0x8, 0x5, {0x2, 0x2}}, @tclass_kind_options=@c_dsmark={{0xc, 0x1, 'dsmark\x00'}, {0xc, 0x2, @TCA_DSMARK_VALUE={0x8, 0x5, 0x4}}}, @tclass_kind_options=@c_dsmark={{0xc, 0x1, 'dsmark\x00'}, {0xc, 0x2, @TCA_DSMARK_VALUE={0x8}}}, @TCA_RATE={0x8, 0x5, {0x7, 0x7}}]}, 0x64}, 0x1, 0x0, 0x0, 0x2000c840}, 0x40000)
ioctl$UI_SET_FFBIT(r0, 0x4004556b, 0x1c)
ioctl$RTC_IRQP_READ(r0, 0x8008700b, &(0x7f00000001c0))
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r2, 0xc0d05640, &(0x7f00000000c0)={0x100000000000001, @raw_data="370e77c1827f7d3cf940e69cb831adbebe88706d08a1bdbfed9559bf860579553d45f4aeac881084c53241ad45e12cd2e959d3c20a54210949bec3803d34a1d6dd89a4788660f4179a0d05afb42cc9039bd3f7c0c0889898ad86b009a02ddfec2a491db39fb3c340b34c57670981d234613caebf1d5cff1b419e87654b3bc5f7e7b3dc3fa8d749cbe1935a453d1d1e4e67dd1701477135f23d1dc88a8a8861285b4379918a1bf3e891f047f6c67b5f56e2d3641b49751ab6ea3b52fea1a8d283a8bd8487efebc3eb"})

15:49:18 executing program 1:

15:49:18 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:18 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x12\x00'}, 0x58)

15:49:18 executing program 3:
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_GET(r0, &(0x7f0000000740)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000700)={&(0x7f0000000600)={0xd4, r1, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0xc, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x5177262a}]}, @TIPC_NLA_SOCK={0x28, 0x2, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x2}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x32}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8000}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_SOCK={0x10, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_LINK={0x18, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}, @TIPC_NLA_LINK={0x64, 0x4, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x400}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x53}]}, @TIPC_NLA_LINK_PROP={0x44, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1ff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1d9d}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xc}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100000000}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}]}]}, 0xd4}, 0x1, 0x0, 0x0, 0x8041}, 0x8840)
r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_ADD(r2, &(0x7f0000000540)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x44000000}, 0xc, &(0x7f0000000500)={&(0x7f0000000100)={0x3d4, r3, 0x200, 0x70bd28, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x34, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xae}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x1}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x6}]}, @TIPC_NLA_NODE={0x1c, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x401}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x80000000}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_LINK={0xf4, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x4c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x90}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3ff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xfff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xd05a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}, @TIPC_NLA_BEARER={0x178, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x7, @dev={0xfe, 0x80, [], 0x27}, 0x2}}, {0x20, 0x2, @in6={0xa, 0x4e20, 0x1, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0xd70}}}}, @TIPC_NLA_BEARER_PROP={0x54, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x20}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e21, 0x100, @loopback, 0x80000000}}, {0x14, 0x2, @in={0x2, 0x4e21, @rand_addr=0x2}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x40}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x148}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x9, @mcast2, 0x1}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x76f8, @remote, 0x40}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x40}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x3}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x4e24, @multicast2}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x7895}]}, @TIPC_NLA_NET={0x30, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x9}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xf1a}]}, @TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xfff}]}, @TIPC_NLA_LINK={0x8c, 0x4, [@TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x3}]}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x2}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xffff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xe}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}]}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xffffffffffff7fff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x23}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}, @TIPC_NLA_NET={0x38, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xff}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x100}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0xfffffffffffffbba}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xd75}]}, @TIPC_NLA_NET={0x4}]}, 0x3d4}, 0x1, 0x0, 0x0, 0x8000}, 0x4000)
ioctl$VIDIOC_TRY_ENCODER_CMD(r2, 0xc028564e, &(0x7f0000000000)={0x0, 0x1, [0x100, 0x9, 0x0, 0x0, 0x400, 0x2, 0x5]})
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)

15:49:18 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x20000, 0x0)
ioctl$int_in(r0, 0x5421, &(0x7f0000000100)=0x6)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000040)={0x5, [0x8, 0x8, 0x3f, 0x9, 0xa]}, &(0x7f00000000c0)=0xe)

15:49:18 executing program 1:

15:49:18 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:18 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:18 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f00000001c0)="c0dca5055e0bcfec7be070")
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00'], 0x1)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfffffcbe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:18 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:18 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00?\x00'}, 0x58)

15:49:18 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = gettid()
sched_getaffinity(r1, 0x8, &(0x7f0000000000))
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:19 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(0xffffffffffffffff, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff013398", 0x6}], 0x1)

15:49:19 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:19 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
pipe2(&(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x4800)
ioctl$KVM_GET_TSC_KHZ(r1, 0xaea3)
ioctl$VIDIOC_G_EDID(r2, 0xc0285628, &(0x7f00000000c0)={0x0, 0xc354, 0x17eb, [], &(0x7f0000000040)=0x9})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0xb, @pix_mp={0x1f, 0x8, 0x38303553, 0x5, 0x0, [{0x6, 0x8}, {0x8, 0x4}, {0x3, 0xfffffffffffffff9}, {0x29, 0x9}, {0x2, 0x935}, {0x9, 0x100}, {0x6, 0x1b}, {0x7fffffff, 0xf6}], 0xfffffffffffffffa, 0x4, 0x6, 0x2, 0x7}})
ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000000140)={0x1, &(0x7f0000000100)=[{}]})

15:49:19 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x605e42d2c787c4aa, 0x0)
fstat(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040)={0x0, 0x0, <r3=>0x0}, &(0x7f0000000240)=0xc)
write$FUSE_ATTR(r1, &(0x7f0000000280)={0x78, 0xfffffffffffffff5, 0x3, {0x2, 0x0, 0x0, {0x5, 0x3f, 0x9, 0x101, 0x8, 0x36911551, 0x3, 0xfffffffffffffffc, 0x5, 0x9, 0x9, r2, r3, 0x1, 0x10000}}}, 0x78)
ioctl$UI_BEGIN_FF_ERASE(r1, 0xc00c55ca, &(0x7f0000000300)={0xc, 0x2, 0xff})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000000c0)={0x9, 0xa7, 0x3, {0xb, @pix={0x8001, 0x8, 0x7e7f755f, 0xf, 0xf5ed, 0xfffffffffffffffe, 0x4, 0x7ff, 0x1, 0x6, 0x1, 0x6}}})

15:49:19 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, 0x0, 0x0)

15:49:19 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00@\x00'}, 0x58)

15:49:19 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1602.275705][   T24] audit: type=1804 audit(1561909759.183:44): pid=18501 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir776936707/syzkaller.CGqS88/4806/memory.events" dev="sda1" ino=17387 res=1
15:49:19 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:19 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f00000001c0)="c0dca5055e0bcfec7be070")
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00'], 0x1)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfffffcbe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:19 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x280, 0x0)
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000040))
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:19 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:19 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, 0x0, 0x0)

15:49:19 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00'}, 0x58)

15:49:19 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x800)
setsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000040)=0x7, 0x2)
ioctl$SCSI_IOCTL_DOORLOCK(r1, 0x5380)
ioctl$VIDIOC_QUERYBUF(r0, 0xc0585609, &(0x7f0000000100)={0x0, 0x1, 0x4, 0x2000012, {}, {0x1, 0x0, 0x80000001, 0x6, 0x80, 0x40d, "f884541b"}, 0x1, 0x4, @planes=&(0x7f00000000c0)={0x6, 0x4, @mem_offset=0x8000, 0xff}, 0x4})

[ 1602.695912][   T24] audit: type=1804 audit(1561909759.603:45): pid=18540 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir776936707/syzkaller.CGqS88/4806/memory.events" dev="sda1" ino=17387 res=1
15:49:19 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1602.780665][T18554] Unknown ioctl 19268
15:49:19 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, 0x0, 0x0)

[ 1602.814615][T18557] Unknown ioctl 19268
15:49:19 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:19 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x101000, 0x0)
ioctl$KVM_S390_UCAS_MAP(r1, 0x4018ae50, &(0x7f0000000040)={0x5, 0x4, 0x4})

15:49:19 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00'}, 0x58)

15:49:19 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0), 0x0)

[ 1602.942331][   T24] audit: type=1804 audit(1561909759.853:46): pid=18559 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir776936707/syzkaller.CGqS88/4807/memory.events" dev="sda1" ino=16920 res=1
[ 1603.163244][T18580] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1603.181256][T18580] CPU: 0 PID: 18580 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1603.189170][T18580] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1603.199232][T18580] Call Trace:
[ 1603.202528][T18580]  dump_stack+0x1d8/0x2f8
[ 1603.206865][T18580]  dump_header+0xdb/0xf40
[ 1603.211208][T18580]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1603.217121][T18580]  ? ___ratelimit+0x447/0x5d0
[ 1603.221811][T18580]  oom_kill_process+0x1a0/0x490
[ 1603.226747][T18580]  out_of_memory+0x76e/0x9e0
[ 1603.231320][T18580]  ? unregister_oom_notifier+0x20/0x20
[ 1603.236793][T18580]  ? kasan_check_read+0x11/0x20
[ 1603.241661][T18580]  try_charge+0x12ba/0x1710
[ 1603.246407][T18580]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1603.252324][T18580]  ? rcu_lock_release+0x4/0x20
[ 1603.257137][T18580]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1603.262703][T18580]  ? memcg_kmem_put_cache+0x70/0x70
[ 1603.267933][T18580]  ? rcu_lock_release+0x15/0x20
[ 1603.272825][T18580]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1603.278398][T18580]  __memcg_kmem_charge+0x118/0x2f0
[ 1603.283532][T18580]  __alloc_pages_nodemask+0x377/0x790
[ 1603.288933][T18580]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1603.294538][T18580]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1603.300283][T18580]  ? copy_process+0x599/0x5c80
[ 1603.305170][T18580]  copy_process+0x613/0x5c80
[ 1603.309899][T18580]  ? do_raw_spin_unlock+0x49/0x260
[ 1603.315988][T18580]  ? _raw_spin_unlock+0x2c/0x50
[ 1603.321646][T18580]  ? handle_mm_fault+0x10b2/0x6130
[ 1603.326777][T18580]  ? vm_mmap_pgoff+0x1a4/0x240
[ 1603.331765][T18580]  ? fork_idle+0x1b0/0x1b0
[ 1603.336193][T18580]  ? finish_fault+0x220/0x220
[ 1603.340864][T18580]  _do_fork+0x180/0x5f0
[ 1603.345004][T18580]  ? dup_mm+0x340/0x340
[ 1603.349166][T18580]  ? up_read+0x22/0x30
[ 1603.353334][T18580]  ? do_user_addr_fault+0x63f/0xaa0
[ 1603.358528][T18580]  ? check_preemption_disabled+0xb7/0x280
[ 1603.364277][T18580]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1603.370806][T18580]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1603.377146][T18580]  __x64_sys_clone+0xc1/0xd0
[ 1603.384425][T18580]  do_syscall_64+0xfe/0x140
[ 1603.391382][T18580]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1603.401768][T18580] RIP: 0033:0x45bee9
[ 1603.412106][T18580] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 1603.440609][T18580] RSP: 002b:00007ffff6b9e448 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1603.456058][T18580] RAX: ffffffffffffffda RBX: 00007f6872e3d700 RCX: 000000000045bee9
[ 1603.479353][T18580] RDX: 00007f6872e3d9d0 RSI: 00007f6872e3cdb0 RDI: 00000000003d0f00
[ 1603.488724][T18580] RBP: 00007ffff6b9e660 R08: 00007f6872e3d700 R09: 00007f6872e3d700
[ 1603.496704][T18580] R10: 00007f6872e3d9d0 R11: 0000000000000202 R12: 0000000000000000
[ 1603.504696][T18580] R13: 00007ffff6b9e4ff R14: 00007f6872e3d9c0 R15: 000000000075bfd4
15:49:20 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f00000001c0)="c0dca5055e0bcfec7be070")
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00'], 0x1)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfffffcbe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:20 executing program 3:
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x8, 0x40000)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000040)={0x8, @vbi={0xfffffffffffffffe, 0x7fffffff, 0xfffffffffffffff8, 0x3831354f, [0x6], [0x7fffffff, 0xffe0000000000000], 0x13a}})

15:49:20 executing program 2:
r0 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000180)={0xfffffffffffffff8, 0x9, 0x8, 0x2, 0x1a, 0x1, 0x70, 0x5, 0x2, 0x20, 0x8, 0x4})
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x40200, 0x0)
perf_event_open(&(0x7f00000000c0)={0x3, 0x70, 0x3, 0x3ff, 0x0, 0x93, 0x0, 0x100000000, 0x2000, 0x1, 0xfffffffffffff801, 0x1f, 0x0, 0x85, 0x80, 0x32b, 0x4, 0x4, 0x5, 0x100000001, 0x0, 0x20, 0x2a, 0xfffffffffffffbff, 0xff, 0x95b7, 0xffffffff00000000, 0x2, 0xfffffffffffffffa, 0x100000001, 0x2, 0x8, 0x8, 0x1, 0x7, 0x4, 0x9, 0x2, 0x0, 0x101, 0x2, @perf_bp={&(0x7f0000000000), 0xf}, 0x4000, 0x4, 0x0, 0xf, 0xcb, 0x7, 0x1f}, 0xffffffffffffffff, 0xd, r2, 0x1)
r3 = pkey_alloc(0x0, 0x70e3a77da841cf31)
pkey_mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2, r3)
pkey_mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, r3)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$PPPOEIOCSFWD(r2, 0x4008b100, &(0x7f00000001c0)={0x18, 0x0, {0x0, @local, 'vxcan1\x00'}})
ioctl$PPPIOCGFLAGS(r2, 0x8004745a, &(0x7f0000000140))

15:49:20 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:20 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0), 0x0)

[ 1603.522007][T18580] memory: usage 307156kB, limit 307200kB, failcnt 54300
[ 1603.530927][T18580] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1603.540045][T18580] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1603.548134][T18580] Memory cgroup stats for /syz0: cache:6508KB rss:101064KB rss_huge:0KB shmem:6508KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6500KB active_anon:101072KB inactive_file:0KB active_file:0KB unevictable:0KB
15:49:20 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0), 0x0)

15:49:20 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0)
r1 = syz_open_dev$video4linux(&(0x7f0000000000)='/dev/v4l-subdev#\x00', 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r1, 0xc0585605, &(0x7f00000000c0)={0x0, 0x0, {0x0, 0x0, 0x0, 0x2, 0x2}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:20 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1603.617685][T18580] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7391,uid=0
15:49:20 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:20 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1603.710299][T18580] Memory cgroup out of memory: Killed process 7391 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
15:49:20 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00'}, 0x58)

15:49:20 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{0x0}], 0x1)

[ 1603.880444][   T24] audit: type=1804 audit(1561909760.793:47): pid=18614 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir776936707/syzkaller.CGqS88/4808/memory.events" dev="sda1" ino=17428 res=1
[ 1603.941888][T18623] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1603.962046][T18623] CPU: 1 PID: 18623 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1603.969998][T18623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1603.980054][T18623] Call Trace:
[ 1603.980078][T18623]  dump_stack+0x1d8/0x2f8
[ 1603.980092][T18623]  dump_header+0xdb/0xf40
[ 1603.980106][T18623]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1603.980116][T18623]  ? ___ratelimit+0x447/0x5d0
[ 1603.980136][T18623]  oom_kill_process+0x1a0/0x490
[ 1604.007629][T18623]  out_of_memory+0x76e/0x9e0
[ 1604.012266][T18623]  ? unregister_oom_notifier+0x20/0x20
[ 1604.017998][T18623]  ? kasan_check_read+0x11/0x20
[ 1604.022873][T18623]  try_charge+0x12ba/0x1710
[ 1604.027412][T18623]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1604.033321][T18623]  ? rcu_lock_release+0x4/0x20
[ 1604.038223][T18623]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1604.043765][T18623]  ? memcg_kmem_put_cache+0x70/0x70
[ 1604.048962][T18623]  ? rcu_lock_release+0x15/0x20
[ 1604.053816][T18623]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1604.059359][T18623]  __memcg_kmem_charge+0x118/0x2f0
[ 1604.064552][T18623]  __alloc_pages_nodemask+0x377/0x790
[ 1604.070018][T18623]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1604.075572][T18623]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1604.081314][T18623]  ? copy_process+0x599/0x5c80
[ 1604.086180][T18623]  copy_process+0x613/0x5c80
[ 1604.090798][T18623]  ? do_raw_spin_unlock+0x49/0x260
[ 1604.095919][T18623]  ? _raw_spin_unlock+0x2c/0x50
[ 1604.100761][T18623]  ? handle_mm_fault+0x10b2/0x6130
[ 1604.105878][T18623]  ? vm_mmap_pgoff+0x1a4/0x240
[ 1604.110673][T18623]  ? fork_idle+0x1b0/0x1b0
[ 1604.115090][T18623]  ? finish_fault+0x220/0x220
[ 1604.119772][T18623]  _do_fork+0x180/0x5f0
[ 1604.123967][T18623]  ? dup_mm+0x340/0x340
[ 1604.128131][T18623]  ? up_read+0x22/0x30
[ 1604.132196][T18623]  ? do_user_addr_fault+0x63f/0xaa0
[ 1604.137397][T18623]  ? check_preemption_disabled+0xb7/0x280
[ 1604.143236][T18623]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1604.148710][T18623]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1604.154702][T18623]  __x64_sys_clone+0xc1/0xd0
[ 1604.159297][T18623]  do_syscall_64+0xfe/0x140
[ 1604.163887][T18623]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1604.169793][T18623] RIP: 0033:0x45bee9
[ 1604.173683][T18623] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 1604.193385][T18623] RSP: 002b:00007ffff6b9e448 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1604.201782][T18623] RAX: ffffffffffffffda RBX: 00007f6872e3d700 RCX: 000000000045bee9
[ 1604.209768][T18623] RDX: 00007f6872e3d9d0 RSI: 00007f6872e3cdb0 RDI: 00000000003d0f00
[ 1604.217761][T18623] RBP: 00007ffff6b9e660 R08: 00007f6872e3d700 R09: 00007f6872e3d700
[ 1604.225819][T18623] R10: 00007f6872e3d9d0 R11: 0000000000000202 R12: 0000000000000000
[ 1604.233812][T18623] R13: 00007ffff6b9e4ff R14: 00007f6872e3d9c0 R15: 000000000075bfd4
[ 1604.243621][T18623] memory: usage 307156kB, limit 307200kB, failcnt 54321
[ 1604.250875][T18623] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1604.258563][T18623] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1604.265574][T18623] Memory cgroup stats for /syz0: cache:6508KB rss:101060KB rss_huge:0KB shmem:6508KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6496KB active_anon:101060KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1604.294209][T18623] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=18583,uid=0
[ 1604.317637][T18623] Memory cgroup out of memory: Killed process 18583 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1604.333621][ T1044] oom_reaper: reaped process 18583 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
15:49:21 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f00000001c0)="c0dca5055e0bcfec7be070")
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00'], 0x1)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfffffcbe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:21 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0xc0000, 0x0)
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040)={0x0, 0x8000000000}, 0x2)

15:49:21 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000180)='/dev/media#\x00', 0x9, 0xa2000)
r2 = getpid()
write$P9_RGETLOCK(r1, &(0x7f00000001c0)={0x31, 0x37, 0x2, {0x0, 0x7, 0x5, r2, 0x13, 'selinuxppp1vboxnet1'}}, 0x31)
r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x20000, 0x0)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000040)={<r4=>0x0, 0x3, 0x30, 0x2, 0x8}, &(0x7f00000000c0)=0x18)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f0000000100)={r4, 0x9}, &(0x7f0000000140)=0x8)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:21 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:21 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{0x0}], 0x1)

15:49:21 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00'}, 0x58)

15:49:21 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{0x0}], 0x1)

15:49:21 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:21 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0xbcec, 0x20000)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000240)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x90980, 0x0)
ioctl$KVM_SET_VAPIC_ADDR(r1, 0x4008ae93, &(0x7f0000000080)=0x100000)
getsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000140), &(0x7f0000000100)=0xdf74661b829edc0b)

15:49:21 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000140)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x8480, 0x0)
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000040)={0x0, 0x80}, 0x2)

[ 1604.656993][T18632] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1604.680238][T18632] CPU: 1 PID: 18632 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1604.688423][T18632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1604.698488][T18632] Call Trace:
[ 1604.701826][T18632]  dump_stack+0x1d8/0x2f8
[ 1604.706177][T18632]  dump_header+0xdb/0xf40
[ 1604.710529][T18632]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1604.716358][T18632]  ? ___ratelimit+0x447/0x5d0
[ 1604.721071][T18632]  oom_kill_process+0x1a0/0x490
[ 1604.725937][T18632]  out_of_memory+0x76e/0x9e0
[ 1604.730659][T18632]  ? unregister_oom_notifier+0x20/0x20
[ 1604.736130][T18632]  ? kasan_check_read+0x11/0x20
[ 1604.741000][T18632]  try_charge+0x12ba/0x1710
[ 1604.745975][T18632]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1604.751836][T18632]  ? rcu_lock_release+0x4/0x20
[ 1604.756619][T18632]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1604.762192][T18632]  ? memcg_kmem_put_cache+0x70/0x70
[ 1604.767443][T18632]  ? rcu_lock_release+0x15/0x20
[ 1604.772300][T18632]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1604.777887][T18632]  __memcg_kmem_charge+0x118/0x2f0
[ 1604.783059][T18632]  __alloc_pages_nodemask+0x377/0x790
[ 1604.788450][T18632]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1604.794021][T18632]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1604.799792][T18632]  ? copy_process+0x599/0x5c80
[ 1604.804569][T18632]  copy_process+0x613/0x5c80
[ 1604.809175][T18632]  ? psi_memstall_leave+0xf7/0x130
[ 1604.814338][T18632]  ? trace_lock_acquire+0x190/0x190
[ 1604.819551][T18632]  ? fork_idle+0x1b0/0x1b0
[ 1604.823986][T18632]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1604.829714][T18632]  ? trace_mm_vmscan_memcg_reclaim_end+0x213/0x250
[ 1604.829727][T18632]  ? try_to_free_mem_cgroup_pages+0x335/0x570
[ 1604.829737][T18632]  ? kasan_check_write+0x14/0x20
[ 1604.829753][T18632]  _do_fork+0x180/0x5f0
[ 1604.829769][T18632]  ? dup_mm+0x340/0x340
[ 1604.851616][T18632]  ? blkcg_maybe_throttle_current+0x164/0x960
[ 1604.851634][T18632]  ? blkcg_policy_unregister+0x310/0x310
[ 1604.851645][T18632]  ? check_preemption_disabled+0xb7/0x280
[ 1604.851660][T18632]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1604.851672][T18632]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1604.851688][T18632]  __x64_sys_clone+0xc1/0xd0
[ 1604.873363][T18632]  do_syscall_64+0xfe/0x140
[ 1604.873380][T18632]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1604.873391][T18632] RIP: 0033:0x45bee9
15:49:21 executing program 3:
r0 = socket$inet(0x2, 0x6, 0x1000)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000000)={0x11, 0x0, <r1=>0x0}, &(0x7f0000000040)=0x14)
getsockopt$inet_mreq(r0, 0x0, 0x23, &(0x7f0000000080)={@initdev}, &(0x7f0000000400)=0x8)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000000c0)={{{@in6=@dev, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@ipv4={[], [], @multicast1}}}, &(0x7f00000002c0)=0x222)
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000440)='/dev/audio\x00', 0x0, 0x0)
r4 = getgid()
connect$bt_sco(r3, &(0x7f0000000500)={0x1f, {0x0, 0x100000000, 0x3ff, 0x7, 0x10001}}, 0x8)
fchownat(r3, &(0x7f00000004c0)='./file0\x00', r2, r4, 0x800)
setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000300)={{{@in6=@empty, @in6=@mcast1, 0x4e23, 0xffff, 0x4e21, 0x8, 0xa, 0xa0, 0x80, 0x5e, r1, r2}, {0x9, 0x7, 0x1, 0x1000000000, 0x2, 0x2c000, 0x800, 0xffffffff}, {0x9, 0x1, 0x730, 0x3d}, 0x5, 0x0, 0x1, 0x0, 0x1, 0x1}, {{@in=@multicast2, 0x4d3, 0x7f}, 0xa, @in=@local, 0x0, 0x2, 0x3753cb6a42721bd6, 0xa000000000000000, 0x1, 0x1ff, 0x40}}, 0xe8)
r5 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000480)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r5, 0xc0d05640, &(0x7f00000001c0)={0x1, @raw_data="5b8beeb4824fea96907b4a210393a362f2064d1d996c2c738482b1c02e5b303c6e86f74f750d2cd2b5fd7609fdaae209b4e6f49bf182de03189912ed67cda793e5fc8ed71456697ef2dada6161717423c89d07a0080f8c3898d2341f7a3a5041a7185de76fe8b9636a2351c7d80af57b33bdd8fa84c8b848c7c2df4a79b449f16a96dbf818047c2b2ff786cbffa909cf87f7ff8920038f4f05b8f85151b2b95ce4076d6022e2025de034d00398ec84a8910d22f597eb00fc3fa654609e70cf5406e460dd88fc6179"})

15:49:21 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0xf, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1604.873402][T18632] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 1604.873408][T18632] RSP: 002b:00007ffff6b9e448 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1604.873417][T18632] RAX: ffffffffffffffda RBX: 00007f6872e3d700 RCX: 000000000045bee9
[ 1604.873430][T18632] RDX: 00007f6872e3d9d0 RSI: 00007f6872e3cdb0 RDI: 00000000003d0f00
[ 1604.899625][T18632] RBP: 00007ffff6b9e660 R08: 00007f6872e3d700 R09: 00007f6872e3d700
[ 1604.899633][T18632] R10: 00007f6872e3d9d0 R11: 0000000000000202 R12: 0000000000000000
[ 1604.899638][T18632] R13: 00007ffff6b9e4ff R14: 00007f6872e3d9c0 R15: 000000000075bfd4
[ 1604.933380][T18632] memory: usage 307192kB, limit 307200kB, failcnt 54345
[ 1604.999704][T18632] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1605.012074][T18632] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1605.020196][T18632] Memory cgroup stats for /syz0: cache:6508KB rss:101060KB rss_huge:0KB shmem:6508KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6500KB active_anon:101068KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1605.049441][T18632] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=18625,uid=0
[ 1605.071279][T18632] Memory cgroup out of memory: Killed process 18625 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1605.092477][ T1044] oom_reaper: reaped process 18625 (syz-executor.0), now anon-rss:0kB, file-rss:34828kB, shmem-rss:4kB
[ 1605.135930][   T24] audit: type=1804 audit(1561909762.043:48): pid=18677 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir776936707/syzkaller.CGqS88/4809/memory.events" dev="sda1" ino=16996 res=1
15:49:22 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000001c0)="c0dca5055e0bcfec7be070")
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00'], 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:22 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:22 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x624444, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454d9, &(0x7f0000000040)={'ip6_vti0\x00', 0x600})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
arch_prctl$ARCH_MAP_VDSO_X32(0x2001, 0x20)
ioctl$FS_IOC_RESVSP(r1, 0x40305828, &(0x7f0000000100)={0x0, 0x0, 0x3, 0x7})
set_mempolicy(0x3, &(0x7f00000000c0)=0x5, 0x800)

15:49:22 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)}], 0x1)

15:49:22 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000140)={0x3, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:22 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00'}, 0x58)

15:49:22 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_ENUMOUTPUT(r0, 0xc0485630, &(0x7f0000000000)={0x9, "fc3bf0662138c41570a787b9c4b66d917b51cb070e8a61625607287d41b841de", 0x3, 0xdd0, 0xffe, 0x10000})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:22 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:22 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)}], 0x1)

15:49:22 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x8002, @pix_mp={0x0, 0x4471, 0x3247504d, 0xe59b3ca5631aa47a, 0x1, [{0x0, 0xa6dd}, {0xf340000000000000, 0x69}, {0xff, 0xffffffff00000001}, {0x400, 0x1}, {0x2, 0x6}, {0x800, 0x3}, {0x3, 0x81}, {0x6}], 0x5, 0x6b, 0x8, 0x2, 0x2}})
ppoll(&(0x7f0000000000)=[{r0, 0x8}, {r0, 0x4011}, {r0, 0x6224}, {r0, 0x40}], 0x4, &(0x7f0000000080), &(0x7f00000000c0)={0x66e}, 0x8)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000100)={<r1=>0xffffffffffffff9c})
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f0000000140)={0x7f, 0x5, 0x205, 0x8001, 0xebb, 0x2, 0x100000000, 0x6, <r2=>0x0}, &(0x7f0000000180)=0x20)
setsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f00000001c0)={r2}, 0x8)

[ 1605.473978][T18684] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
15:49:22 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)}], 0x1)

[ 1605.543270][T18684] CPU: 1 PID: 18684 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1605.551198][T18684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1605.561466][T18684] Call Trace:
[ 1605.564767][T18684]  dump_stack+0x1d8/0x2f8
[ 1605.569129][T18684]  dump_header+0xdb/0xf40
[ 1605.573472][T18684]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1605.573485][T18684]  ? ___ratelimit+0x447/0x5d0
[ 1605.573502][T18684]  oom_kill_process+0x1a0/0x490
[ 1605.583971][T18684]  out_of_memory+0x76e/0x9e0
15:49:22 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff", 0x3}], 0x1)

[ 1605.583986][T18684]  ? unregister_oom_notifier+0x20/0x20
[ 1605.584000][T18684]  ? kasan_check_read+0x11/0x20
[ 1605.603834][T18684]  try_charge+0x12ba/0x1710
[ 1605.608505][T18684]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1605.614339][T18684]  ? rcu_lock_release+0x4/0x20
[ 1605.619233][T18684]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1605.624879][T18684]  ? memcg_kmem_put_cache+0x70/0x70
[ 1605.630096][T18684]  ? rcu_lock_release+0x15/0x20
[ 1605.635126][T18684]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1605.640682][T18684]  __memcg_kmem_charge+0x118/0x2f0
[ 1605.645806][T18684]  __alloc_pages_nodemask+0x377/0x790
[ 1605.645823][T18684]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1605.645838][T18684]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1605.645855][T18684]  ? copy_process+0x599/0x5c80
[ 1605.656779][T18684]  copy_process+0x613/0x5c80
[ 1605.656798][T18684]  ? psi_memstall_leave+0xf7/0x130
[ 1605.656823][T18684]  ? trace_lock_acquire+0x190/0x190
[ 1605.688782][T18684]  ? fork_idle+0x1b0/0x1b0
[ 1605.693223][T18684]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1605.698953][T18684]  ? trace_mm_vmscan_memcg_reclaim_end+0x213/0x250
[ 1605.705468][T18684]  ? try_to_free_mem_cgroup_pages+0x335/0x570
[ 1605.711636][T18684]  ? kasan_check_write+0x14/0x20
[ 1605.716573][T18684]  _do_fork+0x180/0x5f0
[ 1605.721815][T18684]  ? dup_mm+0x340/0x340
[ 1605.726073][T18684]  ? debug_smp_processor_id+0x1c/0x20
[ 1605.731455][T18684]  ? switch_fpu_return+0x10c/0x290
[ 1605.736580][T18684]  ? copy_init_fpstate_to_fpregs+0x150/0x150
[ 1605.742558][T18684]  ? css_put+0xfe/0x180
[ 1605.746809][T18684]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1605.756032][T18684]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1605.765395][T18684]  __x64_sys_clone+0xc1/0xd0
[ 1605.773292][T18684]  do_syscall_64+0xfe/0x140
[ 1605.791176][T18684]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1605.802028][T18684] RIP: 0033:0x45bee9
[ 1605.806893][T18684] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 1605.845222][T18684] RSP: 002b:00007ffff6b9e448 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1605.858193][T18684] RAX: ffffffffffffffda RBX: 00007f6872e3d700 RCX: 000000000045bee9
[ 1605.871161][T18684] RDX: 00007f6872e3d9d0 RSI: 00007f6872e3cdb0 RDI: 00000000003d0f00
[ 1605.880632][T18684] RBP: 00007ffff6b9e660 R08: 00007f6872e3d700 R09: 00007f6872e3d700
15:49:22 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000001c0)="c0dca5055e0bcfec7be070")
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00'], 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:22 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff", 0x3}], 0x1)

15:49:22 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
eventfd2(0x1, 0x80000)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x5, 0x400)
ioctl$RTC_WKALM_RD(r1, 0x80287010, &(0x7f0000000040))
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f00000000c0)=0xff, 0x4)

15:49:22 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1001, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:22 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1605.889234][T18684] R10: 00007f6872e3d9d0 R11: 0000000000000202 R12: 0000000000000000
[ 1605.898339][T18684] R13: 00007ffff6b9e4ff R14: 00007f6872e3d9c0 R15: 000000000075bfd4
[ 1605.946583][T18684] memory: usage 307200kB, limit 307200kB, failcnt 54365
[ 1605.978070][   T24] audit: type=1804 audit(1561909762.893:49): pid=18733 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir776936707/syzkaller.CGqS88/4811/memory.events" dev="sda1" ino=17353 res=1
[ 1606.016748][T18684] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1606.054544][T18684] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1606.070455][T18684] Memory cgroup stats for /syz0: cache:6504KB rss:101060KB rss_huge:0KB shmem:6504KB mapped_file:3216KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6496KB active_anon:101068KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1606.133380][T18684] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=18646,uid=0
[ 1606.156192][T18684] Memory cgroup out of memory: Killed process 18646 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
15:49:23 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x05\x00'}, 0x58)

15:49:23 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:23 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff", 0x3}], 0x1)

15:49:23 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:23 executing program 1:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000001c0)="c0dca5055e0bcfec7be070")
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00'], 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:23 executing program 2:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x400, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000002c0)={<r1=>0xffffffffffffffff}, 0x13f, 0x1}}, 0x20)
setsockopt$inet6_tcp_buf(r0, 0x6, 0x21, &(0x7f0000000380)="65f23d50ca7a7567953940ad39bdd803f742f910ca85f6b25ff38822d3fac80c399e4ebe15cbdb371318a3ae0ad147fa274c43440100a99cbfa37e28b3808edfda81f039291f40e64431c9c404001241124d569f6c74554cdaa19ee6b13633b8a6827335b0aad8d9327c2568533e6f8edf28c4f1fdb2a89dd277e56e5551c2dfbe9e44eb1255d531c63e38707a3d08817e581813e3b4d0709b44b7aeb0c1bf16856f940fec8b779d76b4c5", 0xab)
write$RDMA_USER_CM_CMD_QUERY_ROUTE(r0, &(0x7f0000000340)={0x5, 0x10, 0xfa00, {&(0x7f00000000c0), r1, 0x1}}, 0x18)
r2 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r2, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r3 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x4, 0x2100)
ioctl$UI_SET_ABSBIT(r3, 0x40045567, 0x2)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000440)='/dev/sequencer\x00', 0x4c0000, 0x0)

[ 1606.186836][T18696] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[ 1606.259796][   T24] audit: type=1804 audit(1561909763.173:50): pid=18744 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir776936707/syzkaller.CGqS88/4812/memory.events" dev="sda1" ino=17571 res=1
[ 1606.274697][T18696] CPU: 0 PID: 18696 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1606.292193][T18696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1606.292204][T18696] Call Trace:
[ 1606.305666][T18696]  dump_stack+0x1d8/0x2f8
[ 1606.310000][T18696]  dump_header+0xdb/0xf40
[ 1606.314337][T18696]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1606.320172][T18696]  ? ___ratelimit+0x447/0x5d0
[ 1606.324858][T18696]  oom_kill_process+0x1a0/0x490
[ 1606.329709][T18696]  out_of_memory+0x76e/0x9e0
[ 1606.329731][T18696]  ? unregister_oom_notifier+0x20/0x20
[ 1606.329749][T18696]  ? kasan_check_read+0x11/0x20
[ 1606.344981][T18696]  try_charge+0x12ba/0x1710
[ 1606.349518][T18696]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1606.355348][T18696]  ? rcu_lock_release+0x4/0x20
[ 1606.355364][T18696]  ? rcu_lock_release+0x15/0x20
[ 1606.355373][T18696]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1606.355387][T18696]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1606.365009][T18696]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1606.365026][T18696]  shmem_getpage_gfp+0x1052/0x2dd0
[ 1606.365058][T18696]  ? shmem_getpage+0xa0/0xa0
[ 1606.391340][T18696]  ? iov_iter_fault_in_readable+0x2ba/0x5c0
[ 1606.397245][T18696]  shmem_write_begin+0xcb/0x1b0
[ 1606.402127][T18696]  generic_perform_write+0x2ac/0x550
[ 1606.407422][T18696]  ? grab_cache_page_write_begin+0xa0/0xa0
[ 1606.413243][T18696]  ? file_remove_privs+0x600/0x600
[ 1606.418448][T18696]  ? lock_acquire+0x158/0x250
[ 1606.418464][T18696]  __generic_file_write_iter+0x24b/0x520
[ 1606.418480][T18696]  generic_file_write_iter+0x41d/0x5a0
[ 1606.418501][T18696]  __vfs_write+0x617/0x7d0
[ 1606.418520][T18696]  ? __kernel_write+0x330/0x330
[ 1606.418543][T18696]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1606.418556][T18696]  ? __sb_start_write+0x199/0x360
[ 1606.418570][T18696]  ? kasan_check_read+0x11/0x20
15:49:23 executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000001c0)="c0dca5055e0bcfec7be070")
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xfffffcbe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:23 executing program 2:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x200000, 0x0)
getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000840)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in=@dev}, 0x0, @in6=@ipv4={[], [], @multicast1}}}, &(0x7f0000000580)=0xe8)
syz_mount_image$f2fs(&(0x7f0000000100)='f2fs\x00', &(0x7f0000000140)='./file0\x00', 0xfffffffffffffffd, 0x8, &(0x7f0000000780)=[{&(0x7f0000000180)="76adb316d41185a66023569123390b1e6b", 0x11, 0xca0}, {&(0x7f00000001c0)="547824e3b07b09769a5f3ae1fde8e83042c0df1db3e4f516b7d25d17d99514da36f5f69289eecbab3bd757ae019700a088d9528211b2f0bc9d38df33a5b3f5148a6be938bb4d8154e3f336726f2595cdee831536f9d70475069cd78f27d0b6cea5f4aa7b07103040c5e07fa679053694e4b11f0353253af69a35127f75281bc79e8158ef583b01cd86c603cbdad783b539b296a4987fc2d05b77f940e6a55ee7803b5fb31678c5672c18bdde449cde4fa9ba8a7941a85705c8eb55fce633a05af1d1", 0xc2, 0x7}, {&(0x7f00000002c0)="261c9e57c96f62a5213d886888ed557aff572f5e265569437c7bcecea56b87a90640cbfb0faa18399a2997d8392f0fa268d1dbb3960b8949", 0x38, 0x400}, {&(0x7f0000000300)="15cf3e2ebfbf044e89ee69a72e696a22820edbc6f522cf907ef5e98f1b092e5a8068e820903b26793af793338a8a4fbaff0b2f9077da2179127ba2519934ee66fce333b7f40761e00a55ad10995cf682d9e7a8a2de3c4f61b9c6e1d2b037f12b042bce965f96f76ae6a72dafad02b7aa4ed4f73be5f433299d315929560134d2a68cbc7da9991fb7943ca428ac9c123d74b48d9aed0925cdc283300f1d388420e31ae7980b8111912aa0c02a332cb6cf08144964491c4f2d13f86af3ed5435", 0xbf, 0x5}, {&(0x7f00000003c0)="d3182565685136940f9b606549ca3b0ff72ecdd195bdf6e47b0ad8121f0ba026287d6976e77731096b9e2085e905096161", 0x31, 0x5}, {&(0x7f0000000400)="468290031b50d6e048aeac930ee7b622dc3e03b6b5cbb72b0077ba84bd623de6e529769b11264448d0a8ad605be460daf9642c95a626df44fb8d8a4b6d40e6a15e6040a66b53e708fe5b8431e72556189c85e852a0fc7a497f86c4bbd1b78733bb3063d7d091d321fc2e7f6caad7e968094e43dec0e271958bedfd6f95f95ae9d90f59506cf7dc6ece85abaee449e5f33a14064b3fb191330409ef5089267d908f48afe3d92267dc8c3a04bc5b3585", 0xaf, 0x9}, {&(0x7f00000004c0)="67b176bb0c31b1f16bf80c3675811980f82dce6f30671ea4e9878948a26bc599b177b22c087da06a1fbd5a13673b3dcd7f74c28ed36550588e525c754abeb87df32161873180eeacdf5e21287d6521c754b31cec921c6f932e4e9b9b7f7637bbaac7b10431fab0365bef49f8dc5b80242d5d4c3eff220cabb7b8e53c59d4c1678f88c44c767c05c76c0ae1393028a4503e19df252462859d4f880a303cf4", 0x9e, 0xf19}, {&(0x7f00000006c0)="3e93d8b25426805fbc7e9708742d63ff20f2563e3f3f9ec6b3a2b17b2468fbc6e017c28ab72bfe511d970fc6e590a22084aaa4d91b88e1e3d2fde7e0004d007d7ed45a37f83a0334b9f3140f5f9c612382731269305885b85fb73d4601e68e0c6c7650d9867ea24b355f1c5c633ae15ef323a25a0a6cbdfe752c566ba0899074a61e5a2fd55fe96e32d12f4768aca64d0631facec8f4d62bd6a442841203756e90127240903257c4fe04b28c28f1ab21d9962e293cc6c96ae4a3e0", 0xbb}], 0x0, &(0x7f0000000940)={[{@flush_merge='flush_merge'}, {@noheap='noheap'}, {@inline_data='inline_data'}, {@jqfmt_vfsv1='jqfmt=vfsv1'}, {@whint_mode_off='whint_mode=off'}, {@inline_data='inline_data'}, {@acl='acl'}], [{@obj_user={'obj_user', 0x3d, '\\'}}, {@uid_gt={'uid>', r1}}, {@mask={'mask', 0x3d, '^MAY_READ'}}, {@fsmagic={'fsmagic', 0x3d, 0x640}}]})
r2 = fanotify_init(0x100000006, 0x7)
statx(r0, &(0x7f0000000a00)='./file0\x00', 0x500, 0x4, &(0x7f0000000a40))
ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r2)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x2202, 0x0)
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
getsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000040), &(0x7f0000000080)=0x4)
ioctl$VIDIOC_QUERYCTRL(r0, 0xc0445624, &(0x7f0000000b40)={0x3, 0x101, "5d52de9519259a1152d189c1e30be57f87dbc8ecd0596c12e87356961a594289", 0x3f, 0x6d, 0x0, 0x8, 0x1b})

15:49:23 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:23 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff0133", 0x5}], 0x1)

15:49:23 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = dup2(r0, r0)
r2 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x0, 0x100)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f00000000c0)={<r3=>0x0, @rand_addr, @empty}, &(0x7f0000000100)=0xc)
sendto$packet(r2, &(0x7f0000000040)="cc3f83a78c9578930271940476474c8bbd68f5f8085df4b35bf7924ee291", 0x1e, 0x20040000, &(0x7f0000000140)={0x11, 0x11, r3, 0x1, 0xac, 0x6, @local}, 0x14)

[ 1606.429039][T18696]  vfs_write+0x227/0x510
[ 1606.429058][T18696]  ksys_write+0x16b/0x2a0
[ 1606.429071][T18696]  ? __ia32_sys_read+0x90/0x90
[ 1606.429088][T18696]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1606.429102][T18696]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1606.468010][T18696]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1606.468023][T18696]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1606.468033][T18696]  ? do_syscall_64+0x1d/0x140
[ 1606.468048][T18696]  __x64_sys_write+0x7b/0x90
[ 1606.468059][T18696]  do_syscall_64+0xfe/0x140
[ 1606.468073][T18696]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1606.468082][T18696] RIP: 0033:0x459519
[ 1606.468093][T18696] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1606.468098][T18696] RSP: 002b:00007f6872e5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1606.468108][T18696] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459519
15:49:23 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000000), &(0x7f0000000040)=0x4)

[ 1606.468113][T18696] RDX: 0000000000000001 RSI: 00000000200004c0 RDI: 0000000000000005
[ 1606.468119][T18696] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1606.468125][T18696] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e5e6d4
[ 1606.468131][T18696] R13: 00000000004c58be R14: 00000000004df8c0 R15: 00000000ffffffff
[ 1606.565933][T18696] memory: usage 307164kB, limit 307200kB, failcnt 54372
[ 1606.626506][T18696] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1606.639473][T18696] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1606.652095][T18696] Memory cgroup stats for /syz0: cache:6496KB rss:101068KB rss_huge:0KB shmem:6496KB mapped_file:3212KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6488KB active_anon:101076KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1606.737413][T18696] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=18696,uid=0
[ 1606.754019][   T24] audit: type=1804 audit(1561909763.663:51): pid=18772 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir776936707/syzkaller.CGqS88/4813/memory.events" dev="sda1" ino=17545 res=1
[ 1606.759453][T18696] Memory cgroup out of memory: Killed process 18696 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1606.801827][T18755] syz-executor.0 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000
[ 1606.812806][T18755] CPU: 1 PID: 18755 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1606.820706][T18755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1606.830943][T18755] Call Trace:
[ 1606.834264][T18755]  dump_stack+0x1d8/0x2f8
[ 1606.838684][T18755]  dump_header+0xdb/0xf40
[ 1606.843043][T18755]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1606.849022][T18755]  ? ___ratelimit+0x447/0x5d0
[ 1606.855513][T18755]  oom_kill_process+0x1a0/0x490
[ 1606.860359][T18755]  out_of_memory+0x76e/0x9e0
[ 1606.864938][T18755]  ? unregister_oom_notifier+0x20/0x20
[ 1606.870399][T18755]  ? kasan_check_read+0x11/0x20
[ 1606.875238][T18755]  try_charge+0x12ba/0x1710
[ 1606.879744][T18755]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1606.885815][T18755]  ? rcu_lock_release+0x4/0x20
[ 1606.890579][T18755]  ? rcu_lock_release+0x15/0x20
[ 1606.895413][T18755]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1606.901107][T18755]  mem_cgroup_try_charge+0x1da/0x4c0
[ 1606.906392][T18755]  mem_cgroup_try_charge_delay+0x25/0xa0
[ 1606.912444][T18755]  wp_page_copy+0x391/0x18e0
[ 1606.917022][T18755]  ? reuse_swap_page+0xd47/0x1650
[ 1606.922029][T18755]  ? rcu_lock_release+0x30/0x30
[ 1606.927272][T18755]  ? kasan_check_read+0x11/0x20
[ 1606.932217][T18755]  ? do_raw_spin_unlock+0x49/0x260
[ 1606.937318][T18755]  do_wp_page+0x609/0x1ba0
[ 1606.941719][T18755]  ? kasan_check_write+0x14/0x20
[ 1606.946646][T18755]  ? __rwlock_init+0x130/0x130
[ 1606.951399][T18755]  ? count_memcg_event_mm+0x300/0x300
[ 1606.956795][T18755]  handle_mm_fault+0x29a6/0x6130
[ 1606.962251][T18755]  ? finish_fault+0x220/0x220
[ 1606.966938][T18755]  ? __down_read+0x1a0/0x1a0
[ 1606.971523][T18755]  ? vmacache_find+0x251/0x5b0
[ 1606.976294][T18755]  ? find_vma+0x30/0x150
[ 1606.981133][T18755]  do_user_addr_fault+0x56f/0xaa0
[ 1606.986254][T18755]  __do_page_fault+0xd3/0x1f0
[ 1606.990919][T18755]  do_page_fault+0xce/0xe0
[ 1606.995433][T18755]  ? page_fault+0x8/0x30
[ 1606.999670][T18755]  page_fault+0x1e/0x30
[ 1607.003811][T18755] RIP: 0033:0x40be58
[ 1607.007698][T18755] Code: 00 00 49 8d be 88 00 00 00 48 89 ea 48 89 de 0f 85 dd 00 00 00 e8 a8 2c 00 00 8b 05 b2 c1 32 00 48 8b 15 43 46 66 00 83 c0 01 <89> 05 a2 c1 32 00 89 02 48 83 c4 08 5b 5d 41 5c 41 5d 41 5e 41 5f
[ 1607.027327][T18755] RSP: 002b:00007ffff6b9e510 EFLAGS: 00010202
[ 1607.033414][T18755] RAX: 0000000000000001 RBX: 0000001b2be20014 RCX: 0000001b2ce20000
[ 1607.041572][T18755] RDX: 0000001b2be20000 RSI: 0000000000001edb RDI: ffffffffdb93fedb
[ 1607.049904][T18755] RBP: 0000001b2be20018 R08: 00000000db93fedb R09: 00000000db93fedf
[ 1607.058049][T18755] R10: 00007ffff6b9e650 R11: 0000000000000246 R12: 0000001b2be2001c
[ 1607.066146][T18755] R13: 000000000018832a R14: 000000000075bf20 R15: 000000000075bfd4
[ 1607.075810][T18755] memory: usage 306908kB, limit 307200kB, failcnt 54390
[ 1607.083077][T18755] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1607.092899][T18755] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1607.102769][T18755] Memory cgroup stats for /syz0: cache:6492KB rss:100952KB rss_huge:0KB shmem:6492KB mapped_file:3208KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6484KB active_anon:100960KB inactive_file:0KB active_file:0KB unevictable:0KB
15:49:24 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00'}, 0x58)

15:49:24 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:24 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff0133", 0x5}], 0x1)

15:49:24 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:24 executing program 3:
r0 = memfd_create(&(0x7f0000000200)='tls\x00', 0x6)
fremovexattr(r0, &(0x7f0000000240)=@known='user.syz\x00')
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
pipe(&(0x7f0000000000)={<r2=>0xffffffffffffffff})
setsockopt$inet_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f0000000040)='tls\x00', 0x4)
ioctl$FS_IOC_SETVERSION(r2, 0x40087602, &(0x7f00000000c0)=0x4)
ioctl$VIDIOC_G_FREQUENCY(r1, 0xc02c5638, &(0x7f00000001c0)={0x3, 0x2, 0x100})
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r1, 0xc0845657, &(0x7f0000000100)={0x0, @bt={0x100, 0x800, 0x1, 0x2, 0x1, 0x7, 0x0, 0x0, 0x88, 0x80000001, 0x800, 0x3f, 0x100, 0x7fff, 0x1a}})

[ 1607.125910][T18755] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7431,uid=0
[ 1607.141741][T18755] Memory cgroup out of memory: Killed process 7431 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1607.157244][ T1044] oom_reaper: reaped process 7431 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:49:24 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:24 executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000001c0)="c0dca5055e0bcfec7be070")
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xfffffcbe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:24 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000340)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0xffff7f, @sliced={0x400, [0xbfb, 0x1, 0x3, 0x7, 0x2a84, 0x7fffffff, 0x1f, 0x7fffffff, 0xfffffffffffffff9, 0x9, 0x7, 0xa08, 0x6, 0x200, 0x10001, 0x3, 0xb61f, 0x0, 0xff, 0x0, 0x710, 0x5, 0x4, 0x100, 0x3, 0x9, 0x200, 0x0, 0x6, 0x1, 0xa92d, 0xc0, 0x13b, 0xe8e, 0x7, 0x7, 0x7234, 0xfffffffffffffffc, 0x9, 0x1, 0x9, 0x4, 0x3, 0x3, 0x2, 0xffffffffffffffff, 0x2, 0xff], 0xffff}})

15:49:24 executing program 5:
r0 = socket(0xa, 0x3, 0x87)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @rand_addr="ffba4195a8914923d5b3b6e33004d368"}, 0x1c)
writev(r0, &(0x7f00000001c0)=[{&(0x7f0000000100)="9300ff0133", 0x5}], 0x1)

15:49:24 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000100)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x0, @raw_data="3b8568d9ebd9e2bb6109f060c404700e7532685715939af9b8eaab1694621fa8c04c4d7eed81683d0aa2e7c92893502c35dde2462888ac71a6b5c942e30e9c0d5cf2f3bdae4fa668f389bafefa2e061e668c94e4aebbfd6d7515561ddfb8778c0170eb15d62282556af1442f3bc349e6a4c0340607e7f6e8a62ba18bb5a731db3d2df5515d79786796e27044b53155dfc863438c13a0e0edb921c76b1c4f21978fb63a3c90fee24e5243f07d908c0047499972f0fe0f61725d0be07f33932a23a1cf6d83be655f33"})
r1 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x7b, 0x101000)
recvfrom$netrom(r1, &(0x7f0000000300)=""/115, 0x73, 0x1, &(0x7f0000000380)={{0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, 0x4}, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x48)
r2 = openat$vfio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vfio/vfio\x00', 0x101001, 0x0)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000040)={r2, &(0x7f0000000140)="019a68d81188a48920e8a745c1ae40d84c730eda806d81494f8a58ed8446d6244e0dad47ce21493ac889c53223ca5fe1f32dfccac84cd60f188f15a83d7db58bfe5ef726b15a678149969745d072b85de213434757f37c5c2742dd79eff62563e7700247711d6bab518c79fbed677d30ec9be8abc605aa5236a70b6bd620701c1285c28481", &(0x7f0000000200)=""/207}, 0x18)
ioctl$sock_inet_udp_SIOCOUTQ(r2, 0x5411, &(0x7f0000000080))

15:49:24 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:24 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'}, 0x58)

15:49:24 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\b\x00'}, 0x58)

15:49:24 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$int_out(r0, 0x5462, &(0x7f0000000000))
fgetxattr(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='syrtem.\x00'], &(0x7f00000000c0)=""/188, 0xbc)

15:49:24 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f00000001c0)="c0dca5055e0bcfec7be070")
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00'], 0x1)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfffffcbe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:24 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x400004, 0x0)
ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f0000000080)={0x8, 0x8})
dup2(r1, r0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f0000000180)={0xf, @raw_data="e5401a5f5bc146c21927bc2f7c378018e748d0ee9de93ff9080016f440a1d678d0d280d3ce4299dde11ff6dab1fda38f76181fe775c2672d5a1c4807a601158cbaeeb004b7b2afb29fff7b946c5a50baaf8ebeb2d6f9ae55246df580e77ae0c38aca274bd8e8f5d875343451157d0f4fa22003281496529788637ab66fc107d2a108c234befddda35d0129d08c12e2d5d94160ec4da4d80b8a091b61acda73c2ecb30b15cb706e9b159d1a77f83271774ef02b9aa8235a4369b45f68825ed93872d99dec0610f2b5"})
prctl$PR_SET_FPEMU(0xa, 0x1)

15:49:24 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:24 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1608.012770][   T24] audit: type=1804 audit(1561909764.923:52): pid=18843 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir037001808/syzkaller.Q9hurf/5325/memory.events" dev="sda1" ino=17535 res=1
[ 1608.051240][   T24] audit: type=1804 audit(1561909764.953:53): pid=18857 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir776936707/syzkaller.CGqS88/4814/memory.events" dev="sda1" ino=17401 res=1
15:49:25 executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
socket$inet_udplite(0x2, 0x2, 0x88)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xfffffcbe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:25 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x800, 0x0)
getsockopt$netrom_NETROM_T4(r1, 0x103, 0x6, &(0x7f0000000040)=0x3, &(0x7f00000000c0)=0x4)

15:49:25 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:25 executing program 3:
r0 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x80000, 0x0)
ioctl$IMGETDEVINFO(r0, 0x80044944, &(0x7f00000000c0)={0x9})
eventfd2(0x6, 0x80001)
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:25 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}, 0x58)

15:49:25 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f00000001c0)="c0dca5055e0bcfec7be070")
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00'], 0x1)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfffffcbe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:25 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:25 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
writev(r0, &(0x7f0000000200)=[{}, {&(0x7f0000000040)="92ec80fc47ad7102931fcf1716921083d2c6457261312a2e2bab89a23db71c66479f1ecf56ddd9464927695680ccbb4935b85a4282b1f368ce2095cf167af67955351bc3d52146eab389740b12770b2720da11962e97d18b99857af8db9af1d125d45f544607f1c0369ac370996ca504a1c3d3fdc803e88f136a10e16c933b6642aced9133d3da025c8d", 0x8a}, {&(0x7f0000000100)}, {&(0x7f0000000140)="f83d0201a8c76bab9d1c2cdc80a46cb9eb4e7402c2fe9ff038386da0df284b9f1c9686610e01bcd67f05671f35a11749a6e9fdfacd2d2ababb339aef61e4efec78b41093426898f43b410c71edc93667c79433f2e2783852987464df9d4dcbe277671e82049f17a1379dae36429539eab70cc701d5", 0x75}], 0x4)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0xa0240, 0x0)
stat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
ioctl$TUNSETOWNER(r1, 0x400454cc, r2)

15:49:25 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x7, @pix={0x4, 0x1, 0x34343459, 0x3, 0x97d8, 0x1, 0xd, 0x6, 0x1, 0x6, 0x2, 0x7}})

[ 1608.555725][T18865] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1608.594066][T18865] CPU: 1 PID: 18865 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
15:49:25 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1608.602170][T18865] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1608.602176][T18865] Call Trace:
[ 1608.602194][T18865]  dump_stack+0x1d8/0x2f8
[ 1608.602220][T18865]  dump_header+0xdb/0xf40
[ 1608.624508][T18865]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1608.630324][T18865]  ? ___ratelimit+0x447/0x5d0
[ 1608.630345][T18865]  oom_kill_process+0x1a0/0x490
[ 1608.630359][T18865]  out_of_memory+0x76e/0x9e0
[ 1608.630376][T18865]  ? unregister_oom_notifier+0x20/0x20
[ 1608.640080][T18865]  ? kasan_check_read+0x11/0x20
[ 1608.640097][T18865]  try_charge+0x12ba/0x1710
[ 1608.640127][T18865]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1608.640152][T18865]  ? rcu_lock_release+0x4/0x20
[ 1608.640168][T18865]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1608.676301][T18865]  ? memcg_kmem_put_cache+0x70/0x70
[ 1608.681520][T18865]  ? rcu_lock_release+0x15/0x20
[ 1608.686473][T18865]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1608.692066][T18865]  __memcg_kmem_charge+0x118/0x2f0
[ 1608.697249][T18865]  __alloc_pages_nodemask+0x377/0x790
[ 1608.702926][T18865]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1608.708678][T18865]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1608.714879][T18865]  ? copy_process+0x599/0x5c80
[ 1608.719688][T18865]  copy_process+0x613/0x5c80
[ 1608.724921][T18865]  ? percpu_counter_add_batch+0x169/0x190
[ 1608.731091][T18865]  ? alloc_file+0x89/0x4c0
[ 1608.735988][T18865]  ? fork_idle+0x1b0/0x1b0
[ 1608.740604][T18865]  _do_fork+0x180/0x5f0
[ 1608.744779][T18865]  ? dup_mm+0x340/0x340
[ 1608.749222][T18865]  ? debug_smp_processor_id+0x1c/0x20
[ 1608.755624][T18865]  ? fpregs_assert_state_consistent+0xaa/0xe0
[ 1608.762526][T18865]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1608.769918][T18865]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1608.776692][T18865]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1608.782586][T18865]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1608.788534][T18865]  __x64_sys_clone+0xc1/0xd0
[ 1608.793946][T18865]  do_syscall_64+0xfe/0x140
[ 1608.799270][T18865]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1608.806987][T18865] RIP: 0033:0x459519
[ 1608.813457][T18865] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1608.838303][T18865] RSP: 002b:00007f6872e5dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038
[ 1608.849281][T18865] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459519
[ 1608.859716][T18865] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 04000000000003fe
[ 1608.871043][T18865] RBP: 000000000075bf20 R08: ffffffffffffffff R09: 0000000000000000
[ 1608.879981][T18865] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f6872e5e6d4
[ 1608.889314][T18865] R13: 00000000004bf97d R14: 00000000004d1358 R15: 00000000ffffffff
15:49:25 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

[ 1608.918079][   T24] audit: type=1804 audit(1561909765.833:54): pid=18890 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir776936707/syzkaller.CGqS88/4815/memory.events" dev="sda1" ino=16958 res=1
15:49:25 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
rt_sigreturn()

[ 1609.006580][   T24] audit: type=1804 audit(1561909765.863:55): pid=18875 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir037001808/syzkaller.Q9hurf/5326/memory.events" dev="sda1" ino=17705 res=1
[ 1609.051341][T18865] memory: usage 307184kB, limit 307200kB, failcnt 54424
[ 1609.070956][T18865] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1609.123475][T18865] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1609.135232][T18865] Memory cgroup stats for /syz0: cache:6504KB rss:101064KB rss_huge:0KB shmem:6504KB mapped_file:3212KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6496KB active_anon:101072KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1609.187559][T18865] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=18849,uid=0
[ 1609.218672][T18865] Memory cgroup out of memory: Killed process 18849 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35788kB, shmem-rss:4kB
[ 1609.292374][T18863] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000
[ 1609.313847][T18863] CPU: 0 PID: 18863 Comm: syz-executor.0 Not tainted 5.2.0-rc7 #12
[ 1609.322394][T18863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1609.336193][T18863] Call Trace:
[ 1609.339874][T18863]  dump_stack+0x1d8/0x2f8
[ 1609.344512][T18863]  dump_header+0xdb/0xf40
[ 1609.351275][T18863]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1609.360506][T18863]  ? ___ratelimit+0x447/0x5d0
[ 1609.366204][T18863]  oom_kill_process+0x1a0/0x490
[ 1609.372404][T18863]  out_of_memory+0x76e/0x9e0
[ 1609.380130][T18863]  ? unregister_oom_notifier+0x20/0x20
[ 1609.390905][T18863]  ? kasan_check_read+0x11/0x20
[ 1609.397962][T18863]  try_charge+0x12ba/0x1710
[ 1609.405355][T18863]  ? __memcg_kmem_charge_memcg+0x170/0x170
[ 1609.413424][T18863]  ? rcu_lock_release+0x4/0x20
[ 1609.420203][T18863]  __memcg_kmem_charge_memcg+0x7d/0x170
[ 1609.427639][T18863]  ? memcg_kmem_put_cache+0x70/0x70
[ 1609.435138][T18863]  ? rcu_lock_release+0x15/0x20
[ 1609.444647][T18863]  ? get_mem_cgroup_from_mm+0x15b/0x170
[ 1609.454521][T18863]  __memcg_kmem_charge+0x118/0x2f0
[ 1609.463482][T18863]  __alloc_pages_nodemask+0x377/0x790
[ 1609.470365][T18863]  ? gfp_pfmemalloc_allowed+0x130/0x130
[ 1609.477802][T18863]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1609.486149][T18863]  ? copy_process+0x599/0x5c80
[ 1609.496132][T18863]  copy_process+0x613/0x5c80
[ 1609.509691][T18863]  ? psi_memstall_leave+0xf7/0x130
[ 1609.518841][T18863]  ? trace_lock_acquire+0x190/0x190
[ 1609.524331][T18863]  ? fork_idle+0x1b0/0x1b0
[ 1609.529499][T18863]  ? rcu_read_lock_sched_held+0x127/0x1c0
[ 1609.536902][T18863]  ? trace_mm_vmscan_memcg_reclaim_end+0x213/0x250
[ 1609.544366][T18863]  ? try_to_free_mem_cgroup_pages+0x335/0x570
[ 1609.550860][T18863]  ? kasan_check_write+0x14/0x20
[ 1609.556289][T18863]  ? check_preemption_disabled+0x47/0x280
[ 1609.564377][T18863]  _do_fork+0x180/0x5f0
[ 1609.570911][T18863]  ? dup_mm+0x340/0x340
[ 1609.570924][T18863]  ? switch_fpu_return+0x1ca/0x290
[ 1609.570935][T18863]  ? copy_init_fpstate_to_fpregs+0x150/0x150
[ 1609.570944][T18863]  ? css_put+0xfe/0x180
[ 1609.570957][T18863]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1609.570967][T18863]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1609.570978][T18863]  __x64_sys_clone+0xc1/0xd0
[ 1609.570995][T18863]  do_syscall_64+0xfe/0x140
[ 1609.584609][T18863]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1609.627001][T18863] RIP: 0033:0x45bee9
[ 1609.631555][T18863] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75
[ 1609.656915][T18863] RSP: 002b:00007ffff6b9e448 EFLAGS: 00000202 ORIG_RAX: 0000000000000038
[ 1609.679500][T18863] RAX: ffffffffffffffda RBX: 00007f6872e3d700 RCX: 000000000045bee9
[ 1609.688354][T18863] RDX: 00007f6872e3d9d0 RSI: 00007f6872e3cdb0 RDI: 00000000003d0f00
[ 1609.697777][T18863] RBP: 00007ffff6b9e660 R08: 00007f6872e3d700 R09: 00007f6872e3d700
[ 1609.706258][T18863] R10: 00007f6872e3d9d0 R11: 0000000000000202 R12: 0000000000000000
[ 1609.716367][T18863] R13: 00007ffff6b9e4ff R14: 00007f6872e3d9c0 R15: 000000000075bfd4
15:49:26 executing program 1:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
socket$inet_udplite(0x2, 0x2, 0x88)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0xfffffcbe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:26 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:26 executing program 3:
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:26 executing program 2:
r0 = accept(0xffffffffffffffff, &(0x7f0000000080)=@pppoe={0x18, 0x0, {0x0, @random}}, &(0x7f0000000000)=0x80)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f00000014c0)=ANY=[@ANYBLOB="6e617400000000000000000000000000000000000000000000000000000000001b00000005000000980600003801000038010000c00400000000000000000000f8050000f8050000f8050000f8050000f805000005000000", @ANYPTR=&(0x7f0000000100)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000ef00"/80], @ANYBLOB="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000036fc100100000000000000000000000000000000000000000000000000004e464c4f470000000000000000000000000000000000000000000000000009000000ffff00000000000010c22aafe250511d4e45eeb17b11558c8ec3c2bbb77c03768d35cfeed8bd3cad2bfd9ac25c2a77a5309628e37377552463e539b34ad7d64d54111c1f21011c690000000000000000000000000000000000000001fe8000000000000000000000000000aaff000000ffffff0000000000ffffffffffffffffffffffffffffff00ffffffff68737230000000000000000000000000726f736530000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003a000601010000000000000000000000000000002802700200000000000000000000000000000000000000000000000000006672616700000000000000000000000000000000000000000000000000000fae0000040000000000000002000000380172740000000000000000000000000000000000000000000000000000000003000000ff000000969d042a3ef100003001000000000000000000000000000000000001fe800000000000000000000000000018ff010000000000000000000000000001ff01000000000000000000000000000100000000000000000000000000000000872a3633f4b9d3e18a80d173d3914b49fe8000000000000000000000000000bbfe8000000000000000000000000000aaff010000000000000000000000000001fe800000000000000000000000000027fe8000000000000000000000000000aafe8000000000000000000000000000aa00000000000000000000000000000000fe8000000000000000000000000000aafe880000000000000000000000000101fe8800000000000000000000000001010b000000480052454449524543540000000000000000000000000000000000000000000006000000ac1414bb000000000000000000000000ff0100000000000000000000000000014e204e2200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c800100100000000000000000000000000000000000000000000000048004d41535155455241444500000000000000000000000000000000000000001a000000fe8000000000000000000000000000aafe80000000000000000000000000001a00688100fe8000000000000000000000000000aa3a707747c9153498d3d19c5c96b91b22000000ffffffffffff00000000000000ff000000000000ffff000000ffffffff626f6e645f736c6176655f300000000074756e6c300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000003e00020640000000000000000000000000000000f0003801000000000000000000000000000000000000000000000000280069636d703600000000000000000000000000000000000000000000000000120601000000000048004e45544d415000000000000000000000000000000000000000000000000002000000ac1e0101000000000000000000000000ac141411000000000000000000000000006804000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0xfffffffffffffd5f)
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})
ioctl$sock_proto_private(r0, 0x89ec, &(0x7f0000000180)="a88ad65a8afd1116959e582a672180d18df243c49926d6237af3083994bd1ead56424813f29edb6ff23dcb89a58b9b8d2117ead4a7ed9aac17986b0fb72dedea5162b61bf9fc360f6a2a7a1cdc63e5148bf6d59486998de99efa2716a26011a705e2c4fd35f2ae3e3f975ba8c37848eecbf80f15bd2dbad4e40dfe7a67d1d1a26d0497cdc2")

[ 1609.742370][T18863] memory: usage 306884kB, limit 307200kB, failcnt 54424
[ 1609.798140][T18863] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1609.871238][T18863] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0
[ 1609.935623][T18863] Memory cgroup stats for /syz0: cache:6496KB rss:100948KB rss_huge:0KB shmem:6496KB mapped_file:3208KB dirty:0KB writeback:0KB swap:0KB inactive_anon:6488KB active_anon:100956KB inactive_file:0KB active_file:0KB unevictable:0KB
[ 1609.990023][T18863] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz0,mems_allowed=0-1,oom_memcg=/syz0,task_memcg=/syz0,task=syz-executor.0,pid=7581,uid=0
[ 1610.013200][T18863] Memory cgroup out of memory: Killed process 7581 (syz-executor.0) total-vm:72708kB, anon-rss:152kB, file-rss:35784kB, shmem-rss:4kB
[ 1610.036602][ T1044] oom_reaper: reaped process 7581 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:4kB
15:49:27 executing program 0:
r0 = memfd_create(&(0x7f0000000080)='\x88R\xa9+\x00', 0x0)
write(r0, &(0x7f00000004c0)="ca", 0x1)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4, 0x11, r0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
clone(0x4000000000003fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_hmac_sha1\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}, 0x58)

15:49:27 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='memory.events\x00', 0x7a05, 0x1700)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f00000001c0)="c0dca5055e0bcfec7be070")
write$cgroup_subtree(r0, &(0x7f0000000580)=ANY=[@ANYBLOB='\x00'], 0x1)
write$cgroup_subtree(r1, &(0x7f0000000000)=ANY=[], 0xfffffcbe)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000540)='memory.events\x00', 0x0, 0x0)

15:49:27 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:27 executing program 2:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x7, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:27 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_G_FRAME_INTERVAL(r0, 0xc0305615, &(0x7f0000000200)={0x0, {0x400, 0xa}})
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000000c0)={0x7, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = dup(r0)
getsockname$netlink(r1, &(0x7f0000000040), &(0x7f00000001c0)=0xc)

[ 1610.070675][   T24] audit: type=1804 audit(1561909766.983:56): pid=18919 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.1" name="/root/syzkaller-testdir776936707/syzkaller.CGqS88/4816/memory.events" dev="sda1" ino=16906 res=1
15:49:27 executing program 2:
r0 = open$dir(&(0x7f0000000000)='./file0\x00', 0x14000, 0x20)
open_tree(r0, &(0x7f0000000040)='./file0\x00', 0x81000)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000100)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x3, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x4, 0x4, 0x2}}]}, {0x0, [0x2e]}}, &(0x7f00000006c0)=""/4096, 0x33, 0x1000, 0x1}, 0x20)
r1 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000180)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r1, 0xc0d05640, &(0x7f00000005c0)={0x2, @win={{}, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:27 executing program 4:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x0, 0x0, 0x31384142}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}})

15:49:27 executing program 3:
r0 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000080)='/dev/video35\x00', 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r0, 0x80845663, &(0x7f0000000140))
ioctl$VIDIOC_TRY_FMT(r0, 0xc0d05640, &(0x7f00000005c0)={0x1, @win={{0x300}, 0x0, 0x0, 0x0, 0x0, 0x0}})
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x220242, 0x0)
ioctl$VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f0000000040)={0xa, 0xffffffffffffb5c6, 0x401, 0x84000, r1})
ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f00000000c0)=""/91)
setsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f0000000200)={0x3, 0x100, 0x100, 0x2}, 0x8)

[ 1610.281058][T18945] kasan: CONFIG_KASAN_INLINE enabled
[ 1610.306902][T18945] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 1610.331322][T18945] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[ 1610.338903][T18945] CPU: 1 PID: 18945 Comm: syz-executor.2 Not tainted 5.2.0-rc7 #12
[ 1610.348164][T18945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1610.359071][T18945] RIP: 0010:btf_array_resolve+0x1b4/0x18f0
[ 1610.365535][T18945] Code: 00 00 00 00 00 fc ff df 42 80 3c 30 00 74 08 48 89 df e8 ff 86 25 00 48 8b 03 48 89 44 24 70 48 8d 50 04 49 89 d7 49 c1 ef 03 <43> 8a 04 37 84 c0 48 89 54 24 30 0f 85 ec 10 00 00 44 8b 32 44 89
[ 1610.387106][T18945] RSP: 0018:ffff88804cd2f560 EFLAGS: 00010247
[ 1610.396405][T18945] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000040000
[ 1610.407987][T18945] RDX: 0000000000000004 RSI: 00000000000007d4 RDI: 00000000000007d5
[ 1610.422761][T18945] RBP: ffff88804cd2f690 R08: ffffffff818953bd R09: ffffffff8188fb01
[ 1610.442051][T18945] R10: ffff88808c016080 R11: 0000000000000003 R12: 0000000000000004
[ 1610.454052][T18945] R13: 1ffff11014268c21 R14: dffffc0000000000 R15: 0000000000000000
[ 1610.463785][T18945] FS:  00007f3984e68700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000
[ 1610.474237][T18945] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1610.482022][T18945] CR2: 000000000075c000 CR3: 000000008ae9c000 CR4: 00000000001406e0
[ 1610.490891][T18945] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1610.501011][T18945] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1610.511427][T18945] Call Trace:
[ 1610.515074][T18945]  ? __btf_verifier_log_type+0x5c0/0x5c0
[ 1610.522822][T18945]  ? btf_array_check_meta+0x2b0/0x2b0
[ 1610.529353][T18945]  btf_resolve+0x3ed/0xda0
[ 1610.534539][T18945]  ? btf_sec_info_cmp+0x110/0x110
[ 1610.540188][T18945]  ? kasan_kmalloc+0x9/0x10
[ 1610.546628][T18945]  ? __kmalloc_node+0x4d/0x60
[ 1610.551642][T18945]  btf_new_fd+0x216a/0x37b0
[ 1610.556460][T18945]  ? __might_fault+0xf9/0x160
[ 1610.561250][T18945]  ? btf_release+0xd0/0xd0
[ 1610.566443][T18945]  __do_sys_bpf+0x1212/0xc5d0
[ 1610.571228][T18945]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1610.577664][T18945]  ? __bfs+0x550/0x550
[ 1610.581896][T18945]  ? do_raw_spin_lock+0x143/0x3a0
[ 1610.587960][T18945]  ? __bfs+0x550/0x550
[ 1610.592308][T18945]  ? handle_futex_death+0x3f0/0x3f0
[ 1610.597991][T18945]  ? __bpf_prog_put_rcu+0x320/0x320
[ 1610.604104][T18945]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1610.610283][T18945]  ? __lock_acquire+0xcf7/0x1a40
[ 1610.615483][T18945]  ? __lock_acquire+0xcf7/0x1a40
[ 1610.620882][T18945]  ? trace_lock_acquire+0x190/0x190
[ 1610.626201][T18945]  ? trace_lock_acquire+0x190/0x190
[ 1610.631548][T18945]  ? hashlen_string+0x120/0x120
[ 1610.636835][T18945]  ? __might_fault+0xf9/0x160
[ 1610.641727][T18945]  ? kasan_check_read+0x11/0x20
[ 1610.647104][T18945]  ? _copy_to_user+0xca/0xf0
[ 1610.654641][T18945]  ? put_timespec64+0x106/0x150
[ 1610.660576][T18945]  ? ktime_get_raw+0xf0/0xf0
[ 1610.667533][T18945]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1610.674585][T18945]  ? __x64_sys_clock_gettime+0x1c5/0x220
[ 1610.683665][T18945]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1610.696195][T18945]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1610.707429][T18945]  ? do_syscall_64+0x1d/0x140
[ 1610.723084][T18945]  __x64_sys_bpf+0x7a/0x90
[ 1610.729963][T18945]  do_syscall_64+0xfe/0x140
[ 1610.736976][T18945]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1610.751533][T18945] RIP: 0033:0x459519
[ 1610.759682][T18945] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1610.794449][T18945] RSP: 002b:00007f3984e67c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1610.809335][T18945] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459519
[ 1610.818580][T18945] RDX: 0000000000000020 RSI: 0000000020000100 RDI: 0000000000000012
[ 1610.828402][T18945] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[ 1610.839240][T18945] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3984e686d4
[ 1610.848205][T18945] R13: 00000000004bf726 R14: 00000000004d0fe0 R15: 00000000ffffffff
[ 1610.857664][T18945] Modules linked in:
[ 1610.865870][T18945] ---[ end trace 75c220b08d62de3b ]---
[ 1610.866547][ T3879] kobject: 'loop3' (000000007221e94c): kobject_uevent_env
[ 1610.883901][ T3879] kobject: 'loop3' (000000007221e94c): fill_kobj_path: path = '/devices/virtual/block/loop3'
[ 1610.886655][T18945] RIP: 0010:btf_array_resolve+0x1b4/0x18f0
[ 1610.895731][   T24] audit: type=1804 audit(1561909767.813:57): pid=18939 uid=0 auid=4294967295 ses=4294967295 subj=_ op=invalid_pcr cause=open_writers comm="syz-executor.5" name="/root/syzkaller-testdir037001808/syzkaller.Q9hurf/5327/memory.events" dev="sda1" ino=17217 res=1
[ 1610.907600][T18945] Code: 00 00 00 00 00 fc ff df 42 80 3c 30 00 74 08 48 89 df e8 ff 86 25 00 48 8b 03 48 89 44 24 70 48 8d 50 04 49 89 d7 49 c1 ef 03 <43> 8a 04 37 84 c0 48 89 54 24 30 0f 85 ec 10 00 00 44 8b 32 44 89
[ 1610.940088][ T3879] kobject: 'loop4' (000000008a79ebec): kobject_uevent_env
[ 1610.967278][ T3879] kobject: 'loop4' (000000008a79ebec): fill_kobj_path: path = '/devices/virtual/block/loop4'
[ 1610.972748][T18945] RSP: 0018:ffff88804cd2f560 EFLAGS: 00010247
[ 1610.997316][T18945] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000040000
[ 1611.017404][T18945] RDX: 0000000000000004 RSI: 00000000000007d4 RDI: 00000000000007d5
[ 1611.032199][T18945] RBP: ffff88804cd2f690 R08: ffffffff818953bd R09: ffffffff8188fb01
[ 1611.052068][T18945] R10: ffff88808c016080 R11: 0000000000000003 R12: 0000000000000004
[ 1611.076191][T18945] R13: 1ffff11014268c21 R14: dffffc0000000000 R15: 0000000000000000
[ 1611.078161][T18958] kasan: CONFIG_KASAN_INLINE enabled
[ 1611.092065][T18945] FS:  00007f3984e68700(0000) GS:ffff8880aea00000(0000) knlGS:0000000000000000
[ 1611.096470][T18958] kasan: GPF could be caused by NULL-ptr deref or user memory access
[ 1611.107919][T18945] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1611.115779][T18958] general protection fault: 0000 [#2] PREEMPT SMP KASAN
[ 1611.120748][T18945] CR2: 0000000001ecbea8 CR3: 000000008ae9c000 CR4: 00000000001406f0
[ 1611.125751][T18958] CPU: 1 PID: 18958 Comm: syz-executor.2 Tainted: G      D           5.2.0-rc7 #12
[ 1611.125756][T18958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1611.125772][T18958] RIP: 0010:btf_array_resolve+0x1b4/0x18f0
[ 1611.125787][T18958] Code: 00 00 00 00 00 fc ff df 42 80 3c 30 00 74 08 48 89 df e8 ff 86 25 00 48 8b 03 48 89 44 24 70 48 8d 50 04 49 89 d7 49 c1 ef 03 <43> 8a 04 37 84 c0 48 89 54 24 30 0f 85 ec 10 00 00 44 8b 32 44 89
[ 1611.135245][T18945] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1611.146339][T18958] RSP: 0018:ffff88804614f560 EFLAGS: 00010247
[ 1611.146349][T18958] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000040000
[ 1611.146353][T18958] RDX: 0000000000000004 RSI: 0000000000000732 RDI: 0000000000000733
[ 1611.146358][T18958] RBP: ffff88804614f690 R08: ffffffff818953bd R09: ffffffff8188fb01
[ 1611.146362][T18958] R10: ffff888039b9e080 R11: 0000000000000003 R12: 0000000000000004
[ 1611.146367][T18958] R13: 1ffff11014b1a111 R14: dffffc0000000000 R15: 0000000000000000
[ 1611.146374][T18958] FS:  00007f3984e26700(0000) GS:ffff8880aeb00000(0000) knlGS:0000000000000000
[ 1611.146380][T18958] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1611.146385][T18958] CR2: 00007f3984e25db8 CR3: 000000008ae9c000 CR4: 00000000001406e0
[ 1611.146394][T18958] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1611.146398][T18958] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1611.146402][T18958] Call Trace:
[ 1611.146422][T18958]  ? __btf_verifier_log_type+0x5c0/0x5c0
[ 1611.158139][T18945] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1611.164236][T18958]  ? btf_array_check_meta+0x2b0/0x2b0
[ 1611.164252][T18958]  btf_resolve+0x3ed/0xda0
[ 1611.164268][T18958]  ? btf_sec_info_cmp+0x110/0x110
[ 1611.187869][T18945] Kernel panic - not syncing: Fatal exception
[ 1611.196744][T18958]  ? kasan_kmalloc+0x9/0x10
[ 1611.339442][T18958]  ? __kmalloc_node+0x4d/0x60
[ 1611.344237][T18958]  btf_new_fd+0x216a/0x37b0
[ 1611.349512][T18958]  ? trace_lock_release+0xf8/0x160
[ 1611.356036][T18958]  ? __might_fault+0xf9/0x160
[ 1611.361028][T18958]  ? btf_release+0xd0/0xd0
[ 1611.365936][T18958]  __do_sys_bpf+0x1212/0xc5d0
[ 1611.370711][T18958]  ? tomoyo_file_ioctl+0x23/0x30
[ 1611.376464][T18958]  ? security_file_ioctl+0x6d/0xd0
[ 1611.382651][T18958]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1611.390094][T18958]  ? kasan_check_write+0x14/0x20
[ 1611.395524][T18958]  ? do_raw_spin_lock+0x143/0x3a0
[ 1611.401017][T18958]  ? trace_lock_release+0xf8/0x160
[ 1611.406332][T18958]  ? debug_check_no_obj_freed+0x69d/0x740
[ 1611.412603][T18958]  ? __bpf_prog_put_rcu+0x320/0x320
[ 1611.418251][T18958]  ? trace_lock_acquire+0x190/0x190
[ 1611.423480][T18958]  ? _raw_spin_unlock_irqrestore+0xbc/0xe0
[ 1611.429488][T18958]  ? trace_lock_release+0xf8/0x160
[ 1611.435835][T18958]  ? rcu_lock_release+0x9/0x30
[ 1611.442337][T18958]  ? trace_lock_acquire+0x190/0x190
[ 1611.448324][T18958]  ? trace_lock_release+0xf8/0x160
[ 1611.454920][T18958]  ? kcov_ioctl+0x25c/0x270
[ 1611.459725][T18958]  ? kasan_check_read+0x11/0x20
[ 1611.464905][T18958]  ? do_raw_spin_unlock+0x49/0x260
[ 1611.470035][T18958]  ? trace_lock_release+0xf8/0x160
[ 1611.475816][T18958]  ? __might_fault+0xf9/0x160
[ 1611.481244][T18958]  ? kasan_check_read+0x11/0x20
[ 1611.486460][T18958]  ? _copy_to_user+0xca/0xf0
[ 1611.491275][T18958]  ? put_timespec64+0x106/0x150
[ 1611.496258][T18958]  ? ktime_get_raw+0xf0/0xf0
[ 1611.501075][T18958]  ? check_preemption_disabled+0xb7/0x280
[ 1611.507054][T18958]  ? prepare_exit_to_usermode+0x1e1/0x4f0
[ 1611.513614][T18958]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[ 1611.519182][T18958]  ? trace_irq_disable_rcuidle+0x23/0x1c0
[ 1611.525145][T18958]  ? trace_hardirqs_off_caller+0x58/0x80
[ 1611.530939][T18958]  ? do_syscall_64+0x1d/0x140
[ 1611.536123][T18958]  __x64_sys_bpf+0x7a/0x90
[ 1611.541399][T18958]  do_syscall_64+0xfe/0x140
[ 1611.547096][T18958]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[ 1611.553825][T18958] RIP: 0033:0x459519
[ 1611.557831][T18958] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[ 1611.579362][T18958] RSP: 002b:00007f3984e25c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1611.589275][T18958] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459519
[ 1611.598532][T18958] RDX: 0000000000000020 RSI: 0000000020000100 RDI: 0000000000000012
[ 1611.607456][T18958] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000
[ 1611.615880][T18958] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f3984e266d4
[ 1611.623957][T18958] R13: 00000000004bf726 R14: 00000000004d0fe0 R15: 00000000ffffffff
[ 1611.632570][T18958] Modules linked in:
[ 1611.638635][T18945] Kernel Offset: disabled
[ 1611.643640][T18945] Rebooting in 86400 seconds..