[ 386.820398] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.825256] ? native_iret+0x7/0x7 [ 386.828786] ? find_held_lock+0x36/0x1c0 [ 386.832844] _do_fork+0x1cb/0x11d0 [ 386.836379] ? fork_idle+0x1d0/0x1d0 [ 386.840080] ? lock_downgrade+0x900/0x900 [ 386.844215] ? kasan_check_read+0x11/0x20 [ 386.848347] ? _copy_to_user+0xc8/0x110 [ 386.852306] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 386.857828] ? put_timespec64+0x10f/0x1b0 [ 386.861961] ? nsecs_to_jiffies+0x30/0x30 [ 386.866111] ? do_syscall_64+0x9a/0x820 [ 386.870081] ? do_syscall_64+0x9a/0x820 [ 386.874038] ? lockdep_hardirqs_on+0x421/0x5c0 [ 386.878623] ? trace_hardirqs_on+0xbd/0x310 [ 386.882929] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 386.888451] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 386.893805] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 386.899237] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 386.904787] __x64_sys_clone+0xbf/0x150 [ 386.908758] do_syscall_64+0x1b9/0x820 [ 386.912628] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 386.917977] ? syscall_return_slowpath+0x5e0/0x5e0 [ 386.922898] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.927726] ? trace_hardirqs_on_caller+0x310/0x310 [ 386.932726] ? prepare_exit_to_usermode+0x291/0x3b0 [ 386.937729] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 386.942576] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 386.947751] RIP: 0033:0x455b4a [ 386.950941] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 386.969825] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 386.977526] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 386.984783] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 386.992042] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 386.999293] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 387.006547] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 387.015264] Memory limit reached of cgroup /syz5 [ 387.020329] memory: usage 205880kB, limit 204800kB, failcnt 1502 [ 387.026556] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 387.033310] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 387.039529] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 387.059557] Out of memory and no killable processes... [ 387.066283] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 387.079140] syz-executor5 cpuset=syz5 mems_allowed=0 [ 387.084245] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 387.091415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 387.100747] Call Trace: [ 387.103342] dump_stack+0x1c4/0x2b4 [ 387.106956] ? dump_stack_print_info.cold.2+0x52/0x52 [ 387.112135] dump_header+0x27b/0xf72 [ 387.115833] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 387.121615] ? kasan_check_read+0x11/0x20 [ 387.125752] ? pagefault_out_of_memory+0x197/0x197 [ 387.130669] ? rcu_read_unlock+0x33/0x60 [ 387.134714] ? mem_cgroup_iter+0x514/0x1160 [ 387.139016] ? find_held_lock+0x36/0x1c0 [ 387.143075] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 387.147813] ? mark_held_locks+0xc7/0x130 [ 387.151982] ? _raw_spin_unlock_irq+0x27/0x80 [ 387.156460] ? _raw_spin_unlock_irq+0x27/0x80 [ 387.160955] ? lockdep_hardirqs_on+0x421/0x5c0 [ 387.165528] ? trace_hardirqs_on+0xbd/0x310 [ 387.169828] ? kasan_check_read+0x11/0x20 [ 387.173980] ? css_task_iter_end+0x222/0x490 [ 387.178379] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 387.183817] ? kasan_check_write+0x14/0x20 [ 387.188033] ? do_raw_spin_lock+0xc1/0x200 [ 387.192251] ? _raw_spin_unlock_irq+0x60/0x80 [ 387.196730] ? css_task_iter_end+0x2ce/0x490 [ 387.201125] ? cgroup_procs_next+0x70/0x70 [ 387.205365] ? _raw_spin_unlock_irq+0x60/0x80 [ 387.209858] ? oom_badness+0xaa0/0xaa0 [ 387.213749] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 387.218493] ? mem_cgroup_iter_break+0x30/0x30 [ 387.223069] ? mark_held_locks+0xc7/0x130 [ 387.227218] out_of_memory.cold.30+0xf/0x184 [ 387.231622] ? lockdep_hardirqs_on+0x421/0x5c0 [ 387.236185] ? kasan_check_read+0x11/0x20 [ 387.240316] ? oom_killer_disable+0x3a0/0x3a0 [ 387.244800] ? kasan_check_write+0x14/0x20 [ 387.249034] ? do_raw_spin_lock+0xc1/0x200 [ 387.253257] mem_cgroup_out_of_memory+0x15e/0x210 [ 387.258081] ? memcg_memory_event+0x40/0x40 [ 387.262381] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 387.267214] ? page_counter_try_charge+0x1c1/0x220 [ 387.272124] try_charge+0xc43/0x1690 [ 387.275821] ? lock_downgrade+0x900/0x900 [ 387.279959] ? check_preemption_disabled+0x48/0x200 [ 387.284964] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 387.291007] ? find_held_lock+0x36/0x1c0 [ 387.295078] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 387.299915] ? lock_downgrade+0x900/0x900 [ 387.304057] ? check_preemption_disabled+0x48/0x200 [ 387.309071] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 387.314859] ? kasan_check_read+0x11/0x20 [ 387.318989] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 387.324251] ? rcu_bh_qs+0xc0/0xc0 [ 387.327781] ? get_mem_cgroup_from_mm+0x206/0x440 [ 387.332609] memcg_kmem_charge_memcg+0x7c/0x120 [ 387.337260] ? memcg_kmem_put_cache+0xb0/0xb0 [ 387.341737] ? kmem_cache_alloc+0x12e/0x730 [ 387.346039] ? pte_alloc_one+0x6b/0x1a0 [ 387.349995] ? __pte_alloc+0x2a/0x350 [ 387.353776] ? copy_page_range+0x18c5/0x26b0 [ 387.358165] ? copy_process+0x4721/0x8780 [ 387.362298] memcg_kmem_charge+0x135/0x300 [ 387.366517] __alloc_pages_nodemask+0x72e/0xde0 [ 387.371169] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 387.376169] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 387.381705] ? check_preemption_disabled+0x48/0x200 [ 387.386705] ? graph_lock+0x170/0x170 [ 387.390489] ? find_held_lock+0x36/0x1c0 [ 387.394541] ? __lock_is_held+0xb5/0x140 [ 387.398594] ? lock_downgrade+0x900/0x900 [ 387.402725] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 387.408256] alloc_pages_current+0x10c/0x210 [ 387.412648] ? ___might_sleep+0x1ed/0x300 [ 387.416805] pte_alloc_one+0x1b/0x1a0 [ 387.420587] __pte_alloc+0x2a/0x350 [ 387.424200] copy_page_range+0x18c5/0x26b0 [ 387.428436] ? pmd_alloc+0x180/0x180 [ 387.432138] ? save_stack+0xa9/0xd0 [ 387.435748] ? save_stack+0x43/0xd0 [ 387.439354] ? kasan_slab_alloc+0x12/0x20 [ 387.443484] ? kmem_cache_alloc+0x12e/0x730 [ 387.447791] ? vm_area_dup+0x7a/0x230 [ 387.451577] ? copy_process+0x42a0/0x8780 [ 387.455702] ? _do_fork+0x1cb/0x11d0 [ 387.459396] ? __x64_sys_clone+0xbf/0x150 [ 387.463533] ? do_syscall_64+0x1b9/0x820 [ 387.467579] ? graph_lock+0x170/0x170 [ 387.471360] ? lock_downgrade+0x900/0x900 [ 387.475490] ? graph_lock+0x170/0x170 [ 387.479275] ? graph_lock+0x170/0x170 [ 387.483062] ? find_held_lock+0x36/0x1c0 [ 387.487109] ? copy_process+0x454b/0x8780 [ 387.491239] ? lock_downgrade+0x900/0x900 [ 387.495372] ? lock_release+0x970/0x970 [ 387.499328] ? arch_local_save_flags+0x40/0x40 [ 387.503891] ? dup_userfaultfd+0x6d8/0x890 [ 387.508112] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 387.513124] ? vma_compute_subtree_gap+0x160/0x240 [ 387.518039] ? validate_mm_rb+0xaa/0xc0 [ 387.521998] ? __vma_link_rb+0x26c/0x370 [ 387.526049] copy_process+0x4721/0x8780 [ 387.530022] ? __cleanup_sighand+0x70/0x70 [ 387.534244] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 387.539765] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 387.545288] ? page_swapcount+0x1d0/0x1d0 [ 387.549423] ? graph_lock+0x170/0x170 [ 387.553252] ? update_curr+0x4cf/0xbe0 [ 387.557127] ? __lock_acquire+0x7ec/0x4ec0 [ 387.561348] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 387.567171] ? __lock_is_held+0xb5/0x140 [ 387.571232] ? mark_held_locks+0x130/0x130 [ 387.575454] ? print_usage_bug+0xc0/0xc0 [ 387.579501] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 387.585025] ? check_preemption_disabled+0x48/0x200 [ 387.590026] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 387.595551] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 387.600913] ? print_usage_bug+0xc0/0xc0 [ 387.605204] ? __lock_acquire+0x7ec/0x4ec0 [ 387.609431] ? trace_hardirqs_on_caller+0x310/0x310 [ 387.614430] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 387.619953] ? check_preemption_disabled+0x48/0x200 [ 387.624976] ? print_usage_bug+0xc0/0xc0 [ 387.629029] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 387.634550] ? reuse_swap_page+0x4bd/0x1520 [ 387.638855] ? swp_swapcount+0x530/0x530 [ 387.642904] ? find_held_lock+0x36/0x1c0 [ 387.646970] ? __lock_acquire+0x7ec/0x4ec0 [ 387.651209] ? mark_held_locks+0x130/0x130 [ 387.655430] ? finish_task_switch+0x1f5/0x900 [ 387.659911] ? __lock_acquire+0x7ec/0x4ec0 [ 387.664142] ? mark_held_locks+0x130/0x130 [ 387.668358] ? graph_lock+0x170/0x170 [ 387.672139] ? mark_held_locks+0x130/0x130 [ 387.676358] ? check_preemption_disabled+0x48/0x200 [ 387.681356] ? check_preemption_disabled+0x48/0x200 [ 387.686360] ? find_held_lock+0x36/0x1c0 [ 387.690434] ? print_usage_bug+0xc0/0xc0 [ 387.694487] ? print_usage_bug+0xc0/0xc0 [ 387.698533] ? do_wp_page+0xa6f/0x1390 [ 387.702411] ? lock_downgrade+0x900/0x900 [ 387.706561] ? wake_up_page_bit+0x6f0/0x6f0 [ 387.710880] ? kasan_check_read+0x11/0x20 [ 387.715206] ? __lock_acquire+0x7ec/0x4ec0 [ 387.719429] ? _raw_spin_unlock+0x2c/0x50 [ 387.723565] ? mark_held_locks+0x130/0x130 [ 387.727778] ? find_held_lock+0x36/0x1c0 [ 387.731834] ? lock_release+0x970/0x970 [ 387.735826] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 387.741353] ? kasan_check_write+0x14/0x20 [ 387.745572] ? do_raw_spin_lock+0xc1/0x200 [ 387.749794] ? error_exit+0xb/0x20 [ 387.753318] ? error_exit+0xb/0x20 [ 387.756845] ? trace_hardirqs_off_caller+0xbb/0x310 [ 387.761883] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.766706] ? trace_hardirqs_on_caller+0x310/0x310 [ 387.771705] ? graph_lock+0x170/0x170 [ 387.775494] ? graph_lock+0x170/0x170 [ 387.779279] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.784125] ? native_iret+0x7/0x7 [ 387.787656] ? find_held_lock+0x36/0x1c0 [ 387.791706] _do_fork+0x1cb/0x11d0 [ 387.795231] ? fork_idle+0x1d0/0x1d0 [ 387.798926] ? lock_downgrade+0x900/0x900 [ 387.803085] ? kasan_check_read+0x11/0x20 [ 387.807217] ? _copy_to_user+0xc8/0x110 [ 387.811179] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 387.816699] ? put_timespec64+0x10f/0x1b0 [ 387.820829] ? nsecs_to_jiffies+0x30/0x30 [ 387.824963] ? do_syscall_64+0x9a/0x820 [ 387.828921] ? do_syscall_64+0x9a/0x820 [ 387.832880] ? lockdep_hardirqs_on+0x421/0x5c0 [ 387.837445] ? trace_hardirqs_on+0xbd/0x310 [ 387.841750] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 387.847277] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 387.852633] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 387.858246] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 387.863780] __x64_sys_clone+0xbf/0x150 [ 387.867749] do_syscall_64+0x1b9/0x820 [ 387.871618] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 387.876988] ? syscall_return_slowpath+0x5e0/0x5e0 [ 387.881901] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.886737] ? trace_hardirqs_on_caller+0x310/0x310 [ 387.891742] ? prepare_exit_to_usermode+0x291/0x3b0 [ 387.896744] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 387.901574] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 387.906746] RIP: 0033:0x455b4a [ 387.909921] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 387.928805] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 387.936500] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 387.943751] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 387.951009] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 387.958283] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 387.965549] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 387.973267] Memory limit reached of cgroup /syz5 [ 387.978140] memory: usage 205860kB, limit 204800kB, failcnt 1510 [ 387.984333] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 387.991140] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 387.997315] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 388.017191] Out of memory and no killable processes... [ 388.023717] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 388.036694] syz-executor5 cpuset=syz5 mems_allowed=0 [ 388.041824] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 388.048991] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 388.058322] Call Trace: [ 388.060898] dump_stack+0x1c4/0x2b4 [ 388.064510] ? dump_stack_print_info.cold.2+0x52/0x52 [ 388.069697] dump_header+0x27b/0xf72 [ 388.073398] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 388.079187] ? kasan_check_read+0x11/0x20 [ 388.083325] ? pagefault_out_of_memory+0x197/0x197 [ 388.088244] ? rcu_read_unlock+0x33/0x60 [ 388.092288] ? mem_cgroup_iter+0x514/0x1160 [ 388.096594] ? find_held_lock+0x36/0x1c0 [ 388.100649] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 388.105387] ? mark_held_locks+0xc7/0x130 [ 388.109545] ? _raw_spin_unlock_irq+0x27/0x80 [ 388.114027] ? _raw_spin_unlock_irq+0x27/0x80 [ 388.118508] ? lockdep_hardirqs_on+0x421/0x5c0 [ 388.123071] ? trace_hardirqs_on+0xbd/0x310 [ 388.127370] ? kasan_check_read+0x11/0x20 [ 388.131499] ? css_task_iter_end+0x222/0x490 [ 388.135893] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 388.141327] ? kasan_check_write+0x14/0x20 [ 388.145548] ? do_raw_spin_lock+0xc1/0x200 [ 388.149766] ? _raw_spin_unlock_irq+0x60/0x80 [ 388.154245] ? css_task_iter_end+0x2ce/0x490 [ 388.158651] ? cgroup_procs_next+0x70/0x70 [ 388.162872] ? _raw_spin_unlock_irq+0x60/0x80 [ 388.167349] ? oom_badness+0xaa0/0xaa0 [ 388.171220] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 388.175958] ? mem_cgroup_iter_break+0x30/0x30 [ 388.180533] ? mark_held_locks+0xc7/0x130 [ 388.184664] out_of_memory.cold.30+0xf/0x184 [ 388.189053] ? lockdep_hardirqs_on+0x421/0x5c0 [ 388.193705] ? kasan_check_read+0x11/0x20 [ 388.197835] ? oom_killer_disable+0x3a0/0x3a0 [ 388.202350] ? kasan_check_write+0x14/0x20 [ 388.206569] ? do_raw_spin_lock+0xc1/0x200 [ 388.210804] mem_cgroup_out_of_memory+0x15e/0x210 [ 388.215654] ? memcg_memory_event+0x40/0x40 [ 388.219955] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 388.224787] ? page_counter_try_charge+0x1c1/0x220 [ 388.229721] try_charge+0xc43/0x1690 [ 388.233431] ? lock_downgrade+0x900/0x900 [ 388.238099] ? check_preemption_disabled+0x48/0x200 [ 388.243105] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 388.249151] ? find_held_lock+0x36/0x1c0 [ 388.253227] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 388.258051] ? lock_downgrade+0x900/0x900 [ 388.262185] ? check_preemption_disabled+0x48/0x200 [ 388.267205] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 388.273012] ? kasan_check_read+0x11/0x20 [ 388.277144] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 388.282412] ? rcu_bh_qs+0xc0/0xc0 [ 388.285955] ? get_mem_cgroup_from_mm+0x206/0x440 [ 388.290786] memcg_kmem_charge_memcg+0x7c/0x120 [ 388.295437] ? memcg_kmem_put_cache+0xb0/0xb0 [ 388.299916] ? print_usage_bug+0xc0/0xc0 [ 388.303962] memcg_kmem_charge+0x135/0x300 [ 388.308184] __alloc_pages_nodemask+0x72e/0xde0 [ 388.312838] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 388.317865] ? __lock_acquire+0x7ec/0x4ec0 [ 388.322109] ? check_preemption_disabled+0x48/0x200 [ 388.327105] ? graph_lock+0x170/0x170 [ 388.330887] ? find_held_lock+0x36/0x1c0 [ 388.334936] ? __lock_is_held+0xb5/0x140 [ 388.338989] ? lock_downgrade+0x900/0x900 [ 388.343120] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 388.348642] alloc_pages_current+0x10c/0x210 [ 388.353036] ? ___might_sleep+0x1ed/0x300 [ 388.357180] pte_alloc_one+0x1b/0x1a0 [ 388.360963] __pte_alloc+0x2a/0x350 [ 388.364579] copy_page_range+0x18c5/0x26b0 [ 388.368811] ? pmd_alloc+0x180/0x180 [ 388.372509] ? save_stack+0xa9/0xd0 [ 388.376114] ? save_stack+0x43/0xd0 [ 388.379725] ? kasan_slab_alloc+0x12/0x20 [ 388.383858] ? kmem_cache_alloc+0x12e/0x730 [ 388.388161] ? vm_area_dup+0x7a/0x230 [ 388.391939] ? copy_process+0x42a0/0x8780 [ 388.396075] ? _do_fork+0x1cb/0x11d0 [ 388.399766] ? __x64_sys_clone+0xbf/0x150 [ 388.403898] ? do_syscall_64+0x1b9/0x820 [ 388.407945] ? graph_lock+0x170/0x170 [ 388.411726] ? lock_downgrade+0x900/0x900 [ 388.415858] ? graph_lock+0x170/0x170 [ 388.419639] ? kasan_check_read+0x11/0x20 [ 388.423766] ? graph_lock+0x170/0x170 [ 388.427549] ? find_held_lock+0x36/0x1c0 [ 388.431593] ? copy_process+0x454b/0x8780 [ 388.435723] ? lock_downgrade+0x900/0x900 [ 388.439881] ? lock_release+0x970/0x970 [ 388.443847] ? arch_local_save_flags+0x40/0x40 [ 388.448419] ? dup_userfaultfd+0x6d8/0x890 [ 388.452656] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 388.457669] ? vma_compute_subtree_gap+0x160/0x240 [ 388.462582] ? validate_mm_rb+0xaa/0xc0 [ 388.466537] ? __vma_link_rb+0x26c/0x370 [ 388.470582] copy_process+0x4721/0x8780 [ 388.474554] ? __cleanup_sighand+0x70/0x70 [ 388.478774] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 388.484293] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 388.489819] ? page_swapcount+0x1d0/0x1d0 [ 388.493950] ? graph_lock+0x170/0x170 [ 388.497738] ? update_curr+0x4cf/0xbe0 [ 388.501610] ? __lock_acquire+0x7ec/0x4ec0 [ 388.505830] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 388.511611] ? __lock_is_held+0xb5/0x140 [ 388.515659] ? mark_held_locks+0x130/0x130 [ 388.519881] ? print_usage_bug+0xc0/0xc0 [ 388.524012] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 388.529549] ? check_preemption_disabled+0x48/0x200 [ 388.534549] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 388.540070] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 388.545417] ? print_usage_bug+0xc0/0xc0 [ 388.549487] ? __lock_acquire+0x7ec/0x4ec0 [ 388.553706] ? trace_hardirqs_on_caller+0x310/0x310 [ 388.558703] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 388.564223] ? check_preemption_disabled+0x48/0x200 [ 388.569234] ? print_usage_bug+0xc0/0xc0 [ 388.573277] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 388.578792] ? reuse_swap_page+0x4bd/0x1520 [ 388.583107] ? swp_swapcount+0x530/0x530 [ 388.587147] ? find_held_lock+0x36/0x1c0 [ 388.591194] ? __lock_acquire+0x7ec/0x4ec0 [ 388.595414] ? mark_held_locks+0x130/0x130 [ 388.599647] ? finish_task_switch+0x1f5/0x900 [ 388.604126] ? __lock_acquire+0x7ec/0x4ec0 [ 388.608356] ? mark_held_locks+0x130/0x130 [ 388.612584] ? graph_lock+0x170/0x170 [ 388.616367] ? mark_held_locks+0x130/0x130 [ 388.620586] ? check_preemption_disabled+0x48/0x200 [ 388.625581] ? check_preemption_disabled+0x48/0x200 [ 388.630584] ? find_held_lock+0x36/0x1c0 [ 388.634630] ? print_usage_bug+0xc0/0xc0 [ 388.638674] ? print_usage_bug+0xc0/0xc0 [ 388.642719] ? do_wp_page+0xa6f/0x1390 [ 388.646587] ? lock_downgrade+0x900/0x900 [ 388.650722] ? wake_up_page_bit+0x6f0/0x6f0 [ 388.655027] ? kasan_check_read+0x11/0x20 [ 388.659162] ? __lock_acquire+0x7ec/0x4ec0 [ 388.663383] ? _raw_spin_unlock+0x2c/0x50 [ 388.667530] ? mark_held_locks+0x130/0x130 [ 388.671754] ? find_held_lock+0x36/0x1c0 [ 388.675803] ? lock_release+0x970/0x970 [ 388.679767] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 388.685287] ? kasan_check_write+0x14/0x20 [ 388.689519] ? do_raw_spin_lock+0xc1/0x200 [ 388.693738] ? error_exit+0xb/0x20 [ 388.697260] ? error_exit+0xb/0x20 [ 388.700785] ? trace_hardirqs_off_caller+0xbb/0x310 [ 388.705786] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.710614] ? trace_hardirqs_on_caller+0x310/0x310 [ 388.715611] ? graph_lock+0x170/0x170 [ 388.719396] ? graph_lock+0x170/0x170 [ 388.723189] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.728015] ? native_iret+0x7/0x7 [ 388.731539] ? find_held_lock+0x36/0x1c0 [ 388.735603] _do_fork+0x1cb/0x11d0 [ 388.739142] ? fork_idle+0x1d0/0x1d0 [ 388.742854] ? lock_downgrade+0x900/0x900 [ 388.746994] ? kasan_check_read+0x11/0x20 [ 388.751121] ? _copy_to_user+0xc8/0x110 [ 388.755075] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 388.760606] ? put_timespec64+0x10f/0x1b0 [ 388.764740] ? nsecs_to_jiffies+0x30/0x30 [ 388.768881] ? do_syscall_64+0x9a/0x820 [ 388.772836] ? do_syscall_64+0x9a/0x820 [ 388.776794] ? lockdep_hardirqs_on+0x421/0x5c0 [ 388.781365] ? trace_hardirqs_on+0xbd/0x310 [ 388.785685] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 388.791205] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 388.796549] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 388.801984] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 388.807506] __x64_sys_clone+0xbf/0x150 [ 388.811464] do_syscall_64+0x1b9/0x820 [ 388.815338] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 388.820681] ? syscall_return_slowpath+0x5e0/0x5e0 [ 388.825589] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.830417] ? trace_hardirqs_on_caller+0x310/0x310 [ 388.835423] ? prepare_exit_to_usermode+0x291/0x3b0 [ 388.840429] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 388.845288] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 388.850460] RIP: 0033:0x455b4a [ 388.853640] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 388.872520] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 388.880209] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 388.887457] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 388.894711] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 388.901960] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 388.909209] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 388.918178] Memory limit reached of cgroup /syz5 [ 388.922993] memory: usage 205864kB, limit 204800kB, failcnt 1518 [ 388.929251] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 388.936057] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 388.942184] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 388.962243] Out of memory and no killable processes... [ 388.969050] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 388.981952] syz-executor5 cpuset=syz5 mems_allowed=0 [ 388.987164] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 388.994335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.003671] Call Trace: [ 389.006246] dump_stack+0x1c4/0x2b4 [ 389.009859] ? dump_stack_print_info.cold.2+0x52/0x52 [ 389.015036] dump_header+0x27b/0xf72 [ 389.018739] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 389.024516] ? kasan_check_read+0x11/0x20 [ 389.028646] ? pagefault_out_of_memory+0x197/0x197 [ 389.033563] ? rcu_read_unlock+0x33/0x60 [ 389.037622] ? mem_cgroup_iter+0x514/0x1160 [ 389.041929] ? find_held_lock+0x36/0x1c0 [ 389.045978] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 389.050719] ? mark_held_locks+0xc7/0x130 [ 389.054851] ? _raw_spin_unlock_irq+0x27/0x80 [ 389.059325] ? _raw_spin_unlock_irq+0x27/0x80 [ 389.063800] ? lockdep_hardirqs_on+0x421/0x5c0 [ 389.068363] ? trace_hardirqs_on+0xbd/0x310 [ 389.072927] ? kasan_check_read+0x11/0x20 [ 389.077058] ? css_task_iter_end+0x222/0x490 [ 389.081448] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 389.086881] ? kasan_check_write+0x14/0x20 [ 389.091114] ? do_raw_spin_lock+0xc1/0x200 [ 389.095342] ? _raw_spin_unlock_irq+0x60/0x80 [ 389.099825] ? css_task_iter_end+0x2ce/0x490 [ 389.104241] ? cgroup_procs_next+0x70/0x70 [ 389.108483] ? _raw_spin_unlock_irq+0x60/0x80 [ 389.112966] ? oom_badness+0xaa0/0xaa0 [ 389.116839] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 389.121577] ? mem_cgroup_iter_break+0x30/0x30 [ 389.126150] ? mark_held_locks+0xc7/0x130 [ 389.130280] out_of_memory.cold.30+0xf/0x184 [ 389.134672] ? lockdep_hardirqs_on+0x421/0x5c0 [ 389.139238] ? kasan_check_read+0x11/0x20 [ 389.143382] ? oom_killer_disable+0x3a0/0x3a0 [ 389.147860] ? kasan_check_write+0x14/0x20 [ 389.152078] ? do_raw_spin_lock+0xc1/0x200 [ 389.156301] mem_cgroup_out_of_memory+0x15e/0x210 [ 389.161124] ? memcg_memory_event+0x40/0x40 [ 389.165432] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 389.170259] ? page_counter_try_charge+0x1c1/0x220 [ 389.175170] try_charge+0xc43/0x1690 [ 389.178874] ? lock_downgrade+0x900/0x900 [ 389.183006] ? check_preemption_disabled+0x48/0x200 [ 389.188010] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 389.194052] ? find_held_lock+0x36/0x1c0 [ 389.198109] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 389.202947] ? lock_downgrade+0x900/0x900 [ 389.207083] ? check_preemption_disabled+0x48/0x200 [ 389.212087] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 389.217867] ? kasan_check_read+0x11/0x20 [ 389.222007] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 389.227268] ? rcu_bh_qs+0xc0/0xc0 [ 389.230798] ? get_mem_cgroup_from_mm+0x206/0x440 [ 389.235653] memcg_kmem_charge_memcg+0x7c/0x120 [ 389.240307] ? memcg_kmem_put_cache+0xb0/0xb0 [ 389.244788] ? print_usage_bug+0xc0/0xc0 [ 389.248832] memcg_kmem_charge+0x135/0x300 [ 389.253078] __alloc_pages_nodemask+0x72e/0xde0 [ 389.257749] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 389.262751] ? __lock_acquire+0x7ec/0x4ec0 [ 389.267022] ? check_preemption_disabled+0x48/0x200 [ 389.272050] ? graph_lock+0x170/0x170 [ 389.275831] ? find_held_lock+0x36/0x1c0 [ 389.279883] ? __lock_is_held+0xb5/0x140 [ 389.283924] ? lock_downgrade+0x900/0x900 [ 389.288074] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 389.293598] alloc_pages_current+0x10c/0x210 [ 389.298014] ? ___might_sleep+0x1ed/0x300 [ 389.302148] pte_alloc_one+0x1b/0x1a0 [ 389.305934] __pte_alloc+0x2a/0x350 [ 389.309563] copy_page_range+0x18c5/0x26b0 [ 389.313796] ? pmd_alloc+0x180/0x180 [ 389.317501] ? save_stack+0xa9/0xd0 [ 389.321122] ? save_stack+0x43/0xd0 [ 389.324730] ? kasan_slab_alloc+0x12/0x20 [ 389.328862] ? kmem_cache_alloc+0x12e/0x730 [ 389.333163] ? vm_area_dup+0x7a/0x230 [ 389.336942] ? copy_process+0x42a0/0x8780 [ 389.341070] ? _do_fork+0x1cb/0x11d0 [ 389.344764] ? __x64_sys_clone+0xbf/0x150 [ 389.348913] ? do_syscall_64+0x1b9/0x820 [ 389.352986] ? graph_lock+0x170/0x170 [ 389.356769] ? lock_downgrade+0x900/0x900 [ 389.360896] ? graph_lock+0x170/0x170 [ 389.364679] ? graph_lock+0x170/0x170 [ 389.368462] ? find_held_lock+0x36/0x1c0 [ 389.372532] ? copy_process+0x454b/0x8780 [ 389.376665] ? lock_downgrade+0x900/0x900 [ 389.380797] ? lock_release+0x970/0x970 [ 389.384753] ? arch_local_save_flags+0x40/0x40 [ 389.389328] ? dup_userfaultfd+0x6d8/0x890 [ 389.393564] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 389.398560] ? vma_compute_subtree_gap+0x160/0x240 [ 389.403470] ? validate_mm_rb+0xaa/0xc0 [ 389.407448] ? __vma_link_rb+0x26c/0x370 [ 389.411505] copy_process+0x4721/0x8780 [ 389.415487] ? __cleanup_sighand+0x70/0x70 [ 389.419707] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 389.425239] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 389.430758] ? page_swapcount+0x1d0/0x1d0 [ 389.434893] ? graph_lock+0x170/0x170 [ 389.438676] ? update_curr+0x4cf/0xbe0 [ 389.442548] ? __lock_acquire+0x7ec/0x4ec0 [ 389.446764] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 389.452544] ? __lock_is_held+0xb5/0x140 [ 389.456594] ? mark_held_locks+0x130/0x130 [ 389.460817] ? print_usage_bug+0xc0/0xc0 [ 389.464861] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.470385] ? check_preemption_disabled+0x48/0x200 [ 389.475392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.480921] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 389.486269] ? print_usage_bug+0xc0/0xc0 [ 389.490337] ? __lock_acquire+0x7ec/0x4ec0 [ 389.494555] ? trace_hardirqs_on_caller+0x310/0x310 [ 389.499554] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.505079] ? check_preemption_disabled+0x48/0x200 [ 389.510087] ? print_usage_bug+0xc0/0xc0 [ 389.514153] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.519673] ? reuse_swap_page+0x4bd/0x1520 [ 389.523978] ? swp_swapcount+0x530/0x530 [ 389.528025] ? find_held_lock+0x36/0x1c0 [ 389.532127] ? __lock_acquire+0x7ec/0x4ec0 [ 389.536347] ? mark_held_locks+0x130/0x130 [ 389.540564] ? finish_task_switch+0x1f5/0x900 [ 389.545055] ? __lock_acquire+0x7ec/0x4ec0 [ 389.549276] ? mark_held_locks+0x130/0x130 [ 389.553495] ? graph_lock+0x170/0x170 [ 389.557276] ? mark_held_locks+0x130/0x130 [ 389.561496] ? check_preemption_disabled+0x48/0x200 [ 389.566533] ? check_preemption_disabled+0x48/0x200 [ 389.571537] ? find_held_lock+0x36/0x1c0 [ 389.575580] ? print_usage_bug+0xc0/0xc0 [ 389.579628] ? print_usage_bug+0xc0/0xc0 [ 389.583673] ? do_wp_page+0xa6f/0x1390 [ 389.587542] ? lock_downgrade+0x900/0x900 [ 389.591676] ? wake_up_page_bit+0x6f0/0x6f0 [ 389.595985] ? kasan_check_read+0x11/0x20 [ 389.600131] ? __lock_acquire+0x7ec/0x4ec0 [ 389.604633] ? _raw_spin_unlock+0x2c/0x50 [ 389.608768] ? mark_held_locks+0x130/0x130 [ 389.612987] ? find_held_lock+0x36/0x1c0 [ 389.617059] ? lock_release+0x970/0x970 [ 389.621031] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 389.626549] ? kasan_check_write+0x14/0x20 [ 389.630768] ? do_raw_spin_lock+0xc1/0x200 [ 389.634989] ? error_exit+0xb/0x20 [ 389.638516] ? error_exit+0xb/0x20 [ 389.642049] ? trace_hardirqs_off_caller+0xbb/0x310 [ 389.647068] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.651901] ? trace_hardirqs_on_caller+0x310/0x310 [ 389.656898] ? graph_lock+0x170/0x170 [ 389.660681] ? graph_lock+0x170/0x170 [ 389.664489] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.669319] ? native_iret+0x7/0x7 [ 389.672860] ? find_held_lock+0x36/0x1c0 [ 389.676911] _do_fork+0x1cb/0x11d0 [ 389.680438] ? fork_idle+0x1d0/0x1d0 [ 389.684135] ? lock_downgrade+0x900/0x900 [ 389.688271] ? kasan_check_read+0x11/0x20 [ 389.692402] ? _copy_to_user+0xc8/0x110 [ 389.696380] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 389.701904] ? put_timespec64+0x10f/0x1b0 [ 389.706034] ? nsecs_to_jiffies+0x30/0x30 [ 389.710165] ? do_syscall_64+0x9a/0x820 [ 389.714278] ? do_syscall_64+0x9a/0x820 [ 389.718249] ? lockdep_hardirqs_on+0x421/0x5c0 [ 389.722826] ? trace_hardirqs_on+0xbd/0x310 [ 389.727132] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.732652] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 389.737999] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 389.743431] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 389.748966] __x64_sys_clone+0xbf/0x150 [ 389.752951] do_syscall_64+0x1b9/0x820 [ 389.756840] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 389.762189] ? syscall_return_slowpath+0x5e0/0x5e0 [ 389.767110] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.771945] ? trace_hardirqs_on_caller+0x310/0x310 [ 389.776957] ? prepare_exit_to_usermode+0x291/0x3b0 [ 389.781959] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 389.786793] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 389.791962] RIP: 0033:0x455b4a [ 389.795137] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 389.814033] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 389.821737] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 389.828986] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 389.836240] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 389.843491] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 389.850740] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 389.860019] Memory limit reached of cgroup /syz5 [ 389.865499] memory: usage 205864kB, limit 204800kB, failcnt 1526 [ 389.872088] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 389.879045] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 389.885254] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 389.905192] Out of memory and no killable processes... [ 389.911722] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 389.924606] syz-executor5 cpuset=syz5 mems_allowed=0 [ 389.929811] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 389.936984] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 389.946328] Call Trace: [ 389.948912] dump_stack+0x1c4/0x2b4 [ 389.952553] ? dump_stack_print_info.cold.2+0x52/0x52 [ 389.957746] dump_header+0x27b/0xf72 [ 389.961446] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 389.967229] ? kasan_check_read+0x11/0x20 [ 389.971360] ? pagefault_out_of_memory+0x197/0x197 [ 389.976272] ? rcu_read_unlock+0x33/0x60 [ 389.980314] ? mem_cgroup_iter+0x514/0x1160 [ 389.984619] ? find_held_lock+0x36/0x1c0 [ 389.988667] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 389.993424] ? mark_held_locks+0xc7/0x130 [ 389.997592] ? _raw_spin_unlock_irq+0x27/0x80 [ 390.002072] ? _raw_spin_unlock_irq+0x27/0x80 [ 390.006549] ? lockdep_hardirqs_on+0x421/0x5c0 [ 390.011114] ? trace_hardirqs_on+0xbd/0x310 [ 390.015418] ? kasan_check_read+0x11/0x20 [ 390.019570] ? css_task_iter_end+0x222/0x490 [ 390.023982] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 390.029432] ? kasan_check_write+0x14/0x20 [ 390.033648] ? do_raw_spin_lock+0xc1/0x200 [ 390.037878] ? _raw_spin_unlock_irq+0x60/0x80 [ 390.042353] ? css_task_iter_end+0x2ce/0x490 [ 390.046743] ? cgroup_procs_next+0x70/0x70 [ 390.050978] ? _raw_spin_unlock_irq+0x60/0x80 [ 390.055460] ? oom_badness+0xaa0/0xaa0 [ 390.059333] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 390.064087] ? mem_cgroup_iter_break+0x30/0x30 [ 390.068672] ? mark_held_locks+0xc7/0x130 [ 390.072804] out_of_memory.cold.30+0xf/0x184 [ 390.077209] ? lockdep_hardirqs_on+0x421/0x5c0 [ 390.081774] ? kasan_check_read+0x11/0x20 [ 390.085907] ? oom_killer_disable+0x3a0/0x3a0 [ 390.090505] ? kasan_check_write+0x14/0x20 [ 390.094725] ? do_raw_spin_lock+0xc1/0x200 [ 390.098972] mem_cgroup_out_of_memory+0x15e/0x210 [ 390.103798] ? memcg_memory_event+0x40/0x40 [ 390.108101] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 390.112946] ? page_counter_try_charge+0x1c1/0x220 [ 390.117857] try_charge+0xc43/0x1690 [ 390.121560] ? lock_downgrade+0x900/0x900 [ 390.125703] ? check_preemption_disabled+0x48/0x200 [ 390.130728] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 390.136769] ? find_held_lock+0x36/0x1c0 [ 390.140818] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 390.145658] ? lock_downgrade+0x900/0x900 [ 390.149790] ? check_preemption_disabled+0x48/0x200 [ 390.154803] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 390.160592] ? kasan_check_read+0x11/0x20 [ 390.164720] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 390.169994] ? rcu_bh_qs+0xc0/0xc0 [ 390.173521] ? get_mem_cgroup_from_mm+0x206/0x440 [ 390.178348] memcg_kmem_charge_memcg+0x7c/0x120 [ 390.182997] ? memcg_kmem_put_cache+0xb0/0xb0 [ 390.187473] ? print_usage_bug+0xc0/0xc0 [ 390.191522] memcg_kmem_charge+0x135/0x300 [ 390.195765] __alloc_pages_nodemask+0x72e/0xde0 [ 390.200426] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 390.205443] ? __lock_acquire+0x7ec/0x4ec0 [ 390.209664] ? check_preemption_disabled+0x48/0x200 [ 390.214662] ? graph_lock+0x170/0x170 [ 390.218445] ? find_held_lock+0x36/0x1c0 [ 390.222499] ? __lock_is_held+0xb5/0x140 [ 390.226541] ? lock_downgrade+0x900/0x900 [ 390.230676] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 390.236199] alloc_pages_current+0x10c/0x210 [ 390.240587] ? ___might_sleep+0x1ed/0x300 [ 390.244723] pte_alloc_one+0x1b/0x1a0 [ 390.248509] __pte_alloc+0x2a/0x350 [ 390.252119] copy_page_range+0x18c5/0x26b0 [ 390.256352] ? pmd_alloc+0x180/0x180 [ 390.260049] ? save_stack+0xa9/0xd0 [ 390.263668] ? save_stack+0x43/0xd0 [ 390.267272] ? kasan_slab_alloc+0x12/0x20 [ 390.271404] ? kmem_cache_alloc+0x12e/0x730 [ 390.275711] ? vm_area_dup+0x7a/0x230 [ 390.279491] ? copy_process+0x42a0/0x8780 [ 390.283619] ? _do_fork+0x1cb/0x11d0 [ 390.287315] ? __x64_sys_clone+0xbf/0x150 [ 390.291444] ? do_syscall_64+0x1b9/0x820 [ 390.295494] ? graph_lock+0x170/0x170 [ 390.299276] ? lock_downgrade+0x900/0x900 [ 390.303412] ? graph_lock+0x170/0x170 [ 390.307205] ? graph_lock+0x170/0x170 [ 390.311008] ? find_held_lock+0x36/0x1c0 [ 390.315055] ? copy_process+0x454b/0x8780 [ 390.319184] ? lock_downgrade+0x900/0x900 [ 390.323318] ? lock_release+0x970/0x970 [ 390.327276] ? arch_local_save_flags+0x40/0x40 [ 390.331842] ? dup_userfaultfd+0x6d8/0x890 [ 390.336062] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 390.341060] ? vma_compute_subtree_gap+0x160/0x240 [ 390.345973] ? validate_mm_rb+0xaa/0xc0 [ 390.349948] ? __vma_link_rb+0x26c/0x370 [ 390.353997] copy_process+0x4721/0x8780 [ 390.357972] ? __cleanup_sighand+0x70/0x70 [ 390.362197] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 390.367717] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 390.373238] ? page_swapcount+0x1d0/0x1d0 [ 390.377396] ? graph_lock+0x170/0x170 [ 390.381190] ? update_curr+0x4cf/0xbe0 [ 390.385063] ? __lock_acquire+0x7ec/0x4ec0 [ 390.389282] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 390.395064] ? __lock_is_held+0xb5/0x140 [ 390.399137] ? mark_held_locks+0x130/0x130 [ 390.403360] ? print_usage_bug+0xc0/0xc0 [ 390.407418] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 390.412941] ? check_preemption_disabled+0x48/0x200 [ 390.417943] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 390.423464] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 390.428810] ? print_usage_bug+0xc0/0xc0 [ 390.432857] ? __lock_acquire+0x7ec/0x4ec0 [ 390.437073] ? trace_hardirqs_on_caller+0x310/0x310 [ 390.442071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 390.447591] ? check_preemption_disabled+0x48/0x200 [ 390.452589] ? print_usage_bug+0xc0/0xc0 [ 390.456637] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 390.462156] ? reuse_swap_page+0x4bd/0x1520 [ 390.466464] ? swp_swapcount+0x530/0x530 [ 390.470514] ? find_held_lock+0x36/0x1c0 [ 390.474563] ? __lock_acquire+0x7ec/0x4ec0 [ 390.478778] ? mark_held_locks+0x130/0x130 [ 390.482999] ? finish_task_switch+0x1f5/0x900 [ 390.487490] ? __lock_acquire+0x7ec/0x4ec0 [ 390.491716] ? mark_held_locks+0x130/0x130 [ 390.495937] ? graph_lock+0x170/0x170 [ 390.499721] ? mark_held_locks+0x130/0x130 [ 390.503939] ? check_preemption_disabled+0x48/0x200 [ 390.508938] ? check_preemption_disabled+0x48/0x200 [ 390.513941] ? find_held_lock+0x36/0x1c0 [ 390.517987] ? print_usage_bug+0xc0/0xc0 [ 390.522035] ? print_usage_bug+0xc0/0xc0 [ 390.526080] ? do_wp_page+0xa6f/0x1390 [ 390.529952] ? lock_downgrade+0x900/0x900 [ 390.534086] ? wake_up_page_bit+0x6f0/0x6f0 [ 390.538393] ? kasan_check_read+0x11/0x20 [ 390.542535] ? __lock_acquire+0x7ec/0x4ec0 [ 390.546759] ? _raw_spin_unlock+0x2c/0x50 [ 390.550894] ? mark_held_locks+0x130/0x130 [ 390.555109] ? find_held_lock+0x36/0x1c0 [ 390.559156] ? lock_release+0x970/0x970 [ 390.563117] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 390.568640] ? kasan_check_write+0x14/0x20 [ 390.572861] ? do_raw_spin_lock+0xc1/0x200 [ 390.577087] ? error_exit+0xb/0x20 [ 390.580611] ? error_exit+0xb/0x20 [ 390.584133] ? trace_hardirqs_off_caller+0xbb/0x310 [ 390.589137] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.593962] ? trace_hardirqs_on_caller+0x310/0x310 [ 390.598987] ? graph_lock+0x170/0x170 [ 390.602799] ? graph_lock+0x170/0x170 [ 390.606588] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.611430] ? native_iret+0x7/0x7 [ 390.614969] ? find_held_lock+0x36/0x1c0 [ 390.619024] _do_fork+0x1cb/0x11d0 [ 390.622552] ? fork_idle+0x1d0/0x1d0 [ 390.626249] ? lock_downgrade+0x900/0x900 [ 390.630387] ? kasan_check_read+0x11/0x20 [ 390.634523] ? _copy_to_user+0xc8/0x110 [ 390.638490] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 390.644008] ? put_timespec64+0x10f/0x1b0 [ 390.648142] ? nsecs_to_jiffies+0x30/0x30 [ 390.652274] ? do_syscall_64+0x9a/0x820 [ 390.656231] ? do_syscall_64+0x9a/0x820 [ 390.660200] ? lockdep_hardirqs_on+0x421/0x5c0 [ 390.664779] ? trace_hardirqs_on+0xbd/0x310 [ 390.669097] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 390.674638] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 390.679992] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 390.685459] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 390.691012] __x64_sys_clone+0xbf/0x150 [ 390.694973] do_syscall_64+0x1b9/0x820 [ 390.698861] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 390.704253] ? syscall_return_slowpath+0x5e0/0x5e0 [ 390.709189] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.714015] ? trace_hardirqs_on_caller+0x310/0x310 [ 390.719018] ? prepare_exit_to_usermode+0x291/0x3b0 [ 390.724018] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 390.728859] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 390.734054] RIP: 0033:0x455b4a [ 390.737233] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 390.756114] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 390.763803] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 390.771059] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 390.778312] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 390.785565] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 390.792816] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 390.800510] Memory limit reached of cgroup /syz5 [ 390.805369] memory: usage 205764kB, limit 204800kB, failcnt 1534 [ 390.811519] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 390.818360] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 390.824523] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 390.844454] Out of memory and no killable processes... [ 390.851086] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 390.864002] syz-executor5 cpuset=syz5 mems_allowed=0 [ 390.869278] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 390.876455] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 390.885793] Call Trace: [ 390.888371] dump_stack+0x1c4/0x2b4 [ 390.891985] ? dump_stack_print_info.cold.2+0x52/0x52 [ 390.897164] dump_header+0x27b/0xf72 [ 390.900867] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 390.906648] ? kasan_check_read+0x11/0x20 [ 390.910786] ? pagefault_out_of_memory+0x197/0x197 [ 390.915708] ? rcu_read_unlock+0x33/0x60 [ 390.919755] ? mem_cgroup_iter+0x514/0x1160 [ 390.924058] ? find_held_lock+0x36/0x1c0 [ 390.928115] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 390.932855] ? mark_held_locks+0xc7/0x130 [ 390.936987] ? _raw_spin_unlock_irq+0x27/0x80 [ 390.941463] ? _raw_spin_unlock_irq+0x27/0x80 [ 390.945964] ? lockdep_hardirqs_on+0x421/0x5c0 [ 390.950528] ? trace_hardirqs_on+0xbd/0x310 [ 390.954830] ? kasan_check_read+0x11/0x20 [ 390.958963] ? css_task_iter_end+0x222/0x490 [ 390.963384] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 390.968824] ? kasan_check_write+0x14/0x20 [ 390.973041] ? do_raw_spin_lock+0xc1/0x200 [ 390.977297] ? _raw_spin_unlock_irq+0x60/0x80 [ 390.981774] ? css_task_iter_end+0x2ce/0x490 [ 390.986171] ? cgroup_procs_next+0x70/0x70 [ 390.990404] ? _raw_spin_unlock_irq+0x60/0x80 [ 390.994894] ? oom_badness+0xaa0/0xaa0 [ 390.998793] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 391.003536] ? mem_cgroup_iter_break+0x30/0x30 [ 391.008136] ? mark_held_locks+0xc7/0x130 [ 391.012273] out_of_memory.cold.30+0xf/0x184 [ 391.016665] ? lockdep_hardirqs_on+0x421/0x5c0 [ 391.021231] ? kasan_check_read+0x11/0x20 [ 391.025365] ? oom_killer_disable+0x3a0/0x3a0 [ 391.029854] ? kasan_check_write+0x14/0x20 [ 391.034070] ? do_raw_spin_lock+0xc1/0x200 [ 391.038291] mem_cgroup_out_of_memory+0x15e/0x210 [ 391.043116] ? memcg_memory_event+0x40/0x40 [ 391.047425] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 391.052258] ? page_counter_try_charge+0x1c1/0x220 [ 391.057172] try_charge+0xc43/0x1690 [ 391.060869] ? lock_downgrade+0x900/0x900 [ 391.065003] ? check_preemption_disabled+0x48/0x200 [ 391.070010] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 391.076055] ? find_held_lock+0x36/0x1c0 [ 391.080106] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 391.084931] ? lock_downgrade+0x900/0x900 [ 391.089067] ? check_preemption_disabled+0x48/0x200 [ 391.094107] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 391.099890] ? kasan_check_read+0x11/0x20 [ 391.104036] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 391.109298] ? rcu_bh_qs+0xc0/0xc0 [ 391.112833] ? get_mem_cgroup_from_mm+0x206/0x440 [ 391.117667] memcg_kmem_charge_memcg+0x7c/0x120 [ 391.122321] ? memcg_kmem_put_cache+0xb0/0xb0 [ 391.126823] ? print_usage_bug+0xc0/0xc0 [ 391.130873] memcg_kmem_charge+0x135/0x300 [ 391.135111] __alloc_pages_nodemask+0x72e/0xde0 [ 391.139771] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 391.144786] ? __lock_acquire+0x7ec/0x4ec0 [ 391.149006] ? check_preemption_disabled+0x48/0x200 [ 391.154006] ? graph_lock+0x170/0x170 [ 391.157785] ? find_held_lock+0x36/0x1c0 [ 391.161837] ? __lock_is_held+0xb5/0x140 [ 391.165878] ? lock_downgrade+0x900/0x900 [ 391.170032] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 391.175552] alloc_pages_current+0x10c/0x210 [ 391.179943] ? ___might_sleep+0x1ed/0x300 [ 391.184088] pte_alloc_one+0x1b/0x1a0 [ 391.187874] __pte_alloc+0x2a/0x350 [ 391.191507] copy_page_range+0x18c5/0x26b0 [ 391.195739] ? pmd_alloc+0x180/0x180 [ 391.199439] ? save_stack+0xa9/0xd0 [ 391.203045] ? save_stack+0x43/0xd0 [ 391.206654] ? kasan_slab_alloc+0x12/0x20 [ 391.210781] ? kmem_cache_alloc+0x12e/0x730 [ 391.215082] ? vm_area_dup+0x7a/0x230 [ 391.218861] ? copy_process+0x42a0/0x8780 [ 391.222992] ? _do_fork+0x1cb/0x11d0 [ 391.226689] ? __x64_sys_clone+0xbf/0x150 [ 391.230834] ? do_syscall_64+0x1b9/0x820 [ 391.234887] ? graph_lock+0x170/0x170 [ 391.238669] ? lock_downgrade+0x900/0x900 [ 391.242797] ? graph_lock+0x170/0x170 [ 391.246584] ? graph_lock+0x170/0x170 [ 391.250372] ? find_held_lock+0x36/0x1c0 [ 391.254428] ? copy_process+0x454b/0x8780 [ 391.258583] ? lock_downgrade+0x900/0x900 [ 391.262716] ? lock_release+0x970/0x970 [ 391.266671] ? arch_local_save_flags+0x40/0x40 [ 391.271237] ? dup_userfaultfd+0x6d8/0x890 [ 391.275484] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 391.280506] ? vma_compute_subtree_gap+0x160/0x240 [ 391.285441] ? validate_mm_rb+0xaa/0xc0 [ 391.289425] ? __vma_link_rb+0x26c/0x370 [ 391.293494] copy_process+0x4721/0x8780 [ 391.297489] ? __cleanup_sighand+0x70/0x70 [ 391.301708] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 391.307251] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 391.312792] ? page_swapcount+0x1d0/0x1d0 [ 391.316925] ? graph_lock+0x170/0x170 [ 391.320706] ? update_curr+0x4cf/0xbe0 [ 391.324577] ? __lock_acquire+0x7ec/0x4ec0 [ 391.328795] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 391.334575] ? __lock_is_held+0xb5/0x140 [ 391.338621] ? mark_held_locks+0x130/0x130 [ 391.342841] ? print_usage_bug+0xc0/0xc0 [ 391.346889] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.352421] ? check_preemption_disabled+0x48/0x200 [ 391.357429] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.362960] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 391.368314] ? print_usage_bug+0xc0/0xc0 [ 391.372364] ? __lock_acquire+0x7ec/0x4ec0 [ 391.376586] ? trace_hardirqs_on_caller+0x310/0x310 [ 391.381587] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.387109] ? check_preemption_disabled+0x48/0x200 [ 391.392108] ? print_usage_bug+0xc0/0xc0 [ 391.396155] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.401677] ? reuse_swap_page+0x4bd/0x1520 [ 391.405984] ? swp_swapcount+0x530/0x530 [ 391.410027] ? find_held_lock+0x36/0x1c0 [ 391.414071] ? __lock_acquire+0x7ec/0x4ec0 [ 391.418284] ? mark_held_locks+0x130/0x130 [ 391.422502] ? finish_task_switch+0x1f5/0x900 [ 391.426982] ? __lock_acquire+0x7ec/0x4ec0 [ 391.431204] ? mark_held_locks+0x130/0x130 [ 391.435429] ? graph_lock+0x170/0x170 [ 391.439211] ? mark_held_locks+0x130/0x130 [ 391.443431] ? check_preemption_disabled+0x48/0x200 [ 391.448433] ? check_preemption_disabled+0x48/0x200 [ 391.453439] ? find_held_lock+0x36/0x1c0 [ 391.457490] ? print_usage_bug+0xc0/0xc0 [ 391.461532] ? print_usage_bug+0xc0/0xc0 [ 391.465577] ? do_wp_page+0xa6f/0x1390 [ 391.469458] ? lock_downgrade+0x900/0x900 [ 391.473590] ? wake_up_page_bit+0x6f0/0x6f0 [ 391.477908] ? kasan_check_read+0x11/0x20 [ 391.482044] ? __lock_acquire+0x7ec/0x4ec0 [ 391.486267] ? _raw_spin_unlock+0x2c/0x50 [ 391.490403] ? mark_held_locks+0x130/0x130 [ 391.494628] ? find_held_lock+0x36/0x1c0 [ 391.498673] ? lock_release+0x970/0x970 [ 391.502633] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 391.508195] ? kasan_check_write+0x14/0x20 [ 391.512424] ? do_raw_spin_lock+0xc1/0x200 [ 391.516650] ? error_exit+0xb/0x20 [ 391.520172] ? error_exit+0xb/0x20 [ 391.523695] ? trace_hardirqs_off_caller+0xbb/0x310 [ 391.528701] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.533530] ? trace_hardirqs_on_caller+0x310/0x310 [ 391.538532] ? graph_lock+0x170/0x170 [ 391.542316] ? graph_lock+0x170/0x170 [ 391.546123] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.550979] ? native_iret+0x7/0x7 [ 391.554513] ? find_held_lock+0x36/0x1c0 [ 391.558563] _do_fork+0x1cb/0x11d0 [ 391.562091] ? fork_idle+0x1d0/0x1d0 [ 391.565785] ? lock_downgrade+0x900/0x900 [ 391.570061] ? kasan_check_read+0x11/0x20 [ 391.574192] ? _copy_to_user+0xc8/0x110 [ 391.578151] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 391.583671] ? put_timespec64+0x10f/0x1b0 [ 391.587800] ? nsecs_to_jiffies+0x30/0x30 [ 391.591943] ? do_syscall_64+0x9a/0x820 [ 391.595900] ? do_syscall_64+0x9a/0x820 [ 391.599856] ? lockdep_hardirqs_on+0x421/0x5c0 [ 391.604629] ? trace_hardirqs_on+0xbd/0x310 [ 391.608952] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.614473] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 391.619846] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 391.625281] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 391.630807] __x64_sys_clone+0xbf/0x150 [ 391.634782] do_syscall_64+0x1b9/0x820 [ 391.638653] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 391.644001] ? syscall_return_slowpath+0x5e0/0x5e0 [ 391.648922] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.653772] ? trace_hardirqs_on_caller+0x310/0x310 [ 391.658772] ? prepare_exit_to_usermode+0x291/0x3b0 [ 391.663774] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 391.668602] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 391.673770] RIP: 0033:0x455b4a [ 391.676950] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 391.695843] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 391.703535] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 391.710805] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 391.718058] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 391.725545] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 391.732795] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 391.740710] Memory limit reached of cgroup /syz5 [ 391.745573] memory: usage 205764kB, limit 204800kB, failcnt 1542 [ 391.751716] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 391.758524] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 391.764671] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 391.784558] Out of memory and no killable processes... [ 391.791308] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 391.804191] syz-executor5 cpuset=syz5 mems_allowed=0 [ 391.809445] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 391.816640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 391.825973] Call Trace: [ 391.828576] dump_stack+0x1c4/0x2b4 [ 391.832195] ? dump_stack_print_info.cold.2+0x52/0x52 [ 391.837375] dump_header+0x27b/0xf72 [ 391.841073] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 391.846854] ? kasan_check_read+0x11/0x20 [ 391.850990] ? pagefault_out_of_memory+0x197/0x197 [ 391.855907] ? rcu_read_unlock+0x33/0x60 [ 391.859952] ? mem_cgroup_iter+0x514/0x1160 [ 391.864282] ? find_held_lock+0x36/0x1c0 [ 391.868337] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 391.873076] ? mark_held_locks+0xc7/0x130 [ 391.877206] ? _raw_spin_unlock_irq+0x27/0x80 [ 391.881702] ? _raw_spin_unlock_irq+0x27/0x80 [ 391.886181] ? lockdep_hardirqs_on+0x421/0x5c0 [ 391.890746] ? trace_hardirqs_on+0xbd/0x310 [ 391.895069] ? kasan_check_read+0x11/0x20 [ 391.899209] ? css_task_iter_end+0x222/0x490 [ 391.903599] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 391.909034] ? kasan_check_write+0x14/0x20 [ 391.913254] ? do_raw_spin_lock+0xc1/0x200 [ 391.917473] ? _raw_spin_unlock_irq+0x60/0x80 [ 391.921954] ? css_task_iter_end+0x2ce/0x490 [ 391.926347] ? cgroup_procs_next+0x70/0x70 [ 391.930569] ? _raw_spin_unlock_irq+0x60/0x80 [ 391.935053] ? oom_badness+0xaa0/0xaa0 [ 391.938927] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 391.943667] ? mem_cgroup_iter_break+0x30/0x30 [ 391.948241] ? mark_held_locks+0xc7/0x130 [ 391.952375] out_of_memory.cold.30+0xf/0x184 [ 391.956766] ? lockdep_hardirqs_on+0x421/0x5c0 [ 391.961332] ? kasan_check_read+0x11/0x20 [ 391.965466] ? oom_killer_disable+0x3a0/0x3a0 [ 391.969954] ? kasan_check_write+0x14/0x20 [ 391.974172] ? do_raw_spin_lock+0xc1/0x200 [ 391.978424] mem_cgroup_out_of_memory+0x15e/0x210 [ 391.983252] ? memcg_memory_event+0x40/0x40 [ 391.987554] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 391.992382] ? page_counter_try_charge+0x1c1/0x220 [ 391.997300] try_charge+0xc43/0x1690 [ 392.001000] ? lock_downgrade+0x900/0x900 [ 392.005133] ? check_preemption_disabled+0x48/0x200 [ 392.010135] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 392.016179] ? find_held_lock+0x36/0x1c0 [ 392.020234] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 392.025073] ? lock_downgrade+0x900/0x900 [ 392.029225] ? check_preemption_disabled+0x48/0x200 [ 392.034231] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 392.040030] ? kasan_check_read+0x11/0x20 [ 392.044163] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 392.049433] ? rcu_bh_qs+0xc0/0xc0 [ 392.052968] ? get_mem_cgroup_from_mm+0x206/0x440 [ 392.057803] memcg_kmem_charge_memcg+0x7c/0x120 [ 392.062456] ? memcg_kmem_put_cache+0xb0/0xb0 [ 392.066945] ? print_usage_bug+0xc0/0xc0 [ 392.071011] memcg_kmem_charge+0x135/0x300 [ 392.075233] __alloc_pages_nodemask+0x72e/0xde0 [ 392.079887] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 392.084885] ? __lock_acquire+0x7ec/0x4ec0 [ 392.089107] ? check_preemption_disabled+0x48/0x200 [ 392.094106] ? graph_lock+0x170/0x170 [ 392.097888] ? find_held_lock+0x36/0x1c0 [ 392.101938] ? __lock_is_held+0xb5/0x140 [ 392.105983] ? lock_downgrade+0x900/0x900 [ 392.110120] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 392.115642] alloc_pages_current+0x10c/0x210 [ 392.120033] ? ___might_sleep+0x1ed/0x300 [ 392.124165] pte_alloc_one+0x1b/0x1a0 [ 392.127952] __pte_alloc+0x2a/0x350 [ 392.131565] copy_page_range+0x18c5/0x26b0 [ 392.135806] ? pmd_alloc+0x180/0x180 [ 392.139511] ? save_stack+0xa9/0xd0 [ 392.143120] ? save_stack+0x43/0xd0 [ 392.146730] ? kasan_slab_alloc+0x12/0x20 [ 392.150860] ? kmem_cache_alloc+0x12e/0x730 [ 392.155176] ? vm_area_dup+0x7a/0x230 [ 392.158955] ? copy_process+0x42a0/0x8780 [ 392.163084] ? _do_fork+0x1cb/0x11d0 [ 392.166777] ? __x64_sys_clone+0xbf/0x150 [ 392.170906] ? do_syscall_64+0x1b9/0x820 [ 392.174956] ? graph_lock+0x170/0x170 [ 392.178758] ? lock_downgrade+0x900/0x900 [ 392.182890] ? graph_lock+0x170/0x170 [ 392.186674] ? kasan_check_read+0x11/0x20 [ 392.190804] ? graph_lock+0x170/0x170 [ 392.194592] ? find_held_lock+0x36/0x1c0 [ 392.198639] ? copy_process+0x454b/0x8780 [ 392.202770] ? lock_downgrade+0x900/0x900 [ 392.206930] ? lock_release+0x970/0x970 [ 392.210885] ? arch_local_save_flags+0x40/0x40 [ 392.215466] ? dup_userfaultfd+0x6d8/0x890 [ 392.219714] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 392.224712] ? vma_compute_subtree_gap+0x160/0x240 [ 392.229624] ? validate_mm_rb+0xaa/0xc0 [ 392.233585] ? __vma_link_rb+0x26c/0x370 [ 392.237631] copy_process+0x4721/0x8780 [ 392.241608] ? __cleanup_sighand+0x70/0x70 [ 392.245830] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 392.251352] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 392.256905] ? page_swapcount+0x1d0/0x1d0 [ 392.261048] ? graph_lock+0x170/0x170 [ 392.264830] ? update_curr+0x4cf/0xbe0 [ 392.268703] ? __lock_acquire+0x7ec/0x4ec0 [ 392.272939] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 392.278722] ? __lock_is_held+0xb5/0x140 [ 392.282766] ? mark_held_locks+0x130/0x130 [ 392.287002] ? print_usage_bug+0xc0/0xc0 [ 392.291063] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.296584] ? check_preemption_disabled+0x48/0x200 [ 392.301590] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.307110] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 392.312460] ? print_usage_bug+0xc0/0xc0 [ 392.316521] ? __lock_acquire+0x7ec/0x4ec0 [ 392.320738] ? trace_hardirqs_on_caller+0x310/0x310 [ 392.325748] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.331284] ? check_preemption_disabled+0x48/0x200 [ 392.336326] ? print_usage_bug+0xc0/0xc0 [ 392.340402] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.345951] ? reuse_swap_page+0x4bd/0x1520 [ 392.350262] ? swp_swapcount+0x530/0x530 [ 392.354306] ? find_held_lock+0x36/0x1c0 [ 392.358364] ? __lock_acquire+0x7ec/0x4ec0 [ 392.362581] ? mark_held_locks+0x130/0x130 [ 392.366807] ? finish_task_switch+0x1f5/0x900 [ 392.371292] ? __lock_acquire+0x7ec/0x4ec0 [ 392.375516] ? mark_held_locks+0x130/0x130 [ 392.379735] ? graph_lock+0x170/0x170 [ 392.383525] ? mark_held_locks+0x130/0x130 [ 392.387767] ? check_preemption_disabled+0x48/0x200 [ 392.392766] ? check_preemption_disabled+0x48/0x200 [ 392.397768] ? find_held_lock+0x36/0x1c0 [ 392.401810] ? print_usage_bug+0xc0/0xc0 [ 392.405860] ? print_usage_bug+0xc0/0xc0 [ 392.409906] ? do_wp_page+0xa6f/0x1390 [ 392.413779] ? lock_downgrade+0x900/0x900 [ 392.417911] ? wake_up_page_bit+0x6f0/0x6f0 [ 392.422217] ? kasan_check_read+0x11/0x20 [ 392.426351] ? __lock_acquire+0x7ec/0x4ec0 [ 392.430567] ? _raw_spin_unlock+0x2c/0x50 [ 392.434704] ? mark_held_locks+0x130/0x130 [ 392.438921] ? find_held_lock+0x36/0x1c0 [ 392.442968] ? lock_release+0x970/0x970 [ 392.446930] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 392.452452] ? kasan_check_write+0x14/0x20 [ 392.456676] ? do_raw_spin_lock+0xc1/0x200 [ 392.460899] ? error_exit+0xb/0x20 [ 392.464442] ? error_exit+0xb/0x20 [ 392.467969] ? trace_hardirqs_off_caller+0xbb/0x310 [ 392.472969] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.477794] ? trace_hardirqs_on_caller+0x310/0x310 [ 392.482795] ? graph_lock+0x170/0x170 [ 392.486600] ? graph_lock+0x170/0x170 [ 392.490404] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.495239] ? native_iret+0x7/0x7 [ 392.498765] ? find_held_lock+0x36/0x1c0 [ 392.502815] _do_fork+0x1cb/0x11d0 [ 392.506339] ? fork_idle+0x1d0/0x1d0 [ 392.510034] ? lock_downgrade+0x900/0x900 [ 392.514172] ? kasan_check_read+0x11/0x20 [ 392.518303] ? _copy_to_user+0xc8/0x110 [ 392.522280] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 392.527805] ? put_timespec64+0x10f/0x1b0 [ 392.531944] ? nsecs_to_jiffies+0x30/0x30 [ 392.536092] ? do_syscall_64+0x9a/0x820 [ 392.540048] ? do_syscall_64+0x9a/0x820 [ 392.544008] ? lockdep_hardirqs_on+0x421/0x5c0 [ 392.548573] ? trace_hardirqs_on+0xbd/0x310 [ 392.552878] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.558400] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 392.563757] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 392.569189] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 392.574714] __x64_sys_clone+0xbf/0x150 [ 392.578679] do_syscall_64+0x1b9/0x820 [ 392.582554] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 392.587902] ? syscall_return_slowpath+0x5e0/0x5e0 [ 392.592819] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.597668] ? trace_hardirqs_on_caller+0x310/0x310 [ 392.602684] ? prepare_exit_to_usermode+0x291/0x3b0 [ 392.607701] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 392.612569] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 392.617753] RIP: 0033:0x455b4a [ 392.620937] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 392.639830] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 392.647580] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 392.654845] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 392.662114] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 392.669375] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 392.676658] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 392.685149] Memory limit reached of cgroup /syz5 [ 392.689996] memory: usage 205768kB, limit 204800kB, failcnt 1550 [ 392.696219] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 392.702977] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 392.709180] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 392.729159] Out of memory and no killable processes... [ 392.735889] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 392.748819] syz-executor5 cpuset=syz5 mems_allowed=0 [ 392.753931] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 392.761098] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 392.770466] Call Trace: [ 392.773067] dump_stack+0x1c4/0x2b4 [ 392.776683] ? dump_stack_print_info.cold.2+0x52/0x52 [ 392.781865] dump_header+0x27b/0xf72 [ 392.785568] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 392.791363] ? kasan_check_read+0x11/0x20 [ 392.795511] ? pagefault_out_of_memory+0x197/0x197 [ 392.800436] ? rcu_read_unlock+0x33/0x60 [ 392.804511] ? mem_cgroup_iter+0x514/0x1160 [ 392.808825] ? find_held_lock+0x36/0x1c0 [ 392.812874] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 392.817618] ? mark_held_locks+0xc7/0x130 [ 392.821751] ? _raw_spin_unlock_irq+0x27/0x80 [ 392.826225] ? _raw_spin_unlock_irq+0x27/0x80 [ 392.830705] ? lockdep_hardirqs_on+0x421/0x5c0 [ 392.835272] ? trace_hardirqs_on+0xbd/0x310 [ 392.839596] ? kasan_check_read+0x11/0x20 [ 392.843730] ? css_task_iter_end+0x222/0x490 [ 392.848149] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 392.853589] ? kasan_check_write+0x14/0x20 [ 392.857817] ? do_raw_spin_lock+0xc1/0x200 [ 392.862041] ? _raw_spin_unlock_irq+0x60/0x80 [ 392.866536] ? css_task_iter_end+0x2ce/0x490 [ 392.870955] ? cgroup_procs_next+0x70/0x70 [ 392.875177] ? _raw_spin_unlock_irq+0x60/0x80 [ 392.879656] ? oom_badness+0xaa0/0xaa0 [ 392.883528] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 392.888267] ? mem_cgroup_iter_break+0x30/0x30 [ 392.892841] ? mark_held_locks+0xc7/0x130 [ 392.896999] out_of_memory.cold.30+0xf/0x184 [ 392.901399] ? lockdep_hardirqs_on+0x421/0x5c0 [ 392.905976] ? kasan_check_read+0x11/0x20 [ 392.910110] ? oom_killer_disable+0x3a0/0x3a0 [ 392.914587] ? kasan_check_write+0x14/0x20 [ 392.918806] ? do_raw_spin_lock+0xc1/0x200 [ 392.923051] mem_cgroup_out_of_memory+0x15e/0x210 [ 392.927876] ? memcg_memory_event+0x40/0x40 [ 392.932204] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 392.937039] ? page_counter_try_charge+0x1c1/0x220 [ 392.941957] try_charge+0xc43/0x1690 [ 392.945660] ? lock_downgrade+0x900/0x900 [ 392.949791] ? check_preemption_disabled+0x48/0x200 [ 392.954796] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 392.960843] ? find_held_lock+0x36/0x1c0 [ 392.964893] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 392.969719] ? lock_downgrade+0x900/0x900 [ 392.973854] ? check_preemption_disabled+0x48/0x200 [ 392.978861] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 392.984655] ? kasan_check_read+0x11/0x20 [ 392.988801] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 392.994070] ? rcu_bh_qs+0xc0/0xc0 [ 392.997602] ? get_mem_cgroup_from_mm+0x206/0x440 [ 393.002438] memcg_kmem_charge_memcg+0x7c/0x120 [ 393.007115] ? memcg_kmem_put_cache+0xb0/0xb0 [ 393.011600] ? print_usage_bug+0xc0/0xc0 [ 393.015646] memcg_kmem_charge+0x135/0x300 [ 393.019870] __alloc_pages_nodemask+0x72e/0xde0 [ 393.024633] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 393.029639] ? __lock_acquire+0x7ec/0x4ec0 [ 393.033861] ? check_preemption_disabled+0x48/0x200 [ 393.038862] ? graph_lock+0x170/0x170 [ 393.042652] ? find_held_lock+0x36/0x1c0 [ 393.046710] ? __lock_is_held+0xb5/0x140 [ 393.050756] ? lock_downgrade+0x900/0x900 [ 393.054899] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 393.060427] alloc_pages_current+0x10c/0x210 [ 393.064821] ? ___might_sleep+0x1ed/0x300 [ 393.068954] pte_alloc_one+0x1b/0x1a0 [ 393.072741] __pte_alloc+0x2a/0x350 [ 393.076352] copy_page_range+0x18c5/0x26b0 [ 393.080585] ? pmd_alloc+0x180/0x180 [ 393.084286] ? save_stack+0xa9/0xd0 [ 393.087894] ? save_stack+0x43/0xd0 [ 393.091503] ? kasan_slab_alloc+0x12/0x20 [ 393.095633] ? kmem_cache_alloc+0x12e/0x730 [ 393.099936] ? vm_area_dup+0x7a/0x230 [ 393.103717] ? copy_process+0x42a0/0x8780 [ 393.107847] ? _do_fork+0x1cb/0x11d0 [ 393.111548] ? __x64_sys_clone+0xbf/0x150 [ 393.115682] ? do_syscall_64+0x1b9/0x820 [ 393.119737] ? graph_lock+0x170/0x170 [ 393.123524] ? lock_downgrade+0x900/0x900 [ 393.127656] ? graph_lock+0x170/0x170 [ 393.131440] ? graph_lock+0x170/0x170 [ 393.135228] ? find_held_lock+0x36/0x1c0 [ 393.139276] ? copy_process+0x454b/0x8780 [ 393.143416] ? lock_downgrade+0x900/0x900 [ 393.147573] ? lock_release+0x970/0x970 [ 393.151542] ? arch_local_save_flags+0x40/0x40 [ 393.156106] ? dup_userfaultfd+0x6d8/0x890 [ 393.160355] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 393.165418] ? vma_compute_subtree_gap+0x160/0x240 [ 393.170336] ? validate_mm_rb+0xaa/0xc0 [ 393.174317] ? __vma_link_rb+0x26c/0x370 [ 393.178383] copy_process+0x4721/0x8780 [ 393.182368] ? __cleanup_sighand+0x70/0x70 [ 393.186593] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 393.192112] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 393.197636] ? page_swapcount+0x1d0/0x1d0 [ 393.201767] ? graph_lock+0x170/0x170 [ 393.205549] ? update_curr+0x4cf/0xbe0 [ 393.209427] ? __lock_acquire+0x7ec/0x4ec0 [ 393.213646] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 393.219432] ? __lock_is_held+0xb5/0x140 [ 393.223496] ? mark_held_locks+0x130/0x130 [ 393.227718] ? print_usage_bug+0xc0/0xc0 [ 393.231761] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.237283] ? check_preemption_disabled+0x48/0x200 [ 393.242284] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.247812] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 393.253176] ? print_usage_bug+0xc0/0xc0 [ 393.257243] ? __lock_acquire+0x7ec/0x4ec0 [ 393.261485] ? trace_hardirqs_on_caller+0x310/0x310 [ 393.266492] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.272014] ? check_preemption_disabled+0x48/0x200 [ 393.277011] ? print_usage_bug+0xc0/0xc0 [ 393.281057] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.286613] ? reuse_swap_page+0x4bd/0x1520 [ 393.290921] ? swp_swapcount+0x530/0x530 [ 393.294970] ? find_held_lock+0x36/0x1c0 [ 393.299021] ? __lock_acquire+0x7ec/0x4ec0 [ 393.303236] ? mark_held_locks+0x130/0x130 [ 393.307459] ? finish_task_switch+0x1f5/0x900 [ 393.311953] ? __lock_acquire+0x7ec/0x4ec0 [ 393.316177] ? mark_held_locks+0x130/0x130 [ 393.320395] ? graph_lock+0x170/0x170 [ 393.324189] ? mark_held_locks+0x130/0x130 [ 393.328423] ? check_preemption_disabled+0x48/0x200 [ 393.333451] ? check_preemption_disabled+0x48/0x200 [ 393.338466] ? find_held_lock+0x36/0x1c0 [ 393.342522] ? print_usage_bug+0xc0/0xc0 [ 393.346567] ? print_usage_bug+0xc0/0xc0 [ 393.350611] ? do_wp_page+0xa6f/0x1390 [ 393.354486] ? lock_downgrade+0x900/0x900 [ 393.358616] ? wake_up_page_bit+0x6f0/0x6f0 [ 393.362919] ? kasan_check_read+0x11/0x20 [ 393.367083] ? __lock_acquire+0x7ec/0x4ec0 [ 393.371331] ? _raw_spin_unlock+0x2c/0x50 [ 393.375474] ? mark_held_locks+0x130/0x130 [ 393.379697] ? find_held_lock+0x36/0x1c0 [ 393.383745] ? lock_release+0x970/0x970 [ 393.387705] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 393.393226] ? kasan_check_write+0x14/0x20 [ 393.397447] ? do_raw_spin_lock+0xc1/0x200 [ 393.401665] ? error_exit+0xb/0x20 [ 393.405186] ? error_exit+0xb/0x20 [ 393.408708] ? trace_hardirqs_off_caller+0xbb/0x310 [ 393.413729] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.419250] ? trace_hardirqs_on_caller+0x310/0x310 [ 393.424249] ? graph_lock+0x170/0x170 [ 393.428029] ? graph_lock+0x170/0x170 [ 393.431817] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.436645] ? native_iret+0x7/0x7 [ 393.440176] ? find_held_lock+0x36/0x1c0 [ 393.444248] _do_fork+0x1cb/0x11d0 [ 393.447781] ? fork_idle+0x1d0/0x1d0 [ 393.451485] ? lock_downgrade+0x900/0x900 [ 393.455622] ? kasan_check_read+0x11/0x20 [ 393.459767] ? _copy_to_user+0xc8/0x110 [ 393.463730] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 393.469249] ? put_timespec64+0x10f/0x1b0 [ 393.473383] ? nsecs_to_jiffies+0x30/0x30 [ 393.477518] ? do_syscall_64+0x9a/0x820 [ 393.481475] ? do_syscall_64+0x9a/0x820 [ 393.485455] ? lockdep_hardirqs_on+0x421/0x5c0 [ 393.490041] ? trace_hardirqs_on+0xbd/0x310 [ 393.494344] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.499865] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 393.505227] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 393.510665] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 393.516206] __x64_sys_clone+0xbf/0x150 [ 393.520169] do_syscall_64+0x1b9/0x820 [ 393.524041] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 393.529392] ? syscall_return_slowpath+0x5e0/0x5e0 [ 393.534308] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.539135] ? trace_hardirqs_on_caller+0x310/0x310 [ 393.544137] ? prepare_exit_to_usermode+0x291/0x3b0 [ 393.549157] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 393.553990] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 393.559177] RIP: 0033:0x455b4a [ 393.562354] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 393.581247] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 393.588948] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 393.596196] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 393.603448] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 393.610928] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 393.618180] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 393.625863] Memory limit reached of cgroup /syz5 [ 393.630675] memory: usage 205772kB, limit 204800kB, failcnt 1558 [ 393.636930] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 393.643692] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 393.649893] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 393.669831] Out of memory and no killable processes... [ 393.676439] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 393.689330] syz-executor5 cpuset=syz5 mems_allowed=0 [ 393.694475] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 393.701659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 393.710993] Call Trace: [ 393.713803] dump_stack+0x1c4/0x2b4 [ 393.717421] ? dump_stack_print_info.cold.2+0x52/0x52 [ 393.722602] dump_header+0x27b/0xf72 [ 393.726304] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 393.732083] ? kasan_check_read+0x11/0x20 [ 393.736215] ? pagefault_out_of_memory+0x197/0x197 [ 393.741133] ? rcu_read_unlock+0x33/0x60 [ 393.745176] ? mem_cgroup_iter+0x514/0x1160 [ 393.749485] ? find_held_lock+0x36/0x1c0 [ 393.753531] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 393.758271] ? mark_held_locks+0xc7/0x130 [ 393.762419] ? _raw_spin_unlock_irq+0x27/0x80 [ 393.766900] ? _raw_spin_unlock_irq+0x27/0x80 [ 393.771380] ? lockdep_hardirqs_on+0x421/0x5c0 [ 393.775945] ? trace_hardirqs_on+0xbd/0x310 [ 393.780250] ? kasan_check_read+0x11/0x20 [ 393.784382] ? css_task_iter_end+0x222/0x490 [ 393.788800] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 393.794234] ? kasan_check_write+0x14/0x20 [ 393.798453] ? do_raw_spin_lock+0xc1/0x200 [ 393.802680] ? _raw_spin_unlock_irq+0x60/0x80 [ 393.807158] ? css_task_iter_end+0x2ce/0x490 [ 393.811570] ? cgroup_procs_next+0x70/0x70 [ 393.815793] ? _raw_spin_unlock_irq+0x60/0x80 [ 393.820272] ? oom_badness+0xaa0/0xaa0 [ 393.824159] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 393.828935] ? mem_cgroup_iter_break+0x30/0x30 [ 393.833520] ? mark_held_locks+0xc7/0x130 [ 393.837655] out_of_memory.cold.30+0xf/0x184 [ 393.842047] ? lockdep_hardirqs_on+0x421/0x5c0 [ 393.846616] ? kasan_check_read+0x11/0x20 [ 393.850749] ? oom_killer_disable+0x3a0/0x3a0 [ 393.855229] ? kasan_check_write+0x14/0x20 [ 393.859445] ? do_raw_spin_lock+0xc1/0x200 [ 393.863670] mem_cgroup_out_of_memory+0x15e/0x210 [ 393.868501] ? memcg_memory_event+0x40/0x40 [ 393.872804] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 393.877635] ? page_counter_try_charge+0x1c1/0x220 [ 393.882546] try_charge+0xc43/0x1690 [ 393.886263] ? lock_downgrade+0x900/0x900 [ 393.890399] ? check_preemption_disabled+0x48/0x200 [ 393.895433] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 393.901486] ? find_held_lock+0x36/0x1c0 [ 393.905531] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 393.910359] ? lock_downgrade+0x900/0x900 [ 393.914492] ? check_preemption_disabled+0x48/0x200 [ 393.919521] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 393.925314] ? kasan_check_read+0x11/0x20 [ 393.929463] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 393.934737] ? rcu_bh_qs+0xc0/0xc0 [ 393.938271] ? get_mem_cgroup_from_mm+0x206/0x440 [ 393.943118] memcg_kmem_charge_memcg+0x7c/0x120 [ 393.947773] ? memcg_kmem_put_cache+0xb0/0xb0 [ 393.952251] ? print_usage_bug+0xc0/0xc0 [ 393.956297] memcg_kmem_charge+0x135/0x300 [ 393.960542] __alloc_pages_nodemask+0x72e/0xde0 [ 393.965200] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 393.970200] ? __lock_acquire+0x7ec/0x4ec0 [ 393.974425] ? check_preemption_disabled+0x48/0x200 [ 393.979428] ? graph_lock+0x170/0x170 [ 393.983208] ? find_held_lock+0x36/0x1c0 [ 393.987262] ? __lock_is_held+0xb5/0x140 [ 393.991318] ? lock_downgrade+0x900/0x900 [ 393.995451] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 394.000972] alloc_pages_current+0x10c/0x210 [ 394.005363] ? ___might_sleep+0x1ed/0x300 [ 394.009499] pte_alloc_one+0x1b/0x1a0 [ 394.013285] __pte_alloc+0x2a/0x350 [ 394.016896] copy_page_range+0x18c5/0x26b0 [ 394.021141] ? pmd_alloc+0x180/0x180 [ 394.024850] ? save_stack+0xa9/0xd0 [ 394.028462] ? save_stack+0x43/0xd0 [ 394.032074] ? kasan_slab_alloc+0x12/0x20 [ 394.036207] ? kmem_cache_alloc+0x12e/0x730 [ 394.040508] ? vm_area_dup+0x7a/0x230 [ 394.044291] ? copy_process+0x42a0/0x8780 [ 394.048425] ? _do_fork+0x1cb/0x11d0 [ 394.052122] ? __x64_sys_clone+0xbf/0x150 [ 394.056254] ? do_syscall_64+0x1b9/0x820 [ 394.060304] ? graph_lock+0x170/0x170 [ 394.064089] ? lock_downgrade+0x900/0x900 [ 394.068219] ? graph_lock+0x170/0x170 [ 394.072008] ? graph_lock+0x170/0x170 [ 394.075793] ? find_held_lock+0x36/0x1c0 [ 394.079856] ? copy_process+0x454b/0x8780 [ 394.083987] ? lock_downgrade+0x900/0x900 [ 394.088126] ? lock_release+0x970/0x970 [ 394.092093] ? arch_local_save_flags+0x40/0x40 [ 394.096663] ? dup_userfaultfd+0x6d8/0x890 [ 394.100904] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 394.105908] ? vma_compute_subtree_gap+0x160/0x240 [ 394.110840] ? validate_mm_rb+0xaa/0xc0 [ 394.114798] ? __vma_link_rb+0x26c/0x370 [ 394.118845] copy_process+0x4721/0x8780 [ 394.122820] ? __cleanup_sighand+0x70/0x70 [ 394.127044] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 394.132579] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 394.138126] ? page_swapcount+0x1d0/0x1d0 [ 394.142264] ? graph_lock+0x170/0x170 [ 394.146057] ? update_curr+0x4cf/0xbe0 [ 394.149936] ? __lock_acquire+0x7ec/0x4ec0 [ 394.154184] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 394.159979] ? __lock_is_held+0xb5/0x140 [ 394.164046] ? mark_held_locks+0x130/0x130 [ 394.168288] ? print_usage_bug+0xc0/0xc0 [ 394.172340] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.177865] ? check_preemption_disabled+0x48/0x200 [ 394.182870] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.188406] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 394.193766] ? print_usage_bug+0xc0/0xc0 [ 394.197816] ? __lock_acquire+0x7ec/0x4ec0 [ 394.202039] ? trace_hardirqs_on_caller+0x310/0x310 [ 394.207040] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.212565] ? check_preemption_disabled+0x48/0x200 [ 394.217585] ? print_usage_bug+0xc0/0xc0 [ 394.221648] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.227188] ? reuse_swap_page+0x4bd/0x1520 [ 394.231498] ? swp_swapcount+0x530/0x530 [ 394.235547] ? find_held_lock+0x36/0x1c0 [ 394.239598] ? __lock_acquire+0x7ec/0x4ec0 [ 394.243818] ? mark_held_locks+0x130/0x130 [ 394.248035] ? finish_task_switch+0x1f5/0x900 [ 394.252523] ? __lock_acquire+0x7ec/0x4ec0 [ 394.256779] ? mark_held_locks+0x130/0x130 [ 394.261005] ? graph_lock+0x170/0x170 [ 394.264790] ? mark_held_locks+0x130/0x130 [ 394.269017] ? check_preemption_disabled+0x48/0x200 [ 394.274021] ? check_preemption_disabled+0x48/0x200 [ 394.279027] ? find_held_lock+0x36/0x1c0 [ 394.283081] ? print_usage_bug+0xc0/0xc0 [ 394.287135] ? print_usage_bug+0xc0/0xc0 [ 394.291197] ? do_wp_page+0xa6f/0x1390 [ 394.295083] ? lock_downgrade+0x900/0x900 [ 394.299215] ? wake_up_page_bit+0x6f0/0x6f0 [ 394.303533] ? kasan_check_read+0x11/0x20 [ 394.307669] ? __lock_acquire+0x7ec/0x4ec0 [ 394.311888] ? _raw_spin_unlock+0x2c/0x50 [ 394.316024] ? mark_held_locks+0x130/0x130 [ 394.320241] ? find_held_lock+0x36/0x1c0 [ 394.324284] ? lock_release+0x970/0x970 [ 394.328259] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 394.333792] ? kasan_check_write+0x14/0x20 [ 394.338013] ? do_raw_spin_lock+0xc1/0x200 [ 394.342236] ? error_exit+0xb/0x20 [ 394.345765] ? error_exit+0xb/0x20 [ 394.349292] ? trace_hardirqs_off_caller+0xbb/0x310 [ 394.354315] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.359148] ? trace_hardirqs_on_caller+0x310/0x310 [ 394.364169] ? graph_lock+0x170/0x170 [ 394.367973] ? graph_lock+0x170/0x170 [ 394.371766] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.376595] ? native_iret+0x7/0x7 [ 394.380130] ? find_held_lock+0x36/0x1c0 [ 394.384189] _do_fork+0x1cb/0x11d0 [ 394.387723] ? fork_idle+0x1d0/0x1d0 [ 394.391426] ? lock_downgrade+0x900/0x900 [ 394.395566] ? kasan_check_read+0x11/0x20 [ 394.399696] ? _copy_to_user+0xc8/0x110 [ 394.403656] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 394.409178] ? put_timespec64+0x10f/0x1b0 [ 394.413306] ? nsecs_to_jiffies+0x30/0x30 [ 394.417440] ? do_syscall_64+0x9a/0x820 [ 394.421398] ? do_syscall_64+0x9a/0x820 [ 394.425379] ? lockdep_hardirqs_on+0x421/0x5c0 [ 394.429953] ? trace_hardirqs_on+0xbd/0x310 [ 394.434277] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.439804] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 394.445157] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 394.450592] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 394.456117] __x64_sys_clone+0xbf/0x150 [ 394.460082] do_syscall_64+0x1b9/0x820 [ 394.463968] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 394.469337] ? syscall_return_slowpath+0x5e0/0x5e0 [ 394.474270] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.479130] ? trace_hardirqs_on_caller+0x310/0x310 [ 394.484143] ? prepare_exit_to_usermode+0x291/0x3b0 [ 394.489162] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 394.494006] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 394.499198] RIP: 0033:0x455b4a [ 394.502383] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 394.521282] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 394.528987] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 394.536245] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 394.543509] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 394.550766] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 394.558038] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 394.566513] Memory limit reached of cgroup /syz5 [ 394.571326] memory: usage 205708kB, limit 204800kB, failcnt 1566 [ 394.577583] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 394.584341] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 394.590583] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 394.610572] Out of memory and no killable processes... [ 394.617156] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 394.630090] syz-executor5 cpuset=syz5 mems_allowed=0 [ 394.635337] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 394.642517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 394.651864] Call Trace: [ 394.654472] dump_stack+0x1c4/0x2b4 [ 394.658102] ? dump_stack_print_info.cold.2+0x52/0x52 [ 394.663284] dump_header+0x27b/0xf72 [ 394.666990] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 394.672780] ? kasan_check_read+0x11/0x20 [ 394.676950] ? pagefault_out_of_memory+0x197/0x197 [ 394.681883] ? rcu_read_unlock+0x33/0x60 [ 394.685958] ? mem_cgroup_iter+0x514/0x1160 [ 394.690290] ? find_held_lock+0x36/0x1c0 [ 394.694355] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 394.699107] ? mark_held_locks+0xc7/0x130 [ 394.703248] ? _raw_spin_unlock_irq+0x27/0x80 [ 394.707737] ? _raw_spin_unlock_irq+0x27/0x80 [ 394.712252] ? lockdep_hardirqs_on+0x421/0x5c0 [ 394.716840] ? trace_hardirqs_on+0xbd/0x310 [ 394.721165] ? kasan_check_read+0x11/0x20 [ 394.725303] ? css_task_iter_end+0x222/0x490 [ 394.729722] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 394.735163] ? kasan_check_write+0x14/0x20 [ 394.739384] ? do_raw_spin_lock+0xc1/0x200 [ 394.743616] ? _raw_spin_unlock_irq+0x60/0x80 [ 394.748098] ? css_task_iter_end+0x2ce/0x490 [ 394.752500] ? cgroup_procs_next+0x70/0x70 [ 394.756728] ? _raw_spin_unlock_irq+0x60/0x80 [ 394.761235] ? oom_badness+0xaa0/0xaa0 [ 394.765111] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 394.769865] ? mem_cgroup_iter_break+0x30/0x30 [ 394.774448] ? mark_held_locks+0xc7/0x130 [ 394.778585] out_of_memory.cold.30+0xf/0x184 [ 394.783000] ? lockdep_hardirqs_on+0x421/0x5c0 [ 394.787573] ? kasan_check_read+0x11/0x20 [ 394.791733] ? oom_killer_disable+0x3a0/0x3a0 [ 394.796215] ? kasan_check_write+0x14/0x20 [ 394.800437] ? do_raw_spin_lock+0xc1/0x200 [ 394.804667] mem_cgroup_out_of_memory+0x15e/0x210 [ 394.809502] ? memcg_memory_event+0x40/0x40 [ 394.813813] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 394.818665] ? page_counter_try_charge+0x1c1/0x220 [ 394.823596] try_charge+0xc43/0x1690 [ 394.827319] ? lock_downgrade+0x900/0x900 [ 394.831454] ? check_preemption_disabled+0x48/0x200 [ 394.836461] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 394.842508] ? find_held_lock+0x36/0x1c0 [ 394.846556] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 394.851381] ? lock_downgrade+0x900/0x900 [ 394.855510] ? check_preemption_disabled+0x48/0x200 [ 394.860515] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 394.866294] ? kasan_check_read+0x11/0x20 [ 394.870432] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 394.875690] ? rcu_bh_qs+0xc0/0xc0 [ 394.879219] ? get_mem_cgroup_from_mm+0x206/0x440 [ 394.884070] memcg_kmem_charge_memcg+0x7c/0x120 [ 394.888725] ? memcg_kmem_put_cache+0xb0/0xb0 [ 394.893208] ? print_usage_bug+0xc0/0xc0 [ 394.897272] memcg_kmem_charge+0x135/0x300 [ 394.901499] __alloc_pages_nodemask+0x72e/0xde0 [ 394.906152] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 394.911151] ? __lock_acquire+0x7ec/0x4ec0 [ 394.915374] ? check_preemption_disabled+0x48/0x200 [ 394.920373] ? graph_lock+0x170/0x170 [ 394.924156] ? find_held_lock+0x36/0x1c0 [ 394.928207] ? __lock_is_held+0xb5/0x140 [ 394.932248] ? lock_downgrade+0x900/0x900 [ 394.936384] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 394.941905] alloc_pages_current+0x10c/0x210 [ 394.946295] ? ___might_sleep+0x1ed/0x300 [ 394.950443] pte_alloc_one+0x1b/0x1a0 [ 394.954229] __pte_alloc+0x2a/0x350 [ 394.957859] copy_page_range+0x18c5/0x26b0 [ 394.962095] ? pmd_alloc+0x180/0x180 [ 394.965792] ? save_stack+0xa9/0xd0 [ 394.969402] ? save_stack+0x43/0xd0 [ 394.973017] ? kasan_slab_alloc+0x12/0x20 [ 394.977147] ? kmem_cache_alloc+0x12e/0x730 [ 394.981457] ? vm_area_dup+0x7a/0x230 [ 394.985242] ? copy_process+0x42a0/0x8780 [ 394.989373] ? _do_fork+0x1cb/0x11d0 [ 394.993082] ? __x64_sys_clone+0xbf/0x150 [ 394.997215] ? do_syscall_64+0x1b9/0x820 [ 395.001265] ? graph_lock+0x170/0x170 [ 395.005065] ? lock_downgrade+0x900/0x900 [ 395.009196] ? graph_lock+0x170/0x170 [ 395.012998] ? graph_lock+0x170/0x170 [ 395.016787] ? find_held_lock+0x36/0x1c0 [ 395.020834] ? copy_process+0x454b/0x8780 [ 395.024962] ? lock_downgrade+0x900/0x900 [ 395.029097] ? lock_release+0x970/0x970 [ 395.033068] ? arch_local_save_flags+0x40/0x40 [ 395.037634] ? dup_userfaultfd+0x6d8/0x890 [ 395.041857] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 395.046854] ? vma_compute_subtree_gap+0x160/0x240 [ 395.051768] ? validate_mm_rb+0xaa/0xc0 [ 395.055743] ? __vma_link_rb+0x26c/0x370 [ 395.059793] copy_process+0x4721/0x8780 [ 395.063765] ? __cleanup_sighand+0x70/0x70 [ 395.067987] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 395.073506] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 395.079031] ? page_swapcount+0x1d0/0x1d0 [ 395.083160] ? graph_lock+0x170/0x170 [ 395.086948] ? update_curr+0x4cf/0xbe0 [ 395.090836] ? __lock_acquire+0x7ec/0x4ec0 [ 395.095057] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 395.100837] ? __lock_is_held+0xb5/0x140 [ 395.104881] ? mark_held_locks+0x130/0x130 [ 395.109103] ? print_usage_bug+0xc0/0xc0 [ 395.113149] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.118672] ? check_preemption_disabled+0x48/0x200 [ 395.123672] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.129195] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 395.134559] ? print_usage_bug+0xc0/0xc0 [ 395.138608] ? __lock_acquire+0x7ec/0x4ec0 [ 395.142826] ? trace_hardirqs_on_caller+0x310/0x310 [ 395.147826] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.153348] ? check_preemption_disabled+0x48/0x200 [ 395.158348] ? print_usage_bug+0xc0/0xc0 [ 395.162394] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.167918] ? reuse_swap_page+0x4bd/0x1520 [ 395.172225] ? swp_swapcount+0x530/0x530 [ 395.176287] ? find_held_lock+0x36/0x1c0 [ 395.180338] ? __lock_acquire+0x7ec/0x4ec0 [ 395.184559] ? mark_held_locks+0x130/0x130 [ 395.188780] ? finish_task_switch+0x1f5/0x900 [ 395.193275] ? __lock_acquire+0x7ec/0x4ec0 [ 395.197504] ? mark_held_locks+0x130/0x130 [ 395.201726] ? graph_lock+0x170/0x170 [ 395.205511] ? mark_held_locks+0x130/0x130 [ 395.209733] ? check_preemption_disabled+0x48/0x200 [ 395.214733] ? check_preemption_disabled+0x48/0x200 [ 395.219735] ? find_held_lock+0x36/0x1c0 [ 395.223779] ? print_usage_bug+0xc0/0xc0 [ 395.227828] ? print_usage_bug+0xc0/0xc0 [ 395.231874] ? do_wp_page+0xa6f/0x1390 [ 395.235746] ? lock_downgrade+0x900/0x900 [ 395.239876] ? wake_up_page_bit+0x6f0/0x6f0 [ 395.244180] ? kasan_check_read+0x11/0x20 [ 395.248333] ? __lock_acquire+0x7ec/0x4ec0 [ 395.252551] ? _raw_spin_unlock+0x2c/0x50 [ 395.256686] ? mark_held_locks+0x130/0x130 [ 395.260900] ? find_held_lock+0x36/0x1c0 [ 395.264942] ? lock_release+0x970/0x970 [ 395.268902] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 395.274425] ? kasan_check_write+0x14/0x20 [ 395.278646] ? do_raw_spin_lock+0xc1/0x200 [ 395.282868] ? error_exit+0xb/0x20 [ 395.286392] ? error_exit+0xb/0x20 [ 395.289923] ? trace_hardirqs_off_caller+0xbb/0x310 [ 395.294923] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.299751] ? trace_hardirqs_on_caller+0x310/0x310 [ 395.304755] ? graph_lock+0x170/0x170 [ 395.308548] ? graph_lock+0x170/0x170 [ 395.312337] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.317168] ? native_iret+0x7/0x7 [ 395.320714] ? find_held_lock+0x36/0x1c0 [ 395.324766] _do_fork+0x1cb/0x11d0 [ 395.328293] ? fork_idle+0x1d0/0x1d0 [ 395.331995] ? lock_downgrade+0x900/0x900 [ 395.336136] ? kasan_check_read+0x11/0x20 [ 395.340272] ? _copy_to_user+0xc8/0x110 [ 395.344236] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 395.349757] ? put_timespec64+0x10f/0x1b0 [ 395.353890] ? nsecs_to_jiffies+0x30/0x30 [ 395.358026] ? do_syscall_64+0x9a/0x820 [ 395.361989] ? do_syscall_64+0x9a/0x820 [ 395.365951] ? lockdep_hardirqs_on+0x421/0x5c0 [ 395.370521] ? trace_hardirqs_on+0xbd/0x310 [ 395.374833] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.380356] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 395.385712] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 395.391152] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 395.396696] __x64_sys_clone+0xbf/0x150 [ 395.400662] do_syscall_64+0x1b9/0x820 [ 395.404539] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 395.409893] ? syscall_return_slowpath+0x5e0/0x5e0 [ 395.414809] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.419655] ? trace_hardirqs_on_caller+0x310/0x310 [ 395.424670] ? prepare_exit_to_usermode+0x291/0x3b0 [ 395.429692] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 395.434545] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 395.439722] RIP: 0033:0x455b4a [ 395.442902] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 395.461797] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 395.469511] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 395.476778] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 395.484040] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 395.491333] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 395.498597] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 395.506234] Memory limit reached of cgroup /syz5 [ 395.511508] memory: usage 205712kB, limit 204800kB, failcnt 1574 [ 395.517801] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 395.524581] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 395.531784] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 395.551728] Out of memory and no killable processes... [ 395.558298] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 395.571438] syz-executor5 cpuset=syz5 mems_allowed=0 [ 395.577135] CPU: 1 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 395.584315] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 395.593656] Call Trace: [ 395.596235] dump_stack+0x1c4/0x2b4 [ 395.599892] ? dump_stack_print_info.cold.2+0x52/0x52 [ 395.605075] dump_header+0x27b/0xf72 [ 395.608779] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 395.614560] ? kasan_check_read+0x11/0x20 [ 395.618973] ? pagefault_out_of_memory+0x197/0x197 [ 395.623899] ? rcu_read_unlock+0x33/0x60 [ 395.627945] ? mem_cgroup_iter+0x514/0x1160 [ 395.632255] ? find_held_lock+0x36/0x1c0 [ 395.636306] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 395.641056] ? mark_held_locks+0xc7/0x130 [ 395.645196] ? _raw_spin_unlock_irq+0x27/0x80 [ 395.649681] ? _raw_spin_unlock_irq+0x27/0x80 [ 395.654174] ? lockdep_hardirqs_on+0x421/0x5c0 [ 395.658752] ? trace_hardirqs_on+0xbd/0x310 [ 395.663061] ? kasan_check_read+0x11/0x20 [ 395.667197] ? css_task_iter_end+0x222/0x490 [ 395.671598] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 395.677039] ? kasan_check_write+0x14/0x20 [ 395.681262] ? do_raw_spin_lock+0xc1/0x200 [ 395.685553] ? _raw_spin_unlock_irq+0x60/0x80 [ 395.690043] ? css_task_iter_end+0x2ce/0x490 [ 395.694488] ? cgroup_procs_next+0x70/0x70 [ 395.698763] ? _raw_spin_unlock_irq+0x60/0x80 [ 395.703247] ? oom_badness+0xaa0/0xaa0 [ 395.707123] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 395.711876] ? mem_cgroup_iter_break+0x30/0x30 [ 395.716907] ? mark_held_locks+0xc7/0x130 [ 395.721052] out_of_memory.cold.30+0xf/0x184 [ 395.725508] ? lockdep_hardirqs_on+0x421/0x5c0 [ 395.730093] ? kasan_check_read+0x11/0x20 [ 395.734274] ? oom_killer_disable+0x3a0/0x3a0 [ 395.738767] ? kasan_check_write+0x14/0x20 [ 395.743033] ? do_raw_spin_lock+0xc1/0x200 [ 395.747273] mem_cgroup_out_of_memory+0x15e/0x210 [ 395.752117] ? memcg_memory_event+0x40/0x40 [ 395.756443] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 395.761314] ? page_counter_try_charge+0x1c1/0x220 [ 395.766249] try_charge+0xc43/0x1690 [ 395.769964] ? lock_downgrade+0x900/0x900 [ 395.774116] ? check_preemption_disabled+0x48/0x200 [ 395.779142] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 395.785231] ? find_held_lock+0x36/0x1c0 [ 395.789319] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 395.794168] ? lock_downgrade+0x900/0x900 [ 395.798318] ? check_preemption_disabled+0x48/0x200 [ 395.803340] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 395.809141] ? kasan_check_read+0x11/0x20 [ 395.813291] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 395.818589] ? rcu_bh_qs+0xc0/0xc0 [ 395.822133] ? get_mem_cgroup_from_mm+0x206/0x440 [ 395.826987] memcg_kmem_charge_memcg+0x7c/0x120 [ 395.831658] ? memcg_kmem_put_cache+0xb0/0xb0 [ 395.836154] ? print_usage_bug+0xc0/0xc0 [ 395.840216] memcg_kmem_charge+0x135/0x300 [ 395.844453] __alloc_pages_nodemask+0x72e/0xde0 [ 395.849125] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 395.854157] ? __lock_acquire+0x7ec/0x4ec0 [ 395.858396] ? check_preemption_disabled+0x48/0x200 [ 395.863457] ? graph_lock+0x170/0x170 [ 395.867258] ? find_held_lock+0x36/0x1c0 [ 395.871326] ? __lock_is_held+0xb5/0x140 [ 395.875382] ? lock_downgrade+0x900/0x900 [ 395.879552] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 395.885091] alloc_pages_current+0x10c/0x210 [ 395.889491] ? ___might_sleep+0x1ed/0x300 [ 395.893646] pte_alloc_one+0x1b/0x1a0 [ 395.897452] __pte_alloc+0x2a/0x350 [ 395.901093] copy_page_range+0x18c5/0x26b0 [ 395.905341] ? pmd_alloc+0x180/0x180 [ 395.909049] ? save_stack+0xa9/0xd0 [ 395.912673] ? save_stack+0x43/0xd0 [ 395.916295] ? kasan_slab_alloc+0x12/0x20 [ 395.920437] ? kmem_cache_alloc+0x12e/0x730 [ 395.924752] ? vm_area_dup+0x7a/0x230 [ 395.928559] ? copy_process+0x42a0/0x8780 [ 395.932719] ? _do_fork+0x1cb/0x11d0 [ 395.936436] ? __x64_sys_clone+0xbf/0x150 [ 395.940588] ? do_syscall_64+0x1b9/0x820 [ 395.944678] ? graph_lock+0x170/0x170 [ 395.948512] ? lock_downgrade+0x900/0x900 [ 395.952661] ? graph_lock+0x170/0x170 [ 395.956480] ? graph_lock+0x170/0x170 [ 395.960311] ? find_held_lock+0x36/0x1c0 [ 395.964375] ? copy_process+0x454b/0x8780 [ 395.968527] ? lock_downgrade+0x900/0x900 [ 395.972680] ? lock_release+0x970/0x970 [ 395.976652] ? arch_local_save_flags+0x40/0x40 [ 395.981236] ? dup_userfaultfd+0x6d8/0x890 [ 395.985478] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 395.990504] ? validate_mm_rb+0xaa/0xc0 [ 395.994484] ? __vma_link_rb+0x26c/0x370 [ 395.998566] copy_process+0x4721/0x8780 [ 396.002554] ? __cleanup_sighand+0x70/0x70 [ 396.006790] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 396.012346] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 396.017891] ? page_swapcount+0x1d0/0x1d0 [ 396.022040] ? graph_lock+0x170/0x170 [ 396.025856] ? update_curr+0x4cf/0xbe0 [ 396.029749] ? __lock_acquire+0x7ec/0x4ec0 [ 396.033999] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 396.039814] ? __lock_is_held+0xb5/0x140 [ 396.043909] ? mark_held_locks+0x130/0x130 [ 396.048171] ? print_usage_bug+0xc0/0xc0 [ 396.052238] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 396.057784] ? check_preemption_disabled+0x48/0x200 [ 396.062807] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 396.068375] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 396.073742] ? print_usage_bug+0xc0/0xc0 [ 396.077823] ? __lock_acquire+0x7ec/0x4ec0 [ 396.082060] ? trace_hardirqs_on_caller+0x310/0x310 [ 396.087076] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 396.092617] ? check_preemption_disabled+0x48/0x200 [ 396.097632] ? print_usage_bug+0xc0/0xc0 [ 396.101697] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 396.107228] ? reuse_swap_page+0x4bd/0x1520 [ 396.111559] ? swp_swapcount+0x530/0x530 [ 396.115612] ? find_held_lock+0x36/0x1c0 [ 396.119665] ? __lock_acquire+0x7ec/0x4ec0 [ 396.123890] ? mark_held_locks+0x130/0x130 [ 396.128123] ? finish_task_switch+0x1f5/0x900 [ 396.132618] ? __lock_acquire+0x7ec/0x4ec0 [ 396.136847] ? mark_held_locks+0x130/0x130 [ 396.141078] ? graph_lock+0x170/0x170 [ 396.144905] ? mark_held_locks+0x130/0x130 [ 396.149147] ? check_preemption_disabled+0x48/0x200 [ 396.154164] ? check_preemption_disabled+0x48/0x200 [ 396.159189] ? find_held_lock+0x36/0x1c0 [ 396.163250] ? print_usage_bug+0xc0/0xc0 [ 396.167313] ? print_usage_bug+0xc0/0xc0 [ 396.171373] ? do_wp_page+0xa6f/0x1390 [ 396.175255] ? lock_downgrade+0x900/0x900 [ 396.179396] ? wake_up_page_bit+0x6f0/0x6f0 [ 396.183720] ? kasan_check_read+0x11/0x20 [ 396.187868] ? __lock_acquire+0x7ec/0x4ec0 [ 396.192093] ? _raw_spin_unlock+0x2c/0x50 [ 396.196240] ? mark_held_locks+0x130/0x130 [ 396.200468] ? find_held_lock+0x36/0x1c0 [ 396.204529] ? lock_release+0x970/0x970 [ 396.208544] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 396.214070] ? kasan_check_write+0x14/0x20 [ 396.219077] ? do_raw_spin_lock+0xc1/0x200 [ 396.223301] ? error_exit+0xb/0x20 [ 396.226829] ? error_exit+0xb/0x20 [ 396.230358] ? trace_hardirqs_off_caller+0xbb/0x310 [ 396.235367] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.240195] ? trace_hardirqs_on_caller+0x310/0x310 [ 396.245203] ? graph_lock+0x170/0x170 [ 396.248993] ? graph_lock+0x170/0x170 [ 396.252785] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.257662] ? native_iret+0x7/0x7 [ 396.261208] ? find_held_lock+0x36/0x1c0 [ 396.265350] _do_fork+0x1cb/0x11d0 [ 396.268876] ? fork_idle+0x1d0/0x1d0 [ 396.272575] ? lock_downgrade+0x900/0x900 [ 396.276717] ? kasan_check_read+0x11/0x20 [ 396.280850] ? _copy_to_user+0xc8/0x110 [ 396.284824] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 396.290358] ? put_timespec64+0x10f/0x1b0 [ 396.294495] ? nsecs_to_jiffies+0x30/0x30 [ 396.298642] ? do_syscall_64+0x9a/0x820 [ 396.302635] ? do_syscall_64+0x9a/0x820 [ 396.306605] ? lockdep_hardirqs_on+0x421/0x5c0 [ 396.311209] ? trace_hardirqs_on+0xbd/0x310 [ 396.315538] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 396.321071] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 396.326438] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 396.331887] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 396.337432] __x64_sys_clone+0xbf/0x150 [ 396.341406] do_syscall_64+0x1b9/0x820 [ 396.345320] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 396.350686] ? syscall_return_slowpath+0x5e0/0x5e0 [ 396.355615] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.360457] ? trace_hardirqs_on_caller+0x310/0x310 [ 396.365496] ? prepare_exit_to_usermode+0x291/0x3b0 [ 396.370505] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 396.375342] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 396.380520] RIP: 0033:0x455b4a [ 396.383727] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 396.402627] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 396.410357] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 396.417627] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 396.424890] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 396.432147] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 396.439406] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 396.450056] Memory limit reached of cgroup /syz5 [ 396.455318] memory: usage 205716kB, limit 204800kB, failcnt 1582 [ 396.461729] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 396.469824] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 396.476729] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 396.496672] Out of memory and no killable processes... [ 396.503205] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 396.516196] syz-executor5 cpuset=syz5 mems_allowed=0 [ 396.521332] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 396.528510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 396.537848] Call Trace: [ 396.540432] dump_stack+0x1c4/0x2b4 [ 396.544048] ? dump_stack_print_info.cold.2+0x52/0x52 [ 396.549231] dump_header+0x27b/0xf72 [ 396.552931] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 396.558712] ? kasan_check_read+0x11/0x20 [ 396.562848] ? pagefault_out_of_memory+0x197/0x197 [ 396.567768] ? rcu_read_unlock+0x33/0x60 [ 396.571827] ? mem_cgroup_iter+0x514/0x1160 [ 396.576153] ? find_held_lock+0x36/0x1c0 [ 396.580219] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 396.584966] ? mark_held_locks+0xc7/0x130 [ 396.589111] ? _raw_spin_unlock_irq+0x27/0x80 [ 396.593594] ? _raw_spin_unlock_irq+0x27/0x80 [ 396.598075] ? lockdep_hardirqs_on+0x421/0x5c0 [ 396.602643] ? trace_hardirqs_on+0xbd/0x310 [ 396.606949] ? kasan_check_read+0x11/0x20 [ 396.611083] ? css_task_iter_end+0x222/0x490 [ 396.615476] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 396.620939] ? kasan_check_write+0x14/0x20 [ 396.625166] ? do_raw_spin_lock+0xc1/0x200 [ 396.629387] ? _raw_spin_unlock_irq+0x60/0x80 [ 396.633870] ? css_task_iter_end+0x2ce/0x490 [ 396.638286] ? cgroup_procs_next+0x70/0x70 [ 396.642526] ? _raw_spin_unlock_irq+0x60/0x80 [ 396.647010] ? oom_badness+0xaa0/0xaa0 [ 396.650911] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 396.655664] ? mem_cgroup_iter_break+0x30/0x30 [ 396.660247] ? mark_held_locks+0xc7/0x130 [ 396.664386] out_of_memory.cold.30+0xf/0x184 [ 396.668799] ? lockdep_hardirqs_on+0x421/0x5c0 [ 396.673380] ? kasan_check_read+0x11/0x20 [ 396.677513] ? oom_killer_disable+0x3a0/0x3a0 [ 396.682014] ? kasan_check_write+0x14/0x20 [ 396.686241] ? do_raw_spin_lock+0xc1/0x200 [ 396.690468] mem_cgroup_out_of_memory+0x15e/0x210 [ 396.695312] ? memcg_memory_event+0x40/0x40 [ 396.699640] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 396.704473] ? page_counter_try_charge+0x1c1/0x220 [ 396.709393] try_charge+0xc43/0x1690 [ 396.713094] ? lock_downgrade+0x900/0x900 [ 396.717237] ? check_preemption_disabled+0x48/0x200 [ 396.722257] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 396.728314] ? find_held_lock+0x36/0x1c0 [ 396.732369] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 396.737202] ? lock_downgrade+0x900/0x900 [ 396.741340] ? check_preemption_disabled+0x48/0x200 [ 396.746356] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 396.752138] ? kasan_check_read+0x11/0x20 [ 396.756273] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 396.761535] ? rcu_bh_qs+0xc0/0xc0 [ 396.765067] ? get_mem_cgroup_from_mm+0x206/0x440 [ 396.769899] memcg_kmem_charge_memcg+0x7c/0x120 [ 396.774590] ? memcg_kmem_put_cache+0xb0/0xb0 [ 396.779078] ? print_usage_bug+0xc0/0xc0 [ 396.783131] memcg_kmem_charge+0x135/0x300 [ 396.787352] __alloc_pages_nodemask+0x72e/0xde0 [ 396.792008] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 396.797009] ? __lock_acquire+0x7ec/0x4ec0 [ 396.801231] ? check_preemption_disabled+0x48/0x200 [ 396.806237] ? graph_lock+0x170/0x170 [ 396.810023] ? find_held_lock+0x36/0x1c0 [ 396.814101] ? __lock_is_held+0xb5/0x140 [ 396.818146] ? lock_downgrade+0x900/0x900 [ 396.822282] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 396.827805] alloc_pages_current+0x10c/0x210 [ 396.832198] ? ___might_sleep+0x1ed/0x300 [ 396.836346] pte_alloc_one+0x1b/0x1a0 [ 396.840156] __pte_alloc+0x2a/0x350 [ 396.843771] copy_page_range+0x18c5/0x26b0 [ 396.848005] ? pmd_alloc+0x180/0x180 [ 396.851711] ? save_stack+0xa9/0xd0 [ 396.855342] ? save_stack+0x43/0xd0 [ 396.858955] ? kasan_slab_alloc+0x12/0x20 [ 396.863087] ? kmem_cache_alloc+0x12e/0x730 [ 396.867391] ? vm_area_dup+0x7a/0x230 [ 396.871178] ? copy_process+0x42a0/0x8780 [ 396.875307] ? _do_fork+0x1cb/0x11d0 [ 396.879005] ? __x64_sys_clone+0xbf/0x150 [ 396.883134] ? do_syscall_64+0x1b9/0x820 [ 396.887180] ? graph_lock+0x170/0x170 [ 396.890961] ? lock_downgrade+0x900/0x900 [ 396.895109] ? graph_lock+0x170/0x170 [ 396.898894] ? graph_lock+0x170/0x170 [ 396.902680] ? find_held_lock+0x36/0x1c0 [ 396.906730] ? copy_process+0x454b/0x8780 [ 396.910862] ? lock_downgrade+0x900/0x900 [ 396.914994] ? lock_release+0x970/0x970 [ 396.918949] ? arch_local_save_flags+0x40/0x40 [ 396.923523] ? dup_userfaultfd+0x6d8/0x890 [ 396.927746] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 396.932761] ? vma_compute_subtree_gap+0x160/0x240 [ 396.937675] ? validate_mm_rb+0xaa/0xc0 [ 396.941631] ? __vma_link_rb+0x26c/0x370 [ 396.945676] copy_process+0x4721/0x8780 [ 396.949653] ? __cleanup_sighand+0x70/0x70 [ 396.953872] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 396.959403] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 396.964937] ? page_swapcount+0x1d0/0x1d0 [ 396.969085] ? graph_lock+0x170/0x170 [ 396.972870] ? update_curr+0x4cf/0xbe0 [ 396.976743] ? __lock_acquire+0x7ec/0x4ec0 [ 396.980962] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 396.986749] ? __lock_is_held+0xb5/0x140 [ 396.990798] ? mark_held_locks+0x130/0x130 [ 396.995019] ? print_usage_bug+0xc0/0xc0 [ 396.999084] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.004610] ? check_preemption_disabled+0x48/0x200 [ 397.009625] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.015149] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 397.020503] ? print_usage_bug+0xc0/0xc0 [ 397.024551] ? __lock_acquire+0x7ec/0x4ec0 [ 397.028768] ? trace_hardirqs_on_caller+0x310/0x310 [ 397.033767] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.039289] ? check_preemption_disabled+0x48/0x200 [ 397.044303] ? print_usage_bug+0xc0/0xc0 [ 397.048349] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.053879] ? reuse_swap_page+0x4bd/0x1520 [ 397.058212] ? swp_swapcount+0x530/0x530 [ 397.062276] ? find_held_lock+0x36/0x1c0 [ 397.066324] ? __lock_acquire+0x7ec/0x4ec0 [ 397.070542] ? mark_held_locks+0x130/0x130 [ 397.074761] ? finish_task_switch+0x1f5/0x900 [ 397.079243] ? __lock_acquire+0x7ec/0x4ec0 [ 397.083467] ? mark_held_locks+0x130/0x130 [ 397.087689] ? graph_lock+0x170/0x170 [ 397.091472] ? mark_held_locks+0x130/0x130 [ 397.095713] ? check_preemption_disabled+0x48/0x200 [ 397.100717] ? check_preemption_disabled+0x48/0x200 [ 397.105739] ? find_held_lock+0x36/0x1c0 [ 397.109785] ? print_usage_bug+0xc0/0xc0 [ 397.113830] ? print_usage_bug+0xc0/0xc0 [ 397.117875] ? do_wp_page+0xa6f/0x1390 [ 397.121747] ? lock_downgrade+0x900/0x900 [ 397.125880] ? wake_up_page_bit+0x6f0/0x6f0 [ 397.130184] ? kasan_check_read+0x11/0x20 [ 397.134318] ? __lock_acquire+0x7ec/0x4ec0 [ 397.138538] ? _raw_spin_unlock+0x2c/0x50 [ 397.142674] ? mark_held_locks+0x130/0x130 [ 397.146900] ? find_held_lock+0x36/0x1c0 [ 397.150945] ? lock_release+0x970/0x970 [ 397.154915] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 397.160438] ? kasan_check_write+0x14/0x20 [ 397.164662] ? do_raw_spin_lock+0xc1/0x200 [ 397.168885] ? error_exit+0xb/0x20 [ 397.172407] ? error_exit+0xb/0x20 [ 397.175936] ? trace_hardirqs_off_caller+0xbb/0x310 [ 397.180976] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.185809] ? trace_hardirqs_on_caller+0x310/0x310 [ 397.190811] ? graph_lock+0x170/0x170 [ 397.194601] ? graph_lock+0x170/0x170 [ 397.198386] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.203212] ? native_iret+0x7/0x7 [ 397.206741] ? find_held_lock+0x36/0x1c0 [ 397.210792] _do_fork+0x1cb/0x11d0 [ 397.214334] ? fork_idle+0x1d0/0x1d0 [ 397.218032] ? lock_downgrade+0x900/0x900 [ 397.222179] ? kasan_check_read+0x11/0x20 [ 397.226310] ? _copy_to_user+0xc8/0x110 [ 397.230271] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 397.235789] ? put_timespec64+0x10f/0x1b0 [ 397.239919] ? nsecs_to_jiffies+0x30/0x30 [ 397.244055] ? do_syscall_64+0x9a/0x820 [ 397.248015] ? do_syscall_64+0x9a/0x820 [ 397.251979] ? lockdep_hardirqs_on+0x421/0x5c0 [ 397.256562] ? trace_hardirqs_on+0xbd/0x310 [ 397.260891] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.266434] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 397.271785] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 397.277232] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.282762] __x64_sys_clone+0xbf/0x150 [ 397.286731] do_syscall_64+0x1b9/0x820 [ 397.290604] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 397.295955] ? syscall_return_slowpath+0x5e0/0x5e0 [ 397.300866] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.305693] ? trace_hardirqs_on_caller+0x310/0x310 [ 397.310694] ? prepare_exit_to_usermode+0x291/0x3b0 [ 397.315697] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 397.320529] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 397.325700] RIP: 0033:0x455b4a [ 397.328875] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 397.347769] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 397.355472] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 397.362738] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 397.370001] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 397.377277] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 397.384540] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 397.392861] Memory limit reached of cgroup /syz5 [ 397.397731] memory: usage 205720kB, limit 204800kB, failcnt 1590 [ 397.403878] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 397.410684] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 397.416882] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 397.436715] Out of memory and no killable processes... [ 397.443265] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 397.456340] syz-executor5 cpuset=syz5 mems_allowed=0 [ 397.461485] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 397.468656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 397.477993] Call Trace: [ 397.480572] dump_stack+0x1c4/0x2b4 [ 397.484190] ? dump_stack_print_info.cold.2+0x52/0x52 [ 397.489369] dump_header+0x27b/0xf72 [ 397.493073] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 397.498853] ? kasan_check_read+0x11/0x20 [ 397.502998] ? pagefault_out_of_memory+0x197/0x197 [ 397.507920] ? rcu_read_unlock+0x33/0x60 [ 397.511963] ? mem_cgroup_iter+0x514/0x1160 [ 397.516270] ? find_held_lock+0x36/0x1c0 [ 397.520353] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 397.525120] ? mark_held_locks+0xc7/0x130 [ 397.529277] ? _raw_spin_unlock_irq+0x27/0x80 [ 397.533756] ? _raw_spin_unlock_irq+0x27/0x80 [ 397.538237] ? lockdep_hardirqs_on+0x421/0x5c0 [ 397.542823] ? trace_hardirqs_on+0xbd/0x310 [ 397.547148] ? kasan_check_read+0x11/0x20 [ 397.551281] ? css_task_iter_end+0x222/0x490 [ 397.555674] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 397.561113] ? kasan_check_write+0x14/0x20 [ 397.565335] ? do_raw_spin_lock+0xc1/0x200 [ 397.569561] ? _raw_spin_unlock_irq+0x60/0x80 [ 397.574051] ? css_task_iter_end+0x2ce/0x490 [ 397.578450] ? cgroup_procs_next+0x70/0x70 [ 397.582673] ? _raw_spin_unlock_irq+0x60/0x80 [ 397.587150] ? oom_badness+0xaa0/0xaa0 [ 397.591027] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 397.595769] ? mem_cgroup_iter_break+0x30/0x30 [ 397.600345] ? mark_held_locks+0xc7/0x130 [ 397.604900] out_of_memory.cold.30+0xf/0x184 [ 397.609324] ? lockdep_hardirqs_on+0x421/0x5c0 [ 397.613893] ? kasan_check_read+0x11/0x20 [ 397.618027] ? oom_killer_disable+0x3a0/0x3a0 [ 397.622513] ? kasan_check_write+0x14/0x20 [ 397.626732] ? do_raw_spin_lock+0xc1/0x200 [ 397.630957] mem_cgroup_out_of_memory+0x15e/0x210 [ 397.635895] ? memcg_memory_event+0x40/0x40 [ 397.640223] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 397.645849] ? page_counter_try_charge+0x1c1/0x220 [ 397.650773] try_charge+0xc43/0x1690 [ 397.654497] ? lock_downgrade+0x900/0x900 [ 397.658647] ? check_preemption_disabled+0x48/0x200 [ 397.663680] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 397.669732] ? find_held_lock+0x36/0x1c0 [ 397.673789] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 397.678620] ? lock_downgrade+0x900/0x900 [ 397.682757] ? check_preemption_disabled+0x48/0x200 [ 397.687763] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 397.693544] ? kasan_check_read+0x11/0x20 [ 397.697685] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 397.702949] ? rcu_bh_qs+0xc0/0xc0 [ 397.706509] ? get_mem_cgroup_from_mm+0x206/0x440 [ 397.711344] memcg_kmem_charge_memcg+0x7c/0x120 [ 397.716005] ? memcg_kmem_put_cache+0xb0/0xb0 [ 397.720490] ? print_usage_bug+0xc0/0xc0 [ 397.724541] memcg_kmem_charge+0x135/0x300 [ 397.728994] __alloc_pages_nodemask+0x72e/0xde0 [ 397.733652] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 397.738656] ? __lock_acquire+0x7ec/0x4ec0 [ 397.742877] ? check_preemption_disabled+0x48/0x200 [ 397.747876] ? graph_lock+0x170/0x170 [ 397.751659] ? find_held_lock+0x36/0x1c0 [ 397.755736] ? __lock_is_held+0xb5/0x140 [ 397.759783] ? lock_downgrade+0x900/0x900 [ 397.763920] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 397.769449] alloc_pages_current+0x10c/0x210 [ 397.773843] ? ___might_sleep+0x1ed/0x300 [ 397.777980] pte_alloc_one+0x1b/0x1a0 [ 397.781794] __pte_alloc+0x2a/0x350 [ 397.785419] copy_page_range+0x18c5/0x26b0 [ 397.789656] ? pmd_alloc+0x180/0x180 [ 397.793357] ? save_stack+0xa9/0xd0 [ 397.796969] ? save_stack+0x43/0xd0 [ 397.800587] ? kasan_slab_alloc+0x12/0x20 [ 397.804723] ? kmem_cache_alloc+0x12e/0x730 [ 397.809050] ? vm_area_dup+0x7a/0x230 [ 397.812839] ? copy_process+0x42a0/0x8780 [ 397.816970] ? _do_fork+0x1cb/0x11d0 [ 397.820673] ? __x64_sys_clone+0xbf/0x150 [ 397.824826] ? do_syscall_64+0x1b9/0x820 [ 397.828884] ? graph_lock+0x170/0x170 [ 397.832718] ? lock_downgrade+0x900/0x900 [ 397.836855] ? graph_lock+0x170/0x170 [ 397.840643] ? graph_lock+0x170/0x170 [ 397.844440] ? find_held_lock+0x36/0x1c0 [ 397.848494] ? copy_process+0x454b/0x8780 [ 397.852629] ? lock_downgrade+0x900/0x900 [ 397.856768] ? lock_release+0x970/0x970 [ 397.860736] ? arch_local_save_flags+0x40/0x40 [ 397.865315] ? dup_userfaultfd+0x6d8/0x890 [ 397.869581] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 397.874603] ? vma_compute_subtree_gap+0x160/0x240 [ 397.879536] ? validate_mm_rb+0xaa/0xc0 [ 397.883538] ? __vma_link_rb+0x26c/0x370 [ 397.887601] copy_process+0x4721/0x8780 [ 397.891593] ? __cleanup_sighand+0x70/0x70 [ 397.895831] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 397.901376] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 397.906906] ? page_swapcount+0x1d0/0x1d0 [ 397.911047] ? graph_lock+0x170/0x170 [ 397.914832] ? update_curr+0x4cf/0xbe0 [ 397.918705] ? __lock_acquire+0x7ec/0x4ec0 [ 397.922928] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 397.928712] ? __lock_is_held+0xb5/0x140 [ 397.932759] ? mark_held_locks+0x130/0x130 [ 397.938580] ? print_usage_bug+0xc0/0xc0 [ 397.942629] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.948151] ? check_preemption_disabled+0x48/0x200 [ 397.953154] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.958694] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 397.964041] ? print_usage_bug+0xc0/0xc0 [ 397.968087] ? __lock_acquire+0x7ec/0x4ec0 [ 397.972305] ? trace_hardirqs_on_caller+0x310/0x310 [ 397.977303] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.982823] ? check_preemption_disabled+0x48/0x200 [ 397.987823] ? print_usage_bug+0xc0/0xc0 [ 397.991871] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 397.997417] ? reuse_swap_page+0x4bd/0x1520 [ 398.001727] ? swp_swapcount+0x530/0x530 [ 398.005769] ? find_held_lock+0x36/0x1c0 [ 398.009816] ? __lock_acquire+0x7ec/0x4ec0 [ 398.014032] ? mark_held_locks+0x130/0x130 [ 398.018246] ? finish_task_switch+0x1f5/0x900 [ 398.022750] ? __lock_acquire+0x7ec/0x4ec0 [ 398.026973] ? mark_held_locks+0x130/0x130 [ 398.031214] ? graph_lock+0x170/0x170 [ 398.035019] ? mark_held_locks+0x130/0x130 [ 398.039241] ? check_preemption_disabled+0x48/0x200 [ 398.044236] ? check_preemption_disabled+0x48/0x200 [ 398.049244] ? find_held_lock+0x36/0x1c0 [ 398.053293] ? print_usage_bug+0xc0/0xc0 [ 398.057337] ? print_usage_bug+0xc0/0xc0 [ 398.061381] ? do_wp_page+0xa6f/0x1390 [ 398.065253] ? lock_downgrade+0x900/0x900 [ 398.069388] ? wake_up_page_bit+0x6f0/0x6f0 [ 398.073701] ? kasan_check_read+0x11/0x20 [ 398.077841] ? __lock_acquire+0x7ec/0x4ec0 [ 398.082060] ? _raw_spin_unlock+0x2c/0x50 [ 398.086204] ? mark_held_locks+0x130/0x130 [ 398.090440] ? find_held_lock+0x36/0x1c0 [ 398.094495] ? lock_release+0x970/0x970 [ 398.098454] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.103976] ? kasan_check_write+0x14/0x20 [ 398.108210] ? do_raw_spin_lock+0xc1/0x200 [ 398.112435] ? error_exit+0xb/0x20 [ 398.115972] ? error_exit+0xb/0x20 [ 398.119518] ? trace_hardirqs_off_caller+0xbb/0x310 [ 398.124532] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.129360] ? trace_hardirqs_on_caller+0x310/0x310 [ 398.134358] ? graph_lock+0x170/0x170 [ 398.138158] ? graph_lock+0x170/0x170 [ 398.141943] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.146767] ? native_iret+0x7/0x7 [ 398.150293] ? find_held_lock+0x36/0x1c0 [ 398.154342] _do_fork+0x1cb/0x11d0 [ 398.157868] ? fork_idle+0x1d0/0x1d0 [ 398.161563] ? lock_downgrade+0x900/0x900 [ 398.165702] ? kasan_check_read+0x11/0x20 [ 398.169833] ? _copy_to_user+0xc8/0x110 [ 398.173792] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.179309] ? put_timespec64+0x10f/0x1b0 [ 398.183439] ? nsecs_to_jiffies+0x30/0x30 [ 398.187571] ? do_syscall_64+0x9a/0x820 [ 398.191529] ? do_syscall_64+0x9a/0x820 [ 398.195489] ? lockdep_hardirqs_on+0x421/0x5c0 [ 398.200056] ? trace_hardirqs_on+0xbd/0x310 [ 398.204360] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.209881] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 398.215229] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 398.220659] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.226179] __x64_sys_clone+0xbf/0x150 [ 398.230138] do_syscall_64+0x1b9/0x820 [ 398.234028] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 398.239378] ? syscall_return_slowpath+0x5e0/0x5e0 [ 398.244289] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.249117] ? trace_hardirqs_on_caller+0x310/0x310 [ 398.254145] ? prepare_exit_to_usermode+0x291/0x3b0 [ 398.259162] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 398.263995] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 398.269169] RIP: 0033:0x455b4a [ 398.272345] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 398.291232] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 398.298928] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 398.306177] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 398.313430] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 398.320679] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 398.327930] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 398.335686] Memory limit reached of cgroup /syz5 [ 398.340513] memory: usage 205724kB, limit 204800kB, failcnt 1598 [ 398.346726] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 398.353485] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 398.359673] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 398.379575] Out of memory and no killable processes... [ 398.386123] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 398.399007] syz-executor5 cpuset=syz5 mems_allowed=0 [ 398.404136] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 398.411301] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 398.420632] Call Trace: [ 398.423205] dump_stack+0x1c4/0x2b4 [ 398.426819] ? dump_stack_print_info.cold.2+0x52/0x52 [ 398.432003] dump_header+0x27b/0xf72 [ 398.435708] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 398.441510] ? kasan_check_read+0x11/0x20 [ 398.445646] ? pagefault_out_of_memory+0x197/0x197 [ 398.450559] ? rcu_read_unlock+0x33/0x60 [ 398.454603] ? mem_cgroup_iter+0x514/0x1160 [ 398.458913] ? find_held_lock+0x36/0x1c0 [ 398.462962] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 398.467704] ? mark_held_locks+0xc7/0x130 [ 398.471837] ? _raw_spin_unlock_irq+0x27/0x80 [ 398.476314] ? _raw_spin_unlock_irq+0x27/0x80 [ 398.480793] ? lockdep_hardirqs_on+0x421/0x5c0 [ 398.485373] ? trace_hardirqs_on+0xbd/0x310 [ 398.489693] ? kasan_check_read+0x11/0x20 [ 398.493828] ? css_task_iter_end+0x222/0x490 [ 398.498223] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 398.503658] ? kasan_check_write+0x14/0x20 [ 398.507879] ? do_raw_spin_lock+0xc1/0x200 [ 398.512105] ? _raw_spin_unlock_irq+0x60/0x80 [ 398.516587] ? css_task_iter_end+0x2ce/0x490 [ 398.521003] ? cgroup_procs_next+0x70/0x70 [ 398.525227] ? _raw_spin_unlock_irq+0x60/0x80 [ 398.529710] ? oom_badness+0xaa0/0xaa0 [ 398.533596] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 398.538338] ? mem_cgroup_iter_break+0x30/0x30 [ 398.542910] ? mark_held_locks+0xc7/0x130 [ 398.547045] out_of_memory.cold.30+0xf/0x184 [ 398.551441] ? lockdep_hardirqs_on+0x421/0x5c0 [ 398.556009] ? kasan_check_read+0x11/0x20 [ 398.560156] ? oom_killer_disable+0x3a0/0x3a0 [ 398.564635] ? kasan_check_write+0x14/0x20 [ 398.568856] ? do_raw_spin_lock+0xc1/0x200 [ 398.573081] mem_cgroup_out_of_memory+0x15e/0x210 [ 398.577912] ? memcg_memory_event+0x40/0x40 [ 398.582217] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 398.587048] ? page_counter_try_charge+0x1c1/0x220 [ 398.591990] try_charge+0xc43/0x1690 [ 398.595694] ? lock_downgrade+0x900/0x900 [ 398.599828] ? check_preemption_disabled+0x48/0x200 [ 398.604842] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 398.610890] ? find_held_lock+0x36/0x1c0 [ 398.614946] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 398.619776] ? lock_downgrade+0x900/0x900 [ 398.623912] ? check_preemption_disabled+0x48/0x200 [ 398.628919] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 398.634698] ? kasan_check_read+0x11/0x20 [ 398.638834] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 398.644093] ? rcu_bh_qs+0xc0/0xc0 [ 398.647624] ? get_mem_cgroup_from_mm+0x206/0x440 [ 398.652470] memcg_kmem_charge_memcg+0x7c/0x120 [ 398.657128] ? memcg_kmem_put_cache+0xb0/0xb0 [ 398.661610] ? print_usage_bug+0xc0/0xc0 [ 398.665678] memcg_kmem_charge+0x135/0x300 [ 398.669902] __alloc_pages_nodemask+0x72e/0xde0 [ 398.674558] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 398.679560] ? __lock_acquire+0x7ec/0x4ec0 [ 398.683778] ? check_preemption_disabled+0x48/0x200 [ 398.688780] ? graph_lock+0x170/0x170 [ 398.692585] ? find_held_lock+0x36/0x1c0 [ 398.696668] ? __lock_is_held+0xb5/0x140 [ 398.700714] ? lock_downgrade+0x900/0x900 [ 398.704871] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 398.710422] alloc_pages_current+0x10c/0x210 [ 398.714843] ? ___might_sleep+0x1ed/0x300 [ 398.718979] pte_alloc_one+0x1b/0x1a0 [ 398.722771] __pte_alloc+0x2a/0x350 [ 398.726418] copy_page_range+0x18c5/0x26b0 [ 398.730659] ? pmd_alloc+0x180/0x180 [ 398.734364] ? save_stack+0xa9/0xd0 [ 398.737987] ? save_stack+0x43/0xd0 [ 398.741620] ? kasan_slab_alloc+0x12/0x20 [ 398.745756] ? kmem_cache_alloc+0x12e/0x730 [ 398.750079] ? vm_area_dup+0x7a/0x230 [ 398.753882] ? copy_process+0x42a0/0x8780 [ 398.758013] ? _do_fork+0x1cb/0x11d0 [ 398.761706] ? __x64_sys_clone+0xbf/0x150 [ 398.765837] ? do_syscall_64+0x1b9/0x820 [ 398.769888] ? graph_lock+0x170/0x170 [ 398.773671] ? lock_downgrade+0x900/0x900 [ 398.777804] ? graph_lock+0x170/0x170 [ 398.781591] ? graph_lock+0x170/0x170 [ 398.785381] ? find_held_lock+0x36/0x1c0 [ 398.789435] ? copy_process+0x454b/0x8780 [ 398.793569] ? lock_downgrade+0x900/0x900 [ 398.797712] ? lock_release+0x970/0x970 [ 398.801668] ? arch_local_save_flags+0x40/0x40 [ 398.806240] ? dup_userfaultfd+0x6d8/0x890 [ 398.810470] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 398.815476] ? vma_compute_subtree_gap+0x160/0x240 [ 398.820427] ? validate_mm_rb+0xaa/0xc0 [ 398.824390] ? __vma_link_rb+0x26c/0x370 [ 398.828443] copy_process+0x4721/0x8780 [ 398.832427] ? __cleanup_sighand+0x70/0x70 [ 398.836651] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 398.842169] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 398.847709] ? page_swapcount+0x1d0/0x1d0 [ 398.851841] ? graph_lock+0x170/0x170 [ 398.855626] ? update_curr+0x4cf/0xbe0 [ 398.859501] ? __lock_acquire+0x7ec/0x4ec0 [ 398.863720] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 398.869510] ? __lock_is_held+0xb5/0x140 [ 398.873558] ? mark_held_locks+0x130/0x130 [ 398.877782] ? print_usage_bug+0xc0/0xc0 [ 398.881830] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.887354] ? check_preemption_disabled+0x48/0x200 [ 398.892358] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.897880] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 398.903230] ? print_usage_bug+0xc0/0xc0 [ 398.907278] ? __lock_acquire+0x7ec/0x4ec0 [ 398.911522] ? trace_hardirqs_on_caller+0x310/0x310 [ 398.916527] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.922052] ? check_preemption_disabled+0x48/0x200 [ 398.927058] ? print_usage_bug+0xc0/0xc0 [ 398.931119] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 398.936644] ? reuse_swap_page+0x4bd/0x1520 [ 398.940963] ? swp_swapcount+0x530/0x530 [ 398.945012] ? find_held_lock+0x36/0x1c0 [ 398.949061] ? __lock_acquire+0x7ec/0x4ec0 [ 398.953277] ? mark_held_locks+0x130/0x130 [ 398.957498] ? finish_task_switch+0x1f5/0x900 [ 398.961991] ? __lock_acquire+0x7ec/0x4ec0 [ 398.966214] ? mark_held_locks+0x130/0x130 [ 398.970440] ? graph_lock+0x170/0x170 [ 398.974224] ? mark_held_locks+0x130/0x130 [ 398.978448] ? check_preemption_disabled+0x48/0x200 [ 398.983451] ? check_preemption_disabled+0x48/0x200 [ 398.988457] ? find_held_lock+0x36/0x1c0 [ 398.992508] ? print_usage_bug+0xc0/0xc0 [ 398.996559] ? print_usage_bug+0xc0/0xc0 [ 399.000605] ? do_wp_page+0xa6f/0x1390 [ 399.004473] ? lock_downgrade+0x900/0x900 [ 399.008611] ? wake_up_page_bit+0x6f0/0x6f0 [ 399.012918] ? kasan_check_read+0x11/0x20 [ 399.017057] ? __lock_acquire+0x7ec/0x4ec0 [ 399.021298] ? _raw_spin_unlock+0x2c/0x50 [ 399.025444] ? mark_held_locks+0x130/0x130 [ 399.029660] ? find_held_lock+0x36/0x1c0 [ 399.033705] ? lock_release+0x970/0x970 [ 399.037667] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 399.043187] ? kasan_check_write+0x14/0x20 [ 399.047429] ? do_raw_spin_lock+0xc1/0x200 [ 399.051655] ? error_exit+0xb/0x20 [ 399.055181] ? error_exit+0xb/0x20 [ 399.058709] ? trace_hardirqs_off_caller+0xbb/0x310 [ 399.063714] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.068546] ? trace_hardirqs_on_caller+0x310/0x310 [ 399.073564] ? graph_lock+0x170/0x170 [ 399.077354] ? graph_lock+0x170/0x170 [ 399.081139] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.085970] ? native_iret+0x7/0x7 [ 399.089513] ? find_held_lock+0x36/0x1c0 [ 399.093565] _do_fork+0x1cb/0x11d0 [ 399.097092] ? fork_idle+0x1d0/0x1d0 [ 399.100788] ? lock_downgrade+0x900/0x900 [ 399.104927] ? kasan_check_read+0x11/0x20 [ 399.109059] ? _copy_to_user+0xc8/0x110 [ 399.113023] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 399.118544] ? put_timespec64+0x10f/0x1b0 [ 399.122674] ? nsecs_to_jiffies+0x30/0x30 [ 399.126808] ? do_syscall_64+0x9a/0x820 [ 399.130783] ? do_syscall_64+0x9a/0x820 [ 399.134741] ? lockdep_hardirqs_on+0x421/0x5c0 [ 399.139322] ? trace_hardirqs_on+0xbd/0x310 [ 399.143626] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.149153] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.154507] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 399.159941] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.165467] __x64_sys_clone+0xbf/0x150 [ 399.169444] do_syscall_64+0x1b9/0x820 [ 399.173315] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 399.178666] ? syscall_return_slowpath+0x5e0/0x5e0 [ 399.183581] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.188419] ? trace_hardirqs_on_caller+0x310/0x310 [ 399.193431] ? prepare_exit_to_usermode+0x291/0x3b0 [ 399.198456] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 399.203303] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 399.208477] RIP: 0033:0x455b4a [ 399.211659] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 399.230545] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 399.238242] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 399.245503] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 399.252764] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 399.260023] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 399.267281] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 399.275146] Memory limit reached of cgroup /syz5 [ 399.279945] memory: usage 205664kB, limit 204800kB, failcnt 1606 [ 399.286189] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 399.292946] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 399.299175] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 399.319119] Out of memory and no killable processes... [ 399.325797] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 399.338751] syz-executor5 cpuset=syz5 mems_allowed=0 [ 399.343890] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 399.351114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 399.360459] Call Trace: [ 399.363043] dump_stack+0x1c4/0x2b4 [ 399.366663] ? dump_stack_print_info.cold.2+0x52/0x52 [ 399.371859] dump_header+0x27b/0xf72 [ 399.375561] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 399.381341] ? kasan_check_read+0x11/0x20 [ 399.385478] ? pagefault_out_of_memory+0x197/0x197 [ 399.390421] ? rcu_read_unlock+0x33/0x60 [ 399.394471] ? mem_cgroup_iter+0x514/0x1160 [ 399.398782] ? find_held_lock+0x36/0x1c0 [ 399.402831] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 399.407569] ? mark_held_locks+0xc7/0x130 [ 399.411704] ? _raw_spin_unlock_irq+0x27/0x80 [ 399.416194] ? _raw_spin_unlock_irq+0x27/0x80 [ 399.420680] ? lockdep_hardirqs_on+0x421/0x5c0 [ 399.425260] ? trace_hardirqs_on+0xbd/0x310 [ 399.429564] ? kasan_check_read+0x11/0x20 [ 399.433701] ? css_task_iter_end+0x222/0x490 [ 399.438117] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 399.443561] ? kasan_check_write+0x14/0x20 [ 399.447789] ? do_raw_spin_lock+0xc1/0x200 [ 399.452026] ? _raw_spin_unlock_irq+0x60/0x80 [ 399.456517] ? css_task_iter_end+0x2ce/0x490 [ 399.460918] ? cgroup_procs_next+0x70/0x70 [ 399.465154] ? _raw_spin_unlock_irq+0x60/0x80 [ 399.469636] ? oom_badness+0xaa0/0xaa0 [ 399.473513] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 399.478270] ? mem_cgroup_iter_break+0x30/0x30 [ 399.482844] ? mark_held_locks+0xc7/0x130 [ 399.487002] out_of_memory.cold.30+0xf/0x184 [ 399.491403] ? lockdep_hardirqs_on+0x421/0x5c0 [ 399.495975] ? kasan_check_read+0x11/0x20 [ 399.500116] ? oom_killer_disable+0x3a0/0x3a0 [ 399.504596] ? kasan_check_write+0x14/0x20 [ 399.508836] ? do_raw_spin_lock+0xc1/0x200 [ 399.513077] mem_cgroup_out_of_memory+0x15e/0x210 [ 399.517904] ? memcg_memory_event+0x40/0x40 [ 399.522207] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 399.527042] ? page_counter_try_charge+0x1c1/0x220 [ 399.531962] try_charge+0xc43/0x1690 [ 399.535689] ? lock_downgrade+0x900/0x900 [ 399.539838] ? check_preemption_disabled+0x48/0x200 [ 399.544852] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 399.550897] ? find_held_lock+0x36/0x1c0 [ 399.554946] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 399.559776] ? lock_downgrade+0x900/0x900 [ 399.563914] ? check_preemption_disabled+0x48/0x200 [ 399.568927] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 399.574720] ? kasan_check_read+0x11/0x20 [ 399.578880] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 399.584168] ? rcu_bh_qs+0xc0/0xc0 [ 399.587711] ? get_mem_cgroup_from_mm+0x206/0x440 [ 399.592569] memcg_kmem_charge_memcg+0x7c/0x120 [ 399.597237] ? memcg_kmem_put_cache+0xb0/0xb0 [ 399.601738] ? print_usage_bug+0xc0/0xc0 [ 399.606006] memcg_kmem_charge+0x135/0x300 [ 399.610239] __alloc_pages_nodemask+0x72e/0xde0 [ 399.614915] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 399.619937] ? __lock_acquire+0x7ec/0x4ec0 [ 399.624162] ? check_preemption_disabled+0x48/0x200 [ 399.629170] ? graph_lock+0x170/0x170 [ 399.632955] ? find_held_lock+0x36/0x1c0 [ 399.637010] ? __lock_is_held+0xb5/0x140 [ 399.641056] ? lock_downgrade+0x900/0x900 [ 399.645191] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 399.650717] alloc_pages_current+0x10c/0x210 [ 399.655109] ? ___might_sleep+0x1ed/0x300 [ 399.659245] pte_alloc_one+0x1b/0x1a0 [ 399.663035] __pte_alloc+0x2a/0x350 [ 399.666655] copy_page_range+0x18c5/0x26b0 [ 399.670895] ? pmd_alloc+0x180/0x180 [ 399.674595] ? save_stack+0xa9/0xd0 [ 399.678204] ? save_stack+0x43/0xd0 [ 399.681815] ? kasan_slab_alloc+0x12/0x20 [ 399.685962] ? kmem_cache_alloc+0x12e/0x730 [ 399.690269] ? vm_area_dup+0x7a/0x230 [ 399.694050] ? copy_process+0x42a0/0x8780 [ 399.698176] ? _do_fork+0x1cb/0x11d0 [ 399.701873] ? __x64_sys_clone+0xbf/0x150 [ 399.706007] ? do_syscall_64+0x1b9/0x820 [ 399.710090] ? graph_lock+0x170/0x170 [ 399.713873] ? lock_downgrade+0x900/0x900 [ 399.718002] ? graph_lock+0x170/0x170 [ 399.721788] ? kasan_check_read+0x11/0x20 [ 399.726183] ? graph_lock+0x170/0x170 [ 399.729968] ? find_held_lock+0x36/0x1c0 [ 399.734016] ? copy_process+0x454b/0x8780 [ 399.738146] ? lock_downgrade+0x900/0x900 [ 399.742281] ? lock_release+0x970/0x970 [ 399.746239] ? arch_local_save_flags+0x40/0x40 [ 399.750819] ? dup_userfaultfd+0x6d8/0x890 [ 399.755065] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 399.760063] ? vma_compute_subtree_gap+0x160/0x240 [ 399.764995] ? validate_mm_rb+0xaa/0xc0 [ 399.768956] ? __vma_link_rb+0x26c/0x370 [ 399.773009] copy_process+0x4721/0x8780 [ 399.776988] ? __cleanup_sighand+0x70/0x70 [ 399.781214] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 399.786738] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 399.792268] ? page_swapcount+0x1d0/0x1d0 [ 399.796406] ? graph_lock+0x170/0x170 [ 399.800201] ? update_curr+0x4cf/0xbe0 [ 399.804075] ? __lock_acquire+0x7ec/0x4ec0 [ 399.808310] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 399.814100] ? __lock_is_held+0xb5/0x140 [ 399.818154] ? mark_held_locks+0x130/0x130 [ 399.822375] ? print_usage_bug+0xc0/0xc0 [ 399.826431] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.831957] ? check_preemption_disabled+0x48/0x200 [ 399.836963] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.842495] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 399.847849] ? print_usage_bug+0xc0/0xc0 [ 399.851905] ? __lock_acquire+0x7ec/0x4ec0 [ 399.856127] ? trace_hardirqs_on_caller+0x310/0x310 [ 399.861146] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.866691] ? check_preemption_disabled+0x48/0x200 [ 399.871703] ? print_usage_bug+0xc0/0xc0 [ 399.875775] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 399.881308] ? reuse_swap_page+0x4bd/0x1520 [ 399.885623] ? swp_swapcount+0x530/0x530 [ 399.889674] ? find_held_lock+0x36/0x1c0 [ 399.893727] ? __lock_acquire+0x7ec/0x4ec0 [ 399.897945] ? mark_held_locks+0x130/0x130 [ 399.902175] ? finish_task_switch+0x1f5/0x900 [ 399.906653] ? __lock_acquire+0x7ec/0x4ec0 [ 399.910877] ? mark_held_locks+0x130/0x130 [ 399.915097] ? graph_lock+0x170/0x170 [ 399.918881] ? mark_held_locks+0x130/0x130 [ 399.923103] ? check_preemption_disabled+0x48/0x200 [ 399.928106] ? check_preemption_disabled+0x48/0x200 [ 399.933124] ? find_held_lock+0x36/0x1c0 [ 399.937174] ? print_usage_bug+0xc0/0xc0 [ 399.941232] ? print_usage_bug+0xc0/0xc0 [ 399.945277] ? do_wp_page+0xa6f/0x1390 [ 399.949148] ? lock_downgrade+0x900/0x900 [ 399.953296] ? wake_up_page_bit+0x6f0/0x6f0 [ 399.957606] ? kasan_check_read+0x11/0x20 [ 399.961742] ? __lock_acquire+0x7ec/0x4ec0 [ 399.965961] ? _raw_spin_unlock+0x2c/0x50 [ 399.970099] ? mark_held_locks+0x130/0x130 [ 399.974318] ? find_held_lock+0x36/0x1c0 [ 399.978378] ? lock_release+0x970/0x970 [ 399.982340] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 399.987863] ? kasan_check_write+0x14/0x20 [ 399.992085] ? do_raw_spin_lock+0xc1/0x200 [ 399.996305] ? error_exit+0xb/0x20 [ 399.999829] ? error_exit+0xb/0x20 [ 400.003352] ? trace_hardirqs_off_caller+0xbb/0x310 [ 400.008357] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.013186] ? trace_hardirqs_on_caller+0x310/0x310 [ 400.018183] ? graph_lock+0x170/0x170 [ 400.021966] ? graph_lock+0x170/0x170 [ 400.025752] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.030593] ? native_iret+0x7/0x7 [ 400.034121] ? find_held_lock+0x36/0x1c0 [ 400.038173] _do_fork+0x1cb/0x11d0 [ 400.041702] ? fork_idle+0x1d0/0x1d0 [ 400.045400] ? lock_downgrade+0x900/0x900 [ 400.049552] ? kasan_check_read+0x11/0x20 [ 400.053687] ? _copy_to_user+0xc8/0x110 [ 400.057652] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.063192] ? put_timespec64+0x10f/0x1b0 [ 400.067325] ? nsecs_to_jiffies+0x30/0x30 [ 400.071507] ? do_syscall_64+0x9a/0x820 [ 400.075470] ? do_syscall_64+0x9a/0x820 [ 400.079437] ? lockdep_hardirqs_on+0x421/0x5c0 [ 400.084011] ? trace_hardirqs_on+0xbd/0x310 [ 400.088332] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.093856] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 400.099212] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 400.104653] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.110179] __x64_sys_clone+0xbf/0x150 [ 400.114144] do_syscall_64+0x1b9/0x820 [ 400.118019] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 400.123370] ? syscall_return_slowpath+0x5e0/0x5e0 [ 400.128306] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.133138] ? trace_hardirqs_on_caller+0x310/0x310 [ 400.138164] ? prepare_exit_to_usermode+0x291/0x3b0 [ 400.143174] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.148009] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 400.153188] RIP: 0033:0x455b4a [ 400.156369] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 400.175258] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 400.182954] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 400.190205] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 400.197469] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 400.204736] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 400.211993] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 400.220547] Memory limit reached of cgroup /syz5 [ 400.225462] memory: usage 205668kB, limit 204800kB, failcnt 1614 [ 400.231635] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 400.238457] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 400.244625] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 400.264503] Out of memory and no killable processes... [ 400.271190] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 400.284130] syz-executor5 cpuset=syz5 mems_allowed=0 [ 400.289360] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 400.296538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 400.305878] Call Trace: [ 400.308460] dump_stack+0x1c4/0x2b4 [ 400.312085] ? dump_stack_print_info.cold.2+0x52/0x52 [ 400.317268] dump_header+0x27b/0xf72 [ 400.320988] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 400.326776] ? kasan_check_read+0x11/0x20 [ 400.330952] ? pagefault_out_of_memory+0x197/0x197 [ 400.335895] ? rcu_read_unlock+0x33/0x60 [ 400.339945] ? mem_cgroup_iter+0x514/0x1160 [ 400.344265] ? find_held_lock+0x36/0x1c0 [ 400.348316] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 400.353073] ? mark_held_locks+0xc7/0x130 [ 400.357207] ? _raw_spin_unlock_irq+0x27/0x80 [ 400.361700] ? _raw_spin_unlock_irq+0x27/0x80 [ 400.366209] ? lockdep_hardirqs_on+0x421/0x5c0 [ 400.370806] ? trace_hardirqs_on+0xbd/0x310 [ 400.375118] ? kasan_check_read+0x11/0x20 [ 400.379257] ? css_task_iter_end+0x222/0x490 [ 400.383661] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 400.389101] ? kasan_check_write+0x14/0x20 [ 400.393329] ? do_raw_spin_lock+0xc1/0x200 [ 400.397565] ? _raw_spin_unlock_irq+0x60/0x80 [ 400.402062] ? css_task_iter_end+0x2ce/0x490 [ 400.406495] ? cgroup_procs_next+0x70/0x70 [ 400.410725] ? _raw_spin_unlock_irq+0x60/0x80 [ 400.415210] ? oom_badness+0xaa0/0xaa0 [ 400.419086] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 400.423856] ? mem_cgroup_iter_break+0x30/0x30 [ 400.428440] ? mark_held_locks+0xc7/0x130 [ 400.432579] out_of_memory.cold.30+0xf/0x184 [ 400.436975] ? lockdep_hardirqs_on+0x421/0x5c0 [ 400.441543] ? kasan_check_read+0x11/0x20 [ 400.445678] ? oom_killer_disable+0x3a0/0x3a0 [ 400.450154] ? kasan_check_write+0x14/0x20 [ 400.454373] ? do_raw_spin_lock+0xc1/0x200 [ 400.458605] mem_cgroup_out_of_memory+0x15e/0x210 [ 400.463441] ? memcg_memory_event+0x40/0x40 [ 400.467760] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 400.472596] ? page_counter_try_charge+0x1c1/0x220 [ 400.477527] try_charge+0xc43/0x1690 [ 400.481234] ? lock_downgrade+0x900/0x900 [ 400.485383] ? check_preemption_disabled+0x48/0x200 [ 400.490425] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 400.496474] ? find_held_lock+0x36/0x1c0 [ 400.500537] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 400.505364] ? lock_downgrade+0x900/0x900 [ 400.509497] ? check_preemption_disabled+0x48/0x200 [ 400.514505] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 400.520303] ? kasan_check_read+0x11/0x20 [ 400.524442] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 400.529707] ? rcu_bh_qs+0xc0/0xc0 [ 400.533261] ? get_mem_cgroup_from_mm+0x206/0x440 [ 400.538099] memcg_kmem_charge_memcg+0x7c/0x120 [ 400.542779] ? memcg_kmem_put_cache+0xb0/0xb0 [ 400.547269] ? print_usage_bug+0xc0/0xc0 [ 400.551320] memcg_kmem_charge+0x135/0x300 [ 400.555548] __alloc_pages_nodemask+0x72e/0xde0 [ 400.560228] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 400.565233] ? __lock_acquire+0x7ec/0x4ec0 [ 400.569467] ? check_preemption_disabled+0x48/0x200 [ 400.574487] ? graph_lock+0x170/0x170 [ 400.578272] ? find_held_lock+0x36/0x1c0 [ 400.582327] ? __lock_is_held+0xb5/0x140 [ 400.586394] ? lock_downgrade+0x900/0x900 [ 400.590555] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 400.596078] alloc_pages_current+0x10c/0x210 [ 400.600468] ? ___might_sleep+0x1ed/0x300 [ 400.604606] pte_alloc_one+0x1b/0x1a0 [ 400.608394] __pte_alloc+0x2a/0x350 [ 400.612011] copy_page_range+0x18c5/0x26b0 [ 400.616254] ? pmd_alloc+0x180/0x180 [ 400.619955] ? save_stack+0xa9/0xd0 [ 400.623562] ? save_stack+0x43/0xd0 [ 400.627169] ? kasan_slab_alloc+0x12/0x20 [ 400.631298] ? kmem_cache_alloc+0x12e/0x730 [ 400.635602] ? vm_area_dup+0x7a/0x230 [ 400.639401] ? copy_process+0x42a0/0x8780 [ 400.643537] ? _do_fork+0x1cb/0x11d0 [ 400.647230] ? __x64_sys_clone+0xbf/0x150 [ 400.651377] ? do_syscall_64+0x1b9/0x820 [ 400.655431] ? graph_lock+0x170/0x170 [ 400.659214] ? lock_downgrade+0x900/0x900 [ 400.663342] ? graph_lock+0x170/0x170 [ 400.667125] ? graph_lock+0x170/0x170 [ 400.670911] ? find_held_lock+0x36/0x1c0 [ 400.674963] ? copy_process+0x454b/0x8780 [ 400.679094] ? lock_downgrade+0x900/0x900 [ 400.683229] ? lock_release+0x970/0x970 [ 400.687184] ? arch_local_save_flags+0x40/0x40 [ 400.691747] ? dup_userfaultfd+0x6d8/0x890 [ 400.695969] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 400.700990] ? vma_compute_subtree_gap+0x160/0x240 [ 400.705918] ? validate_mm_rb+0xaa/0xc0 [ 400.709901] ? __vma_link_rb+0x26c/0x370 [ 400.713946] copy_process+0x4721/0x8780 [ 400.717932] ? __cleanup_sighand+0x70/0x70 [ 400.722151] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.727669] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 400.733195] ? page_swapcount+0x1d0/0x1d0 [ 400.737333] ? graph_lock+0x170/0x170 [ 400.741130] ? update_curr+0x4cf/0xbe0 [ 400.745002] ? __lock_acquire+0x7ec/0x4ec0 [ 400.749220] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 400.755003] ? __lock_is_held+0xb5/0x140 [ 400.759048] ? mark_held_locks+0x130/0x130 [ 400.763270] ? print_usage_bug+0xc0/0xc0 [ 400.767324] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.772848] ? check_preemption_disabled+0x48/0x200 [ 400.777865] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.783390] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 400.788745] ? print_usage_bug+0xc0/0xc0 [ 400.792790] ? __lock_acquire+0x7ec/0x4ec0 [ 400.797009] ? trace_hardirqs_on_caller+0x310/0x310 [ 400.802007] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.807536] ? check_preemption_disabled+0x48/0x200 [ 400.812567] ? print_usage_bug+0xc0/0xc0 [ 400.816626] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 400.822151] ? reuse_swap_page+0x4bd/0x1520 [ 400.826505] ? swp_swapcount+0x530/0x530 [ 400.830551] ? find_held_lock+0x36/0x1c0 [ 400.834600] ? __lock_acquire+0x7ec/0x4ec0 [ 400.838828] ? mark_held_locks+0x130/0x130 [ 400.843059] ? finish_task_switch+0x1f5/0x900 [ 400.847540] ? __lock_acquire+0x7ec/0x4ec0 [ 400.851762] ? mark_held_locks+0x130/0x130 [ 400.855983] ? graph_lock+0x170/0x170 [ 400.859775] ? mark_held_locks+0x130/0x130 [ 400.863998] ? check_preemption_disabled+0x48/0x200 [ 400.868999] ? check_preemption_disabled+0x48/0x200 [ 400.874006] ? find_held_lock+0x36/0x1c0 [ 400.878049] ? print_usage_bug+0xc0/0xc0 [ 400.882111] ? print_usage_bug+0xc0/0xc0 [ 400.886160] ? do_wp_page+0xa6f/0x1390 [ 400.890026] ? lock_downgrade+0x900/0x900 [ 400.894183] ? wake_up_page_bit+0x6f0/0x6f0 [ 400.898493] ? kasan_check_read+0x11/0x20 [ 400.902632] ? __lock_acquire+0x7ec/0x4ec0 [ 400.906850] ? _raw_spin_unlock+0x2c/0x50 [ 400.910991] ? mark_held_locks+0x130/0x130 [ 400.915220] ? find_held_lock+0x36/0x1c0 [ 400.919264] ? lock_release+0x970/0x970 [ 400.923227] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 400.928752] ? kasan_check_write+0x14/0x20 [ 400.932970] ? do_raw_spin_lock+0xc1/0x200 [ 400.937220] ? error_exit+0xb/0x20 [ 400.940749] ? error_exit+0xb/0x20 [ 400.944270] ? trace_hardirqs_off_caller+0xbb/0x310 [ 400.949271] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.954102] ? trace_hardirqs_on_caller+0x310/0x310 [ 400.959105] ? graph_lock+0x170/0x170 [ 400.962900] ? graph_lock+0x170/0x170 [ 400.966685] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 400.971512] ? native_iret+0x7/0x7 [ 400.975039] ? find_held_lock+0x36/0x1c0 [ 400.979090] _do_fork+0x1cb/0x11d0 [ 400.982615] ? fork_idle+0x1d0/0x1d0 [ 400.986311] ? lock_downgrade+0x900/0x900 [ 400.990456] ? kasan_check_read+0x11/0x20 [ 400.994588] ? _copy_to_user+0xc8/0x110 [ 400.998547] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.004068] ? put_timespec64+0x10f/0x1b0 [ 401.008200] ? nsecs_to_jiffies+0x30/0x30 [ 401.012334] ? do_syscall_64+0x9a/0x820 [ 401.016294] ? do_syscall_64+0x9a/0x820 [ 401.020255] ? lockdep_hardirqs_on+0x421/0x5c0 [ 401.024824] ? trace_hardirqs_on+0xbd/0x310 [ 401.029132] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.034655] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 401.040006] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 401.045440] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.050966] __x64_sys_clone+0xbf/0x150 [ 401.054949] do_syscall_64+0x1b9/0x820 [ 401.058834] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 401.064186] ? syscall_return_slowpath+0x5e0/0x5e0 [ 401.069120] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.073951] ? trace_hardirqs_on_caller+0x310/0x310 [ 401.078972] ? prepare_exit_to_usermode+0x291/0x3b0 [ 401.083982] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.088823] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 401.094014] RIP: 0033:0x455b4a [ 401.097194] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 401.116086] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 401.123779] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 401.131048] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 401.138308] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 401.145586] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 401.152850] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 401.160463] Memory limit reached of cgroup /syz5 [ 401.165495] memory: usage 205672kB, limit 204800kB, failcnt 1622 [ 401.171737] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 401.178661] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 401.184983] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 401.204984] Out of memory and no killable processes... [ 401.211568] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 401.224492] syz-executor5 cpuset=syz5 mems_allowed=0 [ 401.229705] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 401.236889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 401.247636] Call Trace: [ 401.250228] dump_stack+0x1c4/0x2b4 [ 401.253838] ? dump_stack_print_info.cold.2+0x52/0x52 [ 401.259030] dump_header+0x27b/0xf72 [ 401.262744] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 401.268521] ? kasan_check_read+0x11/0x20 [ 401.272652] ? pagefault_out_of_memory+0x197/0x197 [ 401.277572] ? rcu_read_unlock+0x33/0x60 [ 401.281618] ? mem_cgroup_iter+0x514/0x1160 [ 401.285960] ? find_held_lock+0x36/0x1c0 [ 401.290008] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 401.294756] ? mark_held_locks+0xc7/0x130 [ 401.298885] ? _raw_spin_unlock_irq+0x27/0x80 [ 401.303364] ? _raw_spin_unlock_irq+0x27/0x80 [ 401.307869] ? lockdep_hardirqs_on+0x421/0x5c0 [ 401.312448] ? trace_hardirqs_on+0xbd/0x310 [ 401.316768] ? kasan_check_read+0x11/0x20 [ 401.320905] ? css_task_iter_end+0x222/0x490 [ 401.325300] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 401.330732] ? kasan_check_write+0x14/0x20 [ 401.334946] ? do_raw_spin_lock+0xc1/0x200 [ 401.339162] ? _raw_spin_unlock_irq+0x60/0x80 [ 401.343640] ? css_task_iter_end+0x2ce/0x490 [ 401.348031] ? cgroup_procs_next+0x70/0x70 [ 401.352273] ? _raw_spin_unlock_irq+0x60/0x80 [ 401.356754] ? oom_badness+0xaa0/0xaa0 [ 401.360646] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 401.365413] ? mem_cgroup_iter_break+0x30/0x30 [ 401.370026] ? mark_held_locks+0xc7/0x130 [ 401.374174] out_of_memory.cold.30+0xf/0x184 [ 401.378568] ? lockdep_hardirqs_on+0x421/0x5c0 [ 401.383131] ? kasan_check_read+0x11/0x20 [ 401.387260] ? oom_killer_disable+0x3a0/0x3a0 [ 401.391738] ? kasan_check_write+0x14/0x20 [ 401.395954] ? do_raw_spin_lock+0xc1/0x200 [ 401.400175] mem_cgroup_out_of_memory+0x15e/0x210 [ 401.404998] ? memcg_memory_event+0x40/0x40 [ 401.409316] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 401.414160] ? page_counter_try_charge+0x1c1/0x220 [ 401.419074] try_charge+0xc43/0x1690 [ 401.422769] ? lock_downgrade+0x900/0x900 [ 401.426898] ? check_preemption_disabled+0x48/0x200 [ 401.431901] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 401.437962] ? find_held_lock+0x36/0x1c0 [ 401.442095] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 401.446922] ? lock_downgrade+0x900/0x900 [ 401.451058] ? check_preemption_disabled+0x48/0x200 [ 401.456064] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 401.461841] ? kasan_check_read+0x11/0x20 [ 401.465987] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 401.471276] ? rcu_bh_qs+0xc0/0xc0 [ 401.474821] ? get_mem_cgroup_from_mm+0x206/0x440 [ 401.479653] memcg_kmem_charge_memcg+0x7c/0x120 [ 401.484305] ? memcg_kmem_put_cache+0xb0/0xb0 [ 401.488788] ? print_usage_bug+0xc0/0xc0 [ 401.492839] memcg_kmem_charge+0x135/0x300 [ 401.497063] __alloc_pages_nodemask+0x72e/0xde0 [ 401.501725] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 401.506752] ? __lock_acquire+0x7ec/0x4ec0 [ 401.510976] ? check_preemption_disabled+0x48/0x200 [ 401.515987] ? graph_lock+0x170/0x170 [ 401.519789] ? find_held_lock+0x36/0x1c0 [ 401.523845] ? __lock_is_held+0xb5/0x140 [ 401.527903] ? lock_downgrade+0x900/0x900 [ 401.532055] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 401.537606] alloc_pages_current+0x10c/0x210 [ 401.542001] ? ___might_sleep+0x1ed/0x300 [ 401.546144] pte_alloc_one+0x1b/0x1a0 [ 401.550020] __pte_alloc+0x2a/0x350 [ 401.553644] copy_page_range+0x18c5/0x26b0 [ 401.557882] ? pmd_alloc+0x180/0x180 [ 401.561583] ? save_stack+0xa9/0xd0 [ 401.565195] ? save_stack+0x43/0xd0 [ 401.568807] ? kasan_slab_alloc+0x12/0x20 [ 401.572938] ? kmem_cache_alloc+0x12e/0x730 [ 401.577244] ? vm_area_dup+0x7a/0x230 [ 401.581055] ? copy_process+0x42a0/0x8780 [ 401.585191] ? _do_fork+0x1cb/0x11d0 [ 401.588882] ? __x64_sys_clone+0xbf/0x150 [ 401.593006] ? do_syscall_64+0x1b9/0x820 [ 401.597063] ? graph_lock+0x170/0x170 [ 401.600844] ? lock_downgrade+0x900/0x900 [ 401.605301] ? graph_lock+0x170/0x170 [ 401.609090] ? graph_lock+0x170/0x170 [ 401.612875] ? find_held_lock+0x36/0x1c0 [ 401.616924] ? copy_process+0x454b/0x8780 [ 401.621054] ? lock_downgrade+0x900/0x900 [ 401.625187] ? lock_release+0x970/0x970 [ 401.629155] ? arch_local_save_flags+0x40/0x40 [ 401.633720] ? dup_userfaultfd+0x6d8/0x890 [ 401.637956] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 401.642954] ? vma_compute_subtree_gap+0x160/0x240 [ 401.647868] ? validate_mm_rb+0xaa/0xc0 [ 401.651828] ? __vma_link_rb+0x26c/0x370 [ 401.655878] copy_process+0x4721/0x8780 [ 401.659851] ? __cleanup_sighand+0x70/0x70 [ 401.664078] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.669604] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 401.675135] ? page_swapcount+0x1d0/0x1d0 [ 401.679265] ? graph_lock+0x170/0x170 [ 401.683052] ? update_curr+0x4cf/0xbe0 [ 401.686937] ? __lock_acquire+0x7ec/0x4ec0 [ 401.691160] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 401.696944] ? __lock_is_held+0xb5/0x140 [ 401.700990] ? mark_held_locks+0x130/0x130 [ 401.705214] ? print_usage_bug+0xc0/0xc0 [ 401.709284] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.715136] ? check_preemption_disabled+0x48/0x200 [ 401.720141] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.725683] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 401.731032] ? print_usage_bug+0xc0/0xc0 [ 401.735094] ? __lock_acquire+0x7ec/0x4ec0 [ 401.739324] ? trace_hardirqs_on_caller+0x310/0x310 [ 401.744323] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.749849] ? check_preemption_disabled+0x48/0x200 [ 401.754854] ? print_usage_bug+0xc0/0xc0 [ 401.758900] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.764424] ? reuse_swap_page+0x4bd/0x1520 [ 401.768731] ? swp_swapcount+0x530/0x530 [ 401.772773] ? find_held_lock+0x36/0x1c0 [ 401.776822] ? __lock_acquire+0x7ec/0x4ec0 [ 401.781039] ? mark_held_locks+0x130/0x130 [ 401.785268] ? finish_task_switch+0x1f5/0x900 [ 401.789749] ? __lock_acquire+0x7ec/0x4ec0 [ 401.793970] ? mark_held_locks+0x130/0x130 [ 401.798192] ? graph_lock+0x170/0x170 [ 401.801977] ? mark_held_locks+0x130/0x130 [ 401.806216] ? check_preemption_disabled+0x48/0x200 [ 401.811220] ? check_preemption_disabled+0x48/0x200 [ 401.816243] ? find_held_lock+0x36/0x1c0 [ 401.820288] ? print_usage_bug+0xc0/0xc0 [ 401.824332] ? print_usage_bug+0xc0/0xc0 [ 401.828381] ? do_wp_page+0xa6f/0x1390 [ 401.832255] ? lock_downgrade+0x900/0x900 [ 401.836388] ? wake_up_page_bit+0x6f0/0x6f0 [ 401.840694] ? kasan_check_read+0x11/0x20 [ 401.844834] ? __lock_acquire+0x7ec/0x4ec0 [ 401.849054] ? _raw_spin_unlock+0x2c/0x50 [ 401.853189] ? mark_held_locks+0x130/0x130 [ 401.857426] ? find_held_lock+0x36/0x1c0 [ 401.861490] ? lock_release+0x970/0x970 [ 401.865497] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.871067] ? kasan_check_write+0x14/0x20 [ 401.875286] ? do_raw_spin_lock+0xc1/0x200 [ 401.879513] ? error_exit+0xb/0x20 [ 401.883046] ? error_exit+0xb/0x20 [ 401.886574] ? trace_hardirqs_off_caller+0xbb/0x310 [ 401.891576] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.896406] ? trace_hardirqs_on_caller+0x310/0x310 [ 401.901428] ? graph_lock+0x170/0x170 [ 401.905221] ? graph_lock+0x170/0x170 [ 401.909015] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 401.913846] ? native_iret+0x7/0x7 [ 401.917388] ? find_held_lock+0x36/0x1c0 [ 401.921443] _do_fork+0x1cb/0x11d0 [ 401.924987] ? fork_idle+0x1d0/0x1d0 [ 401.928686] ? lock_downgrade+0x900/0x900 [ 401.932841] ? kasan_check_read+0x11/0x20 [ 401.936977] ? _copy_to_user+0xc8/0x110 [ 401.940942] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 401.946464] ? put_timespec64+0x10f/0x1b0 [ 401.950600] ? nsecs_to_jiffies+0x30/0x30 [ 401.954732] ? do_syscall_64+0x9a/0x820 [ 401.958724] ? do_syscall_64+0x9a/0x820 [ 401.962682] ? lockdep_hardirqs_on+0x421/0x5c0 [ 401.967251] ? trace_hardirqs_on+0xbd/0x310 [ 401.971558] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.977081] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 401.982436] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 401.987869] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 401.993392] __x64_sys_clone+0xbf/0x150 [ 401.997362] do_syscall_64+0x1b9/0x820 [ 402.001236] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 402.006601] ? syscall_return_slowpath+0x5e0/0x5e0 [ 402.011515] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.016343] ? trace_hardirqs_on_caller+0x310/0x310 [ 402.021346] ? prepare_exit_to_usermode+0x291/0x3b0 [ 402.026350] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.031178] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.036349] RIP: 0033:0x455b4a [ 402.039528] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 402.058412] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 402.066112] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 402.073363] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 402.080615] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 402.087866] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 402.095116] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 402.103391] Memory limit reached of cgroup /syz5 [ 402.108282] memory: usage 205676kB, limit 204800kB, failcnt 1630 [ 402.114431] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 402.121283] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 402.127518] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 402.147358] Out of memory and no killable processes... [ 402.154027] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 402.167038] syz-executor5 cpuset=syz5 mems_allowed=0 [ 402.172170] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 402.179346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 402.188679] Call Trace: [ 402.191252] dump_stack+0x1c4/0x2b4 [ 402.194866] ? dump_stack_print_info.cold.2+0x52/0x52 [ 402.200043] dump_header+0x27b/0xf72 [ 402.203744] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 402.209521] ? kasan_check_read+0x11/0x20 [ 402.213653] ? pagefault_out_of_memory+0x197/0x197 [ 402.218569] ? rcu_read_unlock+0x33/0x60 [ 402.222611] ? mem_cgroup_iter+0x514/0x1160 [ 402.226915] ? find_held_lock+0x36/0x1c0 [ 402.230960] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 402.235699] ? mark_held_locks+0xc7/0x130 [ 402.239829] ? _raw_spin_unlock_irq+0x27/0x80 [ 402.244305] ? _raw_spin_unlock_irq+0x27/0x80 [ 402.248782] ? lockdep_hardirqs_on+0x421/0x5c0 [ 402.253348] ? trace_hardirqs_on+0xbd/0x310 [ 402.257649] ? kasan_check_read+0x11/0x20 [ 402.261779] ? css_task_iter_end+0x222/0x490 [ 402.266188] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 402.271623] ? kasan_check_write+0x14/0x20 [ 402.275841] ? do_raw_spin_lock+0xc1/0x200 [ 402.280069] ? _raw_spin_unlock_irq+0x60/0x80 [ 402.284547] ? css_task_iter_end+0x2ce/0x490 [ 402.288953] ? cgroup_procs_next+0x70/0x70 [ 402.293184] ? _raw_spin_unlock_irq+0x60/0x80 [ 402.297661] ? oom_badness+0xaa0/0xaa0 [ 402.301530] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 402.306281] ? mem_cgroup_iter_break+0x30/0x30 [ 402.310848] ? mark_held_locks+0xc7/0x130 [ 402.314978] out_of_memory.cold.30+0xf/0x184 [ 402.319366] ? lockdep_hardirqs_on+0x421/0x5c0 [ 402.323926] ? kasan_check_read+0x11/0x20 [ 402.328057] ? oom_killer_disable+0x3a0/0x3a0 [ 402.332534] ? kasan_check_write+0x14/0x20 [ 402.336753] ? do_raw_spin_lock+0xc1/0x200 [ 402.341011] mem_cgroup_out_of_memory+0x15e/0x210 [ 402.345837] ? memcg_memory_event+0x40/0x40 [ 402.350138] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 402.354974] ? page_counter_try_charge+0x1c1/0x220 [ 402.359887] try_charge+0xc43/0x1690 [ 402.363583] ? lock_downgrade+0x900/0x900 [ 402.367715] ? check_preemption_disabled+0x48/0x200 [ 402.372718] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 402.378760] ? find_held_lock+0x36/0x1c0 [ 402.382806] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 402.387628] ? lock_downgrade+0x900/0x900 [ 402.391759] ? check_preemption_disabled+0x48/0x200 [ 402.396761] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 402.402537] ? kasan_check_read+0x11/0x20 [ 402.406672] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 402.411933] ? rcu_bh_qs+0xc0/0xc0 [ 402.415474] ? get_mem_cgroup_from_mm+0x206/0x440 [ 402.420308] memcg_kmem_charge_memcg+0x7c/0x120 [ 402.424981] ? memcg_kmem_put_cache+0xb0/0xb0 [ 402.429468] ? save_stack+0x43/0xd0 [ 402.433079] ? kasan_slab_alloc+0x12/0x20 [ 402.437214] memcg_kmem_charge+0x135/0x300 [ 402.441442] __alloc_pages_nodemask+0x72e/0xde0 [ 402.446096] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 402.451092] ? find_held_lock+0x36/0x1c0 [ 402.455136] ? print_usage_bug+0xc0/0xc0 [ 402.459188] ? find_held_lock+0x36/0x1c0 [ 402.463232] ? __lock_acquire+0x7ec/0x4ec0 [ 402.467449] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 402.472968] alloc_pages_current+0x10c/0x210 [ 402.477362] get_zeroed_page+0x14/0x50 [ 402.481232] __pud_alloc+0x3b/0x240 [ 402.484855] pud_alloc+0xe1/0x150 [ 402.488307] copy_page_range+0x439/0x26b0 [ 402.492445] ? rb_insert_color_cached+0x14b0/0x14b0 [ 402.497450] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 402.502451] ? vma_compute_subtree_gap+0x160/0x240 [ 402.507369] ? __rb_insert_augmented+0x3b2/0x1890 [ 402.512199] ? pmd_alloc+0x180/0x180 [ 402.515937] ? graph_lock+0x170/0x170 [ 402.519736] ? kasan_slab_alloc+0x12/0x20 [ 402.523867] ? kmem_cache_alloc+0x12e/0x730 [ 402.528185] ? graph_lock+0x170/0x170 [ 402.531966] ? __x64_sys_clone+0xbf/0x150 [ 402.536106] ? do_syscall_64+0x1b9/0x820 [ 402.540148] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.545509] ? find_held_lock+0x36/0x1c0 [ 402.549560] ? anon_vma_fork+0x5ef/0x820 [ 402.553623] ? lock_downgrade+0x900/0x900 [ 402.557759] ? lock_release+0x970/0x970 [ 402.561717] ? arch_local_save_flags+0x40/0x40 [ 402.566283] ? __lock_is_held+0xb5/0x140 [ 402.570332] ? up_write+0x7b/0x220 [ 402.573854] ? up_read+0x110/0x110 [ 402.577378] ? anon_vma_interval_tree_insert+0x2c9/0x370 [ 402.582818] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 402.587820] ? vma_compute_subtree_gap+0x160/0x240 [ 402.592750] ? validate_mm_rb+0xaa/0xc0 [ 402.596710] ? __vma_link_rb+0x26c/0x370 [ 402.600760] copy_process+0x4721/0x8780 [ 402.604732] ? __cleanup_sighand+0x70/0x70 [ 402.608969] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 402.614531] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 402.620083] ? page_swapcount+0x1d0/0x1d0 [ 402.624214] ? graph_lock+0x170/0x170 [ 402.627999] ? update_curr+0x4cf/0xbe0 [ 402.631872] ? __lock_acquire+0x7ec/0x4ec0 [ 402.636118] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 402.641916] ? __lock_is_held+0xb5/0x140 [ 402.646000] ? mark_held_locks+0x130/0x130 [ 402.650235] ? print_usage_bug+0xc0/0xc0 [ 402.654279] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.659804] ? check_preemption_disabled+0x48/0x200 [ 402.664815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.670337] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 402.675694] ? print_usage_bug+0xc0/0xc0 [ 402.679753] ? __lock_acquire+0x7ec/0x4ec0 [ 402.683998] ? trace_hardirqs_on_caller+0x310/0x310 [ 402.689002] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.694537] ? check_preemption_disabled+0x48/0x200 [ 402.699539] ? print_usage_bug+0xc0/0xc0 [ 402.703588] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.709109] ? reuse_swap_page+0x4bd/0x1520 [ 402.713424] ? swp_swapcount+0x530/0x530 [ 402.717477] ? find_held_lock+0x36/0x1c0 [ 402.721538] ? __lock_acquire+0x7ec/0x4ec0 [ 402.725759] ? mark_held_locks+0x130/0x130 [ 402.729979] ? finish_task_switch+0x1f5/0x900 [ 402.734471] ? __lock_acquire+0x7ec/0x4ec0 [ 402.738697] ? mark_held_locks+0x130/0x130 [ 402.742914] ? graph_lock+0x170/0x170 [ 402.746700] ? mark_held_locks+0x130/0x130 [ 402.750939] ? check_preemption_disabled+0x48/0x200 [ 402.755942] ? check_preemption_disabled+0x48/0x200 [ 402.760956] ? find_held_lock+0x36/0x1c0 [ 402.765004] ? print_usage_bug+0xc0/0xc0 [ 402.769046] ? print_usage_bug+0xc0/0xc0 [ 402.773090] ? do_wp_page+0xa6f/0x1390 [ 402.776961] ? lock_downgrade+0x900/0x900 [ 402.781089] ? wake_up_page_bit+0x6f0/0x6f0 [ 402.785393] ? kasan_check_read+0x11/0x20 [ 402.789534] ? __lock_acquire+0x7ec/0x4ec0 [ 402.793752] ? _raw_spin_unlock+0x2c/0x50 [ 402.797890] ? mark_held_locks+0x130/0x130 [ 402.802108] ? find_held_lock+0x36/0x1c0 [ 402.806165] ? lock_release+0x970/0x970 [ 402.810124] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 402.815648] ? kasan_check_write+0x14/0x20 [ 402.819868] ? do_raw_spin_lock+0xc1/0x200 [ 402.824109] ? error_exit+0xb/0x20 [ 402.827633] ? error_exit+0xb/0x20 [ 402.831173] ? trace_hardirqs_off_caller+0xbb/0x310 [ 402.836189] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.841015] ? trace_hardirqs_on_caller+0x310/0x310 [ 402.846015] ? graph_lock+0x170/0x170 [ 402.849826] ? graph_lock+0x170/0x170 [ 402.853620] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.858452] ? native_iret+0x7/0x7 [ 402.861980] ? find_held_lock+0x36/0x1c0 [ 402.866036] _do_fork+0x1cb/0x11d0 [ 402.869613] ? fork_idle+0x1d0/0x1d0 [ 402.873307] ? lock_downgrade+0x900/0x900 [ 402.877450] ? kasan_check_read+0x11/0x20 [ 402.881581] ? _copy_to_user+0xc8/0x110 [ 402.885542] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 402.891086] ? put_timespec64+0x10f/0x1b0 [ 402.895219] ? nsecs_to_jiffies+0x30/0x30 [ 402.899351] ? do_syscall_64+0x9a/0x820 [ 402.903308] ? do_syscall_64+0x9a/0x820 [ 402.907269] ? lockdep_hardirqs_on+0x421/0x5c0 [ 402.911834] ? trace_hardirqs_on+0xbd/0x310 [ 402.916141] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.921662] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.927025] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 402.932518] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 402.938044] __x64_sys_clone+0xbf/0x150 [ 402.942011] do_syscall_64+0x1b9/0x820 [ 402.945884] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 402.951236] ? syscall_return_slowpath+0x5e0/0x5e0 [ 402.956149] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.960976] ? trace_hardirqs_on_caller+0x310/0x310 [ 402.965983] ? prepare_exit_to_usermode+0x291/0x3b0 [ 402.971006] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 402.975851] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 402.981021] RIP: 0033:0x455b4a [ 402.984211] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 403.003122] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 403.010828] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 403.018081] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 403.025332] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 403.032585] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 403.039836] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 403.048141] Memory limit reached of cgroup /syz5 [ 403.052968] memory: usage 205640kB, limit 204800kB, failcnt 1638 [ 403.059240] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 403.066058] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 403.072194] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 403.092107] Out of memory and no killable processes... [ 403.098581] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 403.111475] syz-executor5 cpuset=syz5 mems_allowed=0 [ 403.116713] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 403.123899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 403.133229] Call Trace: [ 403.135800] dump_stack+0x1c4/0x2b4 [ 403.139411] ? dump_stack_print_info.cold.2+0x52/0x52 [ 403.144599] dump_header+0x27b/0xf72 [ 403.148300] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 403.154080] ? kasan_check_read+0x11/0x20 [ 403.158215] ? pagefault_out_of_memory+0x197/0x197 [ 403.163146] ? rcu_read_unlock+0x33/0x60 [ 403.167234] ? mem_cgroup_iter+0x514/0x1160 [ 403.171545] ? find_held_lock+0x36/0x1c0 [ 403.175589] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 403.180346] ? mark_held_locks+0xc7/0x130 [ 403.184478] ? _raw_spin_unlock_irq+0x27/0x80 [ 403.188976] ? _raw_spin_unlock_irq+0x27/0x80 [ 403.193467] ? lockdep_hardirqs_on+0x421/0x5c0 [ 403.198041] ? trace_hardirqs_on+0xbd/0x310 [ 403.202342] ? kasan_check_read+0x11/0x20 [ 403.206490] ? css_task_iter_end+0x222/0x490 [ 403.210880] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 403.216310] ? kasan_check_write+0x14/0x20 [ 403.220525] ? do_raw_spin_lock+0xc1/0x200 [ 403.224758] ? _raw_spin_unlock_irq+0x60/0x80 [ 403.229238] ? css_task_iter_end+0x2ce/0x490 [ 403.233628] ? cgroup_procs_next+0x70/0x70 [ 403.237844] ? _raw_spin_unlock_irq+0x60/0x80 [ 403.242321] ? oom_badness+0xaa0/0xaa0 [ 403.246206] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 403.250969] ? mem_cgroup_iter_break+0x30/0x30 [ 403.255559] ? mark_held_locks+0xc7/0x130 [ 403.259692] out_of_memory.cold.30+0xf/0x184 [ 403.264085] ? lockdep_hardirqs_on+0x421/0x5c0 [ 403.268663] ? kasan_check_read+0x11/0x20 [ 403.272797] ? oom_killer_disable+0x3a0/0x3a0 [ 403.277272] ? kasan_check_write+0x14/0x20 [ 403.281493] ? do_raw_spin_lock+0xc1/0x200 [ 403.285716] mem_cgroup_out_of_memory+0x15e/0x210 [ 403.290541] ? memcg_memory_event+0x40/0x40 [ 403.294854] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 403.299681] ? page_counter_try_charge+0x1c1/0x220 [ 403.304593] try_charge+0xc43/0x1690 [ 403.308293] ? lock_downgrade+0x900/0x900 [ 403.312443] ? check_preemption_disabled+0x48/0x200 [ 403.317446] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 403.323505] ? find_held_lock+0x36/0x1c0 [ 403.327566] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 403.332390] ? lock_downgrade+0x900/0x900 [ 403.336517] ? check_preemption_disabled+0x48/0x200 [ 403.341517] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 403.347292] ? kasan_check_read+0x11/0x20 [ 403.351430] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 403.356689] ? rcu_bh_qs+0xc0/0xc0 [ 403.360216] ? get_mem_cgroup_from_mm+0x206/0x440 [ 403.365044] memcg_kmem_charge_memcg+0x7c/0x120 [ 403.369694] ? memcg_kmem_put_cache+0xb0/0xb0 [ 403.374168] ? __lock_is_held+0xb5/0x140 [ 403.378228] memcg_kmem_charge+0x135/0x300 [ 403.382445] __alloc_pages_nodemask+0x72e/0xde0 [ 403.387132] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 403.392155] ? lock_downgrade+0x900/0x900 [ 403.396290] ? kasan_check_read+0x11/0x20 [ 403.400424] ? do_raw_spin_unlock+0xa7/0x2f0 [ 403.404816] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 403.409383] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 403.414901] alloc_pages_current+0x10c/0x210 [ 403.419297] __pmd_alloc+0x3e/0x450 [ 403.422908] ? __pmd+0x60/0x60 [ 403.426086] pmd_alloc+0x10f/0x180 [ 403.429626] copy_page_range+0x6cf/0x26b0 [ 403.433758] ? rb_insert_color_cached+0x14b0/0x14b0 [ 403.438759] ? vma_compute_subtree_gap+0x160/0x240 [ 403.443680] ? pmd_alloc+0x180/0x180 [ 403.447379] ? graph_lock+0x170/0x170 [ 403.451163] ? kasan_slab_alloc+0x12/0x20 [ 403.455316] ? kmem_cache_alloc+0x12e/0x730 [ 403.459616] ? graph_lock+0x170/0x170 [ 403.463397] ? __x64_sys_clone+0xbf/0x150 [ 403.467534] ? do_syscall_64+0x1b9/0x820 [ 403.471575] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 403.476928] ? find_held_lock+0x36/0x1c0 [ 403.480976] ? anon_vma_fork+0x5ef/0x820 [ 403.485021] ? lock_downgrade+0x900/0x900 [ 403.489154] ? lock_release+0x970/0x970 [ 403.493107] ? arch_local_save_flags+0x40/0x40 [ 403.497670] ? __lock_is_held+0xb5/0x140 [ 403.501717] ? up_write+0x7b/0x220 [ 403.505236] ? up_read+0x110/0x110 [ 403.508758] ? anon_vma_interval_tree_insert+0x2c9/0x370 [ 403.514197] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 403.519192] ? vma_compute_subtree_gap+0x160/0x240 [ 403.524103] ? validate_mm_rb+0xaa/0xc0 [ 403.528061] ? __vma_link_rb+0x26c/0x370 [ 403.532107] copy_process+0x4721/0x8780 [ 403.536079] ? __cleanup_sighand+0x70/0x70 [ 403.540326] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 403.545861] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 403.551409] ? page_swapcount+0x1d0/0x1d0 [ 403.555547] ? graph_lock+0x170/0x170 [ 403.559330] ? update_curr+0x4cf/0xbe0 [ 403.563200] ? __lock_acquire+0x7ec/0x4ec0 [ 403.567445] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 403.573266] ? __lock_is_held+0xb5/0x140 [ 403.577312] ? mark_held_locks+0x130/0x130 [ 403.581532] ? print_usage_bug+0xc0/0xc0 [ 403.585591] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.591113] ? check_preemption_disabled+0x48/0x200 [ 403.596112] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.601631] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 403.607187] ? print_usage_bug+0xc0/0xc0 [ 403.611240] ? __lock_acquire+0x7ec/0x4ec0 [ 403.615476] ? trace_hardirqs_on_caller+0x310/0x310 [ 403.620480] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.626003] ? check_preemption_disabled+0x48/0x200 [ 403.631001] ? print_usage_bug+0xc0/0xc0 [ 403.635047] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.640562] ? reuse_swap_page+0x4bd/0x1520 [ 403.644867] ? swp_swapcount+0x530/0x530 [ 403.648913] ? find_held_lock+0x36/0x1c0 [ 403.652958] ? __lock_acquire+0x7ec/0x4ec0 [ 403.657172] ? mark_held_locks+0x130/0x130 [ 403.661386] ? finish_task_switch+0x1f5/0x900 [ 403.665862] ? __lock_acquire+0x7ec/0x4ec0 [ 403.670083] ? mark_held_locks+0x130/0x130 [ 403.674302] ? graph_lock+0x170/0x170 [ 403.678084] ? mark_held_locks+0x130/0x130 [ 403.682303] ? check_preemption_disabled+0x48/0x200 [ 403.687300] ? check_preemption_disabled+0x48/0x200 [ 403.692305] ? find_held_lock+0x36/0x1c0 [ 403.696356] ? print_usage_bug+0xc0/0xc0 [ 403.700400] ? print_usage_bug+0xc0/0xc0 [ 403.704450] ? do_wp_page+0xa6f/0x1390 [ 403.708318] ? lock_downgrade+0x900/0x900 [ 403.712471] ? wake_up_page_bit+0x6f0/0x6f0 [ 403.717003] ? kasan_check_read+0x11/0x20 [ 403.721140] ? __lock_acquire+0x7ec/0x4ec0 [ 403.725357] ? _raw_spin_unlock+0x2c/0x50 [ 403.729514] ? mark_held_locks+0x130/0x130 [ 403.733729] ? find_held_lock+0x36/0x1c0 [ 403.737771] ? lock_release+0x970/0x970 [ 403.741730] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 403.747247] ? kasan_check_write+0x14/0x20 [ 403.751464] ? do_raw_spin_lock+0xc1/0x200 [ 403.755686] ? error_exit+0xb/0x20 [ 403.759217] ? error_exit+0xb/0x20 [ 403.762753] ? trace_hardirqs_off_caller+0xbb/0x310 [ 403.767750] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.772574] ? trace_hardirqs_on_caller+0x310/0x310 [ 403.777571] ? graph_lock+0x170/0x170 [ 403.781352] ? graph_lock+0x170/0x170 [ 403.785136] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.789964] ? native_iret+0x7/0x7 [ 403.793492] ? find_held_lock+0x36/0x1c0 [ 403.797547] _do_fork+0x1cb/0x11d0 [ 403.801072] ? fork_idle+0x1d0/0x1d0 [ 403.804766] ? lock_downgrade+0x900/0x900 [ 403.808903] ? kasan_check_read+0x11/0x20 [ 403.813030] ? _copy_to_user+0xc8/0x110 [ 403.816985] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 403.822528] ? put_timespec64+0x10f/0x1b0 [ 403.826656] ? nsecs_to_jiffies+0x30/0x30 [ 403.830789] ? do_syscall_64+0x9a/0x820 [ 403.834757] ? do_syscall_64+0x9a/0x820 [ 403.838726] ? lockdep_hardirqs_on+0x421/0x5c0 [ 403.843288] ? trace_hardirqs_on+0xbd/0x310 [ 403.847595] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.853114] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 403.858462] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 403.863898] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 403.869439] __x64_sys_clone+0xbf/0x150 [ 403.873397] do_syscall_64+0x1b9/0x820 [ 403.877279] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 403.882640] ? syscall_return_slowpath+0x5e0/0x5e0 [ 403.887552] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.892379] ? trace_hardirqs_on_caller+0x310/0x310 [ 403.897377] ? prepare_exit_to_usermode+0x291/0x3b0 [ 403.902375] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 403.907199] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 403.912370] RIP: 0033:0x455b4a [ 403.915545] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 403.934428] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 403.942127] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 403.949375] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 403.956622] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 403.963871] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 403.971131] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 403.978804] Memory limit reached of cgroup /syz5 [ 403.983634] memory: usage 205644kB, limit 204800kB, failcnt 1646 [ 403.989852] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 403.996638] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 404.002764] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 404.022585] Out of memory and no killable processes... [ 404.029022] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 404.041940] syz-executor5 cpuset=syz5 mems_allowed=0 [ 404.047151] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 404.054322] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 404.063652] Call Trace: [ 404.066236] dump_stack+0x1c4/0x2b4 [ 404.069846] ? dump_stack_print_info.cold.2+0x52/0x52 [ 404.075034] dump_header+0x27b/0xf72 [ 404.078732] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 404.084513] ? kasan_check_read+0x11/0x20 [ 404.088645] ? pagefault_out_of_memory+0x197/0x197 [ 404.093561] ? rcu_read_unlock+0x33/0x60 [ 404.097620] ? mem_cgroup_iter+0x514/0x1160 [ 404.101938] ? find_held_lock+0x36/0x1c0 [ 404.105998] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 404.110737] ? mark_held_locks+0xc7/0x130 [ 404.114868] ? _raw_spin_unlock_irq+0x27/0x80 [ 404.119360] ? _raw_spin_unlock_irq+0x27/0x80 [ 404.123839] ? lockdep_hardirqs_on+0x421/0x5c0 [ 404.128401] ? trace_hardirqs_on+0xbd/0x310 [ 404.132707] ? kasan_check_read+0x11/0x20 [ 404.136839] ? css_task_iter_end+0x222/0x490 [ 404.141228] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 404.146660] ? kasan_check_write+0x14/0x20 [ 404.150877] ? do_raw_spin_lock+0xc1/0x200 [ 404.155096] ? _raw_spin_unlock_irq+0x60/0x80 [ 404.159574] ? css_task_iter_end+0x2ce/0x490 [ 404.163965] ? cgroup_procs_next+0x70/0x70 [ 404.168189] ? _raw_spin_unlock_irq+0x60/0x80 [ 404.172665] ? oom_badness+0xaa0/0xaa0 [ 404.176535] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 404.181275] ? mem_cgroup_iter_break+0x30/0x30 [ 404.185845] ? mark_held_locks+0xc7/0x130 [ 404.189977] out_of_memory.cold.30+0xf/0x184 [ 404.194370] ? lockdep_hardirqs_on+0x421/0x5c0 [ 404.198954] ? kasan_check_read+0x11/0x20 [ 404.203087] ? oom_killer_disable+0x3a0/0x3a0 [ 404.207563] ? kasan_check_write+0x14/0x20 [ 404.211778] ? do_raw_spin_lock+0xc1/0x200 [ 404.216003] mem_cgroup_out_of_memory+0x15e/0x210 [ 404.220824] ? memcg_memory_event+0x40/0x40 [ 404.225123] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 404.229946] ? page_counter_try_charge+0x1c1/0x220 [ 404.234857] try_charge+0xc43/0x1690 [ 404.238553] ? lock_downgrade+0x900/0x900 [ 404.242683] ? check_preemption_disabled+0x48/0x200 [ 404.247686] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 404.253725] ? find_held_lock+0x36/0x1c0 [ 404.257769] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 404.262595] ? lock_downgrade+0x900/0x900 [ 404.266723] ? check_preemption_disabled+0x48/0x200 [ 404.271739] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 404.277517] ? kasan_check_read+0x11/0x20 [ 404.281644] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 404.286900] ? rcu_bh_qs+0xc0/0xc0 [ 404.290436] ? get_mem_cgroup_from_mm+0x206/0x440 [ 404.295263] memcg_kmem_charge_memcg+0x7c/0x120 [ 404.299913] ? memcg_kmem_put_cache+0xb0/0xb0 [ 404.304384] ? kasan_kmalloc+0xc7/0xe0 [ 404.308252] ? kmem_cache_alloc+0x12e/0x730 [ 404.312552] ? __pmd_alloc+0xc2/0x450 [ 404.316336] ? copy_page_range+0x6cf/0x26b0 [ 404.320639] memcg_kmem_charge+0x135/0x300 [ 404.324869] __alloc_pages_nodemask+0x72e/0xde0 [ 404.329534] ? find_held_lock+0x36/0x1c0 [ 404.333608] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 404.338609] ? find_held_lock+0x36/0x1c0 [ 404.342671] ? lock_downgrade+0x900/0x900 [ 404.346796] ? __lock_is_held+0xb5/0x140 [ 404.350840] ? kasan_check_read+0x11/0x20 [ 404.354970] ? do_raw_spin_unlock+0xa7/0x2f0 [ 404.359362] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 404.363925] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 404.369445] alloc_pages_current+0x10c/0x210 [ 404.373840] pte_alloc_one+0x1b/0x1a0 [ 404.377639] __pte_alloc+0x2a/0x350 [ 404.381252] copy_page_range+0x18c5/0x26b0 [ 404.385469] ? rb_insert_color_cached+0x14b0/0x14b0 [ 404.390508] ? pmd_alloc+0x180/0x180 [ 404.394205] ? graph_lock+0x170/0x170 [ 404.397986] ? kasan_slab_alloc+0x12/0x20 [ 404.402114] ? kmem_cache_alloc+0x12e/0x730 [ 404.406414] ? graph_lock+0x170/0x170 [ 404.410202] ? __x64_sys_clone+0xbf/0x150 [ 404.414340] ? do_syscall_64+0x1b9/0x820 [ 404.418382] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 404.423731] ? find_held_lock+0x36/0x1c0 [ 404.427779] ? anon_vma_fork+0x5ef/0x820 [ 404.431822] ? lock_downgrade+0x900/0x900 [ 404.435954] ? lock_release+0x970/0x970 [ 404.439911] ? arch_local_save_flags+0x40/0x40 [ 404.444478] ? __lock_is_held+0xb5/0x140 [ 404.448532] ? up_write+0x7b/0x220 [ 404.452051] ? up_read+0x110/0x110 [ 404.455589] ? anon_vma_interval_tree_insert+0x2c9/0x370 [ 404.461043] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 404.466039] ? vma_compute_subtree_gap+0x160/0x240 [ 404.470960] ? validate_mm_rb+0xaa/0xc0 [ 404.474940] ? __vma_link_rb+0x26c/0x370 [ 404.478986] copy_process+0x4721/0x8780 [ 404.482970] ? __cleanup_sighand+0x70/0x70 [ 404.487194] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 404.492712] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 404.498236] ? page_swapcount+0x1d0/0x1d0 [ 404.502369] ? graph_lock+0x170/0x170 [ 404.506151] ? update_curr+0x4cf/0xbe0 [ 404.510025] ? __lock_acquire+0x7ec/0x4ec0 [ 404.514257] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 404.520039] ? __lock_is_held+0xb5/0x140 [ 404.524087] ? mark_held_locks+0x130/0x130 [ 404.528311] ? print_usage_bug+0xc0/0xc0 [ 404.532357] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.537917] ? check_preemption_disabled+0x48/0x200 [ 404.542936] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.548473] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 404.553827] ? print_usage_bug+0xc0/0xc0 [ 404.557872] ? __lock_acquire+0x7ec/0x4ec0 [ 404.562092] ? trace_hardirqs_on_caller+0x310/0x310 [ 404.567092] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.572632] ? check_preemption_disabled+0x48/0x200 [ 404.577654] ? print_usage_bug+0xc0/0xc0 [ 404.581703] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.587248] ? reuse_swap_page+0x4bd/0x1520 [ 404.591564] ? swp_swapcount+0x530/0x530 [ 404.595605] ? find_held_lock+0x36/0x1c0 [ 404.599653] ? __lock_acquire+0x7ec/0x4ec0 [ 404.603867] ? mark_held_locks+0x130/0x130 [ 404.608084] ? finish_task_switch+0x1f5/0x900 [ 404.612563] ? __lock_acquire+0x7ec/0x4ec0 [ 404.616795] ? mark_held_locks+0x130/0x130 [ 404.621014] ? graph_lock+0x170/0x170 [ 404.624807] ? mark_held_locks+0x130/0x130 [ 404.629029] ? check_preemption_disabled+0x48/0x200 [ 404.634029] ? check_preemption_disabled+0x48/0x200 [ 404.639031] ? find_held_lock+0x36/0x1c0 [ 404.643083] ? print_usage_bug+0xc0/0xc0 [ 404.647141] ? print_usage_bug+0xc0/0xc0 [ 404.651200] ? do_wp_page+0xa6f/0x1390 [ 404.655070] ? lock_downgrade+0x900/0x900 [ 404.659243] ? wake_up_page_bit+0x6f0/0x6f0 [ 404.663558] ? kasan_check_read+0x11/0x20 [ 404.667695] ? __lock_acquire+0x7ec/0x4ec0 [ 404.671914] ? _raw_spin_unlock+0x2c/0x50 [ 404.676058] ? mark_held_locks+0x130/0x130 [ 404.680275] ? find_held_lock+0x36/0x1c0 [ 404.684325] ? lock_release+0x970/0x970 [ 404.688304] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 404.693831] ? kasan_check_write+0x14/0x20 [ 404.698056] ? do_raw_spin_lock+0xc1/0x200 [ 404.702278] ? error_exit+0xb/0x20 [ 404.705817] ? error_exit+0xb/0x20 [ 404.709346] ? trace_hardirqs_off_caller+0xbb/0x310 [ 404.714441] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.719268] ? trace_hardirqs_on_caller+0x310/0x310 [ 404.724305] ? graph_lock+0x170/0x170 [ 404.728093] ? graph_lock+0x170/0x170 [ 404.731883] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.736713] ? native_iret+0x7/0x7 [ 404.740253] ? find_held_lock+0x36/0x1c0 [ 404.744314] _do_fork+0x1cb/0x11d0 [ 404.747840] ? fork_idle+0x1d0/0x1d0 [ 404.751548] ? lock_downgrade+0x900/0x900 [ 404.755690] ? kasan_check_read+0x11/0x20 [ 404.759824] ? _copy_to_user+0xc8/0x110 [ 404.763783] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 404.769302] ? put_timespec64+0x10f/0x1b0 [ 404.773434] ? nsecs_to_jiffies+0x30/0x30 [ 404.777567] ? do_syscall_64+0x9a/0x820 [ 404.781523] ? do_syscall_64+0x9a/0x820 [ 404.785480] ? lockdep_hardirqs_on+0x421/0x5c0 [ 404.790050] ? trace_hardirqs_on+0xbd/0x310 [ 404.794354] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.799874] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 404.805222] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 404.810656] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 404.816183] __x64_sys_clone+0xbf/0x150 [ 404.820145] do_syscall_64+0x1b9/0x820 [ 404.824017] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 404.829369] ? syscall_return_slowpath+0x5e0/0x5e0 [ 404.834285] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.839111] ? trace_hardirqs_on_caller+0x310/0x310 [ 404.844114] ? prepare_exit_to_usermode+0x291/0x3b0 [ 404.849116] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 404.853943] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 404.859117] RIP: 0033:0x455b4a [ 404.862294] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 404.881187] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 404.888891] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 404.896143] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 404.903394] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 404.910653] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 404.917907] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 404.925575] Memory limit reached of cgroup /syz5 [ 404.930391] memory: usage 205648kB, limit 204800kB, failcnt 1654 [ 404.936627] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 404.943382] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 404.949585] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 404.969513] Out of memory and no killable processes... [ 404.975963] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 404.988907] syz-executor5 cpuset=syz5 mems_allowed=0 [ 404.994073] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 405.001245] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.010593] Call Trace: [ 405.013172] dump_stack+0x1c4/0x2b4 [ 405.016784] ? dump_stack_print_info.cold.2+0x52/0x52 [ 405.021967] dump_header+0x27b/0xf72 [ 405.025670] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 405.031457] ? kasan_check_read+0x11/0x20 [ 405.035593] ? pagefault_out_of_memory+0x197/0x197 [ 405.040520] ? rcu_read_unlock+0x33/0x60 [ 405.044583] ? mem_cgroup_iter+0x514/0x1160 [ 405.048898] ? find_held_lock+0x36/0x1c0 [ 405.052971] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 405.057710] ? mark_held_locks+0xc7/0x130 [ 405.061844] ? _raw_spin_unlock_irq+0x27/0x80 [ 405.066337] ? _raw_spin_unlock_irq+0x27/0x80 [ 405.070822] ? lockdep_hardirqs_on+0x421/0x5c0 [ 405.075391] ? trace_hardirqs_on+0xbd/0x310 [ 405.079698] ? kasan_check_read+0x11/0x20 [ 405.083840] ? css_task_iter_end+0x222/0x490 [ 405.088238] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 405.093707] ? kasan_check_write+0x14/0x20 [ 405.097932] ? do_raw_spin_lock+0xc1/0x200 [ 405.102159] ? _raw_spin_unlock_irq+0x60/0x80 [ 405.106639] ? css_task_iter_end+0x2ce/0x490 [ 405.111040] ? cgroup_procs_next+0x70/0x70 [ 405.115263] ? _raw_spin_unlock_irq+0x60/0x80 [ 405.119750] ? oom_badness+0xaa0/0xaa0 [ 405.123643] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 405.128386] ? mem_cgroup_iter_break+0x30/0x30 [ 405.132966] ? mark_held_locks+0xc7/0x130 [ 405.137118] out_of_memory.cold.30+0xf/0x184 [ 405.141528] ? lockdep_hardirqs_on+0x421/0x5c0 [ 405.146092] ? kasan_check_read+0x11/0x20 [ 405.150247] ? oom_killer_disable+0x3a0/0x3a0 [ 405.154724] ? kasan_check_write+0x14/0x20 [ 405.158982] ? do_raw_spin_lock+0xc1/0x200 [ 405.163219] mem_cgroup_out_of_memory+0x15e/0x210 [ 405.168060] ? memcg_memory_event+0x40/0x40 [ 405.172365] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 405.177191] ? page_counter_try_charge+0x1c1/0x220 [ 405.182103] try_charge+0xc43/0x1690 [ 405.185800] ? lock_downgrade+0x900/0x900 [ 405.189931] ? check_preemption_disabled+0x48/0x200 [ 405.194934] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 405.201003] ? find_held_lock+0x36/0x1c0 [ 405.205050] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 405.209918] ? lock_downgrade+0x900/0x900 [ 405.214052] ? check_preemption_disabled+0x48/0x200 [ 405.219069] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 405.224847] ? kasan_check_read+0x11/0x20 [ 405.228978] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 405.234243] ? rcu_bh_qs+0xc0/0xc0 [ 405.237770] ? get_mem_cgroup_from_mm+0x206/0x440 [ 405.242615] memcg_kmem_charge_memcg+0x7c/0x120 [ 405.247270] ? memcg_kmem_put_cache+0xb0/0xb0 [ 405.251748] ? kmem_cache_alloc+0x12e/0x730 [ 405.256050] ? pte_alloc_one+0x6b/0x1a0 [ 405.260009] ? __pte_alloc+0x2a/0x350 [ 405.263794] ? copy_page_range+0x18c5/0x26b0 [ 405.268184] ? copy_process+0x4721/0x8780 [ 405.272318] memcg_kmem_charge+0x135/0x300 [ 405.276552] __alloc_pages_nodemask+0x72e/0xde0 [ 405.281209] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 405.286211] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.291761] ? check_preemption_disabled+0x48/0x200 [ 405.296763] ? graph_lock+0x170/0x170 [ 405.300547] ? find_held_lock+0x36/0x1c0 [ 405.304599] ? __lock_is_held+0xb5/0x140 [ 405.308643] ? lock_downgrade+0x900/0x900 [ 405.312777] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 405.318300] alloc_pages_current+0x10c/0x210 [ 405.322692] ? ___might_sleep+0x1ed/0x300 [ 405.326826] pte_alloc_one+0x1b/0x1a0 [ 405.330610] __pte_alloc+0x2a/0x350 [ 405.334222] copy_page_range+0x18c5/0x26b0 [ 405.338461] ? pmd_alloc+0x180/0x180 [ 405.342162] ? graph_lock+0x170/0x170 [ 405.345953] ? kasan_slab_alloc+0x12/0x20 [ 405.350083] ? kmem_cache_alloc+0x12e/0x730 [ 405.354399] ? graph_lock+0x170/0x170 [ 405.358192] ? __x64_sys_clone+0xbf/0x150 [ 405.362330] ? do_syscall_64+0x1b9/0x820 [ 405.366376] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 405.371754] ? find_held_lock+0x36/0x1c0 [ 405.375804] ? anon_vma_fork+0x5ef/0x820 [ 405.379849] ? lock_downgrade+0x900/0x900 [ 405.383981] ? lock_release+0x970/0x970 [ 405.387942] ? arch_local_save_flags+0x40/0x40 [ 405.392513] ? __lock_is_held+0xb5/0x140 [ 405.396563] ? up_write+0x7b/0x220 [ 405.400086] ? up_read+0x110/0x110 [ 405.403627] ? anon_vma_interval_tree_insert+0x2c9/0x370 [ 405.409071] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 405.414071] ? vma_compute_subtree_gap+0x160/0x240 [ 405.418985] ? validate_mm_rb+0xaa/0xc0 [ 405.422947] ? __vma_link_rb+0x26c/0x370 [ 405.426996] copy_process+0x4721/0x8780 [ 405.430969] ? __cleanup_sighand+0x70/0x70 [ 405.435190] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 405.440718] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 405.446264] ? page_swapcount+0x1d0/0x1d0 [ 405.450403] ? graph_lock+0x170/0x170 [ 405.454208] ? update_curr+0x4cf/0xbe0 [ 405.458084] ? __lock_acquire+0x7ec/0x4ec0 [ 405.462325] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 405.468113] ? __lock_is_held+0xb5/0x140 [ 405.472159] ? mark_held_locks+0x130/0x130 [ 405.476380] ? print_usage_bug+0xc0/0xc0 [ 405.480440] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.485985] ? check_preemption_disabled+0x48/0x200 [ 405.491001] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.496531] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 405.501890] ? print_usage_bug+0xc0/0xc0 [ 405.505957] ? __lock_acquire+0x7ec/0x4ec0 [ 405.510176] ? trace_hardirqs_on_caller+0x310/0x310 [ 405.515174] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.520696] ? check_preemption_disabled+0x48/0x200 [ 405.525705] ? print_usage_bug+0xc0/0xc0 [ 405.529754] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.535276] ? reuse_swap_page+0x4bd/0x1520 [ 405.539585] ? swp_swapcount+0x530/0x530 [ 405.543631] ? find_held_lock+0x36/0x1c0 [ 405.547676] ? __lock_acquire+0x7ec/0x4ec0 [ 405.551892] ? mark_held_locks+0x130/0x130 [ 405.556128] ? finish_task_switch+0x1f5/0x900 [ 405.560610] ? __lock_acquire+0x7ec/0x4ec0 [ 405.564834] ? mark_held_locks+0x130/0x130 [ 405.569057] ? graph_lock+0x170/0x170 [ 405.572840] ? mark_held_locks+0x130/0x130 [ 405.577070] ? check_preemption_disabled+0x48/0x200 [ 405.582069] ? check_preemption_disabled+0x48/0x200 [ 405.587068] ? find_held_lock+0x36/0x1c0 [ 405.591133] ? print_usage_bug+0xc0/0xc0 [ 405.595178] ? print_usage_bug+0xc0/0xc0 [ 405.599222] ? do_wp_page+0xa6f/0x1390 [ 405.603091] ? lock_downgrade+0x900/0x900 [ 405.607522] ? wake_up_page_bit+0x6f0/0x6f0 [ 405.611830] ? kasan_check_read+0x11/0x20 [ 405.615964] ? __lock_acquire+0x7ec/0x4ec0 [ 405.620181] ? _raw_spin_unlock+0x2c/0x50 [ 405.624314] ? mark_held_locks+0x130/0x130 [ 405.628529] ? find_held_lock+0x36/0x1c0 [ 405.632572] ? lock_release+0x970/0x970 [ 405.636530] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 405.642048] ? kasan_check_write+0x14/0x20 [ 405.646263] ? do_raw_spin_lock+0xc1/0x200 [ 405.650482] ? error_exit+0xb/0x20 [ 405.654012] ? error_exit+0xb/0x20 [ 405.657541] ? trace_hardirqs_off_caller+0xbb/0x310 [ 405.662565] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.667406] ? trace_hardirqs_on_caller+0x310/0x310 [ 405.672410] ? graph_lock+0x170/0x170 [ 405.676200] ? graph_lock+0x170/0x170 [ 405.679986] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.684812] ? native_iret+0x7/0x7 [ 405.688337] ? find_held_lock+0x36/0x1c0 [ 405.692386] _do_fork+0x1cb/0x11d0 [ 405.695912] ? fork_idle+0x1d0/0x1d0 [ 405.699624] ? lock_downgrade+0x900/0x900 [ 405.703779] ? kasan_check_read+0x11/0x20 [ 405.707910] ? _copy_to_user+0xc8/0x110 [ 405.712083] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 405.717605] ? put_timespec64+0x10f/0x1b0 [ 405.721735] ? nsecs_to_jiffies+0x30/0x30 [ 405.725867] ? do_syscall_64+0x9a/0x820 [ 405.729833] ? do_syscall_64+0x9a/0x820 [ 405.733802] ? lockdep_hardirqs_on+0x421/0x5c0 [ 405.738366] ? trace_hardirqs_on+0xbd/0x310 [ 405.742670] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.748191] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 405.753550] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 405.758983] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 405.764513] __x64_sys_clone+0xbf/0x150 [ 405.768496] do_syscall_64+0x1b9/0x820 [ 405.772368] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 405.777739] ? syscall_return_slowpath+0x5e0/0x5e0 [ 405.782647] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.787477] ? trace_hardirqs_on_caller+0x310/0x310 [ 405.792481] ? prepare_exit_to_usermode+0x291/0x3b0 [ 405.797493] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 405.802324] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 405.807501] RIP: 0033:0x455b4a [ 405.810677] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 405.829564] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 405.837254] RAX: ffffffffffffffda RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 405.844506] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 405.851754] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 405.859013] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 405.866368] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 405.874841] Memory limit reached of cgroup /syz5 [ 405.879669] memory: usage 205652kB, limit 204800kB, failcnt 1662 [ 405.885949] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 405.892737] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 405.898933] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 405.918899] Out of memory and no killable processes... [ 405.925308] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 405.936569] syz-executor5 cpuset=syz5 mems_allowed=0 [ 405.941686] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 405.948862] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 405.958221] Call Trace: [ 405.960803] dump_stack+0x1c4/0x2b4 [ 405.964423] ? dump_stack_print_info.cold.2+0x52/0x52 [ 405.969618] dump_header+0x27b/0xf72 [ 405.973322] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 405.979098] ? kasan_check_read+0x11/0x20 [ 405.983242] ? pagefault_out_of_memory+0x197/0x197 [ 405.988164] ? rcu_read_unlock+0x33/0x60 [ 405.992219] ? mem_cgroup_iter+0x514/0x1160 [ 405.996537] ? find_held_lock+0x36/0x1c0 [ 406.000586] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 406.005320] ? mark_held_locks+0xc7/0x130 [ 406.009448] ? _raw_spin_unlock_irq+0x27/0x80 [ 406.013942] ? _raw_spin_unlock_irq+0x27/0x80 [ 406.018423] ? lockdep_hardirqs_on+0x421/0x5c0 [ 406.023002] ? trace_hardirqs_on+0xbd/0x310 [ 406.027300] ? kasan_check_read+0x11/0x20 [ 406.031444] ? css_task_iter_end+0x222/0x490 [ 406.035835] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 406.041266] ? kasan_check_write+0x14/0x20 [ 406.045483] ? do_raw_spin_lock+0xc1/0x200 [ 406.049712] ? _raw_spin_unlock_irq+0x60/0x80 [ 406.054191] ? css_task_iter_end+0x2ce/0x490 [ 406.058585] ? cgroup_procs_next+0x70/0x70 [ 406.062803] ? _raw_spin_unlock_irq+0x60/0x80 [ 406.067281] ? oom_badness+0xaa0/0xaa0 [ 406.071151] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 406.075887] ? mem_cgroup_iter_break+0x30/0x30 [ 406.080461] ? mark_held_locks+0xc7/0x130 [ 406.084601] out_of_memory.cold.30+0xf/0x184 [ 406.089004] ? lockdep_hardirqs_on+0x421/0x5c0 [ 406.093573] ? kasan_check_read+0x11/0x20 [ 406.097720] ? oom_killer_disable+0x3a0/0x3a0 [ 406.102198] ? kasan_check_write+0x14/0x20 [ 406.106414] ? do_raw_spin_lock+0xc1/0x200 [ 406.110642] mem_cgroup_out_of_memory+0x15e/0x210 [ 406.115468] ? memcg_memory_event+0x40/0x40 [ 406.119776] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 406.124527] ? page_counter_try_charge+0x1c1/0x220 [ 406.129444] try_charge+0xc43/0x1690 [ 406.133149] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 406.139190] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 406.144128] ? lock_downgrade+0x900/0x900 [ 406.148264] ? check_preemption_disabled+0x48/0x200 [ 406.153267] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 406.159048] ? kasan_check_read+0x11/0x20 [ 406.163182] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 406.168448] ? rcu_bh_qs+0xc0/0xc0 [ 406.171996] ? get_mem_cgroup_from_mm+0x206/0x440 [ 406.176822] ? mem_cgroup_can_attach+0x580/0x580 [ 406.181563] ? __lock_is_held+0xb5/0x140 [ 406.185617] mem_cgroup_try_charge+0x5ea/0xe10 [ 406.190191] ? mem_cgroup_protected+0xa60/0xa60 [ 406.194848] ? swp_swapcount+0x530/0x530 [ 406.198911] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 406.204446] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 406.209369] wp_page_copy+0x46c/0x14f0 [ 406.213243] ? enqueue_entity+0x34b/0x1ff0 [ 406.217466] ? follow_pfn+0x2e0/0x2e0 [ 406.221258] ? do_wp_page+0x76c/0x1390 [ 406.225132] ? lock_downgrade+0x900/0x900 [ 406.229268] ? kasan_check_write+0x14/0x20 [ 406.233495] ? kasan_check_read+0x11/0x20 [ 406.237627] ? do_raw_spin_unlock+0xa7/0x2f0 [ 406.242028] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 406.246601] ? __pte_alloc_kernel+0x220/0x220 [ 406.251111] ? __lock_acquire+0x7ec/0x4ec0 [ 406.255348] do_wp_page+0x774/0x1390 [ 406.259065] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 406.263761] ? lock_release+0x970/0x970 [ 406.267738] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 406.273279] ? kasan_check_write+0x14/0x20 [ 406.277522] ? do_raw_spin_lock+0xc1/0x200 [ 406.281759] __handle_mm_fault+0x2c60/0x53e0 [ 406.286172] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 406.291038] ? graph_lock+0x170/0x170 [ 406.294843] ? print_usage_bug+0xc0/0xc0 [ 406.298901] ? wake_up_new_task+0x6fb/0xd20 [ 406.303231] ? kasan_check_read+0x11/0x20 [ 406.307372] ? graph_lock+0x170/0x170 [ 406.311185] ? graph_lock+0x170/0x170 [ 406.314989] ? handle_mm_fault+0x42a/0xc70 [ 406.319211] ? lock_downgrade+0x900/0x900 [ 406.323367] ? check_preemption_disabled+0x48/0x200 [ 406.328384] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 406.334161] ? kasan_check_read+0x11/0x20 [ 406.338293] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 406.343553] ? rcu_bh_qs+0xc0/0xc0 [ 406.347078] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 406.352514] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 406.358036] ? check_preemption_disabled+0x48/0x200 [ 406.363038] handle_mm_fault+0x54f/0xc70 [ 406.367084] ? __handle_mm_fault+0x53e0/0x53e0 [ 406.371652] ? find_vma+0x34/0x190 [ 406.375178] __do_page_fault+0x67d/0xed0 [ 406.379225] ? mm_fault_error+0x380/0x380 [ 406.383354] ? trace_hardirqs_off+0xb8/0x310 [ 406.387743] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 406.393090] ? trace_hardirqs_on+0x310/0x310 [ 406.397479] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 406.403005] do_page_fault+0xf2/0x7e0 [ 406.406795] ? vmalloc_sync_all+0x30/0x30 [ 406.410925] ? error_entry+0x70/0xd0 [ 406.414647] ? trace_hardirqs_off_caller+0xbb/0x310 [ 406.419668] ? trace_hardirqs_on_caller+0xc0/0x310 [ 406.424581] ? syscall_return_slowpath+0x5e0/0x5e0 [ 406.429503] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.434330] ? trace_hardirqs_on_caller+0x310/0x310 [ 406.439342] ? trace_hardirqs_off+0x310/0x310 [ 406.443822] ? prepare_exit_to_usermode+0x291/0x3b0 [ 406.448825] ? page_fault+0x8/0x30 [ 406.452353] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 406.457183] ? page_fault+0x8/0x30 [ 406.460714] page_fault+0x1e/0x30 [ 406.464151] RIP: 0033:0x455c6e [ 406.467338] Code: 5c 41 5d 41 5e 5d c3 48 c7 c2 d4 ff ff ff f7 d8 41 bd ff ff ff ff 64 89 02 64 8b 04 25 d0 02 00 00 41 39 c4 0f 85 2f 01 00 00 <64> 44 89 04 25 d4 02 00 00 45 85 f6 0f 85 7f 00 00 00 48 85 db 74 [ 406.486324] RSP: 002b:00007ffc76600cd0 EFLAGS: 00010246 [ 406.491673] RAX: 0000000000000001 RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 406.498935] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 406.506182] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 406.513437] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 406.520696] R13: 0000000000000349 R14: 0000000000000000 R15: 0000000000000005 [ 406.528134] Memory limit reached of cgroup /syz5 [ 406.532953] memory: usage 205648kB, limit 204800kB, failcnt 1678 [ 406.539306] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 406.546270] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 406.552536] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 406.572654] Out of memory and no killable processes... [ 406.578454] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 406.589728] syz-executor5 cpuset=syz5 mems_allowed=0 [ 406.595129] CPU: 1 PID: 13360 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 406.602407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 406.611758] Call Trace: [ 406.614338] dump_stack+0x1c4/0x2b4 [ 406.617956] ? dump_stack_print_info.cold.2+0x52/0x52 [ 406.623161] dump_header+0x27b/0xf72 [ 406.626881] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 406.632667] ? kasan_check_read+0x11/0x20 [ 406.636813] ? pagefault_out_of_memory+0x197/0x197 [ 406.641736] ? rcu_read_unlock+0x33/0x60 [ 406.645790] ? mem_cgroup_iter+0x514/0x1160 [ 406.650105] ? find_held_lock+0x36/0x1c0 [ 406.654175] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 406.658935] ? mark_held_locks+0xc7/0x130 [ 406.663089] ? _raw_spin_unlock_irq+0x27/0x80 [ 406.667572] ? _raw_spin_unlock_irq+0x27/0x80 [ 406.672070] ? lockdep_hardirqs_on+0x421/0x5c0 [ 406.676640] ? trace_hardirqs_on+0xbd/0x310 [ 406.680943] ? kasan_check_read+0x11/0x20 [ 406.685071] ? css_task_iter_end+0x222/0x490 [ 406.689478] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 406.694921] ? kasan_check_write+0x14/0x20 [ 406.699137] ? do_raw_spin_lock+0xc1/0x200 [ 406.703370] ? _raw_spin_unlock_irq+0x60/0x80 [ 406.707846] ? css_task_iter_end+0x2ce/0x490 [ 406.712238] ? cgroup_procs_next+0x70/0x70 [ 406.716456] ? _raw_spin_unlock_irq+0x60/0x80 [ 406.720943] ? oom_badness+0xaa0/0xaa0 [ 406.724812] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 406.729553] ? mem_cgroup_iter_break+0x30/0x30 [ 406.734122] ? mark_held_locks+0xc7/0x130 [ 406.738252] out_of_memory.cold.30+0xf/0x184 [ 406.742640] ? lockdep_hardirqs_on+0x421/0x5c0 [ 406.747208] ? kasan_check_read+0x11/0x20 [ 406.751338] ? oom_killer_disable+0x3a0/0x3a0 [ 406.755812] ? kasan_check_write+0x14/0x20 [ 406.760026] ? do_raw_spin_lock+0xc1/0x200 [ 406.764247] mem_cgroup_out_of_memory+0x15e/0x210 [ 406.769071] ? memcg_memory_event+0x40/0x40 [ 406.773374] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 406.778117] ? page_counter_try_charge+0x1c1/0x220 [ 406.783040] try_charge+0xc43/0x1690 [ 406.786743] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 406.792793] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 406.797619] ? lock_downgrade+0x900/0x900 [ 406.801752] ? check_preemption_disabled+0x48/0x200 [ 406.806757] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 406.812535] ? kasan_check_read+0x11/0x20 [ 406.816667] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 406.821994] ? rcu_bh_qs+0xc0/0xc0 [ 406.825527] ? get_mem_cgroup_from_mm+0x206/0x440 [ 406.830353] ? mem_cgroup_can_attach+0x580/0x580 [ 406.835090] ? __lock_is_held+0xb5/0x140 [ 406.839141] mem_cgroup_try_charge+0x5ea/0xe10 [ 406.843709] ? mem_cgroup_protected+0xa60/0xa60 [ 406.848363] ? swp_swapcount+0x530/0x530 [ 406.852432] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 406.857959] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 406.862875] wp_page_copy+0x46c/0x14f0 [ 406.866754] ? follow_pfn+0x2e0/0x2e0 [ 406.870557] ? do_wp_page+0x76c/0x1390 [ 406.874435] ? lock_downgrade+0x900/0x900 [ 406.878564] ? kasan_check_write+0x14/0x20 [ 406.882779] ? kasan_check_read+0x11/0x20 [ 406.886911] ? do_raw_spin_unlock+0xa7/0x2f0 [ 406.891315] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 406.895881] ? __pte_alloc_kernel+0x220/0x220 [ 406.900359] ? __lock_acquire+0x7ec/0x4ec0 [ 406.904580] do_wp_page+0x774/0x1390 [ 406.908282] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 406.912935] ? lock_release+0x970/0x970 [ 406.916897] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 406.922424] ? kasan_check_write+0x14/0x20 [ 406.926646] ? do_raw_spin_lock+0xc1/0x200 [ 406.930870] __handle_mm_fault+0x2c60/0x53e0 [ 406.935267] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 406.940092] ? graph_lock+0x170/0x170 [ 406.943877] ? print_usage_bug+0xc0/0xc0 [ 406.947921] ? __lock_acquire+0x7ec/0x4ec0 [ 406.952140] ? graph_lock+0x170/0x170 [ 406.955928] ? graph_lock+0x170/0x170 [ 406.959723] ? handle_mm_fault+0x42a/0xc70 [ 406.963975] ? lock_downgrade+0x900/0x900 [ 406.968125] ? check_preemption_disabled+0x48/0x200 [ 406.973132] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 406.978930] ? kasan_check_read+0x11/0x20 [ 406.983079] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 406.988345] ? rcu_bh_qs+0xc0/0xc0 [ 406.991873] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 406.997318] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 407.002866] ? check_preemption_disabled+0x48/0x200 [ 407.007910] handle_mm_fault+0x54f/0xc70 [ 407.011970] ? __handle_mm_fault+0x53e0/0x53e0 [ 407.016548] ? find_vma+0x34/0x190 [ 407.020079] __do_page_fault+0x67d/0xed0 [ 407.024152] ? mm_fault_error+0x380/0x380 [ 407.028288] ? graph_lock+0x170/0x170 [ 407.032076] do_page_fault+0xf2/0x7e0 [ 407.035858] ? vmalloc_sync_all+0x30/0x30 [ 407.039991] ? error_entry+0x76/0xd0 [ 407.043690] ? trace_hardirqs_off_caller+0xbb/0x310 [ 407.048690] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.053519] ? trace_hardirqs_on_caller+0x310/0x310 [ 407.058547] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 407.064331] ? kasan_check_read+0x11/0x20 [ 407.068465] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.073295] page_fault+0x1e/0x30 [ 407.076736] RIP: 0010:__put_user_4+0x1c/0x30 [ 407.081128] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 40 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 407.100010] RSP: 0018:ffff88016ddb7f30 EFLAGS: 00010293 [ 407.105356] RAX: 0000000000000349 RBX: 00007fffffffeffd RCX: 00000000013b4c10 [ 407.112620] RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffff8801be3c2868 [ 407.119869] RBP: ffff88016ddb7f48 R08: 0000000000000000 R09: ffffed003b5e4732 [ 407.127117] R10: ffffed003b5e4732 R11: ffff8801daf23993 R12: 0000000000000000 [ 407.134375] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 407.141640] ? schedule_tail+0xd8/0x130 [ 407.145597] ret_from_fork+0x8/0x50 [ 407.149204] RIP: 0033:0x455b4a [ 407.152379] Code: Bad RIP value. [ 407.155733] RSP: 002b:00007ffc76600cd0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 407.163439] RAX: 0000000000000000 RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 407.170702] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 407.177948] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 407.185197] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 407.192445] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 407.200966] Memory limit reached of cgroup /syz5 [ 407.205914] memory: usage 205652kB, limit 204800kB, failcnt 1686 [ 407.212049] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 407.218852] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 407.225036] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:68KB inactive_file:0KB active_file:0KB unevictable:0KB [ 407.244914] Out of memory and no killable processes... [ 407.250307] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 407.261701] syz-executor5 cpuset=syz5 mems_allowed=0 [ 407.266899] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 407.274126] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.283458] Call Trace: [ 407.286032] dump_stack+0x1c4/0x2b4 [ 407.289648] ? dump_stack_print_info.cold.2+0x52/0x52 [ 407.294835] dump_header+0x27b/0xf72 [ 407.298547] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 407.304341] ? kasan_check_read+0x11/0x20 [ 407.308474] ? pagefault_out_of_memory+0x197/0x197 [ 407.313395] ? rcu_read_unlock+0x33/0x60 [ 407.317471] ? mem_cgroup_iter+0x514/0x1160 [ 407.321778] ? find_held_lock+0x36/0x1c0 [ 407.325821] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 407.330556] ? mark_held_locks+0xc7/0x130 [ 407.334688] ? _raw_spin_unlock_irq+0x27/0x80 [ 407.339167] ? _raw_spin_unlock_irq+0x27/0x80 [ 407.343648] ? lockdep_hardirqs_on+0x421/0x5c0 [ 407.348215] ? trace_hardirqs_on+0xbd/0x310 [ 407.352542] ? kasan_check_read+0x11/0x20 [ 407.356676] ? css_task_iter_end+0x222/0x490 [ 407.361092] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 407.366557] ? kasan_check_write+0x14/0x20 [ 407.370802] ? do_raw_spin_lock+0xc1/0x200 [ 407.375023] ? _raw_spin_unlock_irq+0x60/0x80 [ 407.379514] ? css_task_iter_end+0x2ce/0x490 [ 407.383909] ? cgroup_procs_next+0x70/0x70 [ 407.388134] ? _raw_spin_unlock_irq+0x60/0x80 [ 407.392617] ? oom_badness+0xaa0/0xaa0 [ 407.396522] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 407.401356] ? mem_cgroup_iter_break+0x30/0x30 [ 407.405927] ? mark_held_locks+0xc7/0x130 [ 407.410059] out_of_memory.cold.30+0xf/0x184 [ 407.414449] ? lockdep_hardirqs_on+0x421/0x5c0 [ 407.419016] ? kasan_check_read+0x11/0x20 [ 407.423149] ? oom_killer_disable+0x3a0/0x3a0 [ 407.427626] ? kasan_check_write+0x14/0x20 [ 407.431842] ? do_raw_spin_lock+0xc1/0x200 [ 407.436064] mem_cgroup_out_of_memory+0x15e/0x210 [ 407.440899] ? memcg_memory_event+0x40/0x40 [ 407.445232] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 407.449976] ? page_counter_try_charge+0x1c1/0x220 [ 407.454893] try_charge+0xc43/0x1690 [ 407.458611] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 407.464653] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 407.469484] ? lock_downgrade+0x900/0x900 [ 407.473634] ? check_preemption_disabled+0x48/0x200 [ 407.478636] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 407.484433] ? kasan_check_read+0x11/0x20 [ 407.488567] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 407.493827] ? rcu_bh_qs+0xc0/0xc0 [ 407.497358] ? get_mem_cgroup_from_mm+0x206/0x440 [ 407.502185] ? mem_cgroup_can_attach+0x580/0x580 [ 407.506937] ? __lock_is_held+0xb5/0x140 [ 407.511015] mem_cgroup_try_charge+0x5ea/0xe10 [ 407.515589] ? mem_cgroup_protected+0xa60/0xa60 [ 407.520242] ? swp_swapcount+0x530/0x530 [ 407.524286] ? find_held_lock+0x36/0x1c0 [ 407.528338] ? wp_page_copy+0xad1/0x14f0 [ 407.532394] ? lock_downgrade+0x900/0x900 [ 407.536529] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 407.542064] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 407.546977] wp_page_copy+0x46c/0x14f0 [ 407.550854] ? follow_pfn+0x2e0/0x2e0 [ 407.554638] ? do_wp_page+0x76c/0x1390 [ 407.558512] ? lock_downgrade+0x900/0x900 [ 407.562642] ? kasan_check_write+0x14/0x20 [ 407.566861] ? kasan_check_read+0x11/0x20 [ 407.571007] ? do_raw_spin_unlock+0xa7/0x2f0 [ 407.575426] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 407.579995] ? __pte_alloc_kernel+0x220/0x220 [ 407.584478] ? __lock_acquire+0x7ec/0x4ec0 [ 407.588715] do_wp_page+0x774/0x1390 [ 407.592426] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 407.597080] ? lock_release+0x970/0x970 [ 407.601044] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 407.606740] ? kasan_check_write+0x14/0x20 [ 407.610957] ? do_raw_spin_lock+0xc1/0x200 [ 407.615190] __handle_mm_fault+0x2c60/0x53e0 [ 407.619587] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 407.624412] ? graph_lock+0x170/0x170 [ 407.628202] ? print_usage_bug+0xc0/0xc0 [ 407.632245] ? wake_up_new_task+0x6fb/0xd20 [ 407.636545] ? kasan_check_read+0x11/0x20 [ 407.640696] ? graph_lock+0x170/0x170 [ 407.644478] ? graph_lock+0x170/0x170 [ 407.648288] ? handle_mm_fault+0x42a/0xc70 [ 407.652519] ? lock_downgrade+0x900/0x900 [ 407.656654] ? check_preemption_disabled+0x48/0x200 [ 407.661656] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 407.667452] ? kasan_check_read+0x11/0x20 [ 407.671583] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 407.676853] ? rcu_bh_qs+0xc0/0xc0 [ 407.680394] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 407.685834] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 407.691354] ? check_preemption_disabled+0x48/0x200 [ 407.696357] handle_mm_fault+0x54f/0xc70 [ 407.700410] ? __handle_mm_fault+0x53e0/0x53e0 [ 407.704996] ? find_vma+0x34/0x190 [ 407.708524] __do_page_fault+0x67d/0xed0 [ 407.712573] ? mm_fault_error+0x380/0x380 [ 407.716703] ? trace_hardirqs_off+0xb8/0x310 [ 407.721334] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 407.726682] ? trace_hardirqs_on+0x310/0x310 [ 407.731071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 407.736590] do_page_fault+0xf2/0x7e0 [ 407.740387] ? vmalloc_sync_all+0x30/0x30 [ 407.744519] ? error_entry+0x70/0xd0 [ 407.748217] ? trace_hardirqs_off_caller+0xbb/0x310 [ 407.753211] ? trace_hardirqs_on_caller+0xc0/0x310 [ 407.758122] ? syscall_return_slowpath+0x5e0/0x5e0 [ 407.763032] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.767860] ? trace_hardirqs_on_caller+0x310/0x310 [ 407.772857] ? trace_hardirqs_off+0x310/0x310 [ 407.777335] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 407.782852] ? prepare_exit_to_usermode+0x291/0x3b0 [ 407.787863] ? page_fault+0x8/0x30 [ 407.791397] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 407.796228] ? page_fault+0x8/0x30 [ 407.799750] page_fault+0x1e/0x30 [ 407.803182] RIP: 0033:0x455caa [ 407.806367] Code: 48 85 db 74 b6 41 bc ca 00 00 00 eb 0c 0f 1f 00 48 8b 5b 08 48 85 db 74 a2 48 8b 3b 48 8b 47 10 48 85 c0 74 05 ff d0 48 8b 3b ff 4f 28 0f 94 c0 84 c0 74 db 8b 47 2c 85 c0 74 d4 45 31 d2 ba [ 407.825260] RSP: 002b:00007ffc76600cd0 EFLAGS: 00010246 [ 407.830618] RAX: 0000000000000000 RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 407.837865] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a44cc8 [ 407.845111] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 407.852356] R10: 00000000013b4c10 R11: 0000000000000246 R12: 00000000000000ca [ 407.859606] R13: 0000000000000349 R14: 0000000000000000 R15: 0000000000000005 [ 407.867118] Memory limit reached of cgroup /syz5 [ 407.871916] memory: usage 205652kB, limit 204800kB, failcnt 1694 [ 407.878135] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 407.884926] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 407.891055] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:68KB inactive_file:0KB active_file:0KB unevictable:0KB [ 407.910857] Out of memory and no killable processes... [ 407.916268] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 407.929150] syz-executor5 cpuset=syz5 mems_allowed=0 [ 407.934254] CPU: 1 PID: 13360 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 407.941511] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 407.950842] Call Trace: [ 407.953432] dump_stack+0x1c4/0x2b4 [ 407.957047] ? dump_stack_print_info.cold.2+0x52/0x52 [ 407.962224] dump_header+0x27b/0xf72 [ 407.965926] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 407.971737] ? kasan_check_read+0x11/0x20 [ 407.975888] ? pagefault_out_of_memory+0x197/0x197 [ 407.980801] ? rcu_read_unlock+0x33/0x60 [ 407.984841] ? mem_cgroup_iter+0x514/0x1160 [ 407.989148] ? find_held_lock+0x36/0x1c0 [ 407.993192] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 407.997930] ? mark_held_locks+0xc7/0x130 [ 408.002091] ? _raw_spin_unlock_irq+0x27/0x80 [ 408.006571] ? _raw_spin_unlock_irq+0x27/0x80 [ 408.011050] ? lockdep_hardirqs_on+0x421/0x5c0 [ 408.015614] ? trace_hardirqs_on+0xbd/0x310 [ 408.019914] ? kasan_check_read+0x11/0x20 [ 408.024047] ? css_task_iter_end+0x222/0x490 [ 408.028440] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 408.033872] ? kasan_check_write+0x14/0x20 [ 408.038091] ? do_raw_spin_lock+0xc1/0x200 [ 408.042308] ? _raw_spin_unlock_irq+0x60/0x80 [ 408.046783] ? css_task_iter_end+0x2ce/0x490 [ 408.051175] ? cgroup_procs_next+0x70/0x70 [ 408.055389] ? _raw_spin_unlock_irq+0x60/0x80 [ 408.059867] ? oom_badness+0xaa0/0xaa0 [ 408.063736] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 408.068473] ? mem_cgroup_iter_break+0x30/0x30 [ 408.073046] ? mark_held_locks+0xc7/0x130 [ 408.077190] out_of_memory.cold.30+0xf/0x184 [ 408.081579] ? lockdep_hardirqs_on+0x421/0x5c0 [ 408.086143] ? kasan_check_read+0x11/0x20 [ 408.090275] ? oom_killer_disable+0x3a0/0x3a0 [ 408.094761] ? kasan_check_write+0x14/0x20 [ 408.098978] ? do_raw_spin_lock+0xc1/0x200 [ 408.103209] mem_cgroup_out_of_memory+0x15e/0x210 [ 408.108035] ? memcg_memory_event+0x40/0x40 [ 408.112338] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 408.117169] ? page_counter_try_charge+0x1c1/0x220 [ 408.122084] try_charge+0xc43/0x1690 [ 408.125797] ? lock_downgrade+0x900/0x900 [ 408.129928] ? check_preemption_disabled+0x48/0x200 [ 408.134940] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 408.140984] ? find_held_lock+0x36/0x1c0 [ 408.145035] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 408.149862] ? lock_downgrade+0x900/0x900 [ 408.153994] ? check_preemption_disabled+0x48/0x200 [ 408.159010] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 408.164789] ? kasan_check_read+0x11/0x20 [ 408.168921] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 408.174182] ? rcu_bh_qs+0xc0/0xc0 [ 408.177717] ? get_mem_cgroup_from_mm+0x206/0x440 [ 408.182545] memcg_kmem_charge_memcg+0x7c/0x120 [ 408.187208] ? memcg_kmem_put_cache+0xb0/0xb0 [ 408.191784] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 408.196359] memcg_kmem_charge+0x135/0x300 [ 408.200580] __alloc_pages_nodemask+0x72e/0xde0 [ 408.205251] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 408.210267] ? mark_held_locks+0x130/0x130 [ 408.214503] ? kasan_check_write+0x14/0x20 [ 408.218722] ? do_raw_spin_lock+0xc1/0x200 [ 408.222944] ? __handle_mm_fault+0x9ab/0x53e0 [ 408.227435] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 408.232959] alloc_pages_current+0x10c/0x210 [ 408.237353] pte_alloc_one+0x1b/0x1a0 [ 408.241138] __handle_mm_fault+0x43f4/0x53e0 [ 408.245531] ? graph_lock+0x170/0x170 [ 408.249316] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 408.254138] ? graph_lock+0x170/0x170 [ 408.257918] ? print_usage_bug+0xc0/0xc0 [ 408.261986] ? graph_lock+0x170/0x170 [ 408.265771] ? graph_lock+0x170/0x170 [ 408.269560] ? handle_mm_fault+0x42a/0xc70 [ 408.273777] ? lock_downgrade+0x900/0x900 [ 408.277923] ? check_preemption_disabled+0x48/0x200 [ 408.282929] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 408.288709] ? kasan_check_read+0x11/0x20 [ 408.292838] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 408.298096] ? rcu_bh_qs+0xc0/0xc0 [ 408.301640] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 408.307073] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 408.312595] ? check_preemption_disabled+0x48/0x200 [ 408.317610] handle_mm_fault+0x54f/0xc70 [ 408.321654] ? __handle_mm_fault+0x53e0/0x53e0 [ 408.326217] ? find_vma+0x34/0x190 [ 408.329739] __do_page_fault+0x67d/0xed0 [ 408.333787] ? mm_fault_error+0x380/0x380 [ 408.337923] do_page_fault+0xf2/0x7e0 [ 408.341706] ? vmalloc_sync_all+0x30/0x30 [ 408.345833] ? error_entry+0x70/0xd0 [ 408.349529] ? trace_hardirqs_off_caller+0xbb/0x310 [ 408.354525] ? trace_hardirqs_on_caller+0xc0/0x310 [ 408.359442] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.364266] ? trace_hardirqs_on_caller+0x310/0x310 [ 408.369279] ? trace_hardirqs_off+0x310/0x310 [ 408.373761] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 408.378760] ? recalc_sigpending_tsk+0x180/0x180 [ 408.383498] ? kasan_check_write+0x14/0x20 [ 408.387736] ? page_fault+0x8/0x30 [ 408.391259] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 408.396085] ? page_fault+0x8/0x30 [ 408.399613] page_fault+0x1e/0x30 [ 408.403045] RIP: 0033:0x455b4a [ 408.406222] Code: Bad RIP value. [ 408.409583] RSP: 002b:00007ffc76600cd0 EFLAGS: 00010246 [ 408.414941] RAX: 0000000000000000 RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 408.422216] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 408.429482] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 408.436734] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 408.443983] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 408.452528] Memory limit reached of cgroup /syz5 [ 408.457485] memory: usage 205656kB, limit 204800kB, failcnt 1702 [ 408.463619] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 408.470417] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 408.476604] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:68KB inactive_file:0KB active_file:0KB unevictable:0KB [ 408.497039] Out of memory and no killable processes... [ 408.502401] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 408.513801] syz-executor5 cpuset=syz5 mems_allowed=0 [ 408.519004] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 408.526198] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 408.535530] Call Trace: [ 408.538103] dump_stack+0x1c4/0x2b4 [ 408.541713] ? dump_stack_print_info.cold.2+0x52/0x52 [ 408.546911] dump_header+0x27b/0xf72 [ 408.550612] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 408.556392] ? kasan_check_read+0x11/0x20 [ 408.560530] ? pagefault_out_of_memory+0x197/0x197 [ 408.565451] ? rcu_read_unlock+0x33/0x60 [ 408.569510] ? mem_cgroup_iter+0x514/0x1160 [ 408.573817] ? find_held_lock+0x36/0x1c0 [ 408.577863] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 408.582596] ? mark_held_locks+0xc7/0x130 [ 408.586740] ? _raw_spin_unlock_irq+0x27/0x80 [ 408.591217] ? _raw_spin_unlock_irq+0x27/0x80 [ 408.595695] ? lockdep_hardirqs_on+0x421/0x5c0 [ 408.600260] ? trace_hardirqs_on+0xbd/0x310 [ 408.604560] ? kasan_check_read+0x11/0x20 [ 408.608691] ? css_task_iter_end+0x222/0x490 [ 408.613084] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 408.618528] ? kasan_check_write+0x14/0x20 [ 408.622749] ? do_raw_spin_lock+0xc1/0x200 [ 408.626968] ? _raw_spin_unlock_irq+0x60/0x80 [ 408.631452] ? css_task_iter_end+0x2ce/0x490 [ 408.635848] ? cgroup_procs_next+0x70/0x70 [ 408.640087] ? _raw_spin_unlock_irq+0x60/0x80 [ 408.644580] ? oom_badness+0xaa0/0xaa0 [ 408.648453] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 408.653196] ? mem_cgroup_iter_break+0x30/0x30 [ 408.657783] ? mark_held_locks+0xc7/0x130 [ 408.661946] out_of_memory.cold.30+0xf/0x184 [ 408.666355] ? lockdep_hardirqs_on+0x421/0x5c0 [ 408.670924] ? kasan_check_read+0x11/0x20 [ 408.675083] ? oom_killer_disable+0x3a0/0x3a0 [ 408.679573] ? kasan_check_write+0x14/0x20 [ 408.683793] ? do_raw_spin_lock+0xc1/0x200 [ 408.688015] mem_cgroup_out_of_memory+0x15e/0x210 [ 408.692851] ? memcg_memory_event+0x40/0x40 [ 408.697166] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 408.701905] ? page_counter_try_charge+0x1c1/0x220 [ 408.706820] try_charge+0xc43/0x1690 [ 408.710526] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 408.716564] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 408.721391] ? lock_downgrade+0x900/0x900 [ 408.725521] ? check_preemption_disabled+0x48/0x200 [ 408.730524] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 408.736303] ? kasan_check_read+0x11/0x20 [ 408.740440] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 408.745700] ? rcu_bh_qs+0xc0/0xc0 [ 408.749262] ? get_mem_cgroup_from_mm+0x206/0x440 [ 408.754109] ? mem_cgroup_can_attach+0x580/0x580 [ 408.758847] ? __lock_is_held+0xb5/0x140 [ 408.762908] mem_cgroup_try_charge+0x5ea/0xe10 [ 408.767480] ? mem_cgroup_protected+0xa60/0xa60 [ 408.772135] ? swp_swapcount+0x530/0x530 [ 408.776192] ? find_held_lock+0x36/0x1c0 [ 408.780243] ? wp_page_copy+0xad1/0x14f0 [ 408.784284] ? lock_downgrade+0x900/0x900 [ 408.788417] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 408.793946] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 408.798872] wp_page_copy+0x46c/0x14f0 [ 408.802748] ? follow_pfn+0x2e0/0x2e0 [ 408.806532] ? do_wp_page+0x76c/0x1390 [ 408.810415] ? lock_downgrade+0x900/0x900 [ 408.814552] ? kasan_check_write+0x14/0x20 [ 408.818770] ? kasan_check_read+0x11/0x20 [ 408.822900] ? do_raw_spin_unlock+0xa7/0x2f0 [ 408.827291] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 408.831853] ? __pte_alloc_kernel+0x220/0x220 [ 408.836331] ? __lock_acquire+0x7ec/0x4ec0 [ 408.840551] do_wp_page+0x774/0x1390 [ 408.844251] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 408.848918] ? lock_release+0x970/0x970 [ 408.852874] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 408.858393] ? kasan_check_write+0x14/0x20 [ 408.862635] ? do_raw_spin_lock+0xc1/0x200 [ 408.866871] __handle_mm_fault+0x2c60/0x53e0 [ 408.871290] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 408.876130] ? graph_lock+0x170/0x170 [ 408.879912] ? print_usage_bug+0xc0/0xc0 [ 408.883956] ? wake_up_new_task+0x6fb/0xd20 [ 408.888254] ? kasan_check_read+0x11/0x20 [ 408.892380] ? graph_lock+0x170/0x170 [ 408.896177] ? graph_lock+0x170/0x170 [ 408.899968] ? handle_mm_fault+0x42a/0xc70 [ 408.904185] ? lock_downgrade+0x900/0x900 [ 408.908315] ? check_preemption_disabled+0x48/0x200 [ 408.913313] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 408.919091] ? kasan_check_read+0x11/0x20 [ 408.923232] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 408.928507] ? rcu_bh_qs+0xc0/0xc0 [ 408.932028] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 408.937461] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 408.942982] ? check_preemption_disabled+0x48/0x200 [ 408.948002] handle_mm_fault+0x54f/0xc70 [ 408.952060] ? __handle_mm_fault+0x53e0/0x53e0 [ 408.956624] ? find_vma+0x34/0x190 [ 408.960162] __do_page_fault+0x67d/0xed0 [ 408.964207] ? mm_fault_error+0x380/0x380 [ 408.968337] ? trace_hardirqs_off+0xb8/0x310 [ 408.972726] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 408.978072] ? trace_hardirqs_on+0x310/0x310 [ 408.982457] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 408.987977] do_page_fault+0xf2/0x7e0 [ 408.991762] ? vmalloc_sync_all+0x30/0x30 [ 408.995890] ? error_entry+0x70/0xd0 [ 408.999594] ? trace_hardirqs_off_caller+0xbb/0x310 [ 409.004587] ? trace_hardirqs_on_caller+0xc0/0x310 [ 409.009517] ? syscall_return_slowpath+0x5e0/0x5e0 [ 409.014436] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.019271] ? trace_hardirqs_on_caller+0x310/0x310 [ 409.024272] ? trace_hardirqs_off+0x310/0x310 [ 409.028760] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.034280] ? prepare_exit_to_usermode+0x291/0x3b0 [ 409.039290] ? page_fault+0x8/0x30 [ 409.042811] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.047634] ? page_fault+0x8/0x30 [ 409.051160] page_fault+0x1e/0x30 [ 409.054605] RIP: 0033:0x40b398 [ 409.057781] Code: 3d dc cc 31 00 00 0f 85 a3 04 00 00 e8 f1 a6 04 00 85 c0 89 c5 0f 88 dd 03 00 00 0f 84 88 02 00 00 89 c6 bf f3 cf 4b 00 31 c0 e3 64 ff ff c7 44 24 30 00 00 00 00 e8 a6 68 ff ff 49 89 c5 48 [ 409.076663] RSP: 002b:00007ffc76600d20 EFLAGS: 00010246 [ 409.082008] RAX: 0000000000000000 RBX: 0000000000000001 RCX: 0000000000455b4a [ 409.089255] RDX: 0000000000000000 RSI: 0000000000000349 RDI: 00000000004bcff3 [ 409.096506] RBP: 0000000000000349 R08: 0000000000000001 R09: 00000000013b4940 [ 409.103755] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000000 [ 409.111019] R13: 0000000000000001 R14: 00000000000000cd R15: 0000000000000005 [ 409.119153] Memory limit reached of cgroup /syz5 [ 409.123942] memory: usage 205660kB, limit 204800kB, failcnt 1710 [ 409.130132] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 409.136917] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 409.143041] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:68KB inactive_file:0KB active_file:0KB unevictable:0KB [ 409.162852] Out of memory and no killable processes... [ 409.168255] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 409.180047] syz-executor5 cpuset=syz5 mems_allowed=0 [ 409.185229] CPU: 1 PID: 13360 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 409.192522] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.201893] Call Trace: [ 409.204469] dump_stack+0x1c4/0x2b4 [ 409.208086] ? dump_stack_print_info.cold.2+0x52/0x52 [ 409.213266] dump_header+0x27b/0xf72 [ 409.216970] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 409.222798] ? kasan_check_read+0x11/0x20 [ 409.226934] ? pagefault_out_of_memory+0x197/0x197 [ 409.231850] ? rcu_read_unlock+0x33/0x60 [ 409.235899] ? mem_cgroup_iter+0x514/0x1160 [ 409.240215] ? find_held_lock+0x36/0x1c0 [ 409.244280] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 409.249022] ? mark_held_locks+0xc7/0x130 [ 409.253170] ? _raw_spin_unlock_irq+0x27/0x80 [ 409.257649] ? _raw_spin_unlock_irq+0x27/0x80 [ 409.262130] ? lockdep_hardirqs_on+0x421/0x5c0 [ 409.266701] ? trace_hardirqs_on+0xbd/0x310 [ 409.271036] ? kasan_check_read+0x11/0x20 [ 409.275184] ? css_task_iter_end+0x222/0x490 [ 409.279579] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 409.285033] ? kasan_check_write+0x14/0x20 [ 409.289277] ? do_raw_spin_lock+0xc1/0x200 [ 409.293505] ? _raw_spin_unlock_irq+0x60/0x80 [ 409.298010] ? css_task_iter_end+0x2ce/0x490 [ 409.302430] ? cgroup_procs_next+0x70/0x70 [ 409.306667] ? _raw_spin_unlock_irq+0x60/0x80 [ 409.311150] ? oom_badness+0xaa0/0xaa0 [ 409.315024] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 409.319768] ? mem_cgroup_iter_break+0x30/0x30 [ 409.324343] ? mark_held_locks+0xc7/0x130 [ 409.328509] out_of_memory.cold.30+0xf/0x184 [ 409.332913] ? lockdep_hardirqs_on+0x421/0x5c0 [ 409.337511] ? kasan_check_read+0x11/0x20 [ 409.341647] ? oom_killer_disable+0x3a0/0x3a0 [ 409.346128] ? kasan_check_write+0x14/0x20 [ 409.350347] ? do_raw_spin_lock+0xc1/0x200 [ 409.354572] mem_cgroup_out_of_memory+0x15e/0x210 [ 409.359401] ? memcg_memory_event+0x40/0x40 [ 409.363716] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 409.368463] ? page_counter_try_charge+0x1c1/0x220 [ 409.373388] try_charge+0xc43/0x1690 [ 409.377111] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 409.383166] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 409.388003] ? lock_downgrade+0x900/0x900 [ 409.392138] ? check_preemption_disabled+0x48/0x200 [ 409.397143] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 409.402930] ? kasan_check_read+0x11/0x20 [ 409.407073] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 409.412338] ? rcu_bh_qs+0xc0/0xc0 [ 409.415873] ? get_mem_cgroup_from_mm+0x206/0x440 [ 409.420717] ? mem_cgroup_can_attach+0x580/0x580 [ 409.425486] ? __lock_is_held+0xb5/0x140 [ 409.429543] mem_cgroup_try_charge+0x5ea/0xe10 [ 409.434115] ? mem_cgroup_protected+0xa60/0xa60 [ 409.438769] ? swp_swapcount+0x530/0x530 [ 409.442865] ? find_get_pages_range_tag+0x1320/0x1320 [ 409.448074] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 409.453599] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 409.458530] wp_page_copy+0x46c/0x14f0 [ 409.462431] ? follow_pfn+0x2e0/0x2e0 [ 409.466245] ? do_wp_page+0x76c/0x1390 [ 409.470119] ? lock_downgrade+0x900/0x900 [ 409.474255] ? kasan_check_write+0x14/0x20 [ 409.478480] ? kasan_check_read+0x11/0x20 [ 409.482616] ? do_raw_spin_unlock+0xa7/0x2f0 [ 409.487013] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 409.491581] ? __pte_alloc_kernel+0x220/0x220 [ 409.496059] ? __lock_acquire+0x7ec/0x4ec0 [ 409.500288] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.505816] do_wp_page+0x774/0x1390 [ 409.509523] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 409.514179] ? lock_downgrade+0x900/0x900 [ 409.518313] ? lock_release+0x970/0x970 [ 409.522274] ? kasan_check_read+0x11/0x20 [ 409.526410] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 409.531938] ? kasan_check_write+0x14/0x20 [ 409.536175] ? do_raw_spin_lock+0xc1/0x200 [ 409.540436] __handle_mm_fault+0x2c60/0x53e0 [ 409.544869] ? graph_lock+0x170/0x170 [ 409.548666] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 409.553521] ? graph_lock+0x170/0x170 [ 409.557316] ? print_usage_bug+0xc0/0xc0 [ 409.561365] ? graph_lock+0x170/0x170 [ 409.565171] ? graph_lock+0x170/0x170 [ 409.569066] ? handle_mm_fault+0x42a/0xc70 [ 409.573288] ? lock_downgrade+0x900/0x900 [ 409.577428] ? check_preemption_disabled+0x48/0x200 [ 409.582455] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 409.588235] ? kasan_check_read+0x11/0x20 [ 409.592365] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 409.597626] ? rcu_bh_qs+0xc0/0xc0 [ 409.601158] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 409.606954] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 409.612478] ? check_preemption_disabled+0x48/0x200 [ 409.617488] handle_mm_fault+0x54f/0xc70 [ 409.621541] ? __handle_mm_fault+0x53e0/0x53e0 [ 409.626109] ? find_vma+0x34/0x190 [ 409.629665] __do_page_fault+0x67d/0xed0 [ 409.633759] ? mm_fault_error+0x380/0x380 [ 409.637904] do_page_fault+0xf2/0x7e0 [ 409.641692] ? vmalloc_sync_all+0x30/0x30 [ 409.645829] ? error_entry+0x70/0xd0 [ 409.649530] ? trace_hardirqs_off_caller+0xbb/0x310 [ 409.654530] ? trace_hardirqs_on_caller+0xc0/0x310 [ 409.659477] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.664311] ? trace_hardirqs_on_caller+0x310/0x310 [ 409.669330] ? trace_hardirqs_off+0x310/0x310 [ 409.673812] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 409.678818] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 409.684340] ? prepare_exit_to_usermode+0x291/0x3b0 [ 409.689340] ? page_fault+0x8/0x30 [ 409.692866] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 409.697694] ? page_fault+0x8/0x30 [ 409.701219] page_fault+0x1e/0x30 [ 409.704655] RIP: 0033:0x455b7e [ 409.707838] Code: 00 00 85 c0 41 89 c5 0f 85 fc 00 00 00 64 8b 04 25 d0 02 00 00 41 39 c4 0f 84 12 02 00 00 48 8b 05 e7 08 5f 00 48 85 c0 74 04 <48> 83 00 04 64 8b 04 25 d0 02 00 00 64 89 04 25 d4 02 00 00 0f 31 [ 409.726768] RSP: 002b:00007ffc76600cd0 EFLAGS: 00010202 [ 409.732155] RAX: 0000000000a45f68 RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 409.739412] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 409.746673] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 409.753937] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 409.761190] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 409.769942] Memory limit reached of cgroup /syz5 [ 409.774815] memory: usage 205664kB, limit 204800kB, failcnt 1710 [ 409.780961] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 409.787763] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 409.793913] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:76KB inactive_file:0KB active_file:0KB unevictable:0KB [ 409.813785] Out of memory and no killable processes... [ 409.820255] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 409.831535] syz-executor5 cpuset=syz5 mems_allowed=0 [ 409.836756] CPU: 1 PID: 13360 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 409.844021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 409.853358] Call Trace: [ 409.855962] dump_stack+0x1c4/0x2b4 [ 409.859597] ? dump_stack_print_info.cold.2+0x52/0x52 [ 409.864797] dump_header+0x27b/0xf72 [ 409.868516] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 409.874322] ? kasan_check_read+0x11/0x20 [ 409.878499] ? pagefault_out_of_memory+0x197/0x197 [ 409.883431] ? rcu_read_unlock+0x33/0x60 [ 409.887496] ? mem_cgroup_iter+0x514/0x1160 [ 409.891819] ? find_held_lock+0x36/0x1c0 [ 409.895897] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 409.900654] ? mark_held_locks+0xc7/0x130 [ 409.904800] ? _raw_spin_unlock_irq+0x27/0x80 [ 409.909286] ? _raw_spin_unlock_irq+0x27/0x80 [ 409.913768] ? lockdep_hardirqs_on+0x421/0x5c0 [ 409.918337] ? trace_hardirqs_on+0xbd/0x310 [ 409.922642] ? kasan_check_read+0x11/0x20 [ 409.926776] ? css_task_iter_end+0x222/0x490 [ 409.931170] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 409.936607] ? kasan_check_write+0x14/0x20 [ 409.940829] ? do_raw_spin_lock+0xc1/0x200 [ 409.945054] ? _raw_spin_unlock_irq+0x60/0x80 [ 409.949539] ? css_task_iter_end+0x2ce/0x490 [ 409.953936] ? cgroup_procs_next+0x70/0x70 [ 409.958185] ? _raw_spin_unlock_irq+0x60/0x80 [ 409.962666] ? oom_badness+0xaa0/0xaa0 [ 409.966552] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 409.971295] ? mem_cgroup_iter_break+0x30/0x30 [ 409.975881] ? mark_held_locks+0xc7/0x130 [ 409.980018] out_of_memory.cold.30+0xf/0x184 [ 409.984411] ? lockdep_hardirqs_on+0x421/0x5c0 [ 409.988987] ? kasan_check_read+0x11/0x20 [ 409.993141] ? oom_killer_disable+0x3a0/0x3a0 [ 409.997622] ? kasan_check_write+0x14/0x20 [ 410.001841] ? do_raw_spin_lock+0xc1/0x200 [ 410.006082] mem_cgroup_out_of_memory+0x15e/0x210 [ 410.010950] ? memcg_memory_event+0x40/0x40 [ 410.015255] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 410.020004] ? page_counter_try_charge+0x1c1/0x220 [ 410.024922] try_charge+0xc43/0x1690 [ 410.028631] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 410.034674] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 410.039509] ? lock_downgrade+0x900/0x900 [ 410.043645] ? check_preemption_disabled+0x48/0x200 [ 410.048667] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 410.054465] ? kasan_check_read+0x11/0x20 [ 410.058601] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 410.063876] ? rcu_bh_qs+0xc0/0xc0 [ 410.067447] ? get_mem_cgroup_from_mm+0x206/0x440 [ 410.072285] ? mem_cgroup_can_attach+0x580/0x580 [ 410.077067] ? __lock_is_held+0xb5/0x140 [ 410.081135] mem_cgroup_try_charge+0x5ea/0xe10 [ 410.085720] ? mem_cgroup_protected+0xa60/0xa60 [ 410.090391] ? swp_swapcount+0x530/0x530 [ 410.094450] ? find_held_lock+0x36/0x1c0 [ 410.098503] ? wp_page_copy+0xad1/0x14f0 [ 410.102551] ? lock_downgrade+0x900/0x900 [ 410.106693] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 410.112224] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 410.117141] wp_page_copy+0x46c/0x14f0 [ 410.121027] ? follow_pfn+0x2e0/0x2e0 [ 410.124833] ? do_wp_page+0x76c/0x1390 [ 410.128711] ? lock_downgrade+0x900/0x900 [ 410.132853] ? kasan_check_write+0x14/0x20 [ 410.137087] ? kasan_check_read+0x11/0x20 [ 410.141225] ? do_raw_spin_unlock+0xa7/0x2f0 [ 410.145632] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 410.150204] ? __pte_alloc_kernel+0x220/0x220 [ 410.154686] ? __lock_acquire+0x7ec/0x4ec0 [ 410.158920] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.164459] do_wp_page+0x774/0x1390 [ 410.168166] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 410.172821] ? lock_downgrade+0x900/0x900 [ 410.176955] ? lock_release+0x970/0x970 [ 410.180932] ? kasan_check_read+0x11/0x20 [ 410.185064] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 410.190590] ? kasan_check_write+0x14/0x20 [ 410.194820] ? do_raw_spin_lock+0xc1/0x200 [ 410.199048] __handle_mm_fault+0x2c60/0x53e0 [ 410.203450] ? graph_lock+0x170/0x170 [ 410.207243] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 410.212070] ? graph_lock+0x170/0x170 [ 410.215878] ? print_usage_bug+0xc0/0xc0 [ 410.219944] ? graph_lock+0x170/0x170 [ 410.223729] ? graph_lock+0x170/0x170 [ 410.227536] ? handle_mm_fault+0x42a/0xc70 [ 410.231758] ? lock_downgrade+0x900/0x900 [ 410.235893] ? check_preemption_disabled+0x48/0x200 [ 410.240898] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 410.246681] ? kasan_check_read+0x11/0x20 [ 410.250819] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 410.256085] ? rcu_bh_qs+0xc0/0xc0 [ 410.259621] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 410.265082] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 410.270614] ? check_preemption_disabled+0x48/0x200 [ 410.275625] handle_mm_fault+0x54f/0xc70 [ 410.279674] ? __handle_mm_fault+0x53e0/0x53e0 [ 410.284255] ? find_vma+0x34/0x190 [ 410.287802] __do_page_fault+0x67d/0xed0 [ 410.291853] ? mm_fault_error+0x380/0x380 [ 410.295998] do_page_fault+0xf2/0x7e0 [ 410.300395] ? vmalloc_sync_all+0x30/0x30 [ 410.304553] ? error_entry+0x70/0xd0 [ 410.308256] ? trace_hardirqs_off_caller+0xbb/0x310 [ 410.313260] ? trace_hardirqs_on_caller+0xc0/0x310 [ 410.318203] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.323035] ? trace_hardirqs_on_caller+0x310/0x310 [ 410.328036] ? trace_hardirqs_off+0x310/0x310 [ 410.332522] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 410.337543] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 410.343068] ? prepare_exit_to_usermode+0x291/0x3b0 [ 410.348071] ? page_fault+0x8/0x30 [ 410.351603] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.356441] ? page_fault+0x8/0x30 [ 410.359971] page_fault+0x1e/0x30 [ 410.363412] RIP: 0033:0x455bab [ 410.366601] Code: 04 64 8b 04 25 d0 02 00 00 64 89 04 25 d4 02 00 00 0f 31 48 c1 e2 20 89 c0 48 09 c2 64 48 89 14 25 20 06 00 00 b8 b0 1d 41 00 <48> 89 15 1e 09 5f 00 48 85 c0 74 08 4c 89 cf e8 f1 c1 fb ff 45 85 [ 410.385489] RSP: 002b:00007ffc76600cd0 EFLAGS: 00010206 [ 410.390842] RAX: 0000000000411db0 RBX: 00007ffc76600cd0 RCX: 0000000000455b4a [ 410.398097] RDX: 000000ddae0d098b RSI: 0000000000000000 RDI: 0000000001200011 [ 410.405349] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 410.412602] R10: 00000000013b4c10 R11: 0000000000000246 R12: 0000000000000001 [ 410.419857] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 410.428707] Memory limit reached of cgroup /syz5 [ 410.433560] memory: usage 205668kB, limit 204800kB, failcnt 1718 [ 410.439810] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 410.447097] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 410.453238] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:76KB inactive_file:0KB active_file:0KB unevictable:0KB [ 410.473108] Out of memory and no killable processes... [ 410.480102] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 410.492076] syz-executor5 cpuset=syz5 mems_allowed=0 [ 410.497321] CPU: 1 PID: 13360 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 410.504596] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 410.513942] Call Trace: [ 410.516531] dump_stack+0x1c4/0x2b4 [ 410.520149] ? dump_stack_print_info.cold.2+0x52/0x52 [ 410.525331] dump_header+0x27b/0xf72 [ 410.529035] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 410.534818] ? kasan_check_read+0x11/0x20 [ 410.538957] ? pagefault_out_of_memory+0x197/0x197 [ 410.543892] ? rcu_read_unlock+0x33/0x60 [ 410.547942] ? mem_cgroup_iter+0x514/0x1160 [ 410.552253] ? find_held_lock+0x36/0x1c0 [ 410.556303] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 410.561056] ? mark_held_locks+0xc7/0x130 [ 410.565205] ? _raw_spin_unlock_irq+0x27/0x80 [ 410.569685] ? _raw_spin_unlock_irq+0x27/0x80 [ 410.574170] ? lockdep_hardirqs_on+0x421/0x5c0 [ 410.578742] ? trace_hardirqs_on+0xbd/0x310 [ 410.583048] ? kasan_check_read+0x11/0x20 [ 410.587184] ? css_task_iter_end+0x222/0x490 [ 410.591586] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 410.597024] ? kasan_check_write+0x14/0x20 [ 410.601244] ? do_raw_spin_lock+0xc1/0x200 [ 410.605465] ? _raw_spin_unlock_irq+0x60/0x80 [ 410.609948] ? css_task_iter_end+0x2ce/0x490 [ 410.614343] ? cgroup_procs_next+0x70/0x70 [ 410.618564] ? _raw_spin_unlock_irq+0x60/0x80 [ 410.623048] ? oom_badness+0xaa0/0xaa0 [ 410.626960] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 410.631719] ? mem_cgroup_iter_break+0x30/0x30 [ 410.636319] ? mark_held_locks+0xc7/0x130 [ 410.640472] out_of_memory.cold.30+0xf/0x184 [ 410.644866] ? lockdep_hardirqs_on+0x421/0x5c0 [ 410.649446] ? kasan_check_read+0x11/0x20 [ 410.653581] ? oom_killer_disable+0x3a0/0x3a0 [ 410.658061] ? kasan_check_write+0x14/0x20 [ 410.662284] ? do_raw_spin_lock+0xc1/0x200 [ 410.666514] mem_cgroup_out_of_memory+0x15e/0x210 [ 410.671348] ? memcg_memory_event+0x40/0x40 [ 410.675653] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 410.680400] ? page_counter_try_charge+0x1c1/0x220 [ 410.685339] try_charge+0xc43/0x1690 [ 410.689047] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 410.695090] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 410.700094] ? lock_downgrade+0x900/0x900 [ 410.704228] ? check_preemption_disabled+0x48/0x200 [ 410.709234] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 410.715021] ? kasan_check_read+0x11/0x20 [ 410.719155] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 410.724416] ? rcu_bh_qs+0xc0/0xc0 [ 410.727996] ? get_mem_cgroup_from_mm+0x206/0x440 [ 410.732845] ? mem_cgroup_can_attach+0x580/0x580 [ 410.737590] ? __lock_is_held+0xb5/0x140 [ 410.741645] mem_cgroup_try_charge+0x5ea/0xe10 [ 410.746231] ? mem_cgroup_protected+0xa60/0xa60 [ 410.750918] ? swp_swapcount+0x530/0x530 [ 410.754985] ? find_get_pages_range_tag+0x1320/0x1320 [ 410.760183] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 410.765708] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 410.770625] wp_page_copy+0x46c/0x14f0 [ 410.774505] ? follow_pfn+0x2e0/0x2e0 [ 410.778295] ? do_wp_page+0x76c/0x1390 [ 410.782181] ? lock_downgrade+0x900/0x900 [ 410.786327] ? kasan_check_write+0x14/0x20 [ 410.790550] ? kasan_check_read+0x11/0x20 [ 410.794682] ? do_raw_spin_unlock+0xa7/0x2f0 [ 410.799077] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 410.803643] ? __pte_alloc_kernel+0x220/0x220 [ 410.808126] ? __lock_acquire+0x7ec/0x4ec0 [ 410.812349] do_wp_page+0x774/0x1390 [ 410.816053] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 410.820708] ? lock_downgrade+0x900/0x900 [ 410.824850] ? lock_release+0x970/0x970 [ 410.828811] ? kasan_check_read+0x11/0x20 [ 410.832943] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 410.838466] ? kasan_check_write+0x14/0x20 [ 410.842687] ? do_raw_spin_lock+0xc1/0x200 [ 410.846923] __handle_mm_fault+0x2c60/0x53e0 [ 410.851316] ? graph_lock+0x170/0x170 [ 410.855131] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 410.859966] ? graph_lock+0x170/0x170 [ 410.863750] ? print_usage_bug+0xc0/0xc0 [ 410.867798] ? graph_lock+0x170/0x170 [ 410.871589] ? graph_lock+0x170/0x170 [ 410.875443] ? handle_mm_fault+0x42a/0xc70 [ 410.879687] ? lock_downgrade+0x900/0x900 [ 410.883826] ? check_preemption_disabled+0x48/0x200 [ 410.888830] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 410.894613] ? kasan_check_read+0x11/0x20 [ 410.898749] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 410.904024] ? rcu_bh_qs+0xc0/0xc0 [ 410.907552] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 410.913008] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 410.918533] ? check_preemption_disabled+0x48/0x200 [ 410.923557] handle_mm_fault+0x54f/0xc70 [ 410.927613] ? __handle_mm_fault+0x53e0/0x53e0 [ 410.932182] ? find_vma+0x34/0x190 [ 410.935713] __do_page_fault+0x67d/0xed0 [ 410.939782] ? mm_fault_error+0x380/0x380 [ 410.943928] ? trace_hardirqs_off+0xb8/0x310 [ 410.948347] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 410.953698] ? trace_hardirqs_on+0x310/0x310 [ 410.958105] do_page_fault+0xf2/0x7e0 [ 410.961892] ? vmalloc_sync_all+0x30/0x30 [ 410.966025] ? error_entry+0x70/0xd0 [ 410.969723] ? trace_hardirqs_off_caller+0xbb/0x310 [ 410.974726] ? trace_hardirqs_on_caller+0xc0/0x310 [ 410.979655] ? syscall_return_slowpath+0x5e0/0x5e0 [ 410.984585] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 410.989412] ? trace_hardirqs_on_caller+0x310/0x310 [ 410.994417] ? trace_hardirqs_off+0x310/0x310 [ 410.998906] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 411.003911] ? prepare_exit_to_usermode+0x291/0x3b0 [ 411.008923] ? page_fault+0x8/0x30 [ 411.012466] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.017298] ? page_fault+0x8/0x30 [ 411.020825] page_fault+0x1e/0x30 [ 411.024261] RIP: 0033:0x455bcb [ 411.027444] Code: 25 20 06 00 00 b8 b0 1d 41 00 48 89 15 1e 09 5f 00 48 85 c0 74 08 4c 89 cf e8 f1 c1 fb ff 45 85 f6 0f 85 58 01 00 00 48 85 db <48> c7 05 ba 73 2b 00 00 00 00 00 48 c7 05 9f 73 2b 00 00 00 00 00 [ 411.046328] RSP: 002b:00007ffc76600cd0 EFLAGS: 00010202 [ 411.051673] RAX: 0000000000000000 RBX: 00007ffc76600cd0 RCX: 0000000000411dc3 [ 411.058938] RDX: 000000ddae0d098b RSI: 0000000000000018 RDI: 00000000013b4c20 [ 411.066189] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 411.073482] R10: 00000000013b4c10 R11: 0000000000000202 R12: 0000000000000001 [ 411.080745] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 411.091193] Memory limit reached of cgroup /syz5 [ 411.098291] memory: usage 205672kB, limit 204800kB, failcnt 1726 [ 411.104448] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 411.111255] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 411.117495] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:76KB inactive_file:0KB active_file:0KB unevictable:0KB [ 411.138120] Out of memory and no killable processes... [ 411.144522] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 411.155842] syz-executor5 cpuset=syz5 mems_allowed=0 [ 411.160983] CPU: 1 PID: 13360 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 411.168238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.177573] Call Trace: [ 411.180160] dump_stack+0x1c4/0x2b4 [ 411.183794] ? dump_stack_print_info.cold.2+0x52/0x52 [ 411.188976] dump_header+0x27b/0xf72 [ 411.192685] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 411.198478] ? kasan_check_read+0x11/0x20 [ 411.202617] ? pagefault_out_of_memory+0x197/0x197 [ 411.207554] ? rcu_read_unlock+0x33/0x60 [ 411.211604] ? mem_cgroup_iter+0x514/0x1160 [ 411.215936] ? find_held_lock+0x36/0x1c0 [ 411.219986] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 411.224747] ? mark_held_locks+0xc7/0x130 [ 411.228892] ? _raw_spin_unlock_irq+0x27/0x80 [ 411.233373] ? _raw_spin_unlock_irq+0x27/0x80 [ 411.237854] ? lockdep_hardirqs_on+0x421/0x5c0 [ 411.242420] ? trace_hardirqs_on+0xbd/0x310 [ 411.246733] ? kasan_check_read+0x11/0x20 [ 411.250877] ? css_task_iter_end+0x222/0x490 [ 411.255334] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 411.260784] ? kasan_check_write+0x14/0x20 [ 411.265008] ? do_raw_spin_lock+0xc1/0x200 [ 411.269229] ? _raw_spin_unlock_irq+0x60/0x80 [ 411.273707] ? css_task_iter_end+0x2ce/0x490 [ 411.278114] ? cgroup_procs_next+0x70/0x70 [ 411.282335] ? _raw_spin_unlock_irq+0x60/0x80 [ 411.286815] ? oom_badness+0xaa0/0xaa0 [ 411.290687] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 411.295451] ? mem_cgroup_iter_break+0x30/0x30 [ 411.300033] ? mark_held_locks+0xc7/0x130 [ 411.304169] out_of_memory.cold.30+0xf/0x184 [ 411.308568] ? lockdep_hardirqs_on+0x421/0x5c0 [ 411.313136] ? kasan_check_read+0x11/0x20 [ 411.317273] ? oom_killer_disable+0x3a0/0x3a0 [ 411.321759] ? kasan_check_write+0x14/0x20 [ 411.325981] ? do_raw_spin_lock+0xc1/0x200 [ 411.330214] mem_cgroup_out_of_memory+0x15e/0x210 [ 411.335043] ? memcg_memory_event+0x40/0x40 [ 411.339366] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 411.344121] ? page_counter_try_charge+0x1c1/0x220 [ 411.349089] try_charge+0xc43/0x1690 [ 411.352795] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 411.358838] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 411.363667] ? lock_downgrade+0x900/0x900 [ 411.367803] ? check_preemption_disabled+0x48/0x200 [ 411.372811] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 411.378591] ? kasan_check_read+0x11/0x20 [ 411.382727] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 411.388000] ? rcu_bh_qs+0xc0/0xc0 [ 411.391540] ? get_mem_cgroup_from_mm+0x206/0x440 [ 411.396374] ? mem_cgroup_can_attach+0x580/0x580 [ 411.401129] ? __lock_is_held+0xb5/0x140 [ 411.405200] mem_cgroup_try_charge+0x5ea/0xe10 [ 411.409786] ? mem_cgroup_protected+0xa60/0xa60 [ 411.414451] ? swp_swapcount+0x530/0x530 [ 411.418513] ? find_get_pages_range_tag+0x1320/0x1320 [ 411.423698] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 411.429230] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 411.434174] wp_page_copy+0x46c/0x14f0 [ 411.438066] ? follow_pfn+0x2e0/0x2e0 [ 411.441864] ? do_wp_page+0x76c/0x1390 [ 411.445746] ? lock_downgrade+0x900/0x900 [ 411.449880] ? kasan_check_write+0x14/0x20 [ 411.454100] ? kasan_check_read+0x11/0x20 [ 411.458239] ? do_raw_spin_unlock+0xa7/0x2f0 [ 411.462639] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 411.467205] ? __pte_alloc_kernel+0x220/0x220 [ 411.471684] ? __lock_acquire+0x7ec/0x4ec0 [ 411.475909] do_wp_page+0x774/0x1390 [ 411.479612] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 411.484270] ? lock_downgrade+0x900/0x900 [ 411.488407] ? lock_release+0x970/0x970 [ 411.492396] ? kasan_check_read+0x11/0x20 [ 411.496553] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 411.502077] ? kasan_check_write+0x14/0x20 [ 411.506297] ? do_raw_spin_lock+0xc1/0x200 [ 411.510522] __handle_mm_fault+0x2c60/0x53e0 [ 411.514915] ? graph_lock+0x170/0x170 [ 411.518706] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 411.523533] ? graph_lock+0x170/0x170 [ 411.527319] ? print_usage_bug+0xc0/0xc0 [ 411.531364] ? graph_lock+0x170/0x170 [ 411.535149] ? graph_lock+0x170/0x170 [ 411.538942] ? handle_mm_fault+0x42a/0xc70 [ 411.543162] ? lock_downgrade+0x900/0x900 [ 411.547295] ? check_preemption_disabled+0x48/0x200 [ 411.552301] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 411.558079] ? kasan_check_read+0x11/0x20 [ 411.562226] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 411.567605] ? rcu_bh_qs+0xc0/0xc0 [ 411.571139] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 411.576582] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 411.582115] ? check_preemption_disabled+0x48/0x200 [ 411.587135] handle_mm_fault+0x54f/0xc70 [ 411.591187] ? __handle_mm_fault+0x53e0/0x53e0 [ 411.595755] ? find_vma+0x34/0x190 [ 411.599281] __do_page_fault+0x67d/0xed0 [ 411.603335] ? mm_fault_error+0x380/0x380 [ 411.607483] ? trace_hardirqs_off+0xb8/0x310 [ 411.611881] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 411.617231] ? trace_hardirqs_on+0x310/0x310 [ 411.621627] do_page_fault+0xf2/0x7e0 [ 411.625631] ? vmalloc_sync_all+0x30/0x30 [ 411.629769] ? error_entry+0x70/0xd0 [ 411.633470] ? trace_hardirqs_off_caller+0xbb/0x310 [ 411.638481] ? trace_hardirqs_on_caller+0xc0/0x310 [ 411.643396] ? syscall_return_slowpath+0x5e0/0x5e0 [ 411.648331] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.653163] ? trace_hardirqs_on_caller+0x310/0x310 [ 411.658163] ? trace_hardirqs_off+0x310/0x310 [ 411.662645] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 411.667647] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 411.673223] ? prepare_exit_to_usermode+0x291/0x3b0 [ 411.678241] ? page_fault+0x8/0x30 [ 411.681768] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 411.686597] ? page_fault+0x8/0x30 [ 411.690118] page_fault+0x1e/0x30 [ 411.693553] RIP: 0033:0x40d4c8 [ 411.696731] Code: 48 8b 05 f3 e9 2f 00 48 89 08 48 8b 15 f1 e9 2f 00 48 89 42 08 48 8b 05 d6 e9 2f 00 48 89 05 df e9 2f 00 49 8d 81 c0 02 00 00 <48> 89 05 81 2b 63 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 [ 411.715629] RSP: 002b:00007ffc76600cc8 EFLAGS: 00010246 [ 411.720979] RAX: 00000000013b4c00 RBX: 00007ffc76600cd0 RCX: 000000000070bea0 [ 411.728241] RDX: 000000000040d300 RSI: 000000000070be90 RDI: 00000000013b4c20 [ 411.735519] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 411.742773] R10: 00000000013b4c10 R11: 0000000000000202 R12: 0000000000000001 [ 411.750028] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 411.760667] Memory limit reached of cgroup /syz5 [ 411.765590] memory: usage 205676kB, limit 204800kB, failcnt 1734 [ 411.771770] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 411.778581] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 411.784730] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:88KB inactive_file:0KB active_file:0KB unevictable:0KB [ 411.804628] Out of memory and no killable processes... [ 411.811262] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 411.822554] syz-executor5 cpuset=syz5 mems_allowed=0 [ 411.828354] CPU: 1 PID: 13360 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 411.835614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 411.844963] Call Trace: [ 411.847564] dump_stack+0x1c4/0x2b4 [ 411.851183] ? dump_stack_print_info.cold.2+0x52/0x52 [ 411.856368] dump_header+0x27b/0xf72 [ 411.860073] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 411.865854] ? kasan_check_read+0x11/0x20 [ 411.869989] ? pagefault_out_of_memory+0x197/0x197 [ 411.874915] ? rcu_read_unlock+0x33/0x60 [ 411.878964] ? mem_cgroup_iter+0x514/0x1160 [ 411.883275] ? find_held_lock+0x36/0x1c0 [ 411.887344] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 411.892120] ? mark_held_locks+0xc7/0x130 [ 411.896254] ? _raw_spin_unlock_irq+0x27/0x80 [ 411.900734] ? _raw_spin_unlock_irq+0x27/0x80 [ 411.905213] ? lockdep_hardirqs_on+0x421/0x5c0 [ 411.909780] ? trace_hardirqs_on+0xbd/0x310 [ 411.914087] ? kasan_check_read+0x11/0x20 [ 411.918218] ? css_task_iter_end+0x222/0x490 [ 411.922613] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 411.928048] ? kasan_check_write+0x14/0x20 [ 411.932268] ? do_raw_spin_lock+0xc1/0x200 [ 411.936522] ? _raw_spin_unlock_irq+0x60/0x80 [ 411.941008] ? css_task_iter_end+0x2ce/0x490 [ 411.945409] ? cgroup_procs_next+0x70/0x70 [ 411.949666] ? _raw_spin_unlock_irq+0x60/0x80 [ 411.954149] ? oom_badness+0xaa0/0xaa0 [ 411.958022] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 411.962777] ? mem_cgroup_iter_break+0x30/0x30 [ 411.967366] ? mark_held_locks+0xc7/0x130 [ 411.971507] out_of_memory.cold.30+0xf/0x184 [ 411.975942] ? lockdep_hardirqs_on+0x421/0x5c0 [ 411.980538] ? kasan_check_read+0x11/0x20 [ 411.984675] ? oom_killer_disable+0x3a0/0x3a0 [ 411.989156] ? kasan_check_write+0x14/0x20 [ 411.993379] ? do_raw_spin_lock+0xc1/0x200 [ 411.997606] mem_cgroup_out_of_memory+0x15e/0x210 [ 412.002456] ? memcg_memory_event+0x40/0x40 [ 412.006764] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 412.011508] ? page_counter_try_charge+0x1c1/0x220 [ 412.016457] try_charge+0xc43/0x1690 [ 412.020203] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 412.026256] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 412.031087] ? lock_downgrade+0x900/0x900 [ 412.035221] ? check_preemption_disabled+0x48/0x200 [ 412.040265] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 412.046052] ? kasan_check_read+0x11/0x20 [ 412.050183] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 412.055456] ? rcu_bh_qs+0xc0/0xc0 [ 412.058989] ? get_mem_cgroup_from_mm+0x206/0x440 [ 412.063832] ? mem_cgroup_can_attach+0x580/0x580 [ 412.068576] ? __lock_is_held+0xb5/0x140 [ 412.072631] mem_cgroup_try_charge+0x5ea/0xe10 [ 412.077217] ? mem_cgroup_protected+0xa60/0xa60 [ 412.081889] ? swp_swapcount+0x530/0x530 [ 412.085936] ? find_held_lock+0x36/0x1c0 [ 412.089987] ? wp_page_copy+0xad1/0x14f0 [ 412.094069] ? lock_downgrade+0x900/0x900 [ 412.098227] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 412.103754] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 412.108681] wp_page_copy+0x46c/0x14f0 [ 412.112577] ? follow_pfn+0x2e0/0x2e0 [ 412.116367] ? do_wp_page+0x76c/0x1390 [ 412.120241] ? lock_downgrade+0x900/0x900 [ 412.124386] ? kasan_check_write+0x14/0x20 [ 412.128629] ? kasan_check_read+0x11/0x20 [ 412.132764] ? do_raw_spin_unlock+0xa7/0x2f0 [ 412.137157] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 412.141736] ? __pte_alloc_kernel+0x220/0x220 [ 412.146214] ? __lock_acquire+0x7ec/0x4ec0 [ 412.150448] do_wp_page+0x774/0x1390 [ 412.154154] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 412.158810] ? lock_downgrade+0x900/0x900 [ 412.162946] ? lock_release+0x970/0x970 [ 412.166905] ? kasan_check_read+0x11/0x20 [ 412.171043] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 412.176584] ? kasan_check_write+0x14/0x20 [ 412.180807] ? do_raw_spin_lock+0xc1/0x200 [ 412.185042] __handle_mm_fault+0x2c60/0x53e0 [ 412.189458] ? graph_lock+0x170/0x170 [ 412.193267] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 412.198110] ? graph_lock+0x170/0x170 [ 412.201899] ? print_usage_bug+0xc0/0xc0 [ 412.205948] ? graph_lock+0x170/0x170 [ 412.209736] ? graph_lock+0x170/0x170 [ 412.213534] ? handle_mm_fault+0x42a/0xc70 [ 412.217757] ? lock_downgrade+0x900/0x900 [ 412.221900] ? check_preemption_disabled+0x48/0x200 [ 412.226906] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 412.232688] ? kasan_check_read+0x11/0x20 [ 412.236823] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 412.242094] ? rcu_bh_qs+0xc0/0xc0 [ 412.245619] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 412.251072] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 412.256599] ? check_preemption_disabled+0x48/0x200 [ 412.261616] handle_mm_fault+0x54f/0xc70 [ 412.265664] ? __handle_mm_fault+0x53e0/0x53e0 [ 412.270233] ? find_vma+0x34/0x190 [ 412.273763] __do_page_fault+0x67d/0xed0 [ 412.277827] ? mm_fault_error+0x380/0x380 [ 412.282001] ? trace_hardirqs_off+0xb8/0x310 [ 412.286451] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 412.291818] ? trace_hardirqs_on+0x310/0x310 [ 412.296235] do_page_fault+0xf2/0x7e0 [ 412.300042] ? vmalloc_sync_all+0x30/0x30 [ 412.304245] ? error_entry+0x70/0xd0 [ 412.307965] ? trace_hardirqs_off_caller+0xbb/0x310 [ 412.312989] ? trace_hardirqs_on_caller+0xc0/0x310 [ 412.317925] ? syscall_return_slowpath+0x5e0/0x5e0 [ 412.322875] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.327717] ? trace_hardirqs_on_caller+0x310/0x310 [ 412.332733] ? trace_hardirqs_off+0x310/0x310 [ 412.337233] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 412.342253] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 412.347794] ? prepare_exit_to_usermode+0x291/0x3b0 [ 412.352821] ? page_fault+0x8/0x30 [ 412.356376] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.361220] ? page_fault+0x8/0x30 [ 412.364767] page_fault+0x1e/0x30 [ 412.368223] RIP: 0033:0x40d4f6 [ 412.371417] Code: 2b 63 00 49 8b 89 c8 02 00 00 49 8b 91 c0 02 00 00 48 89 4a 08 49 8b 89 c8 02 00 00 48 89 11 48 c7 05 5a 2b 63 00 00 00 00 00 <48> c7 05 97 e9 2f 00 90 be 70 00 31 d2 48 c7 05 82 e9 2f 00 90 be [ 412.390335] RSP: 002b:00007ffc76600cc8 EFLAGS: 00010246 [ 412.395702] RAX: 00000000013b4c00 RBX: 00007ffc76600cd0 RCX: 0000000000a40040 [ 412.402972] RDX: 0000000000a40040 RSI: 000000000070be90 RDI: 00000000013b4c20 [ 412.410244] RBP: 00007ffc76600d10 R08: 0000000000000001 R09: 00000000013b4940 [ 412.417513] R10: 00000000013b4c10 R11: 0000000000000202 R12: 0000000000000001 [ 412.424782] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 412.433440] Memory limit reached of cgroup /syz5 [ 412.438327] memory: usage 205680kB, limit 204800kB, failcnt 1750 [ 412.444457] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 412.451287] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 412.457484] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:88KB inactive_file:0KB active_file:0KB unevictable:0KB [ 412.477289] Out of memory and no killable processes... [ 412.482666] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 412.494314] syz-executor5 cpuset=syz5 mems_allowed=0 [ 412.499520] CPU: 0 PID: 5568 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 412.506707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 412.516039] Call Trace: [ 412.518613] dump_stack+0x1c4/0x2b4 [ 412.522235] ? dump_stack_print_info.cold.2+0x52/0x52 [ 412.527412] dump_header+0x27b/0xf72 [ 412.531115] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 412.536890] ? kasan_check_read+0x11/0x20 [ 412.541017] ? pagefault_out_of_memory+0x197/0x197 [ 412.545932] ? rcu_read_unlock+0x33/0x60 [ 412.549974] ? mem_cgroup_iter+0x514/0x1160 [ 412.554283] ? find_held_lock+0x36/0x1c0 [ 412.558328] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 412.563080] ? mark_held_locks+0xc7/0x130 [ 412.567218] ? _raw_spin_unlock_irq+0x27/0x80 [ 412.571695] ? _raw_spin_unlock_irq+0x27/0x80 [ 412.576177] ? lockdep_hardirqs_on+0x421/0x5c0 [ 412.580772] ? trace_hardirqs_on+0xbd/0x310 [ 412.585075] ? kasan_check_read+0x11/0x20 [ 412.589207] ? css_task_iter_end+0x222/0x490 [ 412.593598] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 412.599037] ? kasan_check_write+0x14/0x20 [ 412.603266] ? do_raw_spin_lock+0xc1/0x200 [ 412.607511] ? _raw_spin_unlock_irq+0x60/0x80 [ 412.611991] ? css_task_iter_end+0x2ce/0x490 [ 412.616415] ? cgroup_procs_next+0x70/0x70 [ 412.620650] ? _raw_spin_unlock_irq+0x60/0x80 [ 412.625127] ? oom_badness+0xaa0/0xaa0 [ 412.629004] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 412.633746] ? mem_cgroup_iter_break+0x30/0x30 [ 412.638318] ? mark_held_locks+0xc7/0x130 [ 412.642452] out_of_memory.cold.30+0xf/0x184 [ 412.646843] ? lockdep_hardirqs_on+0x421/0x5c0 [ 412.651408] ? kasan_check_read+0x11/0x20 [ 412.655545] ? oom_killer_disable+0x3a0/0x3a0 [ 412.660019] ? kasan_check_write+0x14/0x20 [ 412.664238] ? do_raw_spin_lock+0xc1/0x200 [ 412.668476] mem_cgroup_out_of_memory+0x15e/0x210 [ 412.673308] ? memcg_memory_event+0x40/0x40 [ 412.677610] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 412.682351] ? page_counter_try_charge+0x1c1/0x220 [ 412.687263] try_charge+0xc43/0x1690 [ 412.690965] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 412.697004] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 412.701888] ? lock_downgrade+0x900/0x900 [ 412.706022] ? check_preemption_disabled+0x48/0x200 [ 412.711026] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 412.716835] ? kasan_check_read+0x11/0x20 [ 412.720966] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 412.726237] ? rcu_bh_qs+0xc0/0xc0 [ 412.729764] ? get_mem_cgroup_from_mm+0x206/0x440 [ 412.734590] ? mem_cgroup_can_attach+0x580/0x580 [ 412.739331] ? __lock_is_held+0xb5/0x140 [ 412.743379] mem_cgroup_try_charge+0x5ea/0xe10 [ 412.747947] ? mem_cgroup_protected+0xa60/0xa60 [ 412.752601] ? swp_swapcount+0x530/0x530 [ 412.756664] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 412.762186] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 412.767100] wp_page_copy+0x46c/0x14f0 [ 412.770968] ? lock_downgrade+0x900/0x900 [ 412.775102] ? follow_pfn+0x2e0/0x2e0 [ 412.778888] ? do_wp_page+0x76c/0x1390 [ 412.782770] ? lock_downgrade+0x900/0x900 [ 412.786897] ? kasan_check_write+0x14/0x20 [ 412.791110] ? kasan_check_read+0x11/0x20 [ 412.795242] ? do_raw_spin_unlock+0xa7/0x2f0 [ 412.799646] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 412.804207] ? __pte_alloc_kernel+0x220/0x220 [ 412.808685] ? __lock_acquire+0x7ec/0x4ec0 [ 412.812910] do_wp_page+0x774/0x1390 [ 412.816610] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 412.821273] ? lock_release+0x970/0x970 [ 412.825238] ? rcu_bh_qs+0xc0/0xc0 [ 412.828774] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 412.834307] ? kasan_check_write+0x14/0x20 [ 412.838524] ? do_raw_spin_lock+0xc1/0x200 [ 412.842743] __handle_mm_fault+0x2c60/0x53e0 [ 412.847137] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 412.851962] ? graph_lock+0x170/0x170 [ 412.855755] ? print_usage_bug+0xc0/0xc0 [ 412.859806] ? __might_fault+0x12b/0x1e0 [ 412.863858] ? graph_lock+0x170/0x170 [ 412.867649] ? graph_lock+0x170/0x170 [ 412.871450] ? handle_mm_fault+0x42a/0xc70 [ 412.875665] ? lock_downgrade+0x900/0x900 [ 412.879798] ? check_preemption_disabled+0x48/0x200 [ 412.884801] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 412.890579] ? kasan_check_read+0x11/0x20 [ 412.894712] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 412.899987] ? rcu_bh_qs+0xc0/0xc0 [ 412.903518] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 412.908950] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 412.914479] ? check_preemption_disabled+0x48/0x200 [ 412.919511] handle_mm_fault+0x54f/0xc70 [ 412.923566] ? __handle_mm_fault+0x53e0/0x53e0 [ 412.928131] ? find_vma+0x34/0x190 [ 412.931658] __do_page_fault+0x67d/0xed0 [ 412.935705] ? __do_sys_newfstatat+0x110/0x110 [ 412.940287] ? mm_fault_error+0x380/0x380 [ 412.944419] ? trace_hardirqs_off+0xb8/0x310 [ 412.948820] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 412.954167] ? trace_hardirqs_on+0x310/0x310 [ 412.958576] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 412.964099] do_page_fault+0xf2/0x7e0 [ 412.967886] ? vmalloc_sync_all+0x30/0x30 [ 412.972019] ? error_entry+0x70/0xd0 [ 412.975726] ? trace_hardirqs_off_caller+0xbb/0x310 [ 412.980723] ? trace_hardirqs_on_caller+0xc0/0x310 [ 412.985637] ? syscall_return_slowpath+0x5e0/0x5e0 [ 412.990549] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 412.995373] ? trace_hardirqs_on_caller+0x310/0x310 [ 413.000394] ? trace_hardirqs_off+0x310/0x310 [ 413.004877] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 413.010407] ? prepare_exit_to_usermode+0x291/0x3b0 [ 413.015412] ? page_fault+0x8/0x30 [ 413.018940] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 413.023767] ? page_fault+0x8/0x30 [ 413.027293] page_fault+0x1e/0x30 [ 413.030726] RIP: 0033:0x42e916 [ 413.033939] Code: 1f 44 00 00 48 29 e8 31 c9 48 81 fb 40 c6 70 00 0f 95 c1 48 8d 34 2a 48 83 cd 01 48 c1 e1 02 48 83 c8 01 48 09 e9 48 89 73 58 <48> 89 4a 08 48 89 46 08 48 8d 4a 10 8b 05 4c 63 61 00 85 c0 0f 84 [ 413.052826] RSP: 002b:00007ffc76600b80 EFLAGS: 00010206 [ 413.058175] RAX: 0000000000018691 RBX: 000000000070c640 RCX: 0000000000008041 [ 413.065431] RDX: 00000000013b5930 RSI: 00000000013bd970 RDI: 0000000000000003 [ 413.072705] RBP: 0000000000008041 R08: 0000000000000001 R09: 00000000013b4940 [ 413.079952] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000070c698 [ 413.087203] R13: 000000000070c698 R14: 00000000000000cd R15: 0000000000002710 [ 413.094896] Memory limit reached of cgroup /syz5 [ 413.099721] memory: usage 205500kB, limit 204800kB, failcnt 1750 19:55:49 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x240}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:55:49 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000006800fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:55:49 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000003efff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:55:49 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000400)={0x0, 0x0, 0x0}, &(0x7f0000000440)=0xc) getresuid(&(0x7f00000004c0)=0x0, &(0x7f0000000500), &(0x7f0000000540)) r4 = getuid() getresuid(&(0x7f0000000580), &(0x7f0000000640), &(0x7f0000000680)=0x0) mount$9p_xen(&(0x7f0000000100)='rfdno', &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0xc0000, &(0x7f00000006c0)={'trans=xen,', {[{@dfltgid={'dfltgid', 0x3d, r2}}, {@access_any='access=any'}, {@cachetag={'cachetag', 0x3d, 'wfdno'}}, {@nodevmap='nodevmap'}, {@access_uid={'access', 0x3d, r3}}, {@cachetag={'cachetag', 0x3d, 'bdev'}}, {@version_9p2000='version=9p2000'}], [{@euid_lt={'euid<', r4}}, {@smackfsroot={'smackfsroot', 0x3d, ')]'}}, {@audit='audit'}, {@euid_eq={'euid', 0x3d, r5}}, {@subj_role={'subj_role', 0x3d, 'trans=fd,'}}]}}) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:55:49 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000e00fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:55:49 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$ndb(&(0x7f0000001380)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000600)='/dev/rtc0\x00', 0x202000, 0x0) connect$pptp(r1, &(0x7f0000000640)={0x18, 0x2, {0x3, @broadcast}}, 0x1e) ioctl$DRM_IOCTL_IRQ_BUSID(r1, 0xc0106403, &(0x7f0000000000)={0x100000001, 0x7f, 0x1b00000000000000}) lseek(r0, 0x0, 0x0) [ 413.105933] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 413.112725] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 413.118911] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 413.138835] Out of memory and no killable processes... 19:55:49 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x20000, 0x0) write$P9_RFSYNC(r2, &(0x7f00000001c0)={0x7, 0x33, 0x1}, 0x7) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:55:49 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$ndb(&(0x7f0000001380)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) lseek(r0, 0x0, 0x6) 19:55:50 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000000efff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:55:50 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000005a00fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:55:50 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000400fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:55:50 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$ndb(&(0x7f0000001380)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) lseek(r0, 0x0, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x5d9f, 0x8000) setsockopt$IP_VS_SO_SET_STOPDAEMON(r1, 0x0, 0x48c, &(0x7f0000000040)={0x0, 'sit0\x00'}, 0x18) ioctl$NBD_CLEAR_SOCK(r0, 0xab04) 19:56:50 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x5a4}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:56:50 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000001100fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:56:50 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000011fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:56:50 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000006200fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:56:50 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = fcntl$dupfd(r1, 0x406, r1) r3 = syz_open_dev$amidi(&(0x7f0000000440)='/dev/amidi#\x00', 0x0, 0x18100) connect$l2tp(r2, &(0x7f00000004c0)=@pppol2tp={0x18, 0x1, {0x0, r3, {0x2, 0x4e23, @local}, 0x1, 0x2, 0x4, 0x3}}, 0x26) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7, 0x4d, 0x1}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000008290100000000000000000000005e04d7a4"], 0x15) umount2(&(0x7f0000000100)='./file0/file0\x00', 0x2) ioctl$sock_FIOGETOWN(r3, 0x8903, &(0x7f0000000500)=0x0) sched_getparam(r4, &(0x7f0000000540)) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000001c0)={0x0}, &(0x7f00000002c0)=0xc) write$P9_RGETLOCK(r1, &(0x7f0000000400)={0x2d, 0x37, 0x2, {0x1, 0x3ff, 0xff, r5, 0xf, 'proctrustedppp0'}}, 0x2d) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:56:50 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$ndb(&(0x7f0000001440)='/dev/nbd#\x00', 0x0, 0x40040) lseek(r0, 0x2, 0x1000000) r1 = add_key$user(&(0x7f0000001340)='user\x00', &(0x7f0000001380)={'syz', 0x1}, &(0x7f0000001480)="a904c4ddc1ddb37050bdb7ba6502db7e998198a613b580175f50ab3b5fbb9bdf592cc5fc7732ff72a9c8aab4fb06d57aa12841ae61a3980391337f100b6cfa78dcbc36c5c4559051246fd722c5bade7240e1e26c38f623bf5c0206a353f7954b10b03507750169cf63887e081574975adf786ff78d235eb2e624869aaae4cb86a992c5b0259d276e8b7d89895e43198d1be16c22a3aeea8b56d98785d43c8d811c3428312bdb89e2c417aa4afca35ab974a3254399126926210db1c712adab12e71232139ed0691a24384eca3e6b2b737d2873412025b7e4c85fe0a85c3982c149b69d7b6d45bb5821c19681028f7aa5244cfb11bf323dbd9c12db1385d0eeeb3a5154713f67a1da24f59c891ec04e197b59b6cce6ea1dd4aa6b824b9b65d56d5955418e1bccd9313fc57c72aa676da88d4e87bc2448431d6469ec96428f2ed21abff61df004a5a94496a318b92f12ff4b92cc7f8af52e07dcd6cea1de174576cf99d83b60e75e8ced813be9c1d51451829474b467570c8650aa299f197ad3c3791195027ea1cf40fad5893ddfd5ea4ba013436f30f6191e57c37fc0ca268579523903ba59be79dbb108e046e7b3a7d174740e927b8c0b419fa3e4ae537211315674fff411eb6dbf4c905077e6b408f91150c408eaa64f6cdad136ec5d7b3ee696bebfac8120c2e4f15906842b66a0d763eb0ab5023a2b2326fc6b6cec974c0dd1248c9db81d214b6e62c6e4a13478d647ba0be9ad1d90e87b2e447d26e26ff3e702efce2a6e2af368e9a49c06dec6d07d6186a36bd8ee00324dd4ac033efb8cd56c337043f967d4dca1ed5cabc999cdf833a2d13dcdc6d39b01fd90e087e1bc030f708d5c3d667fc4939034a4b996dff7673fecf1e0febedc98bc9aa55cb56e7e4891ebe666cab64ffb5f24a6eef475ebbbbff6a617a5607379e695a9d94ec608d7d907c4c0473e8e2ee5447ba999c55a34a53cb17d7ed6deb8ac343d7dfeb881a97b8393e45b6fc91eacfa23eaccf0aac66c8d17709e54e4d32afa5bb23bb18cd601eaa61214dbea645b953077085ac803e0625b6bab18bd79dfdbc0b9e8bd0c8c1d35918c1df03ad146680f4750c1b0f66826af224443591f2ad8914c475fe879cdaaba1737b420c9f983e95156ed1c5a4310f3e252f353489100d688a010871adcf3e9263010c1c9ced63c7de31fd8d07df3a280b604e7b8b4722d9ab4d31e4da5e238dfa8ebc8378b1b502ea15d15badb56787a1211eb47df2c997a27ef3439f55bb9ca123e84590b6702130542bd0504b6342a832e203c91a2b3d5c00e34e2d8b0fb4bc0e9f716929fc5bcd99959d45664fdf3c723155cd0c45cc11f685e33700623100a6b571aa16d0952cf804df55ee2daa06bac1af3bec674f6ad46013fc8eb2ee7b0982a6d1009d046fddbc5cf4631e0c0306b9e6a2426bcb5f05a93cbbd3a21d4475d219ebfc68e688a5c311a1e98c19ccebc941f809ada2179a636b0eb7a111de191d3a996118d9a4659b0ad82b8500a84128656b656fe2837ecabdb07c531b5c6444c59ccbd67766004fc91d0df2e154a570c2d36bb6d898bb544656d3611c4cc2467ae9d56a7a570fb8e2a3752ffc9c723190db4b1fec0228860058806c5a26e7afa8fe4e50a604aa551badd6033a7cb448b58060ea5fd9fdaaef07648af9cff60d00d993d6b4da2b942d7b3167dc11f5bebf4a77226a678dca8c962b2a263728cb7a590757df3a016d09e1f61e621cee60413b547c9bec04dc8dfe14548a456baa77a1764b4686c9901c1366e02d34823121003bae31e0d06b29fd60af228ffbf9a84afa0cf557b4a8f39086eb79faa2515cdd2fd438c200c06ac9db27d1d0c97db4019a384a711246ca23d02eaaf71c565fea3f2c3c84cd230b29829ca65e56f76e2ece6cd0682ffef8c3e6230dcce83bd2b348d764f336c9019c7616c4b05852853964502bd4b3bacac8b1d585607264491862ea3ef0559755bd4f169367de8ed12909e0254ae3fe3a4157be81896c2c38c90ba6eab70d1bf2eaec68764b88d0e592f428c891c77ab2ce419c966a0e6198480c6d81f21c006e7b9ecf525ade893760ff8a1c7048e978420da2db5745ed496d12aefa5e3d44fc6f9d82cf96053400f7ab75ace017d53cd95166fccd377f7391ccb397577a17cd97231bac3bd3f3aa5afc876bcb766db0804d3fdba4c141b6a480c61eebdda7dff3f2b7ec20b0240b63bdb50120c6e02648e7853e8c9268b99068d9a32ed1363358d6ce99b489b3375087439c1a411a276e478e9fbd084d99b08a89bbe6116cbadc75f37783aef227df2c2f500ab6486afb289fe3a0799a4a8ed70667c6481eb97269c3b3ae7dbcfdba214c9ea49b506f81325fbee48043fa3698ec63a415a1bea694631af5ce21b8f49f731ceaf6c63900ddcdcd1bbc4bb44159dcb183f61dc1963f5de958b0895b6db286b481bafea3d3ab8b5bd49c7f548270db9c45064931f8ae57d9c2f6eeeb87cdc8a394a348f2d272c80f73eebab461e20b4f9a9b06eca1544b26e2ca38590768819db2eb9782feff0f3da1fa833e117d66fee99602f3dbba636704704baacdfc6ff01058e789d60264d4da80f16f5fe059a1160d44de3a9d71caaa371a0a2fdbbf606cceed49aa4904031bf5bac3730eb9246c756b17881d6a1e9ba6b09893bd8fd1708f04fd31b7ffee29e4fbcf47b354e160db21124622fa60ad2e2dabe4c721878a0d123299a114cad004cd973cd65dc15bd7a679f21de8ae15dbfe72b893794483930e6594d9a23ff331a0d501dbf47653b3f852af17a27e157e418518a185b1654eb0d6736bb4be5bbcf991be57f1870a2900abf2ea4ef33a536da85e62a6267033308a89a73fd135ef3fa7e73ea87fa0b0a623df4ae9138844c45db88abaad17054dc52e4dfab5355462805564ea83a9c34a1311ce516a0c2b21f42d9b99e737d31e44f18e95baace1b9a8bd6cf6be3d6555472768c1fada1e91f91ac58d49b8eb4a2e2f919a4f0219aaabd6e37316da848c846cb5e53fe70f9005b00a6a84aaca35fb54c7f91eefdd6d552959dc7bbf286ef8fff9a4109e4de06f8cfcb485b840f16a09cb51770305d7be04be6a5058b0406b19684ac954833c2e1e7072680265ff14b180bd95b66365af0d325f5f65e05ddaeb885125dee5598ff1213c0f2cac2ef38b4efb42f7bfc8c06c2f194bf984083340472f533c18baa3c30ae696126a9881ee52a923838e4da4314ac64a3c11e1e72efcb2359f579824376a5b937666f9a7019d0804cfd3f905a7854c3e9324d6d3f48c274365beafc042ec297c3ea8772dbead2a25f67b8fa4750927deed710506f3595858b19bcd417686109b61765827b9ff6845e994c2f3db161527d4bfd7fb727ac87d194a62a204587125f272078b836bf3973a7a4db17326f9542abdce01b5b82efd9f2b782b519959fcc496a2350b54de8ea18fbd304fd6adca930d2f2c078b95fbae1d100799c42ed72f4609eaa42d6b66bf0f46bf2cd7a4deed7d8d87222b9f493c76fbf95c8d03cfde7aed8f92eb667b1acab4913356129cda5dbe651675afa871155bad878da693490bc691e46511ff5809aff78a10cc326dc8d48aafc700ceff71f0f637aa9f49ed4a8776c0d12ca567403caa003bd0af577ec9a8cea40b2d73115911a72d36b18d540b4a4fb94a83005f506e18346333954f547a080d9054796413ee071b2fa8122e0b9ebe232a9e37e143b4802ef5c14c07aa2762a302f08aade28b8e95c32c2d228506496d2ffdd17bcac816fedc2af94c852959d4c60fb25c6e6b5d1d0e212738f2cf904b72dbef48d435984847876219ddd9adcd5fb89d3378c7f5cd1056b5ed2b4ecd91ca981558b8e6fb0cdb095bbbca66a0996d42765f0506b9975c4fa91378d24f1b3a7f16a9cc154338f8b2e84d73dd8946fbf4c8fb3a319df7ebcaedcbb7c82067fcb2ae58d3605bf1ee0f538976dffa2f2e66829437ce67fc88dea86cdd960b5d6cc7225510fe289709f53a3b2562ff12070b9ac0c03dcb3c3b0d5b766244e7c9f6f2dd3bd1b530b069303585975b916f0c869bcb031368feca859e2dd132ccb12113e2b7085528cd656bb9f4153a8b6058c9e5d0158b1edbb26c3845aeabc47ab7d2d483b38a00dad45650f3f6899270b095bc713c0db4307b1ad3607a43c673facc7b4200d37484ebfba23c3fe618e8a42477bc9a4abbb8d3a8fdba4197c91603394d603753de0ae4f5169dd8adc9861ed3d277facd3f7c32dd7b63374dd2942097bcb400882da2fb86fd67252e9a7e18d99a9ec52daead35cd499a827f3257d5ad84762b7a184bb28ec80cf7cf43c663aacfce607d348ac91d455d741b0d6585ed65d95364960cdb665c25e3ffc19a96993e1e5e7d8b3c66d86017bab84e658d11d64f51f393edd9155b09eb78ca9762781838d96942d753b23bfc177bb0a36e64804bb29d242531385e72a87109cd701085d3ad400fb81742a6317ad60bb815c00a227a15b6ff8b19daf1ee6d5fcf982ae42da56ab7478c51ba6c4e4632ed03c0e50cdf54422764106a27ea724166d864309f3007eea42cfe19bdcaee194376ec05bb611a69b17a2fb0a7e1b44adc069de72febb5f9a1371217ab94221af983e05fad4011cc1ba73c2a008c8122a893e2e42b2f6d953bd422cff036b57a0d5a08226ec46d75f62497e72764203c920062d10d3e214728a2786bf35bc5610e6e78f388a55b8a0f8414c91fc414a46aa80c4c6ad00cfbf25c7479c508331b0c19bd430a33a1a683ef5f25d3f5340f4a5a560d0070ffeb8fb8b6e112c21be0b74a10d0fb99355b30e6a74bb2dc119aef09e108c80a2a89bd03d9a52c08b3de6694a27596d1d5d709bd417dcba479e802c3a080ca604551f1fcd6804d46d62756b26566c5e2d62b2077c1d741b7dfb54f63af8bf81038530cacf23e3b6aa733627abb2b38f458d5540fe6f22ef8565e720d6cbc2b468ff62c1da2755f43a62ef2aedb21aab9fc80cdf798161e252692db8f30518bbaf44237367aac945453051d751f24f4fe93e28127865f0fe65fae1e31d1b4bcb9801649af224228cf3d364fdb4dd318511c2c3c2db9064491155b7fd240f0fe55e4c7bced0f77f06d96b8d4f264b05ce30dbff77959dbaef392b133d5a45c0827e24edc4138e9a853279bd4e7eedc287a893bae0e70b3d8e205d2546219df3168cdc0244e2bf4bfcde97720dc6fba5c2ca03755235fff992bca4e750fc2b0d4145d023de22d593883f2df751499ffe2ce04332b0757e06bb6116d99ceca9e403f25bd7ed2b3cdfebd787313b3f3eb4e85446d8444fb64e6bc7474a383008ed888f410ec96a6187d04f41e7432079f3630fd8f7135f89453cca365b72d9308c70561441d1fa20464546803969c743d30effd1ba64790a2871695b9dd81a5be550ced381f7f314419edff9324fa479d25d7233180795fca33ed0a094cedc27dcece4abd635e3554aa66ac1edf6031ee410012007ef917000481804f5cb7e68fdfba8839941a494a12547da01b3bf81320759dd8736428605dd89fc99c47c8ec0a49c1b1de266a640fae431430cd55a2749ce2dd4439074bb8c472442f2d18da9a59289283c99d2507cc46c6683242ccf475bad0f18d07f15e7c833d39cb21aa60e2b983ebd1e86ab277a6d8b7aa9fc637858a6694261e66aa0048577d04bcbbf5691ef1716dea277d9a9adb0946089760ae5ffdce3e0461cce6ed06d224c2c20f8b82ff7c47c635eb29f3fa282c8468ebad3091bbeef6f3cc3", 0x1000, 0xfffffffffffffffe) keyctl$read(0xb, r1, &(0x7f0000002480)=""/4096, 0x1000) restart_syscall() readv(r0, &(0x7f00000012c0)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f0000000000)=""/8, 0x8}, {&(0x7f0000000040)=""/167, 0xa7}, {&(0x7f00000011c0)=""/127, 0x7f}, {&(0x7f0000000100)=""/59, 0x3b}, {&(0x7f0000001240)=""/70, 0x46}], 0x6) 19:56:50 executing program 1: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$ndb(&(0x7f0000001380)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) r2 = socket$key(0xf, 0x3, 0x2) getsockopt$sock_int(r2, 0x1, 0x26, &(0x7f0000000000), &(0x7f0000000040)=0x4) syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x20200) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f00000000c0)) lseek(r1, 0x0, 0x0) 19:56:50 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000068fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:56:50 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000003600fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:56:50 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x11b) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:56:50 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000003600fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:56:50 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000003ffff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 475.442303] IPVS: ftp: loaded support on port[0] = 21 [ 475.877856] bridge0: port 1(bridge_slave_0) entered blocking state [ 475.884279] bridge0: port 1(bridge_slave_0) entered disabled state [ 475.891638] device bridge_slave_0 entered promiscuous mode [ 475.920761] bridge0: port 2(bridge_slave_1) entered blocking state [ 475.927306] bridge0: port 2(bridge_slave_1) entered disabled state [ 475.934209] device bridge_slave_1 entered promiscuous mode [ 475.964241] IPv6: ADDRCONF(NETDEV_UP): veth0_to_bridge: link is not ready [ 475.992853] IPv6: ADDRCONF(NETDEV_UP): veth1_to_bridge: link is not ready [ 476.075344] bond0: Enslaving bond_slave_0 as an active interface with an up link [ 476.105931] bond0: Enslaving bond_slave_1 as an active interface with an up link [ 476.231732] IPv6: ADDRCONF(NETDEV_UP): team_slave_0: link is not ready [ 476.239285] team0: Port device team_slave_0 added [ 476.266357] IPv6: ADDRCONF(NETDEV_UP): team_slave_1: link is not ready [ 476.273577] team0: Port device team_slave_1 added [ 476.300145] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready [ 476.330426] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready [ 476.360582] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready [ 476.390234] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready [ 476.652350] bridge0: port 2(bridge_slave_1) entered blocking state [ 476.658762] bridge0: port 2(bridge_slave_1) entered forwarding state [ 476.665436] bridge0: port 1(bridge_slave_0) entered blocking state [ 476.671791] bridge0: port 1(bridge_slave_0) entered forwarding state [ 477.639538] 8021q: adding VLAN 0 to HW filter on device bond0 [ 477.734945] IPv6: ADDRCONF(NETDEV_UP): veth0: link is not ready [ 477.828869] IPv6: ADDRCONF(NETDEV_UP): veth1: link is not ready [ 477.835762] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 477.842742] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 477.938710] 8021q: adding VLAN 0 to HW filter on device team0 [ 478.472999] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 478.484701] syz-executor5 cpuset=/ mems_allowed=0 [ 478.492595] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 478.499856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 478.509196] Call Trace: [ 478.511789] dump_stack+0x1c4/0x2b4 [ 478.515431] ? dump_stack_print_info.cold.2+0x52/0x52 [ 478.520651] dump_header+0x27b/0xf72 [ 478.524357] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 478.530140] ? kasan_check_read+0x11/0x20 [ 478.534295] ? pagefault_out_of_memory+0x197/0x197 [ 478.539235] ? rcu_read_unlock+0x33/0x60 [ 478.543282] ? mem_cgroup_iter+0x514/0x1160 [ 478.547592] ? print_usage_bug+0xc0/0xc0 [ 478.551640] ? lock_release+0x970/0x970 [ 478.555599] ? arch_local_save_flags+0x40/0x40 [ 478.560168] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 478.564920] ? find_held_lock+0x36/0x1c0 [ 478.568984] ? mark_held_locks+0xc7/0x130 [ 478.573117] ? _raw_spin_unlock_irq+0x27/0x80 [ 478.577598] ? _raw_spin_unlock_irq+0x27/0x80 [ 478.582076] ? lockdep_hardirqs_on+0x421/0x5c0 [ 478.586643] ? trace_hardirqs_on+0xbd/0x310 [ 478.590944] ? kasan_check_read+0x11/0x20 [ 478.595095] ? css_task_iter_next+0x129/0x1a0 [ 478.599579] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 478.605014] ? css_task_iter_end+0x2ce/0x490 [ 478.609404] ? kasan_check_write+0x14/0x20 [ 478.613625] ? cgroup_procs_next+0x70/0x70 [ 478.617849] ? _raw_spin_unlock_irq+0x60/0x80 [ 478.622327] ? oom_badness+0xaa0/0xaa0 [ 478.626201] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 478.630943] ? mem_cgroup_iter_break+0x30/0x30 [ 478.635526] ? mark_held_locks+0xc7/0x130 [ 478.639662] out_of_memory.cold.30+0xf/0x184 [ 478.644064] ? lockdep_hardirqs_on+0x421/0x5c0 [ 478.648632] ? kasan_check_read+0x11/0x20 [ 478.652767] ? oom_killer_disable+0x3a0/0x3a0 [ 478.657258] mem_cgroup_out_of_memory+0x15e/0x210 [ 478.662105] ? memcg_memory_event+0x40/0x40 [ 478.666411] ? page_counter_memparse+0xb5/0x1d0 [ 478.671071] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 478.676337] memory_max_write+0x1b4/0x3f0 [ 478.680471] ? lock_acquire+0x1ed/0x520 [ 478.684499] ? kernfs_fop_write+0x227/0x480 [ 478.688814] ? mem_cgroup_write+0x400/0x400 [ 478.693120] ? __might_fault+0x12b/0x1e0 [ 478.697169] ? graph_lock+0x170/0x170 [ 478.700959] ? mem_cgroup_write+0x400/0x400 [ 478.705272] cgroup_file_write+0x2f7/0x7e0 [ 478.709520] ? cgroup_migrate_add_task+0xcd0/0xcd0 [ 478.714446] ? __lock_is_held+0xb5/0x140 [ 478.718591] ? __cfg80211_disconnected+0x30/0x1f40 [ 478.723533] ? cgroup_migrate_add_task+0xcd0/0xcd0 [ 478.728458] kernfs_fop_write+0x2ba/0x480 [ 478.732631] ? do_raw_spin_unlock+0xa7/0x2f0 [ 478.737046] __vfs_write+0x119/0x9f0 [ 478.740761] ? check_preemption_disabled+0x48/0x200 [ 478.745770] ? kernfs_fop_open+0xf90/0xf90 [ 478.750021] ? kernel_read+0x120/0x120 [ 478.753918] ? __lock_is_held+0xb5/0x140 [ 478.758009] ? rcu_read_lock_sched_held+0x108/0x120 [ 478.763027] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 478.768571] ? __sb_start_write+0x1b2/0x370 [ 478.772893] vfs_write+0x1fc/0x560 [ 478.776433] ksys_write+0x101/0x260 [ 478.780062] ? __ia32_sys_read+0xb0/0xb0 [ 478.784120] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 478.789590] __x64_sys_write+0x73/0xb0 [ 478.793471] do_syscall_64+0x1b9/0x820 [ 478.797355] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 478.802709] ? syscall_return_slowpath+0x5e0/0x5e0 [ 478.807627] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 478.812456] ? trace_hardirqs_on_caller+0x310/0x310 [ 478.817466] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 478.822487] ? prepare_exit_to_usermode+0x291/0x3b0 [ 478.827499] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 478.832333] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 478.837523] RIP: 0033:0x410f70 [ 478.840703] Code: b0 89 c8 f7 d8 eb ed b8 6e 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 3d 3d 50 63 00 00 75 14 b8 01 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 f4 19 00 00 c3 48 83 ec 08 e8 ca fc ff ff [ 478.859603] RSP: 002b:00007ffd1aeccbf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 478.867303] RAX: ffffffffffffffda RBX: 0000000000000009 RCX: 0000000000410f70 [ 478.874565] RDX: 0000000000000009 RSI: 00007ffd1aeccc20 RDI: 0000000000000003 [ 478.881824] RBP: 00007ffd1aeccc20 R08: 0000000000000000 R09: 0000000000000009 [ 478.889083] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000003 [ 478.896336] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 478.907201] Memory limit reached of cgroup /syz5 [ 478.912004] memory: usage 204968kB, limit 204800kB, failcnt 434028 [ 478.918778] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 478.925834] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 478.931983] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 478.952121] Out of memory and no killable processes... [ 478.959268] syz-executor5 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=0, oom_score_adj=-1000 [ 478.972655] syz-executor5 cpuset=/ mems_allowed=0 [ 478.978005] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 478.985289] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 478.994625] Call Trace: [ 478.997207] dump_stack+0x1c4/0x2b4 [ 479.000820] ? dump_stack_print_info.cold.2+0x52/0x52 [ 479.006003] dump_header+0x27b/0xf72 [ 479.009705] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 479.015495] ? kasan_check_read+0x11/0x20 [ 479.019636] ? pagefault_out_of_memory+0x197/0x197 [ 479.024573] ? rcu_read_unlock+0x33/0x60 [ 479.028631] ? mem_cgroup_iter+0x514/0x1160 [ 479.032943] ? find_held_lock+0x36/0x1c0 [ 479.037012] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 479.041783] ? mark_held_locks+0xc7/0x130 [ 479.045935] ? _raw_spin_unlock_irq+0x27/0x80 [ 479.050428] ? _raw_spin_unlock_irq+0x27/0x80 [ 479.054938] ? lockdep_hardirqs_on+0x421/0x5c0 [ 479.059548] ? trace_hardirqs_on+0xbd/0x310 [ 479.063876] ? kasan_check_read+0x11/0x20 [ 479.068024] ? css_task_iter_end+0x222/0x490 [ 479.072441] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 479.077891] ? kasan_check_write+0x14/0x20 [ 479.082131] ? do_raw_spin_lock+0xc1/0x200 [ 479.086361] ? _raw_spin_unlock_irq+0x60/0x80 [ 479.090849] ? css_task_iter_end+0x2ce/0x490 [ 479.095249] ? cgroup_procs_next+0x70/0x70 [ 479.099474] ? _raw_spin_unlock_irq+0x60/0x80 [ 479.103960] ? oom_badness+0xaa0/0xaa0 [ 479.107838] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 479.112578] ? mem_cgroup_iter_break+0x30/0x30 [ 479.117181] ? mark_held_locks+0xc7/0x130 [ 479.121321] out_of_memory.cold.30+0xf/0x184 [ 479.125734] ? lockdep_hardirqs_on+0x421/0x5c0 [ 479.130307] ? kasan_check_read+0x11/0x20 [ 479.134445] ? oom_killer_disable+0x3a0/0x3a0 [ 479.138934] ? kasan_check_write+0x14/0x20 [ 479.143165] ? do_raw_spin_lock+0xc1/0x200 [ 479.147397] mem_cgroup_out_of_memory+0x15e/0x210 [ 479.152228] ? memcg_memory_event+0x40/0x40 [ 479.156538] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 479.161373] ? page_counter_try_charge+0x1c1/0x220 [ 479.166300] try_charge+0xc43/0x1690 [ 479.170009] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 479.175536] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 479.181581] ? __lock_is_held+0xb5/0x140 [ 479.185637] ? rcu_read_lock_sched_held+0x108/0x120 [ 479.190642] ? __alloc_pages_nodemask+0xb5a/0xde0 [ 479.195476] ? graph_lock+0x170/0x170 [ 479.199274] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 479.204272] ? graph_lock+0x170/0x170 [ 479.208079] ? mark_held_locks+0xc7/0x130 [ 479.212227] ? find_held_lock+0x36/0x1c0 [ 479.216276] ? cache_grow_begin+0x5a4/0x8c0 [ 479.220606] memcg_kmem_charge_memcg+0x7c/0x120 [ 479.225264] ? memcg_kmem_put_cache+0xb0/0xb0 [ 479.229752] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 479.235289] cache_grow_begin+0x415/0x8c0 [ 479.239427] ? do_raw_spin_unlock+0xa7/0x2f0 [ 479.243843] fallback_alloc+0x203/0x2e0 [ 479.247811] ____cache_alloc_node+0x1c7/0x1e0 [ 479.252294] kmem_cache_alloc+0x1f8/0x730 [ 479.256445] ? rcu_read_lock_sched_held+0x108/0x120 [ 479.261450] ? kmem_cache_alloc_trace+0x353/0x750 [ 479.266284] seq_open+0x5c/0x1c0 [ 479.269634] kernfs_fop_open+0x694/0xf90 [ 479.273680] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 479.279205] ? kernfs_fop_release+0x1a0/0x1a0 [ 479.283742] ? fsnotify_first_mark+0x350/0x350 [ 479.288316] ? smack_inode_getxattr+0x270/0x270 [ 479.292969] ? fsnotify+0x12f0/0x12f0 [ 479.296761] ? may_umount_tree+0x210/0x210 [ 479.300989] do_dentry_open+0x499/0x1250 [ 479.305038] ? kernfs_fop_release+0x1a0/0x1a0 [ 479.309530] ? chown_common+0x730/0x730 [ 479.313502] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 479.319059] ? security_inode_permission+0xd2/0x100 [ 479.324075] ? inode_permission+0xb2/0x560 [ 479.328305] ? __sanitizer_cov_trace_switch+0x53/0x90 [ 479.333523] vfs_open+0xa0/0xd0 [ 479.336796] path_openat+0x12bf/0x5160 [ 479.340669] ? rcu_bh_qs+0xc0/0xc0 [ 479.344191] ? unwind_dump+0x190/0x190 [ 479.348079] ? path_lookupat.isra.43+0xc00/0xc00 [ 479.352819] ? unwind_get_return_address+0x61/0xa0 [ 479.357739] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 479.362745] ? expand_files.part.8+0x571/0x9a0 [ 479.367329] ? find_held_lock+0x36/0x1c0 [ 479.371384] ? __alloc_fd+0x347/0x6e0 [ 479.375171] ? lock_downgrade+0x900/0x900 [ 479.379315] ? getname+0x19/0x20 [ 479.382669] ? kasan_check_read+0x11/0x20 [ 479.386822] ? do_raw_spin_unlock+0xa7/0x2f0 [ 479.391218] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 479.395787] ? __lock_is_held+0xb5/0x140 [ 479.399855] ? _raw_spin_unlock+0x2c/0x50 [ 479.403988] ? __alloc_fd+0x347/0x6e0 [ 479.407774] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 479.413305] do_filp_open+0x255/0x380 [ 479.417112] ? may_open_dev+0x100/0x100 [ 479.421080] ? get_unused_fd_flags+0x122/0x1a0 [ 479.425646] ? __alloc_fd+0x6e0/0x6e0 [ 479.429434] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 479.434970] do_sys_open+0x568/0x700 [ 479.438678] ? filp_open+0x80/0x80 [ 479.442199] ? __ia32_sys_mknod+0xb0/0xb0 [ 479.446333] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 479.451771] __x64_sys_open+0x7e/0xc0 [ 479.455563] do_syscall_64+0x1b9/0x820 [ 479.459436] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 479.464794] ? syscall_return_slowpath+0x5e0/0x5e0 [ 479.469721] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 479.474550] ? trace_hardirqs_on_caller+0x310/0x310 [ 479.479566] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 479.484570] ? prepare_exit_to_usermode+0x291/0x3b0 [ 479.489578] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 479.494413] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 479.499588] RIP: 0033:0x4111b0 [ 479.502765] Code: 01 f0 ff ff 0f 83 e0 17 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d fd 4d 63 00 00 75 14 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 b4 17 00 00 c3 48 83 ec 08 e8 8a fa ff ff [ 479.521654] RSP: 002b:00007ffd1aeccbf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 479.529351] RAX: ffffffffffffffda RBX: 00007ffd1aeccc21 RCX: 00000000004111b0 [ 479.536606] RDX: 00007ffd1aeccc26 RSI: 0000000000080001 RDI: 00007ffd1aecd790 [ 479.543859] RBP: 00007ffd1aeccc20 R08: 0000000000000000 R09: 0000000000000001 [ 479.551121] R10: 0000000000000064 R11: 0000000000000246 R12: 00007ffd1aecd790 [ 479.558388] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 479.569881] Memory limit reached of cgroup /syz5 [ 479.574690] memory: usage 204968kB, limit 204800kB, failcnt 434040 [ 479.581214] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 479.588069] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 479.594213] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 479.614968] Out of memory and no killable processes... [ 479.621905] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 479.633317] syz-executor5 cpuset=syz5 mems_allowed=0 [ 479.638595] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 479.645873] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 479.655211] Call Trace: [ 479.657786] dump_stack+0x1c4/0x2b4 [ 479.661400] ? dump_stack_print_info.cold.2+0x52/0x52 [ 479.666592] dump_header+0x27b/0xf72 [ 479.670297] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 479.676084] ? kasan_check_read+0x11/0x20 [ 479.680225] ? pagefault_out_of_memory+0x197/0x197 [ 479.685147] ? rcu_read_unlock+0x33/0x60 [ 479.689196] ? mem_cgroup_iter+0x514/0x1160 [ 479.693510] ? find_held_lock+0x36/0x1c0 [ 479.697564] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 479.702306] ? mark_held_locks+0xc7/0x130 [ 479.706441] ? _raw_spin_unlock_irq+0x27/0x80 [ 479.710942] ? _raw_spin_unlock_irq+0x27/0x80 [ 479.715429] ? lockdep_hardirqs_on+0x421/0x5c0 [ 479.720000] ? trace_hardirqs_on+0xbd/0x310 [ 479.724320] ? kasan_check_read+0x11/0x20 [ 479.728459] ? css_task_iter_end+0x222/0x490 [ 479.732869] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 479.738315] ? kasan_check_write+0x14/0x20 [ 479.742541] ? do_raw_spin_lock+0xc1/0x200 [ 479.746770] ? _raw_spin_unlock_irq+0x60/0x80 [ 479.751257] ? css_task_iter_end+0x2ce/0x490 [ 479.755659] ? cgroup_procs_next+0x70/0x70 [ 479.759895] ? _raw_spin_unlock_irq+0x60/0x80 [ 479.764383] ? oom_badness+0xaa0/0xaa0 [ 479.768269] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 479.773023] ? mem_cgroup_iter_break+0x30/0x30 [ 479.777646] ? mark_held_locks+0xc7/0x130 [ 479.781788] out_of_memory.cold.30+0xf/0x184 [ 479.786188] ? lockdep_hardirqs_on+0x421/0x5c0 [ 479.790762] ? kasan_check_read+0x11/0x20 [ 479.794913] ? oom_killer_disable+0x3a0/0x3a0 [ 479.799442] ? kasan_check_write+0x14/0x20 [ 479.803715] ? do_raw_spin_lock+0xc1/0x200 [ 479.807958] mem_cgroup_out_of_memory+0x15e/0x210 [ 479.812800] ? memcg_memory_event+0x40/0x40 [ 479.817159] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 479.821915] ? page_counter_try_charge+0x1c1/0x220 [ 479.826844] try_charge+0xc43/0x1690 [ 479.830564] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 479.836620] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 479.841461] ? lock_downgrade+0x900/0x900 [ 479.845629] ? check_preemption_disabled+0x48/0x200 [ 479.850645] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 479.856554] ? kasan_check_read+0x11/0x20 [ 479.860752] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 479.866033] ? rcu_bh_qs+0xc0/0xc0 [ 479.869588] ? get_mem_cgroup_from_mm+0x206/0x440 [ 479.874429] ? mem_cgroup_can_attach+0x580/0x580 [ 479.879230] ? __lock_is_held+0xb5/0x140 [ 479.883295] mem_cgroup_try_charge+0x5ea/0xe10 [ 479.887938] ? mem_cgroup_protected+0xa60/0xa60 [ 479.892668] ? swp_swapcount+0x530/0x530 [ 479.896733] ? __lock_acquire+0x7ec/0x4ec0 [ 479.901208] ? find_held_lock+0x36/0x1c0 [ 479.905281] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 479.910825] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 479.915845] wp_page_copy+0x46c/0x14f0 [ 479.919734] ? follow_pfn+0x2e0/0x2e0 [ 479.923542] ? do_wp_page+0x76c/0x1390 [ 479.927435] ? lock_downgrade+0x900/0x900 [ 479.931582] ? kasan_check_write+0x14/0x20 [ 479.935883] ? kasan_check_read+0x11/0x20 [ 479.940144] ? do_raw_spin_unlock+0xa7/0x2f0 [ 479.944553] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 479.949138] ? __pte_alloc_kernel+0x220/0x220 [ 479.953630] ? __lock_acquire+0x7ec/0x4ec0 [ 479.957867] ? kasan_kmalloc+0xc7/0xe0 [ 479.961768] ? kasan_slab_alloc+0x12/0x20 [ 479.965914] ? kmem_cache_alloc+0x12e/0x730 [ 479.970297] do_wp_page+0x774/0x1390 [ 479.974016] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 479.978752] ? lock_release+0x970/0x970 [ 479.982725] ? rcu_bh_qs+0xc0/0xc0 [ 479.986320] ? __lockdep_init_map+0x105/0x590 [ 479.990817] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 479.996357] ? kasan_check_write+0x14/0x20 [ 480.000592] ? do_raw_spin_lock+0xc1/0x200 [ 480.004851] __handle_mm_fault+0x2c60/0x53e0 [ 480.009279] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 480.014346] ? graph_lock+0x170/0x170 [ 480.018149] ? print_usage_bug+0xc0/0xc0 [ 480.022209] ? graph_lock+0x170/0x170 [ 480.026008] ? graph_lock+0x170/0x170 [ 480.029820] ? handle_mm_fault+0x42a/0xc70 [ 480.034230] ? lock_downgrade+0x900/0x900 [ 480.038380] ? check_preemption_disabled+0x48/0x200 [ 480.043402] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 480.049204] ? kasan_check_read+0x11/0x20 [ 480.053356] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 480.058694] ? rcu_bh_qs+0xc0/0xc0 [ 480.062252] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 480.067713] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 480.073253] ? check_preemption_disabled+0x48/0x200 [ 480.078280] handle_mm_fault+0x54f/0xc70 [ 480.082342] ? __handle_mm_fault+0x53e0/0x53e0 [ 480.086928] ? find_vma+0x34/0x190 [ 480.090469] __do_page_fault+0x67d/0xed0 [ 480.094563] ? mm_fault_error+0x380/0x380 [ 480.098715] ? trace_hardirqs_off+0xb8/0x310 [ 480.103129] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 480.108614] ? trace_hardirqs_on+0x310/0x310 [ 480.113027] do_page_fault+0xf2/0x7e0 [ 480.116832] ? vmalloc_sync_all+0x30/0x30 [ 480.121133] ? error_entry+0x70/0xd0 [ 480.124856] ? trace_hardirqs_off_caller+0xbb/0x310 [ 480.130003] ? trace_hardirqs_on_caller+0xc0/0x310 [ 480.134945] ? syscall_return_slowpath+0x5e0/0x5e0 [ 480.139891] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 480.144891] ? trace_hardirqs_on_caller+0x310/0x310 [ 480.149926] ? trace_hardirqs_off+0x310/0x310 [ 480.154546] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 480.159573] ? prepare_exit_to_usermode+0x291/0x3b0 [ 480.164601] ? page_fault+0x8/0x30 [ 480.168158] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 480.173000] ? page_fault+0x8/0x30 [ 480.176544] page_fault+0x1e/0x30 [ 480.179998] RIP: 0033:0x43e871 [ 480.183247] Code: 8d 15 13 25 0a 00 8b 0c 8a 8b 04 82 29 c8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 fa 20 48 89 f8 73 77 f6 c2 01 74 0b 0f b6 0e <88> 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6 [ 480.202309] RSP: 002b:00007ffd1aecd108 EFLAGS: 00010202 [ 480.207676] RAX: 00000000007060e8 RBX: 0000000000706160 RCX: 0000000000000066 [ 480.215032] RDX: 0000000000000007 RSI: 00000000004c3fda RDI: 00000000007060e8 [ 480.222361] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000001 [ 480.229630] R10: 0000000000000064 R11: 0000000000000297 R12: 00000000007060e8 [ 480.236903] R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000 [ 480.247236] Memory limit reached of cgroup /syz5 [ 480.252113] memory: usage 204972kB, limit 204800kB, failcnt 434048 [ 480.258536] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 480.265390] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 480.271831] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 480.291560] Out of memory and no killable processes... [ 480.298390] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 480.309845] syz-executor5 cpuset=syz5 mems_allowed=0 [ 480.315101] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 480.322376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 480.331815] Call Trace: [ 480.334408] dump_stack+0x1c4/0x2b4 [ 480.338045] ? dump_stack_print_info.cold.2+0x52/0x52 [ 480.343244] dump_header+0x27b/0xf72 [ 480.346963] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 480.352760] ? kasan_check_read+0x11/0x20 [ 480.356907] ? pagefault_out_of_memory+0x197/0x197 [ 480.362004] ? rcu_read_unlock+0x33/0x60 [ 480.366192] ? mem_cgroup_iter+0x514/0x1160 [ 480.370531] ? find_held_lock+0x36/0x1c0 [ 480.374645] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 480.379396] ? mark_held_locks+0xc7/0x130 [ 480.383544] ? _raw_spin_unlock_irq+0x27/0x80 [ 480.388238] ? _raw_spin_unlock_irq+0x27/0x80 [ 480.392731] ? lockdep_hardirqs_on+0x421/0x5c0 [ 480.397310] ? trace_hardirqs_on+0xbd/0x310 [ 480.401626] ? kasan_check_read+0x11/0x20 [ 480.405776] ? css_task_iter_end+0x222/0x490 [ 480.410183] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 480.415633] ? kasan_check_write+0x14/0x20 [ 480.419866] ? do_raw_spin_lock+0xc1/0x200 [ 480.424113] ? _raw_spin_unlock_irq+0x60/0x80 [ 480.428616] ? css_task_iter_end+0x2ce/0x490 [ 480.433031] ? cgroup_procs_next+0x70/0x70 [ 480.437326] ? _raw_spin_unlock_irq+0x60/0x80 [ 480.441822] ? oom_badness+0xaa0/0xaa0 [ 480.445709] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 480.450465] ? mem_cgroup_iter_break+0x30/0x30 [ 480.455087] ? mark_held_locks+0xc7/0x130 [ 480.459236] out_of_memory.cold.30+0xf/0x184 [ 480.463656] ? lockdep_hardirqs_on+0x421/0x5c0 [ 480.468236] ? kasan_check_read+0x11/0x20 [ 480.472385] ? oom_killer_disable+0x3a0/0x3a0 [ 480.476879] ? kasan_check_write+0x14/0x20 [ 480.481113] ? do_raw_spin_lock+0xc1/0x200 [ 480.485354] mem_cgroup_out_of_memory+0x15e/0x210 [ 480.490197] ? memcg_memory_event+0x40/0x40 [ 480.494535] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 480.499297] ? page_counter_try_charge+0x1c1/0x220 [ 480.504230] try_charge+0xc43/0x1690 [ 480.507950] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 480.514007] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 480.518850] ? lock_downgrade+0x900/0x900 [ 480.522999] ? check_preemption_disabled+0x48/0x200 [ 480.528019] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 480.533816] ? kasan_check_read+0x11/0x20 [ 480.537962] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 480.543237] ? rcu_bh_qs+0xc0/0xc0 [ 480.546783] ? get_mem_cgroup_from_mm+0x206/0x440 [ 480.551625] ? mem_cgroup_can_attach+0x580/0x580 [ 480.556381] ? __lock_is_held+0xb5/0x140 [ 480.560449] mem_cgroup_try_charge+0x5ea/0xe10 [ 480.565089] ? graph_lock+0x170/0x170 [ 480.568892] ? mem_cgroup_protected+0xa60/0xa60 [ 480.573614] ? graph_lock+0x170/0x170 [ 480.577546] ? __lock_acquire+0x7ec/0x4ec0 [ 480.581783] ? find_held_lock+0x36/0x1c0 [ 480.585851] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 480.591455] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 480.596470] wp_page_copy+0x46c/0x14f0 [ 480.600441] ? follow_pfn+0x2e0/0x2e0 [ 480.604244] ? do_wp_page+0x76c/0x1390 [ 480.608130] ? lock_downgrade+0x900/0x900 [ 480.612300] ? kasan_check_write+0x14/0x20 [ 480.616538] ? kasan_check_read+0x11/0x20 [ 480.620684] ? do_raw_spin_unlock+0xa7/0x2f0 [ 480.625091] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 480.629671] ? __pte_alloc_kernel+0x220/0x220 [ 480.634168] ? __lock_acquire+0x7ec/0x4ec0 [ 480.638397] ? kasan_kmalloc+0xc7/0xe0 [ 480.642280] ? kasan_slab_alloc+0x12/0x20 [ 480.646425] ? kmem_cache_alloc+0x12e/0x730 [ 480.650802] do_wp_page+0x774/0x1390 [ 480.654537] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 480.659205] ? __handle_mm_fault+0x1e6c/0x53e0 [ 480.663789] ? lock_release+0x970/0x970 [ 480.667822] ? rcu_bh_qs+0xc0/0xc0 [ 480.671360] ? __lockdep_init_map+0x105/0x590 [ 480.675868] ? pmd_val+0x88/0x100 [ 480.679321] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 480.684867] ? kasan_check_write+0x14/0x20 [ 480.689102] ? do_raw_spin_lock+0xc1/0x200 [ 480.693464] __handle_mm_fault+0x2c60/0x53e0 [ 480.698027] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 480.702869] ? graph_lock+0x170/0x170 [ 480.706672] ? print_usage_bug+0xc0/0xc0 [ 480.710730] ? graph_lock+0x170/0x170 [ 480.714541] ? graph_lock+0x170/0x170 [ 480.718353] ? handle_mm_fault+0x42a/0xc70 [ 480.722594] ? lock_downgrade+0x900/0x900 [ 480.726743] ? check_preemption_disabled+0x48/0x200 [ 480.731764] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 480.737561] ? kasan_check_read+0x11/0x20 [ 480.741709] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 480.746983] ? rcu_bh_qs+0xc0/0xc0 [ 480.750534] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 480.755986] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 480.761604] ? check_preemption_disabled+0x48/0x200 [ 480.766841] handle_mm_fault+0x54f/0xc70 [ 480.770900] ? __handle_mm_fault+0x53e0/0x53e0 [ 480.775517] ? find_vma+0x34/0x190 [ 480.779129] __do_page_fault+0x67d/0xed0 [ 480.783205] ? mm_fault_error+0x380/0x380 [ 480.787351] ? trace_hardirqs_off+0xb8/0x310 [ 480.791760] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 480.797125] ? trace_hardirqs_on+0x310/0x310 [ 480.801536] do_page_fault+0xf2/0x7e0 [ 480.805380] ? vmalloc_sync_all+0x30/0x30 [ 480.809589] ? error_entry+0x70/0xd0 [ 480.813302] ? trace_hardirqs_off_caller+0xbb/0x310 [ 480.818315] ? trace_hardirqs_on_caller+0xc0/0x310 [ 480.823243] ? syscall_return_slowpath+0x5e0/0x5e0 [ 480.828169] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 480.833131] ? trace_hardirqs_on_caller+0x310/0x310 [ 480.838275] ? trace_hardirqs_off+0x310/0x310 [ 480.842769] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 480.847794] ? prepare_exit_to_usermode+0x291/0x3b0 [ 480.852924] ? page_fault+0x8/0x30 [ 480.856467] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 480.861336] ? page_fault+0x8/0x30 [ 480.864879] page_fault+0x1e/0x30 [ 480.868386] RIP: 0033:0x43e871 [ 480.871592] Code: 8d 15 13 25 0a 00 8b 0c 8a 8b 04 82 29 c8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 fa 20 48 89 f8 73 77 f6 c2 01 74 0b 0f b6 0e <88> 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6 [ 480.890565] RSP: 002b:00007ffd1aecd108 EFLAGS: 00010202 [ 480.895940] RAX: 0000000000707468 RBX: 00000000004c3fda RCX: 0000000000000066 [ 480.903358] RDX: 0000000000000007 RSI: 00000000004c3fda RDI: 0000000000707468 [ 480.910631] RBP: 0000000000000003 R08: 0000000000000001 R09: 0000000000000001 [ 480.917901] R10: 0000000000706de8 R11: 0000000000000217 R12: 0000000000706de8 [ 480.925222] R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000 [ 480.937524] Memory limit reached of cgroup /syz5 [ 480.942345] memory: usage 204964kB, limit 204800kB, failcnt 434056 [ 480.948757] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 480.955686] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 480.961833] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 480.981566] Out of memory and no killable processes... [ 480.988612] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 480.999946] syz-executor5 cpuset=syz5 mems_allowed=0 [ 481.005194] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 481.012470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 481.021848] Call Trace: [ 481.024444] dump_stack+0x1c4/0x2b4 [ 481.028079] ? dump_stack_print_info.cold.2+0x52/0x52 [ 481.033280] dump_header+0x27b/0xf72 [ 481.037132] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 481.043042] ? kasan_check_read+0x11/0x20 [ 481.047203] ? pagefault_out_of_memory+0x197/0x197 [ 481.052197] ? rcu_read_unlock+0x33/0x60 [ 481.056267] ? mem_cgroup_iter+0x514/0x1160 [ 481.060597] ? find_held_lock+0x36/0x1c0 [ 481.064669] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 481.069430] ? mark_held_locks+0xc7/0x130 [ 481.073732] ? _raw_spin_unlock_irq+0x27/0x80 [ 481.078228] ? _raw_spin_unlock_irq+0x27/0x80 [ 481.082727] ? lockdep_hardirqs_on+0x421/0x5c0 [ 481.087312] ? trace_hardirqs_on+0xbd/0x310 [ 481.091632] ? kasan_check_read+0x11/0x20 [ 481.095785] ? css_task_iter_end+0x222/0x490 [ 481.100196] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 481.105660] ? kasan_check_write+0x14/0x20 [ 481.109901] ? do_raw_spin_lock+0xc1/0x200 [ 481.114191] ? _raw_spin_unlock_irq+0x60/0x80 [ 481.118691] ? css_task_iter_end+0x2ce/0x490 [ 481.123219] ? cgroup_procs_next+0x70/0x70 [ 481.127571] ? _raw_spin_unlock_irq+0x60/0x80 [ 481.132075] ? oom_badness+0xaa0/0xaa0 [ 481.135965] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 481.140787] ? mem_cgroup_iter_break+0x30/0x30 [ 481.145382] ? mark_held_locks+0xc7/0x130 [ 481.149552] out_of_memory.cold.30+0xf/0x184 [ 481.153967] ? lockdep_hardirqs_on+0x421/0x5c0 [ 481.158560] ? kasan_check_read+0x11/0x20 [ 481.162734] ? oom_killer_disable+0x3a0/0x3a0 [ 481.167293] ? kasan_check_write+0x14/0x20 [ 481.171546] ? do_raw_spin_lock+0xc1/0x200 [ 481.175851] mem_cgroup_out_of_memory+0x15e/0x210 [ 481.180700] ? memcg_memory_event+0x40/0x40 [ 481.185024] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 481.189802] ? page_counter_try_charge+0x1c1/0x220 [ 481.194738] try_charge+0xc43/0x1690 [ 481.198475] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 481.204645] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 481.209516] ? lock_downgrade+0x900/0x900 [ 481.213669] ? check_preemption_disabled+0x48/0x200 [ 481.218696] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 481.224515] ? kasan_check_read+0x11/0x20 [ 481.228721] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 481.234039] ? rcu_bh_qs+0xc0/0xc0 [ 481.237603] ? get_mem_cgroup_from_mm+0x206/0x440 [ 481.242448] ? mem_cgroup_can_attach+0x580/0x580 [ 481.247207] ? __lock_is_held+0xb5/0x140 [ 481.251276] mem_cgroup_try_charge+0x5ea/0xe10 [ 481.255861] ? graph_lock+0x170/0x170 [ 481.259796] ? mem_cgroup_protected+0xa60/0xa60 [ 481.264467] ? graph_lock+0x170/0x170 [ 481.268302] ? __lock_acquire+0x7ec/0x4ec0 [ 481.272602] ? find_held_lock+0x36/0x1c0 [ 481.276678] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 481.282277] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 481.287226] wp_page_copy+0x46c/0x14f0 [ 481.291171] ? follow_pfn+0x2e0/0x2e0 [ 481.294975] ? do_wp_page+0x76c/0x1390 [ 481.298863] ? lock_downgrade+0x900/0x900 [ 481.303009] ? kasan_check_write+0x14/0x20 [ 481.307246] ? kasan_check_read+0x11/0x20 [ 481.311394] ? do_raw_spin_unlock+0xa7/0x2f0 [ 481.315805] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 481.320439] ? __pte_alloc_kernel+0x220/0x220 [ 481.324936] ? __lock_acquire+0x7ec/0x4ec0 [ 481.329168] ? kasan_kmalloc+0xc7/0xe0 [ 481.333064] ? kasan_slab_alloc+0x12/0x20 [ 481.337267] ? kmem_cache_alloc+0x12e/0x730 [ 481.341600] do_wp_page+0x774/0x1390 [ 481.345320] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 481.349991] ? __handle_mm_fault+0x1e6c/0x53e0 [ 481.354691] ? lock_release+0x970/0x970 [ 481.358669] ? rcu_bh_qs+0xc0/0xc0 [ 481.362212] ? __lockdep_init_map+0x105/0x590 [ 481.366764] ? pmd_val+0x88/0x100 [ 481.370232] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 481.375780] ? kasan_check_write+0x14/0x20 [ 481.380020] ? do_raw_spin_lock+0xc1/0x200 [ 481.384327] __handle_mm_fault+0x2c60/0x53e0 [ 481.388748] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 481.393593] ? graph_lock+0x170/0x170 [ 481.397397] ? print_usage_bug+0xc0/0xc0 [ 481.401460] ? graph_lock+0x170/0x170 [ 481.405296] ? graph_lock+0x170/0x170 [ 481.409107] ? handle_mm_fault+0x42a/0xc70 [ 481.413340] ? lock_downgrade+0x900/0x900 [ 481.417564] ? check_preemption_disabled+0x48/0x200 [ 481.422604] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 481.428567] ? kasan_check_read+0x11/0x20 [ 481.432737] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 481.438020] ? rcu_bh_qs+0xc0/0xc0 [ 481.441563] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 481.447019] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 481.452620] ? sync_mm_rss+0x9a/0x1c0 [ 481.456430] handle_mm_fault+0x54f/0xc70 [ 481.460516] ? __handle_mm_fault+0x53e0/0x53e0 [ 481.465104] ? find_vma+0x34/0x190 [ 481.468647] __do_page_fault+0x67d/0xed0 [ 481.472710] ? mm_fault_error+0x380/0x380 [ 481.476858] ? trace_hardirqs_off+0xb8/0x310 [ 481.481265] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 481.486630] ? trace_hardirqs_on+0x310/0x310 [ 481.491040] do_page_fault+0xf2/0x7e0 [ 481.494859] ? vmalloc_sync_all+0x30/0x30 [ 481.499014] ? error_entry+0x70/0xd0 [ 481.502729] ? trace_hardirqs_off_caller+0xbb/0x310 [ 481.507747] ? trace_hardirqs_on_caller+0xc0/0x310 [ 481.512679] ? syscall_return_slowpath+0x5e0/0x5e0 [ 481.517615] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 481.522461] ? trace_hardirqs_on_caller+0x310/0x310 [ 481.527524] ? trace_hardirqs_off+0x310/0x310 [ 481.532023] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 481.537047] ? prepare_exit_to_usermode+0x291/0x3b0 [ 481.542070] ? page_fault+0x8/0x30 [ 481.545615] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 481.550459] ? page_fault+0x8/0x30 [ 481.554020] page_fault+0x1e/0x30 [ 481.557558] RIP: 0033:0x43e871 [ 481.560752] Code: 8d 15 13 25 0a 00 8b 0c 8a 8b 04 82 29 c8 c3 66 2e 0f 1f 84 00 00 00 00 00 48 83 fa 20 48 89 f8 73 77 f6 c2 01 74 0b 0f b6 0e <88> 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6 [ 481.579741] RSP: 002b:00007ffd1aecca78 EFLAGS: 00010202 [ 481.585109] RAX: 0000000000709cc8 RBX: 0000000000000003 RCX: 0000000000000066 [ 481.592377] RDX: 0000000000000007 RSI: 00000000004c3fda RDI: 0000000000709cc8 [ 481.599700] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000 [ 481.607257] R10: 000000524f525245 R11: 0000000000000246 R12: 00000000004c3fda [ 481.614589] R13: 000000000070be80 R14: 0000000000709cc8 R15: 0000000000709cc0 [ 481.623657] Memory limit reached of cgroup /syz5 [ 481.628606] memory: usage 204968kB, limit 204800kB, failcnt 434064 [ 481.635252] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 481.642021] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 481.648363] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 481.668213] Out of memory and no killable processes... [ 481.675134] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 481.686964] syz-executor5 cpuset=syz5 mems_allowed=0 [ 481.692156] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 481.699507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 481.708866] Call Trace: [ 481.711462] dump_stack+0x1c4/0x2b4 [ 481.715514] ? dump_stack_print_info.cold.2+0x52/0x52 [ 481.720715] dump_header+0x27b/0xf72 [ 481.724434] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 481.730237] ? kasan_check_read+0x11/0x20 [ 481.734392] ? pagefault_out_of_memory+0x197/0x197 [ 481.739329] ? rcu_read_unlock+0x33/0x60 [ 481.743392] ? mem_cgroup_iter+0x514/0x1160 [ 481.747717] ? find_held_lock+0x36/0x1c0 [ 481.751781] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 481.756542] ? mark_held_locks+0xc7/0x130 [ 481.760694] ? _raw_spin_unlock_irq+0x27/0x80 [ 481.765216] ? _raw_spin_unlock_irq+0x27/0x80 [ 481.769789] ? lockdep_hardirqs_on+0x421/0x5c0 [ 481.774379] ? trace_hardirqs_on+0xbd/0x310 [ 481.778755] ? kasan_check_read+0x11/0x20 [ 481.783024] ? css_task_iter_end+0x222/0x490 [ 481.787446] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 481.792900] ? kasan_check_write+0x14/0x20 [ 481.797140] ? do_raw_spin_lock+0xc1/0x200 [ 481.801379] ? _raw_spin_unlock_irq+0x60/0x80 [ 481.805877] ? css_task_iter_end+0x2ce/0x490 [ 481.810402] ? cgroup_procs_next+0x70/0x70 [ 481.814643] ? _raw_spin_unlock_irq+0x60/0x80 [ 481.819139] ? oom_badness+0xaa0/0xaa0 [ 481.823029] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 481.827791] ? mem_cgroup_iter_break+0x30/0x30 [ 481.832380] ? mark_held_locks+0xc7/0x130 [ 481.836598] out_of_memory.cold.30+0xf/0x184 [ 481.841007] ? lockdep_hardirqs_on+0x421/0x5c0 [ 481.845610] ? kasan_check_read+0x11/0x20 [ 481.849757] ? oom_killer_disable+0x3a0/0x3a0 [ 481.854250] ? kasan_check_write+0x14/0x20 [ 481.858510] ? do_raw_spin_lock+0xc1/0x200 [ 481.862806] mem_cgroup_out_of_memory+0x15e/0x210 [ 481.867655] ? memcg_memory_event+0x40/0x40 [ 481.871975] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 481.876736] ? page_counter_try_charge+0x1c1/0x220 [ 481.881668] try_charge+0xc43/0x1690 [ 481.885390] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 481.891520] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 481.896520] ? lock_downgrade+0x900/0x900 [ 481.900669] ? check_preemption_disabled+0x48/0x200 [ 481.905689] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 481.911506] ? kasan_check_read+0x11/0x20 [ 481.915662] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 481.920940] ? rcu_bh_qs+0xc0/0xc0 [ 481.924521] ? get_mem_cgroup_from_mm+0x206/0x440 [ 481.929368] ? mem_cgroup_can_attach+0x580/0x580 [ 481.934188] ? __lock_is_held+0xb5/0x140 [ 481.938323] mem_cgroup_try_charge+0x5ea/0xe10 [ 481.942961] ? mem_cgroup_protected+0xa60/0xa60 [ 481.947635] ? find_held_lock+0x36/0x1c0 [ 481.951825] ? lock_downgrade+0x900/0x900 [ 481.955975] ? check_preemption_disabled+0x48/0x200 [ 481.961139] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 481.966942] ? kasan_check_read+0x11/0x20 [ 481.971106] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 481.976660] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 481.981617] wp_page_copy+0x46c/0x14f0 [ 481.985537] ? __kernel_text_address+0xd/0x40 [ 481.990054] ? unwind_get_return_address+0x61/0xa0 [ 481.994997] ? follow_pfn+0x2e0/0x2e0 [ 481.998806] ? do_wp_page+0x76c/0x1390 [ 482.002757] ? lock_downgrade+0x900/0x900 [ 482.006912] ? kasan_check_write+0x14/0x20 [ 482.011150] ? kasan_check_read+0x11/0x20 [ 482.015301] ? do_raw_spin_unlock+0xa7/0x2f0 [ 482.019713] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 482.024299] ? __pte_alloc_kernel+0x220/0x220 [ 482.028846] ? __lock_acquire+0x7ec/0x4ec0 [ 482.033139] ? do_raw_spin_unlock+0xa7/0x2f0 [ 482.037566] do_wp_page+0x774/0x1390 [ 482.041289] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 482.045962] ? __handle_mm_fault+0x1e6c/0x53e0 [ 482.050552] ? wait_for_completion+0x8a0/0x8a0 [ 482.055140] ? lock_release+0x970/0x970 [ 482.059153] ? __vunmap+0x335/0x460 [ 482.062786] ? pmd_val+0x88/0x100 [ 482.066244] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 482.071901] ? kasan_check_write+0x14/0x20 [ 482.076202] ? do_raw_spin_lock+0xc1/0x200 [ 482.080449] __handle_mm_fault+0x2c60/0x53e0 [ 482.084894] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 482.089751] ? graph_lock+0x170/0x170 [ 482.093617] ? print_usage_bug+0xc0/0xc0 [ 482.097800] ? graph_lock+0x170/0x170 [ 482.101596] ? graph_lock+0x170/0x170 [ 482.105408] ? handle_mm_fault+0x42a/0xc70 [ 482.109647] ? lock_downgrade+0x900/0x900 [ 482.113857] ? check_preemption_disabled+0x48/0x200 [ 482.118937] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 482.124836] ? kasan_check_read+0x11/0x20 [ 482.129021] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 482.134507] ? rcu_bh_qs+0xc0/0xc0 [ 482.138062] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 482.143597] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 482.149144] ? check_preemption_disabled+0x48/0x200 [ 482.154214] handle_mm_fault+0x54f/0xc70 [ 482.158297] ? __handle_mm_fault+0x53e0/0x53e0 [ 482.162876] ? find_vma+0x34/0x190 [ 482.166420] __do_page_fault+0x67d/0xed0 [ 482.170511] ? mm_fault_error+0x380/0x380 [ 482.174660] ? trace_hardirqs_off+0xb8/0x310 [ 482.179073] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 482.184440] ? trace_hardirqs_on+0x310/0x310 [ 482.188908] do_page_fault+0xf2/0x7e0 [ 482.192765] ? vmalloc_sync_all+0x30/0x30 [ 482.196918] ? error_entry+0x70/0xd0 [ 482.200636] ? trace_hardirqs_off_caller+0xbb/0x310 [ 482.205655] ? trace_hardirqs_on_caller+0xc0/0x310 [ 482.210651] ? syscall_return_slowpath+0x5e0/0x5e0 [ 482.215585] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 482.220430] ? trace_hardirqs_on_caller+0x310/0x310 [ 482.225446] ? trace_hardirqs_off+0x310/0x310 [ 482.229944] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 482.235098] ? prepare_exit_to_usermode+0x291/0x3b0 [ 482.240171] ? page_fault+0x8/0x30 [ 482.243772] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 482.248621] ? page_fault+0x8/0x30 [ 482.252272] page_fault+0x1e/0x30 [ 482.255724] RIP: 0033:0x43e897 [ 482.258922] Code: 0b 0f b6 0e 88 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6 02 48 83 c7 02 0f 1f 40 00 f6 c2 04 74 0c 8b 0e <89> 0f 48 83 c6 04 48 83 c7 04 f6 c2 08 74 0e 48 8b 0e 48 89 0f 48 [ 482.278017] RSP: 002b:00007ffd1aecca78 EFLAGS: 00010202 [ 482.283379] RAX: 000000000070a388 RBX: 0000000000000003 RCX: 000000000074616e [ 482.290649] RDX: 0000000000000004 RSI: 00000000004c2a64 RDI: 000000000070a388 [ 482.298032] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 482.305469] R10: 000000524f525245 R11: 0000000000000246 R12: 00000000004c2a64 [ 482.312890] R13: 000000000070be80 R14: 000000000070a388 R15: 000000000070a380 [ 482.321382] Memory limit reached of cgroup /syz5 [ 482.326297] memory: usage 204972kB, limit 204800kB, failcnt 434072 [ 482.332721] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 482.339638] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 482.345914] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 482.365818] Out of memory and no killable processes... [ 482.373256] syz-executor5 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=-1000 [ 482.385749] syz-executor5 cpuset=syz5 mems_allowed=0 [ 482.390896] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 482.398163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 482.407538] Call Trace: [ 482.410136] dump_stack+0x1c4/0x2b4 [ 482.413770] ? dump_stack_print_info.cold.2+0x52/0x52 [ 482.418966] dump_header+0x27b/0xf72 [ 482.422682] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 482.428506] ? kasan_check_read+0x11/0x20 [ 482.432660] ? pagefault_out_of_memory+0x197/0x197 [ 482.437816] ? rcu_read_unlock+0x33/0x60 [ 482.441875] ? mem_cgroup_iter+0x514/0x1160 [ 482.446198] ? find_held_lock+0x36/0x1c0 [ 482.450260] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 482.455012] ? mark_held_locks+0xc7/0x130 [ 482.459159] ? _raw_spin_unlock_irq+0x27/0x80 [ 482.463652] ? _raw_spin_unlock_irq+0x27/0x80 [ 482.468198] ? lockdep_hardirqs_on+0x421/0x5c0 [ 482.472841] ? trace_hardirqs_on+0xbd/0x310 [ 482.477179] ? kasan_check_read+0x11/0x20 [ 482.481336] ? css_task_iter_end+0x222/0x490 [ 482.485808] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 482.491265] ? kasan_check_write+0x14/0x20 [ 482.495524] ? do_raw_spin_lock+0xc1/0x200 [ 482.499765] ? _raw_spin_unlock_irq+0x60/0x80 [ 482.504331] ? css_task_iter_end+0x2ce/0x490 [ 482.508745] ? cgroup_procs_next+0x70/0x70 [ 482.512981] ? _raw_spin_unlock_irq+0x60/0x80 [ 482.517507] ? oom_badness+0xaa0/0xaa0 [ 482.521415] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 482.526182] ? mem_cgroup_iter_break+0x30/0x30 [ 482.530769] ? cgroup_file_notify+0x226/0x2f0 [ 482.535263] out_of_memory.cold.30+0xf/0x184 [ 482.539672] ? lockdep_hardirqs_on+0x421/0x5c0 [ 482.544253] ? kasan_check_read+0x11/0x20 [ 482.548403] ? oom_killer_disable+0x3a0/0x3a0 [ 482.552960] ? kasan_check_write+0x14/0x20 [ 482.557197] ? do_raw_spin_lock+0xc1/0x200 [ 482.561531] mem_cgroup_out_of_memory+0x15e/0x210 [ 482.566555] ? memcg_memory_event+0x40/0x40 [ 482.570878] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 482.575727] ? page_counter_try_charge+0x1c1/0x220 [ 482.580666] try_charge+0xc43/0x1690 [ 482.584385] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 482.589935] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 482.596002] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 482.601302] ? rcu_pm_notify+0xc0/0xc0 [ 482.605391] ? rcu_read_lock_sched_held+0x108/0x120 [ 482.610762] ? __alloc_pages_nodemask+0xb5a/0xde0 [ 482.615614] ? graph_lock+0x170/0x170 [ 482.619430] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 482.624455] ? graph_lock+0x170/0x170 [ 482.628304] ? find_held_lock+0x36/0x1c0 [ 482.632387] ? cache_grow_begin+0x5a4/0x8c0 [ 482.636776] memcg_kmem_charge_memcg+0x7c/0x120 [ 482.641456] ? memcg_kmem_put_cache+0xb0/0xb0 [ 482.646010] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 482.651567] cache_grow_begin+0x415/0x8c0 [ 482.655734] ? do_raw_spin_unlock+0xa7/0x2f0 [ 482.660211] fallback_alloc+0x203/0x2e0 [ 482.664340] ____cache_alloc_node+0x1c7/0x1e0 [ 482.668857] kmem_cache_alloc+0x1f8/0x730 [ 482.673019] sk_prot_alloc+0x69/0x2e0 [ 482.676829] sk_alloc+0x10d/0x1690 [ 482.680375] ? sock_def_error_report+0x710/0x710 [ 482.685139] ? graph_lock+0x170/0x170 [ 482.688946] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 482.693973] ? graph_lock+0x170/0x170 [ 482.697799] ? find_held_lock+0x36/0x1c0 [ 482.701933] ? inet6_create+0x485/0x1230 [ 482.706081] ? lock_downgrade+0x900/0x900 [ 482.710243] ? check_preemption_disabled+0x48/0x200 [ 482.715270] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 482.721073] ? kasan_check_read+0x11/0x20 [ 482.725224] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 482.730523] ? rcu_bh_qs+0xc0/0xc0 [ 482.734071] ? find_held_lock+0x36/0x1c0 [ 482.738288] inet6_create+0x501/0x1230 [ 482.742186] ? inet6_net_init+0x8e0/0x8e0 [ 482.746331] ? kasan_check_read+0x11/0x20 [ 482.750564] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 482.755843] ? rcu_bh_qs+0xc0/0xc0 [ 482.759389] __sock_create+0x536/0x930 [ 482.763284] ? kernel_sock_ip_overhead+0x570/0x570 [ 482.768220] ? trace_hardirqs_off+0xb8/0x310 [ 482.772632] ? do_syscall_64+0x6be/0x820 [ 482.776695] ? trace_hardirqs_on+0x310/0x310 [ 482.781112] __sys_socket+0x106/0x260 [ 482.784915] ? lockdep_hardirqs_on+0x421/0x5c0 [ 482.789517] ? move_addr_to_kernel+0x70/0x70 [ 482.793928] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 482.799292] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 482.804743] __x64_sys_socket+0x73/0xb0 [ 482.808790] do_syscall_64+0x1b9/0x820 [ 482.812676] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 482.818043] ? syscall_return_slowpath+0x5e0/0x5e0 [ 482.822988] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 482.827833] ? trace_hardirqs_on_caller+0x310/0x310 [ 482.832941] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 482.837956] ? prepare_exit_to_usermode+0x291/0x3b0 [ 482.843040] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 482.847900] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 482.853095] RIP: 0033:0x45a0e7 [ 482.856353] Code: 00 00 00 49 89 ca b8 36 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9a 88 fb ff c3 66 0f 1f 84 00 00 00 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d 88 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 482.875261] RSP: 002b:00007ffd1aecca78 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 482.882972] RAX: ffffffffffffffda RBX: 00007ffd1aecd120 RCX: 000000000045a0e7 [ 482.890276] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 000000000000000a [ 482.897545] RBP: 0000000000000029 R08: 0000000000000000 R09: 0000000000000000 [ 482.904826] R10: 000000524f525245 R11: 0000000000000246 R12: 0000000000707b00 [ 482.912134] R13: 0000000000000003 R14: 0000000000000000 R15: 0000000000000000 [ 482.922021] Memory limit reached of cgroup /syz5 [ 482.927094] memory: usage 204976kB, limit 204800kB, failcnt 434084 [ 482.933613] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 482.940455] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 482.946722] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 482.966421] Out of memory and no killable processes... [ 482.973163] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 482.984546] syz-executor5 cpuset=syz5 mems_allowed=0 [ 482.989794] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 482.997075] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 483.006426] Call Trace: [ 483.009020] dump_stack+0x1c4/0x2b4 [ 483.012746] ? dump_stack_print_info.cold.2+0x52/0x52 [ 483.017945] dump_header+0x27b/0xf72 [ 483.021688] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 483.027560] ? kasan_check_read+0x11/0x20 [ 483.031768] ? pagefault_out_of_memory+0x197/0x197 [ 483.036764] ? rcu_read_unlock+0x33/0x60 [ 483.041073] ? mem_cgroup_iter+0x514/0x1160 [ 483.045400] ? find_held_lock+0x36/0x1c0 [ 483.049470] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 483.054423] ? mark_held_locks+0xc7/0x130 [ 483.058580] ? _raw_spin_unlock_irq+0x27/0x80 [ 483.063076] ? _raw_spin_unlock_irq+0x27/0x80 [ 483.067576] ? lockdep_hardirqs_on+0x421/0x5c0 [ 483.072164] ? trace_hardirqs_on+0xbd/0x310 [ 483.076508] ? kasan_check_read+0x11/0x20 [ 483.080781] ? css_task_iter_end+0x222/0x490 [ 483.085190] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 483.090651] ? kasan_check_write+0x14/0x20 [ 483.094893] ? do_raw_spin_lock+0xc1/0x200 [ 483.099181] ? _raw_spin_unlock_irq+0x60/0x80 [ 483.103682] ? css_task_iter_end+0x2ce/0x490 [ 483.108094] ? cgroup_procs_next+0x70/0x70 [ 483.112401] ? _raw_spin_unlock_irq+0x60/0x80 [ 483.116898] ? oom_badness+0xaa0/0xaa0 [ 483.120783] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 483.125660] ? mem_cgroup_iter_break+0x30/0x30 [ 483.130252] ? mark_held_locks+0xc7/0x130 [ 483.134461] out_of_memory.cold.30+0xf/0x184 [ 483.138894] ? lockdep_hardirqs_on+0x421/0x5c0 [ 483.143473] ? kasan_check_read+0x11/0x20 [ 483.147648] ? oom_killer_disable+0x3a0/0x3a0 [ 483.152146] ? kasan_check_write+0x14/0x20 [ 483.156384] ? do_raw_spin_lock+0xc1/0x200 [ 483.160625] mem_cgroup_out_of_memory+0x15e/0x210 [ 483.165557] ? memcg_memory_event+0x40/0x40 [ 483.169935] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 483.174698] ? page_counter_try_charge+0x1c1/0x220 [ 483.179630] try_charge+0xc43/0x1690 [ 483.183352] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 483.189413] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 483.194261] ? lock_downgrade+0x900/0x900 [ 483.198408] ? check_preemption_disabled+0x48/0x200 [ 483.203429] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 483.209224] ? kasan_check_read+0x11/0x20 [ 483.213370] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 483.218645] ? rcu_bh_qs+0xc0/0xc0 [ 483.222252] ? get_mem_cgroup_from_mm+0x206/0x440 [ 483.227100] ? mem_cgroup_can_attach+0x580/0x580 [ 483.231856] ? __lock_is_held+0xb5/0x140 [ 483.235923] mem_cgroup_try_charge+0x5ea/0xe10 [ 483.240532] ? mem_cgroup_protected+0xa60/0xa60 [ 483.245207] ? find_held_lock+0x36/0x1c0 [ 483.249279] ? check_preemption_disabled+0x48/0x200 [ 483.254412] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 483.260209] ? kasan_check_read+0x11/0x20 [ 483.264355] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 483.269690] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 483.275234] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 483.280168] wp_page_copy+0x46c/0x14f0 [ 483.284060] ? unwind_get_return_address+0x61/0xa0 [ 483.288994] ? follow_pfn+0x2e0/0x2e0 [ 483.292796] ? do_wp_page+0x76c/0x1390 [ 483.296685] ? lock_downgrade+0x900/0x900 [ 483.300884] ? kasan_check_write+0x14/0x20 [ 483.305117] ? kasan_check_read+0x11/0x20 [ 483.309266] ? do_raw_spin_unlock+0xa7/0x2f0 [ 483.313673] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 483.318390] ? __pte_alloc_kernel+0x220/0x220 [ 483.322884] ? __lock_acquire+0x7ec/0x4ec0 [ 483.327122] ? trace_hardirqs_on+0x310/0x310 [ 483.331544] do_wp_page+0x774/0x1390 [ 483.335263] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 483.339986] ? __handle_mm_fault+0x1e6c/0x53e0 [ 483.344626] ? wait_for_completion+0x8a0/0x8a0 [ 483.349211] ? lock_release+0x970/0x970 [ 483.353182] ? pmd_val+0x88/0x100 [ 483.356635] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 483.362173] ? kasan_check_write+0x14/0x20 [ 483.366407] ? do_raw_spin_lock+0xc1/0x200 [ 483.370646] __handle_mm_fault+0x2c60/0x53e0 [ 483.375129] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 483.379974] ? graph_lock+0x170/0x170 [ 483.383775] ? print_usage_bug+0xc0/0xc0 [ 483.387836] ? graph_lock+0x170/0x170 [ 483.391632] ? graph_lock+0x170/0x170 [ 483.395529] ? handle_mm_fault+0x42a/0xc70 [ 483.399765] ? lock_downgrade+0x900/0x900 [ 483.403917] ? check_preemption_disabled+0x48/0x200 [ 483.408988] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 483.414796] ? kasan_check_read+0x11/0x20 [ 483.418995] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 483.424270] ? rcu_bh_qs+0xc0/0xc0 [ 483.427809] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 483.433267] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 483.439079] ? check_preemption_disabled+0x48/0x200 [ 483.444102] handle_mm_fault+0x54f/0xc70 [ 483.448168] ? __handle_mm_fault+0x53e0/0x53e0 [ 483.452749] ? find_vma+0x34/0x190 [ 483.456293] __do_page_fault+0x67d/0xed0 [ 483.460354] ? mm_fault_error+0x380/0x380 [ 483.464610] ? trace_hardirqs_off+0xb8/0x310 [ 483.469020] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 483.474382] ? trace_hardirqs_on+0x310/0x310 [ 483.478791] do_page_fault+0xf2/0x7e0 [ 483.482591] ? vmalloc_sync_all+0x30/0x30 [ 483.486739] ? error_entry+0x70/0xd0 [ 483.490450] ? trace_hardirqs_off_caller+0xbb/0x310 [ 483.495548] ? trace_hardirqs_on_caller+0xc0/0x310 [ 483.500571] ? syscall_return_slowpath+0x5e0/0x5e0 [ 483.505526] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 483.510373] ? trace_hardirqs_on_caller+0x310/0x310 [ 483.515388] ? trace_hardirqs_off+0x310/0x310 [ 483.519886] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 483.524914] ? prepare_exit_to_usermode+0x291/0x3b0 [ 483.529938] ? page_fault+0x8/0x30 [ 483.533505] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 483.538355] ? page_fault+0x8/0x30 [ 483.541895] page_fault+0x1e/0x30 [ 483.545373] RIP: 0033:0x43e897 [ 483.548621] Code: 0b 0f b6 0e 88 0f 48 ff c6 48 ff c7 f6 c2 02 74 12 0f b7 0e 66 89 0f 48 83 c6 02 48 83 c7 02 0f 1f 40 00 f6 c2 04 74 0c 8b 0e <89> 0f 48 83 c6 04 48 83 c7 04 f6 c2 08 74 0e 48 8b 0e 48 89 0f 48 [ 483.567536] RSP: 002b:00007ffd1aecca78 EFLAGS: 00010202 [ 483.573069] RAX: 00000000007081c8 RBX: 0000000000000003 RCX: 000000000074616e [ 483.580337] RDX: 0000000000000004 RSI: 00000000004c2a64 RDI: 00000000007081c8 [ 483.587605] RBP: 0000000000000029 R08: 0000000000000000 R09: 0000000000000000 [ 483.594877] R10: 000000524f525245 R11: 0000000000000246 R12: 00000000004c2a64 [ 483.602145] R13: 0000000000709cc0 R14: 00000000007081c8 R15: 00000000007081c0 [ 483.612141] Memory limit reached of cgroup /syz5 [ 483.618956] memory: usage 204868kB, limit 204800kB, failcnt 434092 [ 483.625535] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 483.632447] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 483.638657] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 483.658419] Out of memory and no killable processes... [ 483.666930] syz-executor5 invoked oom-killer: gfp_mask=0x7200c2(GFP_HIGHUSER|__GFP_ACCOUNT), nodemask=(null), order=0, oom_score_adj=-1000 [ 483.679901] syz-executor5 cpuset=syz5 mems_allowed=0 [ 483.685661] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 483.693084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 483.702804] Call Trace: [ 483.705451] dump_stack+0x1c4/0x2b4 [ 483.709080] ? dump_stack_print_info.cold.2+0x52/0x52 [ 483.714711] dump_header+0x27b/0xf72 [ 483.718430] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 483.724475] ? kasan_check_read+0x11/0x20 [ 483.728682] ? pagefault_out_of_memory+0x197/0x197 [ 483.733618] ? rcu_read_unlock+0x33/0x60 [ 483.737701] ? mem_cgroup_iter+0x514/0x1160 [ 483.742020] ? find_held_lock+0x36/0x1c0 [ 483.746092] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 483.750848] ? mark_held_locks+0xc7/0x130 [ 483.755003] ? _raw_spin_unlock_irq+0x27/0x80 [ 483.759609] ? _raw_spin_unlock_irq+0x27/0x80 [ 483.764271] ? lockdep_hardirqs_on+0x421/0x5c0 [ 483.768854] ? trace_hardirqs_on+0xbd/0x310 [ 483.773169] ? kasan_check_read+0x11/0x20 [ 483.777320] ? css_task_iter_end+0x222/0x490 [ 483.781725] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 483.787228] ? kasan_check_write+0x14/0x20 [ 483.791461] ? do_raw_spin_lock+0xc1/0x200 [ 483.795723] ? _raw_spin_unlock_irq+0x60/0x80 [ 483.800215] ? css_task_iter_end+0x2ce/0x490 [ 483.804626] ? cgroup_procs_next+0x70/0x70 [ 483.808862] ? _raw_spin_unlock_irq+0x60/0x80 [ 483.813359] ? oom_badness+0xaa0/0xaa0 [ 483.817252] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 483.822005] ? mem_cgroup_iter_break+0x30/0x30 [ 483.826593] ? mark_held_locks+0xc7/0x130 [ 483.830741] out_of_memory.cold.30+0xf/0x184 [ 483.835269] ? lockdep_hardirqs_on+0x421/0x5c0 [ 483.839851] ? kasan_check_read+0x11/0x20 [ 483.843998] ? oom_killer_disable+0x3a0/0x3a0 [ 483.848518] ? kasan_check_write+0x14/0x20 [ 483.852753] ? do_raw_spin_lock+0xc1/0x200 [ 483.856993] mem_cgroup_out_of_memory+0x15e/0x210 [ 483.861831] ? memcg_memory_event+0x40/0x40 [ 483.866151] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 483.870993] ? page_counter_try_charge+0x1c1/0x220 [ 483.875919] try_charge+0xc43/0x1690 [ 483.879629] ? lock_downgrade+0x900/0x900 [ 483.883777] ? check_preemption_disabled+0x48/0x200 [ 483.888801] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 483.894901] ? find_held_lock+0x36/0x1c0 [ 483.899018] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 483.903857] ? lock_downgrade+0x900/0x900 [ 483.908007] ? check_preemption_disabled+0x48/0x200 [ 483.913029] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 483.918839] ? kasan_check_read+0x11/0x20 [ 483.923149] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 483.928426] ? rcu_bh_qs+0xc0/0xc0 [ 483.931970] ? get_mem_cgroup_from_mm+0x206/0x440 [ 483.936816] memcg_kmem_charge_memcg+0x7c/0x120 [ 483.941580] ? memcg_kmem_put_cache+0xb0/0xb0 [ 483.946083] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 483.951192] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 483.956299] memcg_kmem_charge+0x135/0x300 [ 483.960611] __alloc_pages_nodemask+0x72e/0xde0 [ 483.965279] ? kasan_check_write+0x14/0x20 [ 483.969536] ? do_raw_spin_lock+0xc1/0x200 [ 483.973780] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 483.978796] ? __call_rcu.constprop.69+0x429/0xbc0 [ 483.983744] ? __call_rcu.constprop.69+0x429/0xbc0 [ 483.988729] ? lockdep_hardirqs_on+0x421/0x5c0 [ 483.993315] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 483.998591] ? debug_object_deactivate+0x450/0x450 [ 484.003536] ? call_rcu+0x12/0x20 [ 484.006992] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 484.012441] ? rcu_bh_qs+0xc0/0xc0 [ 484.015986] ? rcu_is_watching+0x30/0x30 [ 484.020046] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 484.025611] alloc_pages_current+0x10c/0x210 [ 484.030024] pipe_write+0x910/0xec0 [ 484.033655] __vfs_write+0x6b8/0x9f0 [ 484.037370] ? kernel_read+0x120/0x120 [ 484.041260] ? lockdep_hardirqs_on+0x421/0x5c0 [ 484.045842] ? trace_hardirqs_on+0xbd/0x310 [ 484.050165] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 484.055745] ? kasan_check_write+0x14/0x20 [ 484.060171] ? rw_verify_area+0x118/0x360 [ 484.064319] vfs_write+0x1fc/0x560 [ 484.067861] ksys_write+0x101/0x260 [ 484.071513] ? __ia32_sys_read+0xb0/0xb0 [ 484.075579] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 484.081029] __x64_sys_write+0x73/0xb0 [ 484.084921] do_syscall_64+0x1b9/0x820 [ 484.088807] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 484.094170] ? syscall_return_slowpath+0x5e0/0x5e0 [ 484.099213] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 484.104193] ? trace_hardirqs_on_caller+0x310/0x310 [ 484.109210] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 484.114293] ? prepare_exit_to_usermode+0x291/0x3b0 [ 484.119312] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 484.124157] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 484.129397] RIP: 0033:0x410f70 [ 484.132593] Code: b0 89 c8 f7 d8 eb ed b8 6e 00 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 83 3d 3d 50 63 00 00 75 14 b8 01 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 f4 19 00 00 c3 48 83 ec 08 e8 ca fc ff ff [ 484.151514] RSP: 002b:00007ffd1aecd848 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 484.159223] RAX: ffffffffffffffda RBX: 00007f02052f1000 RCX: 0000000000410f70 [ 484.166523] RDX: 0000000000000004 RSI: 00007ffd1aecd880 RDI: 00000000000000f8 [ 484.173789] RBP: 000000000072c988 R08: 0000000000000000 R09: 0000000000000000 [ 484.181054] R10: 000000524f525245 R11: 0000000000000246 R12: 0000000000000010 [ 484.188435] R13: 0000000000412e80 R14: 0000000000000000 R15: 0000000000000000 [ 484.196353] Memory limit reached of cgroup /syz5 [ 484.201297] memory: usage 204872kB, limit 204800kB, failcnt 434100 [ 484.207831] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 484.214602] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 484.220820] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:16KB inactive_file:0KB active_file:0KB unevictable:0KB [ 484.240888] Out of memory and no killable processes... [ 484.249177] syz-executor5 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=-1000 [ 484.261442] syz-executor5 cpuset=syz5 mems_allowed=0 [ 484.266850] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 484.274364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 484.283779] Call Trace: [ 484.286373] dump_stack+0x1c4/0x2b4 [ 484.290003] ? dump_stack_print_info.cold.2+0x52/0x52 [ 484.295200] dump_header+0x27b/0xf72 [ 484.299062] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 484.304865] ? kasan_check_read+0x11/0x20 [ 484.309018] ? pagefault_out_of_memory+0x197/0x197 [ 484.313950] ? rcu_read_unlock+0x33/0x60 [ 484.318009] ? mem_cgroup_iter+0x514/0x1160 [ 484.322330] ? find_held_lock+0x36/0x1c0 [ 484.326394] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 484.331145] ? mark_held_locks+0xc7/0x130 [ 484.335290] ? _raw_spin_unlock_irq+0x27/0x80 [ 484.339779] ? _raw_spin_unlock_irq+0x27/0x80 [ 484.344271] ? lockdep_hardirqs_on+0x421/0x5c0 [ 484.348852] ? trace_hardirqs_on+0xbd/0x310 [ 484.353170] ? kasan_check_read+0x11/0x20 [ 484.357317] ? css_task_iter_end+0x222/0x490 [ 484.361736] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 484.367184] ? kasan_check_write+0x14/0x20 [ 484.371420] ? do_raw_spin_lock+0xc1/0x200 [ 484.375715] ? _raw_spin_unlock_irq+0x60/0x80 [ 484.380207] ? css_task_iter_end+0x2ce/0x490 [ 484.384621] ? cgroup_procs_next+0x70/0x70 [ 484.388858] ? _raw_spin_unlock_irq+0x60/0x80 [ 484.393350] ? oom_badness+0xaa0/0xaa0 [ 484.397240] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 484.401996] ? mem_cgroup_iter_break+0x30/0x30 [ 484.406723] ? cgroup_file_notify+0x226/0x2f0 [ 484.411220] out_of_memory.cold.30+0xf/0x184 [ 484.415640] ? lockdep_hardirqs_on+0x421/0x5c0 [ 484.420222] ? kasan_check_read+0x11/0x20 [ 484.424423] ? oom_killer_disable+0x3a0/0x3a0 [ 484.428919] ? kasan_check_write+0x14/0x20 [ 484.433151] ? do_raw_spin_lock+0xc1/0x200 [ 484.437390] mem_cgroup_out_of_memory+0x15e/0x210 [ 484.442231] ? memcg_memory_event+0x40/0x40 [ 484.446568] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 484.451416] ? page_counter_try_charge+0x1c1/0x220 [ 484.456408] try_charge+0xc43/0x1690 [ 484.460123] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 484.465663] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 484.471719] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 484.476994] ? rcu_pm_notify+0xc0/0xc0 [ 484.480888] ? rcu_read_lock_sched_held+0x108/0x120 [ 484.485912] ? __alloc_pages_nodemask+0xb5a/0xde0 [ 484.490884] ? graph_lock+0x170/0x170 [ 484.494688] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 484.499705] ? graph_lock+0x170/0x170 [ 484.503539] ? find_held_lock+0x36/0x1c0 [ 484.507749] ? cache_grow_begin+0x5a4/0x8c0 [ 484.512078] memcg_kmem_charge_memcg+0x7c/0x120 [ 484.516746] ? memcg_kmem_put_cache+0xb0/0xb0 [ 484.521256] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 484.526799] cache_grow_begin+0x415/0x8c0 [ 484.531004] ? do_raw_spin_unlock+0xa7/0x2f0 [ 484.535422] fallback_alloc+0x203/0x2e0 [ 484.539404] ____cache_alloc_node+0x1c7/0x1e0 [ 484.543956] kmem_cache_alloc+0x1f8/0x730 [ 484.548311] sk_prot_alloc+0x69/0x2e0 [ 484.552113] sk_alloc+0x10d/0x1690 [ 484.555653] ? sock_def_error_report+0x710/0x710 [ 484.560410] ? graph_lock+0x170/0x170 [ 484.564206] ? do_raw_write_unlock.cold.8+0x49/0x49 [ 484.569222] ? graph_lock+0x170/0x170 [ 484.573024] ? find_held_lock+0x36/0x1c0 [ 484.577091] ? inet_create+0x48b/0x1070 [ 484.581065] ? lock_downgrade+0x900/0x900 [ 484.585213] ? check_preemption_disabled+0x48/0x200 [ 484.590379] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 484.596178] ? kasan_check_read+0x11/0x20 [ 484.600326] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 484.605603] ? rcu_bh_qs+0xc0/0xc0 [ 484.609142] ? find_held_lock+0x36/0x1c0 [ 484.613210] inet_create+0x509/0x1070 [ 484.617021] ? inet_accept+0x9e0/0x9e0 [ 484.620909] ? kasan_check_read+0x11/0x20 [ 484.625062] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 484.630364] ? rcu_bh_qs+0xc0/0xc0 [ 484.633910] __sock_create+0x536/0x930 [ 484.637801] ? kernel_sock_ip_overhead+0x570/0x570 [ 484.642733] ? trace_hardirqs_off+0xb8/0x310 [ 484.647143] ? do_syscall_64+0x6be/0x820 [ 484.651201] ? trace_hardirqs_on+0x310/0x310 [ 484.655621] __sys_socket+0x106/0x260 [ 484.659421] ? lockdep_hardirqs_on+0x421/0x5c0 [ 484.664061] ? move_addr_to_kernel+0x70/0x70 [ 484.668548] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 484.673941] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 484.679832] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 484.685379] __x64_sys_socket+0x73/0xb0 [ 484.689355] do_syscall_64+0x1b9/0x820 [ 484.693359] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 484.698842] ? syscall_return_slowpath+0x5e0/0x5e0 [ 484.703766] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 484.708674] ? trace_hardirqs_on_caller+0x310/0x310 [ 484.713687] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 484.718762] ? prepare_exit_to_usermode+0x291/0x3b0 [ 484.723779] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 484.728684] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 484.733871] RIP: 0033:0x45a0e7 [ 484.737068] Code: 00 00 00 49 89 ca b8 36 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 9a 88 fb ff c3 66 0f 1f 84 00 00 00 00 00 b8 29 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 7d 88 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 484.756028] RSP: 002b:00007ffd1aecd168 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 484.763738] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045a0e7 [ 484.771007] RDX: 0000000000000006 RSI: 0000000000000001 RDI: 0000000000000002 [ 484.778335] RBP: 0000000000000003 R08: 0000000000000000 R09: 000000000000000a [ 484.785660] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000010 [ 484.792981] R13: 0000000000412e80 R14: 0000000000000000 R15: 0000000000000000 [ 484.801069] Memory limit reached of cgroup /syz5 [ 484.806092] memory: usage 204876kB, limit 204800kB, failcnt 434112 [ 484.812753] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 484.819647] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 484.825876] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:16KB inactive_file:0KB active_file:0KB unevictable:0KB [ 484.845811] Out of memory and no killable processes... [ 484.855306] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 484.867099] syz-executor5 cpuset=syz5 mems_allowed=0 [ 484.872569] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 484.879935] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 484.889350] Call Trace: [ 484.891947] dump_stack+0x1c4/0x2b4 [ 484.895581] ? dump_stack_print_info.cold.2+0x52/0x52 [ 484.900827] dump_header+0x27b/0xf72 [ 484.904614] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 484.910413] ? kasan_check_read+0x11/0x20 [ 484.914624] ? pagefault_out_of_memory+0x197/0x197 [ 484.919564] ? rcu_read_unlock+0x33/0x60 [ 484.923679] ? mem_cgroup_iter+0x514/0x1160 [ 484.928002] ? find_held_lock+0x36/0x1c0 [ 484.932066] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 484.936823] ? mark_held_locks+0xc7/0x130 [ 484.940970] ? _raw_spin_unlock_irq+0x27/0x80 [ 484.945464] ? _raw_spin_unlock_irq+0x27/0x80 [ 484.949985] ? lockdep_hardirqs_on+0x421/0x5c0 [ 484.954572] ? trace_hardirqs_on+0xbd/0x310 [ 484.958894] ? kasan_check_read+0x11/0x20 [ 484.963104] ? css_task_iter_end+0x222/0x490 [ 484.967600] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 484.973051] ? kasan_check_write+0x14/0x20 [ 484.977288] ? do_raw_spin_lock+0xc1/0x200 [ 484.981602] ? _raw_spin_unlock_irq+0x60/0x80 [ 484.986153] ? css_task_iter_end+0x2ce/0x490 [ 484.990567] ? cgroup_procs_next+0x70/0x70 [ 484.994819] ? _raw_spin_unlock_irq+0x60/0x80 [ 484.999329] ? oom_badness+0xaa0/0xaa0 [ 485.003274] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 485.008032] ? mem_cgroup_iter_break+0x30/0x30 [ 485.012622] ? mark_held_locks+0xc7/0x130 [ 485.016791] out_of_memory.cold.30+0xf/0x184 [ 485.021200] ? lockdep_hardirqs_on+0x421/0x5c0 [ 485.025781] ? kasan_check_read+0x11/0x20 [ 485.029932] ? oom_killer_disable+0x3a0/0x3a0 [ 485.034618] ? kasan_check_write+0x14/0x20 [ 485.038912] ? do_raw_spin_lock+0xc1/0x200 [ 485.043211] mem_cgroup_out_of_memory+0x15e/0x210 [ 485.048167] ? memcg_memory_event+0x40/0x40 [ 485.052512] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 485.057428] ? page_counter_try_charge+0x1c1/0x220 [ 485.062358] try_charge+0xc43/0x1690 [ 485.066079] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 485.072132] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 485.077031] ? lock_downgrade+0x900/0x900 [ 485.081231] ? check_preemption_disabled+0x48/0x200 [ 485.086363] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 485.092155] ? kasan_check_read+0x11/0x20 [ 485.096302] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 485.101582] ? rcu_bh_qs+0xc0/0xc0 [ 485.105151] ? get_mem_cgroup_from_mm+0x206/0x440 [ 485.109994] ? mem_cgroup_can_attach+0x580/0x580 [ 485.114752] ? __lock_is_held+0xb5/0x140 [ 485.118878] mem_cgroup_try_charge+0x5ea/0xe10 [ 485.123463] ? mem_cgroup_protected+0xa60/0xa60 [ 485.128181] ? swp_swapcount+0x530/0x530 [ 485.132291] ? print_usage_bug+0xc0/0xc0 [ 485.136649] ? find_held_lock+0x36/0x1c0 [ 485.140842] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 485.146447] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 485.151524] wp_page_copy+0x46c/0x14f0 [ 485.155428] ? follow_pfn+0x2e0/0x2e0 [ 485.159418] ? do_wp_page+0x76c/0x1390 [ 485.163307] ? lock_downgrade+0x900/0x900 [ 485.167457] ? kasan_check_write+0x14/0x20 [ 485.171698] ? kasan_check_read+0x11/0x20 [ 485.175933] ? do_raw_spin_unlock+0xa7/0x2f0 [ 485.180340] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 485.184923] ? __pte_alloc_kernel+0x220/0x220 [ 485.189541] ? __lock_acquire+0x7ec/0x4ec0 [ 485.193785] do_wp_page+0x774/0x1390 [ 485.197626] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 485.202298] ? lock_release+0x970/0x970 [ 485.206268] ? __lock_acquire+0x7ec/0x4ec0 [ 485.210653] ? save_stack+0xa9/0xd0 [ 485.214331] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 485.219941] ? kasan_check_write+0x14/0x20 [ 485.224286] ? do_raw_spin_lock+0xc1/0x200 [ 485.228545] __handle_mm_fault+0x2c60/0x53e0 [ 485.233054] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 485.238079] ? trace_hardirqs_off+0xb8/0x310 [ 485.242514] ? graph_lock+0x170/0x170 [ 485.246316] ? print_usage_bug+0xc0/0xc0 [ 485.250376] ? print_usage_bug+0xc0/0xc0 [ 485.254438] ? print_usage_bug+0xc0/0xc0 [ 485.258518] ? graph_lock+0x170/0x170 [ 485.262326] ? graph_lock+0x170/0x170 [ 485.266124] ? graph_lock+0x170/0x170 [ 485.270091] ? handle_mm_fault+0x42a/0xc70 [ 485.274340] ? lock_downgrade+0x900/0x900 [ 485.278605] ? check_preemption_disabled+0x48/0x200 [ 485.283676] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 485.289473] ? kasan_check_read+0x11/0x20 [ 485.293645] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 485.298996] ? rcu_bh_qs+0xc0/0xc0 [ 485.302605] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 485.308061] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 485.313600] ? check_preemption_disabled+0x48/0x200 [ 485.318679] handle_mm_fault+0x54f/0xc70 [ 485.322744] ? __handle_mm_fault+0x53e0/0x53e0 [ 485.327330] ? find_vma+0x34/0x190 [ 485.330873] __do_page_fault+0x67d/0xed0 [ 485.334938] ? mm_fault_error+0x380/0x380 [ 485.339100] do_page_fault+0xf2/0x7e0 [ 485.342902] ? vmalloc_sync_all+0x30/0x30 [ 485.347049] ? error_entry+0x76/0xd0 [ 485.350763] ? trace_hardirqs_off_caller+0xbb/0x310 [ 485.355781] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 485.360623] ? trace_hardirqs_on_caller+0x310/0x310 [ 485.365640] ? find_held_lock+0x36/0x1c0 [ 485.369703] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 485.374613] page_fault+0x1e/0x30 [ 485.378067] RIP: 0010:copy_user_generic_unrolled+0x89/0xc0 [ 485.383689] Code: 38 4c 89 47 20 4c 89 4f 28 4c 89 57 30 4c 89 5f 38 48 8d 76 40 48 8d 7f 40 ff c9 75 b6 89 d1 83 e2 07 c1 e9 03 74 12 4c 8b 06 <4c> 89 07 48 8d 76 08 48 8d 7f 08 ff c9 75 ee 21 d2 74 10 89 d1 8a [ 485.402592] RSP: 0018:ffff880178157928 EFLAGS: 00010202 [ 485.408069] RAX: ffffed0031757407 RBX: 0000000000000038 RCX: 0000000000000007 [ 485.415339] RDX: 0000000000000000 RSI: ffff88018baba000 RDI: 0000000000728020 [ 485.423917] RBP: ffff880178157960 R08: badc0ffeebadface R09: ffffed0031757400 [ 485.433005] R10: ffffed0031757406 R11: ffff88018baba037 R12: 0000000000728058 [ 485.440273] R13: 0000000000728020 R14: ffff88018baba000 R15: 00007ffffffff000 [ 485.447562] ? copyout+0xe4/0x100 [ 485.451020] copy_page_to_iter+0x411/0xff0 [ 485.455255] ? _copy_to_iter+0x1540/0x1540 [ 485.459521] ? rcu_is_watching+0x30/0x30 [ 485.463637] ? graph_lock+0x170/0x170 [ 485.467447] pipe_read+0x4fc/0x940 [ 485.471088] __vfs_read+0x6ac/0x9b0 [ 485.474720] ? vfs_copy_file_range+0xb90/0xb90 [ 485.479304] ? fsnotify+0x12f0/0x12f0 [ 485.483111] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 485.488578] ? rw_verify_area+0x118/0x360 [ 485.492727] vfs_read+0x17f/0x3c0 [ 485.496186] ksys_read+0x101/0x260 [ 485.499724] ? kernel_write+0x120/0x120 [ 485.503764] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 485.509215] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 485.514839] __x64_sys_read+0x73/0xb0 [ 485.518656] do_syscall_64+0x1b9/0x820 [ 485.522545] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 485.527914] ? syscall_return_slowpath+0x5e0/0x5e0 [ 485.532902] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 485.537745] ? trace_hardirqs_on_caller+0x310/0x310 [ 485.542762] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 485.547935] ? prepare_exit_to_usermode+0x291/0x3b0 [ 485.552954] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 485.557798] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 485.563150] RIP: 0033:0x410fd0 [ 485.566344] Code: 01 f0 ff ff 0f 83 c0 19 00 00 c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 83 3d dd 4f 63 00 00 75 14 b8 00 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 94 19 00 00 c3 48 83 ec 08 e8 6a fc ff ff [ 485.585410] RSP: 002b:00007ffd1aecd848 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 [ 485.593117] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000410fd0 [ 485.600385] RDX: 0000000000000038 RSI: 0000000000728020 RDI: 00000000000000f9 [ 485.607655] RBP: 0000000000000003 R08: 00000000000003b8 R09: 0000000000004000 [ 485.615246] R10: 0000000000709660 R11: 0000000000000246 R12: 0000000000000010 [ 485.622603] R13: 0000000000412e80 R14: 0000000000000000 R15: 0000000000000000 [ 485.631231] Memory limit reached of cgroup /syz5 [ 485.636250] memory: usage 204860kB, limit 204800kB, failcnt 434120 [ 485.642597] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 485.649431] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 485.656068] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:16KB inactive_file:0KB active_file:0KB unevictable:0KB [ 485.675987] Out of memory and no killable processes... [ 485.681888] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=-1000 [ 485.694872] syz-executor5 cpuset=syz5 mems_allowed=0 [ 485.699996] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 485.707585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 485.717070] Call Trace: [ 485.719733] dump_stack+0x1c4/0x2b4 [ 485.723367] ? dump_stack_print_info.cold.2+0x52/0x52 [ 485.728574] dump_header+0x27b/0xf72 [ 485.732291] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 485.738084] ? kasan_check_read+0x11/0x20 [ 485.742284] ? pagefault_out_of_memory+0x197/0x197 [ 485.747270] ? rcu_read_unlock+0x33/0x60 [ 485.751404] ? mem_cgroup_iter+0x514/0x1160 [ 485.755778] ? find_held_lock+0x36/0x1c0 [ 485.759842] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 485.764602] ? mark_held_locks+0xc7/0x130 [ 485.768766] ? _raw_spin_unlock_irq+0x27/0x80 [ 485.773280] ? _raw_spin_unlock_irq+0x27/0x80 [ 485.777805] ? lockdep_hardirqs_on+0x421/0x5c0 [ 485.782412] ? trace_hardirqs_on+0xbd/0x310 [ 485.786837] ? kasan_check_read+0x11/0x20 [ 485.791009] ? css_task_iter_end+0x222/0x490 [ 485.795450] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 485.800951] ? kasan_check_write+0x14/0x20 [ 485.805323] ? do_raw_spin_lock+0xc1/0x200 [ 485.809629] ? _raw_spin_unlock_irq+0x60/0x80 [ 485.814126] ? css_task_iter_end+0x2ce/0x490 [ 485.818600] ? cgroup_procs_next+0x70/0x70 [ 485.822837] ? _raw_spin_unlock_irq+0x60/0x80 [ 485.827386] ? oom_badness+0xaa0/0xaa0 [ 485.831277] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 485.836034] ? mem_cgroup_iter_break+0x30/0x30 [ 485.840742] ? cgroup_file_notify+0x226/0x2f0 [ 485.845295] out_of_memory.cold.30+0xf/0x184 [ 485.849702] ? lockdep_hardirqs_on+0x421/0x5c0 [ 485.854283] ? kasan_check_read+0x11/0x20 [ 485.858433] ? oom_killer_disable+0x3a0/0x3a0 [ 485.862940] ? kasan_check_write+0x14/0x20 [ 485.867293] ? do_raw_spin_lock+0xc1/0x200 [ 485.871613] mem_cgroup_out_of_memory+0x15e/0x210 [ 485.876455] ? memcg_memory_event+0x40/0x40 [ 485.880777] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 485.885677] ? page_counter_try_charge+0x1c1/0x220 [ 485.890612] try_charge+0xc43/0x1690 [ 485.894328] ? lock_downgrade+0x900/0x900 [ 485.898480] ? check_preemption_disabled+0x48/0x200 [ 485.903612] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 485.909674] ? find_held_lock+0x36/0x1c0 [ 485.913743] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 485.918707] ? lock_downgrade+0x900/0x900 [ 485.922901] ? check_preemption_disabled+0x48/0x200 [ 485.927921] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 485.933715] ? kasan_check_read+0x11/0x20 [ 485.937865] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 485.943143] ? rcu_bh_qs+0xc0/0xc0 [ 485.946824] ? get_mem_cgroup_from_mm+0x206/0x440 [ 485.951723] memcg_kmem_charge_memcg+0x7c/0x120 [ 485.956393] ? memcg_kmem_put_cache+0xb0/0xb0 [ 485.960887] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 485.966344] memcg_kmem_charge+0x135/0x300 [ 485.970729] __alloc_pages_nodemask+0x72e/0xde0 [ 485.975535] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 485.980818] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 485.985836] ? check_preemption_disabled+0x48/0x200 [ 485.990854] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 485.996390] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 486.001671] ? percpu_ref_put_many+0x13e/0x260 [ 486.006307] ? rcu_pm_notify+0xc0/0xc0 [ 486.010198] ? copy_process+0x1ff4/0x8780 [ 486.014463] ? rcu_read_lock_sched_held+0x108/0x120 [ 486.019528] ? kmem_cache_alloc_node+0x349/0x730 [ 486.024341] copy_process+0xa09/0x8780 [ 486.028231] ? task_change_group_fair+0xa30/0xa30 [ 486.033085] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 486.038626] ? graph_lock+0x170/0x170 [ 486.042600] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 486.048141] ? PageHuge+0x183/0x2b0 [ 486.051769] ? vma_kernel_pagesize+0xb0/0xb0 [ 486.056315] ? __cleanup_sighand+0x70/0x70 [ 486.060549] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 486.066227] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 486.071769] ? page_swapcount+0x1d0/0x1d0 [ 486.076029] ? try_to_wake_up+0x10a/0x12f0 [ 486.080265] ? lock_downgrade+0x900/0x900 [ 486.084405] ? lock_downgrade+0x900/0x900 [ 486.088679] ? trace_hardirqs_off+0xb8/0x310 [ 486.093203] ? kasan_check_read+0x11/0x20 [ 486.097621] ? do_raw_spin_unlock+0xa7/0x2f0 [ 486.102108] ? trace_hardirqs_on+0x310/0x310 [ 486.106548] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 486.111652] ? try_to_wake_up+0x10a/0x12f0 [ 486.115891] ? print_usage_bug+0xc0/0xc0 [ 486.119947] ? migrate_swap_stop+0x930/0x930 [ 486.124358] ? __handle_mm_fault+0x9ab/0x53e0 [ 486.128855] ? graph_lock+0x170/0x170 [ 486.132655] ? print_usage_bug+0xc0/0xc0 [ 486.136773] ? trace_hardirqs_off+0xb8/0x310 [ 486.141237] ? __lock_acquire+0x7ec/0x4ec0 [ 486.145475] ? print_usage_bug+0xc0/0xc0 [ 486.149574] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 486.155112] ? reuse_swap_page+0x4bd/0x1520 [ 486.159431] ? swp_swapcount+0x530/0x530 [ 486.163518] ? __lock_acquire+0x7ec/0x4ec0 [ 486.167754] ? mark_held_locks+0x130/0x130 [ 486.171986] ? rcu_bh_qs+0xc0/0xc0 [ 486.175639] ? __lock_acquire+0x7ec/0x4ec0 [ 486.179877] ? mark_held_locks+0x130/0x130 [ 486.184163] ? graph_lock+0x170/0x170 [ 486.188015] ? mark_held_locks+0x130/0x130 [ 486.192251] ? check_preemption_disabled+0x48/0x200 [ 486.197266] ? check_preemption_disabled+0x48/0x200 [ 486.202344] ? find_held_lock+0x36/0x1c0 [ 486.206405] ? print_usage_bug+0xc0/0xc0 [ 486.210468] ? print_usage_bug+0xc0/0xc0 [ 486.214715] ? do_wp_page+0xa6f/0x1390 [ 486.218691] ? lock_downgrade+0x900/0x900 [ 486.222842] ? wake_up_page_bit+0x6f0/0x6f0 [ 486.227168] ? kasan_check_read+0x11/0x20 [ 486.231320] ? __lock_acquire+0x7ec/0x4ec0 [ 486.235558] ? _raw_spin_unlock+0x2c/0x50 [ 486.239766] ? mark_held_locks+0x130/0x130 [ 486.244002] ? find_held_lock+0x36/0x1c0 [ 486.248070] ? lock_release+0x970/0x970 [ 486.252046] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 486.257588] ? kasan_check_write+0x14/0x20 [ 486.261820] ? do_raw_spin_lock+0xc1/0x200 [ 486.266133] ? __handle_mm_fault+0x9ab/0x53e0 [ 486.270645] ? graph_lock+0x170/0x170 [ 486.274441] ? graph_lock+0x170/0x170 [ 486.278244] ? touch_atime+0x103/0x320 [ 486.282129] ? graph_lock+0x170/0x170 [ 486.285930] ? atime_needs_update+0x710/0x710 [ 486.290425] ? graph_lock+0x170/0x170 [ 486.294226] ? graph_lock+0x170/0x170 [ 486.298038] ? find_held_lock+0x36/0x1c0 [ 486.302113] _do_fork+0x1cb/0x11d0 [ 486.305658] ? fork_idle+0x1d0/0x1d0 [ 486.309423] ? lock_downgrade+0x900/0x900 [ 486.313693] ? kasan_check_read+0x11/0x20 [ 486.317896] ? _copy_to_user+0xc8/0x110 [ 486.321872] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 486.327410] ? put_timespec64+0x10f/0x1b0 [ 486.331728] ? nsecs_to_jiffies+0x30/0x30 [ 486.335882] ? do_syscall_64+0x9a/0x820 [ 486.339856] ? do_syscall_64+0x9a/0x820 [ 486.343965] ? lockdep_hardirqs_on+0x421/0x5c0 [ 486.348563] ? trace_hardirqs_on+0xbd/0x310 [ 486.352888] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 486.358445] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 486.363808] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 486.369401] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 486.374945] __x64_sys_clone+0xbf/0x150 [ 486.378925] do_syscall_64+0x1b9/0x820 [ 486.382814] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 486.388180] ? syscall_return_slowpath+0x5e0/0x5e0 [ 486.393118] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 486.398201] ? trace_hardirqs_on_caller+0x310/0x310 [ 486.403269] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 486.408292] ? prepare_exit_to_usermode+0x291/0x3b0 [ 486.413313] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 486.418163] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 486.423407] RIP: 0033:0x455b4a [ 486.426777] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 486.445913] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 486.453634] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 486.460910] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 486.468332] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 486.475605] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 486.482875] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 486.494732] Memory limit reached of cgroup /syz5 [ 486.499673] memory: usage 204864kB, limit 204800kB, failcnt 434128 [ 486.506338] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 486.513227] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 486.519540] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 486.539600] Out of memory and no killable processes... [ 486.546478] syz-executor5 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=-1000 [ 486.558761] syz-executor5 cpuset=syz5 mems_allowed=0 [ 486.563885] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 486.571153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 486.580525] Call Trace: [ 486.583119] dump_stack+0x1c4/0x2b4 [ 486.586751] ? dump_stack_print_info.cold.2+0x52/0x52 [ 486.592001] dump_header+0x27b/0xf72 [ 486.595833] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 486.601638] ? kasan_check_read+0x11/0x20 [ 486.605788] ? pagefault_out_of_memory+0x197/0x197 [ 486.612199] ? rcu_read_unlock+0x33/0x60 [ 486.616373] ? mem_cgroup_iter+0x514/0x1160 [ 486.620708] ? find_held_lock+0x36/0x1c0 [ 486.624772] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 486.629549] ? mark_held_locks+0xc7/0x130 [ 486.633814] ? _raw_spin_unlock_irq+0x27/0x80 [ 486.638390] ? _raw_spin_unlock_irq+0x27/0x80 [ 486.642887] ? lockdep_hardirqs_on+0x421/0x5c0 [ 486.647475] ? trace_hardirqs_on+0xbd/0x310 [ 486.651825] ? kasan_check_read+0x11/0x20 [ 486.655974] ? css_task_iter_end+0x222/0x490 [ 486.660382] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 486.665939] ? kasan_check_write+0x14/0x20 [ 486.670176] ? do_raw_spin_lock+0xc1/0x200 [ 486.674411] ? _raw_spin_unlock_irq+0x60/0x80 [ 486.678903] ? css_task_iter_end+0x2ce/0x490 [ 486.683318] ? cgroup_procs_next+0x70/0x70 [ 486.687570] ? _raw_spin_unlock_irq+0x60/0x80 [ 486.692085] ? oom_badness+0xaa0/0xaa0 [ 486.695979] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 486.700740] ? mem_cgroup_iter_break+0x30/0x30 [ 486.705346] ? cgroup_file_notify+0x226/0x2f0 [ 486.709851] out_of_memory.cold.30+0xf/0x184 [ 486.714260] ? lockdep_hardirqs_on+0x421/0x5c0 [ 486.718847] ? kasan_check_read+0x11/0x20 [ 486.723004] ? oom_killer_disable+0x3a0/0x3a0 [ 486.727520] ? kasan_check_write+0x14/0x20 [ 486.731759] ? do_raw_spin_lock+0xc1/0x200 [ 486.736050] mem_cgroup_out_of_memory+0x15e/0x210 [ 486.740905] ? memcg_memory_event+0x40/0x40 [ 486.745277] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 486.750124] ? page_counter_try_charge+0x1c1/0x220 [ 486.755111] try_charge+0xc43/0x1690 [ 486.758880] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 486.764426] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 486.770598] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 486.775874] ? rcu_pm_notify+0xc0/0xc0 [ 486.779766] ? rcu_read_lock_sched_held+0x108/0x120 [ 486.784982] ? __alloc_pages_nodemask+0xb5a/0xde0 [ 486.789939] ? graph_lock+0x170/0x170 [ 486.793742] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 486.798754] ? graph_lock+0x170/0x170 [ 486.802561] ? find_held_lock+0x36/0x1c0 [ 486.806626] ? cache_grow_begin+0x5a4/0x8c0 [ 486.811026] memcg_kmem_charge_memcg+0x7c/0x120 [ 486.815752] ? memcg_kmem_put_cache+0xb0/0xb0 [ 486.820302] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 486.825841] cache_grow_begin+0x415/0x8c0 [ 486.829990] ? do_raw_spin_unlock+0xa7/0x2f0 [ 486.834399] fallback_alloc+0x203/0x2e0 [ 486.838379] ____cache_alloc_node+0x1c7/0x1e0 [ 486.842876] kmem_cache_alloc+0x1f8/0x730 [ 486.847025] copy_process+0x28dc/0x8780 [ 486.850997] ? task_change_group_fair+0xa30/0xa30 [ 486.855895] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 486.861436] ? graph_lock+0x170/0x170 [ 486.865334] ? __cleanup_sighand+0x70/0x70 [ 486.869631] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 486.875167] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 486.880882] ? page_swapcount+0x1d0/0x1d0 [ 486.885030] ? try_to_wake_up+0x10a/0x12f0 [ 486.889268] ? lock_downgrade+0x900/0x900 [ 486.893415] ? lock_downgrade+0x900/0x900 [ 486.897569] ? trace_hardirqs_off+0xb8/0x310 [ 486.902030] ? kasan_check_read+0x11/0x20 [ 486.906300] ? do_raw_spin_unlock+0xa7/0x2f0 [ 486.910727] ? trace_hardirqs_on+0x310/0x310 [ 486.915143] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 486.920246] ? try_to_wake_up+0x10a/0x12f0 [ 486.924508] ? print_usage_bug+0xc0/0xc0 [ 486.928577] ? migrate_swap_stop+0x930/0x930 [ 486.932984] ? __handle_mm_fault+0x9ab/0x53e0 [ 486.937516] ? graph_lock+0x170/0x170 [ 486.941325] ? print_usage_bug+0xc0/0xc0 [ 486.945391] ? __lock_acquire+0x7ec/0x4ec0 [ 486.949632] ? print_usage_bug+0xc0/0xc0 [ 486.953842] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 486.959393] ? reuse_swap_page+0x4bd/0x1520 [ 486.963771] ? swp_swapcount+0x530/0x530 [ 486.968169] ? __lock_acquire+0x7ec/0x4ec0 [ 486.972408] ? mark_held_locks+0x130/0x130 [ 486.976643] ? rcu_bh_qs+0xc0/0xc0 [ 486.980187] ? __lock_acquire+0x7ec/0x4ec0 [ 486.984425] ? mark_held_locks+0x130/0x130 [ 486.988662] ? graph_lock+0x170/0x170 [ 486.992463] ? mark_held_locks+0x130/0x130 [ 486.996726] ? check_preemption_disabled+0x48/0x200 [ 487.001797] ? check_preemption_disabled+0x48/0x200 [ 487.006949] ? find_held_lock+0x36/0x1c0 [ 487.011008] ? print_usage_bug+0xc0/0xc0 [ 487.015074] ? print_usage_bug+0xc0/0xc0 [ 487.019148] ? do_wp_page+0xa6f/0x1390 [ 487.023037] ? lock_downgrade+0x900/0x900 [ 487.027195] ? wake_up_page_bit+0x6f0/0x6f0 [ 487.031541] ? kasan_check_read+0x11/0x20 [ 487.035701] ? __lock_acquire+0x7ec/0x4ec0 [ 487.039954] ? _raw_spin_unlock+0x2c/0x50 [ 487.044235] ? mark_held_locks+0x130/0x130 [ 487.048467] ? find_held_lock+0x36/0x1c0 [ 487.052561] ? lock_release+0x970/0x970 [ 487.056564] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 487.062102] ? kasan_check_write+0x14/0x20 [ 487.066337] ? do_raw_spin_lock+0xc1/0x200 [ 487.070581] ? __handle_mm_fault+0x9ab/0x53e0 [ 487.075085] ? graph_lock+0x170/0x170 [ 487.078939] ? graph_lock+0x170/0x170 [ 487.082736] ? touch_atime+0x103/0x320 [ 487.086621] ? graph_lock+0x170/0x170 [ 487.090417] ? atime_needs_update+0x710/0x710 [ 487.094910] ? graph_lock+0x170/0x170 [ 487.098708] ? graph_lock+0x170/0x170 [ 487.102540] ? find_held_lock+0x36/0x1c0 [ 487.106606] _do_fork+0x1cb/0x11d0 [ 487.110198] ? fork_idle+0x1d0/0x1d0 [ 487.113925] ? lock_downgrade+0x900/0x900 [ 487.118135] ? kasan_check_read+0x11/0x20 [ 487.122284] ? _copy_to_user+0xc8/0x110 [ 487.126259] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 487.131794] ? put_timespec64+0x10f/0x1b0 [ 487.135939] ? nsecs_to_jiffies+0x30/0x30 [ 487.140084] ? do_syscall_64+0x9a/0x820 [ 487.144057] ? do_syscall_64+0x9a/0x820 [ 487.148033] ? lockdep_hardirqs_on+0x421/0x5c0 [ 487.152620] ? trace_hardirqs_on+0xbd/0x310 [ 487.156937] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 487.162471] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 487.167858] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 487.173305] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 487.178842] __x64_sys_clone+0xbf/0x150 [ 487.182817] do_syscall_64+0x1b9/0x820 [ 487.186699] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 487.192075] ? syscall_return_slowpath+0x5e0/0x5e0 [ 487.197078] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 487.201975] ? trace_hardirqs_on_caller+0x310/0x310 [ 487.206990] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 487.212066] ? prepare_exit_to_usermode+0x291/0x3b0 [ 487.217083] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 487.221932] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 487.227238] RIP: 0033:0x455b4a [ 487.230431] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 487.249644] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 487.257353] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 487.264671] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 487.271937] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 487.279256] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 487.286541] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 487.294845] Memory limit reached of cgroup /syz5 [ 487.299652] memory: usage 204896kB, limit 204800kB, failcnt 434140 [ 487.306297] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 487.313070] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 487.319275] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 487.339220] Out of memory and no killable processes... [ 487.345268] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 487.358243] syz-executor5 cpuset=syz5 mems_allowed=0 [ 487.363644] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 487.371079] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 487.380535] Call Trace: [ 487.383131] dump_stack+0x1c4/0x2b4 [ 487.386968] ? dump_stack_print_info.cold.2+0x52/0x52 [ 487.392165] dump_header+0x27b/0xf72 [ 487.395883] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 487.401729] ? kasan_check_read+0x11/0x20 [ 487.405882] ? pagefault_out_of_memory+0x197/0x197 [ 487.410815] ? rcu_read_unlock+0x33/0x60 [ 487.414873] ? mem_cgroup_iter+0x514/0x1160 [ 487.419191] ? find_held_lock+0x36/0x1c0 [ 487.423255] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 487.428155] ? mark_held_locks+0xc7/0x130 [ 487.432302] ? _raw_spin_unlock_irq+0x27/0x80 [ 487.436823] ? _raw_spin_unlock_irq+0x27/0x80 [ 487.441317] ? lockdep_hardirqs_on+0x421/0x5c0 [ 487.445896] ? trace_hardirqs_on+0xbd/0x310 [ 487.450262] ? kasan_check_read+0x11/0x20 [ 487.454408] ? css_task_iter_end+0x222/0x490 [ 487.458827] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 487.464273] ? kasan_check_write+0x14/0x20 [ 487.468740] ? do_raw_spin_lock+0xc1/0x200 [ 487.472976] ? _raw_spin_unlock_irq+0x60/0x80 [ 487.477470] ? css_task_iter_end+0x2ce/0x490 [ 487.481906] ? cgroup_procs_next+0x70/0x70 [ 487.486190] ? _raw_spin_unlock_irq+0x60/0x80 [ 487.490686] ? oom_badness+0xaa0/0xaa0 [ 487.494628] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 487.499531] ? mem_cgroup_iter_break+0x30/0x30 [ 487.504122] ? cgroup_file_notify+0x226/0x2f0 [ 487.508715] out_of_memory.cold.30+0xf/0x184 [ 487.513174] ? lockdep_hardirqs_on+0x421/0x5c0 [ 487.517758] ? kasan_check_read+0x11/0x20 [ 487.521905] ? oom_killer_disable+0x3a0/0x3a0 [ 487.526462] ? kasan_check_write+0x14/0x20 [ 487.530748] ? do_raw_spin_lock+0xc1/0x200 [ 487.535039] mem_cgroup_out_of_memory+0x15e/0x210 [ 487.539893] ? memcg_memory_event+0x40/0x40 [ 487.544327] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 487.549171] ? page_counter_try_charge+0x1c1/0x220 [ 487.554098] try_charge+0xc43/0x1690 [ 487.557810] ? lock_downgrade+0x900/0x900 [ 487.562097] ? check_preemption_disabled+0x48/0x200 [ 487.567412] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 487.573470] ? find_held_lock+0x36/0x1c0 [ 487.577560] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 487.582398] ? lock_downgrade+0x900/0x900 [ 487.586545] ? check_preemption_disabled+0x48/0x200 [ 487.591621] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 487.597417] ? kasan_check_read+0x11/0x20 [ 487.601564] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 487.607156] ? rcu_bh_qs+0xc0/0xc0 [ 487.610708] ? get_mem_cgroup_from_mm+0x206/0x440 [ 487.615702] memcg_kmem_charge_memcg+0x7c/0x120 [ 487.620372] ? memcg_kmem_put_cache+0xb0/0xb0 [ 487.624865] ? print_usage_bug+0xc0/0xc0 [ 487.628930] memcg_kmem_charge+0x135/0x300 [ 487.633169] __alloc_pages_nodemask+0x72e/0xde0 [ 487.638004] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 487.643156] ? lock_downgrade+0x900/0x900 [ 487.647307] ? check_preemption_disabled+0x48/0x200 [ 487.652376] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 487.658168] ? kasan_check_read+0x11/0x20 [ 487.662312] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 487.667590] ? rcu_bh_qs+0xc0/0xc0 [ 487.671181] ? unwind_dump+0x190/0x190 [ 487.675075] ? is_bpf_text_address+0xd3/0x170 [ 487.679574] ? kernel_text_address+0x79/0xf0 [ 487.683981] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 487.689543] alloc_pages_current+0x10c/0x210 [ 487.693955] __get_free_pages+0xc/0x40 [ 487.697841] pgd_alloc+0x9a/0x480 [ 487.701291] ? __init_rwsem+0x1cc/0x2a0 [ 487.705263] ? pgd_page_get_mm+0x40/0x40 [ 487.709629] ? save_stack+0xa9/0xd0 [ 487.713324] ? save_stack+0x43/0xd0 [ 487.716950] ? kasan_slab_alloc+0x12/0x20 [ 487.721097] ? kmem_cache_alloc+0x12e/0x730 [ 487.725466] ? copy_process+0x3564/0x8780 [ 487.729634] ? _do_fork+0x1cb/0x11d0 [ 487.733354] ? __x64_sys_clone+0xbf/0x150 [ 487.737522] ? do_syscall_64+0x1b9/0x820 [ 487.741582] ? __lockdep_init_map+0x105/0x590 [ 487.746083] mm_init+0x740/0xc30 [ 487.749526] ? list_add_tail_rcu+0x200/0x200 [ 487.753992] ? kasan_check_read+0x11/0x20 [ 487.758140] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 487.763414] ? rcu_bh_qs+0xc0/0xc0 [ 487.767129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 487.772856] ? check_preemption_disabled+0x48/0x200 [ 487.777922] ? check_preemption_disabled+0x48/0x200 [ 487.783112] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 487.788651] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 487.793926] ? rcu_pm_notify+0xc0/0xc0 [ 487.797814] ? rcu_read_lock_sched_held+0x108/0x120 [ 487.802832] ? kmem_cache_alloc+0x33a/0x730 [ 487.807158] copy_process+0x35cb/0x8780 [ 487.811144] ? task_change_group_fair+0xa30/0xa30 [ 487.815988] ? graph_lock+0x170/0x170 [ 487.819800] ? __cleanup_sighand+0x70/0x70 [ 487.824035] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 487.829573] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 487.835169] ? page_swapcount+0x1d0/0x1d0 [ 487.839312] ? try_to_wake_up+0x10a/0x12f0 [ 487.843567] ? lock_downgrade+0x900/0x900 [ 487.847715] ? lock_downgrade+0x900/0x900 [ 487.851862] ? trace_hardirqs_off+0xb8/0x310 [ 487.856264] ? kasan_check_read+0x11/0x20 [ 487.860509] ? trace_hardirqs_on+0x310/0x310 [ 487.864948] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 487.870049] ? try_to_wake_up+0x10a/0x12f0 [ 487.874350] ? print_usage_bug+0xc0/0xc0 [ 487.878462] ? migrate_swap_stop+0x930/0x930 [ 487.882895] ? __handle_mm_fault+0x9ab/0x53e0 [ 487.887390] ? graph_lock+0x170/0x170 [ 487.891199] ? print_usage_bug+0xc0/0xc0 [ 487.895260] ? __lock_acquire+0x7ec/0x4ec0 [ 487.899613] ? print_usage_bug+0xc0/0xc0 [ 487.903675] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 487.909209] ? reuse_swap_page+0x4bd/0x1520 [ 487.913545] ? swp_swapcount+0x530/0x530 [ 487.917664] ? __lock_acquire+0x7ec/0x4ec0 [ 487.921952] ? mark_held_locks+0x130/0x130 [ 487.926186] ? rcu_bh_qs+0xc0/0xc0 [ 487.929726] ? __lock_acquire+0x7ec/0x4ec0 [ 487.934074] ? mark_held_locks+0x130/0x130 [ 487.938307] ? graph_lock+0x170/0x170 [ 487.942105] ? mark_held_locks+0x130/0x130 [ 487.946339] ? check_preemption_disabled+0x48/0x200 [ 487.951354] ? check_preemption_disabled+0x48/0x200 [ 487.956373] ? find_held_lock+0x36/0x1c0 [ 487.960431] ? print_usage_bug+0xc0/0xc0 [ 487.964519] ? print_usage_bug+0xc0/0xc0 [ 487.968642] ? do_wp_page+0xa6f/0x1390 [ 487.972595] ? lock_downgrade+0x900/0x900 [ 487.976745] ? wake_up_page_bit+0x6f0/0x6f0 [ 487.981192] ? kasan_check_read+0x11/0x20 [ 487.985344] ? __lock_acquire+0x7ec/0x4ec0 [ 487.989577] ? _raw_spin_unlock+0x2c/0x50 [ 487.993737] ? mark_held_locks+0x130/0x130 [ 487.997965] ? find_held_lock+0x36/0x1c0 [ 488.002022] ? lock_release+0x970/0x970 [ 488.005996] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 488.011664] ? kasan_check_write+0x14/0x20 [ 488.015895] ? do_raw_spin_lock+0xc1/0x200 [ 488.020128] ? __handle_mm_fault+0x9ab/0x53e0 [ 488.024678] ? graph_lock+0x170/0x170 [ 488.028477] ? graph_lock+0x170/0x170 [ 488.032298] ? touch_atime+0x103/0x320 [ 488.036182] ? graph_lock+0x170/0x170 [ 488.039978] ? atime_needs_update+0x710/0x710 [ 488.044471] ? graph_lock+0x170/0x170 [ 488.048344] ? graph_lock+0x170/0x170 [ 488.052149] ? find_held_lock+0x36/0x1c0 [ 488.056217] _do_fork+0x1cb/0x11d0 [ 488.059756] ? fork_idle+0x1d0/0x1d0 [ 488.063635] ? lock_downgrade+0x900/0x900 [ 488.067792] ? kasan_check_read+0x11/0x20 [ 488.071941] ? _copy_to_user+0xc8/0x110 [ 488.076046] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 488.081590] ? put_timespec64+0x10f/0x1b0 [ 488.085790] ? nsecs_to_jiffies+0x30/0x30 [ 488.089938] ? do_syscall_64+0x9a/0x820 [ 488.093914] ? do_syscall_64+0x9a/0x820 [ 488.097948] ? lockdep_hardirqs_on+0x421/0x5c0 [ 488.102553] ? trace_hardirqs_on+0xbd/0x310 [ 488.106878] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 488.112548] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 488.117920] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 488.123366] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 488.128900] __x64_sys_clone+0xbf/0x150 [ 488.132877] do_syscall_64+0x1b9/0x820 [ 488.136818] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 488.142188] ? syscall_return_slowpath+0x5e0/0x5e0 [ 488.147125] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 488.151968] ? trace_hardirqs_on_caller+0x310/0x310 [ 488.157040] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 488.162139] ? prepare_exit_to_usermode+0x291/0x3b0 [ 488.167298] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 488.172145] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 488.177340] RIP: 0033:0x455b4a [ 488.180541] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 488.199442] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 488.207150] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 488.214438] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 488.221708] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 488.229130] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 488.236775] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 488.251181] Memory limit reached of cgroup /syz5 [ 488.256234] memory: usage 204840kB, limit 204800kB, failcnt 434148 [ 488.262580] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 488.269409] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 488.275602] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 488.295351] Out of memory and no killable processes... [ 488.301863] syz-executor5 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=0, oom_score_adj=-1000 [ 488.314096] syz-executor5 cpuset=syz5 mems_allowed=0 [ 488.319389] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 488.326664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 488.336136] Call Trace: [ 488.338730] dump_stack+0x1c4/0x2b4 [ 488.342368] ? dump_stack_print_info.cold.2+0x52/0x52 [ 488.347573] dump_header+0x27b/0xf72 [ 488.351453] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 488.357248] ? kasan_check_read+0x11/0x20 [ 488.361399] ? pagefault_out_of_memory+0x197/0x197 [ 488.366334] ? rcu_read_unlock+0x33/0x60 [ 488.370393] ? mem_cgroup_iter+0x514/0x1160 [ 488.374713] ? find_held_lock+0x36/0x1c0 [ 488.378914] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 488.383668] ? mark_held_locks+0xc7/0x130 [ 488.387815] ? _raw_spin_unlock_irq+0x27/0x80 [ 488.392308] ? _raw_spin_unlock_irq+0x27/0x80 [ 488.396804] ? lockdep_hardirqs_on+0x421/0x5c0 [ 488.401383] ? trace_hardirqs_on+0xbd/0x310 [ 488.405948] ? kasan_check_read+0x11/0x20 [ 488.410097] ? css_task_iter_end+0x222/0x490 [ 488.414530] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 488.419996] ? kasan_check_write+0x14/0x20 [ 488.424383] ? do_raw_spin_lock+0xc1/0x200 [ 488.428619] ? _raw_spin_unlock_irq+0x60/0x80 [ 488.433115] ? css_task_iter_end+0x2ce/0x490 [ 488.437708] ? cgroup_procs_next+0x70/0x70 [ 488.441944] ? _raw_spin_unlock_irq+0x60/0x80 [ 488.446520] ? oom_badness+0xaa0/0xaa0 [ 488.450413] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 488.455171] ? mem_cgroup_iter_break+0x30/0x30 [ 488.459815] ? mark_held_locks+0xc7/0x130 [ 488.463969] out_of_memory.cold.30+0xf/0x184 [ 488.468375] ? lockdep_hardirqs_on+0x421/0x5c0 [ 488.472956] ? kasan_check_read+0x11/0x20 [ 488.477113] ? oom_killer_disable+0x3a0/0x3a0 [ 488.481686] ? kasan_check_write+0x14/0x20 [ 488.485923] ? do_raw_spin_lock+0xc1/0x200 [ 488.490167] mem_cgroup_out_of_memory+0x15e/0x210 [ 488.495079] ? memcg_memory_event+0x40/0x40 [ 488.499415] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 488.504269] ? page_counter_try_charge+0x1c1/0x220 [ 488.509253] try_charge+0xc43/0x1690 [ 488.513021] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 488.518570] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 488.524667] ? __lock_is_held+0xb5/0x140 [ 488.528792] ? rcu_read_lock_sched_held+0x108/0x120 [ 488.533812] ? __alloc_pages_nodemask+0xb5a/0xde0 [ 488.538654] ? graph_lock+0x170/0x170 [ 488.542456] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 488.547469] ? graph_lock+0x170/0x170 [ 488.551305] ? mark_held_locks+0xc7/0x130 [ 488.555455] ? find_held_lock+0x36/0x1c0 [ 488.559540] ? cache_grow_begin+0x5a4/0x8c0 [ 488.563867] memcg_kmem_charge_memcg+0x7c/0x120 [ 488.568546] ? memcg_kmem_put_cache+0xb0/0xb0 [ 488.573120] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 488.578681] cache_grow_begin+0x415/0x8c0 [ 488.582983] ? do_raw_spin_unlock+0xa7/0x2f0 [ 488.587448] fallback_alloc+0x203/0x2e0 [ 488.591425] ____cache_alloc_node+0x1c7/0x1e0 [ 488.595923] kmem_cache_alloc+0x1f8/0x730 [ 488.600077] anon_vma_fork+0x196/0x820 [ 488.603967] ? anon_vma_clone+0x710/0x710 [ 488.608270] ? vm_area_dup+0x1a8/0x230 [ 488.612155] ? vm_area_alloc+0x1d0/0x1d0 [ 488.616221] copy_process+0x47c7/0x8780 [ 488.620211] ? __cleanup_sighand+0x70/0x70 [ 488.624445] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 488.630152] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 488.635694] ? page_swapcount+0x1d0/0x1d0 [ 488.639839] ? try_to_wake_up+0x10a/0x12f0 [ 488.644077] ? lock_downgrade+0x900/0x900 [ 488.648225] ? lock_downgrade+0x900/0x900 [ 488.652373] ? trace_hardirqs_off+0xb8/0x310 [ 488.656777] ? kasan_check_read+0x11/0x20 [ 488.660943] ? trace_hardirqs_on+0x310/0x310 [ 488.665359] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 488.670461] ? try_to_wake_up+0x10a/0x12f0 [ 488.674720] ? print_usage_bug+0xc0/0xc0 [ 488.678783] ? migrate_swap_stop+0x930/0x930 [ 488.683200] ? __handle_mm_fault+0x9ab/0x53e0 [ 488.687694] ? graph_lock+0x170/0x170 [ 488.691517] ? print_usage_bug+0xc0/0xc0 [ 488.695591] ? __lock_acquire+0x7ec/0x4ec0 [ 488.699828] ? print_usage_bug+0xc0/0xc0 [ 488.703890] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 488.709568] ? reuse_swap_page+0x4bd/0x1520 [ 488.713888] ? swp_swapcount+0x530/0x530 [ 488.718023] ? __lock_acquire+0x7ec/0x4ec0 [ 488.722255] ? mark_held_locks+0x130/0x130 [ 488.726625] ? rcu_bh_qs+0xc0/0xc0 [ 488.730214] ? __lock_acquire+0x7ec/0x4ec0 [ 488.734450] ? mark_held_locks+0x130/0x130 [ 488.738845] ? graph_lock+0x170/0x170 [ 488.742642] ? mark_held_locks+0x130/0x130 [ 488.746971] ? check_preemption_disabled+0x48/0x200 [ 488.752134] ? check_preemption_disabled+0x48/0x200 [ 488.757156] ? find_held_lock+0x36/0x1c0 [ 488.761216] ? print_usage_bug+0xc0/0xc0 [ 488.765291] ? print_usage_bug+0xc0/0xc0 [ 488.769354] ? do_wp_page+0xa6f/0x1390 [ 488.773237] ? lock_downgrade+0x900/0x900 [ 488.777384] ? wake_up_page_bit+0x6f0/0x6f0 [ 488.781703] ? kasan_check_read+0x11/0x20 [ 488.785854] ? __lock_acquire+0x7ec/0x4ec0 [ 488.790210] ? _raw_spin_unlock+0x2c/0x50 [ 488.794415] ? mark_held_locks+0x130/0x130 [ 488.798648] ? find_held_lock+0x36/0x1c0 [ 488.802709] ? lock_release+0x970/0x970 [ 488.806685] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 488.812223] ? kasan_check_write+0x14/0x20 [ 488.816457] ? do_raw_spin_lock+0xc1/0x200 [ 488.820695] ? __handle_mm_fault+0x9ab/0x53e0 [ 488.825322] ? graph_lock+0x170/0x170 [ 488.829118] ? graph_lock+0x170/0x170 [ 488.832915] ? touch_atime+0x103/0x320 [ 488.836800] ? graph_lock+0x170/0x170 [ 488.840597] ? atime_needs_update+0x710/0x710 [ 488.845089] ? graph_lock+0x170/0x170 [ 488.848886] ? graph_lock+0x170/0x170 [ 488.852692] ? find_held_lock+0x36/0x1c0 [ 488.856758] _do_fork+0x1cb/0x11d0 [ 488.860299] ? fork_idle+0x1d0/0x1d0 [ 488.864006] ? lock_downgrade+0x900/0x900 [ 488.868160] ? kasan_check_read+0x11/0x20 [ 488.872307] ? _copy_to_user+0xc8/0x110 [ 488.876283] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 488.881819] ? put_timespec64+0x10f/0x1b0 [ 488.885966] ? nsecs_to_jiffies+0x30/0x30 [ 488.890230] ? do_syscall_64+0x9a/0x820 [ 488.894201] ? do_syscall_64+0x9a/0x820 [ 488.898172] ? lockdep_hardirqs_on+0x421/0x5c0 [ 488.902754] ? trace_hardirqs_on+0xbd/0x310 [ 488.907077] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 488.912618] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 488.917981] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 488.923483] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 488.929048] __x64_sys_clone+0xbf/0x150 [ 488.933025] do_syscall_64+0x1b9/0x820 [ 488.936910] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 488.942404] ? syscall_return_slowpath+0x5e0/0x5e0 [ 488.947330] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 488.952173] ? trace_hardirqs_on_caller+0x310/0x310 [ 488.957189] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 488.962204] ? prepare_exit_to_usermode+0x291/0x3b0 [ 488.967220] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 488.972117] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 488.977304] RIP: 0033:0x455b4a [ 488.980523] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 488.999424] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 489.007260] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 489.014542] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 489.021811] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 489.029079] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 489.036345] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 489.045024] Memory limit reached of cgroup /syz5 [ 489.051013] memory: usage 204836kB, limit 204800kB, failcnt 434160 [ 489.057516] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 489.064294] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 489.070556] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 489.090539] Out of memory and no killable processes... [ 489.097021] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 489.110117] syz-executor5 cpuset=syz5 mems_allowed=0 [ 489.115482] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 489.122836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 489.132239] Call Trace: [ 489.134827] dump_stack+0x1c4/0x2b4 [ 489.138535] ? dump_stack_print_info.cold.2+0x52/0x52 [ 489.143734] dump_header+0x27b/0xf72 [ 489.147450] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 489.153243] ? kasan_check_read+0x11/0x20 [ 489.157404] ? pagefault_out_of_memory+0x197/0x197 [ 489.162335] ? rcu_read_unlock+0x33/0x60 [ 489.166390] ? mem_cgroup_iter+0x514/0x1160 [ 489.170806] ? find_held_lock+0x36/0x1c0 [ 489.174868] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 489.179674] ? mark_held_locks+0xc7/0x130 [ 489.183824] ? _raw_spin_unlock_irq+0x27/0x80 [ 489.188314] ? _raw_spin_unlock_irq+0x27/0x80 [ 489.192807] ? lockdep_hardirqs_on+0x421/0x5c0 [ 489.197391] ? trace_hardirqs_on+0xbd/0x310 [ 489.201709] ? kasan_check_read+0x11/0x20 [ 489.205857] ? css_task_iter_end+0x222/0x490 [ 489.210266] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 489.215714] ? kasan_check_write+0x14/0x20 [ 489.219944] ? do_raw_spin_lock+0xc1/0x200 [ 489.224177] ? _raw_spin_unlock_irq+0x60/0x80 [ 489.228755] ? css_task_iter_end+0x2ce/0x490 [ 489.233164] ? cgroup_procs_next+0x70/0x70 [ 489.237395] ? _raw_spin_unlock_irq+0x60/0x80 [ 489.241888] ? oom_badness+0xaa0/0xaa0 [ 489.245776] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 489.250543] ? mem_cgroup_iter_break+0x30/0x30 [ 489.255186] ? mark_held_locks+0xc7/0x130 [ 489.259391] out_of_memory.cold.30+0xf/0x184 [ 489.263884] ? lockdep_hardirqs_on+0x421/0x5c0 [ 489.268467] ? kasan_check_read+0x11/0x20 [ 489.272643] ? oom_killer_disable+0x3a0/0x3a0 [ 489.277139] ? kasan_check_write+0x14/0x20 [ 489.281372] ? do_raw_spin_lock+0xc1/0x200 [ 489.285667] mem_cgroup_out_of_memory+0x15e/0x210 [ 489.290539] ? memcg_memory_event+0x40/0x40 [ 489.294861] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 489.299711] ? page_counter_try_charge+0x1c1/0x220 [ 489.304649] try_charge+0xc43/0x1690 [ 489.308365] ? lock_downgrade+0x900/0x900 [ 489.312535] ? check_preemption_disabled+0x48/0x200 [ 489.317839] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 489.324009] ? find_held_lock+0x36/0x1c0 [ 489.328227] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 489.333069] ? lock_downgrade+0x900/0x900 [ 489.337214] ? check_preemption_disabled+0x48/0x200 [ 489.342234] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 489.348027] ? kasan_check_read+0x11/0x20 [ 489.352176] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 489.357450] ? rcu_bh_qs+0xc0/0xc0 [ 489.360991] ? get_mem_cgroup_from_mm+0x206/0x440 [ 489.365886] memcg_kmem_charge_memcg+0x7c/0x120 [ 489.370556] ? memcg_kmem_put_cache+0xb0/0xb0 [ 489.375087] ? vprintk_func+0x85/0x181 [ 489.378987] memcg_kmem_charge+0x135/0x300 [ 489.383221] __alloc_pages_nodemask+0x72e/0xde0 [ 489.387892] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 489.392976] ? percpu_ref_get_many+0x121/0x240 [ 489.397666] ? print_usage_bug+0xc0/0xc0 [ 489.401733] ? find_held_lock+0x36/0x1c0 [ 489.405796] ? print_usage_bug+0xc0/0xc0 [ 489.409855] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 489.415390] alloc_pages_current+0x10c/0x210 [ 489.419801] get_zeroed_page+0x14/0x50 [ 489.423690] __pud_alloc+0x3b/0x240 [ 489.427313] pud_alloc+0xe1/0x150 [ 489.430766] copy_page_range+0x439/0x26b0 [ 489.434965] ? rb_insert_color_cached+0x14b0/0x14b0 [ 489.440095] ? mark_held_locks+0x130/0x130 [ 489.444334] ? pmd_alloc+0x180/0x180 [ 489.448044] ? graph_lock+0x170/0x170 [ 489.451843] ? kasan_slab_alloc+0x12/0x20 [ 489.455986] ? kmem_cache_alloc+0x12e/0x730 [ 489.460306] ? graph_lock+0x170/0x170 [ 489.464100] ? __x64_sys_clone+0xbf/0x150 [ 489.468244] ? do_syscall_64+0x1b9/0x820 [ 489.472302] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 489.477667] ? find_held_lock+0x36/0x1c0 [ 489.481727] ? graph_lock+0x170/0x170 [ 489.485552] ? graph_lock+0x170/0x170 [ 489.489351] ? lock_downgrade+0x900/0x900 [ 489.493525] ? lock_release+0x970/0x970 [ 489.497523] ? find_held_lock+0x36/0x1c0 [ 489.501593] ? copy_process+0x454b/0x8780 [ 489.505737] ? lock_downgrade+0x900/0x900 [ 489.509896] ? lock_release+0x970/0x970 [ 489.513870] ? arch_local_save_flags+0x40/0x40 [ 489.518455] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 489.523587] ? vma_compute_subtree_gap+0x160/0x240 [ 489.528537] ? validate_mm_rb+0xaa/0xc0 [ 489.532650] ? __vma_link_rb+0x26c/0x370 [ 489.536710] copy_process+0x4721/0x8780 [ 489.540701] ? __cleanup_sighand+0x70/0x70 [ 489.544990] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 489.550548] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 489.556241] ? page_swapcount+0x1d0/0x1d0 [ 489.560383] ? try_to_wake_up+0x10a/0x12f0 [ 489.564680] ? lock_downgrade+0x900/0x900 [ 489.568913] ? lock_downgrade+0x900/0x900 [ 489.573065] ? trace_hardirqs_off+0xb8/0x310 [ 489.577565] ? kasan_check_read+0x11/0x20 [ 489.581775] ? trace_hardirqs_on+0x310/0x310 [ 489.586190] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 489.591343] ? try_to_wake_up+0x10a/0x12f0 [ 489.595592] ? print_usage_bug+0xc0/0xc0 [ 489.599667] ? migrate_swap_stop+0x930/0x930 [ 489.604574] ? __handle_mm_fault+0x9ab/0x53e0 [ 489.609077] ? graph_lock+0x170/0x170 [ 489.612874] ? print_usage_bug+0xc0/0xc0 [ 489.616938] ? __lock_acquire+0x7ec/0x4ec0 [ 489.621177] ? print_usage_bug+0xc0/0xc0 [ 489.625240] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 489.630775] ? reuse_swap_page+0x4bd/0x1520 [ 489.635150] ? swp_swapcount+0x530/0x530 [ 489.639223] ? __lock_acquire+0x7ec/0x4ec0 [ 489.643476] ? mark_held_locks+0x130/0x130 [ 489.647735] ? rcu_bh_qs+0xc0/0xc0 [ 489.651275] ? __lock_acquire+0x7ec/0x4ec0 [ 489.655742] ? mark_held_locks+0x130/0x130 [ 489.659975] ? graph_lock+0x170/0x170 [ 489.663773] ? mark_held_locks+0x130/0x130 [ 489.668014] ? check_preemption_disabled+0x48/0x200 [ 489.673024] ? check_preemption_disabled+0x48/0x200 [ 489.678043] ? find_held_lock+0x36/0x1c0 [ 489.682106] ? print_usage_bug+0xc0/0xc0 [ 489.686305] ? print_usage_bug+0xc0/0xc0 [ 489.690365] ? do_wp_page+0xa6f/0x1390 [ 489.694247] ? lock_downgrade+0x900/0x900 [ 489.698393] ? wake_up_page_bit+0x6f0/0x6f0 [ 489.702831] ? kasan_check_read+0x11/0x20 [ 489.706995] ? __lock_acquire+0x7ec/0x4ec0 [ 489.711282] ? _raw_spin_unlock+0x2c/0x50 [ 489.715593] ? mark_held_locks+0x130/0x130 [ 489.719878] ? find_held_lock+0x36/0x1c0 [ 489.723938] ? lock_release+0x970/0x970 [ 489.727969] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 489.733576] ? kasan_check_write+0x14/0x20 [ 489.737813] ? do_raw_spin_lock+0xc1/0x200 [ 489.742049] ? __handle_mm_fault+0x9ab/0x53e0 [ 489.746551] ? graph_lock+0x170/0x170 [ 489.750348] ? graph_lock+0x170/0x170 [ 489.754201] ? touch_atime+0x103/0x320 [ 489.758088] ? graph_lock+0x170/0x170 [ 489.761896] ? atime_needs_update+0x710/0x710 [ 489.766388] ? graph_lock+0x170/0x170 [ 489.770192] ? graph_lock+0x170/0x170 [ 489.774055] ? find_held_lock+0x36/0x1c0 [ 489.778134] _do_fork+0x1cb/0x11d0 [ 489.781679] ? fork_idle+0x1d0/0x1d0 [ 489.785392] ? lock_downgrade+0x900/0x900 [ 489.789555] ? kasan_check_read+0x11/0x20 [ 489.793705] ? _copy_to_user+0xc8/0x110 [ 489.797684] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 489.803345] ? put_timespec64+0x10f/0x1b0 [ 489.807519] ? nsecs_to_jiffies+0x30/0x30 [ 489.811670] ? do_syscall_64+0x9a/0x820 [ 489.815700] ? do_syscall_64+0x9a/0x820 [ 489.819678] ? lockdep_hardirqs_on+0x421/0x5c0 [ 489.824313] ? trace_hardirqs_on+0xbd/0x310 [ 489.828636] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 489.834286] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 489.839711] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 489.845161] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 489.850698] __x64_sys_clone+0xbf/0x150 [ 489.854673] do_syscall_64+0x1b9/0x820 [ 489.858565] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 489.863932] ? syscall_return_slowpath+0x5e0/0x5e0 [ 489.868863] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 489.873707] ? trace_hardirqs_on_caller+0x310/0x310 [ 489.878728] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 489.883797] ? prepare_exit_to_usermode+0x291/0x3b0 [ 489.888824] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 489.893713] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 489.898922] RIP: 0033:0x455b4a [ 489.902160] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 489.921059] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 489.928772] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 489.936029] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 489.943297] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 489.950560] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 489.957828] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 489.966817] Memory limit reached of cgroup /syz5 [ 489.971628] memory: usage 204840kB, limit 204800kB, failcnt 434168 [ 489.978050] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 489.984863] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 489.990993] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 490.010781] Out of memory and no killable processes... [ 490.017222] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 490.030150] syz-executor5 cpuset=syz5 mems_allowed=0 [ 490.035394] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 490.042659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 490.052000] Call Trace: [ 490.054587] dump_stack+0x1c4/0x2b4 [ 490.058202] ? dump_stack_print_info.cold.2+0x52/0x52 [ 490.063380] dump_header+0x27b/0xf72 [ 490.067095] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 490.072891] ? kasan_check_read+0x11/0x20 [ 490.077028] ? pagefault_out_of_memory+0x197/0x197 [ 490.081945] ? rcu_read_unlock+0x33/0x60 [ 490.085993] ? mem_cgroup_iter+0x514/0x1160 [ 490.090334] ? find_held_lock+0x36/0x1c0 [ 490.094407] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 490.099176] ? mark_held_locks+0xc7/0x130 [ 490.103315] ? _raw_spin_unlock_irq+0x27/0x80 [ 490.107799] ? _raw_spin_unlock_irq+0x27/0x80 [ 490.112283] ? lockdep_hardirqs_on+0x421/0x5c0 [ 490.116854] ? trace_hardirqs_on+0xbd/0x310 [ 490.121162] ? kasan_check_read+0x11/0x20 [ 490.125304] ? css_task_iter_end+0x222/0x490 [ 490.129733] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 490.135177] ? kasan_check_write+0x14/0x20 [ 490.139405] ? do_raw_spin_lock+0xc1/0x200 [ 490.143642] ? _raw_spin_unlock_irq+0x60/0x80 [ 490.148131] ? css_task_iter_end+0x2ce/0x490 [ 490.152569] ? cgroup_procs_next+0x70/0x70 [ 490.156833] ? _raw_spin_unlock_irq+0x60/0x80 [ 490.161336] ? oom_badness+0xaa0/0xaa0 [ 490.165250] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 490.170040] ? mem_cgroup_iter_break+0x30/0x30 [ 490.174636] ? mark_held_locks+0xc7/0x130 [ 490.178779] out_of_memory.cold.30+0xf/0x184 [ 490.183220] ? lockdep_hardirqs_on+0x421/0x5c0 [ 490.187809] ? kasan_check_read+0x11/0x20 [ 490.191995] ? oom_killer_disable+0x3a0/0x3a0 [ 490.196508] ? kasan_check_write+0x14/0x20 [ 490.200741] ? do_raw_spin_lock+0xc1/0x200 [ 490.204985] mem_cgroup_out_of_memory+0x15e/0x210 [ 490.209868] ? memcg_memory_event+0x40/0x40 [ 490.214186] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 490.219125] ? page_counter_try_charge+0x1c1/0x220 [ 490.224053] try_charge+0xc43/0x1690 [ 490.227785] ? lock_downgrade+0x900/0x900 [ 490.231935] ? check_preemption_disabled+0x48/0x200 [ 490.236955] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 490.243012] ? find_held_lock+0x36/0x1c0 [ 490.247082] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 490.251926] ? lock_downgrade+0x900/0x900 [ 490.256077] ? check_preemption_disabled+0x48/0x200 [ 490.261097] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 490.266896] ? kasan_check_read+0x11/0x20 [ 490.271053] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 490.276474] ? rcu_bh_qs+0xc0/0xc0 [ 490.280050] ? get_mem_cgroup_from_mm+0x206/0x440 [ 490.284907] memcg_kmem_charge_memcg+0x7c/0x120 [ 490.289691] ? memcg_kmem_put_cache+0xb0/0xb0 [ 490.294188] ? __lock_is_held+0xb5/0x140 [ 490.298253] memcg_kmem_charge+0x135/0x300 [ 490.302525] __alloc_pages_nodemask+0x72e/0xde0 [ 490.307405] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 490.312430] ? lock_downgrade+0x900/0x900 [ 490.316828] ? kasan_check_read+0x11/0x20 [ 490.321037] ? do_raw_spin_unlock+0xa7/0x2f0 [ 490.325456] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 490.330039] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 490.335584] alloc_pages_current+0x10c/0x210 [ 490.339997] __pmd_alloc+0x3e/0x450 [ 490.343688] ? __pmd+0x60/0x60 [ 490.346884] pmd_alloc+0x10f/0x180 [ 490.350427] copy_page_range+0x6cf/0x26b0 [ 490.354765] ? rb_insert_color_cached+0x14b0/0x14b0 [ 490.359803] ? mark_held_locks+0x130/0x130 [ 490.364164] ? pmd_alloc+0x180/0x180 [ 490.368002] ? graph_lock+0x170/0x170 [ 490.371858] ? kasan_slab_alloc+0x12/0x20 [ 490.376015] ? kmem_cache_alloc+0x12e/0x730 [ 490.380344] ? graph_lock+0x170/0x170 [ 490.384248] ? __x64_sys_clone+0xbf/0x150 [ 490.388558] ? do_syscall_64+0x1b9/0x820 [ 490.392621] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 490.398000] ? find_held_lock+0x36/0x1c0 [ 490.402065] ? graph_lock+0x170/0x170 [ 490.405978] ? graph_lock+0x170/0x170 [ 490.409778] ? lock_downgrade+0x900/0x900 [ 490.413924] ? lock_release+0x970/0x970 [ 490.417899] ? find_held_lock+0x36/0x1c0 [ 490.421985] ? copy_process+0x454b/0x8780 [ 490.426136] ? lock_downgrade+0x900/0x900 [ 490.430285] ? lock_release+0x970/0x970 [ 490.434255] ? arch_local_save_flags+0x40/0x40 [ 490.438845] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 490.443860] ? vma_compute_subtree_gap+0x160/0x240 [ 490.448792] ? validate_mm_rb+0xaa/0xc0 [ 490.452890] ? __vma_link_rb+0x26c/0x370 [ 490.456956] copy_process+0x4721/0x8780 [ 490.461071] ? __cleanup_sighand+0x70/0x70 [ 490.465312] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 490.470850] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 490.476398] ? page_swapcount+0x1d0/0x1d0 [ 490.480560] ? try_to_wake_up+0x10a/0x12f0 [ 490.484808] ? lock_downgrade+0x900/0x900 [ 490.488970] ? lock_downgrade+0x900/0x900 [ 490.493257] ? trace_hardirqs_off+0xb8/0x310 [ 490.497664] ? kasan_check_read+0x11/0x20 [ 490.501976] ? trace_hardirqs_on+0x310/0x310 [ 490.506456] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 490.511566] ? try_to_wake_up+0x10a/0x12f0 [ 490.515805] ? print_usage_bug+0xc0/0xc0 [ 490.519868] ? migrate_swap_stop+0x930/0x930 [ 490.524277] ? __handle_mm_fault+0x9ab/0x53e0 [ 490.528832] ? graph_lock+0x170/0x170 [ 490.532631] ? print_usage_bug+0xc0/0xc0 [ 490.536698] ? __lock_acquire+0x7ec/0x4ec0 [ 490.540932] ? print_usage_bug+0xc0/0xc0 [ 490.544994] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 490.550575] ? reuse_swap_page+0x4bd/0x1520 [ 490.554962] ? swp_swapcount+0x530/0x530 [ 490.559099] ? __lock_acquire+0x7ec/0x4ec0 [ 490.563330] ? mark_held_locks+0x130/0x130 [ 490.567725] ? rcu_bh_qs+0xc0/0xc0 [ 490.571265] ? __lock_acquire+0x7ec/0x4ec0 [ 490.575531] ? mark_held_locks+0x130/0x130 [ 490.579771] ? graph_lock+0x170/0x170 [ 490.583635] ? mark_held_locks+0x130/0x130 [ 490.587934] ? check_preemption_disabled+0x48/0x200 [ 490.592949] ? check_preemption_disabled+0x48/0x200 [ 490.597970] ? find_held_lock+0x36/0x1c0 [ 490.602108] ? print_usage_bug+0xc0/0xc0 [ 490.606175] ? print_usage_bug+0xc0/0xc0 [ 490.610239] ? do_wp_page+0xa6f/0x1390 [ 490.614132] ? lock_downgrade+0x900/0x900 [ 490.618574] ? wake_up_page_bit+0x6f0/0x6f0 [ 490.623050] ? kasan_check_read+0x11/0x20 [ 490.627279] ? __lock_acquire+0x7ec/0x4ec0 [ 490.631542] ? _raw_spin_unlock+0x2c/0x50 [ 490.635698] ? mark_held_locks+0x130/0x130 [ 490.639931] ? find_held_lock+0x36/0x1c0 [ 490.643995] ? lock_release+0x970/0x970 [ 490.647978] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 490.653542] ? kasan_check_write+0x14/0x20 [ 490.657784] ? do_raw_spin_lock+0xc1/0x200 [ 490.662041] ? __handle_mm_fault+0x9ab/0x53e0 [ 490.666561] ? graph_lock+0x170/0x170 [ 490.670360] ? graph_lock+0x170/0x170 [ 490.674157] ? touch_atime+0x103/0x320 [ 490.678045] ? graph_lock+0x170/0x170 [ 490.681905] ? atime_needs_update+0x710/0x710 [ 490.686400] ? graph_lock+0x170/0x170 [ 490.690198] ? graph_lock+0x170/0x170 [ 490.694000] ? find_held_lock+0x36/0x1c0 [ 490.698073] _do_fork+0x1cb/0x11d0 [ 490.701620] ? fork_idle+0x1d0/0x1d0 [ 490.705333] ? lock_downgrade+0x900/0x900 [ 490.709516] ? kasan_check_read+0x11/0x20 [ 490.713730] ? _copy_to_user+0xc8/0x110 [ 490.717709] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 490.723365] ? put_timespec64+0x10f/0x1b0 [ 490.727539] ? nsecs_to_jiffies+0x30/0x30 [ 490.731692] ? do_syscall_64+0x9a/0x820 [ 490.735873] ? do_syscall_64+0x9a/0x820 [ 490.740033] ? lockdep_hardirqs_on+0x421/0x5c0 [ 490.744683] ? trace_hardirqs_on+0xbd/0x310 [ 490.749007] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 490.754550] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 490.759916] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 490.765365] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 490.770966] __x64_sys_clone+0xbf/0x150 [ 490.774948] do_syscall_64+0x1b9/0x820 [ 490.778834] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 490.784196] ? syscall_return_slowpath+0x5e0/0x5e0 [ 490.789126] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 490.793970] ? trace_hardirqs_on_caller+0x310/0x310 [ 490.799111] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 490.804423] ? prepare_exit_to_usermode+0x291/0x3b0 [ 490.809443] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 490.814287] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 490.819475] RIP: 0033:0x455b4a [ 490.822696] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 490.841774] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 490.849481] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 490.856779] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 490.864046] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 490.871375] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 490.878645] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 490.890279] Memory limit reached of cgroup /syz5 [ 490.895179] memory: usage 204840kB, limit 204800kB, failcnt 434176 [ 490.901539] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 490.908376] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 490.915048] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 490.934857] Out of memory and no killable processes... [ 490.941350] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 490.954376] syz-executor5 cpuset=syz5 mems_allowed=0 [ 490.959641] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 490.967158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 490.976694] Call Trace: [ 490.979288] dump_stack+0x1c4/0x2b4 [ 490.982916] ? dump_stack_print_info.cold.2+0x52/0x52 [ 490.988116] dump_header+0x27b/0xf72 [ 490.991836] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 490.997741] ? kasan_check_read+0x11/0x20 [ 491.001889] ? pagefault_out_of_memory+0x197/0x197 [ 491.006823] ? rcu_read_unlock+0x33/0x60 [ 491.010886] ? mem_cgroup_iter+0x514/0x1160 [ 491.015322] ? find_held_lock+0x36/0x1c0 [ 491.019389] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 491.024340] ? mark_held_locks+0xc7/0x130 [ 491.028541] ? _raw_spin_unlock_irq+0x27/0x80 [ 491.033280] ? _raw_spin_unlock_irq+0x27/0x80 [ 491.037778] ? lockdep_hardirqs_on+0x421/0x5c0 [ 491.042578] ? trace_hardirqs_on+0xbd/0x310 [ 491.047128] ? kasan_check_read+0x11/0x20 [ 491.051299] ? css_task_iter_end+0x222/0x490 [ 491.055775] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 491.061388] ? kasan_check_write+0x14/0x20 [ 491.065625] ? do_raw_spin_lock+0xc1/0x200 [ 491.069864] ? _raw_spin_unlock_irq+0x60/0x80 [ 491.074360] ? css_task_iter_end+0x2ce/0x490 [ 491.078774] ? cgroup_procs_next+0x70/0x70 [ 491.083129] ? _raw_spin_unlock_irq+0x60/0x80 [ 491.087628] ? oom_badness+0xaa0/0xaa0 [ 491.091543] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 491.096412] ? mem_cgroup_iter_break+0x30/0x30 [ 491.101003] ? mark_held_locks+0xc7/0x130 [ 491.105215] out_of_memory.cold.30+0xf/0x184 [ 491.109621] ? lockdep_hardirqs_on+0x421/0x5c0 [ 491.114202] ? kasan_check_read+0x11/0x20 [ 491.118523] ? oom_killer_disable+0x3a0/0x3a0 [ 491.123094] ? kasan_check_write+0x14/0x20 [ 491.127330] ? do_raw_spin_lock+0xc1/0x200 [ 491.131573] mem_cgroup_out_of_memory+0x15e/0x210 [ 491.136476] ? memcg_memory_event+0x40/0x40 [ 491.140827] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 491.145735] ? page_counter_try_charge+0x1c1/0x220 [ 491.150666] try_charge+0xc43/0x1690 [ 491.154445] ? lock_downgrade+0x900/0x900 [ 491.158617] ? check_preemption_disabled+0x48/0x200 [ 491.163644] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 491.169708] ? find_held_lock+0x36/0x1c0 [ 491.173778] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 491.178728] ? lock_downgrade+0x900/0x900 [ 491.182880] ? check_preemption_disabled+0x48/0x200 [ 491.187901] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 491.193698] ? kasan_check_read+0x11/0x20 [ 491.197968] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 491.203244] ? rcu_bh_qs+0xc0/0xc0 [ 491.206790] ? get_mem_cgroup_from_mm+0x206/0x440 [ 491.211696] memcg_kmem_charge_memcg+0x7c/0x120 [ 491.216370] ? memcg_kmem_put_cache+0xb0/0xb0 [ 491.220860] ? kasan_kmalloc+0xc7/0xe0 [ 491.224749] ? kmem_cache_alloc+0x12e/0x730 [ 491.229088] ? __pmd_alloc+0xc2/0x450 [ 491.232959] ? copy_page_range+0x6cf/0x26b0 [ 491.237286] memcg_kmem_charge+0x135/0x300 [ 491.241647] __alloc_pages_nodemask+0x72e/0xde0 [ 491.246379] ? find_held_lock+0x36/0x1c0 [ 491.250526] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 491.255798] ? find_held_lock+0x36/0x1c0 [ 491.259862] ? lock_downgrade+0x900/0x900 [ 491.264007] ? __lock_is_held+0xb5/0x140 [ 491.268074] ? kasan_check_read+0x11/0x20 [ 491.272224] ? do_raw_spin_unlock+0xa7/0x2f0 [ 491.276698] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 491.281285] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 491.286997] alloc_pages_current+0x10c/0x210 [ 491.291410] pte_alloc_one+0x1b/0x1a0 [ 491.295292] __pte_alloc+0x2a/0x350 [ 491.299131] copy_page_range+0x18c5/0x26b0 [ 491.303369] ? rb_insert_color_cached+0x14b0/0x14b0 [ 491.308544] ? pmd_alloc+0x180/0x180 [ 491.312263] ? graph_lock+0x170/0x170 [ 491.316207] ? kasan_slab_alloc+0x12/0x20 [ 491.320354] ? kmem_cache_alloc+0x12e/0x730 [ 491.324674] ? graph_lock+0x170/0x170 [ 491.328756] ? __x64_sys_clone+0xbf/0x150 [ 491.332904] ? do_syscall_64+0x1b9/0x820 [ 491.336965] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 491.342465] ? find_held_lock+0x36/0x1c0 [ 491.346566] ? graph_lock+0x170/0x170 [ 491.350367] ? graph_lock+0x170/0x170 [ 491.354226] ? lock_downgrade+0x900/0x900 [ 491.358378] ? lock_release+0x970/0x970 [ 491.362545] ? find_held_lock+0x36/0x1c0 [ 491.366791] ? copy_process+0x454b/0x8780 [ 491.371071] ? lock_downgrade+0x900/0x900 [ 491.375224] ? lock_release+0x970/0x970 [ 491.379255] ? arch_local_save_flags+0x40/0x40 [ 491.383843] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 491.388859] ? vma_compute_subtree_gap+0x160/0x240 [ 491.393789] ? validate_mm_rb+0xaa/0xc0 [ 491.397769] ? __vma_link_rb+0x26c/0x370 [ 491.401893] copy_process+0x4721/0x8780 [ 491.405884] ? __cleanup_sighand+0x70/0x70 [ 491.410122] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 491.415660] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 491.421200] ? page_swapcount+0x1d0/0x1d0 [ 491.425348] ? try_to_wake_up+0x10a/0x12f0 [ 491.429592] ? lock_downgrade+0x900/0x900 [ 491.433736] ? lock_downgrade+0x900/0x900 [ 491.437887] ? trace_hardirqs_off+0xb8/0x310 [ 491.442466] ? kasan_check_read+0x11/0x20 [ 491.446643] ? trace_hardirqs_on+0x310/0x310 [ 491.451070] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 491.456375] ? try_to_wake_up+0x10a/0x12f0 [ 491.460617] ? print_usage_bug+0xc0/0xc0 [ 491.464676] ? migrate_swap_stop+0x930/0x930 [ 491.469091] ? __handle_mm_fault+0x9ab/0x53e0 [ 491.473647] ? graph_lock+0x170/0x170 [ 491.477449] ? print_usage_bug+0xc0/0xc0 [ 491.481540] ? __lock_acquire+0x7ec/0x4ec0 [ 491.485783] ? print_usage_bug+0xc0/0xc0 [ 491.489906] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 491.495444] ? reuse_swap_page+0x4bd/0x1520 [ 491.499765] ? swp_swapcount+0x530/0x530 [ 491.503833] ? __lock_acquire+0x7ec/0x4ec0 [ 491.508072] ? mark_held_locks+0x130/0x130 [ 491.512369] ? rcu_bh_qs+0xc0/0xc0 [ 491.515912] ? __lock_acquire+0x7ec/0x4ec0 [ 491.520153] ? mark_held_locks+0x130/0x130 [ 491.524532] ? graph_lock+0x170/0x170 [ 491.528336] ? mark_held_locks+0x130/0x130 [ 491.532582] ? check_preemption_disabled+0x48/0x200 [ 491.537598] ? check_preemption_disabled+0x48/0x200 [ 491.542617] ? find_held_lock+0x36/0x1c0 [ 491.546681] ? print_usage_bug+0xc0/0xc0 [ 491.550741] ? print_usage_bug+0xc0/0xc0 [ 491.555090] ? do_wp_page+0xa6f/0x1390 [ 491.559245] ? lock_downgrade+0x900/0x900 [ 491.563549] ? wake_up_page_bit+0x6f0/0x6f0 [ 491.567964] ? kasan_check_read+0x11/0x20 [ 491.572119] ? __lock_acquire+0x7ec/0x4ec0 [ 491.576480] ? _raw_spin_unlock+0x2c/0x50 [ 491.580730] ? mark_held_locks+0x130/0x130 [ 491.584965] ? find_held_lock+0x36/0x1c0 [ 491.589027] ? lock_release+0x970/0x970 [ 491.593019] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 491.598563] ? kasan_check_write+0x14/0x20 [ 491.602798] ? do_raw_spin_lock+0xc1/0x200 [ 491.607467] ? __handle_mm_fault+0x9ab/0x53e0 [ 491.612067] ? graph_lock+0x170/0x170 [ 491.615866] ? graph_lock+0x170/0x170 [ 491.619727] ? touch_atime+0x103/0x320 [ 491.623617] ? graph_lock+0x170/0x170 [ 491.627416] ? atime_needs_update+0x710/0x710 [ 491.631913] ? graph_lock+0x170/0x170 [ 491.635713] ? graph_lock+0x170/0x170 [ 491.639544] ? find_held_lock+0x36/0x1c0 [ 491.643733] _do_fork+0x1cb/0x11d0 [ 491.647385] ? fork_idle+0x1d0/0x1d0 [ 491.651165] ? lock_downgrade+0x900/0x900 [ 491.655432] ? kasan_check_read+0x11/0x20 [ 491.659592] ? _copy_to_user+0xc8/0x110 [ 491.663641] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 491.669181] ? put_timespec64+0x10f/0x1b0 [ 491.673328] ? nsecs_to_jiffies+0x30/0x30 [ 491.677569] ? do_syscall_64+0x9a/0x820 [ 491.681556] ? do_syscall_64+0x9a/0x820 [ 491.685559] ? lockdep_hardirqs_on+0x421/0x5c0 [ 491.690144] ? trace_hardirqs_on+0xbd/0x310 [ 491.694466] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 491.700037] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 491.705415] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 491.710868] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 491.716704] __x64_sys_clone+0xbf/0x150 [ 491.720689] do_syscall_64+0x1b9/0x820 [ 491.724578] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 491.729945] ? syscall_return_slowpath+0x5e0/0x5e0 [ 491.734884] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 491.739731] ? trace_hardirqs_on_caller+0x310/0x310 [ 491.744753] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 491.749785] ? prepare_exit_to_usermode+0x291/0x3b0 [ 491.754821] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 491.759686] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 491.764879] RIP: 0033:0x455b4a [ 491.768077] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 491.787076] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 491.794900] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 491.802329] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 491.809821] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 491.817212] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 491.824607] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 491.833674] Memory limit reached of cgroup /syz5 [ 491.838656] memory: usage 204836kB, limit 204800kB, failcnt 434184 [ 491.845114] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 491.851914] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 491.858239] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 491.879173] Out of memory and no killable processes... [ 491.886242] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 491.899161] syz-executor5 cpuset=syz5 mems_allowed=0 [ 491.904369] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 491.911726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 491.921079] Call Trace: [ 491.923679] dump_stack+0x1c4/0x2b4 [ 491.927311] ? dump_stack_print_info.cold.2+0x52/0x52 [ 491.932643] dump_header+0x27b/0xf72 [ 491.936372] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 491.942180] ? kasan_check_read+0x11/0x20 [ 491.946340] ? pagefault_out_of_memory+0x197/0x197 [ 491.951278] ? rcu_read_unlock+0x33/0x60 [ 491.955339] ? mem_cgroup_iter+0x514/0x1160 [ 491.959662] ? find_held_lock+0x36/0x1c0 [ 491.963797] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 491.968563] ? mark_held_locks+0xc7/0x130 [ 491.972718] ? _raw_spin_unlock_irq+0x27/0x80 [ 491.977214] ? _raw_spin_unlock_irq+0x27/0x80 [ 491.981709] ? lockdep_hardirqs_on+0x421/0x5c0 [ 491.986291] ? trace_hardirqs_on+0xbd/0x310 [ 491.990693] ? kasan_check_read+0x11/0x20 [ 491.995038] ? css_task_iter_end+0x222/0x490 [ 491.999454] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 492.005017] ? kasan_check_write+0x14/0x20 [ 492.009254] ? do_raw_spin_lock+0xc1/0x200 [ 492.013515] ? _raw_spin_unlock_irq+0x60/0x80 [ 492.018085] ? css_task_iter_end+0x2ce/0x490 [ 492.022527] ? cgroup_procs_next+0x70/0x70 [ 492.026764] ? _raw_spin_unlock_irq+0x60/0x80 [ 492.031261] ? oom_badness+0xaa0/0xaa0 [ 492.035150] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 492.039906] ? mem_cgroup_iter_break+0x30/0x30 [ 492.044524] ? mark_held_locks+0xc7/0x130 [ 492.048824] out_of_memory.cold.30+0xf/0x184 [ 492.053252] ? lockdep_hardirqs_on+0x421/0x5c0 [ 492.057838] ? kasan_check_read+0x11/0x20 [ 492.061998] ? oom_killer_disable+0x3a0/0x3a0 [ 492.066530] ? kasan_check_write+0x14/0x20 [ 492.070768] ? do_raw_spin_lock+0xc1/0x200 [ 492.075012] mem_cgroup_out_of_memory+0x15e/0x210 [ 492.079853] ? memcg_memory_event+0x40/0x40 [ 492.084323] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 492.089307] ? page_counter_try_charge+0x1c1/0x220 [ 492.094350] try_charge+0xc43/0x1690 [ 492.098137] ? lock_downgrade+0x900/0x900 [ 492.102285] ? check_preemption_disabled+0x48/0x200 [ 492.107306] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 492.113366] ? find_held_lock+0x36/0x1c0 [ 492.117429] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 492.122270] ? lock_downgrade+0x900/0x900 [ 492.126415] ? check_preemption_disabled+0x48/0x200 [ 492.131531] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 492.137341] ? kasan_check_read+0x11/0x20 [ 492.141523] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 492.146803] ? rcu_bh_qs+0xc0/0xc0 [ 492.150349] ? get_mem_cgroup_from_mm+0x206/0x440 [ 492.155197] memcg_kmem_charge_memcg+0x7c/0x120 [ 492.159864] ? memcg_kmem_put_cache+0xb0/0xb0 [ 492.164432] ? print_usage_bug+0xc0/0xc0 [ 492.168525] memcg_kmem_charge+0x135/0x300 [ 492.172765] __alloc_pages_nodemask+0x72e/0xde0 [ 492.177432] ? __lock_acquire+0x7ec/0x4ec0 [ 492.181672] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 492.186685] ? print_usage_bug+0xc0/0xc0 [ 492.190754] ? find_held_lock+0x36/0x1c0 [ 492.194962] ? __lock_acquire+0x7ec/0x4ec0 [ 492.199194] ? is_bpf_text_address+0xac/0x170 [ 492.203688] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 492.209227] alloc_pages_current+0x10c/0x210 [ 492.213938] pte_alloc_one+0x1b/0x1a0 [ 492.217867] __pte_alloc+0x2a/0x350 [ 492.221595] copy_page_range+0x18c5/0x26b0 [ 492.225831] ? rb_insert_color_cached+0x14b0/0x14b0 [ 492.230858] ? pmd_alloc+0x180/0x180 [ 492.234574] ? graph_lock+0x170/0x170 [ 492.238376] ? kasan_slab_alloc+0x12/0x20 [ 492.242546] ? kmem_cache_alloc+0x12e/0x730 [ 492.246866] ? graph_lock+0x170/0x170 [ 492.250666] ? __x64_sys_clone+0xbf/0x150 [ 492.254812] ? do_syscall_64+0x1b9/0x820 [ 492.258874] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 492.264452] ? find_held_lock+0x36/0x1c0 [ 492.268547] ? anon_vma_fork+0x5ef/0x820 [ 492.272742] ? lock_downgrade+0x900/0x900 [ 492.276891] ? lock_release+0x970/0x970 [ 492.280883] ? arch_local_save_flags+0x40/0x40 [ 492.285466] ? __lock_is_held+0xb5/0x140 [ 492.289625] ? up_write+0x7b/0x220 [ 492.293224] ? up_read+0x110/0x110 [ 492.296772] ? anon_vma_interval_tree_insert+0x2c9/0x370 [ 492.302350] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 492.307529] ? vma_compute_subtree_gap+0x160/0x240 [ 492.312582] ? validate_mm_rb+0xaa/0xc0 [ 492.316593] ? __vma_link_rb+0x26c/0x370 [ 492.320665] copy_process+0x4721/0x8780 [ 492.324713] ? __cleanup_sighand+0x70/0x70 [ 492.328955] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 492.334524] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 492.340077] ? page_swapcount+0x1d0/0x1d0 [ 492.344225] ? try_to_wake_up+0x10a/0x12f0 [ 492.348457] ? lock_downgrade+0x900/0x900 [ 492.352604] ? lock_downgrade+0x900/0x900 [ 492.356764] ? trace_hardirqs_off+0xb8/0x310 [ 492.361170] ? kasan_check_read+0x11/0x20 [ 492.365454] ? trace_hardirqs_on+0x310/0x310 [ 492.369866] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 492.375122] ? try_to_wake_up+0x10a/0x12f0 [ 492.379358] ? print_usage_bug+0xc0/0xc0 [ 492.383620] ? migrate_swap_stop+0x930/0x930 [ 492.388035] ? __handle_mm_fault+0x9ab/0x53e0 [ 492.392560] ? graph_lock+0x170/0x170 [ 492.396410] ? print_usage_bug+0xc0/0xc0 [ 492.400477] ? __lock_acquire+0x7ec/0x4ec0 [ 492.404745] ? print_usage_bug+0xc0/0xc0 [ 492.408809] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 492.414351] ? reuse_swap_page+0x4bd/0x1520 [ 492.418676] ? swp_swapcount+0x530/0x530 [ 492.422742] ? __lock_acquire+0x7ec/0x4ec0 [ 492.426972] ? mark_held_locks+0x130/0x130 [ 492.431204] ? rcu_bh_qs+0xc0/0xc0 [ 492.434746] ? __lock_acquire+0x7ec/0x4ec0 [ 492.438982] ? mark_held_locks+0x130/0x130 [ 492.443239] ? graph_lock+0x170/0x170 [ 492.447042] ? mark_held_locks+0x130/0x130 [ 492.451283] ? check_preemption_disabled+0x48/0x200 [ 492.456315] ? check_preemption_disabled+0x48/0x200 [ 492.461335] ? find_held_lock+0x36/0x1c0 [ 492.465397] ? print_usage_bug+0xc0/0xc0 [ 492.469458] ? print_usage_bug+0xc0/0xc0 [ 492.473541] ? do_wp_page+0xa6f/0x1390 [ 492.477487] ? lock_downgrade+0x900/0x900 [ 492.481670] ? wake_up_page_bit+0x6f0/0x6f0 [ 492.485989] ? kasan_check_read+0x11/0x20 [ 492.490202] ? __lock_acquire+0x7ec/0x4ec0 [ 492.494528] ? _raw_spin_unlock+0x2c/0x50 [ 492.498684] ? mark_held_locks+0x130/0x130 [ 492.502975] ? find_held_lock+0x36/0x1c0 [ 492.507183] ? lock_release+0x970/0x970 [ 492.511163] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 492.516859] ? kasan_check_write+0x14/0x20 [ 492.521090] ? do_raw_spin_lock+0xc1/0x200 [ 492.525325] ? __handle_mm_fault+0x9ab/0x53e0 [ 492.529881] ? graph_lock+0x170/0x170 [ 492.533747] ? graph_lock+0x170/0x170 [ 492.537551] ? touch_atime+0x103/0x320 [ 492.541442] ? graph_lock+0x170/0x170 [ 492.545238] ? atime_needs_update+0x710/0x710 [ 492.549731] ? graph_lock+0x170/0x170 [ 492.553620] ? graph_lock+0x170/0x170 [ 492.557423] ? find_held_lock+0x36/0x1c0 [ 492.561520] _do_fork+0x1cb/0x11d0 [ 492.565089] ? fork_idle+0x1d0/0x1d0 [ 492.568877] ? lock_downgrade+0x900/0x900 [ 492.573035] ? kasan_check_read+0x11/0x20 [ 492.577191] ? _copy_to_user+0xc8/0x110 [ 492.581166] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 492.586700] ? put_timespec64+0x10f/0x1b0 [ 492.590852] ? nsecs_to_jiffies+0x30/0x30 [ 492.594999] ? do_syscall_64+0x9a/0x820 [ 492.599092] ? do_syscall_64+0x9a/0x820 [ 492.603070] ? lockdep_hardirqs_on+0x421/0x5c0 [ 492.607653] ? trace_hardirqs_on+0xbd/0x310 [ 492.612125] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 492.617663] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 492.623056] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 492.628546] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 492.634303] __x64_sys_clone+0xbf/0x150 [ 492.638280] do_syscall_64+0x1b9/0x820 [ 492.642226] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 492.647590] ? syscall_return_slowpath+0x5e0/0x5e0 [ 492.652540] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 492.657384] ? trace_hardirqs_on_caller+0x310/0x310 [ 492.662400] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 492.667546] ? prepare_exit_to_usermode+0x291/0x3b0 [ 492.672567] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 492.677421] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 492.682612] RIP: 0033:0x455b4a [ 492.685819] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 492.704812] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 492.712639] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 492.719904] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 492.727172] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 492.734440] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 492.741707] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 492.750701] Memory limit reached of cgroup /syz5 [ 492.755623] memory: usage 204840kB, limit 204800kB, failcnt 434192 [ 492.761958] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 492.768789] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 492.775010] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 492.795142] Out of memory and no killable processes... [ 492.801819] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 492.815241] syz-executor5 cpuset=syz5 mems_allowed=0 [ 492.820532] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 492.827804] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 492.837155] Call Trace: [ 492.839748] dump_stack+0x1c4/0x2b4 [ 492.843378] ? dump_stack_print_info.cold.2+0x52/0x52 [ 492.848660] dump_header+0x27b/0xf72 [ 492.852545] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 492.858360] ? kasan_check_read+0x11/0x20 [ 492.862542] ? pagefault_out_of_memory+0x197/0x197 [ 492.867477] ? rcu_read_unlock+0x33/0x60 [ 492.871628] ? mem_cgroup_iter+0x514/0x1160 [ 492.875954] ? find_held_lock+0x36/0x1c0 [ 492.880018] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 492.884878] ? mark_held_locks+0xc7/0x130 [ 492.890157] ? _raw_spin_unlock_irq+0x27/0x80 [ 492.894651] ? _raw_spin_unlock_irq+0x27/0x80 [ 492.899295] ? lockdep_hardirqs_on+0x421/0x5c0 [ 492.903878] ? trace_hardirqs_on+0xbd/0x310 [ 492.908196] ? kasan_check_read+0x11/0x20 [ 492.912344] ? css_task_iter_end+0x222/0x490 [ 492.916753] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 492.922262] ? kasan_check_write+0x14/0x20 [ 492.926527] ? do_raw_spin_lock+0xc1/0x200 [ 492.930790] ? _raw_spin_unlock_irq+0x60/0x80 [ 492.935286] ? css_task_iter_end+0x2ce/0x490 [ 492.939702] ? cgroup_procs_next+0x70/0x70 [ 492.944088] ? _raw_spin_unlock_irq+0x60/0x80 [ 492.948584] ? oom_badness+0xaa0/0xaa0 [ 492.952473] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 492.957428] ? mem_cgroup_iter_break+0x30/0x30 [ 492.962108] ? mark_held_locks+0xc7/0x130 [ 492.966380] out_of_memory.cold.30+0xf/0x184 [ 492.970897] ? lockdep_hardirqs_on+0x421/0x5c0 [ 492.975482] ? kasan_check_read+0x11/0x20 [ 492.979838] ? oom_killer_disable+0x3a0/0x3a0 [ 492.984397] ? kasan_check_write+0x14/0x20 [ 492.988636] ? do_raw_spin_lock+0xc1/0x200 [ 492.992877] mem_cgroup_out_of_memory+0x15e/0x210 [ 492.997721] ? memcg_memory_event+0x40/0x40 [ 493.002040] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 493.006978] ? page_counter_try_charge+0x1c1/0x220 [ 493.011908] try_charge+0xc43/0x1690 [ 493.015626] ? lock_downgrade+0x900/0x900 [ 493.019836] ? check_preemption_disabled+0x48/0x200 [ 493.024873] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 493.030933] ? find_held_lock+0x36/0x1c0 [ 493.034998] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 493.039840] ? lock_downgrade+0x900/0x900 [ 493.044114] ? check_preemption_disabled+0x48/0x200 [ 493.049152] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 493.055112] ? kasan_check_read+0x11/0x20 [ 493.059273] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 493.064565] ? rcu_bh_qs+0xc0/0xc0 [ 493.068110] ? get_mem_cgroup_from_mm+0x206/0x440 [ 493.072957] memcg_kmem_charge_memcg+0x7c/0x120 [ 493.077827] ? memcg_kmem_put_cache+0xb0/0xb0 [ 493.082323] ? print_usage_bug+0xc0/0xc0 [ 493.086386] memcg_kmem_charge+0x135/0x300 [ 493.090624] __alloc_pages_nodemask+0x72e/0xde0 [ 493.095354] ? __lock_acquire+0x7ec/0x4ec0 [ 493.099592] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 493.104607] ? print_usage_bug+0xc0/0xc0 [ 493.108678] ? find_held_lock+0x36/0x1c0 [ 493.112739] ? __lock_acquire+0x7ec/0x4ec0 [ 493.116976] ? is_bpf_text_address+0xac/0x170 [ 493.121470] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 493.127166] alloc_pages_current+0x10c/0x210 [ 493.131763] pte_alloc_one+0x1b/0x1a0 [ 493.135637] __pte_alloc+0x2a/0x350 [ 493.139269] copy_page_range+0x18c5/0x26b0 [ 493.143534] ? rb_insert_color_cached+0x14b0/0x14b0 [ 493.148577] ? pmd_alloc+0x180/0x180 [ 493.152296] ? graph_lock+0x170/0x170 [ 493.156173] ? kasan_slab_alloc+0x12/0x20 [ 493.160321] ? kmem_cache_alloc+0x12e/0x730 [ 493.164642] ? graph_lock+0x170/0x170 [ 493.168442] ? __x64_sys_clone+0xbf/0x150 [ 493.172723] ? do_syscall_64+0x1b9/0x820 [ 493.176785] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 493.182220] ? find_held_lock+0x36/0x1c0 [ 493.186290] ? anon_vma_fork+0x5ef/0x820 [ 493.190361] ? lock_downgrade+0x900/0x900 [ 493.194596] ? lock_release+0x970/0x970 [ 493.198571] ? arch_local_save_flags+0x40/0x40 [ 493.203158] ? __lock_is_held+0xb5/0x140 [ 493.207226] ? up_write+0x7b/0x220 [ 493.210766] ? up_read+0x110/0x110 [ 493.214346] ? anon_vma_interval_tree_insert+0x2c9/0x370 [ 493.219802] ? anon_vma_fork+0x13c/0x820 [ 493.224123] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 493.229143] ? vma_compute_subtree_gap+0x160/0x240 [ 493.234078] ? validate_mm_rb+0xaa/0xc0 [ 493.238135] ? __vma_link_rb+0x26c/0x370 [ 493.242199] copy_process+0x4721/0x8780 [ 493.246279] ? __cleanup_sighand+0x70/0x70 [ 493.250549] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 493.256299] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 493.261840] ? page_swapcount+0x1d0/0x1d0 [ 493.265985] ? try_to_wake_up+0x10a/0x12f0 [ 493.270221] ? lock_downgrade+0x900/0x900 [ 493.274429] ? lock_downgrade+0x900/0x900 [ 493.278589] ? trace_hardirqs_off+0xb8/0x310 [ 493.282996] ? kasan_check_read+0x11/0x20 [ 493.287161] ? trace_hardirqs_on+0x310/0x310 [ 493.291578] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 493.296741] ? try_to_wake_up+0x10a/0x12f0 [ 493.300978] ? print_usage_bug+0xc0/0xc0 [ 493.305156] ? migrate_swap_stop+0x930/0x930 [ 493.309571] ? __handle_mm_fault+0x9ab/0x53e0 [ 493.314074] ? graph_lock+0x170/0x170 [ 493.317999] ? print_usage_bug+0xc0/0xc0 [ 493.322071] ? __lock_acquire+0x7ec/0x4ec0 [ 493.326309] ? print_usage_bug+0xc0/0xc0 [ 493.330761] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 493.336302] ? reuse_swap_page+0x4bd/0x1520 [ 493.340623] ? swp_swapcount+0x530/0x530 [ 493.344691] ? __lock_acquire+0x7ec/0x4ec0 [ 493.349053] ? mark_held_locks+0x130/0x130 [ 493.353292] ? rcu_bh_qs+0xc0/0xc0 [ 493.356956] ? __lock_acquire+0x7ec/0x4ec0 [ 493.361255] ? mark_held_locks+0x130/0x130 [ 493.365624] ? graph_lock+0x170/0x170 [ 493.369423] ? mark_held_locks+0x130/0x130 [ 493.373660] ? check_preemption_disabled+0x48/0x200 [ 493.378807] ? check_preemption_disabled+0x48/0x200 [ 493.383827] ? find_held_lock+0x36/0x1c0 [ 493.387891] ? print_usage_bug+0xc0/0xc0 [ 493.392144] ? print_usage_bug+0xc0/0xc0 [ 493.396207] ? do_wp_page+0xa6f/0x1390 [ 493.400096] ? lock_downgrade+0x900/0x900 [ 493.404333] ? wake_up_page_bit+0x6f0/0x6f0 [ 493.408657] ? kasan_check_read+0x11/0x20 [ 493.412807] ? __lock_acquire+0x7ec/0x4ec0 [ 493.417046] ? _raw_spin_unlock+0x2c/0x50 [ 493.421203] ? mark_held_locks+0x130/0x130 [ 493.425433] ? find_held_lock+0x36/0x1c0 [ 493.429524] ? lock_release+0x970/0x970 [ 493.433530] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 493.439266] ? kasan_check_write+0x14/0x20 [ 493.443528] ? do_raw_spin_lock+0xc1/0x200 [ 493.447771] ? __handle_mm_fault+0x9ab/0x53e0 [ 493.452330] ? graph_lock+0x170/0x170 [ 493.456190] ? graph_lock+0x170/0x170 [ 493.460052] ? touch_atime+0x103/0x320 [ 493.463954] ? graph_lock+0x170/0x170 [ 493.467796] ? atime_needs_update+0x710/0x710 [ 493.472359] ? graph_lock+0x170/0x170 [ 493.476162] ? graph_lock+0x170/0x170 [ 493.479969] ? find_held_lock+0x36/0x1c0 [ 493.484035] _do_fork+0x1cb/0x11d0 [ 493.487585] ? fork_idle+0x1d0/0x1d0 [ 493.491298] ? lock_downgrade+0x900/0x900 [ 493.495454] ? kasan_check_read+0x11/0x20 [ 493.499666] ? _copy_to_user+0xc8/0x110 [ 493.503648] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 493.509189] ? put_timespec64+0x10f/0x1b0 [ 493.513336] ? nsecs_to_jiffies+0x30/0x30 [ 493.517520] ? do_syscall_64+0x9a/0x820 [ 493.521527] ? do_syscall_64+0x9a/0x820 [ 493.525536] ? lockdep_hardirqs_on+0x421/0x5c0 [ 493.530124] ? trace_hardirqs_on+0xbd/0x310 [ 493.534587] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 493.540244] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 493.545615] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 493.551207] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 493.556749] __x64_sys_clone+0xbf/0x150 [ 493.560730] do_syscall_64+0x1b9/0x820 [ 493.564704] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 493.570158] ? syscall_return_slowpath+0x5e0/0x5e0 [ 493.575091] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 493.580009] ? trace_hardirqs_on_caller+0x310/0x310 [ 493.585028] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 493.590223] ? prepare_exit_to_usermode+0x291/0x3b0 [ 493.595249] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 493.600211] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 493.605794] RIP: 0033:0x455b4a [ 493.608988] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 493.627978] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 493.635932] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 493.643280] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 493.650618] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 493.657893] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 493.665168] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 493.675116] Memory limit reached of cgroup /syz5 [ 493.680007] memory: usage 204788kB, limit 204800kB, failcnt 434200 [ 493.686540] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 493.693462] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 493.700443] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 493.721184] Out of memory and no killable processes... [ 493.727957] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 493.741020] syz-executor5 cpuset=syz5 mems_allowed=0 [ 493.746353] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 493.753955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 493.763308] Call Trace: [ 493.765902] dump_stack+0x1c4/0x2b4 [ 493.769757] ? dump_stack_print_info.cold.2+0x52/0x52 [ 493.774952] dump_header+0x27b/0xf72 [ 493.778825] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 493.784620] ? kasan_check_read+0x11/0x20 [ 493.788772] ? pagefault_out_of_memory+0x197/0x197 [ 493.793708] ? rcu_read_unlock+0x33/0x60 [ 493.797768] ? mem_cgroup_iter+0x514/0x1160 [ 493.802102] ? find_held_lock+0x36/0x1c0 [ 493.806344] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 493.811103] ? mark_held_locks+0xc7/0x130 [ 493.815257] ? _raw_spin_unlock_irq+0x27/0x80 [ 493.819752] ? _raw_spin_unlock_irq+0x27/0x80 [ 493.824336] ? lockdep_hardirqs_on+0x421/0x5c0 [ 493.828920] ? trace_hardirqs_on+0xbd/0x310 [ 493.833243] ? kasan_check_read+0x11/0x20 [ 493.837394] ? css_task_iter_end+0x222/0x490 [ 493.842073] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 493.847654] ? kasan_check_write+0x14/0x20 [ 493.851892] ? do_raw_spin_lock+0xc1/0x200 [ 493.856132] ? _raw_spin_unlock_irq+0x60/0x80 [ 493.860636] ? css_task_iter_end+0x2ce/0x490 [ 493.865290] ? cgroup_procs_next+0x70/0x70 [ 493.869623] ? _raw_spin_unlock_irq+0x60/0x80 [ 493.874123] ? oom_badness+0xaa0/0xaa0 [ 493.878016] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 493.882893] ? mem_cgroup_iter_break+0x30/0x30 [ 493.887612] ? mark_held_locks+0xc7/0x130 [ 493.891766] out_of_memory.cold.30+0xf/0x184 [ 493.896182] ? lockdep_hardirqs_on+0x421/0x5c0 [ 493.900771] ? kasan_check_read+0x11/0x20 [ 493.904924] ? oom_killer_disable+0x3a0/0x3a0 [ 493.909420] ? kasan_check_write+0x14/0x20 [ 493.913717] ? do_raw_spin_lock+0xc1/0x200 [ 493.918137] mem_cgroup_out_of_memory+0x15e/0x210 [ 493.923163] ? memcg_memory_event+0x40/0x40 [ 493.927600] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 493.932448] ? page_counter_try_charge+0x1c1/0x220 [ 493.937442] try_charge+0xc43/0x1690 [ 493.941200] ? lock_downgrade+0x900/0x900 [ 493.945349] ? check_preemption_disabled+0x48/0x200 [ 493.950464] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 493.956544] ? find_held_lock+0x36/0x1c0 [ 493.960671] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 493.965549] ? lock_downgrade+0x900/0x900 [ 493.969704] ? check_preemption_disabled+0x48/0x200 [ 493.974726] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 493.980544] ? kasan_check_read+0x11/0x20 [ 493.984699] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 493.989977] ? rcu_bh_qs+0xc0/0xc0 [ 493.993548] ? get_mem_cgroup_from_mm+0x206/0x440 [ 493.998398] memcg_kmem_charge_memcg+0x7c/0x120 [ 494.003285] ? memcg_kmem_put_cache+0xb0/0xb0 [ 494.008098] ? print_usage_bug+0xc0/0xc0 [ 494.012162] memcg_kmem_charge+0x135/0x300 [ 494.016461] __alloc_pages_nodemask+0x72e/0xde0 [ 494.021195] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 494.026213] ? __lock_acquire+0x7ec/0x4ec0 [ 494.030452] ? check_preemption_disabled+0x48/0x200 [ 494.035471] ? graph_lock+0x170/0x170 [ 494.039469] ? find_held_lock+0x36/0x1c0 [ 494.043578] ? __lock_is_held+0xb5/0x140 [ 494.047640] ? lock_downgrade+0x900/0x900 [ 494.051792] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 494.057524] alloc_pages_current+0x10c/0x210 [ 494.061998] ? ___might_sleep+0x1ed/0x300 [ 494.066148] pte_alloc_one+0x1b/0x1a0 [ 494.069951] __pte_alloc+0x2a/0x350 [ 494.073588] copy_page_range+0x18c5/0x26b0 [ 494.077839] ? pmd_alloc+0x180/0x180 [ 494.081564] ? save_stack+0xa9/0xd0 [ 494.085202] ? save_stack+0x43/0xd0 [ 494.088842] ? kasan_slab_alloc+0x12/0x20 [ 494.092991] ? kmem_cache_alloc+0x12e/0x730 [ 494.097311] ? vm_area_dup+0x7a/0x230 [ 494.101198] ? copy_process+0x42a0/0x8780 [ 494.105544] ? _do_fork+0x1cb/0x11d0 [ 494.109269] ? __x64_sys_clone+0xbf/0x150 [ 494.113416] ? do_syscall_64+0x1b9/0x820 [ 494.117609] ? graph_lock+0x170/0x170 [ 494.121409] ? lock_downgrade+0x900/0x900 [ 494.125568] ? graph_lock+0x170/0x170 [ 494.129381] ? kasan_check_read+0x11/0x20 [ 494.133566] ? graph_lock+0x170/0x170 [ 494.137532] ? find_held_lock+0x36/0x1c0 [ 494.141605] ? copy_process+0x454b/0x8780 [ 494.145763] ? lock_downgrade+0x900/0x900 [ 494.149924] ? lock_release+0x970/0x970 [ 494.153990] ? arch_local_save_flags+0x40/0x40 [ 494.158722] ? dup_userfaultfd+0x6d8/0x890 [ 494.162966] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 494.167989] ? vma_compute_subtree_gap+0x160/0x240 [ 494.172918] ? validate_mm_rb+0xaa/0xc0 [ 494.177068] ? __vma_link_rb+0x26c/0x370 [ 494.181193] copy_process+0x4721/0x8780 [ 494.185183] ? __cleanup_sighand+0x70/0x70 [ 494.189568] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 494.195110] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 494.200653] ? page_swapcount+0x1d0/0x1d0 [ 494.204801] ? try_to_wake_up+0x10a/0x12f0 [ 494.209151] ? lock_downgrade+0x900/0x900 [ 494.213299] ? lock_downgrade+0x900/0x900 [ 494.217451] ? trace_hardirqs_off+0xb8/0x310 [ 494.221856] ? kasan_check_read+0x11/0x20 [ 494.226005] ? trace_hardirqs_on+0x310/0x310 [ 494.230522] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 494.235632] ? try_to_wake_up+0x10a/0x12f0 [ 494.239872] ? print_usage_bug+0xc0/0xc0 [ 494.243988] ? migrate_swap_stop+0x930/0x930 [ 494.248590] ? __handle_mm_fault+0x9ab/0x53e0 [ 494.253092] ? graph_lock+0x170/0x170 [ 494.256895] ? print_usage_bug+0xc0/0xc0 [ 494.260963] ? __lock_acquire+0x7ec/0x4ec0 [ 494.265228] ? print_usage_bug+0xc0/0xc0 [ 494.269294] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 494.274832] ? reuse_swap_page+0x4bd/0x1520 [ 494.279163] ? swp_swapcount+0x530/0x530 [ 494.283357] ? __lock_acquire+0x7ec/0x4ec0 [ 494.287595] ? mark_held_locks+0x130/0x130 [ 494.291831] ? rcu_bh_qs+0xc0/0xc0 [ 494.295375] ? __lock_acquire+0x7ec/0x4ec0 [ 494.299679] ? mark_held_locks+0x130/0x130 [ 494.304041] ? graph_lock+0x170/0x170 [ 494.307844] ? mark_held_locks+0x130/0x130 [ 494.312229] ? check_preemption_disabled+0x48/0x200 [ 494.317247] ? check_preemption_disabled+0x48/0x200 [ 494.322272] ? find_held_lock+0x36/0x1c0 [ 494.326336] ? print_usage_bug+0xc0/0xc0 [ 494.330398] ? print_usage_bug+0xc0/0xc0 [ 494.334462] ? do_wp_page+0xa6f/0x1390 [ 494.338350] ? lock_downgrade+0x900/0x900 [ 494.342531] ? wake_up_page_bit+0x6f0/0x6f0 [ 494.346860] ? kasan_check_read+0x11/0x20 [ 494.351130] ? __lock_acquire+0x7ec/0x4ec0 [ 494.355369] ? _raw_spin_unlock+0x2c/0x50 [ 494.359656] ? mark_held_locks+0x130/0x130 [ 494.363889] ? find_held_lock+0x36/0x1c0 [ 494.368075] ? lock_release+0x970/0x970 [ 494.372056] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 494.377665] ? kasan_check_write+0x14/0x20 [ 494.381905] ? do_raw_spin_lock+0xc1/0x200 [ 494.386144] ? __handle_mm_fault+0x9ab/0x53e0 [ 494.390645] ? graph_lock+0x170/0x170 [ 494.394445] ? graph_lock+0x170/0x170 [ 494.398246] ? touch_atime+0x103/0x320 [ 494.402134] ? graph_lock+0x170/0x170 [ 494.405933] ? atime_needs_update+0x710/0x710 [ 494.410429] ? graph_lock+0x170/0x170 [ 494.414229] ? graph_lock+0x170/0x170 [ 494.418262] ? find_held_lock+0x36/0x1c0 [ 494.422328] _do_fork+0x1cb/0x11d0 [ 494.425870] ? fork_idle+0x1d0/0x1d0 [ 494.429734] ? lock_downgrade+0x900/0x900 [ 494.433889] ? kasan_check_read+0x11/0x20 [ 494.438035] ? _copy_to_user+0xc8/0x110 [ 494.442021] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 494.447646] ? put_timespec64+0x10f/0x1b0 [ 494.451792] ? nsecs_to_jiffies+0x30/0x30 [ 494.455943] ? do_syscall_64+0x9a/0x820 [ 494.459918] ? do_syscall_64+0x9a/0x820 [ 494.463892] ? lockdep_hardirqs_on+0x421/0x5c0 [ 494.468473] ? trace_hardirqs_on+0xbd/0x310 [ 494.472821] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 494.478359] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 494.483724] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 494.489242] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 494.494785] __x64_sys_clone+0xbf/0x150 [ 494.498763] do_syscall_64+0x1b9/0x820 [ 494.502673] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 494.508041] ? syscall_return_slowpath+0x5e0/0x5e0 [ 494.512968] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 494.517813] ? trace_hardirqs_on_caller+0x310/0x310 [ 494.522830] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 494.527936] ? prepare_exit_to_usermode+0x291/0x3b0 [ 494.533077] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 494.538094] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 494.543344] RIP: 0033:0x455b4a [ 494.546564] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 494.565477] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 494.573321] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 494.580773] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 494.588051] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 494.595386] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 494.602714] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 494.611214] Memory limit reached of cgroup /syz5 [ 494.616299] memory: usage 204800kB, limit 204800kB, failcnt 434212 [ 494.622730] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 494.629707] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 494.636002] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 494.656021] Out of memory and no killable processes... [ 494.662636] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 494.675899] syz-executor5 cpuset=syz5 mems_allowed=0 [ 494.681241] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 494.688540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 494.697983] Call Trace: [ 494.700647] dump_stack+0x1c4/0x2b4 [ 494.704335] ? dump_stack_print_info.cold.2+0x52/0x52 [ 494.709553] dump_header+0x27b/0xf72 [ 494.713277] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 494.719074] ? kasan_check_read+0x11/0x20 [ 494.723229] ? pagefault_out_of_memory+0x197/0x197 [ 494.728184] ? rcu_read_unlock+0x33/0x60 [ 494.732246] ? mem_cgroup_iter+0x514/0x1160 [ 494.736576] ? find_held_lock+0x36/0x1c0 [ 494.740711] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 494.745471] ? mark_held_locks+0xc7/0x130 [ 494.749669] ? _raw_spin_unlock_irq+0x27/0x80 [ 494.754166] ? _raw_spin_unlock_irq+0x27/0x80 [ 494.758669] ? lockdep_hardirqs_on+0x421/0x5c0 [ 494.763255] ? trace_hardirqs_on+0xbd/0x310 [ 494.767583] ? kasan_check_read+0x11/0x20 [ 494.771734] ? css_task_iter_end+0x222/0x490 [ 494.776220] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 494.781676] ? kasan_check_write+0x14/0x20 [ 494.785917] ? do_raw_spin_lock+0xc1/0x200 [ 494.790293] ? _raw_spin_unlock_irq+0x60/0x80 [ 494.795006] ? css_task_iter_end+0x2ce/0x490 [ 494.799423] ? cgroup_procs_next+0x70/0x70 [ 494.803693] ? _raw_spin_unlock_irq+0x60/0x80 [ 494.808192] ? oom_badness+0xaa0/0xaa0 [ 494.812237] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 494.817002] ? mem_cgroup_iter_break+0x30/0x30 [ 494.821600] ? mark_held_locks+0xc7/0x130 [ 494.825777] out_of_memory.cold.30+0xf/0x184 [ 494.830327] ? lockdep_hardirqs_on+0x421/0x5c0 [ 494.834917] ? kasan_check_read+0x11/0x20 [ 494.839070] ? oom_killer_disable+0x3a0/0x3a0 [ 494.843576] ? kasan_check_write+0x14/0x20 [ 494.847818] ? do_raw_spin_lock+0xc1/0x200 [ 494.852127] mem_cgroup_out_of_memory+0x15e/0x210 [ 494.856973] ? memcg_memory_event+0x40/0x40 [ 494.861296] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 494.866149] ? page_counter_try_charge+0x1c1/0x220 [ 494.871084] try_charge+0xc43/0x1690 [ 494.875040] ? lock_downgrade+0x900/0x900 [ 494.879195] ? check_preemption_disabled+0x48/0x200 [ 494.884216] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 494.890279] ? find_held_lock+0x36/0x1c0 [ 494.894346] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 494.899195] ? lock_downgrade+0x900/0x900 [ 494.903347] ? check_preemption_disabled+0x48/0x200 [ 494.908368] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 494.914168] ? kasan_check_read+0x11/0x20 [ 494.918445] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 494.923723] ? rcu_bh_qs+0xc0/0xc0 [ 494.927273] ? get_mem_cgroup_from_mm+0x206/0x440 [ 494.932123] memcg_kmem_charge_memcg+0x7c/0x120 [ 494.936794] ? memcg_kmem_put_cache+0xb0/0xb0 [ 494.941296] ? print_usage_bug+0xc0/0xc0 [ 494.945361] memcg_kmem_charge+0x135/0x300 [ 494.949664] __alloc_pages_nodemask+0x72e/0xde0 [ 494.954551] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 494.959743] ? __lock_acquire+0x7ec/0x4ec0 [ 494.963982] ? check_preemption_disabled+0x48/0x200 [ 494.969164] ? graph_lock+0x170/0x170 [ 494.973131] ? find_held_lock+0x36/0x1c0 [ 494.977203] ? __lock_is_held+0xb5/0x140 [ 494.981263] ? lock_downgrade+0x900/0x900 [ 494.985416] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 494.990961] alloc_pages_current+0x10c/0x210 [ 494.995372] ? ___might_sleep+0x1ed/0x300 [ 494.999806] pte_alloc_one+0x1b/0x1a0 [ 495.003617] __pte_alloc+0x2a/0x350 [ 495.007252] copy_page_range+0x18c5/0x26b0 [ 495.011537] ? pmd_alloc+0x180/0x180 [ 495.015398] ? save_stack+0xa9/0xd0 [ 495.019025] ? save_stack+0x43/0xd0 [ 495.022657] ? kasan_slab_alloc+0x12/0x20 [ 495.026939] ? kmem_cache_alloc+0x12e/0x730 [ 495.031404] ? vm_area_dup+0x7a/0x230 [ 495.035205] ? copy_process+0x42a0/0x8780 [ 495.039442] ? _do_fork+0x1cb/0x11d0 [ 495.043313] ? __x64_sys_clone+0xbf/0x150 [ 495.047470] ? do_syscall_64+0x1b9/0x820 [ 495.051743] ? graph_lock+0x170/0x170 [ 495.055625] ? lock_downgrade+0x900/0x900 [ 495.059780] ? graph_lock+0x170/0x170 [ 495.063593] ? graph_lock+0x170/0x170 [ 495.067401] ? find_held_lock+0x36/0x1c0 [ 495.071596] ? copy_process+0x454b/0x8780 [ 495.075751] ? lock_downgrade+0x900/0x900 [ 495.079901] ? lock_release+0x970/0x970 [ 495.083891] ? arch_local_save_flags+0x40/0x40 [ 495.088484] ? dup_userfaultfd+0x6d8/0x890 [ 495.093055] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 495.098141] ? vma_compute_subtree_gap+0x160/0x240 [ 495.103080] ? validate_mm_rb+0xaa/0xc0 [ 495.107191] ? __vma_link_rb+0x26c/0x370 [ 495.111258] copy_process+0x4721/0x8780 [ 495.115253] ? __cleanup_sighand+0x70/0x70 [ 495.119590] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 495.125134] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 495.130746] ? page_swapcount+0x1d0/0x1d0 [ 495.134906] ? try_to_wake_up+0x10a/0x12f0 [ 495.139147] ? lock_downgrade+0x900/0x900 [ 495.143294] ? lock_downgrade+0x900/0x900 [ 495.147452] ? trace_hardirqs_off+0xb8/0x310 [ 495.151863] ? kasan_check_read+0x11/0x20 [ 495.156084] ? trace_hardirqs_on+0x310/0x310 [ 495.160772] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 495.166027] ? try_to_wake_up+0x10a/0x12f0 [ 495.170269] ? print_usage_bug+0xc0/0xc0 [ 495.174590] ? migrate_swap_stop+0x930/0x930 [ 495.179005] ? __handle_mm_fault+0x9ab/0x53e0 [ 495.183533] ? graph_lock+0x170/0x170 [ 495.187343] ? print_usage_bug+0xc0/0xc0 [ 495.191475] ? __lock_acquire+0x7ec/0x4ec0 [ 495.195746] ? print_usage_bug+0xc0/0xc0 [ 495.199816] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 495.205646] ? reuse_swap_page+0x4bd/0x1520 [ 495.209971] ? swp_swapcount+0x530/0x530 [ 495.214039] ? __lock_acquire+0x7ec/0x4ec0 [ 495.218277] ? mark_held_locks+0x130/0x130 [ 495.222538] ? rcu_bh_qs+0xc0/0xc0 [ 495.226088] ? __lock_acquire+0x7ec/0x4ec0 [ 495.230325] ? mark_held_locks+0x130/0x130 [ 495.234745] ? graph_lock+0x170/0x170 [ 495.238570] ? mark_held_locks+0x130/0x130 [ 495.242818] ? check_preemption_disabled+0x48/0x200 [ 495.247970] ? check_preemption_disabled+0x48/0x200 [ 495.253258] ? find_held_lock+0x36/0x1c0 [ 495.257325] ? print_usage_bug+0xc0/0xc0 [ 495.261693] ? print_usage_bug+0xc0/0xc0 [ 495.265761] ? do_wp_page+0xa6f/0x1390 [ 495.269657] ? lock_downgrade+0x900/0x900 [ 495.273949] ? wake_up_page_bit+0x6f0/0x6f0 [ 495.278277] ? kasan_check_read+0x11/0x20 [ 495.282433] ? __lock_acquire+0x7ec/0x4ec0 [ 495.286943] ? _raw_spin_unlock+0x2c/0x50 [ 495.291213] ? mark_held_locks+0x130/0x130 [ 495.295463] ? find_held_lock+0x36/0x1c0 [ 495.299623] ? lock_release+0x970/0x970 [ 495.303934] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 495.309475] ? kasan_check_write+0x14/0x20 [ 495.313755] ? do_raw_spin_lock+0xc1/0x200 [ 495.318090] ? __handle_mm_fault+0x9ab/0x53e0 [ 495.322802] ? graph_lock+0x170/0x170 [ 495.326739] ? graph_lock+0x170/0x170 [ 495.330643] ? touch_atime+0x103/0x320 [ 495.334741] ? graph_lock+0x170/0x170 [ 495.338760] ? atime_needs_update+0x710/0x710 [ 495.343255] ? graph_lock+0x170/0x170 [ 495.347336] ? graph_lock+0x170/0x170 [ 495.351145] ? find_held_lock+0x36/0x1c0 [ 495.355214] _do_fork+0x1cb/0x11d0 [ 495.358759] ? fork_idle+0x1d0/0x1d0 [ 495.362471] ? lock_downgrade+0x900/0x900 [ 495.367000] ? kasan_check_read+0x11/0x20 [ 495.371398] ? _copy_to_user+0xc8/0x110 [ 495.375383] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 495.381224] ? put_timespec64+0x10f/0x1b0 [ 495.385376] ? nsecs_to_jiffies+0x30/0x30 [ 495.389781] ? do_syscall_64+0x9a/0x820 [ 495.393758] ? do_syscall_64+0x9a/0x820 [ 495.397737] ? lockdep_hardirqs_on+0x421/0x5c0 [ 495.402322] ? trace_hardirqs_on+0xbd/0x310 [ 495.406655] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 495.412258] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 495.417719] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 495.423296] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 495.428878] __x64_sys_clone+0xbf/0x150 [ 495.432968] do_syscall_64+0x1b9/0x820 [ 495.436856] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 495.442221] ? syscall_return_slowpath+0x5e0/0x5e0 [ 495.447267] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 495.452110] ? trace_hardirqs_on_caller+0x310/0x310 [ 495.457128] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 495.462141] ? prepare_exit_to_usermode+0x291/0x3b0 [ 495.467158] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 495.472002] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 495.477214] RIP: 0033:0x455b4a [ 495.480404] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 495.499315] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 495.507023] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 495.514280] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 495.521538] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 495.528815] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 495.536080] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 495.544673] Memory limit reached of cgroup /syz5 [ 495.549617] memory: usage 204804kB, limit 204800kB, failcnt 434220 [ 495.556025] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 495.562789] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 495.569050] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 495.588875] Out of memory and no killable processes... [ 495.595816] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 495.609132] syz-executor5 cpuset=syz5 mems_allowed=0 [ 495.614243] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 495.621503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 495.630838] Call Trace: [ 495.633422] dump_stack+0x1c4/0x2b4 [ 495.637068] ? dump_stack_print_info.cold.2+0x52/0x52 [ 495.642281] dump_header+0x27b/0xf72 [ 495.645987] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 495.651807] ? kasan_check_read+0x11/0x20 [ 495.655941] ? pagefault_out_of_memory+0x197/0x197 [ 495.660859] ? rcu_read_unlock+0x33/0x60 [ 495.664905] ? mem_cgroup_iter+0x514/0x1160 [ 495.669215] ? find_held_lock+0x36/0x1c0 [ 495.673262] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 495.678018] ? mark_held_locks+0xc7/0x130 [ 495.682154] ? _raw_spin_unlock_irq+0x27/0x80 [ 495.686634] ? _raw_spin_unlock_irq+0x27/0x80 [ 495.691116] ? lockdep_hardirqs_on+0x421/0x5c0 [ 495.695697] ? trace_hardirqs_on+0xbd/0x310 [ 495.700018] ? kasan_check_read+0x11/0x20 [ 495.704155] ? css_task_iter_end+0x222/0x490 [ 495.708551] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 495.713988] ? kasan_check_write+0x14/0x20 [ 495.718431] ? do_raw_spin_lock+0xc1/0x200 [ 495.722654] ? _raw_spin_unlock_irq+0x60/0x80 [ 495.727135] ? css_task_iter_end+0x2ce/0x490 [ 495.731528] ? cgroup_procs_next+0x70/0x70 [ 495.735749] ? _raw_spin_unlock_irq+0x60/0x80 [ 495.740245] ? oom_badness+0xaa0/0xaa0 [ 495.744122] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 495.748861] ? mem_cgroup_iter_break+0x30/0x30 [ 495.753472] ? mark_held_locks+0xc7/0x130 [ 495.757613] out_of_memory.cold.30+0xf/0x184 [ 495.762007] ? lockdep_hardirqs_on+0x421/0x5c0 [ 495.766601] ? kasan_check_read+0x11/0x20 [ 495.770739] ? oom_killer_disable+0x3a0/0x3a0 [ 495.775217] ? kasan_check_write+0x14/0x20 [ 495.779471] ? do_raw_spin_lock+0xc1/0x200 [ 495.783705] mem_cgroup_out_of_memory+0x15e/0x210 [ 495.788531] ? memcg_memory_event+0x40/0x40 [ 495.792836] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 495.797670] ? page_counter_try_charge+0x1c1/0x220 [ 495.802589] try_charge+0xc43/0x1690 [ 495.806290] ? lock_downgrade+0x900/0x900 [ 495.810425] ? check_preemption_disabled+0x48/0x200 [ 495.815442] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 495.821601] ? find_held_lock+0x36/0x1c0 [ 495.825648] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 495.830478] ? lock_downgrade+0x900/0x900 [ 495.834627] ? check_preemption_disabled+0x48/0x200 [ 495.839669] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 495.845482] ? kasan_check_read+0x11/0x20 [ 495.849638] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 495.854899] ? rcu_bh_qs+0xc0/0xc0 [ 495.858427] ? get_mem_cgroup_from_mm+0x206/0x440 [ 495.863254] memcg_kmem_charge_memcg+0x7c/0x120 [ 495.867907] ? memcg_kmem_put_cache+0xb0/0xb0 [ 495.872386] ? print_usage_bug+0xc0/0xc0 [ 495.876436] memcg_kmem_charge+0x135/0x300 [ 495.880661] __alloc_pages_nodemask+0x72e/0xde0 [ 495.885339] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 495.890352] ? __lock_acquire+0x7ec/0x4ec0 [ 495.894576] ? check_preemption_disabled+0x48/0x200 [ 495.899604] ? graph_lock+0x170/0x170 [ 495.903387] ? find_held_lock+0x36/0x1c0 [ 495.907441] ? __lock_is_held+0xb5/0x140 [ 495.911486] ? lock_downgrade+0x900/0x900 [ 495.915631] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 495.921154] alloc_pages_current+0x10c/0x210 [ 495.925553] ? ___might_sleep+0x1ed/0x300 [ 495.929693] pte_alloc_one+0x1b/0x1a0 [ 495.933479] __pte_alloc+0x2a/0x350 [ 495.937121] copy_page_range+0x18c5/0x26b0 [ 495.941364] ? pmd_alloc+0x180/0x180 [ 495.945066] ? save_stack+0xa9/0xd0 [ 495.948699] ? save_stack+0x43/0xd0 [ 495.952314] ? kasan_slab_alloc+0x12/0x20 [ 495.956445] ? kmem_cache_alloc+0x12e/0x730 [ 495.960751] ? vm_area_dup+0x7a/0x230 [ 495.964535] ? copy_process+0x42a0/0x8780 [ 495.968665] ? _do_fork+0x1cb/0x11d0 [ 495.972361] ? __x64_sys_clone+0xbf/0x150 [ 495.976515] ? do_syscall_64+0x1b9/0x820 [ 495.980572] ? graph_lock+0x170/0x170 [ 495.984354] ? lock_downgrade+0x900/0x900 [ 495.988481] ? graph_lock+0x170/0x170 [ 495.992275] ? graph_lock+0x170/0x170 [ 495.996061] ? find_held_lock+0x36/0x1c0 [ 496.000112] ? copy_process+0x454b/0x8780 [ 496.004265] ? lock_downgrade+0x900/0x900 [ 496.008405] ? lock_release+0x970/0x970 [ 496.012367] ? arch_local_save_flags+0x40/0x40 [ 496.016939] ? dup_userfaultfd+0x6d8/0x890 [ 496.021168] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 496.026175] ? vma_compute_subtree_gap+0x160/0x240 [ 496.031097] ? validate_mm_rb+0xaa/0xc0 [ 496.035062] ? __vma_link_rb+0x26c/0x370 [ 496.039111] copy_process+0x4721/0x8780 [ 496.043104] ? __cleanup_sighand+0x70/0x70 [ 496.047333] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 496.052859] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 496.058387] ? page_swapcount+0x1d0/0x1d0 [ 496.062540] ? try_to_wake_up+0x10a/0x12f0 [ 496.066768] ? lock_downgrade+0x900/0x900 [ 496.070903] ? lock_downgrade+0x900/0x900 [ 496.075039] ? trace_hardirqs_off+0xb8/0x310 [ 496.079430] ? kasan_check_read+0x11/0x20 [ 496.083567] ? trace_hardirqs_on+0x310/0x310 [ 496.087967] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 496.093055] ? try_to_wake_up+0x10a/0x12f0 [ 496.097290] ? print_usage_bug+0xc0/0xc0 [ 496.101334] ? migrate_swap_stop+0x930/0x930 [ 496.105734] ? __handle_mm_fault+0x9ab/0x53e0 [ 496.110216] ? graph_lock+0x170/0x170 [ 496.113999] ? print_usage_bug+0xc0/0xc0 [ 496.118050] ? __lock_acquire+0x7ec/0x4ec0 [ 496.122273] ? print_usage_bug+0xc0/0xc0 [ 496.126323] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 496.131858] ? reuse_swap_page+0x4bd/0x1520 [ 496.136169] ? swp_swapcount+0x530/0x530 [ 496.140225] ? __lock_acquire+0x7ec/0x4ec0 [ 496.144442] ? mark_held_locks+0x130/0x130 [ 496.148689] ? rcu_bh_qs+0xc0/0xc0 [ 496.152217] ? __lock_acquire+0x7ec/0x4ec0 [ 496.156439] ? mark_held_locks+0x130/0x130 [ 496.160672] ? graph_lock+0x170/0x170 [ 496.164458] ? mark_held_locks+0x130/0x130 [ 496.168697] ? check_preemption_disabled+0x48/0x200 [ 496.173711] ? check_preemption_disabled+0x48/0x200 [ 496.178718] ? find_held_lock+0x36/0x1c0 [ 496.182761] ? print_usage_bug+0xc0/0xc0 [ 496.186810] ? print_usage_bug+0xc0/0xc0 [ 496.190875] ? do_wp_page+0xa6f/0x1390 [ 496.194743] ? lock_downgrade+0x900/0x900 [ 496.198890] ? wake_up_page_bit+0x6f0/0x6f0 [ 496.203198] ? kasan_check_read+0x11/0x20 [ 496.207337] ? __lock_acquire+0x7ec/0x4ec0 [ 496.211557] ? _raw_spin_unlock+0x2c/0x50 [ 496.215709] ? mark_held_locks+0x130/0x130 [ 496.219928] ? find_held_lock+0x36/0x1c0 [ 496.223979] ? lock_release+0x970/0x970 [ 496.227942] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 496.233462] ? kasan_check_write+0x14/0x20 [ 496.237684] ? do_raw_spin_lock+0xc1/0x200 [ 496.241909] ? __handle_mm_fault+0x9ab/0x53e0 [ 496.246434] ? graph_lock+0x170/0x170 [ 496.250216] ? graph_lock+0x170/0x170 [ 496.253998] ? touch_atime+0x103/0x320 [ 496.257872] ? graph_lock+0x170/0x170 [ 496.261656] ? atime_needs_update+0x710/0x710 [ 496.266156] ? graph_lock+0x170/0x170 [ 496.269941] ? graph_lock+0x170/0x170 [ 496.273730] ? find_held_lock+0x36/0x1c0 [ 496.277786] _do_fork+0x1cb/0x11d0 [ 496.281317] ? fork_idle+0x1d0/0x1d0 [ 496.285034] ? lock_downgrade+0x900/0x900 [ 496.289192] ? kasan_check_read+0x11/0x20 [ 496.293325] ? _copy_to_user+0xc8/0x110 [ 496.297288] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 496.302812] ? put_timespec64+0x10f/0x1b0 [ 496.306947] ? nsecs_to_jiffies+0x30/0x30 [ 496.311094] ? do_syscall_64+0x9a/0x820 [ 496.315055] ? do_syscall_64+0x9a/0x820 [ 496.319016] ? lockdep_hardirqs_on+0x421/0x5c0 [ 496.323608] ? trace_hardirqs_on+0xbd/0x310 [ 496.327950] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 496.333503] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 496.338855] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 496.344309] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 496.349837] __x64_sys_clone+0xbf/0x150 [ 496.353799] do_syscall_64+0x1b9/0x820 [ 496.357675] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 496.363071] ? syscall_return_slowpath+0x5e0/0x5e0 [ 496.367986] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 496.372812] ? trace_hardirqs_on_caller+0x310/0x310 [ 496.377814] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 496.382825] ? prepare_exit_to_usermode+0x291/0x3b0 [ 496.387833] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 496.392671] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 496.397843] RIP: 0033:0x455b4a [ 496.401042] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 496.419930] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 496.427654] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 496.434907] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 496.442159] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 496.449414] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 496.456667] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 496.472628] Memory limit reached of cgroup /syz5 [ 496.477911] memory: usage 204808kB, limit 204800kB, failcnt 434228 [ 496.484246] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 496.491659] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 496.498312] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 496.518161] Out of memory and no killable processes... [ 496.525229] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 496.538143] syz-executor5 cpuset=syz5 mems_allowed=0 [ 496.543251] CPU: 1 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 496.550503] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 496.559877] Call Trace: [ 496.562455] dump_stack+0x1c4/0x2b4 [ 496.566078] ? dump_stack_print_info.cold.2+0x52/0x52 [ 496.571260] dump_header+0x27b/0xf72 [ 496.574963] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 496.580744] ? kasan_check_read+0x11/0x20 [ 496.584879] ? pagefault_out_of_memory+0x197/0x197 [ 496.589796] ? rcu_read_unlock+0x33/0x60 [ 496.593841] ? mem_cgroup_iter+0x514/0x1160 [ 496.598145] ? find_held_lock+0x36/0x1c0 [ 496.602205] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 496.606944] ? mark_held_locks+0xc7/0x130 [ 496.611115] ? _raw_spin_unlock_irq+0x27/0x80 [ 496.615599] ? _raw_spin_unlock_irq+0x27/0x80 [ 496.620094] ? lockdep_hardirqs_on+0x421/0x5c0 [ 496.624660] ? trace_hardirqs_on+0xbd/0x310 [ 496.628960] ? kasan_check_read+0x11/0x20 [ 496.633094] ? css_task_iter_end+0x222/0x490 [ 496.637499] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 496.642973] ? kasan_check_write+0x14/0x20 [ 496.647195] ? do_raw_spin_lock+0xc1/0x200 [ 496.651429] ? _raw_spin_unlock_irq+0x60/0x80 [ 496.655918] ? css_task_iter_end+0x2ce/0x490 [ 496.660314] ? cgroup_procs_next+0x70/0x70 [ 496.664536] ? _raw_spin_unlock_irq+0x60/0x80 [ 496.669015] ? oom_badness+0xaa0/0xaa0 [ 496.672902] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 496.677640] ? mem_cgroup_iter_break+0x30/0x30 [ 496.682233] ? mark_held_locks+0xc7/0x130 [ 496.686374] out_of_memory.cold.30+0xf/0x184 [ 496.690770] ? lockdep_hardirqs_on+0x421/0x5c0 [ 496.695336] ? kasan_check_read+0x11/0x20 [ 496.699466] ? oom_killer_disable+0x3a0/0x3a0 [ 496.703967] ? kasan_check_write+0x14/0x20 [ 496.708199] ? do_raw_spin_lock+0xc1/0x200 [ 496.712428] mem_cgroup_out_of_memory+0x15e/0x210 [ 496.717256] ? memcg_memory_event+0x40/0x40 [ 496.721560] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 496.726388] ? page_counter_try_charge+0x1c1/0x220 [ 496.731305] try_charge+0xc43/0x1690 [ 496.735008] ? lock_downgrade+0x900/0x900 [ 496.739152] ? check_preemption_disabled+0x48/0x200 [ 496.744191] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 496.750257] ? find_held_lock+0x36/0x1c0 [ 496.754345] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 496.759171] ? lock_downgrade+0x900/0x900 [ 496.763324] ? check_preemption_disabled+0x48/0x200 [ 496.768345] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 496.774125] ? kasan_check_read+0x11/0x20 [ 496.778262] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 496.783525] ? rcu_bh_qs+0xc0/0xc0 [ 496.787052] ? get_mem_cgroup_from_mm+0x206/0x440 [ 496.791886] memcg_kmem_charge_memcg+0x7c/0x120 [ 496.796541] ? memcg_kmem_put_cache+0xb0/0xb0 [ 496.801025] ? print_usage_bug+0xc0/0xc0 [ 496.805077] memcg_kmem_charge+0x135/0x300 [ 496.809298] __alloc_pages_nodemask+0x72e/0xde0 [ 496.813971] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 496.818974] ? __lock_acquire+0x7ec/0x4ec0 [ 496.823193] ? check_preemption_disabled+0x48/0x200 [ 496.828207] ? graph_lock+0x170/0x170 [ 496.831986] ? find_held_lock+0x36/0x1c0 [ 496.836038] ? __lock_is_held+0xb5/0x140 [ 496.840085] ? lock_downgrade+0x900/0x900 [ 496.844240] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 496.849776] alloc_pages_current+0x10c/0x210 [ 496.854182] ? ___might_sleep+0x1ed/0x300 [ 496.858341] pte_alloc_one+0x1b/0x1a0 [ 496.862145] __pte_alloc+0x2a/0x350 [ 496.865760] copy_page_range+0x18c5/0x26b0 [ 496.870008] ? pmd_alloc+0x180/0x180 [ 496.873712] ? save_stack+0xa9/0xd0 [ 496.877325] ? save_stack+0x43/0xd0 [ 496.880947] ? kasan_slab_alloc+0x12/0x20 [ 496.885078] ? kmem_cache_alloc+0x12e/0x730 [ 496.889389] ? vm_area_dup+0x7a/0x230 [ 496.893171] ? copy_process+0x42a0/0x8780 [ 496.897298] ? _do_fork+0x1cb/0x11d0 [ 496.900991] ? __x64_sys_clone+0xbf/0x150 [ 496.905124] ? do_syscall_64+0x1b9/0x820 [ 496.909173] ? graph_lock+0x170/0x170 [ 496.912960] ? lock_downgrade+0x900/0x900 [ 496.917091] ? graph_lock+0x170/0x170 [ 496.920878] ? graph_lock+0x170/0x170 [ 496.924664] ? find_held_lock+0x36/0x1c0 [ 496.928727] ? copy_process+0x454b/0x8780 [ 496.932861] ? lock_downgrade+0x900/0x900 [ 496.936990] ? lock_release+0x970/0x970 [ 496.940957] ? arch_local_save_flags+0x40/0x40 [ 496.945543] ? dup_userfaultfd+0x6d8/0x890 [ 496.949770] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 496.954768] ? vma_compute_subtree_gap+0x160/0x240 [ 496.959680] ? validate_mm_rb+0xaa/0xc0 [ 496.963642] ? __vma_link_rb+0x26c/0x370 [ 496.967692] copy_process+0x4721/0x8780 [ 496.971689] ? __cleanup_sighand+0x70/0x70 [ 496.975911] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 496.981431] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 496.986956] ? page_swapcount+0x1d0/0x1d0 [ 496.991086] ? try_to_wake_up+0x10a/0x12f0 [ 496.995305] ? lock_downgrade+0x900/0x900 [ 496.999434] ? lock_downgrade+0x900/0x900 [ 497.003566] ? trace_hardirqs_off+0xb8/0x310 [ 497.007954] ? kasan_check_read+0x11/0x20 [ 497.012089] ? trace_hardirqs_on+0x310/0x310 [ 497.016493] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 497.021576] ? try_to_wake_up+0x10a/0x12f0 [ 497.025797] ? print_usage_bug+0xc0/0xc0 [ 497.029846] ? migrate_swap_stop+0x930/0x930 [ 497.034252] ? __handle_mm_fault+0x9ab/0x53e0 [ 497.038762] ? graph_lock+0x170/0x170 [ 497.042787] ? print_usage_bug+0xc0/0xc0 [ 497.046836] ? __lock_acquire+0x7ec/0x4ec0 [ 497.051060] ? print_usage_bug+0xc0/0xc0 [ 497.055117] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 497.060639] ? reuse_swap_page+0x4bd/0x1520 [ 497.064942] ? swp_swapcount+0x530/0x530 [ 497.069015] ? __lock_acquire+0x7ec/0x4ec0 [ 497.073243] ? mark_held_locks+0x130/0x130 [ 497.077461] ? rcu_bh_qs+0xc0/0xc0 [ 497.080989] ? __lock_acquire+0x7ec/0x4ec0 [ 497.085211] ? mark_held_locks+0x130/0x130 [ 497.089445] ? graph_lock+0x170/0x170 [ 497.093226] ? mark_held_locks+0x130/0x130 [ 497.097461] ? check_preemption_disabled+0x48/0x200 [ 497.102472] ? check_preemption_disabled+0x48/0x200 [ 497.107475] ? find_held_lock+0x36/0x1c0 [ 497.111519] ? print_usage_bug+0xc0/0xc0 [ 497.115568] ? print_usage_bug+0xc0/0xc0 [ 497.119617] ? do_wp_page+0xa6f/0x1390 [ 497.123486] ? lock_downgrade+0x900/0x900 [ 497.127617] ? wake_up_page_bit+0x6f0/0x6f0 [ 497.131934] ? kasan_check_read+0x11/0x20 [ 497.136093] ? __lock_acquire+0x7ec/0x4ec0 [ 497.140329] ? _raw_spin_unlock+0x2c/0x50 [ 497.144464] ? mark_held_locks+0x130/0x130 [ 497.148680] ? find_held_lock+0x36/0x1c0 [ 497.152744] ? lock_release+0x970/0x970 [ 497.156709] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 497.162235] ? kasan_check_write+0x14/0x20 [ 497.166472] ? do_raw_spin_lock+0xc1/0x200 [ 497.170694] ? __handle_mm_fault+0x9ab/0x53e0 [ 497.175206] ? graph_lock+0x170/0x170 [ 497.179001] ? graph_lock+0x170/0x170 [ 497.182783] ? touch_atime+0x103/0x320 [ 497.186651] ? graph_lock+0x170/0x170 [ 497.190434] ? atime_needs_update+0x710/0x710 [ 497.194912] ? graph_lock+0x170/0x170 [ 497.198694] ? graph_lock+0x170/0x170 [ 497.202484] ? find_held_lock+0x36/0x1c0 [ 497.206554] _do_fork+0x1cb/0x11d0 [ 497.210085] ? fork_idle+0x1d0/0x1d0 [ 497.213778] ? lock_downgrade+0x900/0x900 [ 497.217913] ? kasan_check_read+0x11/0x20 [ 497.222059] ? _copy_to_user+0xc8/0x110 [ 497.226024] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 497.231545] ? put_timespec64+0x10f/0x1b0 [ 497.235681] ? nsecs_to_jiffies+0x30/0x30 [ 497.239817] ? do_syscall_64+0x9a/0x820 [ 497.243778] ? do_syscall_64+0x9a/0x820 [ 497.247757] ? lockdep_hardirqs_on+0x421/0x5c0 [ 497.252326] ? trace_hardirqs_on+0xbd/0x310 [ 497.256629] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 497.262151] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 497.267495] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 497.272929] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 497.278449] __x64_sys_clone+0xbf/0x150 [ 497.282427] do_syscall_64+0x1b9/0x820 [ 497.286299] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 497.291643] ? syscall_return_slowpath+0x5e0/0x5e0 [ 497.296554] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 497.301390] ? trace_hardirqs_on_caller+0x310/0x310 [ 497.306390] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 497.311387] ? prepare_exit_to_usermode+0x291/0x3b0 [ 497.316388] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 497.321241] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 497.326423] RIP: 0033:0x455b4a [ 497.329601] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 497.348486] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 497.356185] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 497.363437] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 497.370690] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 497.377943] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 497.385191] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 497.393733] Memory limit reached of cgroup /syz5 [ 497.398672] memory: usage 204812kB, limit 204800kB, failcnt 434236 [ 497.405709] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 497.412454] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 497.418644] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 497.438434] Out of memory and no killable processes... [ 497.445258] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 497.458176] syz-executor5 cpuset=syz5 mems_allowed=0 [ 497.463284] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 497.470535] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 497.479868] Call Trace: [ 497.482441] dump_stack+0x1c4/0x2b4 [ 497.486054] ? dump_stack_print_info.cold.2+0x52/0x52 [ 497.491272] dump_header+0x27b/0xf72 [ 497.494995] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 497.500773] ? kasan_check_read+0x11/0x20 [ 497.504908] ? pagefault_out_of_memory+0x197/0x197 [ 497.509825] ? rcu_read_unlock+0x33/0x60 [ 497.513872] ? mem_cgroup_iter+0x514/0x1160 [ 497.518182] ? find_held_lock+0x36/0x1c0 [ 497.522240] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 497.526986] ? mark_held_locks+0xc7/0x130 [ 497.531136] ? _raw_spin_unlock_irq+0x27/0x80 [ 497.535645] ? _raw_spin_unlock_irq+0x27/0x80 [ 497.540127] ? lockdep_hardirqs_on+0x421/0x5c0 [ 497.544698] ? trace_hardirqs_on+0xbd/0x310 [ 497.548999] ? kasan_check_read+0x11/0x20 [ 497.553130] ? css_task_iter_end+0x222/0x490 [ 497.557528] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 497.562963] ? kasan_check_write+0x14/0x20 [ 497.567184] ? do_raw_spin_lock+0xc1/0x200 [ 497.571410] ? _raw_spin_unlock_irq+0x60/0x80 [ 497.575888] ? css_task_iter_end+0x2ce/0x490 [ 497.580281] ? cgroup_procs_next+0x70/0x70 [ 497.584500] ? _raw_spin_unlock_irq+0x60/0x80 [ 497.588980] ? oom_badness+0xaa0/0xaa0 [ 497.592851] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 497.597589] ? mem_cgroup_iter_break+0x30/0x30 [ 497.602162] ? mark_held_locks+0xc7/0x130 [ 497.606317] out_of_memory.cold.30+0xf/0x184 [ 497.610727] ? lockdep_hardirqs_on+0x421/0x5c0 [ 497.615502] ? kasan_check_read+0x11/0x20 [ 497.619637] ? oom_killer_disable+0x3a0/0x3a0 [ 497.624116] ? kasan_check_write+0x14/0x20 [ 497.628333] ? do_raw_spin_lock+0xc1/0x200 [ 497.632600] mem_cgroup_out_of_memory+0x15e/0x210 [ 497.637426] ? memcg_memory_event+0x40/0x40 [ 497.641729] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 497.646584] ? page_counter_try_charge+0x1c1/0x220 [ 497.651522] try_charge+0xc43/0x1690 [ 497.655220] ? lock_downgrade+0x900/0x900 [ 497.659356] ? check_preemption_disabled+0x48/0x200 [ 497.664368] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 497.670417] ? find_held_lock+0x36/0x1c0 [ 497.674470] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 497.679299] ? lock_downgrade+0x900/0x900 [ 497.683432] ? check_preemption_disabled+0x48/0x200 [ 497.688440] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 497.694235] ? kasan_check_read+0x11/0x20 [ 497.698370] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 497.703647] ? rcu_bh_qs+0xc0/0xc0 [ 497.707191] ? get_mem_cgroup_from_mm+0x206/0x440 [ 497.712237] memcg_kmem_charge_memcg+0x7c/0x120 [ 497.716933] ? memcg_kmem_put_cache+0xb0/0xb0 [ 497.721431] ? print_usage_bug+0xc0/0xc0 [ 497.725480] memcg_kmem_charge+0x135/0x300 [ 497.729706] __alloc_pages_nodemask+0x72e/0xde0 [ 497.734366] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 497.739368] ? __lock_acquire+0x7ec/0x4ec0 [ 497.743610] ? check_preemption_disabled+0x48/0x200 [ 497.748615] ? graph_lock+0x170/0x170 [ 497.752399] ? find_held_lock+0x36/0x1c0 [ 497.756454] ? __lock_is_held+0xb5/0x140 [ 497.760497] ? lock_downgrade+0x900/0x900 [ 497.764633] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 497.770154] alloc_pages_current+0x10c/0x210 [ 497.774551] ? ___might_sleep+0x1ed/0x300 [ 497.778691] pte_alloc_one+0x1b/0x1a0 [ 497.782479] __pte_alloc+0x2a/0x350 [ 497.786095] copy_page_range+0x18c5/0x26b0 [ 497.790329] ? pmd_alloc+0x180/0x180 [ 497.794031] ? save_stack+0xa9/0xd0 [ 497.797640] ? save_stack+0x43/0xd0 [ 497.801248] ? kasan_slab_alloc+0x12/0x20 [ 497.805405] ? kmem_cache_alloc+0x12e/0x730 [ 497.809710] ? vm_area_dup+0x7a/0x230 [ 497.813492] ? copy_process+0x42a0/0x8780 [ 497.817637] ? _do_fork+0x1cb/0x11d0 [ 497.821331] ? __x64_sys_clone+0xbf/0x150 [ 497.825473] ? do_syscall_64+0x1b9/0x820 [ 497.829524] ? graph_lock+0x170/0x170 [ 497.833331] ? lock_downgrade+0x900/0x900 [ 497.837463] ? graph_lock+0x170/0x170 [ 497.841247] ? kasan_check_read+0x11/0x20 [ 497.845395] ? graph_lock+0x170/0x170 [ 497.849182] ? find_held_lock+0x36/0x1c0 [ 497.853244] ? copy_process+0x454b/0x8780 [ 497.857376] ? lock_downgrade+0x900/0x900 [ 497.861507] ? lock_release+0x970/0x970 [ 497.865472] ? arch_local_save_flags+0x40/0x40 [ 497.870038] ? dup_userfaultfd+0x6d8/0x890 [ 497.874294] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 497.879337] ? vma_compute_subtree_gap+0x160/0x240 [ 497.884263] ? validate_mm_rb+0xaa/0xc0 [ 497.888234] ? __vma_link_rb+0x26c/0x370 [ 497.892296] copy_process+0x4721/0x8780 [ 497.896273] ? __cleanup_sighand+0x70/0x70 [ 497.900493] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 497.906041] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 497.911570] ? page_swapcount+0x1d0/0x1d0 [ 497.915715] ? try_to_wake_up+0x10a/0x12f0 [ 497.919936] ? lock_downgrade+0x900/0x900 [ 497.924079] ? lock_downgrade+0x900/0x900 [ 497.928215] ? trace_hardirqs_off+0xb8/0x310 [ 497.932605] ? kasan_check_read+0x11/0x20 [ 497.936747] ? trace_hardirqs_on+0x310/0x310 [ 497.941153] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 497.946242] ? try_to_wake_up+0x10a/0x12f0 [ 497.950462] ? print_usage_bug+0xc0/0xc0 [ 497.954504] ? migrate_swap_stop+0x930/0x930 [ 497.958908] ? __handle_mm_fault+0x9ab/0x53e0 [ 497.963388] ? graph_lock+0x170/0x170 [ 497.967171] ? print_usage_bug+0xc0/0xc0 [ 497.971241] ? __lock_acquire+0x7ec/0x4ec0 [ 497.975463] ? print_usage_bug+0xc0/0xc0 [ 497.979509] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 497.985030] ? reuse_swap_page+0x4bd/0x1520 [ 497.989339] ? swp_swapcount+0x530/0x530 [ 497.993387] ? __lock_acquire+0x7ec/0x4ec0 [ 497.997607] ? mark_held_locks+0x130/0x130 [ 498.001823] ? rcu_bh_qs+0xc0/0xc0 [ 498.005366] ? __lock_acquire+0x7ec/0x4ec0 [ 498.009603] ? mark_held_locks+0x130/0x130 [ 498.013824] ? graph_lock+0x170/0x170 [ 498.017610] ? mark_held_locks+0x130/0x130 [ 498.021844] ? check_preemption_disabled+0x48/0x200 [ 498.026844] ? check_preemption_disabled+0x48/0x200 [ 498.031864] ? find_held_lock+0x36/0x1c0 [ 498.035961] ? print_usage_bug+0xc0/0xc0 [ 498.040008] ? print_usage_bug+0xc0/0xc0 [ 498.044056] ? do_wp_page+0xa6f/0x1390 [ 498.047929] ? lock_downgrade+0x900/0x900 [ 498.052065] ? wake_up_page_bit+0x6f0/0x6f0 [ 498.056383] ? kasan_check_read+0x11/0x20 [ 498.060523] ? __lock_acquire+0x7ec/0x4ec0 [ 498.064746] ? _raw_spin_unlock+0x2c/0x50 [ 498.068887] ? mark_held_locks+0x130/0x130 [ 498.073106] ? find_held_lock+0x36/0x1c0 [ 498.077178] ? lock_release+0x970/0x970 [ 498.081161] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 498.086686] ? kasan_check_write+0x14/0x20 [ 498.090905] ? do_raw_spin_lock+0xc1/0x200 [ 498.095128] ? __handle_mm_fault+0x9ab/0x53e0 [ 498.099629] ? graph_lock+0x170/0x170 [ 498.103412] ? graph_lock+0x170/0x170 [ 498.107224] ? touch_atime+0x103/0x320 [ 498.111094] ? graph_lock+0x170/0x170 [ 498.114892] ? atime_needs_update+0x710/0x710 [ 498.119396] ? graph_lock+0x170/0x170 [ 498.123190] ? graph_lock+0x170/0x170 [ 498.126978] ? find_held_lock+0x36/0x1c0 [ 498.131054] _do_fork+0x1cb/0x11d0 [ 498.134608] ? fork_idle+0x1d0/0x1d0 [ 498.138306] ? lock_downgrade+0x900/0x900 [ 498.142453] ? kasan_check_read+0x11/0x20 [ 498.146592] ? _copy_to_user+0xc8/0x110 [ 498.150555] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 498.156081] ? put_timespec64+0x10f/0x1b0 [ 498.160211] ? nsecs_to_jiffies+0x30/0x30 [ 498.164344] ? do_syscall_64+0x9a/0x820 [ 498.168297] ? do_syscall_64+0x9a/0x820 [ 498.172256] ? lockdep_hardirqs_on+0x421/0x5c0 [ 498.176823] ? trace_hardirqs_on+0xbd/0x310 [ 498.181128] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 498.186648] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 498.192008] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 498.197453] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 498.202975] __x64_sys_clone+0xbf/0x150 [ 498.206939] do_syscall_64+0x1b9/0x820 [ 498.210812] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 498.216163] ? syscall_return_slowpath+0x5e0/0x5e0 [ 498.221080] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 498.225923] ? trace_hardirqs_on_caller+0x310/0x310 [ 498.230922] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 498.235921] ? prepare_exit_to_usermode+0x291/0x3b0 [ 498.240925] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 498.245756] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 498.250931] RIP: 0033:0x455b4a [ 498.254110] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 498.273020] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 498.280715] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 498.287968] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 498.295219] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 498.302472] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 498.309725] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 498.318167] Memory limit reached of cgroup /syz5 [ 498.323022] memory: usage 204816kB, limit 204800kB, failcnt 434244 [ 498.329422] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 498.336229] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 498.342378] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 498.362128] Out of memory and no killable processes... [ 498.368700] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 498.381593] syz-executor5 cpuset=syz5 mems_allowed=0 [ 498.386810] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 498.394072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 498.403427] Call Trace: [ 498.406025] dump_stack+0x1c4/0x2b4 [ 498.409642] ? dump_stack_print_info.cold.2+0x52/0x52 [ 498.414823] dump_header+0x27b/0xf72 [ 498.418527] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 498.424309] ? kasan_check_read+0x11/0x20 [ 498.428441] ? pagefault_out_of_memory+0x197/0x197 [ 498.433372] ? rcu_read_unlock+0x33/0x60 [ 498.437415] ? mem_cgroup_iter+0x514/0x1160 [ 498.441722] ? find_held_lock+0x36/0x1c0 [ 498.445770] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 498.450530] ? mark_held_locks+0xc7/0x130 [ 498.454663] ? _raw_spin_unlock_irq+0x27/0x80 [ 498.459143] ? _raw_spin_unlock_irq+0x27/0x80 [ 498.463625] ? lockdep_hardirqs_on+0x421/0x5c0 [ 498.468192] ? trace_hardirqs_on+0xbd/0x310 [ 498.472494] ? kasan_check_read+0x11/0x20 [ 498.476626] ? css_task_iter_end+0x222/0x490 [ 498.481038] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 498.486489] ? kasan_check_write+0x14/0x20 [ 498.490713] ? do_raw_spin_lock+0xc1/0x200 [ 498.494935] ? _raw_spin_unlock_irq+0x60/0x80 [ 498.499433] ? css_task_iter_end+0x2ce/0x490 [ 498.503829] ? cgroup_procs_next+0x70/0x70 [ 498.508051] ? _raw_spin_unlock_irq+0x60/0x80 [ 498.512556] ? oom_badness+0xaa0/0xaa0 [ 498.516441] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 498.521191] ? mem_cgroup_iter_break+0x30/0x30 [ 498.525796] ? mark_held_locks+0xc7/0x130 [ 498.529948] out_of_memory.cold.30+0xf/0x184 [ 498.534342] ? lockdep_hardirqs_on+0x421/0x5c0 [ 498.538925] ? kasan_check_read+0x11/0x20 [ 498.543060] ? oom_killer_disable+0x3a0/0x3a0 [ 498.547570] ? kasan_check_write+0x14/0x20 [ 498.551794] ? do_raw_spin_lock+0xc1/0x200 [ 498.556019] mem_cgroup_out_of_memory+0x15e/0x210 [ 498.560860] ? memcg_memory_event+0x40/0x40 [ 498.565165] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 498.569996] ? page_counter_try_charge+0x1c1/0x220 [ 498.574929] try_charge+0xc43/0x1690 [ 498.578645] ? lock_downgrade+0x900/0x900 [ 498.582782] ? check_preemption_disabled+0x48/0x200 [ 498.587787] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 498.593831] ? find_held_lock+0x36/0x1c0 [ 498.597881] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 498.602710] ? lock_downgrade+0x900/0x900 [ 498.606844] ? check_preemption_disabled+0x48/0x200 [ 498.611866] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 498.617649] ? kasan_check_read+0x11/0x20 [ 498.621780] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 498.627056] ? rcu_bh_qs+0xc0/0xc0 [ 498.630616] ? get_mem_cgroup_from_mm+0x206/0x440 [ 498.635451] memcg_kmem_charge_memcg+0x7c/0x120 [ 498.640109] ? memcg_kmem_put_cache+0xb0/0xb0 [ 498.644624] ? print_usage_bug+0xc0/0xc0 [ 498.648679] memcg_kmem_charge+0x135/0x300 [ 498.652899] __alloc_pages_nodemask+0x72e/0xde0 [ 498.657558] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 498.662591] ? __lock_acquire+0x7ec/0x4ec0 [ 498.666811] ? check_preemption_disabled+0x48/0x200 [ 498.671831] ? graph_lock+0x170/0x170 [ 498.675615] ? find_held_lock+0x36/0x1c0 [ 498.679667] ? __lock_is_held+0xb5/0x140 [ 498.683713] ? lock_downgrade+0x900/0x900 [ 498.687848] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 498.693370] alloc_pages_current+0x10c/0x210 [ 498.697769] ? ___might_sleep+0x1ed/0x300 [ 498.701910] pte_alloc_one+0x1b/0x1a0 [ 498.705700] __pte_alloc+0x2a/0x350 [ 498.709335] copy_page_range+0x18c5/0x26b0 [ 498.713572] ? pmd_alloc+0x180/0x180 [ 498.717292] ? save_stack+0xa9/0xd0 [ 498.720919] ? save_stack+0x43/0xd0 [ 498.724533] ? kasan_slab_alloc+0x12/0x20 [ 498.728670] ? kmem_cache_alloc+0x12e/0x730 [ 498.732978] ? vm_area_dup+0x7a/0x230 [ 498.736765] ? copy_process+0x42a0/0x8780 [ 498.740896] ? _do_fork+0x1cb/0x11d0 [ 498.744593] ? __x64_sys_clone+0xbf/0x150 [ 498.748725] ? do_syscall_64+0x1b9/0x820 [ 498.752776] ? graph_lock+0x170/0x170 [ 498.756571] ? lock_downgrade+0x900/0x900 [ 498.760709] ? graph_lock+0x170/0x170 [ 498.764494] ? graph_lock+0x170/0x170 [ 498.768290] ? find_held_lock+0x36/0x1c0 [ 498.772340] ? copy_process+0x454b/0x8780 [ 498.776489] ? lock_downgrade+0x900/0x900 [ 498.780635] ? lock_release+0x970/0x970 [ 498.784594] ? arch_local_save_flags+0x40/0x40 [ 498.789163] ? dup_userfaultfd+0x6d8/0x890 [ 498.793392] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 498.798407] ? vma_compute_subtree_gap+0x160/0x240 [ 498.803326] ? validate_mm_rb+0xaa/0xc0 [ 498.807301] ? __vma_link_rb+0x26c/0x370 [ 498.811362] copy_process+0x4721/0x8780 [ 498.815346] ? __cleanup_sighand+0x70/0x70 [ 498.819602] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 498.825151] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 498.830683] ? page_swapcount+0x1d0/0x1d0 [ 498.834821] ? try_to_wake_up+0x10a/0x12f0 [ 498.839063] ? lock_downgrade+0x900/0x900 [ 498.843227] ? lock_downgrade+0x900/0x900 [ 498.847385] ? trace_hardirqs_off+0xb8/0x310 [ 498.851783] ? kasan_check_read+0x11/0x20 [ 498.855926] ? trace_hardirqs_on+0x310/0x310 [ 498.860335] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 498.865445] ? try_to_wake_up+0x10a/0x12f0 [ 498.869692] ? print_usage_bug+0xc0/0xc0 [ 498.873764] ? migrate_swap_stop+0x930/0x930 [ 498.878164] ? __handle_mm_fault+0x9ab/0x53e0 [ 498.882686] ? graph_lock+0x170/0x170 [ 498.886473] ? print_usage_bug+0xc0/0xc0 [ 498.890525] ? __lock_acquire+0x7ec/0x4ec0 [ 498.894752] ? print_usage_bug+0xc0/0xc0 [ 498.898803] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 498.904327] ? reuse_swap_page+0x4bd/0x1520 [ 498.908640] ? swp_swapcount+0x530/0x530 [ 498.912693] ? __lock_acquire+0x7ec/0x4ec0 [ 498.916918] ? mark_held_locks+0x130/0x130 [ 498.921150] ? rcu_bh_qs+0xc0/0xc0 [ 498.924687] ? __lock_acquire+0x7ec/0x4ec0 [ 498.928910] ? mark_held_locks+0x130/0x130 [ 498.933146] ? graph_lock+0x170/0x170 [ 498.936937] ? mark_held_locks+0x130/0x130 [ 498.941168] ? check_preemption_disabled+0x48/0x200 [ 498.946199] ? check_preemption_disabled+0x48/0x200 [ 498.951223] ? find_held_lock+0x36/0x1c0 [ 498.955276] ? print_usage_bug+0xc0/0xc0 [ 498.959350] ? print_usage_bug+0xc0/0xc0 [ 498.963414] ? do_wp_page+0xa6f/0x1390 [ 498.967303] ? lock_downgrade+0x900/0x900 [ 498.971440] ? wake_up_page_bit+0x6f0/0x6f0 [ 498.975761] ? kasan_check_read+0x11/0x20 [ 498.979901] ? __lock_acquire+0x7ec/0x4ec0 [ 498.984122] ? _raw_spin_unlock+0x2c/0x50 [ 498.988264] ? mark_held_locks+0x130/0x130 [ 498.992499] ? find_held_lock+0x36/0x1c0 [ 498.996551] ? lock_release+0x970/0x970 [ 499.000524] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 499.006084] ? kasan_check_write+0x14/0x20 [ 499.010328] ? do_raw_spin_lock+0xc1/0x200 [ 499.014577] ? __handle_mm_fault+0x9ab/0x53e0 [ 499.019065] ? graph_lock+0x170/0x170 [ 499.022850] ? graph_lock+0x170/0x170 [ 499.026633] ? touch_atime+0x103/0x320 [ 499.030505] ? graph_lock+0x170/0x170 [ 499.034290] ? atime_needs_update+0x710/0x710 [ 499.038784] ? graph_lock+0x170/0x170 [ 499.042587] ? graph_lock+0x170/0x170 [ 499.046380] ? find_held_lock+0x36/0x1c0 [ 499.050539] _do_fork+0x1cb/0x11d0 [ 499.054089] ? fork_idle+0x1d0/0x1d0 [ 499.057786] ? lock_downgrade+0x900/0x900 [ 499.061934] ? kasan_check_read+0x11/0x20 [ 499.066069] ? _copy_to_user+0xc8/0x110 [ 499.070043] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 499.075567] ? put_timespec64+0x10f/0x1b0 [ 499.079720] ? nsecs_to_jiffies+0x30/0x30 [ 499.083855] ? do_syscall_64+0x9a/0x820 [ 499.087830] ? do_syscall_64+0x9a/0x820 [ 499.091792] ? lockdep_hardirqs_on+0x421/0x5c0 [ 499.096359] ? trace_hardirqs_on+0xbd/0x310 [ 499.100665] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 499.106189] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 499.111540] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 499.117008] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 499.122538] __x64_sys_clone+0xbf/0x150 [ 499.126515] do_syscall_64+0x1b9/0x820 [ 499.130394] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 499.135750] ? syscall_return_slowpath+0x5e0/0x5e0 [ 499.140673] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 499.145513] ? trace_hardirqs_on_caller+0x310/0x310 [ 499.150529] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 499.155540] ? prepare_exit_to_usermode+0x291/0x3b0 [ 499.160560] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 499.165407] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 499.170589] RIP: 0033:0x455b4a [ 499.173770] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 499.192664] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 499.200366] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 499.207623] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 499.214880] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 499.222141] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 499.229413] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 499.238687] Memory limit reached of cgroup /syz5 [ 499.243495] memory: usage 204764kB, limit 204800kB, failcnt 434252 [ 499.249981] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 499.256780] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 499.262910] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 499.282706] Out of memory and no killable processes... [ 499.290705] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 499.303759] syz-executor5 cpuset=syz5 mems_allowed=0 [ 499.309001] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 499.316272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 499.325634] Call Trace: [ 499.328221] dump_stack+0x1c4/0x2b4 [ 499.331844] ? dump_stack_print_info.cold.2+0x52/0x52 [ 499.337028] dump_header+0x27b/0xf72 [ 499.340767] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 499.346571] ? kasan_check_read+0x11/0x20 [ 499.350715] ? pagefault_out_of_memory+0x197/0x197 [ 499.355641] ? rcu_read_unlock+0x33/0x60 [ 499.359691] ? mem_cgroup_iter+0x514/0x1160 [ 499.364009] ? find_held_lock+0x36/0x1c0 [ 499.368065] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 499.372807] ? mark_held_locks+0xc7/0x130 [ 499.376940] ? _raw_spin_unlock_irq+0x27/0x80 [ 499.381422] ? _raw_spin_unlock_irq+0x27/0x80 [ 499.385908] ? lockdep_hardirqs_on+0x421/0x5c0 [ 499.390477] ? trace_hardirqs_on+0xbd/0x310 [ 499.394785] ? kasan_check_read+0x11/0x20 [ 499.398922] ? css_task_iter_end+0x222/0x490 [ 499.403320] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 499.408765] ? kasan_check_write+0x14/0x20 [ 499.412997] ? do_raw_spin_lock+0xc1/0x200 [ 499.417218] ? _raw_spin_unlock_irq+0x60/0x80 [ 499.421727] ? css_task_iter_end+0x2ce/0x490 [ 499.426141] ? cgroup_procs_next+0x70/0x70 [ 499.430370] ? _raw_spin_unlock_irq+0x60/0x80 [ 499.434879] ? oom_badness+0xaa0/0xaa0 [ 499.438771] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 499.443514] ? mem_cgroup_iter_break+0x30/0x30 [ 499.448095] ? mark_held_locks+0xc7/0x130 [ 499.452232] out_of_memory.cold.30+0xf/0x184 [ 499.456630] ? lockdep_hardirqs_on+0x421/0x5c0 [ 499.461206] ? kasan_check_read+0x11/0x20 [ 499.465342] ? oom_killer_disable+0x3a0/0x3a0 [ 499.469822] ? kasan_check_write+0x14/0x20 [ 499.474054] ? do_raw_spin_lock+0xc1/0x200 [ 499.478298] mem_cgroup_out_of_memory+0x15e/0x210 [ 499.483142] ? memcg_memory_event+0x40/0x40 [ 499.487461] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 499.492298] ? page_counter_try_charge+0x1c1/0x220 [ 499.497217] try_charge+0xc43/0x1690 [ 499.500937] ? lock_downgrade+0x900/0x900 [ 499.505097] ? check_preemption_disabled+0x48/0x200 [ 499.510112] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 499.516164] ? find_held_lock+0x36/0x1c0 [ 499.520227] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 499.525061] ? lock_downgrade+0x900/0x900 [ 499.529201] ? check_preemption_disabled+0x48/0x200 [ 499.534212] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 499.540000] ? kasan_check_read+0x11/0x20 [ 499.544135] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 499.549398] ? rcu_bh_qs+0xc0/0xc0 [ 499.552952] ? get_mem_cgroup_from_mm+0x206/0x440 [ 499.557787] memcg_kmem_charge_memcg+0x7c/0x120 [ 499.562475] ? memcg_kmem_put_cache+0xb0/0xb0 [ 499.566961] ? print_usage_bug+0xc0/0xc0 [ 499.571012] memcg_kmem_charge+0x135/0x300 [ 499.575236] __alloc_pages_nodemask+0x72e/0xde0 [ 499.579893] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 499.584899] ? __lock_acquire+0x7ec/0x4ec0 [ 499.589120] ? check_preemption_disabled+0x48/0x200 [ 499.594136] ? graph_lock+0x170/0x170 [ 499.597930] ? find_held_lock+0x36/0x1c0 [ 499.601984] ? __lock_is_held+0xb5/0x140 [ 499.606438] ? lock_downgrade+0x900/0x900 [ 499.610583] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 499.616114] alloc_pages_current+0x10c/0x210 [ 499.620505] ? ___might_sleep+0x1ed/0x300 [ 499.624638] pte_alloc_one+0x1b/0x1a0 [ 499.628435] __pte_alloc+0x2a/0x350 [ 499.632047] copy_page_range+0x18c5/0x26b0 [ 499.636308] ? pmd_alloc+0x180/0x180 [ 499.640008] ? save_stack+0xa9/0xd0 [ 499.643616] ? save_stack+0x43/0xd0 [ 499.647229] ? kasan_slab_alloc+0x12/0x20 [ 499.651362] ? kmem_cache_alloc+0x12e/0x730 [ 499.655669] ? vm_area_dup+0x7a/0x230 [ 499.659455] ? copy_process+0x42a0/0x8780 [ 499.663587] ? _do_fork+0x1cb/0x11d0 [ 499.667287] ? __x64_sys_clone+0xbf/0x150 [ 499.671420] ? do_syscall_64+0x1b9/0x820 [ 499.675472] ? graph_lock+0x170/0x170 [ 499.679268] ? lock_downgrade+0x900/0x900 [ 499.683399] ? graph_lock+0x170/0x170 [ 499.687197] ? graph_lock+0x170/0x170 [ 499.690984] ? find_held_lock+0x36/0x1c0 [ 499.695047] ? copy_process+0x454b/0x8780 [ 499.699183] ? lock_downgrade+0x900/0x900 [ 499.703316] ? lock_release+0x970/0x970 [ 499.707281] ? arch_local_save_flags+0x40/0x40 [ 499.711848] ? dup_userfaultfd+0x6d8/0x890 [ 499.716366] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 499.721389] ? vma_compute_subtree_gap+0x160/0x240 [ 499.726330] ? validate_mm_rb+0xaa/0xc0 [ 499.730310] ? __vma_link_rb+0x26c/0x370 [ 499.734406] copy_process+0x4721/0x8780 [ 499.738437] ? __cleanup_sighand+0x70/0x70 [ 499.742659] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 499.748182] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 499.753722] ? page_swapcount+0x1d0/0x1d0 [ 499.757855] ? try_to_wake_up+0x10a/0x12f0 [ 499.762107] ? lock_downgrade+0x900/0x900 [ 499.766257] ? lock_downgrade+0x900/0x900 [ 499.770391] ? trace_hardirqs_off+0xb8/0x310 [ 499.774790] ? kasan_check_read+0x11/0x20 [ 499.778942] ? trace_hardirqs_on+0x310/0x310 [ 499.783351] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 499.788439] ? try_to_wake_up+0x10a/0x12f0 [ 499.792685] ? print_usage_bug+0xc0/0xc0 [ 499.796735] ? migrate_swap_stop+0x930/0x930 [ 499.801132] ? __handle_mm_fault+0x9ab/0x53e0 [ 499.805626] ? graph_lock+0x170/0x170 [ 499.809408] ? print_usage_bug+0xc0/0xc0 [ 499.813460] ? __lock_acquire+0x7ec/0x4ec0 [ 499.817686] ? print_usage_bug+0xc0/0xc0 [ 499.821736] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 499.827258] ? reuse_swap_page+0x4bd/0x1520 [ 499.831582] ? swp_swapcount+0x530/0x530 [ 499.835670] ? __lock_acquire+0x7ec/0x4ec0 [ 499.839887] ? mark_held_locks+0x130/0x130 [ 499.844106] ? rcu_bh_qs+0xc0/0xc0 [ 499.847637] ? __lock_acquire+0x7ec/0x4ec0 [ 499.851859] ? mark_held_locks+0x130/0x130 [ 499.856083] ? graph_lock+0x170/0x170 [ 499.859866] ? mark_held_locks+0x130/0x130 [ 499.864098] ? check_preemption_disabled+0x48/0x200 [ 499.869104] ? check_preemption_disabled+0x48/0x200 [ 499.874110] ? find_held_lock+0x36/0x1c0 [ 499.878177] ? print_usage_bug+0xc0/0xc0 [ 499.882253] ? print_usage_bug+0xc0/0xc0 [ 499.886304] ? do_wp_page+0xa6f/0x1390 [ 499.890195] ? lock_downgrade+0x900/0x900 [ 499.894330] ? wake_up_page_bit+0x6f0/0x6f0 [ 499.898640] ? kasan_check_read+0x11/0x20 [ 499.902786] ? __lock_acquire+0x7ec/0x4ec0 [ 499.907006] ? _raw_spin_unlock+0x2c/0x50 [ 499.911159] ? mark_held_locks+0x130/0x130 [ 499.915381] ? find_held_lock+0x36/0x1c0 [ 499.919425] ? lock_release+0x970/0x970 [ 499.923395] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 499.928918] ? kasan_check_write+0x14/0x20 [ 499.933159] ? do_raw_spin_lock+0xc1/0x200 [ 499.937384] ? __handle_mm_fault+0x9ab/0x53e0 [ 499.941865] ? graph_lock+0x170/0x170 [ 499.945649] ? graph_lock+0x170/0x170 [ 499.949430] ? touch_atime+0x103/0x320 [ 499.953301] ? graph_lock+0x170/0x170 [ 499.957086] ? atime_needs_update+0x710/0x710 [ 499.961568] ? graph_lock+0x170/0x170 [ 499.965353] ? graph_lock+0x170/0x170 [ 499.969162] ? find_held_lock+0x36/0x1c0 [ 499.973211] _do_fork+0x1cb/0x11d0 [ 499.976740] ? fork_idle+0x1d0/0x1d0 [ 499.980436] ? lock_downgrade+0x900/0x900 [ 499.984589] ? kasan_check_read+0x11/0x20 [ 499.988726] ? _copy_to_user+0xc8/0x110 [ 499.992690] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 499.998213] ? put_timespec64+0x10f/0x1b0 [ 500.002364] ? nsecs_to_jiffies+0x30/0x30 [ 500.006499] ? do_syscall_64+0x9a/0x820 [ 500.010456] ? do_syscall_64+0x9a/0x820 [ 500.014412] ? lockdep_hardirqs_on+0x421/0x5c0 [ 500.018983] ? trace_hardirqs_on+0xbd/0x310 [ 500.023310] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 500.028834] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 500.034184] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 500.039645] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 500.045172] __x64_sys_clone+0xbf/0x150 [ 500.049154] do_syscall_64+0x1b9/0x820 [ 500.053029] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 500.058377] ? syscall_return_slowpath+0x5e0/0x5e0 [ 500.063290] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 500.068229] ? trace_hardirqs_on_caller+0x310/0x310 [ 500.073235] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 500.078240] ? prepare_exit_to_usermode+0x291/0x3b0 [ 500.083263] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 500.088096] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 500.093267] RIP: 0033:0x455b4a [ 500.096447] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 500.115334] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 500.123027] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 500.130297] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 500.137554] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 500.144814] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 500.152068] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 500.159793] Memory limit reached of cgroup /syz5 [ 500.164722] memory: usage 204800kB, limit 204800kB, failcnt 434268 [ 500.171285] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 500.178346] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 500.184497] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 500.204258] Out of memory and no killable processes... [ 500.210832] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 500.223801] syz-executor5 cpuset=syz5 mems_allowed=0 [ 500.229011] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 500.236269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 500.245614] Call Trace: [ 500.248205] dump_stack+0x1c4/0x2b4 [ 500.251818] ? dump_stack_print_info.cold.2+0x52/0x52 [ 500.256996] dump_header+0x27b/0xf72 [ 500.260698] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 500.266477] ? kasan_check_read+0x11/0x20 [ 500.270609] ? pagefault_out_of_memory+0x197/0x197 [ 500.275549] ? rcu_read_unlock+0x33/0x60 [ 500.279604] ? mem_cgroup_iter+0x514/0x1160 [ 500.283909] ? find_held_lock+0x36/0x1c0 [ 500.287957] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 500.292697] ? mark_held_locks+0xc7/0x130 [ 500.296851] ? _raw_spin_unlock_irq+0x27/0x80 [ 500.301342] ? _raw_spin_unlock_irq+0x27/0x80 [ 500.305834] ? lockdep_hardirqs_on+0x421/0x5c0 [ 500.310406] ? trace_hardirqs_on+0xbd/0x310 [ 500.314706] ? kasan_check_read+0x11/0x20 [ 500.318836] ? css_task_iter_end+0x222/0x490 [ 500.323228] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 500.328674] ? kasan_check_write+0x14/0x20 [ 500.332894] ? do_raw_spin_lock+0xc1/0x200 [ 500.337141] ? _raw_spin_unlock_irq+0x60/0x80 [ 500.341637] ? css_task_iter_end+0x2ce/0x490 [ 500.346057] ? cgroup_procs_next+0x70/0x70 [ 500.350278] ? _raw_spin_unlock_irq+0x60/0x80 [ 500.354757] ? oom_badness+0xaa0/0xaa0 [ 500.358633] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 500.363372] ? mem_cgroup_iter_break+0x30/0x30 [ 500.367961] ? mark_held_locks+0xc7/0x130 [ 500.372101] out_of_memory.cold.30+0xf/0x184 [ 500.376492] ? lockdep_hardirqs_on+0x421/0x5c0 [ 500.381075] ? kasan_check_read+0x11/0x20 [ 500.385212] ? oom_killer_disable+0x3a0/0x3a0 [ 500.389708] ? kasan_check_write+0x14/0x20 [ 500.393930] ? do_raw_spin_lock+0xc1/0x200 [ 500.398156] mem_cgroup_out_of_memory+0x15e/0x210 [ 500.402978] ? memcg_memory_event+0x40/0x40 [ 500.407280] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 500.412131] ? page_counter_try_charge+0x1c1/0x220 [ 500.417044] try_charge+0xc43/0x1690 [ 500.420744] ? lock_downgrade+0x900/0x900 [ 500.424884] ? check_preemption_disabled+0x48/0x200 [ 500.429896] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 500.435949] ? find_held_lock+0x36/0x1c0 [ 500.440009] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 500.444842] ? lock_downgrade+0x900/0x900 [ 500.448978] ? check_preemption_disabled+0x48/0x200 [ 500.453981] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 500.459763] ? kasan_check_read+0x11/0x20 [ 500.463896] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 500.469167] ? rcu_bh_qs+0xc0/0xc0 [ 500.472705] ? get_mem_cgroup_from_mm+0x206/0x440 [ 500.477539] memcg_kmem_charge_memcg+0x7c/0x120 [ 500.482219] ? memcg_kmem_put_cache+0xb0/0xb0 [ 500.486700] ? save_stack+0x43/0xd0 [ 500.490312] ? kasan_slab_alloc+0x12/0x20 [ 500.494452] memcg_kmem_charge+0x135/0x300 [ 500.498694] __alloc_pages_nodemask+0x72e/0xde0 [ 500.503350] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 500.508373] ? find_held_lock+0x36/0x1c0 [ 500.512417] ? print_usage_bug+0xc0/0xc0 [ 500.516488] ? find_held_lock+0x36/0x1c0 [ 500.520533] ? __lock_acquire+0x7ec/0x4ec0 [ 500.524755] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 500.530277] alloc_pages_current+0x10c/0x210 [ 500.534673] get_zeroed_page+0x14/0x50 [ 500.538552] __pud_alloc+0x3b/0x240 [ 500.542171] pud_alloc+0xe1/0x150 [ 500.545611] copy_page_range+0x439/0x26b0 [ 500.549756] ? rb_insert_color_cached+0x14b0/0x14b0 [ 500.554758] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 500.559760] ? vma_compute_subtree_gap+0x160/0x240 [ 500.564678] ? __rb_insert_augmented+0x3b2/0x1890 [ 500.569542] ? pmd_alloc+0x180/0x180 [ 500.573239] ? graph_lock+0x170/0x170 [ 500.577021] ? kasan_slab_alloc+0x12/0x20 [ 500.581177] ? kmem_cache_alloc+0x12e/0x730 [ 500.585505] ? graph_lock+0x170/0x170 [ 500.589291] ? __x64_sys_clone+0xbf/0x150 [ 500.593421] ? do_syscall_64+0x1b9/0x820 [ 500.597468] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 500.602823] ? find_held_lock+0x36/0x1c0 [ 500.606872] ? anon_vma_fork+0x5ef/0x820 [ 500.610934] ? lock_downgrade+0x900/0x900 [ 500.615106] ? lock_release+0x970/0x970 [ 500.619064] ? arch_local_save_flags+0x40/0x40 [ 500.623639] ? __lock_is_held+0xb5/0x140 [ 500.627691] ? up_write+0x7b/0x220 [ 500.631214] ? up_read+0x110/0x110 [ 500.634739] ? anon_vma_interval_tree_insert+0x2c9/0x370 [ 500.640199] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 500.645199] ? vma_compute_subtree_gap+0x160/0x240 [ 500.650113] ? validate_mm_rb+0xaa/0xc0 [ 500.654073] ? __vma_link_rb+0x26c/0x370 [ 500.658126] copy_process+0x4721/0x8780 [ 500.662103] ? __cleanup_sighand+0x70/0x70 [ 500.666323] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 500.671845] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 500.677373] ? page_swapcount+0x1d0/0x1d0 [ 500.681502] ? try_to_wake_up+0x10a/0x12f0 [ 500.685733] ? lock_downgrade+0x900/0x900 [ 500.689863] ? lock_downgrade+0x900/0x900 [ 500.694022] ? trace_hardirqs_off+0xb8/0x310 [ 500.698411] ? kasan_check_read+0x11/0x20 [ 500.702544] ? trace_hardirqs_on+0x310/0x310 [ 500.706955] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 500.712046] ? try_to_wake_up+0x10a/0x12f0 [ 500.716281] ? print_usage_bug+0xc0/0xc0 [ 500.720325] ? migrate_swap_stop+0x930/0x930 [ 500.724720] ? __handle_mm_fault+0x9ab/0x53e0 [ 500.729206] ? graph_lock+0x170/0x170 [ 500.732991] ? print_usage_bug+0xc0/0xc0 [ 500.737061] ? __lock_acquire+0x7ec/0x4ec0 [ 500.741288] ? print_usage_bug+0xc0/0xc0 [ 500.745340] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 500.750863] ? reuse_swap_page+0x4bd/0x1520 [ 500.755172] ? swp_swapcount+0x530/0x530 [ 500.759234] ? __lock_acquire+0x7ec/0x4ec0 [ 500.763469] ? mark_held_locks+0x130/0x130 [ 500.767691] ? rcu_bh_qs+0xc0/0xc0 [ 500.771221] ? __lock_acquire+0x7ec/0x4ec0 [ 500.775442] ? mark_held_locks+0x130/0x130 [ 500.779663] ? graph_lock+0x170/0x170 [ 500.783449] ? mark_held_locks+0x130/0x130 [ 500.787671] ? check_preemption_disabled+0x48/0x200 [ 500.792670] ? check_preemption_disabled+0x48/0x200 [ 500.797680] ? find_held_lock+0x36/0x1c0 [ 500.801729] ? print_usage_bug+0xc0/0xc0 [ 500.805786] ? print_usage_bug+0xc0/0xc0 [ 500.809855] ? do_wp_page+0xa6f/0x1390 [ 500.813728] ? lock_downgrade+0x900/0x900 [ 500.817860] ? wake_up_page_bit+0x6f0/0x6f0 [ 500.822168] ? kasan_check_read+0x11/0x20 [ 500.826306] ? __lock_acquire+0x7ec/0x4ec0 [ 500.830529] ? _raw_spin_unlock+0x2c/0x50 [ 500.834665] ? mark_held_locks+0x130/0x130 [ 500.838879] ? find_held_lock+0x36/0x1c0 [ 500.842925] ? lock_release+0x970/0x970 [ 500.846886] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 500.852406] ? kasan_check_write+0x14/0x20 [ 500.856625] ? do_raw_spin_lock+0xc1/0x200 [ 500.860861] ? __handle_mm_fault+0x9ab/0x53e0 [ 500.865348] ? graph_lock+0x170/0x170 [ 500.869132] ? graph_lock+0x170/0x170 [ 500.872916] ? touch_atime+0x103/0x320 [ 500.876793] ? graph_lock+0x170/0x170 [ 500.880578] ? atime_needs_update+0x710/0x710 [ 500.885057] ? graph_lock+0x170/0x170 [ 500.888838] ? graph_lock+0x170/0x170 [ 500.892646] ? find_held_lock+0x36/0x1c0 [ 500.896707] _do_fork+0x1cb/0x11d0 [ 500.900244] ? fork_idle+0x1d0/0x1d0 [ 500.903948] ? lock_downgrade+0x900/0x900 [ 500.908092] ? kasan_check_read+0x11/0x20 [ 500.912223] ? _copy_to_user+0xc8/0x110 [ 500.916187] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 500.921712] ? put_timespec64+0x10f/0x1b0 [ 500.925844] ? nsecs_to_jiffies+0x30/0x30 [ 500.929979] ? do_syscall_64+0x9a/0x820 [ 500.933949] ? do_syscall_64+0x9a/0x820 [ 500.937914] ? lockdep_hardirqs_on+0x421/0x5c0 [ 500.942482] ? trace_hardirqs_on+0xbd/0x310 [ 500.946788] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 500.952309] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 500.957661] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 500.963097] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 500.968621] __x64_sys_clone+0xbf/0x150 [ 500.972585] do_syscall_64+0x1b9/0x820 [ 500.976454] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 500.981800] ? syscall_return_slowpath+0x5e0/0x5e0 [ 500.986710] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 500.991538] ? trace_hardirqs_on_caller+0x310/0x310 [ 500.996537] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 501.001578] ? prepare_exit_to_usermode+0x291/0x3b0 [ 501.006593] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 501.011440] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 501.016615] RIP: 0033:0x455b4a [ 501.019797] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 501.038700] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 501.046393] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 501.053662] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 501.060915] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 501.068183] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 501.075435] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 501.083745] Memory limit reached of cgroup /syz5 [ 501.088678] memory: usage 204804kB, limit 204800kB, failcnt 434276 [ 501.095067] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 501.101825] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 501.108046] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 501.129394] Out of memory and no killable processes... [ 501.136623] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 501.149588] syz-executor5 cpuset=syz5 mems_allowed=0 [ 501.154704] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 501.161973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 501.171312] Call Trace: [ 501.173891] dump_stack+0x1c4/0x2b4 [ 501.177508] ? dump_stack_print_info.cold.2+0x52/0x52 [ 501.182706] dump_header+0x27b/0xf72 [ 501.186421] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 501.192201] ? kasan_check_read+0x11/0x20 [ 501.196336] ? pagefault_out_of_memory+0x197/0x197 [ 501.201259] ? rcu_read_unlock+0x33/0x60 [ 501.205481] ? mem_cgroup_iter+0x514/0x1160 [ 501.209790] ? find_held_lock+0x36/0x1c0 [ 501.213842] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 501.218588] ? mark_held_locks+0xc7/0x130 [ 501.222724] ? _raw_spin_unlock_irq+0x27/0x80 [ 501.227205] ? _raw_spin_unlock_irq+0x27/0x80 [ 501.231692] ? lockdep_hardirqs_on+0x421/0x5c0 [ 501.236275] ? trace_hardirqs_on+0xbd/0x310 [ 501.240603] ? kasan_check_read+0x11/0x20 [ 501.244767] ? css_task_iter_end+0x222/0x490 [ 501.249191] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 501.254625] ? kasan_check_write+0x14/0x20 [ 501.258844] ? do_raw_spin_lock+0xc1/0x200 [ 501.263070] ? _raw_spin_unlock_irq+0x60/0x80 [ 501.267555] ? css_task_iter_end+0x2ce/0x490 [ 501.271974] ? cgroup_procs_next+0x70/0x70 [ 501.276197] ? _raw_spin_unlock_irq+0x60/0x80 [ 501.280679] ? oom_badness+0xaa0/0xaa0 [ 501.284580] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 501.289326] ? mem_cgroup_iter_break+0x30/0x30 [ 501.293903] ? mark_held_locks+0xc7/0x130 [ 501.298051] out_of_memory.cold.30+0xf/0x184 [ 501.302446] ? lockdep_hardirqs_on+0x421/0x5c0 [ 501.307015] ? kasan_check_read+0x11/0x20 [ 501.311151] ? oom_killer_disable+0x3a0/0x3a0 [ 501.315633] ? kasan_check_write+0x14/0x20 [ 501.319863] ? do_raw_spin_lock+0xc1/0x200 [ 501.324086] mem_cgroup_out_of_memory+0x15e/0x210 [ 501.328917] ? memcg_memory_event+0x40/0x40 [ 501.333222] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 501.338073] ? page_counter_try_charge+0x1c1/0x220 [ 501.342993] try_charge+0xc43/0x1690 [ 501.346693] ? lock_downgrade+0x900/0x900 [ 501.350826] ? check_preemption_disabled+0x48/0x200 [ 501.355851] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 501.361896] ? find_held_lock+0x36/0x1c0 [ 501.365958] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 501.370783] ? lock_downgrade+0x900/0x900 [ 501.374916] ? check_preemption_disabled+0x48/0x200 [ 501.379919] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 501.385713] ? kasan_check_read+0x11/0x20 [ 501.389853] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 501.395116] ? rcu_bh_qs+0xc0/0xc0 [ 501.398646] ? get_mem_cgroup_from_mm+0x206/0x440 [ 501.403474] memcg_kmem_charge_memcg+0x7c/0x120 [ 501.408127] ? memcg_kmem_put_cache+0xb0/0xb0 [ 501.412613] ? __lock_is_held+0xb5/0x140 [ 501.416684] memcg_kmem_charge+0x135/0x300 [ 501.420908] __alloc_pages_nodemask+0x72e/0xde0 [ 501.425574] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 501.430588] ? lock_downgrade+0x900/0x900 [ 501.434723] ? kasan_check_read+0x11/0x20 [ 501.438862] ? do_raw_spin_unlock+0xa7/0x2f0 [ 501.443257] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 501.447826] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 501.453347] alloc_pages_current+0x10c/0x210 [ 501.457743] __pmd_alloc+0x3e/0x450 [ 501.461367] ? __pmd+0x60/0x60 [ 501.464547] pmd_alloc+0x10f/0x180 [ 501.468100] copy_page_range+0x6cf/0x26b0 [ 501.472237] ? rb_insert_color_cached+0x14b0/0x14b0 [ 501.477278] ? vma_compute_subtree_gap+0x160/0x240 [ 501.482204] ? pmd_alloc+0x180/0x180 [ 501.485948] ? graph_lock+0x170/0x170 [ 501.489732] ? kasan_slab_alloc+0x12/0x20 [ 501.493868] ? kmem_cache_alloc+0x12e/0x730 [ 501.498191] ? graph_lock+0x170/0x170 [ 501.501997] ? __x64_sys_clone+0xbf/0x150 [ 501.506135] ? do_syscall_64+0x1b9/0x820 [ 501.510207] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 501.515571] ? find_held_lock+0x36/0x1c0 [ 501.519655] ? anon_vma_fork+0x5ef/0x820 [ 501.523705] ? lock_downgrade+0x900/0x900 [ 501.527839] ? lock_release+0x970/0x970 [ 501.531795] ? arch_local_save_flags+0x40/0x40 [ 501.536366] ? __lock_is_held+0xb5/0x140 [ 501.540439] ? up_write+0x7b/0x220 [ 501.543974] ? up_read+0x110/0x110 [ 501.547501] ? anon_vma_interval_tree_insert+0x2c9/0x370 [ 501.552947] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 501.557951] ? vma_compute_subtree_gap+0x160/0x240 [ 501.562884] ? validate_mm_rb+0xaa/0xc0 [ 501.566847] ? __vma_link_rb+0x26c/0x370 [ 501.570893] copy_process+0x4721/0x8780 [ 501.574888] ? __cleanup_sighand+0x70/0x70 [ 501.579116] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 501.584639] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 501.590163] ? page_swapcount+0x1d0/0x1d0 [ 501.594293] ? try_to_wake_up+0x10a/0x12f0 [ 501.598511] ? lock_downgrade+0x900/0x900 [ 501.602644] ? lock_downgrade+0x900/0x900 [ 501.606953] ? trace_hardirqs_off+0xb8/0x310 [ 501.611342] ? kasan_check_read+0x11/0x20 [ 501.615495] ? trace_hardirqs_on+0x310/0x310 [ 501.619895] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 501.625004] ? try_to_wake_up+0x10a/0x12f0 [ 501.629226] ? print_usage_bug+0xc0/0xc0 [ 501.633271] ? migrate_swap_stop+0x930/0x930 [ 501.637668] ? __handle_mm_fault+0x9ab/0x53e0 [ 501.642150] ? graph_lock+0x170/0x170 [ 501.645935] ? print_usage_bug+0xc0/0xc0 [ 501.649987] ? __lock_acquire+0x7ec/0x4ec0 [ 501.654233] ? print_usage_bug+0xc0/0xc0 [ 501.658284] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 501.663802] ? reuse_swap_page+0x4bd/0x1520 [ 501.668112] ? swp_swapcount+0x530/0x530 [ 501.672158] ? __lock_acquire+0x7ec/0x4ec0 [ 501.676380] ? mark_held_locks+0x130/0x130 [ 501.680597] ? rcu_bh_qs+0xc0/0xc0 [ 501.684134] ? __lock_acquire+0x7ec/0x4ec0 [ 501.688374] ? mark_held_locks+0x130/0x130 [ 501.692598] ? graph_lock+0x170/0x170 [ 501.696385] ? mark_held_locks+0x130/0x130 [ 501.700618] ? check_preemption_disabled+0x48/0x200 [ 501.705621] ? check_preemption_disabled+0x48/0x200 [ 501.710625] ? find_held_lock+0x36/0x1c0 [ 501.714900] ? print_usage_bug+0xc0/0xc0 [ 501.718945] ? print_usage_bug+0xc0/0xc0 [ 501.722994] ? do_wp_page+0xa6f/0x1390 [ 501.726869] ? lock_downgrade+0x900/0x900 [ 501.731001] ? wake_up_page_bit+0x6f0/0x6f0 [ 501.735308] ? kasan_check_read+0x11/0x20 [ 501.739443] ? __lock_acquire+0x7ec/0x4ec0 [ 501.743659] ? _raw_spin_unlock+0x2c/0x50 [ 501.747799] ? mark_held_locks+0x130/0x130 [ 501.752016] ? find_held_lock+0x36/0x1c0 [ 501.756062] ? lock_release+0x970/0x970 [ 501.760023] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 501.765576] ? kasan_check_write+0x14/0x20 [ 501.769799] ? do_raw_spin_lock+0xc1/0x200 [ 501.774023] ? __handle_mm_fault+0x9ab/0x53e0 [ 501.778533] ? graph_lock+0x170/0x170 [ 501.782317] ? graph_lock+0x170/0x170 [ 501.786105] ? touch_atime+0x103/0x320 [ 501.789985] ? graph_lock+0x170/0x170 [ 501.793787] ? atime_needs_update+0x710/0x710 [ 501.798286] ? graph_lock+0x170/0x170 [ 501.802071] ? graph_lock+0x170/0x170 [ 501.805869] ? find_held_lock+0x36/0x1c0 [ 501.809925] _do_fork+0x1cb/0x11d0 [ 501.813452] ? fork_idle+0x1d0/0x1d0 [ 501.817152] ? lock_downgrade+0x900/0x900 [ 501.821294] ? kasan_check_read+0x11/0x20 [ 501.825432] ? _copy_to_user+0xc8/0x110 [ 501.829393] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 501.834916] ? put_timespec64+0x10f/0x1b0 [ 501.839051] ? nsecs_to_jiffies+0x30/0x30 [ 501.843191] ? do_syscall_64+0x9a/0x820 [ 501.847151] ? do_syscall_64+0x9a/0x820 [ 501.851107] ? lockdep_hardirqs_on+0x421/0x5c0 [ 501.855674] ? trace_hardirqs_on+0xbd/0x310 [ 501.859978] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 501.865514] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 501.870863] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 501.876309] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 501.881830] __x64_sys_clone+0xbf/0x150 [ 501.885790] do_syscall_64+0x1b9/0x820 [ 501.889662] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 501.895011] ? syscall_return_slowpath+0x5e0/0x5e0 [ 501.899927] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 501.904781] ? trace_hardirqs_on_caller+0x310/0x310 [ 501.909796] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 501.914805] ? prepare_exit_to_usermode+0x291/0x3b0 [ 501.919814] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 501.924641] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 501.929813] RIP: 0033:0x455b4a [ 501.933001] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 501.951909] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 501.959602] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 501.966855] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 501.974128] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 501.981379] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 501.988634] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 501.996827] Memory limit reached of cgroup /syz5 [ 502.001622] memory: usage 204808kB, limit 204800kB, failcnt 434284 [ 502.008204] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 502.015057] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 502.021217] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 502.040940] Out of memory and no killable processes... [ 502.047339] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 502.060290] syz-executor5 cpuset=syz5 mems_allowed=0 [ 502.065498] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 502.072760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 502.082121] Call Trace: [ 502.084697] dump_stack+0x1c4/0x2b4 [ 502.088331] ? dump_stack_print_info.cold.2+0x52/0x52 [ 502.093524] dump_header+0x27b/0xf72 [ 502.097227] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 502.103022] ? kasan_check_read+0x11/0x20 [ 502.107181] ? pagefault_out_of_memory+0x197/0x197 [ 502.112101] ? rcu_read_unlock+0x33/0x60 [ 502.116142] ? mem_cgroup_iter+0x514/0x1160 [ 502.120463] ? find_held_lock+0x36/0x1c0 [ 502.124520] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 502.129278] ? mark_held_locks+0xc7/0x130 [ 502.133413] ? _raw_spin_unlock_irq+0x27/0x80 [ 502.137893] ? _raw_spin_unlock_irq+0x27/0x80 [ 502.142370] ? lockdep_hardirqs_on+0x421/0x5c0 [ 502.146959] ? trace_hardirqs_on+0xbd/0x310 [ 502.151263] ? kasan_check_read+0x11/0x20 [ 502.155422] ? css_task_iter_end+0x222/0x490 [ 502.159816] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 502.165270] ? kasan_check_write+0x14/0x20 [ 502.169514] ? do_raw_spin_lock+0xc1/0x200 [ 502.173737] ? _raw_spin_unlock_irq+0x60/0x80 [ 502.178214] ? css_task_iter_end+0x2ce/0x490 [ 502.182608] ? cgroup_procs_next+0x70/0x70 [ 502.186827] ? _raw_spin_unlock_irq+0x60/0x80 [ 502.191305] ? oom_badness+0xaa0/0xaa0 [ 502.195176] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 502.199916] ? mem_cgroup_iter_break+0x30/0x30 [ 502.204498] ? mark_held_locks+0xc7/0x130 [ 502.208632] out_of_memory.cold.30+0xf/0x184 [ 502.213022] ? lockdep_hardirqs_on+0x421/0x5c0 [ 502.217586] ? kasan_check_read+0x11/0x20 [ 502.221718] ? oom_killer_disable+0x3a0/0x3a0 [ 502.226195] ? kasan_check_write+0x14/0x20 [ 502.230424] ? do_raw_spin_lock+0xc1/0x200 [ 502.234666] mem_cgroup_out_of_memory+0x15e/0x210 [ 502.239493] ? memcg_memory_event+0x40/0x40 [ 502.243802] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 502.248630] ? page_counter_try_charge+0x1c1/0x220 [ 502.253546] try_charge+0xc43/0x1690 [ 502.257251] ? lock_downgrade+0x900/0x900 [ 502.261385] ? check_preemption_disabled+0x48/0x200 [ 502.266432] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 502.272478] ? find_held_lock+0x36/0x1c0 [ 502.276525] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 502.281362] ? lock_downgrade+0x900/0x900 [ 502.285503] ? check_preemption_disabled+0x48/0x200 [ 502.290518] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 502.296323] ? kasan_check_read+0x11/0x20 [ 502.300453] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 502.305726] ? rcu_bh_qs+0xc0/0xc0 [ 502.309257] ? get_mem_cgroup_from_mm+0x206/0x440 [ 502.314085] memcg_kmem_charge_memcg+0x7c/0x120 [ 502.318737] ? memcg_kmem_put_cache+0xb0/0xb0 [ 502.323215] ? kasan_kmalloc+0xc7/0xe0 [ 502.327110] ? kmem_cache_alloc+0x12e/0x730 [ 502.331418] ? __pmd_alloc+0xc2/0x450 [ 502.335220] ? copy_page_range+0x6cf/0x26b0 [ 502.339574] memcg_kmem_charge+0x135/0x300 [ 502.343827] __alloc_pages_nodemask+0x72e/0xde0 [ 502.348478] ? find_held_lock+0x36/0x1c0 [ 502.352528] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 502.357579] ? find_held_lock+0x36/0x1c0 [ 502.361629] ? lock_downgrade+0x900/0x900 [ 502.365758] ? __lock_is_held+0xb5/0x140 [ 502.369808] ? kasan_check_read+0x11/0x20 [ 502.373953] ? do_raw_spin_unlock+0xa7/0x2f0 [ 502.378345] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 502.382917] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 502.388440] alloc_pages_current+0x10c/0x210 [ 502.392837] pte_alloc_one+0x1b/0x1a0 [ 502.396648] __pte_alloc+0x2a/0x350 [ 502.400258] copy_page_range+0x18c5/0x26b0 [ 502.404480] ? rb_insert_color_cached+0x14b0/0x14b0 [ 502.409493] ? pmd_alloc+0x180/0x180 [ 502.413191] ? graph_lock+0x170/0x170 [ 502.416988] ? kasan_slab_alloc+0x12/0x20 [ 502.421120] ? kmem_cache_alloc+0x12e/0x730 [ 502.425453] ? graph_lock+0x170/0x170 [ 502.429251] ? __x64_sys_clone+0xbf/0x150 [ 502.433383] ? do_syscall_64+0x1b9/0x820 [ 502.437428] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 502.442779] ? find_held_lock+0x36/0x1c0 [ 502.446836] ? anon_vma_fork+0x5ef/0x820 [ 502.450895] ? lock_downgrade+0x900/0x900 [ 502.455041] ? lock_release+0x970/0x970 [ 502.459039] ? arch_local_save_flags+0x40/0x40 [ 502.463637] ? __lock_is_held+0xb5/0x140 [ 502.467723] ? up_write+0x7b/0x220 [ 502.471256] ? up_read+0x110/0x110 [ 502.474781] ? anon_vma_interval_tree_insert+0x2c9/0x370 [ 502.480219] ? __sanitizer_cov_trace_cmp8+0x18/0x20 [ 502.485214] ? vma_compute_subtree_gap+0x160/0x240 [ 502.490142] ? validate_mm_rb+0xaa/0xc0 [ 502.494104] ? __vma_link_rb+0x26c/0x370 [ 502.498150] copy_process+0x4721/0x8780 [ 502.502122] ? __cleanup_sighand+0x70/0x70 [ 502.506349] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 502.511869] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 502.517400] ? page_swapcount+0x1d0/0x1d0 [ 502.521527] ? try_to_wake_up+0x10a/0x12f0 [ 502.525750] ? lock_downgrade+0x900/0x900 [ 502.529887] ? lock_downgrade+0x900/0x900 [ 502.534020] ? trace_hardirqs_off+0xb8/0x310 [ 502.538407] ? kasan_check_read+0x11/0x20 [ 502.542572] ? trace_hardirqs_on+0x310/0x310 [ 502.546973] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 502.552061] ? try_to_wake_up+0x10a/0x12f0 [ 502.556295] ? print_usage_bug+0xc0/0xc0 [ 502.560381] ? migrate_swap_stop+0x930/0x930 [ 502.564781] ? __handle_mm_fault+0x9ab/0x53e0 [ 502.569259] ? graph_lock+0x170/0x170 [ 502.573044] ? print_usage_bug+0xc0/0xc0 [ 502.577095] ? __lock_acquire+0x7ec/0x4ec0 [ 502.581313] ? print_usage_bug+0xc0/0xc0 [ 502.585377] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 502.590920] ? reuse_swap_page+0x4bd/0x1520 [ 502.595224] ? swp_swapcount+0x530/0x530 [ 502.599269] ? __lock_acquire+0x7ec/0x4ec0 [ 502.603498] ? mark_held_locks+0x130/0x130 [ 502.607716] ? rcu_bh_qs+0xc0/0xc0 [ 502.611241] ? __lock_acquire+0x7ec/0x4ec0 [ 502.615459] ? mark_held_locks+0x130/0x130 [ 502.619677] ? graph_lock+0x170/0x170 [ 502.623462] ? mark_held_locks+0x130/0x130 [ 502.627699] ? check_preemption_disabled+0x48/0x200 [ 502.632695] ? check_preemption_disabled+0x48/0x200 [ 502.637717] ? find_held_lock+0x36/0x1c0 [ 502.641760] ? print_usage_bug+0xc0/0xc0 [ 502.645805] ? print_usage_bug+0xc0/0xc0 [ 502.649848] ? do_wp_page+0xa6f/0x1390 [ 502.653720] ? lock_downgrade+0x900/0x900 [ 502.657853] ? wake_up_page_bit+0x6f0/0x6f0 [ 502.662170] ? kasan_check_read+0x11/0x20 [ 502.666306] ? __lock_acquire+0x7ec/0x4ec0 [ 502.670538] ? _raw_spin_unlock+0x2c/0x50 [ 502.674682] ? mark_held_locks+0x130/0x130 [ 502.678902] ? find_held_lock+0x36/0x1c0 [ 502.682949] ? lock_release+0x970/0x970 [ 502.686908] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 502.692429] ? kasan_check_write+0x14/0x20 [ 502.696645] ? do_raw_spin_lock+0xc1/0x200 [ 502.700869] ? __handle_mm_fault+0x9ab/0x53e0 [ 502.705364] ? graph_lock+0x170/0x170 [ 502.709146] ? graph_lock+0x170/0x170 [ 502.712941] ? touch_atime+0x103/0x320 [ 502.716814] ? graph_lock+0x170/0x170 [ 502.720600] ? atime_needs_update+0x710/0x710 [ 502.725095] ? graph_lock+0x170/0x170 [ 502.728896] ? graph_lock+0x170/0x170 [ 502.732703] ? find_held_lock+0x36/0x1c0 [ 502.736761] _do_fork+0x1cb/0x11d0 [ 502.740311] ? fork_idle+0x1d0/0x1d0 [ 502.744012] ? lock_downgrade+0x900/0x900 [ 502.748166] ? kasan_check_read+0x11/0x20 [ 502.752306] ? _copy_to_user+0xc8/0x110 [ 502.756270] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 502.761792] ? put_timespec64+0x10f/0x1b0 [ 502.765921] ? nsecs_to_jiffies+0x30/0x30 [ 502.770082] ? do_syscall_64+0x9a/0x820 [ 502.774041] ? do_syscall_64+0x9a/0x820 [ 502.778002] ? lockdep_hardirqs_on+0x421/0x5c0 [ 502.782593] ? trace_hardirqs_on+0xbd/0x310 [ 502.786904] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 502.792428] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 502.797779] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 502.803229] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 502.808753] __x64_sys_clone+0xbf/0x150 [ 502.812717] do_syscall_64+0x1b9/0x820 [ 502.816596] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 502.821944] ? syscall_return_slowpath+0x5e0/0x5e0 [ 502.826857] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 502.831690] ? trace_hardirqs_on_caller+0x310/0x310 [ 502.836720] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 502.841735] ? prepare_exit_to_usermode+0x291/0x3b0 [ 502.846741] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 502.851579] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 502.856754] RIP: 0033:0x455b4a [ 502.859949] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 502.878858] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 502.886591] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 502.893845] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 502.901113] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 502.908370] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 502.915646] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 502.923134] Memory limit reached of cgroup /syz5 [ 502.928015] memory: usage 204812kB, limit 204800kB, failcnt 434292 [ 502.934338] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 502.941192] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 502.947423] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 502.967242] Out of memory and no killable processes... [ 502.973549] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 502.985082] syz-executor5 cpuset=syz5 mems_allowed=0 [ 502.990222] CPU: 1 PID: 13715 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 502.997481] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 503.006823] Call Trace: [ 503.009433] dump_stack+0x1c4/0x2b4 [ 503.013074] ? dump_stack_print_info.cold.2+0x52/0x52 [ 503.018261] dump_header+0x27b/0xf72 [ 503.021993] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 503.027781] ? kasan_check_read+0x11/0x20 [ 503.031923] ? pagefault_out_of_memory+0x197/0x197 [ 503.036844] ? rcu_read_unlock+0x33/0x60 [ 503.040898] ? mem_cgroup_iter+0x514/0x1160 [ 503.045220] ? find_held_lock+0x36/0x1c0 [ 503.049292] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 503.054037] ? mark_held_locks+0xc7/0x130 [ 503.058177] ? _raw_spin_unlock_irq+0x27/0x80 [ 503.062679] ? _raw_spin_unlock_irq+0x27/0x80 [ 503.067171] ? lockdep_hardirqs_on+0x421/0x5c0 [ 503.071753] ? trace_hardirqs_on+0xbd/0x310 [ 503.076106] ? kasan_check_read+0x11/0x20 [ 503.080244] ? css_task_iter_end+0x222/0x490 [ 503.084661] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 503.090101] ? kasan_check_write+0x14/0x20 [ 503.094321] ? do_raw_spin_lock+0xc1/0x200 [ 503.098561] ? _raw_spin_unlock_irq+0x60/0x80 [ 503.103045] ? css_task_iter_end+0x2ce/0x490 [ 503.107445] ? cgroup_procs_next+0x70/0x70 [ 503.111666] ? _raw_spin_unlock_irq+0x60/0x80 [ 503.116161] ? oom_badness+0xaa0/0xaa0 [ 503.120033] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 503.124800] ? mem_cgroup_iter_break+0x30/0x30 [ 503.129391] ? mark_held_locks+0xc7/0x130 [ 503.133527] out_of_memory.cold.30+0xf/0x184 [ 503.137936] ? lockdep_hardirqs_on+0x421/0x5c0 [ 503.142542] ? kasan_check_read+0x11/0x20 [ 503.146681] ? oom_killer_disable+0x3a0/0x3a0 [ 503.151170] ? kasan_check_write+0x14/0x20 [ 503.155398] ? do_raw_spin_lock+0xc1/0x200 [ 503.159640] mem_cgroup_out_of_memory+0x15e/0x210 [ 503.164497] ? memcg_memory_event+0x40/0x40 [ 503.168817] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 503.173573] ? page_counter_try_charge+0x1c1/0x220 [ 503.178505] try_charge+0xc43/0x1690 [ 503.182217] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 503.188262] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 503.193097] ? lock_downgrade+0x900/0x900 [ 503.197262] ? check_preemption_disabled+0x48/0x200 [ 503.202277] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 503.208058] ? kasan_check_read+0x11/0x20 [ 503.212201] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 503.217466] ? rcu_bh_qs+0xc0/0xc0 [ 503.221030] ? get_mem_cgroup_from_mm+0x206/0x440 [ 503.225862] ? mem_cgroup_can_attach+0x580/0x580 [ 503.230606] ? __lock_is_held+0xb5/0x140 [ 503.234672] mem_cgroup_try_charge+0x5ea/0xe10 [ 503.239251] ? mem_cgroup_protected+0xa60/0xa60 [ 503.243910] ? swp_swapcount+0x530/0x530 [ 503.247981] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 503.253518] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 503.258444] wp_page_copy+0x46c/0x14f0 [ 503.262338] ? follow_pfn+0x2e0/0x2e0 [ 503.266137] ? do_wp_page+0x76c/0x1390 [ 503.270038] ? lock_downgrade+0x900/0x900 [ 503.274194] ? kasan_check_write+0x14/0x20 [ 503.278421] ? kasan_check_read+0x11/0x20 [ 503.282571] ? do_raw_spin_unlock+0xa7/0x2f0 [ 503.287019] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 503.291591] ? __pte_alloc_kernel+0x220/0x220 [ 503.296080] ? __lock_acquire+0x7ec/0x4ec0 [ 503.300310] do_wp_page+0x774/0x1390 [ 503.304042] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 503.308705] ? lock_release+0x970/0x970 [ 503.312665] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 503.318196] ? kasan_check_write+0x14/0x20 [ 503.322413] ? do_raw_spin_lock+0xc1/0x200 [ 503.326639] __handle_mm_fault+0x2c60/0x53e0 [ 503.331045] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 503.335889] ? graph_lock+0x170/0x170 [ 503.339687] ? print_usage_bug+0xc0/0xc0 [ 503.343732] ? __lock_acquire+0x7ec/0x4ec0 [ 503.347955] ? graph_lock+0x170/0x170 [ 503.351737] ? graph_lock+0x170/0x170 [ 503.355536] ? handle_mm_fault+0x42a/0xc70 [ 503.359755] ? lock_downgrade+0x900/0x900 [ 503.363893] ? check_preemption_disabled+0x48/0x200 [ 503.368898] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 503.374682] ? kasan_check_read+0x11/0x20 [ 503.378818] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 503.384084] ? rcu_bh_qs+0xc0/0xc0 [ 503.387614] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 503.393074] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 503.398631] ? check_preemption_disabled+0x48/0x200 [ 503.403638] handle_mm_fault+0x54f/0xc70 [ 503.407688] ? __handle_mm_fault+0x53e0/0x53e0 [ 503.412257] ? find_vma+0x34/0x190 [ 503.415788] __do_page_fault+0x67d/0xed0 [ 503.419842] ? mm_fault_error+0x380/0x380 [ 503.424003] ? graph_lock+0x170/0x170 [ 503.427798] do_page_fault+0xf2/0x7e0 [ 503.431592] ? vmalloc_sync_all+0x30/0x30 [ 503.435737] ? error_entry+0x76/0xd0 [ 503.439440] ? trace_hardirqs_off_caller+0xbb/0x310 [ 503.444446] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 503.449280] ? trace_hardirqs_on_caller+0x310/0x310 [ 503.454308] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 503.460101] ? kasan_check_read+0x11/0x20 [ 503.464250] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 503.469094] page_fault+0x1e/0x30 [ 503.472554] RIP: 0010:__put_user_4+0x1c/0x30 [ 503.476987] Code: 1f 00 c3 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 8b 1c 25 40 ee 01 00 48 8b 9b 18 14 00 00 48 83 eb 03 48 39 d9 73 3c 0f 1f 00 <89> 01 31 c0 0f 1f 00 c3 66 90 66 2e 0f 1f 84 00 00 00 00 00 65 48 [ 503.495883] RSP: 0018:ffff8801839e7f30 EFLAGS: 00010293 [ 503.501258] RAX: 00000000000000fe RBX: 00007fffffffeffd RCX: 000000000213fc10 [ 503.508529] RDX: dffffc0000000000 RSI: 0000000000000001 RDI: ffff8801d70d69e8 [ 503.515793] RBP: ffff8801839e7f48 R08: 0000000000000000 R09: ffffed003b5e4732 [ 503.523059] R10: ffffed003b5e4732 R11: ffff8801daf23993 R12: 0000000000000000 [ 503.530327] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 503.537610] ? schedule_tail+0xd8/0x130 [ 503.541583] ret_from_fork+0x8/0x50 [ 503.545212] RIP: 0033:0x455b4a [ 503.548417] Code: Bad RIP value. [ 503.551762] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 503.559459] RAX: 0000000000000000 RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 503.566732] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 503.573990] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 503.581243] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 503.588495] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 503.597347] Memory limit reached of cgroup /syz5 [ 503.602245] memory: usage 204816kB, limit 204800kB, failcnt 434308 [ 503.608668] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 503.615467] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 503.621938] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:24KB inactive_file:0KB active_file:0KB unevictable:0KB [ 503.641737] Out of memory and no killable processes... [ 503.647218] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 503.658856] syz-executor5 cpuset=syz5 mems_allowed=0 [ 503.663972] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 503.671240] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 503.680584] Call Trace: [ 503.683172] dump_stack+0x1c4/0x2b4 [ 503.686805] ? dump_stack_print_info.cold.2+0x52/0x52 [ 503.691988] dump_header+0x27b/0xf72 [ 503.695694] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 503.701476] ? kasan_check_read+0x11/0x20 [ 503.705614] ? pagefault_out_of_memory+0x197/0x197 [ 503.710552] ? rcu_read_unlock+0x33/0x60 [ 503.714624] ? mem_cgroup_iter+0x514/0x1160 [ 503.719172] ? find_held_lock+0x36/0x1c0 [ 503.723220] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 503.727961] ? mark_held_locks+0xc7/0x130 [ 503.732098] ? _raw_spin_unlock_irq+0x27/0x80 [ 503.736593] ? _raw_spin_unlock_irq+0x27/0x80 [ 503.741077] ? lockdep_hardirqs_on+0x421/0x5c0 [ 503.745654] ? trace_hardirqs_on+0xbd/0x310 [ 503.749959] ? kasan_check_read+0x11/0x20 [ 503.754091] ? css_task_iter_end+0x222/0x490 [ 503.758489] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 503.763926] ? kasan_check_write+0x14/0x20 [ 503.768155] ? do_raw_spin_lock+0xc1/0x200 [ 503.772392] ? _raw_spin_unlock_irq+0x60/0x80 [ 503.776878] ? css_task_iter_end+0x2ce/0x490 [ 503.781307] ? cgroup_procs_next+0x70/0x70 [ 503.785548] ? _raw_spin_unlock_irq+0x60/0x80 [ 503.790080] ? oom_badness+0xaa0/0xaa0 [ 503.793959] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 503.798706] ? mem_cgroup_iter_break+0x30/0x30 [ 503.803305] ? mark_held_locks+0xc7/0x130 [ 503.807443] out_of_memory.cold.30+0xf/0x184 [ 503.811838] ? lockdep_hardirqs_on+0x421/0x5c0 [ 503.816407] ? kasan_check_read+0x11/0x20 [ 503.820542] ? oom_killer_disable+0x3a0/0x3a0 [ 503.825023] ? kasan_check_write+0x14/0x20 [ 503.829240] ? do_raw_spin_lock+0xc1/0x200 [ 503.833465] mem_cgroup_out_of_memory+0x15e/0x210 [ 503.838298] ? memcg_memory_event+0x40/0x40 [ 503.842604] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 503.847351] ? page_counter_try_charge+0x1c1/0x220 [ 503.852267] try_charge+0xc43/0x1690 [ 503.855994] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 503.862038] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 503.866884] ? lock_downgrade+0x900/0x900 [ 503.871037] ? check_preemption_disabled+0x48/0x200 [ 503.876046] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 503.881853] ? kasan_check_read+0x11/0x20 [ 503.885989] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 503.891252] ? rcu_bh_qs+0xc0/0xc0 [ 503.894816] ? get_mem_cgroup_from_mm+0x206/0x440 [ 503.899668] ? mem_cgroup_can_attach+0x580/0x580 [ 503.904415] ? __lock_is_held+0xb5/0x140 [ 503.908472] mem_cgroup_try_charge+0x5ea/0xe10 [ 503.913042] ? mem_cgroup_protected+0xa60/0xa60 [ 503.917697] ? swp_swapcount+0x530/0x530 [ 503.921751] ? rcu_read_unlock+0x16/0x60 [ 503.925814] ? lock_downgrade+0x900/0x900 [ 503.929966] ? check_preemption_disabled+0x48/0x200 [ 503.934977] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 503.940506] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 503.945424] wp_page_copy+0x46c/0x14f0 [ 503.949302] ? follow_pfn+0x2e0/0x2e0 [ 503.953093] ? do_wp_page+0x76c/0x1390 [ 503.956982] ? lock_downgrade+0x900/0x900 [ 503.961114] ? kasan_check_write+0x14/0x20 [ 503.965332] ? kasan_check_read+0x11/0x20 [ 503.969504] ? do_raw_spin_unlock+0xa7/0x2f0 [ 503.973919] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 503.978489] ? __pte_alloc_kernel+0x220/0x220 [ 503.982968] ? __lock_acquire+0x7ec/0x4ec0 [ 503.987196] do_wp_page+0x774/0x1390 [ 503.990898] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 503.995572] ? lock_release+0x970/0x970 [ 503.999533] ? delayacct_end+0x5a/0x100 [ 504.003493] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 504.009031] ? kasan_check_write+0x14/0x20 [ 504.013249] ? do_raw_spin_lock+0xc1/0x200 [ 504.017476] __handle_mm_fault+0x2c60/0x53e0 [ 504.021875] ? check_preemption_disabled+0x48/0x200 [ 504.026880] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 504.031706] ? graph_lock+0x170/0x170 [ 504.035494] ? print_usage_bug+0xc0/0xc0 [ 504.039554] ? graph_lock+0x170/0x170 [ 504.043348] ? graph_lock+0x170/0x170 [ 504.047144] ? handle_mm_fault+0x42a/0xc70 [ 504.051365] ? lock_downgrade+0x900/0x900 [ 504.055502] ? check_preemption_disabled+0x48/0x200 [ 504.060516] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 504.066294] ? kasan_check_read+0x11/0x20 [ 504.070425] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 504.075706] ? rcu_bh_qs+0xc0/0xc0 [ 504.079245] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 504.084681] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 504.090227] ? check_preemption_disabled+0x48/0x200 [ 504.095237] handle_mm_fault+0x54f/0xc70 [ 504.099287] ? __handle_mm_fault+0x53e0/0x53e0 [ 504.103853] ? find_vma+0x34/0x190 [ 504.107382] __do_page_fault+0x67d/0xed0 [ 504.111468] ? mm_fault_error+0x380/0x380 [ 504.115618] ? syscall_slow_exit_work+0x520/0x520 [ 504.120459] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 504.125984] do_page_fault+0xf2/0x7e0 [ 504.129785] ? vmalloc_sync_all+0x30/0x30 [ 504.133932] ? error_entry+0x70/0xd0 [ 504.137646] ? trace_hardirqs_off_caller+0xbb/0x310 [ 504.142643] ? trace_hardirqs_on_caller+0xc0/0x310 [ 504.147556] ? syscall_return_slowpath+0x5e0/0x5e0 [ 504.152469] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 504.157310] ? trace_hardirqs_on_caller+0x310/0x310 [ 504.162316] ? trace_hardirqs_off+0x310/0x310 [ 504.166808] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 504.171812] ? prepare_exit_to_usermode+0x291/0x3b0 [ 504.176834] ? page_fault+0x8/0x30 [ 504.180361] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 504.185189] ? page_fault+0x8/0x30 [ 504.188802] page_fault+0x1e/0x30 [ 504.192236] RIP: 0033:0x455c6e [ 504.195433] Code: 5c 41 5d 41 5e 5d c3 48 c7 c2 d4 ff ff ff f7 d8 41 bd ff ff ff ff 64 89 02 64 8b 04 25 d0 02 00 00 41 39 c4 0f 85 2f 01 00 00 <64> 44 89 04 25 d4 02 00 00 45 85 f6 0f 85 7f 00 00 00 48 85 db 74 [ 504.214319] RSP: 002b:00007ffd1aecd800 EFLAGS: 00010246 [ 504.219666] RAX: 0000000000000001 RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 504.226917] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 504.234170] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 504.241424] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 504.248679] R13: 00000000000000fe R14: 0000000000000000 R15: 0000000000000005 [ 504.256200] Memory limit reached of cgroup /syz5 [ 504.261006] memory: usage 204820kB, limit 204800kB, failcnt 434316 [ 504.267408] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 504.274164] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 504.280372] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:28KB inactive_file:0KB active_file:0KB unevictable:0KB [ 504.300194] Out of memory and no killable processes... [ 504.305631] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 504.318686] syz-executor5 cpuset=syz5 mems_allowed=0 [ 504.323848] CPU: 1 PID: 13715 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 504.331154] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 504.340488] Call Trace: [ 504.343063] dump_stack+0x1c4/0x2b4 [ 504.346684] ? dump_stack_print_info.cold.2+0x52/0x52 [ 504.351862] dump_header+0x27b/0xf72 [ 504.355572] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 504.361364] ? kasan_check_read+0x11/0x20 [ 504.365502] ? pagefault_out_of_memory+0x197/0x197 [ 504.370420] ? rcu_read_unlock+0x33/0x60 [ 504.374460] ? mem_cgroup_iter+0x514/0x1160 [ 504.378769] ? find_held_lock+0x36/0x1c0 [ 504.382818] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 504.387559] ? mark_held_locks+0xc7/0x130 [ 504.391694] ? _raw_spin_unlock_irq+0x27/0x80 [ 504.396173] ? _raw_spin_unlock_irq+0x27/0x80 [ 504.400655] ? lockdep_hardirqs_on+0x421/0x5c0 [ 504.405263] ? trace_hardirqs_on+0xbd/0x310 [ 504.409573] ? kasan_check_read+0x11/0x20 [ 504.413704] ? css_task_iter_end+0x222/0x490 [ 504.418096] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 504.423532] ? kasan_check_write+0x14/0x20 [ 504.427751] ? do_raw_spin_lock+0xc1/0x200 [ 504.432007] ? _raw_spin_unlock_irq+0x60/0x80 [ 504.436486] ? css_task_iter_end+0x2ce/0x490 [ 504.440876] ? cgroup_procs_next+0x70/0x70 [ 504.445096] ? _raw_spin_unlock_irq+0x60/0x80 [ 504.449576] ? oom_badness+0xaa0/0xaa0 [ 504.453449] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 504.458192] ? mem_cgroup_iter_break+0x30/0x30 [ 504.462786] ? mark_held_locks+0xc7/0x130 [ 504.466932] out_of_memory.cold.30+0xf/0x184 [ 504.471323] ? lockdep_hardirqs_on+0x421/0x5c0 [ 504.475887] ? kasan_check_read+0x11/0x20 [ 504.480018] ? oom_killer_disable+0x3a0/0x3a0 [ 504.484498] ? kasan_check_write+0x14/0x20 [ 504.488735] ? do_raw_spin_lock+0xc1/0x200 [ 504.492989] mem_cgroup_out_of_memory+0x15e/0x210 [ 504.497850] ? memcg_memory_event+0x40/0x40 [ 504.502154] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 504.506985] ? page_counter_try_charge+0x1c1/0x220 [ 504.511898] try_charge+0xc43/0x1690 [ 504.515596] ? lock_downgrade+0x900/0x900 [ 504.519729] ? check_preemption_disabled+0x48/0x200 [ 504.524741] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 504.530797] ? find_held_lock+0x36/0x1c0 [ 504.534873] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 504.539701] ? lock_downgrade+0x900/0x900 [ 504.543863] ? check_preemption_disabled+0x48/0x200 [ 504.548868] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 504.554669] ? kasan_check_read+0x11/0x20 [ 504.558801] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 504.564059] ? rcu_bh_qs+0xc0/0xc0 [ 504.567595] ? get_mem_cgroup_from_mm+0x206/0x440 [ 504.572423] memcg_kmem_charge_memcg+0x7c/0x120 [ 504.577098] ? memcg_kmem_put_cache+0xb0/0xb0 [ 504.581577] ? check_noncircular+0x20/0x20 [ 504.585802] memcg_kmem_charge+0x135/0x300 [ 504.590025] __alloc_pages_nodemask+0x72e/0xde0 [ 504.594703] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 504.599714] ? mark_held_locks+0x130/0x130 [ 504.603934] ? kasan_check_write+0x14/0x20 [ 504.608166] ? do_raw_spin_lock+0xc1/0x200 [ 504.612389] ? __handle_mm_fault+0x9ab/0x53e0 [ 504.616891] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 504.622419] alloc_pages_current+0x10c/0x210 [ 504.626859] pte_alloc_one+0x1b/0x1a0 [ 504.630670] __handle_mm_fault+0x43f4/0x53e0 [ 504.635062] ? graph_lock+0x170/0x170 [ 504.638861] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 504.643705] ? graph_lock+0x170/0x170 [ 504.647493] ? print_usage_bug+0xc0/0xc0 [ 504.651559] ? graph_lock+0x170/0x170 [ 504.655348] ? graph_lock+0x170/0x170 [ 504.659152] ? handle_mm_fault+0x42a/0xc70 [ 504.663385] ? lock_downgrade+0x900/0x900 [ 504.667518] ? check_preemption_disabled+0x48/0x200 [ 504.672532] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 504.678335] ? kasan_check_read+0x11/0x20 [ 504.682471] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 504.687744] ? rcu_bh_qs+0xc0/0xc0 [ 504.691282] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 504.696720] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 504.702256] ? check_preemption_disabled+0x48/0x200 [ 504.707275] handle_mm_fault+0x54f/0xc70 [ 504.711332] ? __handle_mm_fault+0x53e0/0x53e0 [ 504.715914] ? find_vma+0x34/0x190 [ 504.719438] __do_page_fault+0x67d/0xed0 [ 504.723490] ? mm_fault_error+0x380/0x380 [ 504.727631] do_page_fault+0xf2/0x7e0 [ 504.731416] ? vmalloc_sync_all+0x30/0x30 [ 504.735550] ? error_entry+0x70/0xd0 [ 504.739264] ? trace_hardirqs_off_caller+0xbb/0x310 [ 504.744274] ? trace_hardirqs_on_caller+0xc0/0x310 [ 504.749188] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 504.754015] ? trace_hardirqs_on_caller+0x310/0x310 [ 504.759015] ? trace_hardirqs_off+0x310/0x310 [ 504.763525] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 504.768530] ? recalc_sigpending_tsk+0x180/0x180 [ 504.773269] ? kasan_check_write+0x14/0x20 [ 504.777489] ? page_fault+0x8/0x30 [ 504.781030] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 504.785860] ? page_fault+0x8/0x30 [ 504.789383] page_fault+0x1e/0x30 [ 504.792817] RIP: 0033:0x455b4a [ 504.795998] Code: Bad RIP value. [ 504.799343] RSP: 002b:00007ffd1aecd800 EFLAGS: 00010246 [ 504.804690] RAX: 0000000000000000 RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 504.811942] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 504.819198] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 504.826452] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 504.833705] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 504.842282] Memory limit reached of cgroup /syz5 [ 504.847139] memory: usage 204768kB, limit 204800kB, failcnt 434324 [ 504.853455] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 504.860257] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 504.866477] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:32KB inactive_file:0KB active_file:0KB unevictable:0KB [ 504.886249] Out of memory and no killable processes... [ 504.891650] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 504.903044] syz-executor5 cpuset=syz5 mems_allowed=0 [ 504.908266] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 504.915576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 504.924922] Call Trace: [ 504.927498] dump_stack+0x1c4/0x2b4 [ 504.931133] ? dump_stack_print_info.cold.2+0x52/0x52 [ 504.936319] dump_header+0x27b/0xf72 [ 504.940027] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 504.945810] ? kasan_check_read+0x11/0x20 [ 504.949949] ? pagefault_out_of_memory+0x197/0x197 [ 504.954870] ? rcu_read_unlock+0x33/0x60 [ 504.958916] ? mem_cgroup_iter+0x514/0x1160 [ 504.963224] ? find_held_lock+0x36/0x1c0 [ 504.967275] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 504.972036] ? mark_held_locks+0xc7/0x130 [ 504.976176] ? _raw_spin_unlock_irq+0x27/0x80 [ 504.980663] ? _raw_spin_unlock_irq+0x27/0x80 [ 504.985166] ? lockdep_hardirqs_on+0x421/0x5c0 [ 504.989740] ? trace_hardirqs_on+0xbd/0x310 [ 504.994042] ? kasan_check_read+0x11/0x20 [ 504.998175] ? css_task_iter_end+0x222/0x490 [ 505.002609] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 505.008050] ? kasan_check_write+0x14/0x20 [ 505.012287] ? do_raw_spin_lock+0xc1/0x200 [ 505.016515] ? _raw_spin_unlock_irq+0x60/0x80 [ 505.020999] ? css_task_iter_end+0x2ce/0x490 [ 505.025400] ? cgroup_procs_next+0x70/0x70 [ 505.029627] ? _raw_spin_unlock_irq+0x60/0x80 [ 505.034144] ? oom_badness+0xaa0/0xaa0 [ 505.038036] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 505.042781] ? mem_cgroup_iter_break+0x30/0x30 [ 505.047357] ? mark_held_locks+0xc7/0x130 [ 505.051499] out_of_memory.cold.30+0xf/0x184 [ 505.055899] ? lockdep_hardirqs_on+0x421/0x5c0 [ 505.060467] ? kasan_check_read+0x11/0x20 [ 505.064603] ? oom_killer_disable+0x3a0/0x3a0 [ 505.069109] ? kasan_check_write+0x14/0x20 [ 505.073333] ? do_raw_spin_lock+0xc1/0x200 [ 505.077563] mem_cgroup_out_of_memory+0x15e/0x210 [ 505.082398] ? memcg_memory_event+0x40/0x40 [ 505.086737] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 505.091490] ? page_counter_try_charge+0x1c1/0x220 [ 505.096409] try_charge+0xc43/0x1690 [ 505.100137] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 505.106180] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 505.111026] ? lock_downgrade+0x900/0x900 [ 505.115162] ? check_preemption_disabled+0x48/0x200 [ 505.120187] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 505.126003] ? kasan_check_read+0x11/0x20 [ 505.130152] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 505.135413] ? rcu_bh_qs+0xc0/0xc0 [ 505.138943] ? get_mem_cgroup_from_mm+0x206/0x440 [ 505.143771] ? mem_cgroup_can_attach+0x580/0x580 [ 505.148526] ? __lock_is_held+0xb5/0x140 [ 505.152587] mem_cgroup_try_charge+0x5ea/0xe10 [ 505.157175] ? mem_cgroup_protected+0xa60/0xa60 [ 505.161864] ? swp_swapcount+0x530/0x530 [ 505.165921] ? wp_page_copy+0xad1/0x14f0 [ 505.169975] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 505.175507] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 505.180442] wp_page_copy+0x46c/0x14f0 [ 505.184319] ? follow_pfn+0x2e0/0x2e0 [ 505.188109] ? do_wp_page+0x76c/0x1390 [ 505.191983] ? lock_downgrade+0x900/0x900 [ 505.196133] ? kasan_check_write+0x14/0x20 [ 505.200356] ? kasan_check_read+0x11/0x20 [ 505.204508] ? do_raw_spin_unlock+0xa7/0x2f0 [ 505.208929] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 505.213501] ? __pte_alloc_kernel+0x220/0x220 [ 505.217981] ? __lock_acquire+0x7ec/0x4ec0 [ 505.222203] do_wp_page+0x774/0x1390 [ 505.225906] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 505.230579] ? lock_release+0x970/0x970 [ 505.234541] ? delayacct_end+0x5a/0x100 [ 505.238505] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 505.244040] ? kasan_check_write+0x14/0x20 [ 505.248276] ? do_raw_spin_lock+0xc1/0x200 [ 505.252509] __handle_mm_fault+0x2c60/0x53e0 [ 505.256910] ? check_preemption_disabled+0x48/0x200 [ 505.261929] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 505.266763] ? graph_lock+0x170/0x170 [ 505.270552] ? print_usage_bug+0xc0/0xc0 [ 505.274607] ? graph_lock+0x170/0x170 [ 505.278408] ? graph_lock+0x170/0x170 [ 505.282203] ? handle_mm_fault+0x42a/0xc70 [ 505.286444] ? lock_downgrade+0x900/0x900 [ 505.290584] ? check_preemption_disabled+0x48/0x200 [ 505.295602] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 505.301383] ? kasan_check_read+0x11/0x20 [ 505.305528] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 505.310798] ? rcu_bh_qs+0xc0/0xc0 [ 505.314357] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 505.319794] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 505.325319] ? check_preemption_disabled+0x48/0x200 [ 505.330334] handle_mm_fault+0x54f/0xc70 [ 505.334396] ? __handle_mm_fault+0x53e0/0x53e0 [ 505.338964] ? find_vma+0x34/0x190 [ 505.342491] __do_page_fault+0x67d/0xed0 [ 505.346542] ? mm_fault_error+0x380/0x380 [ 505.350682] ? syscall_slow_exit_work+0x520/0x520 [ 505.355521] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 505.361064] do_page_fault+0xf2/0x7e0 [ 505.364865] ? vmalloc_sync_all+0x30/0x30 [ 505.369021] ? error_entry+0x70/0xd0 [ 505.372729] ? trace_hardirqs_off_caller+0xbb/0x310 [ 505.377728] ? trace_hardirqs_on_caller+0xc0/0x310 [ 505.382641] ? syscall_return_slowpath+0x5e0/0x5e0 [ 505.387565] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 505.392397] ? trace_hardirqs_on_caller+0x310/0x310 [ 505.397420] ? trace_hardirqs_off+0x310/0x310 [ 505.401926] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 505.406933] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 505.412452] ? prepare_exit_to_usermode+0x291/0x3b0 [ 505.417454] ? page_fault+0x8/0x30 [ 505.420993] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 505.425833] ? page_fault+0x8/0x30 [ 505.429388] page_fault+0x1e/0x30 [ 505.432822] RIP: 0033:0x455caa [ 505.436000] Code: 48 85 db 74 b6 41 bc ca 00 00 00 eb 0c 0f 1f 00 48 8b 5b 08 48 85 db 74 a2 48 8b 3b 48 8b 47 10 48 85 c0 74 05 ff d0 48 8b 3b ff 4f 28 0f 94 c0 84 c0 74 db 8b 47 2c 85 c0 74 d4 45 31 d2 ba [ 505.454886] RSP: 002b:00007ffd1aecd800 EFLAGS: 00010246 [ 505.460245] RAX: 0000000000000000 RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 505.467498] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000a44cc8 [ 505.474758] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 505.482027] R10: 000000000213fc10 R11: 0000000000000246 R12: 00000000000000ca [ 505.489280] R13: 00000000000000fe R14: 0000000000000000 R15: 0000000000000005 [ 505.497778] Memory limit reached of cgroup /syz5 [ 505.502609] memory: usage 204800kB, limit 204800kB, failcnt 434339 [ 505.509171] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 505.516131] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 505.522391] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB [ 505.542469] Out of memory and no killable processes... [ 505.548296] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=-1000 [ 505.559553] syz-executor5 cpuset=syz5 mems_allowed=0 [ 505.564699] CPU: 1 PID: 13715 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 505.571960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 505.581303] Call Trace: [ 505.583875] dump_stack+0x1c4/0x2b4 [ 505.587486] ? dump_stack_print_info.cold.2+0x52/0x52 [ 505.592716] dump_header+0x27b/0xf72 [ 505.596418] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 505.602200] ? kasan_check_read+0x11/0x20 [ 505.606342] ? pagefault_out_of_memory+0x197/0x197 [ 505.611713] ? rcu_read_unlock+0x33/0x60 [ 505.615759] ? mem_cgroup_iter+0x514/0x1160 [ 505.620093] ? find_held_lock+0x36/0x1c0 [ 505.624142] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 505.628884] ? mark_held_locks+0xc7/0x130 [ 505.633017] ? _raw_spin_unlock_irq+0x27/0x80 [ 505.637496] ? _raw_spin_unlock_irq+0x27/0x80 [ 505.641974] ? lockdep_hardirqs_on+0x421/0x5c0 [ 505.646542] ? trace_hardirqs_on+0xbd/0x310 [ 505.650846] ? kasan_check_read+0x11/0x20 [ 505.654981] ? css_task_iter_end+0x222/0x490 [ 505.659373] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 505.664823] ? kasan_check_write+0x14/0x20 [ 505.669051] ? do_raw_spin_lock+0xc1/0x200 [ 505.673277] ? _raw_spin_unlock_irq+0x60/0x80 [ 505.677780] ? css_task_iter_end+0x2ce/0x490 [ 505.682191] ? cgroup_procs_next+0x70/0x70 [ 505.686416] ? _raw_spin_unlock_irq+0x60/0x80 [ 505.690895] ? oom_badness+0xaa0/0xaa0 [ 505.694782] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 505.699540] ? mem_cgroup_iter_break+0x30/0x30 [ 505.704132] ? mark_held_locks+0xc7/0x130 [ 505.708271] out_of_memory.cold.30+0xf/0x184 [ 505.712833] ? lockdep_hardirqs_on+0x421/0x5c0 [ 505.717426] ? kasan_check_read+0x11/0x20 [ 505.721563] ? oom_killer_disable+0x3a0/0x3a0 [ 505.726060] ? kasan_check_write+0x14/0x20 [ 505.730329] ? do_raw_spin_lock+0xc1/0x200 [ 505.734555] mem_cgroup_out_of_memory+0x15e/0x210 [ 505.739383] ? memcg_memory_event+0x40/0x40 [ 505.743725] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 505.748469] ? page_counter_try_charge+0x1c1/0x220 [ 505.753385] try_charge+0xc43/0x1690 [ 505.757099] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 505.763140] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 505.767967] ? lock_downgrade+0x900/0x900 [ 505.772116] ? check_preemption_disabled+0x48/0x200 [ 505.777121] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 505.782908] ? kasan_check_read+0x11/0x20 [ 505.787040] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 505.792320] ? rcu_bh_qs+0xc0/0xc0 [ 505.795859] ? get_mem_cgroup_from_mm+0x206/0x440 [ 505.800712] ? mem_cgroup_can_attach+0x580/0x580 [ 505.805460] ? __lock_is_held+0xb5/0x140 [ 505.809509] mem_cgroup_try_charge+0x5ea/0xe10 [ 505.814093] ? mem_cgroup_protected+0xa60/0xa60 [ 505.818748] ? swp_swapcount+0x530/0x530 [ 505.822801] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 505.828608] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 505.834135] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 505.839054] wp_page_copy+0x46c/0x14f0 [ 505.842933] ? follow_pfn+0x2e0/0x2e0 [ 505.846724] ? do_wp_page+0x76c/0x1390 [ 505.850598] ? lock_downgrade+0x900/0x900 [ 505.854731] ? kasan_check_write+0x14/0x20 [ 505.858988] ? kasan_check_read+0x11/0x20 [ 505.863128] ? do_raw_spin_unlock+0xa7/0x2f0 [ 505.867521] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 505.872090] ? __pte_alloc_kernel+0x220/0x220 [ 505.876569] ? __lock_acquire+0x7ec/0x4ec0 [ 505.880812] do_wp_page+0x774/0x1390 [ 505.884514] ? finish_mkwrite_fault+0x4f0/0x4f0 [ 505.889181] ? lock_release+0x970/0x970 [ 505.893162] ? rcu_bh_qs+0xc0/0xc0 [ 505.896690] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 505.902215] ? kasan_check_write+0x14/0x20 [ 505.906436] ? do_raw_spin_lock+0xc1/0x200 [ 505.910660] __handle_mm_fault+0x2c60/0x53e0 [ 505.915059] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 505.919890] ? graph_lock+0x170/0x170 [ 505.923686] ? print_usage_bug+0xc0/0xc0 [ 505.927734] ? graph_lock+0x170/0x170 [ 505.931516] ? graph_lock+0x170/0x170 [ 505.935318] ? handle_mm_fault+0x42a/0xc70 [ 505.939552] ? lock_downgrade+0x900/0x900 [ 505.943694] ? check_preemption_disabled+0x48/0x200 [ 505.948701] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 505.954481] ? kasan_check_read+0x11/0x20 [ 505.958615] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 505.963878] ? rcu_bh_qs+0xc0/0xc0 [ 505.967424] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 505.972860] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 505.978395] ? check_preemption_disabled+0x48/0x200 [ 505.983412] handle_mm_fault+0x54f/0xc70 [ 505.987460] ? __handle_mm_fault+0x53e0/0x53e0 [ 505.992025] ? find_vma+0x34/0x190 [ 505.995555] __do_page_fault+0x67d/0xed0 [ 505.999623] ? mm_fault_error+0x380/0x380 [ 506.003777] ? trace_hardirqs_off+0xb8/0x310 [ 506.008189] ? __ia32_sys_unlink+0x50/0x50 [ 506.012422] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 506.017772] ? trace_hardirqs_on+0x310/0x310 [ 506.022177] do_page_fault+0xf2/0x7e0 [ 506.025964] ? vmalloc_sync_all+0x30/0x30 [ 506.030111] ? error_entry+0x70/0xd0 [ 506.033807] ? trace_hardirqs_off_caller+0xbb/0x310 [ 506.038830] ? trace_hardirqs_on_caller+0xc0/0x310 [ 506.043761] ? syscall_return_slowpath+0x5e0/0x5e0 [ 506.048677] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 506.053502] ? trace_hardirqs_on_caller+0x310/0x310 [ 506.058513] ? trace_hardirqs_off+0x310/0x310 [ 506.062996] ? prepare_exit_to_usermode+0x291/0x3b0 [ 506.067998] ? page_fault+0x8/0x30 [ 506.071520] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 506.076379] ? page_fault+0x8/0x30 [ 506.079903] page_fault+0x1e/0x30 [ 506.083335] RIP: 0033:0x46d81e [ 506.086519] Code: ff 90 66 2e 0f 1f 84 00 00 00 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 81 ec 28 05 00 00 48 c7 c0 d4 ff ff ff 64 8b 00 <89> 85 5c fb ff ff 8b 87 c0 00 00 00 85 c0 0f 85 ee 00 00 00 c7 87 [ 506.105408] RSP: 002b:00007ffd1aeccc70 EFLAGS: 00010202 [ 506.110755] RAX: 0000000000000006 RBX: 00007ffd1aecd1d0 RCX: 0000000000000000 [ 506.118009] RDX: 00007ffd1aecd348 RSI: 00000000004ddecb RDI: 00007ffd1aecd1d0 [ 506.125264] RBP: 00007ffd1aecd1c0 R08: 0000000000000000 R09: 00007ffd1aecd348 [ 506.132537] R10: 0000000000000075 R11: 0000000000000206 R12: 00007ffd1aecd360 [ 506.139788] R13: 00000000004ddecb R14: 00007ffd1aecd348 R15: 0000000000000001 [ 506.148924] Memory limit reached of cgroup /syz5 [ 506.153822] memory: usage 204800kB, limit 204800kB, failcnt 434347 [ 506.160183] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 506.167020] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 506.173177] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:60KB inactive_file:0KB active_file:0KB unevictable:0KB [ 506.192973] Out of memory and no killable processes... [ 506.198458] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=-1000 [ 506.211493] syz-executor5 cpuset=syz5 mems_allowed=0 [ 506.216729] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 506.224021] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 506.233369] Call Trace: [ 506.235952] dump_stack+0x1c4/0x2b4 [ 506.239576] ? dump_stack_print_info.cold.2+0x52/0x52 [ 506.244764] dump_header+0x27b/0xf72 [ 506.248498] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 506.254293] ? kasan_check_read+0x11/0x20 [ 506.258433] ? pagefault_out_of_memory+0x197/0x197 [ 506.263351] ? rcu_read_unlock+0x33/0x60 [ 506.267422] ? mem_cgroup_iter+0x514/0x1160 [ 506.271730] ? find_held_lock+0x36/0x1c0 [ 506.275793] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 506.280558] ? mark_held_locks+0xc7/0x130 [ 506.284692] ? _raw_spin_unlock_irq+0x27/0x80 [ 506.289171] ? _raw_spin_unlock_irq+0x27/0x80 [ 506.293650] ? lockdep_hardirqs_on+0x421/0x5c0 [ 506.298219] ? trace_hardirqs_on+0xbd/0x310 [ 506.302538] ? kasan_check_read+0x11/0x20 [ 506.306672] ? css_task_iter_end+0x222/0x490 [ 506.311078] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 506.316515] ? kasan_check_write+0x14/0x20 [ 506.320754] ? do_raw_spin_lock+0xc1/0x200 [ 506.325007] ? _raw_spin_unlock_irq+0x60/0x80 [ 506.329489] ? css_task_iter_end+0x2ce/0x490 [ 506.333885] ? cgroup_procs_next+0x70/0x70 [ 506.338112] ? _raw_spin_unlock_irq+0x60/0x80 [ 506.342598] ? oom_badness+0xaa0/0xaa0 [ 506.346476] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 506.351234] ? mem_cgroup_iter_break+0x30/0x30 [ 506.355809] ? mark_held_locks+0xc7/0x130 [ 506.359950] out_of_memory.cold.30+0xf/0x184 [ 506.364345] ? lockdep_hardirqs_on+0x421/0x5c0 [ 506.368916] ? kasan_check_read+0x11/0x20 [ 506.373062] ? oom_killer_disable+0x3a0/0x3a0 [ 506.377560] ? kasan_check_write+0x14/0x20 [ 506.381809] ? do_raw_spin_lock+0xc1/0x200 [ 506.386042] mem_cgroup_out_of_memory+0x15e/0x210 [ 506.390892] ? memcg_memory_event+0x40/0x40 [ 506.395202] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 506.400039] ? page_counter_try_charge+0x1c1/0x220 [ 506.404979] try_charge+0xc43/0x1690 [ 506.408696] ? lock_downgrade+0x900/0x900 [ 506.412835] ? check_preemption_disabled+0x48/0x200 [ 506.417879] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 506.423930] ? find_held_lock+0x36/0x1c0 [ 506.427984] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 506.432818] ? lock_downgrade+0x900/0x900 [ 506.436971] ? check_preemption_disabled+0x48/0x200 [ 506.441978] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 506.447760] ? kasan_check_read+0x11/0x20 [ 506.451893] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 506.457173] ? rcu_bh_qs+0xc0/0xc0 [ 506.460705] ? get_mem_cgroup_from_mm+0x206/0x440 [ 506.465540] memcg_kmem_charge_memcg+0x7c/0x120 [ 506.470193] ? memcg_kmem_put_cache+0xb0/0xb0 [ 506.474669] ? find_held_lock+0x36/0x1c0 [ 506.478719] ? print_usage_bug+0xc0/0xc0 [ 506.482772] memcg_kmem_charge+0x135/0x300 [ 506.486997] __alloc_pages_nodemask+0x72e/0xde0 [ 506.491655] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 506.496661] ? __lock_acquire+0x7ec/0x4ec0 [ 506.500884] ? __lock_acquire+0x7ec/0x4ec0 [ 506.505115] ? mark_held_locks+0x130/0x130 [ 506.509334] ? mark_held_locks+0x130/0x130 [ 506.513556] ? lock_release+0x970/0x970 [ 506.517528] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 506.523058] alloc_pages_current+0x10c/0x210 [ 506.527461] __pmd_alloc+0x3e/0x450 [ 506.531074] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 506.536623] __handle_mm_fault+0x2098/0x53e0 [ 506.541018] ? check_preemption_disabled+0x48/0x200 [ 506.546029] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 506.550856] ? graph_lock+0x170/0x170 [ 506.554639] ? print_usage_bug+0xc0/0xc0 [ 506.558688] ? graph_lock+0x170/0x170 [ 506.562476] ? graph_lock+0x170/0x170 [ 506.566270] ? graph_lock+0x170/0x170 [ 506.570068] ? handle_mm_fault+0x42a/0xc70 [ 506.574290] ? lock_downgrade+0x900/0x900 [ 506.578446] ? check_preemption_disabled+0x48/0x200 [ 506.583465] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 506.589253] ? kasan_check_read+0x11/0x20 [ 506.593391] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 506.598659] ? rcu_bh_qs+0xc0/0xc0 [ 506.602187] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 506.607628] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 506.613187] ? check_preemption_disabled+0x48/0x200 [ 506.618201] handle_mm_fault+0x54f/0xc70 [ 506.622256] ? __handle_mm_fault+0x53e0/0x53e0 [ 506.626829] ? find_vma+0x34/0x190 [ 506.630360] __do_page_fault+0x67d/0xed0 [ 506.634411] ? mm_fault_error+0x380/0x380 [ 506.638583] ? trace_hardirqs_off+0xb8/0x310 [ 506.642984] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 506.648342] ? trace_hardirqs_on+0x310/0x310 [ 506.652742] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 506.658271] do_page_fault+0xf2/0x7e0 [ 506.662063] ? vmalloc_sync_all+0x30/0x30 [ 506.666204] ? error_entry+0x70/0xd0 [ 506.669905] ? trace_hardirqs_off_caller+0xbb/0x310 [ 506.674914] ? trace_hardirqs_on_caller+0xc0/0x310 [ 506.679856] ? syscall_return_slowpath+0x5e0/0x5e0 [ 506.684788] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 506.689635] ? trace_hardirqs_on_caller+0x310/0x310 [ 506.694641] ? trace_hardirqs_off+0x310/0x310 [ 506.699126] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 506.704136] ? prepare_exit_to_usermode+0x291/0x3b0 [ 506.709179] ? page_fault+0x8/0x30 [ 506.712717] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 506.717554] ? page_fault+0x8/0x30 [ 506.721087] page_fault+0x1e/0x30 [ 506.724526] RIP: 0033:0x40b3b7 [ 506.727707] Code: 00 00 89 c6 bf f3 cf 4b 00 31 c0 e8 e3 64 ff ff c7 44 24 30 00 00 00 00 e8 a6 68 ff ff 49 89 c5 48 8b 05 7c 4c 63 00 4c 89 eb <44> 8b 20 eb 49 0f 1f 40 00 bf e8 03 00 00 e8 36 c1 04 00 e8 81 68 [ 506.746600] RSP: 002b:00007ffd1aecd850 EFLAGS: 00010206 [ 506.751952] RAX: 0000001b2cf20000 RBX: 000000000007b6b2 RCX: 000000000007b4a8 [ 506.759208] RDX: 000000000000020a RSI: 0000000000000000 RDI: 0000000000000001 [ 506.766466] RBP: 00000000000000fe R08: 0000000000000001 R09: 000000000213f940 [ 506.773726] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000000 [ 506.780995] R13: 000000000007b6b2 R14: 0000000000000000 R15: 0000000000000005 [ 506.790315] Memory limit reached of cgroup /syz5 [ 506.795238] memory: usage 202220kB, limit 204800kB, failcnt 434355 [ 506.801558] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 506.808404] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 506.814557] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 506.834405] Out of memory and no killable processes... [ 506.839998] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0 [ 506.852591] syz-executor5 cpuset=syz5 mems_allowed=0 [ 506.857804] CPU: 0 PID: 13715 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 506.865092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 506.874454] Call Trace: [ 506.877035] dump_stack+0x1c4/0x2b4 [ 506.880667] ? dump_stack_print_info.cold.2+0x52/0x52 [ 506.885845] ? mark_held_locks+0x130/0x130 [ 506.890067] ? mark_held_locks+0x130/0x130 [ 506.894294] dump_header+0x27b/0xf72 [ 506.898001] ? pagefault_out_of_memory+0x197/0x197 [ 506.902934] ? check_preemption_disabled+0x48/0x200 [ 506.907958] ? check_preemption_disabled+0x48/0x200 [ 506.912984] ? graph_lock+0x170/0x170 [ 506.916813] ? graph_lock+0x170/0x170 [ 506.920604] ? print_usage_bug+0xc0/0xc0 [ 506.924675] ? find_held_lock+0x36/0x1c0 [ 506.928739] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 506.934294] ? find_held_lock+0x36/0x1c0 [ 506.938382] ? mark_held_locks+0xc7/0x130 [ 506.942521] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 506.947619] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 506.952708] ? lockdep_hardirqs_on+0x421/0x5c0 [ 506.957279] ? trace_hardirqs_on+0xbd/0x310 [ 506.961600] ? kasan_check_read+0x11/0x20 [ 506.965746] ? ___ratelimit+0x36f/0x655 [ 506.969725] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 506.975163] ? trace_hardirqs_on+0x310/0x310 [ 506.979574] ? lock_downgrade+0x900/0x900 [ 506.983738] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 506.988843] ? ___ratelimit+0xaa/0x655 [ 506.992728] ? idr_get_free+0xec0/0xec0 [ 506.996694] ? kasan_check_write+0x14/0x20 [ 507.000915] ? do_raw_spin_lock+0xc1/0x200 [ 507.005158] oom_kill_process.cold.27+0x10/0x903 [ 507.009904] ? kasan_check_write+0x14/0x20 [ 507.014134] ? do_raw_spin_lock+0xc1/0x200 [ 507.018360] ? oom_evaluate_task+0x540/0x540 [ 507.022776] ? cgroup_procs_next+0x70/0x70 [ 507.026999] ? _raw_spin_unlock_irq+0x60/0x80 [ 507.031481] ? oom_badness+0xaa0/0xaa0 [ 507.035356] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 507.040101] ? mem_cgroup_iter_break+0x30/0x30 [ 507.044679] ? mark_held_locks+0xc7/0x130 [ 507.048826] out_of_memory+0xa84/0x1430 [ 507.052802] ? lockdep_hardirqs_on+0x421/0x5c0 [ 507.057401] ? kasan_check_read+0x11/0x20 [ 507.061558] ? oom_killer_disable+0x3a0/0x3a0 [ 507.066067] ? kasan_check_write+0x14/0x20 [ 507.070328] ? do_raw_spin_lock+0xc1/0x200 [ 507.074558] mem_cgroup_out_of_memory+0x15e/0x210 [ 507.079411] ? memcg_memory_event+0x40/0x40 [ 507.083732] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 507.088566] ? page_counter_try_charge+0x1c1/0x220 [ 507.093491] try_charge+0xc43/0x1690 [ 507.097220] ? lock_downgrade+0x900/0x900 [ 507.101379] ? check_preemption_disabled+0x48/0x200 [ 507.106405] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 507.112457] ? find_held_lock+0x36/0x1c0 [ 507.116541] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 507.121389] ? lock_downgrade+0x900/0x900 [ 507.125551] ? check_preemption_disabled+0x48/0x200 [ 507.130579] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 507.136397] ? kasan_check_read+0x11/0x20 [ 507.140536] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 507.145802] ? rcu_bh_qs+0xc0/0xc0 [ 507.149350] ? get_mem_cgroup_from_mm+0x206/0x440 [ 507.154208] memcg_kmem_charge_memcg+0x7c/0x120 [ 507.158867] ? memcg_kmem_put_cache+0xb0/0xb0 [ 507.163353] ? print_usage_bug+0xc0/0xc0 [ 507.167414] memcg_kmem_charge+0x135/0x300 [ 507.171660] __alloc_pages_nodemask+0x72e/0xde0 [ 507.176322] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 507.181326] ? __lock_acquire+0x7ec/0x4ec0 [ 507.185597] ? mark_held_locks+0x130/0x130 [ 507.189820] ? graph_lock+0x170/0x170 [ 507.193616] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 507.199168] alloc_pages_current+0x10c/0x210 [ 507.203609] __pmd_alloc+0x3e/0x450 [ 507.207224] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 507.212754] __handle_mm_fault+0x2098/0x53e0 [ 507.217150] ? check_preemption_disabled+0x48/0x200 [ 507.222176] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 507.227006] ? graph_lock+0x170/0x170 [ 507.230792] ? print_usage_bug+0xc0/0xc0 [ 507.234840] ? graph_lock+0x170/0x170 [ 507.238639] ? graph_lock+0x170/0x170 [ 507.242464] ? handle_mm_fault+0x42a/0xc70 [ 507.246693] ? lock_downgrade+0x900/0x900 [ 507.250840] ? check_preemption_disabled+0x48/0x200 [ 507.255846] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 507.261628] ? kasan_check_read+0x11/0x20 [ 507.265763] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 507.271028] ? rcu_bh_qs+0xc0/0xc0 [ 507.274555] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 507.279995] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 507.285531] ? check_preemption_disabled+0x48/0x200 [ 507.290559] handle_mm_fault+0x54f/0xc70 [ 507.294620] ? __handle_mm_fault+0x53e0/0x53e0 [ 507.299190] ? find_vma+0x34/0x190 [ 507.302731] __do_page_fault+0x67d/0xed0 [ 507.306799] ? mm_fault_error+0x380/0x380 [ 507.310933] ? trace_hardirqs_off+0xb8/0x310 [ 507.315343] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 507.320703] ? trace_hardirqs_on+0x310/0x310 [ 507.325120] do_page_fault+0xf2/0x7e0 [ 507.328921] ? vmalloc_sync_all+0x30/0x30 [ 507.333058] ? error_entry+0x70/0xd0 [ 507.336770] ? trace_hardirqs_off_caller+0xbb/0x310 [ 507.341771] ? trace_hardirqs_on_caller+0xc0/0x310 [ 507.346687] ? syscall_return_slowpath+0x5e0/0x5e0 [ 507.351604] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 507.356449] ? trace_hardirqs_on_caller+0x310/0x310 [ 507.361483] ? trace_hardirqs_off+0x310/0x310 [ 507.365971] ? prepare_exit_to_usermode+0x291/0x3b0 [ 507.370982] ? page_fault+0x8/0x30 [ 507.374549] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 507.379397] ? page_fault+0x8/0x30 [ 507.382924] page_fault+0x1e/0x30 [ 507.386361] RIP: 0033:0x4016a7 [ 507.389564] Code: 00 00 00 48 83 ec 08 48 8b 15 a5 e9 63 00 48 8b 05 96 e9 63 00 48 39 d0 48 8d 8a 00 00 00 01 72 17 48 39 c8 73 12 48 8d 50 04 <89> 38 48 89 15 78 e9 63 00 48 83 c4 08 c3 48 89 c6 bf f8 56 4c 00 [ 507.408459] RSP: 002b:00007ffd1aecd6a0 EFLAGS: 00010287 [ 507.413811] RAX: 0000001b2cf20000 RBX: 0000000000000003 RCX: 0000001b2df20000 [ 507.421080] RDX: 0000001b2cf20004 RSI: 00007ffd1aecd450 RDI: 0000000000000000 [ 507.428337] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000001 [ 507.435618] R10: 0000000000000075 R11: 0000000000000246 R12: 0000000000000000 [ 507.442885] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000005 [ 507.450999] Task in /syz5 killed as a result of limit of /syz5 [ 507.457111] memory: usage 202352kB, limit 204800kB, failcnt 434355 [ 507.463459] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 507.470296] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 507.476520] Memory cgroup stats for /syz5: cache:32KB rss:0KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:64KB inactive_file:0KB active_file:0KB unevictable:0KB [ 507.496370] Memory cgroup out of memory: Kill process 13715 (syz-executor5) score 160 or sacrifice child 19:57:24 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xa405}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:24 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000036fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:24 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000005a00fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:24 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c8c"]) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) stat(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0}) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xffffff95, 0x19, 0x1, {0x0, {0x0, 0x80}, 0x0, r2}}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) write$P9_RXATTRWALK(r1, &(0x7f0000000100)={0xf, 0x1f, 0x2, 0x6}, 0xf) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:24 executing program 1: getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000001c0)={{{@in=@multicast2, @in6=@mcast2}}, {{@in6=@dev}, 0x0, @in=@loopback}}, &(0x7f00000000c0)=0xe8) r0 = inotify_init() fcntl$setsig(r0, 0xa, 0x2e) mount$9p_rdma(&(0x7f0000000000)='127.0.0.1\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='9p\x00', 0x1, &(0x7f0000000340)={'trans=rdma,', {'port', 0x3d, 0x4e20}, 0x2c, {[{@rq={'rq', 0x3d, 0x6}}, {@common=@access_any='access=any'}]}}) r1 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EXT4_IOC_ALLOC_DA_BLKS(r1, 0x660c) r2 = syz_open_dev$ndb(&(0x7f0000001380)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) lseek(r2, 0x0, 0x0) 19:57:24 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000068fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 507.506108] Killed process 13715 (syz-executor5) total-vm:70212kB, anon-rss:88kB, file-rss:32768kB, shmem-rss:0kB [ 507.517129] oom_reaper: reaped process 13715 (syz-executor5), now anon-rss:0kB, file-rss:32128kB, shmem-rss:0kB 19:57:24 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) r2 = dup3(r1, r1, 0x80000) write$FUSE_STATFS(r2, &(0x7f0000000400)={0x60, 0x0, 0x1, {{0x3, 0x0, 0xdb6, 0x4, 0xf8, 0xffff, 0x38a87735, 0x29ffdc4e}}}, 0x60) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r2, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') openat$autofs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/autofs\x00', 0x40002, 0x0) [ 507.620309] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0 [ 507.644885] syz-executor5 cpuset=syz5 mems_allowed=0 [ 507.651286] CPU: 0 PID: 13734 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 507.658588] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 507.667961] Call Trace: 19:57:24 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000001600fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:24 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000016fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 507.670567] dump_stack+0x1c4/0x2b4 [ 507.674215] ? dump_stack_print_info.cold.2+0x52/0x52 [ 507.679423] ? mark_held_locks+0x130/0x130 [ 507.683675] ? mark_held_locks+0x130/0x130 [ 507.687939] dump_header+0x27b/0xf72 [ 507.691685] ? pagefault_out_of_memory+0x197/0x197 [ 507.697132] ? check_preemption_disabled+0x48/0x200 [ 507.702162] ? check_preemption_disabled+0x48/0x200 [ 507.702189] ? graph_lock+0x170/0x170 [ 507.711037] ? graph_lock+0x170/0x170 [ 507.715175] ? print_usage_bug+0xc0/0xc0 [ 507.719249] ? find_held_lock+0x36/0x1c0 [ 507.723325] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 507.723348] ? find_held_lock+0x36/0x1c0 [ 507.723371] ? mark_held_locks+0xc7/0x130 [ 507.723391] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 507.723412] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 507.733035] ? lockdep_hardirqs_on+0x421/0x5c0 [ 507.733055] ? trace_hardirqs_on+0xbd/0x310 [ 507.733070] ? kasan_check_read+0x11/0x20 [ 507.733086] ? ___ratelimit+0x36f/0x655 [ 507.733107] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 507.756331] ? trace_hardirqs_on+0x310/0x310 [ 507.756363] ? lock_downgrade+0x900/0x900 [ 507.756386] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 507.756405] ? ___ratelimit+0xaa/0x655 [ 507.764547] ? idr_get_free+0xec0/0xec0 [ 507.764565] ? kasan_check_write+0x14/0x20 [ 507.764591] ? do_raw_spin_lock+0xc1/0x200 [ 507.764617] oom_kill_process.cold.27+0x10/0x903 [ 507.764640] ? kasan_check_write+0x14/0x20 [ 507.774533] ? do_raw_spin_lock+0xc1/0x200 [ 507.774560] ? oom_evaluate_task+0x540/0x540 19:57:24 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$ndb(&(0x7f0000001380)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) socketpair$inet_sctp(0x2, 0x5, 0x84, &(0x7f0000000200)) lseek(r0, 0x0, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x4e24, 0xfff, @ipv4={[], [], @multicast2}, 0x9}}, 0x81, 0x6, 0x16, 0x0, 0x91}, &(0x7f00000000c0)=0x98) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000100)={r1, 0xfffffffffffffff9, 0x7, 0x100000000}, &(0x7f00000001c0)=0x10) [ 507.774591] ? cgroup_procs_next+0x70/0x70 [ 507.774612] ? _raw_spin_unlock_irq+0x60/0x80 [ 507.791722] ? oom_badness+0xaa0/0xaa0 [ 507.791744] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 507.791765] ? mem_cgroup_iter_break+0x30/0x30 [ 507.791798] ? mark_held_locks+0xc7/0x130 [ 507.791818] out_of_memory+0xa84/0x1430 [ 507.847941] ? lockdep_hardirqs_on+0x421/0x5c0 [ 507.852555] ? kasan_check_read+0x11/0x20 [ 507.856729] ? oom_killer_disable+0x3a0/0x3a0 [ 507.861240] ? kasan_check_write+0x14/0x20 [ 507.865494] ? do_raw_spin_lock+0xc1/0x200 [ 507.869765] mem_cgroup_out_of_memory+0x15e/0x210 [ 507.869783] ? memcg_memory_event+0x40/0x40 [ 507.869800] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 507.869822] ? page_counter_try_charge+0x1c1/0x220 [ 507.869846] try_charge+0xc43/0x1690 [ 507.879021] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 507.879039] ? tcp_sendmsg+0x2f/0x50 [ 507.879056] ? sock_sendmsg+0xd5/0x120 [ 507.879071] ? __sys_sendto+0x3d7/0x670 [ 507.879086] ? __x64_sys_sendto+0xe1/0x1a0 [ 507.879103] ? do_syscall_64+0x1b9/0x820 [ 507.879119] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 507.879139] ? graph_lock+0x170/0x170 [ 507.927801] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 507.933362] ? check_preemption_disabled+0x48/0x200 [ 507.938394] ? check_preemption_disabled+0x48/0x200 [ 507.943435] ? mark_held_locks+0xc7/0x130 [ 507.947601] ? __lock_is_held+0xb5/0x140 [ 507.951677] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 507.956615] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 507.961554] ? lockdep_hardirqs_on+0x421/0x5c0 [ 507.966164] ? __sk_mem_raise_allocated+0x642/0x1800 [ 507.971283] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 507.976745] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 507.982296] ? check_preemption_disabled+0x48/0x200 [ 507.987331] mem_cgroup_charge_skmem+0x1e4/0x390 [ 507.992103] ? mem_cgroup_sk_free+0x90/0x90 [ 507.996454] __sk_mem_raise_allocated+0x642/0x1800 [ 508.001414] ? sk_busy_loop_end+0x1c0/0x1c0 [ 508.005765] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 508.010793] ? skb_page_frag_refill+0x1eb/0x6a0 [ 508.015474] ? sock_kzfree_s+0x60/0x60 [ 508.019372] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 508.024396] ? sk_stream_alloc_skb+0x34b/0x970 [ 508.028992] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 508.034025] ? skb_entail+0x618/0x8c0 [ 508.037847] ? tcp_rate_check_app_limited+0x121/0x460 [ 508.043067] ? tcp_splice_data_recv+0x1b0/0x1b0 [ 508.047759] __sk_mem_schedule+0x6d/0xe0 [ 508.051837] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 508.057396] tcp_sendmsg_locked+0x1c86/0x3f00 [ 508.061936] ? tcp_sendpage+0x60/0x60 [ 508.065752] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 508.071212] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 508.076771] ? check_preemption_disabled+0x48/0x200 [ 508.081806] ? smack_netlabel+0xda/0x180 [ 508.085878] ? smack_netlabel+0xda/0x180 [ 508.089954] ? find_held_lock+0x36/0x1c0 [ 508.094030] ? mark_held_locks+0xc7/0x130 [ 508.098193] ? __local_bh_enable_ip+0x160/0x260 [ 508.102869] ? __local_bh_enable_ip+0x160/0x260 [ 508.107552] ? trace_hardirqs_on+0xbd/0x310 [ 508.111904] ? lock_release+0x970/0x970 [ 508.115887] ? lock_sock_nested+0xe2/0x120 [ 508.120132] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 508.125604] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 508.131168] ? check_preemption_disabled+0x48/0x200 [ 508.136204] ? lock_sock_nested+0x9a/0x120 [ 508.140450] ? lock_sock_nested+0x9a/0x120 [ 508.144710] ? __local_bh_enable_ip+0x160/0x260 [ 508.149428] tcp_sendmsg+0x2f/0x50 [ 508.152984] inet_sendmsg+0x1a1/0x690 [ 508.156800] ? ipip_gro_receive+0x100/0x100 [ 508.161136] ? smack_socket_sendmsg+0x150/0x190 [ 508.165818] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 508.171366] ? security_socket_sendmsg+0x94/0xc0 [ 508.176132] ? ipip_gro_receive+0x100/0x100 [ 508.180464] sock_sendmsg+0xd5/0x120 [ 508.184205] __sys_sendto+0x3d7/0x670 [ 508.188020] ? __ia32_sys_getpeername+0xb0/0xb0 [ 508.192699] ? lock_release+0x970/0x970 [ 508.196683] ? arch_local_save_flags+0x40/0x40 [ 508.201275] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 508.206771] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 508.212320] ? put_timespec64+0x10f/0x1b0 [ 508.216479] ? nsecs_to_jiffies+0x30/0x30 [ 508.220655] ? do_syscall_64+0x9a/0x820 [ 508.224634] ? do_syscall_64+0x9a/0x820 [ 508.228629] ? lockdep_hardirqs_on+0x421/0x5c0 [ 508.233222] ? trace_hardirqs_on+0xbd/0x310 [ 508.237599] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 508.243145] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 508.248518] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 508.253993] __x64_sys_sendto+0xe1/0x1a0 [ 508.258073] do_syscall_64+0x1b9/0x820 [ 508.261996] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 508.267368] ? syscall_return_slowpath+0x5e0/0x5e0 [ 508.272304] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 508.277166] ? trace_hardirqs_on_caller+0x310/0x310 [ 508.282200] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 508.287236] ? prepare_exit_to_usermode+0x291/0x3b0 [ 508.292278] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 508.297141] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 508.302337] RIP: 0033:0x457579 [ 508.305537] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 508.324475] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 508.332218] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 508.339503] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 508.346793] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 508.354064] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 508.361338] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff 19:57:25 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000016fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 508.381897] Task in /syz5 killed as a result of limit of /syz5 [ 508.403271] memory: usage 204736kB, limit 204800kB, failcnt 434370 19:57:25 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000200fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 508.434384] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 508.442379] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 508.449086] Memory cgroup stats for /syz5: cache:32KB rss:2196KB rss_huge:2048KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2204KB inactive_file:0KB active_file:0KB unevictable:0KB [ 508.540691] Memory cgroup out of memory: Kill process 13732 (syz-executor5) score 171 or sacrifice child [ 508.577458] Killed process 13732 (syz-executor5) total-vm:70472kB, anon-rss:2144kB, file-rss:32768kB, shmem-rss:0kB 19:57:25 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xa}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:25 executing program 1: r0 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) lseek(r0, 0x0, 0x0) 19:57:25 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000400)={0x6e, 0x29, 0x1, {0xbc1, [{{0x40, 0x4, 0x8}, 0x7, 0x6, 0x7, './file0'}, {{0x2d, 0x0, 0x1}, 0x10000, 0x4, 0x7, './file0'}, {{0x20, 0x3, 0x1}, 0xffffffffffffb999, 0xa209, 0xd, './file0/file0'}]}}, 0x6e) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) sendmsg$unix(0xffffffffffffffff, &(0x7f0000001740)={&(0x7f0000000200)=@abs, 0x6e, &(0x7f00000016c0)=[{&(0x7f0000000380)="1437d709d56de01cc25cceaeacd9f3ac56cee6fb70840308b8c49aa05b36b7bf2132a56fe09ca5b034386135f64709c696f261e2ff4049b6483c2d08b9e67b062a36b83270b7f2e98c02f6068950bde31803325dd0a7347030bf0984863638794c054975dd5f03a9f619a4a2021b9c7f64817ac4848e0dfa049c118474324ef3ad84f9705d99fbecfa74d947bedf4d4afcc91906ba6bdef2aeaf74294194b5c8ea530f32215273d6a8e72688b000030652056c5d6fafed03cb4487", 0xbb}], 0x1, 0x0, 0x0, 0x80}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semtimedop(0x0, &(0x7f0000000380), 0x194, &(0x7f0000000340)={0x0, 0x989680}) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:25 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000a00fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:25 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000400fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 508.602677] oom_reaper: reaped process 13732 (syz-executor5), now anon-rss:0kB, file-rss:32728kB, shmem-rss:0kB 19:57:25 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000e00fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 508.739387] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=2, oom_score_adj=0 [ 508.752081] syz-executor5 cpuset=syz5 mems_allowed=0 [ 508.773275] CPU: 1 PID: 13778 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 508.780587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 508.789958] Call Trace: [ 508.792576] dump_stack+0x1c4/0x2b4 [ 508.796234] ? dump_stack_print_info.cold.2+0x52/0x52 [ 508.801441] ? mark_held_locks+0x130/0x130 [ 508.801458] ? mark_held_locks+0x130/0x130 [ 508.801480] dump_header+0x27b/0xf72 [ 508.801519] ? pagefault_out_of_memory+0x197/0x197 [ 508.809986] ? check_preemption_disabled+0x48/0x200 [ 508.810003] ? check_preemption_disabled+0x48/0x200 [ 508.810032] ? graph_lock+0x170/0x170 [ 508.810062] ? graph_lock+0x170/0x170 [ 508.832554] ? print_usage_bug+0xc0/0xc0 [ 508.832575] ? find_held_lock+0x36/0x1c0 [ 508.832597] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 508.832618] ? find_held_lock+0x36/0x1c0 [ 508.832641] ? mark_held_locks+0xc7/0x130 [ 508.840538] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 508.840554] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 508.840573] ? lockdep_hardirqs_on+0x421/0x5c0 [ 508.840591] ? trace_hardirqs_on+0xbd/0x310 [ 508.840605] ? kasan_check_read+0x11/0x20 [ 508.840625] ? ___ratelimit+0x36f/0x655 [ 508.885615] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 508.891090] ? trace_hardirqs_on+0x310/0x310 [ 508.891110] ? lock_downgrade+0x900/0x900 [ 508.891134] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 508.891151] ? ___ratelimit+0xaa/0x655 [ 508.891170] ? idr_get_free+0xec0/0xec0 [ 508.904825] ? kasan_check_write+0x14/0x20 [ 508.904845] ? do_raw_spin_lock+0xc1/0x200 [ 508.904871] oom_kill_process.cold.27+0x10/0x903 [ 508.904890] ? kasan_check_write+0x14/0x20 [ 508.904906] ? do_raw_spin_lock+0xc1/0x200 [ 508.904928] ? oom_evaluate_task+0x540/0x540 [ 508.904948] ? cgroup_procs_next+0x70/0x70 [ 508.904975] ? _raw_spin_unlock_irq+0x60/0x80 [ 508.947637] ? oom_badness+0xaa0/0xaa0 [ 508.951549] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 508.956346] ? mem_cgroup_iter_break+0x30/0x30 [ 508.960962] ? mark_held_locks+0xc7/0x130 [ 508.965153] out_of_memory+0xa84/0x1430 [ 508.969177] ? lockdep_hardirqs_on+0x421/0x5c0 [ 508.973791] ? kasan_check_read+0x11/0x20 [ 508.977976] ? oom_killer_disable+0x3a0/0x3a0 [ 508.982496] ? kasan_check_write+0x14/0x20 [ 508.986772] ? do_raw_spin_lock+0xc1/0x200 [ 508.991054] mem_cgroup_out_of_memory+0x15e/0x210 [ 508.995935] ? memcg_memory_event+0x40/0x40 [ 509.000302] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 509.005267] ? page_counter_try_charge+0x1c1/0x220 [ 509.010278] try_charge+0xc43/0x1690 [ 509.014033] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 509.020154] ? tcp_sendmsg+0x2f/0x50 [ 509.023883] ? sock_sendmsg+0xd5/0x120 [ 509.027819] ? __sys_sendto+0x3d7/0x670 [ 509.031839] ? __x64_sys_sendto+0xe1/0x1a0 [ 509.036091] ? do_syscall_64+0x1b9/0x820 [ 509.040180] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 509.045574] ? graph_lock+0x170/0x170 [ 509.049414] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 509.054986] ? check_preemption_disabled+0x48/0x200 [ 509.060026] ? check_preemption_disabled+0x48/0x200 [ 509.065123] ? mark_held_locks+0xc7/0x130 [ 509.069287] ? __lock_is_held+0xb5/0x140 [ 509.073362] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 509.078323] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 509.083283] ? lockdep_hardirqs_on+0x421/0x5c0 [ 509.087901] ? __sk_mem_raise_allocated+0x642/0x1800 [ 509.093037] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 509.098541] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 509.104113] ? check_preemption_disabled+0x48/0x200 [ 509.109155] mem_cgroup_charge_skmem+0x1e4/0x390 [ 509.113947] ? mem_cgroup_sk_free+0x90/0x90 [ 509.118322] __sk_mem_raise_allocated+0x642/0x1800 [ 509.123285] ? sk_busy_loop_end+0x1c0/0x1c0 [ 509.127638] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 509.132684] ? skb_page_frag_refill+0x1eb/0x6a0 [ 509.137370] ? sock_kzfree_s+0x60/0x60 [ 509.141269] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 509.146318] ? sk_stream_alloc_skb+0x34b/0x970 [ 509.150917] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 509.155983] ? skb_entail+0x618/0x8c0 [ 509.159793] ? tcp_rate_check_app_limited+0x121/0x460 [ 509.164993] ? tcp_splice_data_recv+0x1b0/0x1b0 [ 509.169678] __sk_mem_schedule+0x6d/0xe0 [ 509.173781] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 509.179369] tcp_sendmsg_locked+0x1c86/0x3f00 [ 509.183906] ? tcp_sendpage+0x60/0x60 [ 509.187736] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 509.193197] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 509.198754] ? check_preemption_disabled+0x48/0x200 [ 509.203801] ? smack_netlabel+0xda/0x180 [ 509.207870] ? smack_netlabel+0xda/0x180 [ 509.211947] ? find_held_lock+0x36/0x1c0 [ 509.216030] ? mark_held_locks+0xc7/0x130 [ 509.220240] ? __local_bh_enable_ip+0x160/0x260 [ 509.224922] ? __local_bh_enable_ip+0x160/0x260 [ 509.229626] ? trace_hardirqs_on+0xbd/0x310 [ 509.233977] ? lock_release+0x970/0x970 [ 509.237960] ? lock_sock_nested+0xe2/0x120 [ 509.242244] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 509.247726] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 509.253275] ? check_preemption_disabled+0x48/0x200 [ 509.258305] ? lock_sock_nested+0x9a/0x120 [ 509.262569] ? lock_sock_nested+0x9a/0x120 [ 509.266818] ? __local_bh_enable_ip+0x160/0x260 [ 509.271530] tcp_sendmsg+0x2f/0x50 [ 509.275112] inet_sendmsg+0x1a1/0x690 [ 509.278923] ? ipip_gro_receive+0x100/0x100 [ 509.283276] ? smack_socket_sendmsg+0x150/0x190 [ 509.287955] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 509.293511] ? security_socket_sendmsg+0x94/0xc0 [ 509.298279] ? ipip_gro_receive+0x100/0x100 [ 509.302611] sock_sendmsg+0xd5/0x120 [ 509.306342] __sys_sendto+0x3d7/0x670 [ 509.310157] ? __ia32_sys_getpeername+0xb0/0xb0 [ 509.314834] ? lock_release+0x970/0x970 [ 509.318814] ? arch_local_save_flags+0x40/0x40 [ 509.323410] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 509.328923] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 509.334517] ? put_timespec64+0x10f/0x1b0 [ 509.338680] ? nsecs_to_jiffies+0x30/0x30 [ 509.342841] ? do_syscall_64+0x9a/0x820 [ 509.346845] ? do_syscall_64+0x9a/0x820 [ 509.350832] ? lockdep_hardirqs_on+0x421/0x5c0 [ 509.355426] ? trace_hardirqs_on+0xbd/0x310 [ 509.359772] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 509.365317] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 509.370688] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 509.376177] __x64_sys_sendto+0xe1/0x1a0 [ 509.380274] do_syscall_64+0x1b9/0x820 [ 509.384185] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 509.389558] ? syscall_return_slowpath+0x5e0/0x5e0 [ 509.394522] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 509.399379] ? trace_hardirqs_on_caller+0x310/0x310 [ 509.404423] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 509.409493] ? prepare_exit_to_usermode+0x291/0x3b0 [ 509.414555] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 509.419440] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 509.424653] RIP: 0033:0x457579 19:57:25 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000001100fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:25 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000003e00fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:25 executing program 1: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x121080, 0x0) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffff9c, 0x84, 0x73, &(0x7f0000000040)={0x0, 0xff, 0x30, 0x40, 0x6}, &(0x7f0000000080)=0x18) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={r1, 0xb0, &(0x7f00000001c0)=[@in={0x2, 0x4e24, @multicast1}, @in6={0xa, 0x4e21, 0x2, @mcast1}, @in6={0xa, 0x4e20, 0x3ff, @ipv4={[], [], @multicast2}, 0x9}, @in6={0xa, 0x4e21, 0x9, @ipv4={[], [], @local}, 0x301}, @in6={0xa, 0x4e20, 0xff, @remote, 0x5}, @in={0x2, 0x4e20, @broadcast}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x14}}, @in={0x2, 0x4e20, @remote}]}, &(0x7f0000000100)=0x10) ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000380)={0x40000000000002e3, &(0x7f0000000480)=[{}, {}, {}, {}]}) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$EVIOCGMTSLOTS(r0, 0x8040450a, &(0x7f0000000300)=""/85) syz_open_dev$ndb(&(0x7f0000001380)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) [ 509.427852] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 509.446778] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 509.454525] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 509.461845] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 509.469117] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 509.476389] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 509.483681] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff 19:57:26 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000003600fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:26 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:26 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000000afff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 509.597016] Task in /syz5 killed as a result of limit of /syz5 [ 509.603090] memory: usage 204800kB, limit 204800kB, failcnt 434401 [ 509.621193] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 509.643358] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 509.688826] Memory cgroup stats for /syz5: cache:32KB rss:2204KB rss_huge:2048KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2200KB inactive_file:0KB active_file:0KB unevictable:0KB 19:57:26 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x700000000000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:26 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000003ffff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:26 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1, {0x0, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100}}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:26 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000003e00fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 509.739700] Memory cgroup out of memory: Kill process 13776 (syz-executor5) score 171 or sacrifice child [ 509.764174] Killed process 13776 (syz-executor5) total-vm:70472kB, anon-rss:2144kB, file-rss:32768kB, shmem-rss:0kB [ 509.778642] oom_reaper: reaped process 13776 (syz-executor5), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB 19:57:26 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$ndb(&(0x7f0000001380)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) lseek(r0, 0x0, 0x0) 19:57:26 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000004fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:26 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000036fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:26 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="02030000070000000000005afff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:26 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$ndb(&(0x7f0000001380)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) lseek(r0, 0x0, 0x90) 19:57:26 executing program 3: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000400)={{0x9, 0x2}, {0x2, 0x100000001}, 0x5, 0x7, 0x81}) pipe2$9p(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r2, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) write$P9_RREADDIR(r2, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r2, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r2, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='9p\x00', 0x1000, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 509.983060] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=2, oom_score_adj=0 [ 510.029425] syz-executor5 cpuset=syz5 mems_allowed=0 [ 510.042407] CPU: 1 PID: 13823 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 510.049700] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 510.059058] Call Trace: [ 510.061669] dump_stack+0x1c4/0x2b4 [ 510.065323] ? dump_stack_print_info.cold.2+0x52/0x52 [ 510.070539] ? mark_held_locks+0x130/0x130 [ 510.075056] ? mark_held_locks+0x130/0x130 [ 510.079606] dump_header+0x27b/0xf72 [ 510.083347] ? pagefault_out_of_memory+0x197/0x197 [ 510.088292] ? check_preemption_disabled+0x48/0x200 [ 510.093324] ? check_preemption_disabled+0x48/0x200 [ 510.098368] ? graph_lock+0x170/0x170 [ 510.102198] ? graph_lock+0x170/0x170 [ 510.106014] ? print_usage_bug+0xc0/0xc0 [ 510.110093] ? find_held_lock+0x36/0x1c0 [ 510.114175] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 510.119730] ? find_held_lock+0x36/0x1c0 [ 510.123810] ? mark_held_locks+0xc7/0x130 [ 510.127971] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 510.133088] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 510.138204] ? lockdep_hardirqs_on+0x421/0x5c0 [ 510.142805] ? trace_hardirqs_on+0xbd/0x310 [ 510.147130] ? kasan_check_read+0x11/0x20 [ 510.151289] ? ___ratelimit+0x36f/0x655 [ 510.155276] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 510.160739] ? trace_hardirqs_on+0x310/0x310 [ 510.165154] ? lock_downgrade+0x900/0x900 [ 510.169316] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 510.174428] ? ___ratelimit+0xaa/0x655 [ 510.178327] ? idr_get_free+0xec0/0xec0 [ 510.182402] ? kasan_check_write+0x14/0x20 [ 510.186655] ? do_raw_spin_lock+0xc1/0x200 [ 510.190910] oom_kill_process.cold.27+0x10/0x903 [ 510.195675] ? kasan_check_write+0x14/0x20 [ 510.199934] ? do_raw_spin_lock+0xc1/0x200 [ 510.204187] ? oom_evaluate_task+0x540/0x540 [ 510.208610] ? cgroup_procs_next+0x70/0x70 [ 510.212860] ? _raw_spin_unlock_irq+0x60/0x80 [ 510.217545] ? oom_badness+0xaa0/0xaa0 [ 510.221797] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 510.226571] ? mem_cgroup_iter_break+0x30/0x30 [ 510.231272] ? mark_held_locks+0xc7/0x130 [ 510.235436] out_of_memory+0xa84/0x1430 [ 510.239421] ? lockdep_hardirqs_on+0x421/0x5c0 [ 510.244015] ? kasan_check_read+0x11/0x20 [ 510.248182] ? oom_killer_disable+0x3a0/0x3a0 [ 510.252702] ? kasan_check_write+0x14/0x20 [ 510.256950] ? do_raw_spin_lock+0xc1/0x200 [ 510.261210] mem_cgroup_out_of_memory+0x15e/0x210 [ 510.266063] ? memcg_memory_event+0x40/0x40 [ 510.270399] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 510.275347] ? page_counter_try_charge+0x1c1/0x220 [ 510.280297] try_charge+0xc43/0x1690 [ 510.284038] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 510.291520] ? graph_lock+0x170/0x170 [ 510.296118] ? handle_mm_fault+0x56e/0xc70 [ 510.301150] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 510.306702] ? check_preemption_disabled+0x48/0x200 [ 510.312425] ? check_preemption_disabled+0x48/0x200 [ 510.318439] ? mark_held_locks+0xc7/0x130 [ 510.322605] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 510.327549] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 510.332492] ? lockdep_hardirqs_on+0x421/0x5c0 [ 510.337107] ? rcu_read_lock_sched_held+0x108/0x120 [ 510.342138] ? __sk_mem_raise_allocated+0x642/0x1800 [ 510.347259] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 510.352724] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 510.358275] ? check_preemption_disabled+0x48/0x200 [ 510.363311] mem_cgroup_charge_skmem+0x1e4/0x390 [ 510.368091] ? mem_cgroup_sk_free+0x90/0x90 [ 510.372421] ? trace_hardirqs_off+0x310/0x310 [ 510.376941] __sk_mem_raise_allocated+0x642/0x1800 [ 510.381890] ? sk_busy_loop_end+0x1c0/0x1c0 [ 510.386224] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 510.391777] ? alloc_pages_current+0x114/0x210 [ 510.396378] ? skb_page_frag_refill+0x1eb/0x6a0 [ 510.401061] ? sock_kzfree_s+0x60/0x60 [ 510.404966] ? _copy_from_iter_full+0x2b3/0xd20 [ 510.409648] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 510.414671] ? tcp_rate_check_app_limited+0x121/0x460 [ 510.419885] ? iov_iter_advance+0x1460/0x1460 [ 510.424399] __sk_mem_schedule+0x6d/0xe0 [ 510.428471] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 510.434030] tcp_sendmsg_locked+0x1c86/0x3f00 [ 510.438577] ? tcp_sendpage+0x60/0x60 [ 510.442391] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 510.447851] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 510.453403] ? check_preemption_disabled+0x48/0x200 [ 510.458435] ? smack_netlabel+0xda/0x180 [ 510.462501] ? smack_netlabel+0xda/0x180 [ 510.466586] ? find_held_lock+0x36/0x1c0 [ 510.470665] ? mark_held_locks+0xc7/0x130 [ 510.474824] ? __local_bh_enable_ip+0x160/0x260 [ 510.479510] ? __local_bh_enable_ip+0x160/0x260 [ 510.484194] ? trace_hardirqs_on+0xbd/0x310 [ 510.488529] ? lock_release+0x970/0x970 [ 510.492520] ? lock_sock_nested+0xe2/0x120 [ 510.496771] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 510.502230] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 510.507789] ? check_preemption_disabled+0x48/0x200 [ 510.512818] ? lock_sock_nested+0x9a/0x120 [ 510.517064] ? lock_sock_nested+0x9a/0x120 [ 510.521321] ? __local_bh_enable_ip+0x160/0x260 [ 510.526010] tcp_sendmsg+0x2f/0x50 [ 510.529561] inet_sendmsg+0x1a1/0x690 [ 510.533376] ? ipip_gro_receive+0x100/0x100 [ 510.537714] ? smack_socket_sendmsg+0x150/0x190 [ 510.542394] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 510.547942] ? security_socket_sendmsg+0x94/0xc0 [ 510.552707] ? ipip_gro_receive+0x100/0x100 [ 510.557040] sock_sendmsg+0xd5/0x120 [ 510.560769] __sys_sendto+0x3d7/0x670 [ 510.564585] ? __ia32_sys_getpeername+0xb0/0xb0 [ 510.569266] ? lock_release+0x970/0x970 [ 510.573422] ? arch_local_save_flags+0x40/0x40 [ 510.578017] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 510.583539] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 510.589093] ? put_timespec64+0x10f/0x1b0 [ 510.593248] ? nsecs_to_jiffies+0x30/0x30 [ 510.597409] ? do_syscall_64+0x9a/0x820 [ 510.601390] ? do_syscall_64+0x9a/0x820 [ 510.605377] ? lockdep_hardirqs_on+0x421/0x5c0 [ 510.609969] ? trace_hardirqs_on+0xbd/0x310 [ 510.614297] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 510.619842] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 510.625215] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 510.630680] __x64_sys_sendto+0xe1/0x1a0 [ 510.634756] do_syscall_64+0x1b9/0x820 [ 510.638655] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 510.644036] ? syscall_return_slowpath+0x5e0/0x5e0 [ 510.648977] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 510.653829] ? trace_hardirqs_on_caller+0x310/0x310 [ 510.658854] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 510.663879] ? prepare_exit_to_usermode+0x291/0x3b0 [ 510.669090] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 510.673952] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 510.679149] RIP: 0033:0x457579 [ 510.682352] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 510.701443] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 510.709171] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 510.716442] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 510.723725] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 19:57:27 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000003efff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 510.730997] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 510.738272] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff [ 510.770503] Task in /syz5 killed as a result of limit of /syz5 19:57:27 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000005afff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 510.779516] memory: usage 204800kB, limit 204800kB, failcnt 434424 [ 510.788904] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 510.805891] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 510.846579] Memory cgroup stats for /syz5: cache:32KB rss:140KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:168KB inactive_file:0KB active_file:0KB unevictable:0KB [ 510.934556] Memory cgroup out of memory: Kill process 13822 (syz-executor5) score 161 or sacrifice child [ 510.962607] Killed process 13822 (syz-executor5) total-vm:70604kB, anon-rss:96kB, file-rss:32832kB, shmem-rss:0kB 19:57:27 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x40020000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:27 executing program 1: r0 = socket$inet6(0xa, 0x3, 0x800000000000004) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d5c6070") r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x0, 0x0) ioctl(r1, 0x800000000000937e, &(0x7f0000000280)="0100000000000000180400000001000000555d040f45426d0270ec78dfd849832f") 19:57:27 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="02030000070000000000000efff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:27 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000000efff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:27 executing program 3: pipe2$9p(&(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) r2 = open(&(0x7f00000004c0)='./file0\x00', 0x40000, 0x8) connect$inet(r2, &(0x7f0000000500)={0x2, 0x4e23, @multicast2}, 0x10) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0xfffffffffffffe0e) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') inotify_add_watch(r2, &(0x7f00000001c0)='./file0\x00', 0x8e0) r3 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x2040) ioctl$RTC_EPOCH_SET(r3, 0x4008700e, 0x811) [ 510.975102] oom_reaper: reaped process 13822 (syz-executor5), now anon-rss:0kB, file-rss:32064kB, shmem-rss:0kB 19:57:27 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000068fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:27 executing program 1: r0 = socket$inet6(0xa, 0x80003, 0x800000000000006) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000000), 0xc, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="00000000000000001c0012000c000100626f6e64000000000c00020008000700985700000000"], 0x1}}, 0x0) [ 511.096182] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=2, oom_score_adj=0 [ 511.114309] syz-executor5 cpuset=syz5 mems_allowed=0 19:57:27 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000068fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 511.139617] CPU: 0 PID: 13880 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 511.146924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 511.156302] Call Trace: [ 511.158933] dump_stack+0x1c4/0x2b4 [ 511.162585] ? dump_stack_print_info.cold.2+0x52/0x52 [ 511.167789] ? mark_held_locks+0x130/0x130 [ 511.172037] ? mark_held_locks+0x130/0x130 [ 511.176288] dump_header+0x27b/0xf72 [ 511.180025] ? pagefault_out_of_memory+0x197/0x197 [ 511.184967] ? check_preemption_disabled+0x48/0x200 [ 511.184984] ? check_preemption_disabled+0x48/0x200 [ 511.185010] ? graph_lock+0x170/0x170 [ 511.185033] ? graph_lock+0x170/0x170 [ 511.202658] ? print_usage_bug+0xc0/0xc0 [ 511.206739] ? find_held_lock+0x36/0x1c0 [ 511.210821] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 511.216375] ? find_held_lock+0x36/0x1c0 [ 511.220459] ? mark_held_locks+0xc7/0x130 [ 511.224638] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 511.229926] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 511.235219] ? lockdep_hardirqs_on+0x421/0x5c0 [ 511.239820] ? trace_hardirqs_on+0xbd/0x310 19:57:27 executing program 1: syz_mount_image$vfat(&(0x7f0000000300)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0xe004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e666174000204010002000270fff8", 0x16}], 0x0, &(0x7f0000000340)=ANY=[]) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fchdir(r0) open$dir(&(0x7f0000000040)='./file0\x00', 0x80440, 0x0) truncate(&(0x7f0000000280)='./file0\x00', 0x100002) [ 511.244154] ? kasan_check_read+0x11/0x20 [ 511.248317] ? ___ratelimit+0x36f/0x655 [ 511.252302] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 511.257769] ? trace_hardirqs_on+0x310/0x310 [ 511.262191] ? lock_downgrade+0x900/0x900 [ 511.266355] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 511.266375] ? ___ratelimit+0xaa/0x655 [ 511.266394] ? idr_get_free+0xec0/0xec0 [ 511.266409] ? kasan_check_write+0x14/0x20 [ 511.266426] ? do_raw_spin_lock+0xc1/0x200 [ 511.266449] oom_kill_process.cold.27+0x10/0x903 [ 511.275443] ? kasan_check_write+0x14/0x20 [ 511.275461] ? do_raw_spin_lock+0xc1/0x200 [ 511.275486] ? oom_evaluate_task+0x540/0x540 [ 511.275506] ? cgroup_procs_next+0x70/0x70 [ 511.275525] ? _raw_spin_unlock_irq+0x60/0x80 [ 511.275543] ? oom_badness+0xaa0/0xaa0 [ 511.301210] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 511.309875] ? mem_cgroup_iter_break+0x30/0x30 [ 511.309909] ? mark_held_locks+0xc7/0x130 [ 511.309934] out_of_memory+0xa84/0x1430 [ 511.335801] ? lockdep_hardirqs_on+0x421/0x5c0 [ 511.340399] ? kasan_check_read+0x11/0x20 [ 511.344567] ? oom_killer_disable+0x3a0/0x3a0 [ 511.349088] ? kasan_check_write+0x14/0x20 [ 511.353340] ? do_raw_spin_lock+0xc1/0x200 [ 511.357609] mem_cgroup_out_of_memory+0x15e/0x210 [ 511.362735] ? memcg_memory_event+0x40/0x40 [ 511.367069] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 511.372016] ? page_counter_try_charge+0x1c1/0x220 [ 511.376965] try_charge+0xc43/0x1690 [ 511.380705] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 511.386780] ? tcp_sendmsg+0x2f/0x50 [ 511.390509] ? sock_sendmsg+0xd5/0x120 19:57:28 executing program 1: r0 = socket(0xa, 0x1, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000240)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x84) [ 511.394410] ? __sys_sendto+0x3d7/0x670 [ 511.398397] ? __x64_sys_sendto+0xe1/0x1a0 [ 511.402642] ? do_syscall_64+0x1b9/0x820 [ 511.406720] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 511.412097] ? graph_lock+0x170/0x170 [ 511.415914] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 511.421987] ? check_preemption_disabled+0x48/0x200 [ 511.427440] ? check_preemption_disabled+0x48/0x200 [ 511.432467] ? mark_held_locks+0xc7/0x130 [ 511.436603] ? __lock_is_held+0xb5/0x140 [ 511.440665] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 511.445603] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 511.450550] ? lockdep_hardirqs_on+0x421/0x5c0 [ 511.455140] ? __sk_mem_raise_allocated+0x642/0x1800 [ 511.460265] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 511.465719] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 511.471247] ? check_preemption_disabled+0x48/0x200 [ 511.476270] mem_cgroup_charge_skmem+0x1e4/0x390 [ 511.481028] ? mem_cgroup_sk_free+0x90/0x90 [ 511.485346] __sk_mem_raise_allocated+0x642/0x1800 [ 511.490266] ? __tcp_transmit_skb+0x3fc0/0x3fc0 [ 511.494950] ? sk_busy_loop_end+0x1c0/0x1c0 [ 511.499292] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 511.504307] ? skb_page_frag_refill+0x1eb/0x6a0 [ 511.508968] ? sock_kzfree_s+0x60/0x60 [ 511.512842] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 511.517846] ? sk_stream_alloc_skb+0x34b/0x970 [ 511.522418] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 511.527420] ? skb_entail+0x618/0x8c0 [ 511.531209] ? tcp_rate_check_app_limited+0x121/0x460 [ 511.536386] ? tcp_splice_data_recv+0x1b0/0x1b0 [ 511.541056] __sk_mem_schedule+0x6d/0xe0 [ 511.545128] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 511.550672] tcp_sendmsg_locked+0x1c86/0x3f00 [ 511.555215] ? tcp_sendpage+0x60/0x60 [ 511.559039] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 511.564504] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 511.570091] ? check_preemption_disabled+0x48/0x200 [ 511.575097] ? smack_netlabel+0xda/0x180 [ 511.579147] ? smack_netlabel+0xda/0x180 [ 511.583197] ? find_held_lock+0x36/0x1c0 [ 511.587282] ? mark_held_locks+0xc7/0x130 [ 511.591419] ? __local_bh_enable_ip+0x160/0x260 [ 511.596100] ? __local_bh_enable_ip+0x160/0x260 [ 511.600776] ? trace_hardirqs_on+0xbd/0x310 [ 511.605282] ? lock_release+0x970/0x970 [ 511.610048] ? lock_sock_nested+0xe2/0x120 [ 511.615226] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 511.621360] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 511.628017] ? check_preemption_disabled+0x48/0x200 [ 511.634104] ? lock_sock_nested+0x9a/0x120 [ 511.638507] ? lock_sock_nested+0x9a/0x120 [ 511.643270] ? __local_bh_enable_ip+0x160/0x260 [ 511.648980] tcp_sendmsg+0x2f/0x50 [ 511.653217] inet_sendmsg+0x1a1/0x690 [ 511.657803] ? ipip_gro_receive+0x100/0x100 [ 511.662823] ? smack_socket_sendmsg+0x150/0x190 [ 511.668174] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 511.674483] ? security_socket_sendmsg+0x94/0xc0 [ 511.679232] ? ipip_gro_receive+0x100/0x100 [ 511.683562] sock_sendmsg+0xd5/0x120 [ 511.687273] __sys_sendto+0x3d7/0x670 [ 511.691063] ? __ia32_sys_getpeername+0xb0/0xb0 [ 511.695744] ? lock_release+0x970/0x970 [ 511.699717] ? arch_local_save_flags+0x40/0x40 [ 511.704287] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 511.709740] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 511.715510] ? put_timespec64+0x10f/0x1b0 [ 511.719647] ? nsecs_to_jiffies+0x30/0x30 [ 511.723797] ? do_syscall_64+0x9a/0x820 [ 511.727778] ? do_syscall_64+0x9a/0x820 [ 511.731751] ? lockdep_hardirqs_on+0x421/0x5c0 [ 511.736347] ? trace_hardirqs_on+0xbd/0x310 [ 511.740667] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 511.746191] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 511.751553] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 511.757000] __x64_sys_sendto+0xe1/0x1a0 [ 511.761054] do_syscall_64+0x1b9/0x820 [ 511.764934] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 511.770289] ? syscall_return_slowpath+0x5e0/0x5e0 [ 511.775250] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 511.780103] ? trace_hardirqs_on_caller+0x310/0x310 [ 511.785121] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 511.790202] ? prepare_exit_to_usermode+0x291/0x3b0 [ 511.795221] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 511.800068] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 511.805242] RIP: 0033:0x457579 [ 511.808425] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 511.827309] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 511.835014] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 511.842298] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 511.849566] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 511.856838] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 511.864110] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff [ 511.883613] Task in /syz5 killed as a result of limit of /syz5 [ 511.890590] memory: usage 186712kB, limit 204800kB, failcnt 434470 19:57:28 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000062fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 511.897133] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 511.904052] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 511.910485] Memory cgroup stats for /syz5: cache:32KB rss:140KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:152KB inactive_file:0KB active_file:0KB unevictable:0KB [ 511.930875] Memory cgroup out of memory: Kill process 13878 (syz-executor5) score 161 or sacrifice child 19:57:28 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) fcntl$F_GET_RW_HINT(r1, 0x40b, &(0x7f0000000100)) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',(']) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lsetxattr(&(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)=@known='com.apple.system.Security\x00', &(0x7f0000000400)='rfdno', 0x5, 0x3) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 511.949156] attempt to access beyond end of device [ 511.954317] loop1: rw=1, want=130, limit=112 [ 511.964446] Killed process 13878 (syz-executor5) total-vm:70472kB, anon-rss:96kB, file-rss:32768kB, shmem-rss:0kB [ 511.975827] Buffer I/O error on dev loop1, logical block 129, lost async page write [ 511.997245] attempt to access beyond end of device [ 512.009804] oom_reaper: reaped process 13878 (syz-executor5), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB [ 512.021221] loop1: rw=1, want=131, limit=112 [ 512.033395] Buffer I/O error on dev loop1, logical block 130, lost async page write 19:57:28 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x1500000000000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:28 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000003efff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:28 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000036fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 512.047630] attempt to access beyond end of device [ 512.053107] loop1: rw=1, want=132, limit=112 [ 512.077024] Buffer I/O error on dev loop1, logical block 131, lost async page write [ 512.113994] attempt to access beyond end of device 19:57:28 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000a00fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 512.140113] loop1: rw=1, want=133, limit=112 [ 512.157099] Buffer I/O error on dev loop1, logical block 132, lost async page write [ 512.173676] attempt to access beyond end of device [ 512.182854] loop1: rw=1, want=142, limit=112 [ 512.197498] Buffer I/O error on dev loop1, logical block 141, lost async page write [ 512.211595] attempt to access beyond end of device [ 512.231957] loop1: rw=1, want=143, limit=112 19:57:28 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) ioctl$FIBMAP(r0, 0x1, &(0x7f0000000100)=0x4) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r0, &(0x7f00000001c0)=ANY=[@ANYRES32=r1], 0x4) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB]) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:28 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000016fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 512.244646] Buffer I/O error on dev loop1, logical block 142, lost async page write [ 512.254730] attempt to access beyond end of device [ 512.259811] loop1: rw=1, want=144, limit=112 [ 512.264243] Buffer I/O error on dev loop1, logical block 143, lost async page write [ 512.272321] attempt to access beyond end of device 19:57:29 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000016fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 512.293912] loop1: rw=1, want=145, limit=112 [ 512.300803] Buffer I/O error on dev loop1, logical block 144, lost async page write [ 512.320371] attempt to access beyond end of device [ 512.331664] loop1: rw=1, want=2178, limit=112 19:57:29 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="02030000070000000000000afff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:29 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000000afff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:29 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x3, @broadcast}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000b86000)={0x1, &(0x7f00006dc000)=[{0x6, 0x0, 0x0, 0xa1}]}, 0x10) sendto$inet(r0, &(0x7f00000001c0), 0x0, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x3, @loopback}, 0x10) sendto$inet(r0, &(0x7f00000002c0)="20d6dac772b6f65cc7c3fc9bf8d917fbd5bd28cd6ad9243ec3c3fc41fe4295b32b630b3e888a8d0eb1abd9d081c0c6655507c293ed17dcc8e25f2cb85d0e732ff34d9f574cdd31597a5e3a688fff4a8f31474711e4b8f7ab05068770f885c03286fadc1d0fd02098bd981aaf152f2da86443cc605a5cb9a63475b63d354cb1f158bd", 0x82, 0x0, &(0x7f0000000200)={0x2, 0x0, @dev}, 0x10) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000000)=""/226, 0xfffffd85}], 0x1) recvfrom(r0, &(0x7f0000000380)=""/239, 0xff4e, 0x0, 0x0, 0x307) shutdown(r0, 0x1) 19:57:29 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xfeffffff}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:29 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f00000007c0)={{{@in6=@ipv4={[], [], @dev}, @in6=@ipv4={[], [], @dev}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in6=@remote}}, &(0x7f0000000580)=0xe8) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f00000001c0)='9p\x00', 0x7ffffc, &(0x7f0000000700)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@version_9p2000='version=9p2000'}, {@uname={'uname', 0x3d, ':'}}], [{@seclabel='seclabel'}, {@uid_lt={'uid<', r2}}, {@hash='hash'}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@dont_measure='dont_measure'}]}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:29 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000005afff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:29 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000004fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:29 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000011fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:29 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000100)=@int=0x3ff, 0x4) 19:57:29 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000011fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:29 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c00df1b783342de0ff46e0c192dd8aac4f332a96c592f8091c77214038aeaeb1675478955503209f0ef701bb598e98b07165d267ec291e9239c0f346cf4e0f34c03acfe174553836bb4a622d1e77dedbf3f8d37ea0a8219d6f1ee3fce653c735af6a90c1315f2bd86d521074473bd522ff76fae299b57936aa3c574f84a28f24c41464811251bb01b543a248c42ff78bc3cc6a21f5b20345f63a71d7784ce849151bc664c1a6ca3b94e66683795dd0259dbe9bdf239f840144d3f622037f71ceb0e6df459ca8c4cb24af15d26552b71cf9cc168dddfb081b32b7295a76196fcdf7796777f2a2ce1ff86820f9f5a5f2fc06f621d990025d95e0d509f0b7103172299edcfab296715c5cca0b35901400d0b80c5a7d993d8240481d587ba4f8b3cbca088c00f23946eec3c4f94420c3f49d60e89d97cb58b8597ca611f9b9adfb8caa221f59e2168fd3d4c0fcd4c1aa339f5f44a506852c180281fe9ae3c46dc3f989c536828bfb23b78264df8f30dc56467d5fd8dabf4725d1b7bb5e0c34c4f27f8d78514"]) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/mixer\x00', 0x80000, 0x0) write$FUSE_LSEEK(r2, &(0x7f00000008c0)={0x18, 0xfffffffffffffffe, 0x3}, 0x18) fcntl$addseals(r0, 0x409, 0x0) execve(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000540)=[&(0x7f0000000500)='system.posix_acl_default\x00'], &(0x7f0000000940)=[&(0x7f0000000900)='[selfmime_type:\x00']) r3 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x7, 0x2000) setsockopt$RDS_GET_MR(r3, 0x114, 0x2, &(0x7f00000002c0)={{&(0x7f0000000600)=""/250, 0xfa}, &(0x7f00000001c0), 0x28}, 0x20) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000900)=ANY=[], 0x0) r4 = request_key(&(0x7f0000000400)='encrypted\x00', &(0x7f0000000440)={'syz', 0x0}, &(0x7f0000000580)='9p\x00', 0xfffffffffffffffc) keyctl$get_keyring_id(0x0, r4, 0xfffffffffffffff8) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:29 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x2000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:29 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000000efff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:29 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000002fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:29 executing program 1: getpid() r0 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x1, 0x0) read(r0, &(0x7f0000000540)=""/158, 0x9e) ioctl$int_in(r0, 0x80000000005000, &(0x7f00000000c0)) 19:57:29 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000005a00fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 512.930687] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 512.998694] syz-executor5 cpuset=syz5 mems_allowed=0 [ 513.014987] CPU: 0 PID: 13982 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 513.022307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 513.031665] Call Trace: [ 513.034274] dump_stack+0x1c4/0x2b4 [ 513.037924] ? dump_stack_print_info.cold.2+0x52/0x52 [ 513.043139] dump_header+0x27b/0xf72 19:57:29 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0) write$apparmor_current(r2, &(0x7f00000001c0)=@profile={'stack ', 'system.posix_acl_default\x00'}, 0x1f) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 513.046890] ? mark_held_locks+0x130/0x130 [ 513.051141] ? pagefault_out_of_memory+0x197/0x197 [ 513.056954] ? check_preemption_disabled+0x48/0x200 [ 513.062532] ? check_preemption_disabled+0x48/0x200 [ 513.067583] ? graph_lock+0x170/0x170 [ 513.071402] ? graph_lock+0x170/0x170 [ 513.075220] ? print_usage_bug+0xc0/0xc0 [ 513.079304] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 513.084829] ? find_held_lock+0x36/0x1c0 [ 513.088901] ? mark_held_locks+0xc7/0x130 [ 513.093067] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 513.098171] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 513.103267] ? lockdep_hardirqs_on+0x421/0x5c0 [ 513.107840] ? trace_hardirqs_on+0xbd/0x310 [ 513.112148] ? kasan_check_read+0x11/0x20 [ 513.116284] ? ___ratelimit+0x36f/0x655 [ 513.120251] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 513.125703] ? trace_hardirqs_on+0x310/0x310 [ 513.130122] ? lock_downgrade+0x900/0x900 [ 513.134273] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 513.139385] ? ___ratelimit+0xaa/0x655 [ 513.143301] ? idr_get_free+0xec0/0xec0 19:57:29 executing program 1: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000400)={0x6e, 0x29, 0x1, {0xbc1, [{{0x40, 0x4, 0x8}, 0x7, 0x6, 0x7, './file0'}, {{0x2d, 0x0, 0x1}, 0x10000, 0x4, 0x7, './file0'}, {{0x20, 0x3, 0x1}, 0xffffffffffffb999, 0xa209, 0xd, './file0/file0'}]}}, 0x6e) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) sendmsg$unix(0xffffffffffffffff, &(0x7f0000001740)={&(0x7f0000000200)=@abs, 0x6e, &(0x7f00000016c0)=[{&(0x7f0000000380)="1437d709d56de01cc25cceaeacd9f3ac56cee6fb70840308b8c49aa05b36b7bf2132a56fe09ca5b034386135f64709c696f261e2ff4049b6483c2d08b9e67b062a36b83270b7f2e98c02f6068950bde31803325dd0a7347030bf0984863638794c054975dd5f03a9f619a4a2021b9c7f64817ac4848e0dfa049c118474324ef3ad84f9705d99fbecfa74d947bedf4d4afcc91906ba6bdef2aeaf74294194b5c8ea530f32215273d6a8e72688b000030652056c5d6fafed03cb4487", 0xbb}], 0x1, 0x0, 0x0, 0x80}, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semtimedop(0x0, &(0x7f0000000380), 0x194, &(0x7f0000000340)={0x0, 0x989680}) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 513.147306] ? kasan_check_write+0x14/0x20 [ 513.151551] ? do_raw_spin_lock+0xc1/0x200 [ 513.155816] oom_kill_process.cold.27+0x10/0x903 [ 513.160589] ? kasan_check_write+0x14/0x20 [ 513.164837] ? do_raw_spin_lock+0xc1/0x200 [ 513.169087] ? oom_evaluate_task+0x540/0x540 [ 513.173510] ? ___preempt_schedule+0x16/0x18 [ 513.177931] ? cgroup_procs_next+0x70/0x70 [ 513.177953] ? _raw_spin_unlock_irq+0x75/0x80 [ 513.177969] ? oom_badness+0xaa0/0xaa0 [ 513.177988] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 513.178006] ? mem_cgroup_iter_break+0x30/0x30 [ 513.186764] ? mark_held_locks+0xc7/0x130 [ 513.186785] out_of_memory+0xa84/0x1430 [ 513.186799] ? lockdep_hardirqs_on+0x421/0x5c0 [ 513.186816] ? kasan_check_read+0x11/0x20 [ 513.216900] ? oom_killer_disable+0x3a0/0x3a0 [ 513.221409] ? kasan_check_write+0x14/0x20 [ 513.225673] ? do_raw_spin_lock+0xc1/0x200 [ 513.229931] mem_cgroup_out_of_memory+0x15e/0x210 [ 513.234788] ? memcg_memory_event+0x40/0x40 [ 513.239124] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 513.243898] ? page_counter_try_charge+0x1c1/0x220 [ 513.248847] try_charge+0xc43/0x1690 [ 513.252593] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 513.252614] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 513.263508] ? lock_downgrade+0x900/0x900 [ 513.267684] ? check_preemption_disabled+0x48/0x200 [ 513.267708] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 513.267721] ? kasan_check_read+0x11/0x20 [ 513.267737] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 513.267754] ? rcu_bh_qs+0xc0/0xc0 [ 513.267783] ? get_mem_cgroup_from_mm+0x206/0x440 [ 513.267802] ? mem_cgroup_can_attach+0x580/0x580 [ 513.267821] ? __lock_is_held+0xb5/0x140 [ 513.278653] mem_cgroup_try_charge+0x5ea/0xe10 [ 513.278682] ? __anon_vma_prepare+0x325/0x6c0 [ 513.278702] ? mem_cgroup_protected+0xa60/0xa60 [ 513.278722] ? up_write+0x7b/0x220 [ 513.278746] ? up_read+0x110/0x110 [ 513.278773] ? __anon_vma_prepare+0x353/0x6c0 [ 513.278799] ? pmd_val+0x88/0x100 [ 513.334472] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 513.340003] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 513.344923] __handle_mm_fault+0x273a/0x53e0 [ 513.349326] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 513.354156] ? graph_lock+0x170/0x170 [ 513.357953] ? print_usage_bug+0xc0/0xc0 [ 513.361999] ? lock_downgrade+0x900/0x900 [ 513.366142] ? graph_lock+0x170/0x170 [ 513.369954] ? graph_lock+0x170/0x170 [ 513.373767] ? handle_mm_fault+0x42a/0xc70 [ 513.377999] ? lock_downgrade+0x900/0x900 [ 513.382162] ? check_preemption_disabled+0x48/0x200 [ 513.387181] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 513.393006] ? kasan_check_read+0x11/0x20 [ 513.397169] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 513.402446] ? rcu_bh_qs+0xc0/0xc0 [ 513.405974] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 513.411412] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 513.416946] ? check_preemption_disabled+0x48/0x200 [ 513.421974] handle_mm_fault+0x54f/0xc70 [ 513.426027] ? __handle_mm_fault+0x53e0/0x53e0 [ 513.430627] ? find_vma+0x34/0x190 [ 513.434189] __do_page_fault+0x67d/0xed0 [ 513.438270] ? mm_fault_error+0x380/0x380 [ 513.442420] ? trace_hardirqs_off+0xb8/0x310 [ 513.446843] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 513.452208] ? trace_hardirqs_on+0x310/0x310 [ 513.456611] do_page_fault+0xf2/0x7e0 [ 513.460404] ? vmalloc_sync_all+0x30/0x30 [ 513.464547] ? error_entry+0x70/0xd0 [ 513.468266] ? trace_hardirqs_off_caller+0xbb/0x310 [ 513.473281] ? trace_hardirqs_on_caller+0xc0/0x310 [ 513.478229] ? syscall_return_slowpath+0x5e0/0x5e0 [ 513.483159] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 513.488000] ? trace_hardirqs_on_caller+0x310/0x310 [ 513.493004] ? trace_hardirqs_off+0x310/0x310 [ 513.497487] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 513.502507] ? prepare_exit_to_usermode+0x291/0x3b0 [ 513.507530] ? page_fault+0x8/0x30 [ 513.511072] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 513.515917] ? page_fault+0x8/0x30 [ 513.519466] page_fault+0x1e/0x30 [ 513.522970] RIP: 0033:0x40ecaf [ 513.526189] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 513.545079] RSP: 002b:00007ffd1aecd5c0 EFLAGS: 00010206 [ 513.550446] RAX: 00007f02050af000 RBX: 0000000000020000 RCX: 00000000004575ca [ 513.557708] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 513.564979] RBP: 00007ffd1aecd6a0 R08: ffffffffffffffff R09: 0000000000000000 [ 513.572400] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd1aecd780 [ 513.579690] R13: 00007f02050cf700 R14: 0000000000000004 R15: 0000000000000001 [ 513.587895] Task in /syz5 killed as a result of limit of /syz5 [ 513.594021] memory: usage 204800kB, limit 204800kB, failcnt 434490 [ 513.600500] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 513.600509] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 513.600516] Memory cgroup stats for /syz5: cache:32KB rss:6256KB rss_huge:6144KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:6284KB inactive_file:0KB active_file:0KB unevictable:0KB [ 513.600653] Memory cgroup out of memory: Kill process 13982 (syz-executor5) score 191 or sacrifice child 19:57:30 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xfdffffff00000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 513.600707] Killed process 13982 (syz-executor5) total-vm:70472kB, anon-rss:6240kB, file-rss:32768kB, shmem-rss:0kB [ 513.603657] oom_reaper: reaped process 13982 (syz-executor5), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB 19:57:30 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000000afff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:30 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000001100fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:30 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000062fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 513.753111] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 513.815198] syz-executor5 cpuset=syz5 mems_allowed=0 [ 513.832857] CPU: 0 PID: 14010 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 513.840151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 513.849507] Call Trace: [ 513.849531] dump_stack+0x1c4/0x2b4 [ 513.849553] ? dump_stack_print_info.cold.2+0x52/0x52 [ 513.849599] dump_header+0x27b/0xf72 19:57:30 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) r2 = creat(&(0x7f00000001c0)='./file0\x00', 0x20) setsockopt$inet_sctp_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f00000002c0)={0xf1, 0x5, 0x1, 0x5}, 0x8) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2cc25ee60700000000000000000000000000"]) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 513.849636] ? mark_held_locks+0x130/0x130 [ 513.849655] ? pagefault_out_of_memory+0x197/0x197 [ 513.856100] ? check_preemption_disabled+0x48/0x200 [ 513.856128] ? check_preemption_disabled+0x48/0x200 [ 513.856154] ? graph_lock+0x170/0x170 [ 513.856177] ? graph_lock+0x170/0x170 [ 513.856195] ? print_usage_bug+0xc0/0xc0 [ 513.895889] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 513.901446] ? find_held_lock+0x36/0x1c0 [ 513.905514] ? mark_held_locks+0xc7/0x130 [ 513.909673] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 513.914797] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 513.919898] ? lockdep_hardirqs_on+0x421/0x5c0 [ 513.924481] ? trace_hardirqs_on+0xbd/0x310 [ 513.928806] ? kasan_check_read+0x11/0x20 [ 513.932943] ? ___ratelimit+0x36f/0x655 [ 513.936927] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 513.942382] ? trace_hardirqs_on+0x310/0x310 [ 513.946795] ? lock_downgrade+0x900/0x900 [ 513.950967] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 513.956057] ? ___ratelimit+0xaa/0x655 [ 513.959934] ? idr_get_free+0xec0/0xec0 [ 513.963907] ? kasan_check_write+0x14/0x20 [ 513.968127] ? do_raw_spin_lock+0xc1/0x200 [ 513.972352] oom_kill_process.cold.27+0x10/0x903 [ 513.977130] ? kasan_check_write+0x14/0x20 [ 513.981358] ? do_raw_spin_lock+0xc1/0x200 [ 513.985594] ? oom_evaluate_task+0x540/0x540 [ 513.990009] ? cgroup_procs_next+0x70/0x70 [ 513.994249] ? _raw_spin_unlock_irq+0x60/0x80 [ 513.998729] ? oom_badness+0xaa0/0xaa0 [ 514.002606] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 514.007349] ? mem_cgroup_iter_break+0x30/0x30 [ 514.011924] ? mark_held_locks+0xc7/0x130 [ 514.016059] out_of_memory+0xa84/0x1430 [ 514.020021] ? lockdep_hardirqs_on+0x421/0x5c0 [ 514.024597] ? kasan_check_read+0x11/0x20 [ 514.028737] ? oom_killer_disable+0x3a0/0x3a0 [ 514.033217] ? kasan_check_write+0x14/0x20 [ 514.037456] ? do_raw_spin_lock+0xc1/0x200 [ 514.041697] mem_cgroup_out_of_memory+0x15e/0x210 [ 514.046527] ? memcg_memory_event+0x40/0x40 [ 514.050835] ? mem_cgroup_try_charge+0x5ea/0xe10 [ 514.055603] ? page_counter_try_charge+0x1c1/0x220 [ 514.060523] try_charge+0xc43/0x1690 [ 514.064228] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 514.070285] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 514.075129] ? lock_downgrade+0x900/0x900 [ 514.079277] ? check_preemption_disabled+0x48/0x200 [ 514.084305] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 514.090086] ? kasan_check_read+0x11/0x20 [ 514.094237] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 514.099503] ? rcu_bh_qs+0xc0/0xc0 [ 514.103053] ? get_mem_cgroup_from_mm+0x206/0x440 [ 514.107886] ? mem_cgroup_can_attach+0x580/0x580 [ 514.112631] ? __lock_is_held+0xb5/0x140 [ 514.116696] mem_cgroup_try_charge+0x5ea/0xe10 [ 514.121293] ? mem_cgroup_protected+0xa60/0xa60 [ 514.125991] ? check_preemption_disabled+0x48/0x200 [ 514.130998] ? check_preemption_disabled+0x48/0x200 [ 514.136007] ? pmd_val+0x88/0x100 [ 514.139453] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 514.144991] mem_cgroup_try_charge_delay+0x1d/0xa0 [ 514.149911] __handle_mm_fault+0x273a/0x53e0 [ 514.154311] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 514.159140] ? graph_lock+0x170/0x170 [ 514.162928] ? print_usage_bug+0xc0/0xc0 [ 514.167009] ? graph_lock+0x170/0x170 [ 514.170797] ? graph_lock+0x170/0x170 [ 514.174598] ? handle_mm_fault+0x42a/0xc70 [ 514.178845] ? lock_downgrade+0x900/0x900 [ 514.182981] ? check_preemption_disabled+0x48/0x200 [ 514.187995] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 514.193952] ? kasan_check_read+0x11/0x20 [ 514.198088] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 514.203349] ? rcu_bh_qs+0xc0/0xc0 [ 514.206880] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 514.212317] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 514.217842] ? check_preemption_disabled+0x48/0x200 [ 514.222859] handle_mm_fault+0x54f/0xc70 [ 514.226932] ? __handle_mm_fault+0x53e0/0x53e0 [ 514.231503] ? find_vma+0x34/0x190 [ 514.235033] __do_page_fault+0x67d/0xed0 [ 514.239082] ? do_mprotect_pkey+0x8dd/0xa60 [ 514.243394] ? mm_fault_error+0x380/0x380 [ 514.247536] ? trace_hardirqs_off+0xb8/0x310 [ 514.251942] ? trace_hardirqs_on+0x310/0x310 [ 514.256337] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 514.261688] ? trace_hardirqs_on+0x310/0x310 [ 514.266101] do_page_fault+0xf2/0x7e0 [ 514.269903] ? vmalloc_sync_all+0x30/0x30 [ 514.274048] ? error_entry+0x70/0xd0 [ 514.277748] ? trace_hardirqs_off_caller+0xbb/0x310 [ 514.282751] ? trace_hardirqs_on_caller+0xc0/0x310 [ 514.287674] ? syscall_return_slowpath+0x5e0/0x5e0 [ 514.292595] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 514.297426] ? trace_hardirqs_on_caller+0x310/0x310 [ 514.302427] ? trace_hardirqs_off+0x310/0x310 [ 514.306934] ? prepare_exit_to_usermode+0x291/0x3b0 [ 514.311940] ? page_fault+0x8/0x30 [ 514.315467] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 514.320296] ? page_fault+0x8/0x30 [ 514.323821] page_fault+0x1e/0x30 [ 514.327280] RIP: 0033:0x459f2d [ 514.330474] Code: 5b 5d f3 c3 66 0f 1f 84 00 00 00 00 00 48 c7 c0 ea ff ff ff 48 85 ff 0f 84 50 8a fb ff 48 85 f6 0f 84 47 8a fb ff 48 83 ee 10 <48> 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 [ 514.349367] RSP: 002b:00007ffd1aecd578 EFLAGS: 00010202 [ 514.354717] RAX: ffffffffffffffea RBX: 00007f02050cf700 RCX: 00007f02050cf700 [ 514.361980] RDX: 00000000003d0f00 RSI: 00007f02050cedb0 RDI: 000000000040e0a0 [ 514.369248] RBP: 00007ffd1aecd780 R08: 00007f02050cf9d0 R09: 00007f02050cf700 [ 514.376508] R10: 00007f02050cedc0 R11: 0000000000000246 R12: 0000000000000000 [ 514.383781] R13: 00007ffd1aecd62f R14: 00007f02050cf9c0 R15: 0000000000000001 [ 514.392123] Task in /syz5 killed as a result of limit of /syz5 [ 514.398510] memory: usage 204800kB, limit 204800kB, failcnt 434513 [ 514.405153] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 514.412276] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 19:57:31 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000003600fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 514.419041] Memory cgroup stats for /syz5: cache:32KB rss:4236KB rss_huge:4096KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:4244KB inactive_file:0KB active_file:0KB unevictable:0KB [ 514.439788] Memory cgroup out of memory: Kill process 14010 (syz-executor5) score 181 or sacrifice child [ 514.449791] Killed process 14010 (syz-executor5) total-vm:70472kB, anon-rss:4192kB, file-rss:32832kB, shmem-rss:0kB [ 514.465867] oom_reaper: reaped process 14010 (syz-executor5), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB 19:57:31 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="02030000070000000000003efff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:31 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000002fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:31 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4208938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:31 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x100000000000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:31 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$ndb(&(0x7f0000001380)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) lseek(r0, 0x0, 0x0) r1 = semget(0x3, 0x5, 0x484) syslog(0x4, &(0x7f00000001c0)=""/4096, 0x1000) r2 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x3, 0x40000) ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r2, 0x80045301, &(0x7f0000000100)) semctl$GETZCNT(r1, 0x7, 0xf, &(0x7f0000000000)=""/191) 19:57:31 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000b4508a)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r2, 0x40087705, 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) pwrite64(r0, &(0x7f00000004c0)="9373307985abf2cbd4f9ef31c73e0210380f69544eb9b708067d9a648e13b46540e8d9aa76a6bb696e38e14a61b007538e23ee626f911b2f4d856779f3cd5cea220ebbf008cbe34221969a337b1def092916802e12f0900ad7de34e87f54e168fc915fe336a37826ef9886c4202447be659030d44989e7c9ead7d5685e802f1134f8672c8ba737fa85be143651d758ee97b6a9cabc1dd0ee51f4fe5d02e9d803a03aac801883defa4aa3449bec1043b97a503857d3b6978b150e0a324788f9969097d67d719690fbde8400619935b0091caa8893673fcd742a74f0aacf5d11e55529a8427be7c2fcdde56ebac5b612574b25ba283da5fb06", 0xf8, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000640)={{{@in=@broadcast, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@rand_addr}, 0x0, @in6=@mcast2}}, &(0x7f0000000740)=0xe8) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000780)={{{@in=@loopback, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@multicast1}}, &(0x7f0000000880)=0xe8) mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440)='9p\x00', 0x1, &(0x7f00000008c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}, 0x2c, {[{@loose='loose'}, {@access_uid={'access', 0x3d, r3}}], [{@context={'context', 0x3d, 'staff_u'}}, {@smackfshat={'smackfshat', 0x3d, 'rfdno'}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@fowner_gt={'fowner>', r4}}, {@subj_user={'subj_user', 0x3d, '-nodevcgroupuser'}}, {@smackfsdef={'smackfsdef', 0x3d, ':'}}, {@obj_user={'obj_user', 0x3d, 'selflo{wlan1\\'}}, {@fscontext={'fscontext', 0x3d, 'user_u'}}]}}) truncate(&(0x7f0000000100)='./file0\x00', 0x3) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) r5 = openat$ashmem(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_GET_PROT_MASK(r5, 0x7706, &(0x7f00000002c0)) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) pipe2$9p(&(0x7f00000009c0), 0x80800) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:31 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b420293820ec9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:31 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000068fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 514.732094] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0 19:57:31 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000036fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 514.794094] syz-executor5 cpuset=syz5 mems_allowed=0 [ 514.814577] CPU: 1 PID: 14052 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 514.821882] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 514.821893] Call Trace: [ 514.833858] dump_stack+0x1c4/0x2b4 [ 514.837501] ? dump_stack_print_info.cold.2+0x52/0x52 [ 514.842722] ? mark_held_locks+0x130/0x130 [ 514.846970] ? mark_held_locks+0x130/0x130 [ 514.851233] dump_header+0x27b/0xf72 [ 514.854966] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 514.860529] ? pagefault_out_of_memory+0x197/0x197 [ 514.865477] ? debug_smp_processor_id+0x1c/0x20 [ 514.865494] ? perf_trace_lock_acquire+0x15b/0x800 [ 514.865532] ? perf_trace_lock+0x7a0/0x7a0 [ 514.865555] ? debug_smp_processor_id+0x1c/0x20 [ 514.865570] ? graph_lock+0x170/0x170 [ 514.865597] ? print_usage_bug+0xc0/0xc0 [ 514.875222] ? find_held_lock+0x36/0x1c0 [ 514.875246] ? mark_held_locks+0xc7/0x130 [ 514.875266] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 514.884175] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 514.892028] ? lockdep_hardirqs_on+0x421/0x5c0 [ 514.892047] ? trace_hardirqs_on+0xbd/0x310 [ 514.892064] ? kasan_check_read+0x11/0x20 [ 514.900274] ? ___ratelimit+0x36f/0x655 [ 514.900291] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 514.900310] ? trace_hardirqs_on+0x310/0x310 [ 514.919386] ? lock_downgrade+0x900/0x900 [ 514.919409] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 514.919429] ? ___ratelimit+0xaa/0x655 [ 514.941575] ? idr_get_free+0xec0/0xec0 [ 514.954546] ? kasan_check_write+0x14/0x20 [ 514.954564] ? do_raw_spin_lock+0xc1/0x200 [ 514.954588] oom_kill_process.cold.27+0x10/0x903 [ 514.954606] ? kasan_check_write+0x14/0x20 [ 514.972058] ? do_raw_spin_lock+0xc1/0x200 [ 514.976318] ? oom_evaluate_task+0x540/0x540 [ 514.980745] ? cgroup_procs_next+0x70/0x70 [ 514.985011] ? _raw_spin_unlock_irq+0x60/0x80 [ 514.989533] ? oom_badness+0xaa0/0xaa0 [ 514.993440] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 19:57:31 executing program 1: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) stat(&(0x7f0000000400)='./file0\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r1, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0}) mount$9p_unix(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x804048, &(0x7f0000000640)={'trans=unix,', {[{@version_L='version=9p2000.L'}, {@dfltuid={'dfltuid', 0x3d, r2}}, {@aname={'aname', 0x3d, '9p\x00'}}, {@cache_fscache='cache=fscache'}], [{@appraise_type='appraise_type=imasig'}, {@smackfshat={'smackfshat', 0x3d, 'trans=fd,'}}, {@defcontext={'defcontext', 0x3d, 'sysadm_u'}}, {@seclabel='seclabel'}, {@smackfsroot={'smackfsroot', 0x3d, '9p\x00'}}, {@context={'context', 0x3d, 'unconfined_u'}}, {@smackfsroot={'smackfsroot', 0x3d, '9p\x00'}}, {@audit='audit'}, {@euid_eq={'euid', 0x3d, r3}}]}}) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000740)='9p\x00', 0x400, &(0x7f0000000780)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@dfltuid={'dfltuid', 0x3d, r2}}, {@cache_mmap='cache=mmap'}, {@msize={'msize', 0x3d, 0xa0}}, {@cache_loose='cache=loose'}], [{@measure='measure'}, {@smackfshat={'smackfshat', 0x3d, 'defcontext'}}, {@smackfsroot={'smackfsroot', 0x3d, 'seclabel'}}, {@obj_user={'obj_user', 0x3d, 'smackfsroot'}}, {@seclabel='seclabel'}, {@obj_role={'obj_role', 0x3d, "747275737465645e6367726f757062646576707070316e6f64657670726f637d5ee347504c7c"}}, {@mask={'mask', 0x3d, 'MAY_EXEC'}}, {@fsname={'fsname', 0x3d, "037d2d"}}, {@func={'func', 0x3d, 'POLICY_CHECK'}}]}}) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 514.998216] ? mem_cgroup_iter_break+0x30/0x30 [ 515.002854] ? mark_held_locks+0xc7/0x130 [ 515.007029] out_of_memory+0xa84/0x1430 [ 515.011017] ? lockdep_hardirqs_on+0x421/0x5c0 [ 515.015621] ? kasan_check_read+0x11/0x20 [ 515.019790] ? oom_killer_disable+0x3a0/0x3a0 [ 515.024313] ? kasan_check_write+0x14/0x20 [ 515.028561] ? do_raw_spin_lock+0xc1/0x200 [ 515.032004] 9pnet: p9_fd_create_unix (14074): problem connecting socket: ./file0: -111 [ 515.032821] mem_cgroup_out_of_memory+0x15e/0x210 [ 515.032839] ? memcg_memory_event+0x40/0x40 [ 515.032856] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 515.032877] ? page_counter_try_charge+0x1c1/0x220 [ 515.032897] try_charge+0xc43/0x1690 [ 515.055040] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 515.055057] ? tcp_sendmsg+0x2f/0x50 [ 515.055074] ? sock_sendmsg+0xd5/0x120 [ 515.055098] ? __sys_sendto+0x3d7/0x670 [ 515.055112] ? __x64_sys_sendto+0xe1/0x1a0 [ 515.055129] ? do_syscall_64+0x1b9/0x820 [ 515.055150] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 515.063791] ? graph_lock+0x170/0x170 [ 515.063815] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 515.063835] ? check_preemption_disabled+0x48/0x200 [ 515.063851] ? check_preemption_disabled+0x48/0x200 [ 515.063876] ? mark_held_locks+0xc7/0x130 [ 515.073624] ? __lock_is_held+0xb5/0x140 [ 515.073644] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 515.073662] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 515.073678] ? lockdep_hardirqs_on+0x421/0x5c0 [ 515.073700] ? __sk_mem_raise_allocated+0x642/0x1800 [ 515.142255] ? __bpf_trace_preemptirq_template+0x30/0x30 19:57:31 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffff9c, 0x8933, &(0x7f0000000100)={'team0\x00', 0x0}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000001c0)={'team0\x00', r2}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 515.147816] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 515.153367] ? check_preemption_disabled+0x48/0x200 [ 515.158395] mem_cgroup_charge_skmem+0x1e4/0x390 [ 515.163162] ? mem_cgroup_sk_free+0x90/0x90 [ 515.167523] __sk_mem_raise_allocated+0x642/0x1800 [ 515.167550] ? sk_busy_loop_end+0x1c0/0x1c0 [ 515.167580] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 515.167598] ? skb_page_frag_refill+0x1eb/0x6a0 [ 515.167618] ? sock_kzfree_s+0x60/0x60 [ 515.176869] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 515.176887] ? sk_stream_alloc_skb+0x34b/0x970 [ 515.176933] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 515.176948] ? skb_entail+0x618/0x8c0 [ 515.176965] ? tcp_rate_check_app_limited+0x121/0x460 [ 515.176982] ? tcp_splice_data_recv+0x1b0/0x1b0 [ 515.177004] __sk_mem_schedule+0x6d/0xe0 [ 515.177024] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 515.218919] tcp_sendmsg_locked+0x1c86/0x3f00 [ 515.218964] ? tcp_sendpage+0x60/0x60 [ 515.218982] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 515.219004] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 515.229148] ? check_preemption_disabled+0x48/0x200 [ 515.229169] ? smack_netlabel+0xda/0x180 [ 515.229186] ? smack_netlabel+0xda/0x180 [ 515.229208] ? find_held_lock+0x36/0x1c0 [ 515.229231] ? mark_held_locks+0xc7/0x130 [ 515.229251] ? __local_bh_enable_ip+0x160/0x260 [ 515.229268] ? __local_bh_enable_ip+0x160/0x260 [ 515.229286] ? trace_hardirqs_on+0xbd/0x310 [ 515.229305] ? lock_release+0x970/0x970 [ 515.237597] ? lock_sock_nested+0xe2/0x120 [ 515.237617] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 515.237635] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 515.237654] ? check_preemption_disabled+0x48/0x200 [ 515.237671] ? lock_sock_nested+0x9a/0x120 [ 515.237691] ? lock_sock_nested+0x9a/0x120 [ 515.260088] ? __local_bh_enable_ip+0x160/0x260 [ 515.260125] tcp_sendmsg+0x2f/0x50 [ 515.260146] inet_sendmsg+0x1a1/0x690 [ 515.260170] ? ipip_gro_receive+0x100/0x100 [ 515.268823] ? smack_socket_sendmsg+0x150/0x190 [ 515.268844] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 515.268863] ? security_socket_sendmsg+0x94/0xc0 [ 515.268883] ? ipip_gro_receive+0x100/0x100 [ 515.277721] sock_sendmsg+0xd5/0x120 [ 515.277741] __sys_sendto+0x3d7/0x670 [ 515.277763] ? __ia32_sys_getpeername+0xb0/0xb0 [ 515.277780] ? lock_release+0x970/0x970 [ 515.277798] ? arch_local_save_flags+0x40/0x40 [ 515.277815] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 515.277859] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 515.386527] ? put_timespec64+0x10f/0x1b0 [ 515.390677] ? nsecs_to_jiffies+0x30/0x30 [ 515.394840] ? do_syscall_64+0x9a/0x820 [ 515.398806] ? do_syscall_64+0x9a/0x820 [ 515.402771] ? lockdep_hardirqs_on+0x421/0x5c0 [ 515.407346] ? trace_hardirqs_on+0xbd/0x310 [ 515.411663] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 515.417207] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 515.422561] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 515.428006] __x64_sys_sendto+0xe1/0x1a0 [ 515.432074] do_syscall_64+0x1b9/0x820 [ 515.435972] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 515.441328] ? syscall_return_slowpath+0x5e0/0x5e0 [ 515.446270] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 515.451119] ? trace_hardirqs_on_caller+0x310/0x310 [ 515.456141] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 515.461172] ? prepare_exit_to_usermode+0x291/0x3b0 [ 515.466216] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 515.471054] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 515.476247] RIP: 0033:0x457579 [ 515.479446] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 19:57:32 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) pipe(&(0x7f0000000800)={0xffffffffffffffff}) setsockopt$bt_hci_HCI_FILTER(r2, 0x0, 0x2, &(0x7f0000000840)={0x7, 0x6, 0x7, 0x9}, 0x10) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) fcntl$getownex(r1, 0x10, &(0x7f0000000100)={0x0, 0x0}) fcntl$setownex(r0, 0xf, &(0x7f00000001c0)={0x3, r3}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') socketpair(0x3, 0x5, 0x40, &(0x7f0000000440)={0xffffffffffffffff}) fstat(r1, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0}) fstat(r1, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuse(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000400)='fuse\x00', 0x0, &(0x7f0000000640)={{'fd', 0x3d, r4}, 0x2c, {'rootmode', 0x3d, 0xa000}, 0x2c, {'user_id', 0x3d, r5}, 0x2c, {'group_id', 0x3d, r6}, 0x2c, {[{@blksize={'blksize', 0x3d, 0x1800}}, {@default_permissions='default_permissions'}, {@allow_other='allow_other'}], [{@fsmagic={'fsmagic', 0x3d, 0x9}}, {@rootcontext={'rootcontext', 0x3d, 'staff_u'}}]}}) [ 515.498513] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 515.507781] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 515.516816] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 515.525427] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 515.534089] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 515.542926] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff 19:57:32 executing program 1: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') ioctl(r1, 0x1ff, &(0x7f00000004c0)="2dc4acb6725df2b2f948ad3dfab4f989999823b88b17ee86dfb54098b012a2e70618333d1fbc46622158cf69b919facd498514fca4321b3ed7e56a420fb09b2e852a362b769d41233933074c1d7de20dd25377ab38a2877490c4925662bf8dd5f22b37352aca84efa1af5f1534e8d65a7e25455ad3ab03efd888c7dd730cc027f183cbe28a9fcc9911") fcntl$dupfd(r1, 0x406, r0) [ 515.553561] Task in /syz5 killed as a result of limit of /syz5 [ 515.560547] memory: usage 204800kB, limit 204800kB, failcnt 434548 [ 515.567151] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 515.574137] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 515.580578] Memory cgroup stats for /syz5: cache:32KB rss:2192KB rss_huge:2048KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2212KB inactive_file:0KB active_file:0KB unevictable:0KB 19:57:32 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000062fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:32 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375620060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 515.619401] Memory cgroup out of memory: Kill process 14051 (syz-executor5) score 171 or sacrifice child [ 515.665227] Killed process 14051 (syz-executor5) total-vm:70604kB, anon-rss:2144kB, file-rss:32832kB, shmem-rss:0kB [ 515.701047] oom_reaper: reaped process 14051 (syz-executor5), now anon-rss:0kB, file-rss:32064kB, shmem-rss:0kB 19:57:32 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="02030000070000000000003efff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:32 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xfdffffff}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:32 executing program 1: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6b82e00bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400c5b4ed13d3d36284e38b172311e57e29c600e52c1ed58450ee8b29e5eb91b57020db54fa29aeb04982be813ae3bcc32cee296fe7befabe4796c507425e436c2e0f1885d43e5a367700"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:32 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000016fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:32 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d53750a0060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:32 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1, {0x0, {0x0, 0x0, 0x200}, 0x8}}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="2a000000290100010000000000000076d6de0e088200eb61320000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:32 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000016fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:32 executing program 1: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6b82e00bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400c5b4ed13d3d36284e38b172311e57e29c600e52c1ed58450ee8b29e5eb91b57020db54fa29aeb04982be813ae3bcc32cee296fe7befabe4796c507425e436c2e0f1885d43e5a367700"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 515.973798] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=2, oom_score_adj=0 [ 515.988763] syz-executor5 cpuset=syz5 mems_allowed=0 [ 515.995309] CPU: 0 PID: 14110 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 516.002604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 516.011964] Call Trace: [ 516.014575] dump_stack+0x1c4/0x2b4 [ 516.018234] ? dump_stack_print_info.cold.2+0x52/0x52 [ 516.023443] ? mark_held_locks+0x130/0x130 [ 516.027712] ? mark_held_locks+0x130/0x130 [ 516.031982] dump_header+0x27b/0xf72 [ 516.035732] ? pagefault_out_of_memory+0x197/0x197 [ 516.040679] ? check_preemption_disabled+0x48/0x200 [ 516.045721] ? check_preemption_disabled+0x48/0x200 [ 516.050766] ? graph_lock+0x170/0x170 [ 516.054596] ? graph_lock+0x170/0x170 [ 516.054621] ? print_usage_bug+0xc0/0xc0 [ 516.062479] ? find_held_lock+0x36/0x1c0 [ 516.062500] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 19:57:32 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000011fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 516.062528] ? find_held_lock+0x36/0x1c0 [ 516.076186] ? mark_held_locks+0xc7/0x130 [ 516.080368] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 516.085513] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 516.090637] ? lockdep_hardirqs_on+0x421/0x5c0 [ 516.095233] ? trace_hardirqs_on+0xbd/0x310 [ 516.099571] ? kasan_check_read+0x11/0x20 [ 516.103754] ? ___ratelimit+0x36f/0x655 [ 516.107744] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 516.113197] ? trace_hardirqs_on+0x310/0x310 [ 516.117608] ? lock_downgrade+0x900/0x900 [ 516.121763] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 516.126901] ? ___ratelimit+0xaa/0x655 [ 516.130792] ? idr_get_free+0xec0/0xec0 [ 516.134779] ? kasan_check_write+0x14/0x20 [ 516.139017] ? do_raw_spin_lock+0xc1/0x200 [ 516.143270] oom_kill_process.cold.27+0x10/0x903 [ 516.148042] ? kasan_check_write+0x14/0x20 [ 516.152266] ? do_raw_spin_lock+0xc1/0x200 [ 516.156492] ? oom_evaluate_task+0x540/0x540 [ 516.160892] ? cgroup_procs_next+0x70/0x70 [ 516.165130] ? _raw_spin_unlock_irq+0x60/0x80 [ 516.169615] ? oom_badness+0xaa0/0xaa0 [ 516.173503] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 516.178248] ? mem_cgroup_iter_break+0x30/0x30 [ 516.182827] ? mark_held_locks+0xc7/0x130 [ 516.186967] out_of_memory+0xa84/0x1430 [ 516.190940] ? lockdep_hardirqs_on+0x421/0x5c0 [ 516.195509] ? kasan_check_read+0x11/0x20 [ 516.199647] ? oom_killer_disable+0x3a0/0x3a0 [ 516.204130] ? kasan_check_write+0x14/0x20 [ 516.208355] ? do_raw_spin_lock+0xc1/0x200 [ 516.212598] mem_cgroup_out_of_memory+0x15e/0x210 [ 516.217440] ? memcg_memory_event+0x40/0x40 [ 516.221753] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 516.226674] ? page_counter_try_charge+0x1c1/0x220 [ 516.231629] try_charge+0xc43/0x1690 [ 516.235339] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 516.241389] ? graph_lock+0x170/0x170 [ 516.245182] ? handle_mm_fault+0x56e/0xc70 [ 516.249423] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 516.254962] ? check_preemption_disabled+0x48/0x200 [ 516.259969] ? check_preemption_disabled+0x48/0x200 [ 516.264999] ? mark_held_locks+0xc7/0x130 [ 516.269154] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 516.274086] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 516.279023] ? lockdep_hardirqs_on+0x421/0x5c0 [ 516.283770] ? rcu_read_lock_sched_held+0x108/0x120 [ 516.288787] ? __sk_mem_raise_allocated+0x642/0x1800 [ 516.293897] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 516.299337] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 516.304864] ? check_preemption_disabled+0x48/0x200 [ 516.309889] mem_cgroup_charge_skmem+0x1e4/0x390 [ 516.314642] ? mem_cgroup_sk_free+0x90/0x90 [ 516.318955] ? trace_hardirqs_off+0x310/0x310 [ 516.323447] __sk_mem_raise_allocated+0x642/0x1800 [ 516.328417] ? sk_busy_loop_end+0x1c0/0x1c0 [ 516.333182] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 516.339842] ? alloc_pages_current+0x114/0x210 [ 516.345202] ? skb_page_frag_refill+0x1eb/0x6a0 [ 516.349865] ? sock_kzfree_s+0x60/0x60 [ 516.353756] ? _copy_from_iter_full+0x2b3/0xd20 [ 516.358418] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 516.363427] ? tcp_rate_check_app_limited+0x121/0x460 [ 516.368875] ? iov_iter_advance+0x1460/0x1460 [ 516.373389] __sk_mem_schedule+0x6d/0xe0 [ 516.377446] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 516.382976] tcp_sendmsg_locked+0x1c86/0x3f00 [ 516.387485] ? tcp_sendpage+0x60/0x60 [ 516.391279] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 516.396721] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 516.402269] ? check_preemption_disabled+0x48/0x200 [ 516.407275] ? smack_netlabel+0xda/0x180 [ 516.411327] ? smack_netlabel+0xda/0x180 [ 516.415378] ? find_held_lock+0x36/0x1c0 [ 516.419429] ? mark_held_locks+0xc7/0x130 [ 516.423576] ? __local_bh_enable_ip+0x160/0x260 [ 516.428269] ? __local_bh_enable_ip+0x160/0x260 [ 516.432933] ? trace_hardirqs_on+0xbd/0x310 [ 516.437252] ? lock_release+0x970/0x970 [ 516.441230] ? lock_sock_nested+0xe2/0x120 [ 516.446182] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 516.451624] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 516.457153] ? check_preemption_disabled+0x48/0x200 [ 516.462169] ? lock_sock_nested+0x9a/0x120 [ 516.466410] ? lock_sock_nested+0x9a/0x120 [ 516.470651] ? __local_bh_enable_ip+0x160/0x260 [ 516.475314] tcp_sendmsg+0x2f/0x50 [ 516.478846] inet_sendmsg+0x1a1/0x690 [ 516.482649] ? ipip_gro_receive+0x100/0x100 [ 516.486968] ? smack_socket_sendmsg+0x150/0x190 [ 516.491638] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 516.497182] ? security_socket_sendmsg+0x94/0xc0 [ 516.501932] ? ipip_gro_receive+0x100/0x100 [ 516.506242] sock_sendmsg+0xd5/0x120 [ 516.509946] __sys_sendto+0x3d7/0x670 [ 516.513738] ? __ia32_sys_getpeername+0xb0/0xb0 [ 516.518400] ? lock_release+0x970/0x970 [ 516.522363] ? arch_local_save_flags+0x40/0x40 [ 516.526936] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 516.532413] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 516.537960] ? put_timespec64+0x10f/0x1b0 [ 516.542109] ? nsecs_to_jiffies+0x30/0x30 [ 516.546247] ? do_syscall_64+0x9a/0x820 [ 516.550208] ? do_syscall_64+0x9a/0x820 [ 516.554173] ? lockdep_hardirqs_on+0x421/0x5c0 [ 516.558745] ? trace_hardirqs_on+0xbd/0x310 [ 516.563053] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 516.568622] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 516.574012] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 516.579456] __x64_sys_sendto+0xe1/0x1a0 [ 516.583516] do_syscall_64+0x1b9/0x820 [ 516.587392] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 516.592750] ? syscall_return_slowpath+0x5e0/0x5e0 [ 516.597671] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 516.603201] ? trace_hardirqs_on_caller+0x310/0x310 [ 516.609257] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 516.614905] ? prepare_exit_to_usermode+0x291/0x3b0 [ 516.619943] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 516.624802] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 516.629987] RIP: 0033:0x457579 [ 516.633185] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 516.652094] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 516.659791] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 516.667047] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 516.674302] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 516.681564] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 516.688831] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff [ 516.699771] Task in /syz5 killed as a result of limit of /syz5 19:57:33 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='cpuacct.usage_user\x00', 0x0, 0x0) setsockopt$inet_sctp6_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f00000002c0)=0x8, 0x4) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000080b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:33 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375006860007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 516.733097] memory: usage 202196kB, limit 204800kB, failcnt 434560 [ 516.768435] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 19:57:33 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="02030000070000000000000afff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:33 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000036fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 516.825210] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 516.844867] Memory cgroup stats for /syz5: cache:32KB rss:60KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:184KB inactive_file:0KB active_file:0KB unevictable:0KB [ 516.892845] Memory cgroup out of memory: Kill process 14109 (syz-executor5) score 161 or sacrifice child [ 516.904942] Killed process 14110 (syz-executor5) total-vm:70868kB, anon-rss:184kB, file-rss:33592kB, shmem-rss:0kB [ 516.920678] oom_reaper: reaped process 14110 (syz-executor5), now anon-rss:0kB, file-rss:32824kB, shmem-rss:0kB 19:57:33 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xa4050000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:33 executing program 1: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xfffffffffffffe61, 0x4d, 0x1}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="6428994ccbe96bd70bc1c9b5ab0969ac2d54703f939cf2e7dc85204b13c7976e6f3df626f63232bbf3063ba08caae2840c", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',\x00']) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) r2 = socket$bt_hidp(0x1f, 0x3, 0x6) getsockopt$IP_VS_SO_GET_SERVICE(r2, 0x0, 0x483, &(0x7f0000000cc0), &(0x7f00000002c0)=0x68) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:33 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="02030000070000000000005afff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:33 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375360060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:33 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000005afff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:33 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84800) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) getxattr(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000340)=@random={'os2.', 'vboxnet0\x00'}, &(0x7f0000000400)=""/76, 0x4c) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1, {0x26, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0xffffffffffffffff}}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="daea00002901000000d7a40a00ffffffe800000000"], 0x15) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f00000004c0)={0x3, [0x0, 0x0, 0x0]}, &(0x7f0000000500)=0x10) setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r1, 0x84, 0x23, &(0x7f0000000540)={r2, 0x3}, 0x8) chdir(&(0x7f0000000100)='./file0\x00') mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:33 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000036fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 517.138909] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0 [ 517.149905] syz-executor5 cpuset=syz5 mems_allowed=0 [ 517.155777] CPU: 1 PID: 14169 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 517.163068] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 517.163075] Call Trace: [ 517.163108] dump_stack+0x1c4/0x2b4 [ 517.163130] ? dump_stack_print_info.cold.2+0x52/0x52 [ 517.163152] ? mark_held_locks+0x130/0x130 [ 517.188137] ? mark_held_locks+0x130/0x130 [ 517.192398] dump_header+0x27b/0xf72 [ 517.196142] ? pagefault_out_of_memory+0x197/0x197 [ 517.201096] ? check_preemption_disabled+0x48/0x200 [ 517.206141] ? check_preemption_disabled+0x48/0x200 [ 517.211169] ? graph_lock+0x170/0x170 [ 517.214985] ? graph_lock+0x170/0x170 [ 517.218787] ? print_usage_bug+0xc0/0xc0 [ 517.222854] ? find_held_lock+0x36/0x1c0 [ 517.226905] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 517.232456] ? find_held_lock+0x36/0x1c0 [ 517.236527] ? mark_held_locks+0xc7/0x130 [ 517.240670] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 517.245765] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 517.250871] ? lockdep_hardirqs_on+0x421/0x5c0 [ 517.255471] ? trace_hardirqs_on+0xbd/0x310 [ 517.259789] ? kasan_check_read+0x11/0x20 [ 517.263928] ? ___ratelimit+0x36f/0x655 [ 517.267916] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 517.273369] ? trace_hardirqs_on+0x310/0x310 [ 517.277766] ? lock_downgrade+0x900/0x900 [ 517.281908] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 517.287010] ? ___ratelimit+0xaa/0x655 [ 517.290907] ? idr_get_free+0xec0/0xec0 [ 517.294892] ? kasan_check_write+0x14/0x20 [ 517.299131] ? do_raw_spin_lock+0xc1/0x200 [ 517.303359] oom_kill_process.cold.27+0x10/0x903 [ 517.308128] ? kasan_check_write+0x14/0x20 [ 517.312388] ? do_raw_spin_lock+0xc1/0x200 [ 517.316613] ? oom_evaluate_task+0x540/0x540 [ 517.321026] ? cgroup_procs_next+0x70/0x70 [ 517.325264] ? _raw_spin_unlock_irq+0x60/0x80 [ 517.329768] ? oom_badness+0xaa0/0xaa0 [ 517.333670] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 517.338414] ? mem_cgroup_iter_break+0x30/0x30 [ 517.342992] ? mark_held_locks+0xc7/0x130 [ 517.347131] out_of_memory+0xa84/0x1430 [ 517.351097] ? lockdep_hardirqs_on+0x421/0x5c0 [ 517.355671] ? kasan_check_read+0x11/0x20 [ 517.359807] ? oom_killer_disable+0x3a0/0x3a0 [ 517.364289] ? kasan_check_write+0x14/0x20 [ 517.368520] ? do_raw_spin_lock+0xc1/0x200 [ 517.372791] mem_cgroup_out_of_memory+0x15e/0x210 [ 517.377634] ? memcg_memory_event+0x40/0x40 [ 517.381962] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 517.386923] ? page_counter_try_charge+0x1c1/0x220 [ 517.391858] try_charge+0xc43/0x1690 [ 517.395568] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 517.401629] ? tcp_sendmsg+0x2f/0x50 [ 517.405356] ? sock_sendmsg+0xd5/0x120 [ 517.409243] ? __sys_sendto+0x3d7/0x670 [ 517.413221] ? __x64_sys_sendto+0xe1/0x1a0 [ 517.417444] ? do_syscall_64+0x1b9/0x820 [ 517.421493] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 517.426855] ? graph_lock+0x170/0x170 [ 517.430661] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 517.436191] ? check_preemption_disabled+0x48/0x200 [ 517.441206] ? check_preemption_disabled+0x48/0x200 [ 517.446231] ? mark_held_locks+0xc7/0x130 [ 517.450392] ? __lock_is_held+0xb5/0x140 [ 517.454442] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 517.459359] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 517.464278] ? lockdep_hardirqs_on+0x421/0x5c0 [ 517.468852] ? __sk_mem_raise_allocated+0x642/0x1800 [ 517.473985] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 517.479443] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 517.484971] ? check_preemption_disabled+0x48/0x200 [ 517.489989] mem_cgroup_charge_skmem+0x1e4/0x390 [ 517.494751] ? mem_cgroup_sk_free+0x90/0x90 [ 517.499093] __sk_mem_raise_allocated+0x642/0x1800 [ 517.504016] ? sk_busy_loop_end+0x1c0/0x1c0 [ 517.508359] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 517.513365] ? skb_page_frag_refill+0x1eb/0x6a0 [ 517.518055] ? sock_kzfree_s+0x60/0x60 [ 517.521960] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 517.526977] ? sk_stream_alloc_skb+0x34b/0x970 [ 517.531552] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 517.536565] ? skb_entail+0x618/0x8c0 [ 517.540380] ? tcp_rate_check_app_limited+0x121/0x460 [ 517.545558] ? tcp_splice_data_recv+0x1b0/0x1b0 [ 517.550234] __sk_mem_schedule+0x6d/0xe0 [ 517.554299] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 517.559843] tcp_sendmsg_locked+0x1c86/0x3f00 [ 517.564338] ? tcp_sendpage+0x60/0x60 [ 517.568249] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 517.573706] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 517.579241] ? check_preemption_disabled+0x48/0x200 [ 517.584252] ? smack_netlabel+0xda/0x180 [ 517.588311] ? smack_netlabel+0xda/0x180 [ 517.592369] ? find_held_lock+0x36/0x1c0 [ 517.596422] ? mark_held_locks+0xc7/0x130 [ 517.600571] ? __local_bh_enable_ip+0x160/0x260 [ 517.605483] ? __local_bh_enable_ip+0x160/0x260 [ 517.610189] ? trace_hardirqs_on+0xbd/0x310 [ 517.614514] ? lock_release+0x970/0x970 [ 517.618480] ? lock_sock_nested+0xe2/0x120 [ 517.622721] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 517.628171] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 517.633715] ? check_preemption_disabled+0x48/0x200 [ 517.638722] ? lock_sock_nested+0x9a/0x120 [ 517.642958] ? lock_sock_nested+0x9a/0x120 [ 517.647200] ? __local_bh_enable_ip+0x160/0x260 [ 517.651865] tcp_sendmsg+0x2f/0x50 [ 517.655410] inet_sendmsg+0x1a1/0x690 [ 517.659215] ? ipip_gro_receive+0x100/0x100 [ 517.663530] ? smack_socket_sendmsg+0x150/0x190 [ 517.668188] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 517.673718] ? security_socket_sendmsg+0x94/0xc0 [ 517.678464] ? ipip_gro_receive+0x100/0x100 [ 517.682776] sock_sendmsg+0xd5/0x120 [ 517.686479] __sys_sendto+0x3d7/0x670 [ 517.690270] ? __ia32_sys_getpeername+0xb0/0xb0 [ 517.694955] ? lock_release+0x970/0x970 [ 517.698932] ? arch_local_save_flags+0x40/0x40 [ 517.703522] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 517.708980] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 517.714505] ? put_timespec64+0x10f/0x1b0 [ 517.718644] ? nsecs_to_jiffies+0x30/0x30 [ 517.722784] ? do_syscall_64+0x9a/0x820 [ 517.726762] ? do_syscall_64+0x9a/0x820 [ 517.730768] ? lockdep_hardirqs_on+0x421/0x5c0 [ 517.735343] ? trace_hardirqs_on+0xbd/0x310 [ 517.739653] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 517.745181] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 517.750546] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 517.756020] __x64_sys_sendto+0xe1/0x1a0 [ 517.760093] do_syscall_64+0x1b9/0x820 [ 517.763979] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 517.769521] ? syscall_return_slowpath+0x5e0/0x5e0 [ 517.774528] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 517.779367] ? trace_hardirqs_on_caller+0x310/0x310 [ 517.784371] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 517.789379] ? prepare_exit_to_usermode+0x291/0x3b0 [ 517.794386] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 517.799222] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 517.804419] RIP: 0033:0x457579 [ 517.807632] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 517.826520] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 517.834231] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 517.841503] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 517.848760] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 517.856024] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 517.863304] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff [ 517.888179] Task in /syz5 killed as a result of limit of /syz5 [ 517.894253] memory: usage 204796kB, limit 204800kB, failcnt 434598 [ 517.920799] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 517.935446] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 19:57:34 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000062fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:34 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0x7}, 0xfffffffffffffe95) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) write$P9_RATTACH(r1, &(0x7f00000004c0)={0x14, 0x69, 0x2, {0x4a, 0x4, 0x8}}, 0x14) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000980)=ANY=[@ANYPTR64=&(0x7f00000006c0)=ANY=[@ANYPTR=&(0x7f0000000540)=ANY=[@ANYPTR, @ANYRESOCT=r0], @ANYRES16=r1, @ANYRESDEC=r1, @ANYPTR=&(0x7f0000000640)=ANY=[@ANYRESOCT, @ANYRES64=r0, @ANYRESDEC=r0, @ANYRESOCT=r1, @ANYPTR64, @ANYPTR64], @ANYRESDEC=0x0, @ANYRESHEX, @ANYRES16=r1, @ANYRES32, @ANYBLOB="15721b4738130da5dcc1063fab455f23f1529a9198566f1dfde3a4e44bceb9a1c5351fe7e98be7267b55c5ea2a56ca8e8e8a7a317b2daa5790e40839babb45b61b46ce"], @ANYRES32=r0, @ANYPTR64=&(0x7f0000000780)=ANY=[@ANYRES16=r1, @ANYPTR64=&(0x7f0000000580)=ANY=[@ANYRES16=r0, @ANYRES64=r0], @ANYBLOB="29095a3f98c88613e889172a331fa513507dcd17451906106ebc4ba6585491f8d4b1c92faae7549f916d78b794b13f5020dba9c17436ded4abe46a4e66400cb8b1d0b0d01caa5cabd48b34043164b9169ca2d4aeff202840943278ee9c109702855a1cf367a77f556fdc18348fd916f0b00d37b8003dbf7767512cc42c5a7d32265063d0c42bbfa0d52a0d92eda0c1aaa50c0efbe36d4adcf263470d4147fca3fedf86ad1264bcfdcaa71402febac149e9b69159ad4fc0d5c4db68bd50fa1e6f00203dd6", @ANYRESHEX=r0, @ANYRES32=r0, @ANYRESOCT=r1, @ANYBLOB="43fa377ec2b833104f0ef600cd9ccf77d4a232b85c0c200736563472d546a6dc8fde367272b4ffb38cf06d66df78739a4b405861d77e03725871a520ab0b0748d282a83eb949e33cf03fdc3790ab756cd4f526d26a050395a4bb5c3afc68168b75807fee48020b67e3e479b595500ae1c344fbf76cd7707c3f02f0b33f86a8e1a74346031333bfc1de29958d7fb8bb9d1e3e38b0d683b98ae21ee7cfb701ea0c0a7d312b1c28c3625bddfeb9088199a4d25cd39fc8b6d30bc55295a2d4b5cd490126deb9de2717b76714759583f1", @ANYRESHEX, @ANYRESHEX=r1]], 0x14) lstat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$security_capability(r0, &(0x7f0000000100)='security.capability\x00', &(0x7f00000002c0)=@v3={0x3000000, [{0x0, 0x100}, {0x9, 0x4}], r2}, 0x18, 0x1) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="437766976e6f3d", @ANYRESHEX=r1, @ANYBLOB=',\x00']) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=@random={'os2.', 'system.posix_acl_default\x00'}) 19:57:34 executing program 1: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xfffffffffffffe61, 0x4d, 0x1}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="6428994ccbe96bd70bc1c9b5ab0969ac2d54703f939cf2e7dc85204b13c7976e6f3df626f63232bbf3063ba08caae2840c", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',\x00']) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) r2 = socket$bt_hidp(0x1f, 0x3, 0x6) getsockopt$IP_VS_SO_GET_SERVICE(r2, 0x0, 0x483, &(0x7f0000000cc0), &(0x7f00000002c0)=0x68) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:34 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375680060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 517.941617] Memory cgroup stats for /syz5: cache:32KB rss:2248KB rss_huge:2048KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2204KB inactive_file:0KB active_file:0KB unevictable:0KB [ 517.967441] Memory cgroup out of memory: Kill process 14161 (syz-executor5) score 171 or sacrifice child 19:57:34 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="02030000070000000000003efff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 517.989607] Killed process 14161 (syz-executor5) total-vm:70472kB, anon-rss:2144kB, file-rss:32832kB, shmem-rss:0kB 19:57:34 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x1500}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:34 executing program 1: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xfffffffffffffe61, 0x4d, 0x1}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="6428994ccbe96bd70bc1c9b5ab0969ac2d54703f939cf2e7dc85204b13c7976e6f3df626f63232bbf3063ba08caae2840c", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',\x00']) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) r2 = socket$bt_hidp(0x1f, 0x3, 0x6) getsockopt$IP_VS_SO_GET_SERVICE(r2, 0x0, 0x483, &(0x7f0000000cc0), &(0x7f00000002c0)=0x68) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 518.057807] 9pnet: Insufficient options for proto=fd [ 518.074418] oom_reaper: reaped process 14161 (syz-executor5), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB [ 518.101749] 9pnet: Insufficient options for proto=fd 19:57:34 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000011fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:34 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RSTATFS(r0, &(0x7f0000000400)={0x43, 0x9, 0x2, {0x0, 0x100000001, 0xafab, 0x8, 0x401, 0x0, 0x4, 0x1de6, 0x8}}, 0x43) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:34 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4208938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:34 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375160060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:35 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x200000000000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 518.289712] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0 [ 518.317456] syz-executor5 cpuset=syz5 mems_allowed=0 [ 518.327592] CPU: 0 PID: 14208 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 518.334889] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 518.334897] Call Trace: [ 518.334924] dump_stack+0x1c4/0x2b4 [ 518.334949] ? dump_stack_print_info.cold.2+0x52/0x52 [ 518.334974] ? mark_held_locks+0x130/0x130 [ 518.334992] ? mark_held_locks+0x130/0x130 [ 518.335014] dump_header+0x27b/0xf72 [ 518.335046] ? pagefault_out_of_memory+0x197/0x197 [ 518.335068] ? check_preemption_disabled+0x48/0x200 [ 518.335095] ? check_preemption_disabled+0x48/0x200 [ 518.347074] ? graph_lock+0x170/0x170 [ 518.347098] ? graph_lock+0x170/0x170 [ 518.347116] ? print_usage_bug+0xc0/0xc0 [ 518.347135] ? find_held_lock+0x36/0x1c0 [ 518.347155] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 518.347175] ? find_held_lock+0x36/0x1c0 [ 518.394315] ? mark_held_locks+0xc7/0x130 [ 518.394334] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 518.394352] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 518.403443] ? lockdep_hardirqs_on+0x421/0x5c0 [ 518.413041] ? trace_hardirqs_on+0xbd/0x310 19:57:35 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000004fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 518.413056] ? kasan_check_read+0x11/0x20 [ 518.413077] ? ___ratelimit+0x36f/0x655 [ 518.424352] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 518.424371] ? trace_hardirqs_on+0x310/0x310 [ 518.424389] ? lock_downgrade+0x900/0x900 [ 518.424410] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 518.434260] ? ___ratelimit+0xaa/0x655 [ 518.434280] ? idr_get_free+0xec0/0xec0 [ 518.434296] ? kasan_check_write+0x14/0x20 [ 518.434313] ? do_raw_spin_lock+0xc1/0x200 [ 518.434337] oom_kill_process.cold.27+0x10/0x903 [ 518.461858] FS-Cache: Duplicate cookie detected [ 518.461948] ? kasan_check_write+0x14/0x20 [ 518.467136] FS-Cache: O-cookie c=000000007eda5e66 [p=00000000feea6f27 fl=222 nc=0 na=1] [ 518.470954] ? do_raw_spin_lock+0xc1/0x200 [ 518.474959] FS-Cache: O-cookie d=000000009c212102 n=000000005ba37b46 [ 518.479149] ? oom_evaluate_task+0x540/0x540 [ 518.483361] FS-Cache: O-key=[10] ' [ 518.488311] ? cgroup_procs_next+0x70/0x70 [ 518.488332] ? _raw_spin_unlock_irq+0x60/0x80 [ 518.488350] ? oom_badness+0xaa0/0xaa0 [ 518.493004] 34 [ 518.497238] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 518.497257] ? mem_cgroup_iter_break+0x30/0x30 [ 518.497288] ? mark_held_locks+0xc7/0x130 [ 518.505448] 32 [ 518.509638] out_of_memory+0xa84/0x1430 [ 518.509654] ? lockdep_hardirqs_on+0x421/0x5c0 [ 518.509671] ? kasan_check_read+0x11/0x20 [ 518.516177] 39 [ 518.520574] ? oom_killer_disable+0x3a0/0x3a0 [ 518.524109] 34 [ 518.528372] ? kasan_check_write+0x14/0x20 [ 518.528390] ? do_raw_spin_lock+0xc1/0x200 [ 518.528419] mem_cgroup_out_of_memory+0x15e/0x210 [ 518.532908] 39 [ 518.536846] ? memcg_memory_event+0x40/0x40 [ 518.536861] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 518.536882] ? page_counter_try_charge+0x1c1/0x220 [ 518.536901] try_charge+0xc43/0x1690 [ 518.538690] 38 [ 518.543468] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 518.548064] 38 [ 518.552172] ? tcp_sendmsg+0x2f/0x50 [ 518.553954] 39 [ 518.557926] ? sock_sendmsg+0xd5/0x120 [ 518.557938] ? __sys_sendto+0x3d7/0x670 [ 518.557953] ? graph_lock+0x170/0x170 [ 518.557966] ? graph_lock+0x170/0x170 [ 518.557990] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 518.562815] 38 [ 518.567828] ? check_preemption_disabled+0x48/0x200 [ 518.567870] ? check_preemption_disabled+0x48/0x200 [ 518.567896] ? mark_held_locks+0xc7/0x130 [ 518.570119] 34 [ 518.575783] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 518.575799] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 518.575816] ? lockdep_hardirqs_on+0x421/0x5c0 [ 518.575835] ? rcu_read_lock_sched_held+0x108/0x120 [ 518.577968] ' [ 518.582815] ? __sk_mem_raise_allocated+0x642/0x1800 [ 518.587064] FS-Cache: N-cookie c=000000005e12ce07 [p=00000000feea6f27 fl=2 nc=0 na=1] [ 518.591872] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 518.593660] FS-Cache: N-cookie d=000000009c212102 n=00000000b2e72793 [ 518.597973] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 518.597993] ? check_preemption_disabled+0x48/0x200 [ 518.598017] mem_cgroup_charge_skmem+0x1e4/0x390 [ 518.602929] FS-Cache: N-key=[10] ' [ 518.607881] ? mem_cgroup_sk_free+0x90/0x90 [ 518.607917] __sk_mem_raise_allocated+0x642/0x1800 [ 518.611611] 34 [ 518.613415] ? sk_busy_loop_end+0x1c0/0x1c0 [ 518.619558] 32 [ 518.621338] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 518.625058] 39 [ 518.626842] ? alloc_pages_current+0x114/0x210 [ 518.630709] 34 [ 518.634682] ? skb_page_frag_refill+0x1eb/0x6a0 [ 518.638485] 39 [ 518.642265] ? sock_kzfree_s+0x60/0x60 [ 518.647805] 38 [ 518.649591] ? _copy_from_iter_full+0x2b3/0xd20 [ 518.654579] 38 [ 518.659600] ? tcp_chrono_start+0x190/0x1e0 [ 518.659621] ? __sanitizer_cov_trace_cmp4+0x16/0x20 19:57:35 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x200000000000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 518.659642] ? tcp_rate_check_app_limited+0x121/0x460 [ 518.663769] 39 [ 518.665570] ? iov_iter_advance+0x1460/0x1460 [ 518.665607] __sk_mem_schedule+0x6d/0xe0 [ 518.670531] 3834 [ 518.675465] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 518.675488] tcp_sendmsg_locked+0x1c86/0x3f00 [ 518.675538] ? tcp_sendpage+0x60/0x60 [ 518.680076] ' [ 518.685088] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 518.685129] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 518.685148] ? check_preemption_disabled+0x48/0x200 [ 518.685168] ? smack_netlabel+0xda/0x180 [ 518.699928] ? smack_netlabel+0xda/0x180 [ 518.699951] ? find_held_lock+0x36/0x1c0 [ 518.699974] ? mark_held_locks+0xc7/0x130 [ 518.699995] ? __local_bh_enable_ip+0x160/0x260 [ 518.714037] ? __local_bh_enable_ip+0x160/0x260 [ 518.714059] ? trace_hardirqs_on+0xbd/0x310 [ 518.714074] ? lock_release+0x970/0x970 [ 518.714092] ? lock_sock_nested+0xe2/0x120 [ 518.714112] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 518.724653] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 19:57:35 executing program 1: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x5580}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 518.724673] ? check_preemption_disabled+0x48/0x200 [ 518.724691] ? lock_sock_nested+0x9a/0x120 [ 518.724713] ? lock_sock_nested+0x9a/0x120 [ 518.904010] ? __local_bh_enable_ip+0x160/0x260 [ 518.904041] tcp_sendmsg+0x2f/0x50 [ 518.912259] inet_sendmsg+0x1a1/0x690 [ 518.916091] ? ipip_gro_receive+0x100/0x100 [ 518.920429] ? smack_socket_sendmsg+0x150/0x190 [ 518.925116] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 518.930669] ? security_socket_sendmsg+0x94/0xc0 [ 518.935451] ? ipip_gro_receive+0x100/0x100 [ 518.939803] sock_sendmsg+0xd5/0x120 [ 518.943579] __sys_sendto+0x3d7/0x670 [ 518.947464] ? __ia32_sys_getpeername+0xb0/0xb0 [ 518.952148] ? lock_release+0x970/0x970 [ 518.956145] ? arch_local_save_flags+0x40/0x40 [ 518.960763] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 518.966261] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 518.971827] ? put_timespec64+0x10f/0x1b0 [ 518.975989] ? nsecs_to_jiffies+0x30/0x30 [ 518.980154] ? do_syscall_64+0x9a/0x820 [ 518.984154] ? do_syscall_64+0x9a/0x820 [ 518.988143] ? lockdep_hardirqs_on+0x421/0x5c0 19:57:35 executing program 1: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 518.992739] ? trace_hardirqs_on+0xbd/0x310 [ 518.997073] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 519.002630] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 519.008010] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 519.013484] __x64_sys_sendto+0xe1/0x1a0 [ 519.017596] do_syscall_64+0x1b9/0x820 [ 519.021500] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 519.026890] ? syscall_return_slowpath+0x5e0/0x5e0 [ 519.031832] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 519.036707] ? trace_hardirqs_on_caller+0x310/0x310 [ 519.041745] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 519.042682] FS-Cache: Duplicate cookie detected [ 519.046774] ? prepare_exit_to_usermode+0x291/0x3b0 [ 519.046799] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 519.046824] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 519.046836] RIP: 0033:0x457579 [ 519.046853] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 519.046867] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 [ 519.051553] FS-Cache: O-cookie c=000000007eda5e66 [p=00000000feea6f27 fl=222 nc=0 na=1] [ 519.057805] ORIG_RAX: 000000000000002c [ 519.057815] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 519.057825] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 519.057834] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 519.057844] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 519.057852] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff [ 519.064021] Task in [ 519.069490] FS-Cache: O-cookie d=000000009c212102 n=000000005ba37b46 [ 519.072241] /syz5 [ 519.091060] FS-Cache: O-key=[10] ' [ 519.097227] killed as a result of limit of [ 519.104840] 34323934393838393834' [ 519.104908] FS-Cache: N-cookie c=00000000de13a2cb [p=00000000feea6f27 fl=2 nc=0 na=1] [ 519.104918] FS-Cache: N-cookie d=000000009c212102 n=00000000054d2749 [ 519.104930] FS-Cache: N-key=[10] ' [ 519.109106] /syz5 [ 519.116240] 34 [ 519.131277] 323934393838393834' [ 519.148702] memory: usage 204800kB, limit 204800kB, failcnt 434622 [ 519.157905] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 519.166141] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 519.184210] Memory cgroup stats for /syz5: cache:32KB rss:2200KB rss_huge:2048KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2200KB inactive_file:0KB active_file:0KB unevictable:0KB 19:57:35 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB, @ANYRESHEX=r1, @ANYBLOB=',\x00']) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="2a0000002901000000000000000000003e5c0418a46a33021f3900e70571547cc196e89ede76177fb3835c5a78feec6dd329d1d7758a3ea038928bb5dd49e1e7796fca5aec9d4be9f5fdcfa9defc86d3e33745491f93cf60e3360200000000000000d1d1bc89a17af60d1d4f0000000000000000000000"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) r2 = syz_open_dev$dspn(&(0x7f0000000580)='/dev/dsp#\x00', 0x101, 0x1) connect$unix(r2, &(0x7f0000000740)=@file={0x1, './file0\x00'}, 0x6e) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') r3 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x41, 0x50000) ioctl$UFFDIO_UNREGISTER(r3, 0x8010aa01, &(0x7f00000001c0)={&(0x7f0000ff9000/0x4000)=nil, 0x4000}) ioctl$KVM_SET_SREGS(r3, 0x4138ae84, &(0x7f0000000600)={{0x0, 0x17002, 0xf, 0x1f, 0x1, 0x1, 0x2dd, 0xffffffffffffffff, 0x7, 0x7, 0x9, 0x6}, {0x10000, 0x10000, 0xe, 0x4, 0x71e3, 0xe6, 0x2, 0x5, 0x1db, 0x80000000000000, 0xc00000000000, 0x3}, {0x110001, 0x3002, 0xf, 0xbe7, 0x1f, 0x3f, 0x80, 0x9, 0x1000, 0x8, 0x3ff, 0x1000}, {0xf001, 0xf000, 0x9, 0x1921, 0x8, 0x8fe9, 0x400, 0x3, 0x0, 0x10000, 0xfff, 0x1}, {0x3000, 0x4, 0xc, 0x5, 0x7, 0x5, 0x1, 0x800, 0x7fffffff, 0x6, 0x1, 0x40}, {0x0, 0x13000, 0xf, 0x80, 0x0, 0x40, 0xa6d, 0x80, 0x2, 0x1, 0x40, 0x132}, {0x0, 0x3000, 0x0, 0x8001, 0x40, 0x1e2b4967, 0x12b, 0x5, 0x1f, 0x10000, 0x9, 0x401}, {0x1f001, 0x7000, 0x9, 0x7, 0x75d9, 0x4, 0xef8, 0x9, 0x8, 0x0, 0x4, 0x9}, {0x0, 0x100000}, {0x4}, 0x20, 0x0, 0x4, 0x2000, 0xf, 0x5800, 0x105000, [0x3f, 0xfc10, 0xc81, 0x800]}) write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000004c0)={0xffffffffffffffff}, 0x13f, 0x1009}}, 0x20) write$RDMA_USER_CM_CMD_MIGRATE_ID(r3, &(0x7f0000000540)={0x12, 0x10, 0xfa00, {&(0x7f00000002c0), r4, r3}}, 0x18) [ 519.235156] Memory cgroup out of memory: Kill process 14204 (syz-executor5) score 171 or sacrifice child [ 519.251590] Killed process 14204 (syz-executor5) total-vm:70472kB, anon-rss:2144kB, file-rss:32768kB, shmem-rss:0kB [ 519.264363] oom_reaper: reaped process 14204 (syz-executor5), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB 19:57:36 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xf8e}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:36 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b420293820ec9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:36 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375006260007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:36 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000068fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 519.317103] 9pnet: Insufficient options for proto=fd [ 519.366285] 9pnet: Insufficient options for proto=fd 19:57:36 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x14480, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000040)='veno\x00', 0x5) r1 = syz_open_dev$ndb(&(0x7f0000001380)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) lseek(r1, 0x0, 0x0) 19:57:36 executing program 3: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x100, 0x60000) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f00000003c0)={0x0, 0x1}, &(0x7f0000000400)=0x8) getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000640)={0x0, 0x6, 0xf9, 0x9, 0x1, 0x0, 0x48f3, 0x101, {r1, @in6={{0xa, 0x4e24, 0x101, @empty, 0x101}}, 0x3, 0xd4, 0x7, 0x80000000}}, &(0x7f0000000440)=0xb0) pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r3, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}}) write$P9_RREADDIR(r3, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r3, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r3, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) r4 = getuid() mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000100)='9p\x00', 0x80008, &(0x7f0000000740)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[], [{@obj_type={'obj_type', 0x3d, 'wfdno'}}, {@fowner_gt={'fowner>', r4}}, {@hash='hash'}, {@appraise='appraise'}, {@measure='measure'}, {@appraise_type='appraise_type=imasig'}, {@appraise='appraise'}, {@smackfstransmute={'smackfstransmute', 0x3d, ']$eth1$self-'}}, {@uid_eq={'uid', 0x3d, r4}}]}}) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r0, 0x800448d3, &(0x7f0000000840)={{0x9, 0xfffffffffffffff8, 0x3e89, 0x8, 0x5, 0x400}, 0x3ff, 0x401, 0x23c, 0x4, 0x2, "7b2aa8a424b0016ee74344bd4312daf329558611eb468e370bf30b7b2bb62cea8fc8bf4bc1cab10ba8d96ca5cbccced67fdaca06662b5e78d5eef4ee96f8964acddd5d17a4183f521e8b8299929f773b73053ce2ceb9716ebf52c43590c97f2e597ca5655d54b7d7dae0d01bf582281b35087a5b4df67630c7cb6094e4a28bf2"}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 519.436504] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0 [ 519.451653] syz-executor5 cpuset=syz5 mems_allowed=0 [ 519.465173] CPU: 0 PID: 14257 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 519.472552] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 519.481935] Call Trace: [ 519.484551] dump_stack+0x1c4/0x2b4 [ 519.488221] ? dump_stack_print_info.cold.2+0x52/0x52 [ 519.488242] ? mark_held_locks+0x130/0x130 [ 519.488261] ? mark_held_locks+0x130/0x130 [ 519.497701] dump_header+0x27b/0xf72 [ 519.505825] ? pagefault_out_of_memory+0x197/0x197 [ 519.505843] ? check_preemption_disabled+0x48/0x200 [ 519.505860] ? check_preemption_disabled+0x48/0x200 [ 519.505886] ? graph_lock+0x170/0x170 [ 519.516108] ? graph_lock+0x170/0x170 [ 519.516125] ? print_usage_bug+0xc0/0xc0 [ 519.516144] ? find_held_lock+0x36/0x1c0 [ 519.516165] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 519.542340] ? find_held_lock+0x36/0x1c0 [ 519.546826] ? mark_held_locks+0xc7/0x130 [ 519.550961] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 519.556051] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 519.561139] ? lockdep_hardirqs_on+0x421/0x5c0 [ 519.565718] ? trace_hardirqs_on+0xbd/0x310 [ 519.570135] ? kasan_check_read+0x11/0x20 [ 519.574270] ? ___ratelimit+0x36f/0x655 [ 519.578245] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 519.583683] ? trace_hardirqs_on+0x310/0x310 [ 519.588082] ? lock_downgrade+0x900/0x900 [ 519.592240] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 519.597337] ? ___ratelimit+0xaa/0x655 [ 519.601226] ? idr_get_free+0xec0/0xec0 [ 519.605192] ? kasan_check_write+0x14/0x20 [ 519.609427] ? do_raw_spin_lock+0xc1/0x200 [ 519.613976] oom_kill_process.cold.27+0x10/0x903 [ 519.618723] ? kasan_check_write+0x14/0x20 [ 519.622967] ? do_raw_spin_lock+0xc1/0x200 [ 519.627193] ? oom_evaluate_task+0x540/0x540 [ 519.631593] ? cgroup_procs_next+0x70/0x70 [ 519.635816] ? _raw_spin_unlock_irq+0x60/0x80 [ 519.640313] ? oom_badness+0xaa0/0xaa0 [ 519.644186] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 519.649479] ? mem_cgroup_iter_break+0x30/0x30 [ 519.654142] ? mark_held_locks+0xc7/0x130 [ 519.658280] out_of_memory+0xa84/0x1430 [ 519.662242] ? lockdep_hardirqs_on+0x421/0x5c0 [ 519.666812] ? kasan_check_read+0x11/0x20 [ 519.670948] ? oom_killer_disable+0x3a0/0x3a0 [ 519.675429] ? kasan_check_write+0x14/0x20 [ 519.679649] ? do_raw_spin_lock+0xc1/0x200 [ 519.683874] mem_cgroup_out_of_memory+0x15e/0x210 [ 519.688724] ? memcg_memory_event+0x40/0x40 [ 519.693031] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 519.697956] ? page_counter_try_charge+0x1c1/0x220 [ 519.702872] try_charge+0xc43/0x1690 [ 519.706587] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 519.712636] ? tcp_sendmsg+0x2f/0x50 [ 519.716339] ? sock_sendmsg+0xd5/0x120 [ 519.720214] ? __sys_sendto+0x3d7/0x670 [ 519.724170] ? __x64_sys_sendto+0xe1/0x1a0 [ 519.728617] ? do_syscall_64+0x1b9/0x820 [ 519.732662] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 519.738015] ? graph_lock+0x170/0x170 [ 519.741804] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 519.747343] ? check_preemption_disabled+0x48/0x200 [ 519.752343] ? check_preemption_disabled+0x48/0x200 [ 519.757349] ? mark_held_locks+0xc7/0x130 [ 519.761477] ? __lock_is_held+0xb5/0x140 [ 519.765554] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 519.770468] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 519.775394] ? lockdep_hardirqs_on+0x421/0x5c0 [ 519.779967] ? __sk_mem_raise_allocated+0x642/0x1800 [ 519.785059] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 519.790495] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 519.796019] ? check_preemption_disabled+0x48/0x200 [ 519.801045] mem_cgroup_charge_skmem+0x1e4/0x390 [ 519.805808] ? mem_cgroup_sk_free+0x90/0x90 [ 519.810121] __sk_mem_raise_allocated+0x642/0x1800 [ 519.815043] ? sk_busy_loop_end+0x1c0/0x1c0 [ 519.819359] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 519.824358] ? skb_page_frag_refill+0x1eb/0x6a0 [ 519.829023] ? sock_kzfree_s+0x60/0x60 [ 519.832914] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 519.837918] ? sk_stream_alloc_skb+0x34b/0x970 [ 519.842488] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 519.847500] ? skb_entail+0x618/0x8c0 [ 519.851294] ? tcp_rate_check_app_limited+0x121/0x460 [ 519.856469] ? tcp_splice_data_recv+0x1b0/0x1b0 [ 519.861125] __sk_mem_schedule+0x6d/0xe0 [ 519.865192] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 519.870720] tcp_sendmsg_locked+0x1c86/0x3f00 [ 519.875220] ? tcp_sendpage+0x60/0x60 [ 519.879007] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 519.884456] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 519.889986] ? check_preemption_disabled+0x48/0x200 [ 519.894993] ? smack_netlabel+0xda/0x180 [ 519.899046] ? smack_netlabel+0xda/0x180 [ 519.903098] ? find_held_lock+0x36/0x1c0 [ 519.907150] ? mark_held_locks+0xc7/0x130 [ 519.911306] ? __local_bh_enable_ip+0x160/0x260 [ 519.915977] ? __local_bh_enable_ip+0x160/0x260 [ 519.920655] ? trace_hardirqs_on+0xbd/0x310 [ 519.924960] ? lock_release+0x970/0x970 [ 519.928923] ? lock_sock_nested+0xe2/0x120 [ 519.933142] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 519.938586] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 519.944753] ? check_preemption_disabled+0x48/0x200 [ 519.949774] ? lock_sock_nested+0x9a/0x120 [ 519.954000] ? lock_sock_nested+0x9a/0x120 [ 519.958226] ? __local_bh_enable_ip+0x160/0x260 [ 519.962888] tcp_sendmsg+0x2f/0x50 [ 519.966418] inet_sendmsg+0x1a1/0x690 [ 519.970207] ? ipip_gro_receive+0x100/0x100 [ 519.974537] ? smack_socket_sendmsg+0x150/0x190 [ 519.979201] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 519.984726] ? security_socket_sendmsg+0x94/0xc0 [ 519.989501] ? ipip_gro_receive+0x100/0x100 [ 519.993816] sock_sendmsg+0xd5/0x120 [ 519.997518] __sys_sendto+0x3d7/0x670 [ 520.001353] ? __ia32_sys_getpeername+0xb0/0xb0 [ 520.006011] ? lock_release+0x970/0x970 [ 520.009969] ? arch_local_save_flags+0x40/0x40 [ 520.014561] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 520.020022] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 520.025550] ? put_timespec64+0x10f/0x1b0 [ 520.029693] ? nsecs_to_jiffies+0x30/0x30 [ 520.033831] ? do_syscall_64+0x9a/0x820 [ 520.037795] ? do_syscall_64+0x9a/0x820 [ 520.041759] ? lockdep_hardirqs_on+0x421/0x5c0 [ 520.046329] ? trace_hardirqs_on+0xbd/0x310 [ 520.050643] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 520.056169] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 520.061523] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 520.066967] __x64_sys_sendto+0xe1/0x1a0 [ 520.071036] do_syscall_64+0x1b9/0x820 [ 520.074916] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 520.080271] ? syscall_return_slowpath+0x5e0/0x5e0 [ 520.085186] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 520.090017] ? trace_hardirqs_on_caller+0x310/0x310 [ 520.095050] ? prepare_exit_to_usermode+0x291/0x3b0 [ 520.100057] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 520.104895] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 520.110072] RIP: 0033:0x457579 [ 520.113279] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 520.132194] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c 19:57:36 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375000a60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 520.139893] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 520.147149] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 520.154402] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 520.161674] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 520.168927] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff 19:57:36 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000002fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:36 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d53753e0060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 520.208989] Task in /syz5 killed as a result of limit of /syz5 [ 520.244713] memory: usage 204800kB, limit 204800kB, failcnt 434656 19:57:37 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) syz_execute_func(&(0x7f0000000100)="c4c139ec5da2f34190674898420210ddc8d9fc470f830010000070f4011ec403956cf4a9") mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:37 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375020060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:37 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000200fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 520.282127] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 520.318994] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 520.374925] Memory cgroup stats for /syz5: cache:32KB rss:88KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:156KB inactive_file:0KB active_file:0KB unevictable:0KB [ 520.432673] Memory cgroup out of memory: Kill process 14256 (syz-executor5) score 161 or sacrifice child [ 520.442524] Killed process 14256 (syz-executor5) total-vm:70472kB, anon-rss:96kB, file-rss:32832kB, shmem-rss:0kB [ 520.468580] oom_reaper: reaped process 14256 (syz-executor5), now anon-rss:0kB, file-rss:32064kB, shmem-rss:0kB 19:57:37 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x800000000000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:37 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="02030000070000000000000efff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:37 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="c1ff030000003dbd48bc43e9afb469a48d12205a254ae6c4407a40d7f2a816a9e89430ca19323fe56405b18cb38d0c4a3ca89bb2f09e93afff28f080fd049763b1759adf813451c2f895d190659e8f18ea6ad307e0068fb506ad06739b210de094783a3425dcf518b4719b0bc08ae94b7cd8ff019250ba4b9a91f0a3d6ec12441059926fbbba0d414a3e168f89f0c7b7b16174c562091f6d8fc52e23484e9d00e068c24b6d2d5c68d80f1ef36aa010b20e34641f7cfc64d9f376cb696e4b217f3d297e86f1f7cce96674b75737d97ac5a04f73a2d37a546b47d2c6b1663f1981c8dd4ce99ba9e6c9029711b895bc62a4147fd21c4ca5e18ee2cc435f591b4ea6978afaad8e3e671495aa87129c576cf7b3116d737f65b9e3b9c3e2c3963de349dd2c4deb86e1c747", @ANYRESHEX=r1, @ANYBLOB=',\x00']) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="7472616e733d66642c7266646e6f3dc4730b11420d98a02a3d135e497655629be4f3", @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',\x00']) r2 = geteuid() getgroups(0x5, &(0x7f0000000100)=[0x0, 0xee00, 0xffffffffffffffff, 0xee00, 0xee00]) syz_mount_image$nfs4(&(0x7f00000001c0)='nfs4\x00', &(0x7f00000002c0)='./file0/file0\x00', 0xff, 0x2, &(0x7f0000000440)=[{&(0x7f00000007c0)="fc2fc40ba7070a7512e3957f7ff9278cb4761ebadb11929a86584833fc350ff55e41e835bc99d9161a3ed98e3a65d65ddc1f1e1d17e1b4f295d809b59855aaf00d21f025ccbdf5ba1b7e9db7c234dcfa8ce49fc54885bcb0d03e32a045ef8367eee738e995c4e25c36110ffb27556f841af06a2acb83e54ee0a5aa6d5df878e8af501f31370215d481e9c79787773bb22c6b745d211c5da160dca0b8b43e6094e8ff187b", 0xa4, 0x3}, {&(0x7f0000000540)="cd5ef5f9bd0d51d41acc5282d2b0e52f0aa396a268fe4a1d69bfb43b4ba949bfd2451cdb9461f1bc3702e3ccfe44f29aadf3e323467241c9db20264cf764bcf28995098f2932d4", 0x47, 0x1}], 0x400, &(0x7f0000000880)="f62d295ed9757365727d40736563757269747970726f6300") write$P9_RGETATTR(r1, &(0x7f0000000380)={0xa0, 0x19, 0x2, {0x2, {0x2, 0x3, 0x6}, 0x8, r2, r3, 0x2, 0x0, 0x4, 0x800, 0xb3b7, 0x3, 0x7, 0x1, 0xfff, 0x3, 0x9, 0x2c, 0x3, 0xf6d2, 0x38000000000000}}, 0xa0) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:37 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375003e60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:37 executing program 1: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$ndb(&(0x7f0000001380)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) lseek(r0, 0xfffffffffffffffe, 0x2) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x400, 0x0) ioctl$TCSETA(r1, 0x5406, &(0x7f0000000040)={0x4, 0x65a87f4b, 0x8, 0x8, 0x5, 0x2, 0x9, 0x80000001, 0xfffffffffffffffc, 0x2}) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f00000001c0)={0x0, @in={{0x2, 0x4e24, @loopback}}, [0xfffffffffffff000, 0xf5c8, 0x3, 0x3, 0x7fff, 0x8, 0x2, 0x3ff, 0x100000001, 0xfff, 0x2, 0x1c00, 0x1, 0x1000, 0x3f]}, &(0x7f0000000080)=0x100) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f00000000c0)={r2, 0xf6}, &(0x7f0000000100)=0x8) 19:57:37 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d53755a0060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 520.592415] 9pnet: Insufficient options for proto=fd [ 520.618415] 9pnet: Insufficient options for proto=fd [ 520.641558] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0 [ 520.653729] syz-executor5 cpuset=syz5 mems_allowed=0 [ 520.659145] CPU: 1 PID: 14311 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 520.666430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 520.666437] Call Trace: [ 520.666465] dump_stack+0x1c4/0x2b4 [ 520.666494] ? dump_stack_print_info.cold.2+0x52/0x52 [ 520.666518] ? mark_held_locks+0x130/0x130 [ 520.666537] ? mark_held_locks+0x130/0x130 [ 520.666565] dump_header+0x27b/0xf72 [ 520.666602] ? pagefault_out_of_memory+0x197/0x197 [ 520.691574] ? check_preemption_disabled+0x48/0x200 [ 520.699513] ? check_preemption_disabled+0x48/0x200 [ 520.699542] ? graph_lock+0x170/0x170 [ 520.699567] ? graph_lock+0x170/0x170 [ 520.699585] ? print_usage_bug+0xc0/0xc0 [ 520.726179] ? find_held_lock+0x36/0x1c0 [ 520.730273] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 520.735836] ? find_held_lock+0x36/0x1c0 19:57:37 executing program 1: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000001100fff55b4202938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 520.739885] 9pnet: Insufficient options for proto=fd [ 520.739918] ? mark_held_locks+0xc7/0x130 [ 520.746485] 9pnet: Insufficient options for proto=fd [ 520.749203] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 520.749220] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 520.749249] ? lockdep_hardirqs_on+0x421/0x5c0 [ 520.749267] ? trace_hardirqs_on+0xbd/0x310 [ 520.749287] ? kasan_check_read+0x11/0x20 [ 520.777643] ? ___ratelimit+0x36f/0x655 [ 520.777665] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 520.777683] ? trace_hardirqs_on+0x310/0x310 [ 520.777699] ? lock_downgrade+0x900/0x900 [ 520.777721] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 520.787146] ? ___ratelimit+0xaa/0x655 [ 520.787166] ? idr_get_free+0xec0/0xec0 [ 520.787181] ? kasan_check_write+0x14/0x20 [ 520.787198] ? do_raw_spin_lock+0xc1/0x200 [ 520.787222] oom_kill_process.cold.27+0x10/0x903 [ 520.787251] ? kasan_check_write+0x14/0x20 [ 520.787267] ? do_raw_spin_lock+0xc1/0x200 [ 520.787295] ? oom_evaluate_task+0x540/0x540 [ 520.834862] ? cgroup_procs_next+0x70/0x70 [ 520.839111] ? _raw_spin_unlock_irq+0x60/0x80 [ 520.843612] ? oom_badness+0xaa0/0xaa0 [ 520.847523] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 520.852283] ? mem_cgroup_iter_break+0x30/0x30 [ 520.856885] ? mark_held_locks+0xc7/0x130 [ 520.861039] out_of_memory+0xa84/0x1430 [ 520.865016] ? lockdep_hardirqs_on+0x421/0x5c0 [ 520.869592] ? kasan_check_read+0x11/0x20 [ 520.873743] ? oom_killer_disable+0x3a0/0x3a0 [ 520.878261] ? kasan_check_write+0x14/0x20 [ 520.882489] ? do_raw_spin_lock+0xc1/0x200 [ 520.886730] mem_cgroup_out_of_memory+0x15e/0x210 [ 520.891565] ? memcg_memory_event+0x40/0x40 [ 520.895877] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 520.900797] ? page_counter_try_charge+0x1c1/0x220 [ 520.905729] try_charge+0xc43/0x1690 [ 520.909457] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 520.915504] ? tcp_sendmsg+0x2f/0x50 [ 520.919209] ? sock_sendmsg+0xd5/0x120 [ 520.923099] ? __sys_sendto+0x3d7/0x670 [ 520.927080] ? graph_lock+0x170/0x170 [ 520.930901] ? graph_lock+0x170/0x170 [ 520.934692] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 520.940234] ? check_preemption_disabled+0x48/0x200 [ 520.945255] ? check_preemption_disabled+0x48/0x200 [ 520.950278] ? mark_held_locks+0xc7/0x130 [ 520.954440] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 520.959362] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 520.964280] ? lockdep_hardirqs_on+0x421/0x5c0 [ 520.968853] ? rcu_read_lock_sched_held+0x108/0x120 [ 520.973884] ? __sk_mem_raise_allocated+0x642/0x1800 [ 520.979000] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 520.984451] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 520.990015] ? check_preemption_disabled+0x48/0x200 [ 520.995028] mem_cgroup_charge_skmem+0x1e4/0x390 [ 520.999775] ? mem_cgroup_sk_free+0x90/0x90 [ 521.004115] __sk_mem_raise_allocated+0x642/0x1800 [ 521.009041] ? sk_busy_loop_end+0x1c0/0x1c0 [ 521.013356] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 521.018984] ? alloc_pages_current+0x114/0x210 [ 521.023580] ? skb_page_frag_refill+0x1eb/0x6a0 [ 521.028246] ? sock_kzfree_s+0x60/0x60 [ 521.032141] ? _copy_from_iter_full+0x2b3/0xd20 [ 521.036813] ? tcp_chrono_start+0x190/0x1e0 [ 521.041126] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 521.046168] ? tcp_rate_check_app_limited+0x121/0x460 [ 521.051352] ? iov_iter_advance+0x1460/0x1460 [ 521.055844] __sk_mem_schedule+0x6d/0xe0 [ 521.059909] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 521.065468] tcp_sendmsg_locked+0x1c86/0x3f00 [ 521.070018] ? tcp_sendpage+0x60/0x60 [ 521.073849] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 521.079317] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 521.084857] ? check_preemption_disabled+0x48/0x200 [ 521.089877] ? smack_netlabel+0xda/0x180 [ 521.093927] ? smack_netlabel+0xda/0x180 [ 521.097983] ? find_held_lock+0x36/0x1c0 [ 521.102050] ? mark_held_locks+0xc7/0x130 [ 521.106201] ? __local_bh_enable_ip+0x160/0x260 [ 521.110877] ? __local_bh_enable_ip+0x160/0x260 [ 521.115564] ? trace_hardirqs_on+0xbd/0x310 [ 521.119889] ? lock_release+0x970/0x970 [ 521.123862] ? lock_sock_nested+0xe2/0x120 [ 521.128106] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 521.133562] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 521.139107] ? check_preemption_disabled+0x48/0x200 [ 521.144132] ? lock_sock_nested+0x9a/0x120 [ 521.148370] ? lock_sock_nested+0x9a/0x120 [ 521.152666] ? __local_bh_enable_ip+0x160/0x260 [ 521.157328] tcp_sendmsg+0x2f/0x50 [ 521.160862] inet_sendmsg+0x1a1/0x690 [ 521.164654] ? ipip_gro_receive+0x100/0x100 [ 521.168970] ? smack_socket_sendmsg+0x150/0x190 [ 521.173653] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 521.179195] ? security_socket_sendmsg+0x94/0xc0 [ 521.183950] ? ipip_gro_receive+0x100/0x100 [ 521.188277] sock_sendmsg+0xd5/0x120 [ 521.192004] __sys_sendto+0x3d7/0x670 [ 521.195810] ? __ia32_sys_getpeername+0xb0/0xb0 [ 521.200475] ? lock_release+0x970/0x970 [ 521.204450] ? arch_local_save_flags+0x40/0x40 [ 521.209073] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 521.214563] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 521.220120] ? put_timespec64+0x10f/0x1b0 [ 521.224282] ? nsecs_to_jiffies+0x30/0x30 [ 521.228431] ? do_syscall_64+0x9a/0x820 [ 521.232415] ? do_syscall_64+0x9a/0x820 [ 521.236392] ? lockdep_hardirqs_on+0x421/0x5c0 [ 521.240990] ? trace_hardirqs_on+0xbd/0x310 [ 521.245317] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 521.250845] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 521.256203] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 521.261650] __x64_sys_sendto+0xe1/0x1a0 [ 521.265701] do_syscall_64+0x1b9/0x820 [ 521.269574] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 521.274968] ? syscall_return_slowpath+0x5e0/0x5e0 [ 521.279895] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 521.284746] ? trace_hardirqs_on_caller+0x310/0x310 [ 521.289768] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 521.294787] ? prepare_exit_to_usermode+0x291/0x3b0 [ 521.299810] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 521.304661] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 521.309851] RIP: 0033:0x457579 [ 521.313041] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 521.331929] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 521.339627] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 521.346883] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 521.354148] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 521.361414] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 521.368671] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff [ 521.385324] Task in /syz5 killed as a result of limit of /syz5 19:57:38 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375110060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 521.391456] memory: usage 204800kB, limit 204800kB, failcnt 434696 [ 521.398488] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 521.405393] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 521.411637] Memory cgroup stats for /syz5: cache:32KB rss:88KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:152KB inactive_file:0KB active_file:0KB unevictable:0KB [ 521.432529] Memory cgroup out of memory: Kill process 14309 (syz-executor5) score 161 or sacrifice child 19:57:38 executing program 1: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='rdma.current\x00', 0x0, 0x0) ioctl$RTC_WIE_ON(r1, 0x700f) sendmsg$nl_generic(r0, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x34000, 0x0, 0x1000080}, 0xc, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="22fdfeffffffffffffff0000040000000000000003c52a7eeddcea32c3aee098d5b1471a083ce7964d1a1e877cb7244552dda49203ef1a7d4790682022f241d40b7a4a33708946ad90fe488f0679cbf3d0435e7839fa5af2468494b3eb21e8426dd702de0fdec59c7e52616d5781ebab8460fbdc4fc2178db2e2dbbe9f40403813bc6c46ed9cbf33090970e3285eb6ca64896b1965a7e416e2d1ee209ed4b3e20c2dad31"], 0x14}}, 0x0) alarm(0x1) r2 = socket$inet_smc(0x2b, 0x1, 0x0) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f0000000300)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="b11c74b1", @ANYRES16=r3, @ANYBLOB="000129bd7000ffdbdf250a000000040002005400010014000300fe8000000000000000000000000000aa080009001900000008000100020000000800050002000000140003007f00000100000000000000000000000008000600736800000800020088000000340001000800060064680000080009007f0000000800020073000000080008000500000008000800000000500800090030000000"], 0xa0}, 0x1, 0x0, 0x0, 0x24048804}, 0x4004000) getsockopt$inet_tcp_int(r2, 0x6, 0x8, &(0x7f0000000040), &(0x7f0000000080)=0x4) 19:57:38 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4208938207c9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:38 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375000a60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:38 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_buf(r2, 0x1, 0x3f, &(0x7f0000000640)=""/4096, &(0x7f0000000500)=0x1000) clock_getres(0x5, &(0x7f00000002c0)) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') r3 = accept$inet(0xffffffffffffff9c, &(0x7f0000000100)={0x2, 0x0, @rand_addr}, &(0x7f00000001c0)=0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000000400)=[@in={0x2, 0x4e22, @broadcast}, @in={0x2, 0x4e21, @rand_addr=0x1f}, @in={0x2, 0x4e21, @rand_addr=0x1}, @in6={0xa, 0x4e24, 0x3, @remote, 0x1f}, @in={0x2, 0x4e24, @multicast1}, @in={0x2, 0x4e23, @local}], 0x6c) [ 521.442407] Killed process 14309 (syz-executor5) total-vm:70472kB, anon-rss:96kB, file-rss:32768kB, shmem-rss:0kB [ 521.454891] oom_reaper: reaped process 14309 (syz-executor5), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB 19:57:38 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xa000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:38 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375001660007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:38 executing program 1: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) setsockopt$SO_RDS_TRANSPORT(0xffffffffffffffff, 0x114, 0x8, &(0x7f00000007c0)=0x2, 0x4) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x204000, 0x0) seccomp(0x1, 0x2, &(0x7f0000007ff0)={0x1, &(0x7f0000004fe8)=[{0x6, 0x0, 0x0, 0x50000}]}) ioctl$EVIOCGSW(0xffffffffffffffff, 0x8040451b, &(0x7f0000000340)=""/67) setsockopt$RDS_FREE_MR(r0, 0x114, 0x3, &(0x7f0000000280)={{0xfffffffffffffffe, 0x40}, 0x8}, 0x10) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f00000000c0)="c744240000000000c74424024f000000c7442406000000000f041c24c4427d180508000000c4c245ae08c4e2850108b9800000c00f3235004000000f30d3559e67470f224205c814000066b89d000f00d0c423a95f2518410000e1", 0x5b}], 0x1, 0x0, &(0x7f0000000040), 0x0) ioctl$TIOCMBIS(r0, 0x5416, &(0x7f0000000300)=0x3) ioctl$EVIOCGUNIQ(r0, 0x80404508, &(0x7f0000000180)=""/188) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000003c0)={0x0, @in={{0x2, 0x4e22, @broadcast}}, 0x9, 0x1ff, 0x7fffffff, 0x400, 0x7}, &(0x7f00000002c0)=0xfffffffffffffe3f) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r0, 0x84, 0x17, &(0x7f0000000800)={r1, 0x57, 0x1000, "6695d7a64e7e0f91549e0afe02b7ad165eaff0a425388eb097b4d06555fc953c051702a25efbf4771c421d7770b527789ceb58ad83cdaa711d5e8e98fe58bcf4f5e54f6a746e9a2cd75997e429add8500e85abb9737616ca02723bfd01e6ccf6d3bfe022886b5683ee7e8cd9baf360daf47f9fc9553120496c5a4afaa84a6570eff5ae4b5f87a87504c3a9a9473b8171bc4ad3fb2ac38833c5968586d18e21dfdaae42587d45fe3f82cca72ef12a791afd299bdacd3fa5a6729498e759023e7822f183bd7390ccd7078024f6f16c772b7df153cd28ace1d66b15980f5bf6d1d331cb60c0e9d1efe382d645441af9584c6e0fc24ffa1aeba7f8c8c9d6ec23e5df29c8bc62febceacb6caa4317b282c01275f0db85374cc79f98cd69fdcf461525505809e2ebaacc429cb99c13d22dff744be3dd9e20b05c61ce9d2dc9fbd1b104c85f02e66066a869115e9fc6acbbc402e192a582747d67b744473dbf42df773dd97a9f1160588cf99cf092d9d2b4c9d92481f164dd1a05ff6f4325e88da2ca566cfd95905a0ba7845bc710b40ba922c92111b0e03cce025b77bcbc8e1350858af05bef6f87b872c86fe1b5c5179f12c90fe8f78f7e1f437efb11e0be864340d649eb7203e1929643d25b1c5602563939bb5db09909e0db5f48d0c65654c4a84601674e274f4ac2d185c4e4191f2ad6b90d3ec60d9366668b887b50ea172d7323a2f09479b30d33c78499f5fb73a4a392f599c2f046fe287ab18a5403e6a83ed3801926d6e5bdf7d0fab8dcf15569741c5b9254ffe89b69f5a748fee4240392d14e0490dd6b402c6d066037740a49f78aa6ad152e680baf616b5305a73c8bbf2b98b938f301830fbc564f464077f0f6d6ecc91ec449ef0924ad6c56e7d667f0cff026234f60d29122428cba959eb51b6741c4ab185d057dc5e3e9600f0cc89d18ae717b254fd6fad9b40fa0e53ceca093109c1563e59e83743aaadfb7ace496e689f00b80fad5a332fc88ea9bb2e71d3455e9b5c83402dc039e1c56c5a167c7282f6aa91021b155e023f27a0d91d5356591d46379ebd77d88670b4bb5a84009b1685097445391a5e95830aa41149048704d3ecb62b959b3a55b1c804ffdb11cc6837957368012d630fbd68045705ed4bbc4d4e64e82c79462e693c738e8263ca6e8bc533ed0d77febcbec8c19dd7d4f00e010548bf757e72436cf372497ef292152620f13ea52d61b0caf6ab72afc9e351b733e7040c822a78abf4c15868d15462ff6ac0a6e1632a5dd4a7f2814d6db3cb2cec54400bd3460bf7056b5664fb9e4c644aa0c7e066e8e2482af0ccad1cb7faa53f3efa3b68e3f21f1cfe3c5b329790dafad75bb72981f65cd84b26b76bdba677b54e99b00d512752270783e7d3e8932ea790fd4dc8637cbafd0616ec331e83ae04ae5de240dcd9cdf808d5e166025c18044eb315d9fec6a1dd06255bb0a189a60df15639710a1fa39ee31845566925cc042acf44f9d8500787282a637ead823331360165b711e00c12cd50918a5d52313fb359845991a27caace662bfe049e5aecae6a4366307671bd7a44650a1f2f1758907982a1e6bbd2bcbaac83b821ebb1552551112cd88a560b3516068d01e4e414a242e37991c5f67b1a17efba971d984f594a6d70bd9eedb2ea42ca7a72a4143ab30842c2a3ac1f7e461ff5ed95f91db7213172e68d9e22929ec978afc6338e347f572b273e48e673146d3bc8a16432c73f664c496468bbbb55b195c45aee08bcbb4bb2d22179f2fb80e2d5ae47f4ede03d71452a269202bbedd290cdcdf5ab50599bcd9fec1dc3dc4bc7afeaa71c1d6e32989b4d2d9974ad47d47eba19408a6e1d9eb07c90d2ae4d4a119a289bb7b118876aed1523ba2563e13ea6d601942cd4334126b3c94107acfbeab3f7d36aa868ce60c16ce0125728054276c7049997cf31d784a1fbb38125deb348fc1ef31bcd742604cd07a873d7bc95ce5010598124bd368e743c85f26a623af342495f23490cdebc29a7faf269f9ac8baa2912e2dc2c66c25c3d7c67bf40b217ca8883a95cea3886c50600af91b7c50287f2bc2a1ee5c65ee4a74894de153e936c017d6765387be955afda4db7db8d3e803b90cf036e20d966a73900be4c931f598f77ca6d0cb71f08de288f5e51f5ee73eaac4f9ea82de82e0c6ecd03789aef48b87334da5a9504b181fb3ac208970a478b8206e4b9f9b21d337a71bfc40f304a6090f5c907cdac0193f2f9a5c121e572bbba6f4205d5235081dea72b8add71b569afa8db222581f39d87491082dd40b643eb7ee72bd44ac02391ef6d5d50f31840baa799257b488ec1af42743e1409a211eaf7369cc92fdd2d0f3fac0210047be2439ab73612eda06438a8cfbb03b550a47a8ee69291285dcc24a5c0d025aa9048840f81466fcd02d2bf39d1f3b5cc36e9afec49c67cda6d80e8cd5a4e4b7d3463a4114f7006f3376f0d43c9e42bbb9540e59219a82bf57b1ba64567cfbb47c5adc3d0284dcba1870584fbeaf1071d81fda3b28d655f79c2a4fda6c56e47e3847cf85360c02b0465cc3ef15bccf14aa58c46a7a43185cc32fa687e4f2f346fababbe59465b06432675ff35c76169c38b38695db114ba9fcd8b86ee8a98a6d02d77a9aa9cc35aff49f2949a84fe2b9b4fbb050ff276ffb56e11515384e832c7f7c26149b18fb7116869a83f3731cc0b1c68db18b537d5e7e9516fec9c85d84ca569c2f38ea179de4397427310eaa8f616101f27ddf85cd6b6e17be5a4aa6efb88cb4ce34d5763fe1860234cab0346fcaf39e0533168cb01c8c653d508953ca1db2a056d507fdb49d20604c079e00cab9d8de4d8ce75fe8b3fcd6167b5f4e76df4e4743e9ee864459d761e003f145b6560e880a00c8f1027df037d344cad18c1a615a6f0acb5fc148fd3548f6e9a70cfd640970749372f0fbbae510d169a506d4c12f3abe0201adb6c1d481049dc6dc49b4c7ac1c767247cea6f86ad726a70b35302f2c65a6833c37de60ae54080771abad9b73842baab790bb8bf98131fdd7453b2ffef6a878ba137694c136c2be27a4379d955f3ab31d454e2db57f33672166bad6ea41082d3e78bdc5b15bdce6b4af86fc9150953c4da60223e7e0dee5c6e5fb5b8fa49f38a50643e3a9c7881fb254f743a340f21922421aa5f90a9fc066f3d69d17978acb149c36818c8132caeeeb3b6113bfa299fb866e135a0c299f4789de1289c0ee1639eef78762122c9ba38027f736ad12010c211b21bded064befbadf4e811e66c5c130a9e3d4f27f2694fbb45f1e0c72990599568a0becdaa17a5338a51d677403a567eb8f22af13255f5ae21b50d540c1585f70252afe0051433726f2c931f8318bb727f5b619e897802b0f6b5803ba9e1f6686b8cd05398640b87a32d18087dcf11453aba1b65046a72f09a5a9410e053ceab9fd79b42a08b8e1601d32fb109ee585a441892c95d09fd4ed4fb1fb8db22916302cad5ae549e98b2a20a65d854431edcf4bcb36c29899c1964c5ab6149a8f861c591bf74ab49e2f7b0bdfbb3c6430a9dc9d986c2660722c8188296a15e94aaab3354a55deb69444876b99fdd7407e34fb964568b7b800a98bd08f6946bc81a806b5e1acb81b542f35f62c0b2352e2922450eb6e227516e258e48297aa17e24e95e6345e464a44469b0a352509263625faa291aaeca55a5332863105c65db6a13d010b82fe8905aea226053e5c851a2fc151291b44b6a851bf30f29122fbae7beffa3a81eb74b2e2857f7623627ce61d9ccfafb6ad4684a4c2eaa765f277d7abfa647c0a5c561a695e4464ac42bcbbfdbe3b02167a07526da90c39a86d576d8c7d0e19afd4a106d0041ab5587ec9ea0877df81b56257f496269ea5d1083dd4ec78c9ccfd349aded5f09442032fceae061ade90deb57158d6cc106b196f5aa97ed6921dccd448c72c026bca32975461086f6490273c93661a4118bb2e3a24e68058e276234e7d9dfc041a752fa2ebc3c58baf7d69cb6a704b73d8361e254694fd381d5a8b2f8869ec80707c0d63bfb419cf22686628343580a8aecad8bf05ada53954aebb49342e3966bc46201b004bad299f13371da20a2ca5d8d3183f68a736517f3f2f663371879f404e5956e42b585ec3edbaa77f6f6642a38be8bc68153da7a7bb89572799bd49e0521b6898dec23b1c148f30bcb1fd85ae1aa56d9b1c2c22e83a0267bd3e785f723d32d9f90f94813428014754cc163c5c1e6ff69e3071c144e4ba3ba2106fc9f81e2caefa5128971a801d44dcc9e87b9ad651096bb868039392bae76e53b9f3fe0b7bb855e04ec060beb29d731cb57cb46757e5c16a92341dbf7670261e903be77640736c12b6cc231939bce83f33495fd189c93272df1fa7a6c81d6a9aeb565294738355ef719ad18a81eca1b4ea74aada91f6ad6a684e1a78471dbc79bdeb42aca2183d39a83b7ebd66734addba09f5268cdc9da852630a4ccc5371d24022d1e4f76a22fbcb873ced61a47c16ca6c21d8f9713832c13f93213304ecc60a7177c9940ef38d10df3851a82fb27bcb437be519781e3a1cc4469e1219356a54238aed772a87cbdd7e4c047eb9100ffea85204602d8874fe8fbcb51376f9375195b28081ebdcbbcd4070fa9100c046d25a705d11a486a64b8c1424dd745e46282cdf46190dc56976a306aa0dc139dbfcc52da779d326e15e5cda0f9254a44421d0310ce521cfc9e172b6d321ce65bc452ee1b97f7e47598a7f99214ed39abd30c88b63005877388dbeaf865b39764167fcc26c03cd2dd4c603b89e5ec9b3ceb7563edd72e558b5daccdf42b4da84d7bad6a671e6c7ffbe918bb1a20ce31147e2d47e24c8779f623401e0741837c3bd451959f0093dff1f34e9e1c81de90e68973ae82e3cb9255202e4a7fa4a683a6c6eb93b50889abc99c7648ef39bdd5eebe187899b0119c4cc63bcd87ebcb424620f2df6a22de0d1be1c5cbd7b6ab22b98ae3ef7ab5a4459e1d3c27d765d93e65f79f5209a3de901196274fbfa52b99a7d90b3ac8cc5a98249e167a0a35499265bccd74784b3b529f18b5fdd0812cb00b23b6f035f8173e3bb639285dc57e720ba807eeea0038352408a2557710fc3ded4863e4d0e6779cf70f1a400b7652a9d8239ca9edd6c6c11e03c2150696dca8d2f3566083e2558ae7b9526c26b3bd2e6694a6bbd96c23350eaeaf88b56b2daf91513a14de7e453d9b58bb5a4ea5ef422449041a608eefbea7e81dba8a89283d1af1498adcd735f2d70ba057363b4be9ef8dd41157a25ea238da01d5cee1707e1f757b066de68c6d364d44522f467e6bb18f5d7ad15779ec2162f6d08a5d12e866485e111ed0d50dc9d45594a1f20e7c8f504d017f11c93771a2066e4b17a4959f1d1f1beb5a9317711f99bc6a429053566c00b98c605e4e39f0d2806b3bd8a037a7f56c4beaf3b800770d7635cc222dafe5b8e73638c0ae7e24a1f489952501e715032fe708cdf3f1f81fa20e871cf0ab12ef69b5eb2ed1f1bfc05c9dd2bc471c5af1811b7ea31d5878342cb5e2ba7a68af5620d82114b390cd86f3655bfe01608397c78a3b892fc325da0cbad2418973e43f45acc652cac643524d7f2bef9b2520d1ca5a6606633773c316104e209c438abd604b09ba033f47373a3d22d688c554f1c1f87607d9ffe5a805f11c99cde9ccefe214da5688565f086e72ed8782d9ded73fc768d1601f71810e221dc95ebcc7eded11b2b0c701086272267082e505f30edff54aa42e679fec8612e19b4b5c7ab0d41"}, 0x1008) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000080)) ioctl$ASHMEM_SET_SIZE(r0, 0x40047703, 0x1) setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f0000000240)=0xffffffffffffffff, 0x4) getsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f0000000040), 0x4) 19:57:38 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b420293820ec9fb3780398d5375000060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:38 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375001160007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:38 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) r2 = dup2(r1, r1) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000001c0)={0xffffffffffffffff}, 0x4a76858ce94c32b8, 0xf}}, 0x20) write$RDMA_USER_CM_CMD_DESTROY_ID(r2, &(0x7f0000000400)={0x1, 0x10, 0xfa00, {&(0x7f0000000100), r3}}, 0x18) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 521.770912] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0 [ 521.800164] syz-executor5 cpuset=syz5 mems_allowed=0 [ 521.813993] CPU: 1 PID: 14346 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 521.821307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 521.830672] Call Trace: [ 521.833280] dump_stack+0x1c4/0x2b4 [ 521.836934] ? dump_stack_print_info.cold.2+0x52/0x52 [ 521.842159] ? mark_held_locks+0x130/0x130 [ 521.846408] ? mark_held_locks+0x130/0x130 [ 521.850661] dump_header+0x27b/0xf72 [ 521.854403] ? pagefault_out_of_memory+0x197/0x197 [ 521.859349] ? check_preemption_disabled+0x48/0x200 [ 521.864378] ? check_preemption_disabled+0x48/0x200 [ 521.869419] ? graph_lock+0x170/0x170 [ 521.873246] ? graph_lock+0x170/0x170 [ 521.877069] ? print_usage_bug+0xc0/0xc0 [ 521.881152] ? find_held_lock+0x36/0x1c0 [ 521.885229] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 521.890788] ? find_held_lock+0x36/0x1c0 [ 521.894886] ? mark_held_locks+0xc7/0x130 [ 521.899049] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 521.904183] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 521.909326] ? lockdep_hardirqs_on+0x421/0x5c0 [ 521.913924] ? trace_hardirqs_on+0xbd/0x310 [ 521.918263] ? kasan_check_read+0x11/0x20 [ 521.922426] ? ___ratelimit+0x36f/0x655 [ 521.926417] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 521.931882] ? trace_hardirqs_on+0x310/0x310 [ 521.936308] ? lock_downgrade+0x900/0x900 [ 521.940482] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 521.945636] ? ___ratelimit+0xaa/0x655 [ 521.949554] ? idr_get_free+0xec0/0xec0 [ 521.953555] ? kasan_check_write+0x14/0x20 [ 521.957809] ? do_raw_spin_lock+0xc1/0x200 [ 521.962072] oom_kill_process.cold.27+0x10/0x903 [ 521.966852] ? kasan_check_write+0x14/0x20 [ 521.971115] ? do_raw_spin_lock+0xc1/0x200 [ 521.975423] ? oom_evaluate_task+0x540/0x540 [ 521.979862] ? cgroup_procs_next+0x70/0x70 [ 521.984113] ? _raw_spin_unlock_irq+0x60/0x80 [ 521.988622] ? oom_badness+0xaa0/0xaa0 [ 521.992537] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 521.997308] ? mem_cgroup_iter_break+0x30/0x30 [ 522.001927] ? mark_held_locks+0xc7/0x130 [ 522.006096] out_of_memory+0xa84/0x1430 [ 522.010096] ? lockdep_hardirqs_on+0x421/0x5c0 [ 522.014687] ? kasan_check_read+0x11/0x20 [ 522.018848] ? oom_killer_disable+0x3a0/0x3a0 [ 522.023351] ? kasan_check_write+0x14/0x20 [ 522.027598] ? do_raw_spin_lock+0xc1/0x200 [ 522.031862] mem_cgroup_out_of_memory+0x15e/0x210 [ 522.036724] ? memcg_memory_event+0x40/0x40 [ 522.041065] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 522.046016] ? page_counter_try_charge+0x1c1/0x220 [ 522.050959] try_charge+0xc43/0x1690 [ 522.054718] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 522.060785] ? tcp_sendmsg+0x2f/0x50 [ 522.064535] ? sock_sendmsg+0xd5/0x120 [ 522.068439] ? __sys_sendto+0x3d7/0x670 [ 522.072427] ? graph_lock+0x170/0x170 [ 522.076242] ? graph_lock+0x170/0x170 [ 522.080065] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 522.085623] ? check_preemption_disabled+0x48/0x200 [ 522.090658] ? check_preemption_disabled+0x48/0x200 [ 522.095703] ? mark_held_locks+0xc7/0x130 [ 522.099875] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 522.104817] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 522.109762] ? lockdep_hardirqs_on+0x421/0x5c0 [ 522.114357] ? rcu_read_lock_sched_held+0x108/0x120 [ 522.119387] ? __sk_mem_raise_allocated+0x642/0x1800 [ 522.124505] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 522.129987] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 522.135546] ? check_preemption_disabled+0x48/0x200 [ 522.140588] mem_cgroup_charge_skmem+0x1e4/0x390 [ 522.145359] ? mem_cgroup_sk_free+0x90/0x90 [ 522.149706] __sk_mem_raise_allocated+0x642/0x1800 [ 522.154656] ? sk_busy_loop_end+0x1c0/0x1c0 [ 522.158991] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 522.164561] ? alloc_pages_current+0x114/0x210 [ 522.169169] ? skb_page_frag_refill+0x1eb/0x6a0 [ 522.173849] ? sock_kzfree_s+0x60/0x60 [ 522.177755] ? _copy_from_iter_full+0x2b3/0xd20 [ 522.182439] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 522.187473] ? tcp_rate_check_app_limited+0x121/0x460 [ 522.192677] ? iov_iter_advance+0x1460/0x1460 [ 522.197190] __sk_mem_schedule+0x6d/0xe0 [ 522.201271] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 522.206830] tcp_sendmsg_locked+0x1c86/0x3f00 [ 522.211366] ? tcp_sendpage+0x60/0x60 [ 522.215179] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 522.220641] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 522.226189] ? check_preemption_disabled+0x48/0x200 [ 522.231214] ? smack_netlabel+0xda/0x180 [ 522.235286] ? smack_netlabel+0xda/0x180 [ 522.239365] ? find_held_lock+0x36/0x1c0 [ 522.243440] ? mark_held_locks+0xc7/0x130 [ 522.247601] ? __local_bh_enable_ip+0x160/0x260 [ 522.252294] ? __local_bh_enable_ip+0x160/0x260 [ 522.256977] ? trace_hardirqs_on+0xbd/0x310 [ 522.261322] ? lock_release+0x970/0x970 [ 522.265305] ? lock_sock_nested+0xe2/0x120 [ 522.269559] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 522.275021] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 522.280573] ? check_preemption_disabled+0x48/0x200 [ 522.285604] ? lock_sock_nested+0x9a/0x120 [ 522.289850] ? lock_sock_nested+0x9a/0x120 [ 522.294107] ? __local_bh_enable_ip+0x160/0x260 [ 522.298799] tcp_sendmsg+0x2f/0x50 [ 522.302356] inet_sendmsg+0x1a1/0x690 [ 522.306170] ? ipip_gro_receive+0x100/0x100 [ 522.310501] ? smack_socket_sendmsg+0x150/0x190 [ 522.315190] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 522.320740] ? security_socket_sendmsg+0x94/0xc0 [ 522.325510] ? ipip_gro_receive+0x100/0x100 [ 522.329853] sock_sendmsg+0xd5/0x120 [ 522.333582] __sys_sendto+0x3d7/0x670 [ 522.337408] ? __ia32_sys_getpeername+0xb0/0xb0 [ 522.342092] ? lock_release+0x970/0x970 [ 522.346080] ? arch_local_save_flags+0x40/0x40 [ 522.350687] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 522.356179] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 522.361733] ? put_timespec64+0x10f/0x1b0 [ 522.365893] ? nsecs_to_jiffies+0x30/0x30 [ 522.370062] ? do_syscall_64+0x9a/0x820 [ 522.374054] ? do_syscall_64+0x9a/0x820 [ 522.378055] ? lockdep_hardirqs_on+0x421/0x5c0 [ 522.382652] ? trace_hardirqs_on+0xbd/0x310 [ 522.386983] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 522.392540] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 522.397921] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 522.403386] __x64_sys_sendto+0xe1/0x1a0 [ 522.407466] do_syscall_64+0x1b9/0x820 [ 522.411361] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 522.416739] ? syscall_return_slowpath+0x5e0/0x5e0 [ 522.421678] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 522.426540] ? trace_hardirqs_on_caller+0x310/0x310 [ 522.431575] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 522.436611] ? prepare_exit_to_usermode+0x291/0x3b0 [ 522.441646] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 522.446501] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 522.451716] RIP: 0033:0x457579 [ 522.454920] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 522.473826] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 522.481547] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 522.488821] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 522.496108] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 522.503378] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 522.510652] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff [ 522.528995] audit: type=1326 audit(1538510259.228:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14351 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=228 compat=0 ip=0x45a3da code=0x50000 19:57:39 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375000e60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 522.571667] audit: type=1326 audit(1538510259.228:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14351 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 522.592175] Task in /syz5 killed as a result of limit of /syz5 [ 522.598420] memory: usage 204800kB, limit 204800kB, failcnt 434735 [ 522.605034] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 522.612018] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 19:57:39 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375003f60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 522.625150] Memory cgroup stats for /syz5: cache:32KB rss:2272KB rss_huge:2048KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2204KB inactive_file:0KB active_file:0KB unevictable:0KB [ 522.650187] Memory cgroup out of memory: Kill process 14345 (syz-executor5) score 171 or sacrifice child [ 522.660447] audit: type=1326 audit(1538510259.228:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14351 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 19:57:39 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d53750e0060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 522.710627] audit: type=1326 audit(1538510259.238:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14351 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 522.734927] Killed process 14345 (syz-executor5) total-vm:70472kB, anon-rss:2144kB, file-rss:32832kB, shmem-rss:0kB [ 522.746344] audit: type=1326 audit(1538510259.238:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14351 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 522.763535] oom_reaper: reaped process 14345 (syz-executor5), now anon-rss:0kB, file-rss:32064kB, shmem-rss:0kB 19:57:39 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xfeffffff00000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) [ 522.816051] audit: type=1326 audit(1538510259.238:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14351 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 19:57:39 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375003660007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:39 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375003f60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:39 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) socketpair(0x1e, 0x1, 0x0, &(0x7f0000000140)={0x0, 0x0}) close(r2) ioctl$sock_SIOCGSKNS(r3, 0x894c, &(0x7f0000000480)) ioctl$sock_FIOSETOWN(r2, 0xb703, &(0x7f0000004b00)) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:39 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d53755a0060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 522.902694] audit: type=1326 audit(1538510259.238:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14351 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 522.978275] audit: type=1326 audit(1538510259.238:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14351 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 523.028004] audit: type=1326 audit(1538510259.238:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14351 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 [ 523.031937] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0 19:57:39 executing program 1: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$sock_buf(r2, 0x1, 0x3f, &(0x7f0000000640)=""/4096, &(0x7f0000000500)=0x1000) clock_getres(0x5, &(0x7f00000002c0)) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') r3 = accept$inet(0xffffffffffffff9c, &(0x7f0000000100)={0x2, 0x0, @rand_addr}, &(0x7f00000001c0)=0x10) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r3, 0x84, 0x6e, &(0x7f0000000400)=[@in={0x2, 0x4e22, @broadcast}, @in={0x2, 0x4e21, @rand_addr=0x1f}, @in={0x2, 0x4e21, @rand_addr=0x1}, @in6={0xa, 0x4e24, 0x3, @remote, 0x1f}, @in={0x2, 0x4e24, @multicast1}, @in={0x2, 0x4e23, @local}], 0x6c) [ 523.050469] audit: type=1326 audit(1538510259.248:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=14351 comm="syz-executor1" exe="/root/syz-executor1" sig=0 arch=c000003e syscall=202 compat=0 ip=0x457579 code=0x50000 19:57:39 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375001160007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 523.141112] syz-executor5 cpuset=syz5 mems_allowed=0 [ 523.149347] CPU: 1 PID: 14382 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 523.156727] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 523.166097] Call Trace: [ 523.168701] dump_stack+0x1c4/0x2b4 [ 523.172340] ? dump_stack_print_info.cold.2+0x52/0x52 [ 523.177571] dump_header+0x27b/0xf72 [ 523.181310] ? mark_held_locks+0x130/0x130 [ 523.185558] ? pagefault_out_of_memory+0x197/0x197 [ 523.185576] ? check_preemption_disabled+0x48/0x200 [ 523.185591] ? check_preemption_disabled+0x48/0x200 [ 523.185617] ? graph_lock+0x170/0x170 [ 523.185637] ? graph_lock+0x170/0x170 [ 523.185652] ? print_usage_bug+0xc0/0xc0 [ 523.185674] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 523.185692] ? find_held_lock+0x36/0x1c0 [ 523.185713] ? mark_held_locks+0xc7/0x130 [ 523.185729] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 523.185747] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 523.195693] ? lockdep_hardirqs_on+0x421/0x5c0 [ 523.195711] ? trace_hardirqs_on+0xbd/0x310 [ 523.195723] ? kasan_check_read+0x11/0x20 [ 523.195739] ? ___ratelimit+0x36f/0x655 [ 523.195758] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 523.249376] ? trace_hardirqs_on+0x310/0x310 [ 523.249395] ? lock_downgrade+0x900/0x900 [ 523.249416] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 523.258847] ? ___ratelimit+0xaa/0x655 [ 523.258866] ? idr_get_free+0xec0/0xec0 [ 523.258880] ? kasan_check_write+0x14/0x20 [ 523.258897] ? do_raw_spin_lock+0xc1/0x200 19:57:39 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375006260007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:39 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375040060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 523.258944] oom_kill_process.cold.27+0x10/0x903 [ 523.258969] ? kasan_check_write+0x14/0x20 [ 523.258993] ? do_raw_spin_lock+0xc1/0x200 [ 523.259013] ? oom_evaluate_task+0x540/0x540 [ 523.259059] ? cgroup_procs_next+0x70/0x70 [ 523.289036] ? _raw_spin_unlock_irq+0x60/0x80 [ 523.289055] ? oom_badness+0xaa0/0xaa0 [ 523.289074] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 523.289101] ? mem_cgroup_iter_break+0x30/0x30 [ 523.328683] ? mark_held_locks+0xc7/0x130 [ 523.332851] out_of_memory+0xa84/0x1430 [ 523.336842] ? lockdep_hardirqs_on+0x421/0x5c0 19:57:40 executing program 1: perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) stat(&(0x7f0000000480)='./bus\x00', &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchownat(r0, &(0x7f0000000300)='\x00', 0x0, r1, 0x1100) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@dev, @in6=@ipv4={[], [], @loopback}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @multicast1}}, 0x0, @in6=@dev}}, &(0x7f0000000280)=0xe8) sendto(r0, &(0x7f0000000000)="cea8e6ebbba4c895a62c39b0986671cd3b598ef9a1947df473a20c4c9b64db836107343600829da91e7652203d9cf79dc56c142361e7614bdd", 0x39, 0x4008000, &(0x7f0000000340)=@hci={0x1f, r2, 0x3}, 0x80) [ 523.341438] ? kasan_check_read+0x11/0x20 [ 523.345601] ? oom_killer_disable+0x3a0/0x3a0 [ 523.350119] ? kasan_check_write+0x14/0x20 [ 523.354364] ? do_raw_spin_lock+0xc1/0x200 [ 523.358624] mem_cgroup_out_of_memory+0x15e/0x210 [ 523.363480] ? memcg_memory_event+0x40/0x40 [ 523.367824] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 523.372691] ? page_counter_try_charge+0x1c1/0x220 [ 523.377640] try_charge+0xc43/0x1690 [ 523.381394] ? lock_downgrade+0x900/0x900 [ 523.385559] ? check_preemption_disabled+0x48/0x200 [ 523.390604] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 523.396672] ? find_held_lock+0x36/0x1c0 [ 523.400739] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 523.405597] ? lock_downgrade+0x900/0x900 [ 523.409750] ? check_preemption_disabled+0x48/0x200 [ 523.414771] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 523.420571] ? kasan_check_read+0x11/0x20 [ 523.424707] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 523.429982] ? rcu_bh_qs+0xc0/0xc0 [ 523.433526] ? get_mem_cgroup_from_mm+0x206/0x440 [ 523.438362] memcg_kmem_charge_memcg+0x7c/0x120 [ 523.443041] ? memcg_kmem_put_cache+0xb0/0xb0 [ 523.447567] ? __put_compound_page+0xe0/0xe0 [ 523.451981] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 523.457529] memcg_kmem_charge+0x135/0x300 [ 523.461756] __alloc_pages_nodemask+0x72e/0xde0 [ 523.466413] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 523.471941] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 523.476950] ? do_huge_pmd_anonymous_page+0x45e/0x17e0 [ 523.482244] ? __lock_acquire+0x7ec/0x4ec0 [ 523.486471] ? __thp_get_unmapped_area+0x180/0x180 [ 523.491416] ? mark_held_locks+0x130/0x130 [ 523.495637] ? mark_held_locks+0x130/0x130 [ 523.499877] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 523.505418] alloc_pages_current+0x10c/0x210 [ 523.509833] pte_alloc_one+0x1b/0x1a0 [ 523.513633] __pte_alloc+0x2a/0x350 [ 523.517248] __handle_mm_fault+0x41f5/0x53e0 [ 523.521649] ? vmf_insert_mixed_mkwrite+0xa0/0xa0 [ 523.526502] ? graph_lock+0x170/0x170 [ 523.530306] ? check_preemption_disabled+0x48/0x200 [ 523.535332] ? print_usage_bug+0xc0/0xc0 [ 523.539416] ? graph_lock+0x170/0x170 [ 523.543239] ? graph_lock+0x170/0x170 [ 523.547042] ? graph_lock+0x170/0x170 [ 523.550838] ? handle_mm_fault+0x42a/0xc70 [ 523.555059] ? lock_downgrade+0x900/0x900 [ 523.559200] ? check_preemption_disabled+0x48/0x200 [ 523.564208] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 523.570005] ? kasan_check_read+0x11/0x20 [ 523.574162] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 523.579448] ? rcu_bh_qs+0xc0/0xc0 [ 523.582991] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 523.588447] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 523.593999] ? check_preemption_disabled+0x48/0x200 [ 523.599008] handle_mm_fault+0x54f/0xc70 [ 523.603068] ? __handle_mm_fault+0x53e0/0x53e0 [ 523.607845] ? find_vma+0x34/0x190 [ 523.611386] __do_page_fault+0x67d/0xed0 [ 523.615442] ? mm_fault_error+0x380/0x380 [ 523.619601] ? trace_hardirqs_off+0xb8/0x310 [ 523.624006] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 523.629375] ? trace_hardirqs_on+0x310/0x310 [ 523.633785] do_page_fault+0xf2/0x7e0 [ 523.637586] ? vmalloc_sync_all+0x30/0x30 [ 523.641737] ? error_entry+0x70/0xd0 [ 523.645450] ? trace_hardirqs_off_caller+0xbb/0x310 [ 523.650463] ? trace_hardirqs_on_caller+0xc0/0x310 [ 523.655415] ? syscall_return_slowpath+0x5e0/0x5e0 [ 523.660343] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 523.665213] ? trace_hardirqs_on_caller+0x310/0x310 [ 523.670223] ? trace_hardirqs_off+0x310/0x310 [ 523.674720] ? prepare_exit_to_usermode+0x291/0x3b0 [ 523.679726] ? page_fault+0x8/0x30 [ 523.683258] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 523.688098] ? page_fault+0x8/0x30 [ 523.691699] page_fault+0x1e/0x30 [ 523.695187] RIP: 0033:0x4004d1 [ 523.698381] Code: d3 e6 0f b6 c2 f7 d6 40 22 37 d3 e0 09 f0 88 07 e9 5a 01 00 00 48 8b 44 24 10 48 0b 44 24 28 75 11 48 8b 44 24 08 8b 54 24 20 <66> 89 10 e9 3d 01 00 00 8a 4c 24 28 b8 01 00 00 00 8b 54 24 20 48 [ 523.717290] RSP: 002b:00007ffd1aecd670 EFLAGS: 00010246 [ 523.722647] RAX: 0000000020e68000 RBX: 000000000072c900 RCX: 0000000000000000 [ 523.729905] RDX: 0000000000000002 RSI: 0000000000000000 RDI: 000000000213f848 19:57:40 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000100)='/dev/qat_adf_ctl\x00', 0x200000, 0x0) ioctl$SG_GET_SCSI_ID(r2, 0x2276, &(0x7f00000001c0)) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 523.737162] RBP: fffffffffffffffe R08: 0000000000000000 R09: 0000000000000000 [ 523.744417] R10: 00007ffd1aecd770 R11: 0000000000000246 R12: 000000000072bfac [ 523.751682] R13: 00000000000003e8 R14: 000000000007fafa R15: 000000000007facd [ 523.761441] Task in /syz5 killed as a result of limit of /syz5 [ 523.768146] memory: usage 204796kB, limit 204800kB, failcnt 434750 [ 523.774495] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 523.781326] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 523.787552] Memory cgroup stats for /syz5: cache:32KB rss:2136KB rss_huge:2048KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2164KB inactive_file:0KB active_file:0KB unevictable:0KB [ 523.808139] Memory cgroup out of memory: Kill process 14382 (syz-executor5) score 171 or sacrifice child [ 523.817906] Killed process 14382 (syz-executor5) total-vm:70472kB, anon-rss:2144kB, file-rss:32768kB, shmem-rss:0kB [ 523.829831] oom_reaper: reaped process 14382 (syz-executor5), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB 19:57:40 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375360060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:40 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x80550000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:40 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d53750e0060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:40 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375001660007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:40 executing program 1: socketpair(0x9, 0xe, 0x5, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$bt_l2cap(r0, &(0x7f0000000240)={0x1f, 0xe6c6, {0x0, 0x800, 0x1, 0xfffffffffffffffa, 0x4, 0x4}, 0x3ff, 0x9}, 0xe) lsetxattr$trusted_overlay_origin(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.origin\x00', &(0x7f0000000080)='y\x00', 0x2, 0x2) syz_mount_image$jfs(&(0x7f0000000140)='jfs\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1, &(0x7f0000000480)=[{&(0x7f00000001c0), 0x0, 0x4000000000000}], 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="67a4aaab5d7e7913"]) r1 = syz_init_net_socket$llc(0x1a, 0x3, 0x0) accept4(r1, &(0x7f00000000c0)=@sco, &(0x7f00000001c0)=0x80, 0x800) 19:57:40 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) socketpair$inet_sctp(0x2, 0x1, 0x84, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000400)={0x0, 0x1}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r2, 0x84, 0x7c, &(0x7f00000004c0)={r3, 0x4, 0xffffffff}, &(0x7f0000000500)=0x8) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) pipe2(&(0x7f0000000100)={0xffffffffffffffff}, 0x800) ioctl$PIO_UNISCRNMAP(r4, 0x4b6a, &(0x7f00000001c0)="185fc5a2898e7480bf07a604f0f06444f2dcd54945025cf0f38ede095e2d4c4d183f12a56feaace200767fe5280c1c7f6e53df") lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') [ 524.071167] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0 [ 524.085484] syz-executor5 cpuset=syz5 mems_allowed=0 [ 524.090794] CPU: 1 PID: 14440 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 524.098074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 524.098080] Call Trace: [ 524.098112] dump_stack+0x1c4/0x2b4 [ 524.098134] ? dump_stack_print_info.cold.2+0x52/0x52 19:57:40 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375005a60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 524.098153] ? mark_held_locks+0x130/0x130 [ 524.098168] ? mark_held_locks+0x130/0x130 [ 524.098188] dump_header+0x27b/0xf72 [ 524.098215] ? pagefault_out_of_memory+0x197/0x197 [ 524.098233] ? check_preemption_disabled+0x48/0x200 [ 524.098248] ? check_preemption_disabled+0x48/0x200 [ 524.098273] ? graph_lock+0x170/0x170 [ 524.098296] ? graph_lock+0x170/0x170 [ 524.098313] ? print_usage_bug+0xc0/0xc0 [ 524.098331] ? find_held_lock+0x36/0x1c0 [ 524.141212] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 524.157864] ? find_held_lock+0x36/0x1c0 19:57:40 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375360060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 524.157893] ? mark_held_locks+0xc7/0x130 [ 524.173577] jfs: Unrecognized mount option "g¤ª«]~y" or missing value [ 524.175676] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 524.175693] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 524.175711] ? lockdep_hardirqs_on+0x421/0x5c0 [ 524.175729] ? trace_hardirqs_on+0xbd/0x310 [ 524.175743] ? kasan_check_read+0x11/0x20 [ 524.175759] ? ___ratelimit+0x36f/0x655 [ 524.175783] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 524.209663] ? trace_hardirqs_on+0x310/0x310 [ 524.219512] ? lock_downgrade+0x900/0x900 [ 524.223695] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 524.228819] ? ___ratelimit+0xaa/0x655 [ 524.232729] ? idr_get_free+0xec0/0xec0 [ 524.236715] ? kasan_check_write+0x14/0x20 [ 524.240965] ? do_raw_spin_lock+0xc1/0x200 [ 524.245231] oom_kill_process.cold.27+0x10/0x903 [ 524.250006] ? kasan_check_write+0x14/0x20 [ 524.254267] ? do_raw_spin_lock+0xc1/0x200 [ 524.258538] ? oom_evaluate_task+0x540/0x540 [ 524.262988] ? cgroup_procs_next+0x70/0x70 [ 524.267268] ? _raw_spin_unlock_irq+0x60/0x80 [ 524.271782] ? oom_badness+0xaa0/0xaa0 [ 524.275686] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 524.280459] ? mem_cgroup_iter_break+0x30/0x30 [ 524.285074] ? mark_held_locks+0xc7/0x130 [ 524.289236] out_of_memory+0xa84/0x1430 [ 524.293233] ? lockdep_hardirqs_on+0x421/0x5c0 [ 524.297835] ? kasan_check_read+0x11/0x20 [ 524.301976] ? oom_killer_disable+0x3a0/0x3a0 [ 524.306483] ? kasan_check_write+0x14/0x20 [ 524.310717] ? do_raw_spin_lock+0xc1/0x200 [ 524.314962] mem_cgroup_out_of_memory+0x15e/0x210 [ 524.319815] ? memcg_memory_event+0x40/0x40 [ 524.324139] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 524.329059] ? page_counter_try_charge+0x1c1/0x220 [ 524.333990] try_charge+0xc43/0x1690 [ 524.337713] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 524.343771] ? tcp_sendmsg+0x2f/0x50 [ 524.347491] ? sock_sendmsg+0xd5/0x120 [ 524.351365] ? __sys_sendto+0x3d7/0x670 [ 524.355330] ? __x64_sys_sendto+0xe1/0x1a0 [ 524.359584] ? do_syscall_64+0x1b9/0x820 [ 524.363646] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 524.368996] ? graph_lock+0x170/0x170 [ 524.372805] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 524.378372] ? check_preemption_disabled+0x48/0x200 [ 524.383376] ? check_preemption_disabled+0x48/0x200 [ 524.388400] ? mark_held_locks+0xc7/0x130 [ 524.392603] ? __lock_is_held+0xb5/0x140 [ 524.396666] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 524.401585] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 524.406521] ? lockdep_hardirqs_on+0x421/0x5c0 [ 524.411124] ? __sk_mem_raise_allocated+0x642/0x1800 [ 524.416217] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 524.421657] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 524.427183] ? check_preemption_disabled+0x48/0x200 [ 524.432204] mem_cgroup_charge_skmem+0x1e4/0x390 [ 524.436966] ? mem_cgroup_sk_free+0x90/0x90 [ 524.441310] __sk_mem_raise_allocated+0x642/0x1800 [ 524.446251] ? sk_busy_loop_end+0x1c0/0x1c0 [ 524.450570] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 524.455586] ? skb_page_frag_refill+0x1eb/0x6a0 [ 524.460247] ? sock_kzfree_s+0x60/0x60 [ 524.464126] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 524.469164] ? sk_stream_alloc_skb+0x34b/0x970 [ 524.473736] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 524.478753] ? skb_entail+0x618/0x8c0 [ 524.482549] ? tcp_rate_check_app_limited+0x121/0x460 [ 524.487741] ? tcp_splice_data_recv+0x1b0/0x1b0 [ 524.492419] __sk_mem_schedule+0x6d/0xe0 [ 524.496480] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 524.502018] tcp_sendmsg_locked+0x1c86/0x3f00 [ 524.506602] ? tcp_sendpage+0x60/0x60 [ 524.510393] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 524.515836] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 524.521361] ? check_preemption_disabled+0x48/0x200 [ 524.526375] ? smack_netlabel+0xda/0x180 [ 524.530442] ? smack_netlabel+0xda/0x180 [ 524.534505] ? find_held_lock+0x36/0x1c0 [ 524.538571] ? mark_held_locks+0xc7/0x130 [ 524.542736] ? __local_bh_enable_ip+0x160/0x260 [ 524.547400] ? __local_bh_enable_ip+0x160/0x260 [ 524.552059] ? trace_hardirqs_on+0xbd/0x310 [ 524.556369] ? lock_release+0x970/0x970 [ 524.560333] ? lock_sock_nested+0xe2/0x120 [ 524.564570] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 524.570026] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 524.575569] ? check_preemption_disabled+0x48/0x200 [ 524.580593] ? lock_sock_nested+0x9a/0x120 [ 524.584835] ? lock_sock_nested+0x9a/0x120 [ 524.589074] ? __local_bh_enable_ip+0x160/0x260 [ 524.593751] tcp_sendmsg+0x2f/0x50 [ 524.597296] inet_sendmsg+0x1a1/0x690 [ 524.601105] ? ipip_gro_receive+0x100/0x100 [ 524.605416] ? smack_socket_sendmsg+0x150/0x190 [ 524.610074] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 524.615609] ? security_socket_sendmsg+0x94/0xc0 [ 524.620355] ? ipip_gro_receive+0x100/0x100 [ 524.624683] sock_sendmsg+0xd5/0x120 [ 524.628400] __sys_sendto+0x3d7/0x670 [ 524.632213] ? __ia32_sys_getpeername+0xb0/0xb0 [ 524.636874] ? lock_release+0x970/0x970 [ 524.640860] ? arch_local_save_flags+0x40/0x40 [ 524.645445] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 524.650904] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 524.656453] ? put_timespec64+0x10f/0x1b0 [ 524.660605] ? nsecs_to_jiffies+0x30/0x30 [ 524.664754] ? do_syscall_64+0x9a/0x820 [ 524.668752] ? do_syscall_64+0x9a/0x820 [ 524.672740] ? lockdep_hardirqs_on+0x421/0x5c0 [ 524.677323] ? trace_hardirqs_on+0xbd/0x310 [ 524.681634] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 524.687162] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 524.692515] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 524.697971] __x64_sys_sendto+0xe1/0x1a0 [ 524.702034] do_syscall_64+0x1b9/0x820 [ 524.705913] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 524.711268] ? syscall_return_slowpath+0x5e0/0x5e0 [ 524.716196] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 524.721029] ? trace_hardirqs_on_caller+0x310/0x310 [ 524.726040] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 524.731073] ? prepare_exit_to_usermode+0x291/0x3b0 [ 524.736136] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 524.740994] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 524.746182] RIP: 0033:0x457579 [ 524.749365] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 524.768254] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 524.775951] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 524.783207] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 524.790492] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 524.797764] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 524.805034] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff [ 524.827276] Task in /syz5 killed as a result of limit of /syz5 [ 524.833417] memory: usage 204800kB, limit 204800kB, failcnt 434772 [ 524.850061] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 524.867920] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 19:57:41 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d53750a0060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 524.894937] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:156KB inactive_file:0KB active_file:0KB unevictable:0KB 19:57:41 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375001160007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:41 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375620060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 524.944955] Memory cgroup out of memory: Kill process 14439 (syz-executor5) score 161 or sacrifice child [ 524.954674] Killed process 14439 (syz-executor5) total-vm:70472kB, anon-rss:96kB, file-rss:32832kB, shmem-rss:0kB 19:57:41 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) r2 = syz_open_dev$usb(&(0x7f00000007c0)='/dev/bus/usb/00#/00#\x00', 0x6, 0x12000) bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000002c0)={r2, 0x28, &(0x7f00000001c0)}, 0x10) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) fstat(r2, &(0x7f0000000cc0)={0x0, 0x0, 0x0, 0x0, 0x0}) syz_mount_image$xfs(&(0x7f00000004c0)='xfs\x00', &(0x7f0000000500)='./file0\x00', 0x3, 0x8, &(0x7f0000000c00)=[{&(0x7f0000000540)="b51b16331045609aad8da8479b31da5411753c6e4f7402ccb053748f287ff3663d71007d9f157cd32efd212bd37a30c92044ef390c4d91f66c78381411", 0x3d, 0x100}, {&(0x7f0000000ec0)="ca1ce4b6da1604951a61c0d9af32d83892a8b7d5895bb878fed85107f06324115330531e4a52b0fb43faa5ff2c9a851e41fb327feddb3a065b521dc08fdccc6ccefc36827d238bc8a2ba61052a31bc5936fc56d99fa8c8f34db12e8c50ba04200cd1a0b086113463f696e682cc7d1da99fb89913fa000462b781fb2a1a8a48067961856af908ebe5762c909091930f0bd380e8440399ffd03831e42a9ed2b0b4da4b0e77d6c25a0b507d8edf13d6052a0808bdee5edaede31745b9048d0649d76867d12c8f5e6d1aedd6ad78d182c5e6645ec6de8c1687b09c1f4fc1026e707c95e5fb9ba583b46d2682fa54dc90cb177f241593357b756b93", 0xf9, 0x1c0000000}, {&(0x7f0000000880)="c95d05ffb6346bd8f69fce8197ae5ba73891e80e09566eea1c7c1c3589781368900c80f84801d9b875eba3f859d139b95912fa648e91ac93cdbcd57ce4ad27ad6e97b7643c9c7a9c3ead604196212725543f64430fc96ea1e3865bf0ad32f8", 0x5f, 0x800}, {&(0x7f0000000900)="fc8dc071a9f0804e46a91b7ff73e1567e578aabd72cbc4df92cfdd15af74800191f2ce7a3cc5cea8ff532427934018b077936fdcdaff0e9a52cef4a9fd8979566accef1f0c8d46a119b5f368e9", 0x4d, 0x8}, {&(0x7f0000000980)="bca8065839ed14c4f621befd6993e42fdb346ec30f19685d430ad753c6c052a29342d53c66de0a6f0ef4821219afe02b61313a6664e67f84d7a43dfbd7eaefd77ad2efcdcf3b9c2ae49a9ce04190096137558827604783d2dcdf7120f40cd2dfc7f7490835e0d88440e4ab806058eb6caa8c45c4bb059ba8773b67162a7669430dd5a468b77a3ecddfbf5accd8bdf6e1ca76a49425a7abc86f2ace87c66e181d3b613e0bdb2f5668d8292b2f7b93b834283fdab082496bc000", 0xb9, 0x9}, {&(0x7f0000000a40)="83fc21d36d90fbcc7b3a39bb6711132fdbb3c6f75e7faa171b0bc69dc220cf9be70ac1042b7c77afef35fa79b6a2c52c3510fb6574f276bd9c4b3ba7e2ba87f43f195fe751a0c628cbdf377f8030d0d5635c60a06b33ee1927aea3b927831e2c355595f32e08225443b93667e4585461ae66c3bd806a7709404725663db88191df3c7d49de3ba8d9902822ccdaeac0f40282dbadbc2d168a0efce056e5ce9652389fbc5953f0a5f1edcab51e99c58f97c62c560fe6c1f75f34dd04fa4163c75be83f714160608950169dbe616a0606345b8dfabafbecf6b33972994bbca6b3523c90d66ef1", 0xe5, 0x928}, {&(0x7f0000000b40)="cb9608769dc43e60bf471447ac97c842ac3ca76bbc0241b3c1dae96dc2f8e549b7bcb67be668f58a5d27ce07783d8ef7dd0361358f15e4e7b495a7044b226166bc0e2f16448fc086785ed7deff1192725e2ebdbb757c7aa8dd21983735a32c30e5c067a5906d20be67e1471cf72aee43a0273bf26f49489e8da7b034abf6fe5bf104fe9447522fb6945b69adfa54342f61bd01168b75137592b99e90322dd78e1f26dd97fed2a3917a2825871f92a4", 0xaf, 0xff}, {&(0x7f0000000580)="abccf949eacafd7187a763cc", 0xc, 0x5}], 0x2048, &(0x7f0000000fc0)={[{@noikeep='noikeep'}, {@usrquota='usrquota'}, {@pqnoenforce='pqnoenforce'}, {@logdev={'logdev', 0x3d, './file2'}}, {@norecovery='norecovery'}], [{@mask={'mask', 0x3d, 'MAY_APPEND'}}, {@audit='audit'}, {@subj_type={'subj_type', 0x3d, '!]cpuset'}}, {@appraise_type='appraise_type=imasig'}, {@euid_eq={'euid', 0x3d, r3}}, {@fsmagic={'fsmagic', 0x3d, 0x5}}]}) write$P9_RREADDIR(r1, &(0x7f0000000640)={0x122, 0x29, 0x2, {0x5, [{{0x3a, 0x3, 0x8}, 0xc1, 0x80000000, 0x7, './file0'}, {{0x40, 0x2, 0x2}, 0x0, 0x6, 0x7, './file0'}, {{0x50, 0x3, 0x6}, 0x0, 0x37d, 0x7, './file0'}, {{0x80, 0x3, 0x1}, 0xdd6c, 0x1e20, 0x7, './file0'}, {{0x44, 0x1}, 0x4, 0x1c00000, 0x7, './file0'}, {{0x40, 0x4, 0x6}, 0x7, 0xfffffffffffffffe, 0x7, './file0'}, {{0x0, 0x4, 0x2}, 0x100000000, 0x0, 0x7, './file0'}, {{0x40, 0x2, 0x3}, 0x5, 0xffffffff00000001, 0x7, './file1'}, {{0x12, 0x3, 0x8}, 0x81, 0x3, 0x7, './file0'}]}}, 0x122) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000400)={0xf5, 0x0, [0x9, 0x5, 0x98]}) 19:57:41 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$l2tp(0x18, 0x1, 0x1) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = dup3(r2, r2, 0x0) fsetxattr$security_evm(r1, &(0x7f0000000100)='security.evm\x00', &(0x7f0000000140)=@sha1={0x1, "5482799d83ab7cb51b1418efb4b0645099a2d212"}, 0x15, 0x2) ioctl$TIOCMBIC(r3, 0x5417, &(0x7f0000000080)) r4 = socket$l2tp(0x18, 0x1, 0x1) connect$l2tp(r4, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e) connect$l2tp(r1, &(0x7f00000000c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @rand_addr}, 0x4, 0x1}}, 0x2e) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x2, 0x32, 0xffffffffffffffff, 0x0) statx(r3, &(0x7f0000000180)='./file0\x00', 0x7000, 0x0, &(0x7f00000002c0)) r5 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x8240, 0x0) setsockopt$netlink_NETLINK_PKTINFO(r5, 0x10e, 0x3, &(0x7f0000000040)=0x478, 0x4) ioctl$PPPIOCGL2TPSTATS(r1, 0x40047459, &(0x7f0000000180)) [ 525.008134] oom_reaper: reaped process 14439 (syz-executor5), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB 19:57:41 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x4000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:41 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375110060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 525.108323] syz-executor5 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=-1000 19:57:41 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375003e60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:41 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375040060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 525.201000] syz-executor5 cpuset=syz5 mems_allowed=0 [ 525.227404] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 525.234734] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 525.244118] Call Trace: [ 525.246728] dump_stack+0x1c4/0x2b4 [ 525.250376] ? dump_stack_print_info.cold.2+0x52/0x52 [ 525.255601] dump_header+0x27b/0xf72 [ 525.259354] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 525.259368] ? kasan_check_read+0x11/0x20 [ 525.259388] ? pagefault_out_of_memory+0x197/0x197 [ 525.259421] ? rcu_read_unlock+0x33/0x60 [ 525.269371] ? mem_cgroup_iter+0x514/0x1160 [ 525.269390] ? find_held_lock+0x36/0x1c0 [ 525.269413] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 525.269428] ? mark_held_locks+0xc7/0x130 [ 525.269447] ? _raw_spin_unlock_irq+0x27/0x80 [ 525.278433] ? _raw_spin_unlock_irq+0x27/0x80 [ 525.278450] ? lockdep_hardirqs_on+0x421/0x5c0 [ 525.278467] ? trace_hardirqs_on+0xbd/0x310 [ 525.278481] ? kasan_check_read+0x11/0x20 [ 525.278498] ? css_task_iter_end+0x222/0x490 [ 525.278515] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 525.278542] ? kasan_check_write+0x14/0x20 [ 525.331847] ? do_raw_spin_lock+0xc1/0x200 [ 525.336076] ? _raw_spin_unlock_irq+0x60/0x80 [ 525.340567] ? css_task_iter_end+0x2ce/0x490 [ 525.344988] ? cgroup_procs_next+0x70/0x70 [ 525.349236] ? _raw_spin_unlock_irq+0x60/0x80 [ 525.353744] ? oom_badness+0xaa0/0xaa0 [ 525.357647] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 525.362391] ? mem_cgroup_iter_break+0x30/0x30 [ 525.366976] ? cgroup_file_notify+0x226/0x2f0 [ 525.371465] out_of_memory.cold.30+0xf/0x184 [ 525.375863] ? lockdep_hardirqs_on+0x421/0x5c0 [ 525.380447] ? kasan_check_read+0x11/0x20 [ 525.384599] ? oom_killer_disable+0x3a0/0x3a0 [ 525.389085] ? kasan_check_write+0x14/0x20 [ 525.393310] ? do_raw_spin_lock+0xc1/0x200 [ 525.397550] mem_cgroup_out_of_memory+0x15e/0x210 [ 525.402390] ? memcg_memory_event+0x40/0x40 [ 525.406711] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 525.411544] ? page_counter_try_charge+0x1c1/0x220 [ 525.416464] try_charge+0xc43/0x1690 [ 525.420177] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 525.425720] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 525.431779] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 525.437056] ? rcu_pm_notify+0xc0/0xc0 [ 525.440966] ? rcu_read_lock_sched_held+0x108/0x120 [ 525.445987] ? __alloc_pages_nodemask+0xb5a/0xde0 [ 525.450819] ? graph_lock+0x170/0x170 [ 525.454626] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 525.459646] ? graph_lock+0x170/0x170 [ 525.463449] ? find_held_lock+0x36/0x1c0 [ 525.467542] ? cache_grow_begin+0x5a4/0x8c0 [ 525.471856] memcg_kmem_charge_memcg+0x7c/0x120 [ 525.476540] ? memcg_kmem_put_cache+0xb0/0xb0 [ 525.481027] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 525.486558] cache_grow_begin+0x415/0x8c0 [ 525.490696] ? do_raw_spin_unlock+0xa7/0x2f0 [ 525.495100] fallback_alloc+0x203/0x2e0 [ 525.499068] ____cache_alloc_node+0x1c7/0x1e0 [ 525.503597] kmem_cache_alloc_node+0xe3/0x730 [ 525.508081] ? kasan_check_write+0x14/0x20 [ 525.512319] ? do_raw_spin_lock+0xc1/0x200 [ 525.516569] copy_process+0x1ff4/0x8780 [ 525.520552] ? attach_entity_load_avg+0x860/0x860 [ 525.525382] ? __lock_is_held+0xb5/0x140 [ 525.529431] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 525.534982] ? graph_lock+0x170/0x170 [ 525.538781] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 525.544321] ? PageHuge+0x183/0x2b0 [ 525.547948] ? vma_kernel_pagesize+0xb0/0xb0 [ 525.552363] ? __cleanup_sighand+0x70/0x70 [ 525.556635] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 525.562161] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 525.567716] ? cpuacct_charge+0x265/0x440 [ 525.571869] ? page_swapcount+0x1d0/0x1d0 [ 525.576022] ? graph_lock+0x170/0x170 [ 525.579810] ? update_curr+0x4cf/0xbe0 [ 525.583715] ? __lock_acquire+0x7ec/0x4ec0 [ 525.587946] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 525.593743] ? graph_lock+0x170/0x170 [ 525.597566] ? __lock_is_held+0xb5/0x140 [ 525.601657] ? mark_held_locks+0x130/0x130 [ 525.605887] ? print_usage_bug+0xc0/0xc0 [ 525.609953] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 525.615502] ? check_preemption_disabled+0x48/0x200 [ 525.620538] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 525.626090] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 525.631465] ? print_usage_bug+0xc0/0xc0 [ 525.635545] ? select_task_rq_fair+0x34f0/0x34f0 [ 525.640303] ? __lock_acquire+0x7ec/0x4ec0 [ 525.644536] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 525.650081] ? check_preemption_disabled+0x48/0x200 [ 525.655108] ? print_usage_bug+0xc0/0xc0 [ 525.659208] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 525.664733] ? reuse_swap_page+0x4bd/0x1520 [ 525.669102] ? swp_swapcount+0x530/0x530 [ 525.673178] ? find_held_lock+0x36/0x1c0 [ 525.677255] ? __lock_acquire+0x7ec/0x4ec0 [ 525.681474] ? mark_held_locks+0x130/0x130 [ 525.685703] ? finish_task_switch+0x1f5/0x900 [ 525.690213] ? __lock_acquire+0x7ec/0x4ec0 [ 525.694459] ? lockdep_hardirqs_on+0x421/0x5c0 [ 525.699052] ? mark_held_locks+0x130/0x130 [ 525.703320] ? graph_lock+0x170/0x170 [ 525.707108] ? mark_held_locks+0x130/0x130 [ 525.711339] ? check_preemption_disabled+0x48/0x200 [ 525.716607] ? check_preemption_disabled+0x48/0x200 [ 525.721634] ? find_held_lock+0x36/0x1c0 [ 525.725722] ? print_usage_bug+0xc0/0xc0 [ 525.729791] ? print_usage_bug+0xc0/0xc0 [ 525.733852] ? do_wp_page+0xa6f/0x1390 [ 525.737743] ? lock_downgrade+0x900/0x900 [ 525.741891] ? wake_up_page_bit+0x6f0/0x6f0 [ 525.746222] ? kasan_check_read+0x11/0x20 [ 525.750362] ? __lock_acquire+0x7ec/0x4ec0 [ 525.754624] ? _raw_spin_unlock+0x2c/0x50 [ 525.758784] ? mark_held_locks+0x130/0x130 [ 525.763012] ? find_held_lock+0x36/0x1c0 [ 525.767088] ? lock_release+0x970/0x970 [ 525.771076] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 525.776618] ? kasan_check_write+0x14/0x20 [ 525.780854] ? do_raw_spin_lock+0xc1/0x200 [ 525.785115] ? __handle_mm_fault+0x9ab/0x53e0 [ 525.789634] ? graph_lock+0x170/0x170 [ 525.793420] ? graph_lock+0x170/0x170 [ 525.797242] ? touch_atime+0x103/0x320 [ 525.801127] ? graph_lock+0x170/0x170 [ 525.804930] ? atime_needs_update+0x710/0x710 [ 525.809433] ? graph_lock+0x170/0x170 [ 525.813236] ? graph_lock+0x170/0x170 [ 525.817042] ? find_held_lock+0x36/0x1c0 [ 525.821111] _do_fork+0x1cb/0x11d0 [ 525.824679] ? fork_idle+0x1d0/0x1d0 [ 525.828398] ? lock_downgrade+0x900/0x900 [ 525.832557] ? kasan_check_read+0x11/0x20 [ 525.836705] ? _copy_to_user+0xc8/0x110 [ 525.840673] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 525.846209] ? put_timespec64+0x10f/0x1b0 [ 525.850346] ? nsecs_to_jiffies+0x30/0x30 [ 525.854495] ? do_syscall_64+0x9a/0x820 [ 525.858472] ? do_syscall_64+0x9a/0x820 [ 525.862446] ? lockdep_hardirqs_on+0x421/0x5c0 [ 525.867076] ? trace_hardirqs_on+0xbd/0x310 [ 525.871420] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 525.876949] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 525.882339] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 525.887808] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 525.893356] __x64_sys_clone+0xbf/0x150 [ 525.897327] do_syscall_64+0x1b9/0x820 [ 525.901206] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 525.906578] ? syscall_return_slowpath+0x5e0/0x5e0 [ 525.911503] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 525.916335] ? trace_hardirqs_on_caller+0x310/0x310 [ 525.921342] ? prepare_exit_to_usermode+0x291/0x3b0 [ 525.926348] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 525.931199] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 525.936382] RIP: 0033:0x455b4a [ 525.939577] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 525.958490] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 525.966207] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 525.973473] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 525.980745] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 [ 525.988013] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 525.995294] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 526.005149] Memory limit reached of cgroup /syz5 [ 526.009974] memory: usage 204892kB, limit 204800kB, failcnt 434839 [ 526.016480] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 526.023245] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 526.023253] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:48KB inactive_file:0KB active_file:0KB unevictable:0KB [ 526.049582] Out of memory and no killable processes... [ 526.057171] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=-1000 [ 526.070184] syz-executor5 cpuset=syz5 mems_allowed=0 [ 526.075462] CPU: 0 PID: 13460 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 526.082743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 526.092099] Call Trace: [ 526.094703] dump_stack+0x1c4/0x2b4 [ 526.098351] ? dump_stack_print_info.cold.2+0x52/0x52 [ 526.103568] dump_header+0x27b/0xf72 [ 526.107338] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 526.107350] ? kasan_check_read+0x11/0x20 [ 526.107387] ? pagefault_out_of_memory+0x197/0x197 [ 526.122250] ? rcu_read_unlock+0x33/0x60 [ 526.126319] ? mem_cgroup_iter+0x514/0x1160 [ 526.130667] ? find_held_lock+0x36/0x1c0 [ 526.130690] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 526.130708] ? mark_held_locks+0xc7/0x130 [ 526.144099] ? _raw_spin_unlock_irq+0x27/0x80 [ 526.148624] ? _raw_spin_unlock_irq+0x27/0x80 [ 526.153151] ? lockdep_hardirqs_on+0x421/0x5c0 [ 526.157758] ? trace_hardirqs_on+0xbd/0x310 [ 526.162087] ? kasan_check_read+0x11/0x20 [ 526.162104] ? css_task_iter_end+0x222/0x490 [ 526.162122] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 526.162138] ? kasan_check_write+0x14/0x20 [ 526.170689] ? do_raw_spin_lock+0xc1/0x200 [ 526.170711] ? _raw_spin_unlock_irq+0x60/0x80 [ 526.170727] ? css_task_iter_end+0x2ce/0x490 [ 526.170746] ? cgroup_procs_next+0x70/0x70 [ 526.197785] ? _raw_spin_unlock_irq+0x60/0x80 [ 526.202307] ? oom_badness+0xaa0/0xaa0 [ 526.206234] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 526.211019] ? mem_cgroup_iter_break+0x30/0x30 [ 526.215637] ? cgroup_file_notify+0x226/0x2f0 [ 526.220161] out_of_memory.cold.30+0xf/0x184 [ 526.224600] ? lockdep_hardirqs_on+0x421/0x5c0 [ 526.229199] ? kasan_check_read+0x11/0x20 [ 526.233360] ? oom_killer_disable+0x3a0/0x3a0 [ 526.237869] ? kasan_check_write+0x14/0x20 [ 526.242121] ? do_raw_spin_lock+0xc1/0x200 [ 526.246410] mem_cgroup_out_of_memory+0x15e/0x210 [ 526.251287] ? memcg_memory_event+0x40/0x40 [ 526.255625] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 526.260507] ? page_counter_try_charge+0x1c1/0x220 [ 526.265460] try_charge+0xc43/0x1690 [ 526.269192] ? lock_downgrade+0x900/0x900 [ 526.273367] ? check_preemption_disabled+0x48/0x200 [ 526.278406] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 526.284487] ? find_held_lock+0x36/0x1c0 [ 526.288620] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 526.293499] ? lock_downgrade+0x900/0x900 [ 526.297661] ? check_preemption_disabled+0x48/0x200 [ 526.302699] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 526.308513] ? kasan_check_read+0x11/0x20 [ 526.312678] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 526.317964] ? rcu_bh_qs+0xc0/0xc0 [ 526.321556] ? get_mem_cgroup_from_mm+0x206/0x440 [ 526.326463] memcg_kmem_charge_memcg+0x7c/0x120 [ 526.331140] ? memcg_kmem_put_cache+0xb0/0xb0 [ 526.335649] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 526.341037] memcg_kmem_charge+0x135/0x300 [ 526.345289] __alloc_pages_nodemask+0x72e/0xde0 [ 526.345307] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 526.345327] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 526.355262] ? check_preemption_disabled+0x48/0x200 [ 526.355287] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 526.355303] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 526.355316] ? percpu_ref_put_many+0x13e/0x260 19:57:42 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x6000, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000002}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)=@deltaction={0x48, 0x31, 0x0, 0x70bd28, 0x25dfdbfb, {0x0, 0x401}, [@TCA_ACT_TAB={0x34, 0x1, [{0x10, 0xd, @TCA_ACT_INDEX={0x8, 0x3, 0x7}}, {0x10, 0xe1c3, @TCA_ACT_INDEX={0x8, 0x3, 0x5}}, {0x10, 0x3, @TCA_ACT_INDEX={0x8, 0x3, 0xb5e}}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000040}, 0x811) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) ioctl$UI_DEV_CREATE(r0, 0x5501) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:42 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d53755a0060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:42 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) ioctl$int_in(r0, 0x5473, &(0x7f0000000000)=0x7fff) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000002000)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_tcp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000140)) setsockopt$inet_mreqsrc(r2, 0x0, 0x2000000000000004, &(0x7f0000013ff4)={@local, @rand_addr}, 0xc) setsockopt$inet_mreq(r2, 0x0, 0x6, &(0x7f0000000080)={@loopback, @multicast1}, 0x8) close(r2) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = open(&(0x7f00000000c0)='./file0\x00', 0x400, 0x0) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r4, 0x80045400, &(0x7f0000000100)) prctl$getname(0x10, &(0x7f0000000180)=""/7) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) dup3(r0, r1, 0x0) 19:57:43 executing program 1: r0 = syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0xe440, 0x1) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r0, 0xc0305710, &(0x7f0000000080)={0x0, 0x0, 0x804, 0x400000000001}) [ 526.355332] ? rcu_pm_notify+0xc0/0xc0 [ 526.355355] ? copy_process+0x1ff4/0x8780 [ 526.355373] ? rcu_read_lock_sched_held+0x108/0x120 [ 526.393879] ? kmem_cache_alloc_node+0x349/0x730 [ 526.398679] ? kasan_check_write+0x14/0x20 [ 526.402934] ? do_raw_spin_lock+0xc1/0x200 [ 526.407193] copy_process+0xa09/0x8780 [ 526.411098] ? attach_entity_load_avg+0x860/0x860 [ 526.415963] ? __lock_is_held+0xb5/0x140 [ 526.420064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 526.425616] ? graph_lock+0x170/0x170 [ 526.429430] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 526.434955] ? PageHuge+0x183/0x2b0 [ 526.438595] ? vma_kernel_pagesize+0xb0/0xb0 [ 526.443010] ? __cleanup_sighand+0x70/0x70 [ 526.447233] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 526.452757] ? page_trans_huge_map_swapcount+0xbae/0x1270 [ 526.458299] ? cpuacct_charge+0x265/0x440 [ 526.462463] ? page_swapcount+0x1d0/0x1d0 [ 526.466607] ? graph_lock+0x170/0x170 [ 526.470415] ? update_curr+0x4cf/0xbe0 [ 526.474311] ? __lock_acquire+0x7ec/0x4ec0 [ 526.478541] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 526.484338] ? graph_lock+0x170/0x170 [ 526.488147] ? __lock_is_held+0xb5/0x140 [ 526.492225] ? mark_held_locks+0x130/0x130 [ 526.496485] ? print_usage_bug+0xc0/0xc0 [ 526.500538] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 526.506069] ? check_preemption_disabled+0x48/0x200 [ 526.511077] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 526.516626] ? __perf_event_task_sched_out+0x337/0x1ab0 [ 526.521986] ? print_usage_bug+0xc0/0xc0 [ 526.526062] ? select_task_rq_fair+0x34f0/0x34f0 [ 526.530836] ? __lock_acquire+0x7ec/0x4ec0 [ 526.535097] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 526.540646] ? check_preemption_disabled+0x48/0x200 [ 526.545667] ? print_usage_bug+0xc0/0xc0 [ 526.549733] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 526.555269] ? reuse_swap_page+0x4bd/0x1520 [ 526.559604] ? swp_swapcount+0x530/0x530 [ 526.563669] ? find_held_lock+0x36/0x1c0 [ 526.567737] ? __lock_acquire+0x7ec/0x4ec0 [ 526.571978] ? mark_held_locks+0x130/0x130 [ 526.576212] ? finish_task_switch+0x1f5/0x900 [ 526.580709] ? __lock_acquire+0x7ec/0x4ec0 [ 526.584938] ? lockdep_hardirqs_on+0x421/0x5c0 [ 526.589535] ? mark_held_locks+0x130/0x130 [ 526.593765] ? graph_lock+0x170/0x170 [ 526.597577] ? mark_held_locks+0x130/0x130 [ 526.601807] ? check_preemption_disabled+0x48/0x200 [ 526.606823] ? check_preemption_disabled+0x48/0x200 [ 526.611853] ? find_held_lock+0x36/0x1c0 [ 526.615925] ? print_usage_bug+0xc0/0xc0 [ 526.619990] ? print_usage_bug+0xc0/0xc0 [ 526.624039] ? do_wp_page+0xa6f/0x1390 [ 526.627915] ? lock_downgrade+0x900/0x900 [ 526.632049] ? wake_up_page_bit+0x6f0/0x6f0 [ 526.636371] ? kasan_check_read+0x11/0x20 [ 526.640534] ? __lock_acquire+0x7ec/0x4ec0 [ 526.644769] ? _raw_spin_unlock+0x2c/0x50 [ 526.648940] ? mark_held_locks+0x130/0x130 [ 526.653160] ? find_held_lock+0x36/0x1c0 [ 526.657220] ? lock_release+0x970/0x970 [ 526.661198] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 526.666733] ? kasan_check_write+0x14/0x20 [ 526.670955] ? do_raw_spin_lock+0xc1/0x200 [ 526.675182] ? __handle_mm_fault+0x9ab/0x53e0 [ 526.679668] ? graph_lock+0x170/0x170 [ 526.683452] ? graph_lock+0x170/0x170 [ 526.687240] ? touch_atime+0x103/0x320 [ 526.691117] ? graph_lock+0x170/0x170 [ 526.694911] ? atime_needs_update+0x710/0x710 [ 526.699419] ? graph_lock+0x170/0x170 [ 526.703228] ? graph_lock+0x170/0x170 [ 526.707035] ? find_held_lock+0x36/0x1c0 [ 526.711105] _do_fork+0x1cb/0x11d0 [ 526.714681] ? fork_idle+0x1d0/0x1d0 [ 526.718394] ? lock_downgrade+0x900/0x900 [ 526.722551] ? kasan_check_read+0x11/0x20 [ 526.726709] ? _copy_to_user+0xc8/0x110 [ 526.730674] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 526.736201] ? put_timespec64+0x10f/0x1b0 [ 526.740346] ? nsecs_to_jiffies+0x30/0x30 [ 526.744493] ? do_syscall_64+0x9a/0x820 [ 526.748457] ? do_syscall_64+0x9a/0x820 [ 526.752419] ? lockdep_hardirqs_on+0x421/0x5c0 [ 526.757010] ? trace_hardirqs_on+0xbd/0x310 [ 526.761319] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 526.766853] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 526.772228] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 526.777680] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 526.783207] __x64_sys_clone+0xbf/0x150 [ 526.787181] do_syscall_64+0x1b9/0x820 [ 526.791120] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 526.796492] ? syscall_return_slowpath+0x5e0/0x5e0 [ 526.801410] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 526.806259] ? trace_hardirqs_on_caller+0x310/0x310 [ 526.811281] ? prepare_exit_to_usermode+0x291/0x3b0 [ 526.816286] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 526.821130] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 526.826304] RIP: 0033:0x455b4a [ 526.829483] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 526.848375] RSP: 002b:00007ffd1aecd800 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 526.856069] RAX: ffffffffffffffda RBX: 00007ffd1aecd800 RCX: 0000000000455b4a [ 526.863327] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 526.870598] RBP: 00007ffd1aecd840 R08: 0000000000000001 R09: 000000000213f940 19:57:43 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375160060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 526.877877] R10: 000000000213fc10 R11: 0000000000000246 R12: 0000000000000001 [ 526.885155] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000005 [ 526.897918] Memory limit reached of cgroup /syz5 [ 526.902746] memory: usage 197148kB, limit 204800kB, failcnt 434847 [ 526.909882] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 526.916844] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 526.923121] Memory cgroup stats for /syz5: cache:32KB rss:92KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:48KB inactive_file:0KB active_file:0KB unevictable:0KB [ 526.943421] Out of memory and no killable processes... 19:57:43 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375003660007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:43 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375040060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 526.991062] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=3, oom_score_adj=0 [ 527.022111] syz-executor5 cpuset=syz5 mems_allowed=0 [ 527.034924] CPU: 0 PID: 14519 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 527.042228] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 527.051586] Call Trace: [ 527.054194] dump_stack+0x1c4/0x2b4 [ 527.057842] ? dump_stack_print_info.cold.2+0x52/0x52 [ 527.063051] ? mark_held_locks+0x130/0x130 [ 527.067297] ? mark_held_locks+0x130/0x130 [ 527.071550] dump_header+0x27b/0xf72 [ 527.075293] ? pagefault_out_of_memory+0x197/0x197 [ 527.080247] ? check_preemption_disabled+0x48/0x200 [ 527.085282] ? check_preemption_disabled+0x48/0x200 [ 527.090324] ? graph_lock+0x170/0x170 [ 527.094134] ? graph_lock+0x170/0x170 [ 527.097937] ? print_usage_bug+0xc0/0xc0 [ 527.102060] ? find_held_lock+0x36/0x1c0 [ 527.106175] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 527.111734] ? find_held_lock+0x36/0x1c0 [ 527.115819] ? mark_held_locks+0xc7/0x130 [ 527.115840] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 527.115856] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 527.115873] ? lockdep_hardirqs_on+0x421/0x5c0 [ 527.115895] ? trace_hardirqs_on+0xbd/0x310 [ 527.125137] ? kasan_check_read+0x11/0x20 [ 527.125154] ? ___ratelimit+0x36f/0x655 [ 527.125173] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 527.125191] ? trace_hardirqs_on+0x310/0x310 [ 527.125207] ? lock_downgrade+0x900/0x900 [ 527.125229] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 527.125248] ? ___ratelimit+0xaa/0x655 [ 527.134956] ? idr_get_free+0xec0/0xec0 [ 527.134972] ? kasan_check_write+0x14/0x20 [ 527.135002] ? do_raw_spin_lock+0xc1/0x200 [ 527.135026] oom_kill_process.cold.27+0x10/0x903 [ 527.135044] ? kasan_check_write+0x14/0x20 [ 527.135060] ? do_raw_spin_lock+0xc1/0x200 [ 527.135081] ? oom_evaluate_task+0x540/0x540 [ 527.200434] ? cgroup_procs_next+0x70/0x70 [ 527.204687] ? _raw_spin_unlock_irq+0x60/0x80 [ 527.209196] ? oom_badness+0xaa0/0xaa0 [ 527.213094] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 527.217844] ? mem_cgroup_iter_break+0x30/0x30 [ 527.222435] ? mark_held_locks+0xc7/0x130 [ 527.226608] out_of_memory+0xa84/0x1430 [ 527.230586] ? lockdep_hardirqs_on+0x421/0x5c0 [ 527.235163] ? kasan_check_read+0x11/0x20 [ 527.239310] ? oom_killer_disable+0x3a0/0x3a0 [ 527.243826] ? kasan_check_write+0x14/0x20 [ 527.248082] ? do_raw_spin_lock+0xc1/0x200 [ 527.252336] mem_cgroup_out_of_memory+0x15e/0x210 [ 527.257196] ? memcg_memory_event+0x40/0x40 [ 527.261530] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 527.266449] ? page_counter_try_charge+0x1c1/0x220 [ 527.271379] try_charge+0xc43/0x1690 [ 527.275106] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 527.281165] ? tcp_sendmsg+0x2f/0x50 [ 527.284874] ? sock_sendmsg+0xd5/0x120 [ 527.288777] ? __sys_sendto+0x3d7/0x670 [ 527.292747] ? __x64_sys_sendto+0xe1/0x1a0 [ 527.296984] ? do_syscall_64+0x1b9/0x820 [ 527.301039] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 527.306404] ? graph_lock+0x170/0x170 [ 527.310221] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 527.315780] ? check_preemption_disabled+0x48/0x200 [ 527.320795] ? check_preemption_disabled+0x48/0x200 [ 527.325806] ? mark_held_locks+0xc7/0x130 [ 527.329943] ? __lock_is_held+0xb5/0x140 [ 527.333995] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 527.338945] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 527.343864] ? lockdep_hardirqs_on+0x421/0x5c0 [ 527.348462] ? __sk_mem_raise_allocated+0x642/0x1800 [ 527.353572] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 527.359018] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 527.364545] ? check_preemption_disabled+0x48/0x200 [ 527.369565] mem_cgroup_charge_skmem+0x1e4/0x390 [ 527.374326] ? mem_cgroup_sk_free+0x90/0x90 [ 527.378696] __sk_mem_raise_allocated+0x642/0x1800 [ 527.383633] ? sk_busy_loop_end+0x1c0/0x1c0 [ 527.387960] ? arch_local_save_flags+0x40/0x40 [ 527.392550] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 527.397554] ? skb_page_frag_refill+0x1eb/0x6a0 [ 527.402216] ? sock_kzfree_s+0x60/0x60 [ 527.406102] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 527.411139] ? sk_stream_alloc_skb+0x34b/0x970 [ 527.415726] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 527.420738] ? skb_entail+0x618/0x8c0 [ 527.424548] ? tcp_rate_check_app_limited+0x121/0x460 [ 527.429748] ? tcp_splice_data_recv+0x1b0/0x1b0 [ 527.434421] __sk_mem_schedule+0x6d/0xe0 [ 527.438486] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 527.444017] tcp_sendmsg_locked+0x1c86/0x3f00 [ 527.448545] ? tcp_sendpage+0x60/0x60 [ 527.452381] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 527.457851] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 527.463383] ? check_preemption_disabled+0x48/0x200 [ 527.468389] ? smack_netlabel+0xda/0x180 [ 527.472439] ? smack_netlabel+0xda/0x180 [ 527.476488] ? find_held_lock+0x36/0x1c0 [ 527.480583] ? mark_held_locks+0xc7/0x130 [ 527.484760] ? __local_bh_enable_ip+0x160/0x260 [ 527.489443] ? __local_bh_enable_ip+0x160/0x260 [ 527.494132] ? trace_hardirqs_on+0xbd/0x310 [ 527.498459] ? lock_release+0x970/0x970 [ 527.502444] ? lock_sock_nested+0xe2/0x120 [ 527.506687] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 527.512140] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 527.517698] ? check_preemption_disabled+0x48/0x200 [ 527.522729] ? lock_sock_nested+0x9a/0x120 [ 527.526964] ? lock_sock_nested+0x9a/0x120 [ 527.531213] ? __local_bh_enable_ip+0x160/0x260 [ 527.535878] tcp_sendmsg+0x2f/0x50 [ 527.539421] inet_sendmsg+0x1a1/0x690 [ 527.543227] ? ipip_gro_receive+0x100/0x100 [ 527.547550] ? smack_socket_sendmsg+0x150/0x190 [ 527.552220] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 527.557749] ? security_socket_sendmsg+0x94/0xc0 [ 527.562500] ? ipip_gro_receive+0x100/0x100 [ 527.566929] sock_sendmsg+0xd5/0x120 [ 527.570648] __sys_sendto+0x3d7/0x670 [ 527.574454] ? __ia32_sys_getpeername+0xb0/0xb0 [ 527.579136] ? lock_release+0x970/0x970 [ 527.583112] ? arch_local_save_flags+0x40/0x40 [ 527.587685] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 527.593158] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 527.598729] ? put_timespec64+0x10f/0x1b0 [ 527.602898] ? nsecs_to_jiffies+0x30/0x30 [ 527.607050] ? do_syscall_64+0x9a/0x820 [ 527.611028] ? do_syscall_64+0x9a/0x820 [ 527.615022] ? lockdep_hardirqs_on+0x421/0x5c0 [ 527.619622] ? trace_hardirqs_on+0xbd/0x310 [ 527.623947] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 527.629484] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 527.634851] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 527.640308] __x64_sys_sendto+0xe1/0x1a0 [ 527.644373] do_syscall_64+0x1b9/0x820 [ 527.648264] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 527.653658] ? syscall_return_slowpath+0x5e0/0x5e0 [ 527.658605] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 527.663485] ? trace_hardirqs_on_caller+0x310/0x310 [ 527.668528] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 527.673573] ? prepare_exit_to_usermode+0x291/0x3b0 [ 527.678608] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 527.683602] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 527.688802] RIP: 0033:0x457579 [ 527.691985] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 527.710882] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 527.718872] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 527.726148] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 527.733424] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 527.740690] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 527.747967] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff [ 527.757275] Task in /syz5 killed as a result of limit of /syz5 [ 527.763411] memory: usage 204796kB, limit 204800kB, failcnt 434866 [ 527.785082] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 19:57:44 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375680060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 527.791983] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 527.799172] Memory cgroup stats for /syz5: cache:32KB rss:6284KB rss_huge:6144KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:6292KB inactive_file:0KB active_file:0KB unevictable:0KB [ 527.819834] Memory cgroup out of memory: Kill process 14518 (syz-executor5) score 191 or sacrifice child [ 527.829668] Killed process 14518 (syz-executor5) total-vm:70472kB, anon-rss:6240kB, file-rss:32768kB, shmem-rss:0kB [ 527.847842] oom_reaper: reaped process 14518 (syz-executor5), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB 19:57:44 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x7000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:44 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) r2 = socket(0x40000000015, 0x5, 0x0) mmap(&(0x7f0000000000/0x5000)=nil, 0x5000, 0x2000001, 0x10031, 0xffffffffffffffff, 0x0) setsockopt$RDS_CANCEL_SENT_TO(r2, 0x114, 0x5, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x1c7) ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f0000000100)) write$binfmt_aout(r1, &(0x7f0000000540)={{0x0, 0x3, 0x0, 0x394, 0x180, 0x1ff, 0x367, 0xb28}, "08bfd176ec3f90f7171af6987af6e9e765d3374cf1895922cdbd22a2f4d0f96749e02cfe4115f1d056f5281d3c2a1a7ce0f45283dec77d5a53a23271b4d776473f3b7a3c9d05fe17a17e86e95b2d81ceeaeb881131", [[], [], [], [], [], [], []]}, 0x775) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) 19:57:44 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d53753e0060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:44 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375000e60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:44 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="2a0000002901000000000000000000002766fa714e791c2dd52b007704d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:44 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375003660007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:44 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) r2 = syz_open_dev$amidi(&(0x7f0000000100)='/dev/amidi#\x00', 0x0, 0x10800) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f00000001c0)={0x40000000}) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:44 executing program 1: sendmsg$xdp(0xffffffffffffffff, &(0x7f0000000600)={&(0x7f0000000140), 0x10, &(0x7f0000000580)}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='posix_acl_access\x00'}, 0x10) r0 = socket$inet6(0xa, 0x3, 0xff) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000000200)={0x3, {{0xa, 0x4e24, 0x81, @empty, 0xc5}}, {{0xa, 0x4e24, 0x7fff, @empty, 0x2}}}, 0x108) sendto$inet6(r0, &(0x7f0000000100), 0x300, 0x0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @dev, 0x9}, 0x1c) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000000)) 19:57:44 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375005a60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 528.127430] syz-executor5 invoked oom-killer: gfp_mask=0x6040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 19:57:44 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375000a60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 528.205893] syz-executor5 cpuset=syz5 mems_allowed=0 [ 528.225803] CPU: 1 PID: 14555 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 528.233102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 528.233108] Call Trace: [ 528.233132] dump_stack+0x1c4/0x2b4 [ 528.233153] ? dump_stack_print_info.cold.2+0x52/0x52 [ 528.253918] ? mark_held_locks+0x130/0x130 [ 528.258163] ? mark_held_locks+0x130/0x130 [ 528.262409] dump_header+0x27b/0xf72 [ 528.266147] ? pagefault_out_of_memory+0x197/0x197 [ 528.271114] ? check_preemption_disabled+0x48/0x200 [ 528.276138] ? check_preemption_disabled+0x48/0x200 [ 528.281177] ? graph_lock+0x170/0x170 [ 528.285016] ? graph_lock+0x170/0x170 [ 528.288826] ? print_usage_bug+0xc0/0xc0 [ 528.292898] ? find_held_lock+0x36/0x1c0 [ 528.296971] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 528.302534] ? find_held_lock+0x36/0x1c0 [ 528.306615] ? mark_held_locks+0xc7/0x130 [ 528.310783] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 528.315893] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 528.315910] ? lockdep_hardirqs_on+0x421/0x5c0 [ 528.315927] ? trace_hardirqs_on+0xbd/0x310 [ 528.315940] ? kasan_check_read+0x11/0x20 [ 528.315955] ? ___ratelimit+0x36f/0x655 [ 528.315978] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 528.343587] ? trace_hardirqs_on+0x310/0x310 [ 528.343605] ? lock_downgrade+0x900/0x900 19:57:45 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375006260007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 528.343628] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 528.343651] ? ___ratelimit+0xaa/0x655 [ 528.361217] ? idr_get_free+0xec0/0xec0 [ 528.365205] ? kasan_check_write+0x14/0x20 [ 528.369446] ? do_raw_spin_lock+0xc1/0x200 [ 528.369483] oom_kill_process.cold.27+0x10/0x903 [ 528.369499] ? kasan_check_write+0x14/0x20 [ 528.369543] ? do_raw_spin_lock+0xc1/0x200 [ 528.378545] ? oom_evaluate_task+0x540/0x540 [ 528.378566] ? cgroup_procs_next+0x70/0x70 [ 528.378586] ? _raw_spin_unlock_irq+0x60/0x80 [ 528.378601] ? oom_badness+0xaa0/0xaa0 [ 528.378620] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 528.378639] ? mem_cgroup_iter_break+0x30/0x30 [ 528.387122] ? cgroup_file_notify+0x226/0x2f0 [ 528.387143] out_of_memory+0xa84/0x1430 [ 528.387163] ? lockdep_hardirqs_on+0x421/0x5c0 [ 528.426516] ? kasan_check_read+0x11/0x20 [ 528.430671] ? oom_killer_disable+0x3a0/0x3a0 [ 528.435158] ? kasan_check_write+0x14/0x20 [ 528.439382] ? do_raw_spin_lock+0xc1/0x200 [ 528.443616] mem_cgroup_out_of_memory+0x15e/0x210 [ 528.448458] ? memcg_memory_event+0x40/0x40 [ 528.452765] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 528.457603] ? page_counter_try_charge+0x1c1/0x220 [ 528.462525] try_charge+0xc43/0x1690 [ 528.466229] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 528.471769] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 528.477816] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 528.483110] ? rcu_pm_notify+0xc0/0xc0 [ 528.486991] ? rcu_read_lock_sched_held+0x108/0x120 [ 528.492030] ? __alloc_pages_nodemask+0xb5a/0xde0 [ 528.496861] ? graph_lock+0x170/0x170 [ 528.500662] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 528.505694] ? graph_lock+0x170/0x170 [ 528.509487] ? find_held_lock+0x36/0x1c0 [ 528.513540] ? cache_grow_begin+0x5a4/0x8c0 [ 528.517856] memcg_kmem_charge_memcg+0x7c/0x120 [ 528.522526] ? memcg_kmem_put_cache+0xb0/0xb0 [ 528.527013] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 528.532571] cache_grow_begin+0x415/0x8c0 [ 528.536725] ? do_raw_spin_unlock+0xa7/0x2f0 [ 528.541126] fallback_alloc+0x203/0x2e0 [ 528.545112] ____cache_alloc_node+0x1c7/0x1e0 [ 528.549624] kmem_cache_alloc_node+0xe3/0x730 [ 528.554131] ? kasan_check_write+0x14/0x20 [ 528.558378] ? do_raw_spin_lock+0xc1/0x200 [ 528.562606] copy_process+0x1ff4/0x8780 [ 528.566593] ? print_usage_bug+0xc0/0xc0 [ 528.570663] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 528.576190] ? __lock_acquire+0x7ec/0x4ec0 [ 528.580433] ? __cleanup_sighand+0x70/0x70 [ 528.584663] ? mark_held_locks+0x130/0x130 [ 528.588885] ? print_usage_bug+0xc0/0xc0 [ 528.592949] ? find_held_lock+0x36/0x1c0 [ 528.597019] ? rcu_read_unlock_special.part.39+0x8a4/0x11f0 [ 528.602723] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 528.607816] ? __lock_acquire+0x7ec/0x4ec0 [ 528.612052] ? graph_lock+0x170/0x170 [ 528.615854] ? check_preemption_disabled+0x48/0x200 [ 528.620861] ? check_preemption_disabled+0x48/0x200 [ 528.625901] ? mark_held_locks+0x130/0x130 [ 528.630126] ? print_usage_bug+0xc0/0xc0 [ 528.634181] ? find_held_lock+0x36/0x1c0 [ 528.638250] ? find_held_lock+0x36/0x1c0 [ 528.642314] ? print_usage_bug+0xc0/0xc0 [ 528.646391] ? __lock_acquire+0x7ec/0x4ec0 [ 528.650648] ? lock_downgrade+0x900/0x900 [ 528.654809] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 528.660346] ? check_preemption_disabled+0x48/0x200 [ 528.665351] ? check_preemption_disabled+0x48/0x200 [ 528.670360] ? __lock_acquire+0x7ec/0x4ec0 [ 528.674611] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 528.680166] ? mark_held_locks+0x130/0x130 [ 528.684428] ? rcu_read_unlock+0x16/0x60 [ 528.688497] ? lock_downgrade+0x900/0x900 [ 528.692666] ? check_preemption_disabled+0x48/0x200 [ 528.697678] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 528.703462] ? kasan_check_read+0x11/0x20 [ 528.707609] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 528.712889] ? graph_lock+0x170/0x170 [ 528.716711] ? rcu_read_unlock+0x33/0x60 [ 528.720778] ? find_held_lock+0x36/0x1c0 [ 528.724829] ? graph_lock+0x170/0x170 [ 528.728638] ? delayacct_end+0x25/0x100 [ 528.732600] ? lock_downgrade+0x900/0x900 [ 528.736739] ? ktime_get+0x352/0x440 [ 528.740461] ? print_usage_bug+0xc0/0xc0 [ 528.744512] ? find_held_lock+0x36/0x1c0 [ 528.748570] ? delayacct_end+0xc5/0x100 [ 528.752551] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 528.757645] ? __lock_acquire+0x7ec/0x4ec0 [ 528.761888] ? trace_hardirqs_on+0xbd/0x310 [ 528.766207] ? kasan_check_read+0x11/0x20 [ 528.770363] ? delayacct_end+0xc5/0x100 [ 528.774370] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 528.779815] ? mark_held_locks+0x130/0x130 [ 528.784044] ? delayacct_end+0x5a/0x100 [ 528.788010] ? __delayacct_freepages_end+0xe0/0x140 [ 528.793036] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 528.798607] ? do_try_to_free_pages+0xe68/0x1290 [ 528.803395] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 528.808933] ? check_preemption_disabled+0x48/0x200 [ 528.813951] ? check_preemption_disabled+0x48/0x200 [ 528.818973] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 528.824498] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 528.829766] ? rcu_pm_notify+0xc0/0xc0 [ 528.833671] ? graph_lock+0x170/0x170 [ 528.837462] ? try_to_free_mem_cgroup_pages+0x58b/0xca0 [ 528.842815] _do_fork+0x1cb/0x11d0 [ 528.846357] ? fork_idle+0x1d0/0x1d0 [ 528.850078] ? percpu_ref_put_many+0x11c/0x260 [ 528.854665] ? lock_downgrade+0x900/0x900 [ 528.858821] ? check_preemption_disabled+0x48/0x200 [ 528.863867] ? kasan_check_read+0x11/0x20 [ 528.868025] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 528.873313] ? rcu_bh_qs+0xc0/0xc0 [ 528.876842] ? get_mem_cgroup_from_mm+0x206/0x440 [ 528.881678] ? do_syscall_64+0x9a/0x820 [ 528.885637] ? do_syscall_64+0x9a/0x820 [ 528.889601] ? lockdep_hardirqs_on+0x421/0x5c0 [ 528.894176] ? trace_hardirqs_on+0xbd/0x310 [ 528.898496] ? trace_hardirqs_on+0x310/0x310 [ 528.902913] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 528.908267] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 528.913734] __x64_sys_clone+0xbf/0x150 [ 528.917711] do_syscall_64+0x1b9/0x820 [ 528.921586] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 528.926963] ? syscall_return_slowpath+0x5e0/0x5e0 [ 528.931915] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 528.936745] ? trace_hardirqs_on_caller+0x310/0x310 [ 528.941751] ? prepare_exit_to_usermode+0x291/0x3b0 [ 528.946760] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 528.951596] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 528.956775] RIP: 0033:0x459f49 [ 528.959959] Code: ff 48 85 f6 0f 84 47 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 1e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 528.978846] RSP: 002b:00007ffd1aecd578 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 528.986577] RAX: ffffffffffffffda RBX: 00007f02050cf700 RCX: 0000000000459f49 [ 528.993848] RDX: 00007f02050cf9d0 RSI: 00007f02050cedb0 RDI: 00000000003d0f00 [ 529.001109] RBP: 00007ffd1aecd780 R08: 00007f02050cf700 R09: 00007f02050cf700 19:57:45 executing program 1: r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x1, 0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x10000002}) r2 = fcntl$dupfd(r0, 0x0, r0) setsockopt$bt_hci_HCI_FILTER(r2, 0x0, 0x2, &(0x7f0000000000)={0x80000000, 0x9, 0x4, 0x2}, 0xa) [ 529.008397] R10: 00007f02050cf9d0 R11: 0000000000000202 R12: 0000000000000000 [ 529.015668] R13: 00007ffd1aecd62f R14: 00007f02050cf9c0 R15: 0000000000000001 [ 529.036665] Task in /syz5 killed as a result of limit of /syz5 [ 529.043557] memory: usage 204800kB, limit 204800kB, failcnt 435025 [ 529.051626] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 529.065899] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 529.078570] Memory cgroup stats for /syz5: cache:32KB rss:4240KB rss_huge:4096KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:4248KB inactive_file:0KB active_file:0KB unevictable:0KB [ 529.099346] Memory cgroup out of memory: Kill process 14555 (syz-executor5) score 181 or sacrifice child 19:57:45 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0xa00000000000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:45 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a00000029010000000000000000000035e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc0\x00', 0x2501, 0x0) ioctl$SG_SET_COMMAND_Q(r2, 0x2271, &(0x7f00000001c0)=0x1) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:45 executing program 1: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) shutdown(r1, 0x0) sendto$inet6(0xffffffffffffffff, &(0x7f0000001400)="c3f2ff7024c4d64f19948d28d74e3c60268ea243e91337b522", 0x19, 0x0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @remote}, 0x1c) r2 = dup(r1) recvmmsg(r1, &(0x7f0000001300), 0x40000a2, 0x0, &(0x7f00000013c0)={0x0, 0x1c9c380}) ioctl$TUNSETPERSIST(r2, 0x400454cb, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='memory.events\x00', 0x26e1, 0x0) ioctl$FS_IOC_FSSETXATTR(r3, 0x40086602, &(0x7f0000000140)) write$cgroup_int(r3, &(0x7f0000000280), 0xfe72) ioctl$FS_IOC_FIEMAP(r3, 0xc020660b, &(0x7f0000000680)={0x0, 0x20}) ppoll(&(0x7f0000000180)=[{r2}, {r2}, {r1}], 0x3, &(0x7f0000000200), &(0x7f0000000240), 0x8) [ 529.109212] Killed process 14555 (syz-executor5) total-vm:70472kB, anon-rss:4192kB, file-rss:32832kB, shmem-rss:0kB [ 529.122896] oom_reaper: reaped process 14555 (syz-executor5), now anon-rss:0kB, file-rss:32064kB, shmem-rss:0kB 19:57:45 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375680060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:45 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375000e60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:45 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375001160007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:46 executing program 1: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, &(0x7f0000000000)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000040)=ANY=[@ANYBLOB="0000000000000000f6be15fb832aea0c41191a85c663846bd607f1ce9cdb4922bc23ce461e27ca1b103ea19bc1b517c04881b332b597759e0b91d2688cbe9b183334abe7c79ad9bada354863c8eb4c157a0807e5be32d8100929e5f6afb9b01a592de719def7346816415cd19384a5d933db44baed6e7d3ed24bf283d999d7c6f0c19ef50f3e5ab32929539d73a17f448893fe41b188cd44f0fd377f7b5a6aaa2deef9407c9928db21c48895d627c70b100227ecbf5f450a870f2464fbfe764e3079bad4a9c90ea2a20cbe2dc77c191f551861555847030aa7495b8fa49b4366a2d2"]) semget$private(0x0, 0x0, 0x0) 19:57:46 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2af8ffff280100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:46 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375005a60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:46 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375620060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:46 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375000260007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 529.353019] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=2, oom_score_adj=0 [ 529.428370] syz-executor5 cpuset=syz5 mems_allowed=0 [ 529.457705] CPU: 0 PID: 14614 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 529.465022] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 529.474385] Call Trace: [ 529.476993] dump_stack+0x1c4/0x2b4 [ 529.480656] ? dump_stack_print_info.cold.2+0x52/0x52 [ 529.485870] ? mark_held_locks+0x130/0x130 [ 529.490123] ? mark_held_locks+0x130/0x130 [ 529.494381] dump_header+0x27b/0xf72 [ 529.498106] ? pagefault_out_of_memory+0x197/0x197 [ 529.503070] ? check_preemption_disabled+0x48/0x200 [ 529.508092] ? check_preemption_disabled+0x48/0x200 [ 529.513134] ? graph_lock+0x170/0x170 [ 529.516960] ? graph_lock+0x170/0x170 [ 529.520783] ? print_usage_bug+0xc0/0xc0 [ 529.524865] ? find_held_lock+0x36/0x1c0 [ 529.528956] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 529.534516] ? find_held_lock+0x36/0x1c0 [ 529.538616] ? mark_held_locks+0xc7/0x130 [ 529.542787] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 529.547909] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 529.553018] ? lockdep_hardirqs_on+0x421/0x5c0 [ 529.557609] ? trace_hardirqs_on+0xbd/0x310 [ 529.561919] ? kasan_check_read+0x11/0x20 [ 529.566068] ? ___ratelimit+0x36f/0x655 [ 529.570052] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 529.575496] ? trace_hardirqs_on+0x310/0x310 [ 529.579936] ? lock_downgrade+0x900/0x900 [ 529.584112] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 529.589235] ? ___ratelimit+0xaa/0x655 [ 529.592490] 9pnet: Insufficient options for proto=fd [ 529.593137] ? idr_get_free+0xec0/0xec0 [ 529.593154] ? kasan_check_write+0x14/0x20 [ 529.593181] ? do_raw_spin_lock+0xc1/0x200 [ 529.600177] 9pnet: Insufficient options for proto=fd [ 529.602263] oom_kill_process.cold.27+0x10/0x903 [ 529.602283] ? kasan_check_write+0x14/0x20 [ 529.602301] ? do_raw_spin_lock+0xc1/0x200 [ 529.602332] ? oom_evaluate_task+0x540/0x540 [ 529.633935] ? cgroup_procs_next+0x70/0x70 [ 529.638195] ? _raw_spin_unlock_irq+0x60/0x80 [ 529.642701] ? oom_badness+0xaa0/0xaa0 [ 529.646598] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 529.651343] ? mem_cgroup_iter_break+0x30/0x30 [ 529.655937] ? mark_held_locks+0xc7/0x130 [ 529.660104] out_of_memory+0xa84/0x1430 [ 529.664081] ? lockdep_hardirqs_on+0x421/0x5c0 [ 529.668655] ? kasan_check_read+0x11/0x20 [ 529.672827] ? oom_killer_disable+0x3a0/0x3a0 [ 529.677322] ? kasan_check_write+0x14/0x20 [ 529.681574] ? do_raw_spin_lock+0xc1/0x200 [ 529.685818] mem_cgroup_out_of_memory+0x15e/0x210 [ 529.690652] ? memcg_memory_event+0x40/0x40 [ 529.694974] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 529.699909] ? page_counter_try_charge+0x1c1/0x220 [ 529.704843] try_charge+0xc43/0x1690 [ 529.708578] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 529.714948] ? graph_lock+0x170/0x170 [ 529.718740] ? handle_mm_fault+0x56e/0xc70 [ 529.722965] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 529.728504] ? check_preemption_disabled+0x48/0x200 [ 529.733539] ? check_preemption_disabled+0x48/0x200 [ 529.738615] ? mark_held_locks+0xc7/0x130 [ 529.742766] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 529.747705] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 529.752638] ? lockdep_hardirqs_on+0x421/0x5c0 [ 529.757241] ? rcu_read_lock_sched_held+0x108/0x120 [ 529.762267] ? __sk_mem_raise_allocated+0x642/0x1800 [ 529.767361] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 529.772818] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 529.778355] ? check_preemption_disabled+0x48/0x200 [ 529.783381] mem_cgroup_charge_skmem+0x1e4/0x390 [ 529.788155] ? mem_cgroup_sk_free+0x90/0x90 [ 529.792493] ? trace_hardirqs_off+0x310/0x310 [ 529.796982] __sk_mem_raise_allocated+0x642/0x1800 [ 529.801923] ? sk_busy_loop_end+0x1c0/0x1c0 [ 529.806242] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 529.811779] ? alloc_pages_current+0x114/0x210 [ 529.816353] ? skb_page_frag_refill+0x1eb/0x6a0 [ 529.821031] ? sock_kzfree_s+0x60/0x60 [ 529.824934] ? _copy_from_iter_full+0x2b3/0xd20 [ 529.829619] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 529.834656] ? iov_iter_advance+0x1460/0x1460 [ 529.839184] __sk_mem_schedule+0x6d/0xe0 [ 529.843269] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 529.848809] tcp_sendmsg_locked+0x1c86/0x3f00 [ 529.853335] ? tcp_sendpage+0x60/0x60 [ 529.857168] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 529.862629] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 529.868171] ? check_preemption_disabled+0x48/0x200 [ 529.873190] ? smack_netlabel+0xda/0x180 [ 529.877271] ? smack_netlabel+0xda/0x180 [ 529.881356] ? find_held_lock+0x36/0x1c0 [ 529.885419] ? mark_held_locks+0xc7/0x130 [ 529.889575] ? __local_bh_enable_ip+0x160/0x260 [ 529.894252] ? __local_bh_enable_ip+0x160/0x260 [ 529.898946] ? trace_hardirqs_on+0xbd/0x310 [ 529.903291] ? lock_release+0x970/0x970 [ 529.907265] ? lock_sock_nested+0xe2/0x120 [ 529.911510] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 529.916951] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 529.922479] ? check_preemption_disabled+0x48/0x200 [ 529.927484] ? lock_sock_nested+0x9a/0x120 [ 529.931707] ? lock_sock_nested+0x9a/0x120 [ 529.935942] ? __local_bh_enable_ip+0x160/0x260 [ 529.940641] tcp_sendmsg+0x2f/0x50 [ 529.944187] inet_sendmsg+0x1a1/0x690 [ 529.947977] ? ipip_gro_receive+0x100/0x100 [ 529.952288] ? smack_socket_sendmsg+0x150/0x190 [ 529.956947] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 529.962475] ? security_socket_sendmsg+0x94/0xc0 [ 529.967243] ? ipip_gro_receive+0x100/0x100 [ 529.971565] sock_sendmsg+0xd5/0x120 [ 529.975290] __sys_sendto+0x3d7/0x670 [ 529.979083] ? __ia32_sys_getpeername+0xb0/0xb0 [ 529.983764] ? lock_release+0x970/0x970 [ 529.987753] ? arch_local_save_flags+0x40/0x40 [ 529.992356] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 529.997840] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 530.003384] ? put_timespec64+0x10f/0x1b0 [ 530.007540] ? nsecs_to_jiffies+0x30/0x30 [ 530.011685] ? do_syscall_64+0x9a/0x820 [ 530.015653] ? do_syscall_64+0x9a/0x820 [ 530.019625] ? lockdep_hardirqs_on+0x421/0x5c0 [ 530.024207] ? trace_hardirqs_on+0xbd/0x310 [ 530.028525] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 530.034091] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 530.039468] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 530.044913] __x64_sys_sendto+0xe1/0x1a0 [ 530.048970] do_syscall_64+0x1b9/0x820 [ 530.052849] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 530.058204] ? syscall_return_slowpath+0x5e0/0x5e0 [ 530.063149] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 530.067998] ? trace_hardirqs_on_caller+0x310/0x310 [ 530.073017] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 530.078059] ? prepare_exit_to_usermode+0x291/0x3b0 [ 530.083130] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 530.087990] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 530.093179] RIP: 0033:0x457579 [ 530.096369] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 530.115268] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 530.122975] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 530.130260] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 530.137552] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 530.144873] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 530.152127] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff 19:57:46 executing program 1: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000380)) epoll_ctl$EPOLL_CTL_DEL(r1, 0x2, r0) tee(r1, r0, 0x39056a26, 0x8) [ 530.163649] Task in /syz5 killed as a result of limit of /syz5 [ 530.198614] memory: usage 204800kB, limit 204800kB, failcnt 435051 [ 530.205767] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 530.212583] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 530.221111] Memory cgroup stats for /syz5: cache:32KB rss:2160KB rss_huge:2048KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:2216KB inactive_file:0KB active_file:0KB unevictable:0KB [ 530.241789] Memory cgroup out of memory: Kill process 14608 (syz-executor5) score 171 or sacrifice child [ 530.251713] Killed process 14608 (syz-executor5) total-vm:70604kB, anon-rss:2144kB, file-rss:32832kB, shmem-rss:0kB [ 530.266944] oom_reaper: reaped process 14608 (syz-executor5), now anon-rss:0kB, file-rss:32824kB, shmem-rss:0kB 19:57:47 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x11000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:47 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="2c006f47e203b04c78c15be944f08801839edb2e1547430263130b98f283aa10d15805972377ea07d734d071b8cf83fbb8e1c5eb39eb3afaf2f759c19c424794fe56c443bae60a703f6be4827a3d2b1798c4c7a814ebbd0237cd579caeb0570115f951587dc36e"]) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000400)=""/106, &(0x7f0000000100)=0x6a) 19:57:47 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375006860007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:47 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375020060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:47 executing program 1: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x8001, 0x0) ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000200)={0x6004, 0x104000}) close(r0) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) clone(0x0, &(0x7f0000000180), &(0x7f00000001c0), &(0x7f0000000000), &(0x7f0000000200)) sync_file_range(r2, 0x1, 0x5, 0x6) ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000000240)) r3 = getpid() ptrace$poke(0x5, r3, &(0x7f00000002c0), 0x3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setownex(r4, 0xf, &(0x7f0000704000)={0x2, r3}) dup2(r4, r5) ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000000040)=0x0) ioctl$DRM_IOCTL_AGP_RELEASE(r1, 0x6431) wait4(r6, 0x0, 0x1040080000000, &(0x7f0000000080)) ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000000300)={0x1, 0xfffffffffffff000, 0xeb, 0x9950, 0x1, 0x69c238a7}) 19:57:47 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375160060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:47 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x15) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000100)) 19:57:47 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d53750e0060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:47 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375003660007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:47 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d53753e0060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 530.455294] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=2, oom_score_adj=0 [ 530.479932] syz-executor5 cpuset=syz5 mems_allowed=0 [ 530.526807] CPU: 1 PID: 14667 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 530.534124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 530.534130] Call Trace: [ 530.534156] dump_stack+0x1c4/0x2b4 [ 530.534178] ? dump_stack_print_info.cold.2+0x52/0x52 [ 530.534199] ? mark_held_locks+0x130/0x130 [ 530.559175] ? mark_held_locks+0x130/0x130 [ 530.563425] dump_header+0x27b/0xf72 [ 530.563457] ? pagefault_out_of_memory+0x197/0x197 [ 530.563475] ? check_preemption_disabled+0x48/0x200 [ 530.563496] ? check_preemption_disabled+0x48/0x200 [ 530.582167] ? graph_lock+0x170/0x170 [ 530.585992] ? graph_lock+0x170/0x170 [ 530.589807] ? print_usage_bug+0xc0/0xc0 [ 530.593884] ? find_held_lock+0x36/0x1c0 [ 530.597964] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 530.603536] ? find_held_lock+0x36/0x1c0 [ 530.607623] ? mark_held_locks+0xc7/0x130 [ 530.611791] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 530.616908] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 530.622031] ? lockdep_hardirqs_on+0x421/0x5c0 [ 530.626632] ? trace_hardirqs_on+0xbd/0x310 [ 530.630971] ? kasan_check_read+0x11/0x20 [ 530.635140] ? ___ratelimit+0x36f/0x655 [ 530.639138] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 530.644593] ? trace_hardirqs_on+0x310/0x310 [ 530.649008] ? lock_downgrade+0x900/0x900 [ 530.653165] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 530.658273] ? ___ratelimit+0xaa/0x655 [ 530.662167] ? idr_get_free+0xec0/0xec0 [ 530.666145] ? kasan_check_write+0x14/0x20 [ 530.670382] ? do_raw_spin_lock+0xc1/0x200 [ 530.674630] oom_kill_process.cold.27+0x10/0x903 [ 530.679401] ? kasan_check_write+0x14/0x20 [ 530.683640] ? do_raw_spin_lock+0xc1/0x200 [ 530.687885] ? oom_evaluate_task+0x540/0x540 [ 530.692302] ? cgroup_procs_next+0x70/0x70 [ 530.696546] ? _raw_spin_unlock_irq+0x60/0x80 [ 530.701045] ? oom_badness+0xaa0/0xaa0 [ 530.704942] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 530.709702] ? mem_cgroup_iter_break+0x30/0x30 [ 530.714299] ? mark_held_locks+0xc7/0x130 [ 530.718457] out_of_memory+0xa84/0x1430 [ 530.722437] ? lockdep_hardirqs_on+0x421/0x5c0 [ 530.727026] ? kasan_check_read+0x11/0x20 [ 530.731177] ? oom_killer_disable+0x3a0/0x3a0 [ 530.735679] ? kasan_check_write+0x14/0x20 [ 530.739917] ? do_raw_spin_lock+0xc1/0x200 [ 530.744168] mem_cgroup_out_of_memory+0x15e/0x210 [ 530.749013] ? memcg_memory_event+0x40/0x40 [ 530.753346] ? mem_cgroup_charge_skmem+0x1e4/0x390 [ 530.758284] ? page_counter_try_charge+0x1c1/0x220 [ 530.763218] try_charge+0xc43/0x1690 [ 530.766950] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 530.773013] ? tcp_sendmsg+0x2f/0x50 [ 530.776734] ? sock_sendmsg+0xd5/0x120 [ 530.780625] ? __sys_sendto+0x3d7/0x670 [ 530.784629] ? __x64_sys_sendto+0xe1/0x1a0 [ 530.788867] ? do_syscall_64+0x1b9/0x820 [ 530.792933] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 530.798306] ? graph_lock+0x170/0x170 [ 530.802117] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 530.807664] ? check_preemption_disabled+0x48/0x200 [ 530.812687] ? check_preemption_disabled+0x48/0x200 [ 530.817714] ? mark_held_locks+0xc7/0x130 [ 530.821883] ? __lock_is_held+0xb5/0x140 [ 530.825952] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 530.830889] ? mem_cgroup_charge_skmem+0x1cf/0x390 [ 530.835825] ? lockdep_hardirqs_on+0x421/0x5c0 [ 530.840416] ? __sk_mem_raise_allocated+0x642/0x1800 [ 530.845543] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 530.851019] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 530.856582] ? check_preemption_disabled+0x48/0x200 [ 530.861624] mem_cgroup_charge_skmem+0x1e4/0x390 [ 530.866386] ? mem_cgroup_sk_free+0x90/0x90 [ 530.870744] __sk_mem_raise_allocated+0x642/0x1800 [ 530.875684] ? sk_busy_loop_end+0x1c0/0x1c0 [ 530.880034] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 530.885063] ? skb_page_frag_refill+0x1eb/0x6a0 [ 530.889743] ? sock_kzfree_s+0x60/0x60 [ 530.893637] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 530.898670] ? sk_stream_alloc_skb+0x34b/0x970 [ 530.903281] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 530.908296] ? skb_entail+0x618/0x8c0 [ 530.912119] ? tcp_rate_check_app_limited+0x121/0x460 [ 530.917310] ? tcp_splice_data_recv+0x1b0/0x1b0 [ 530.921985] __sk_mem_schedule+0x6d/0xe0 [ 530.926058] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 530.931607] tcp_sendmsg_locked+0x1c86/0x3f00 [ 530.936160] ? tcp_sendpage+0x60/0x60 [ 530.939963] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 530.945417] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 530.950955] ? check_preemption_disabled+0x48/0x200 [ 530.955974] ? smack_netlabel+0xda/0x180 [ 530.960054] ? smack_netlabel+0xda/0x180 [ 530.964121] ? find_held_lock+0x36/0x1c0 [ 530.968209] ? mark_held_locks+0xc7/0x130 [ 530.972362] ? __local_bh_enable_ip+0x160/0x260 [ 530.977044] ? __local_bh_enable_ip+0x160/0x260 [ 530.981724] ? trace_hardirqs_on+0xbd/0x310 [ 530.986047] ? lock_release+0x970/0x970 [ 530.990025] ? lock_sock_nested+0xe2/0x120 [ 530.994258] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 530.999713] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 531.005262] ? check_preemption_disabled+0x48/0x200 [ 531.010282] ? lock_sock_nested+0x9a/0x120 [ 531.014566] ? lock_sock_nested+0x9a/0x120 [ 531.018811] ? __local_bh_enable_ip+0x160/0x260 [ 531.023488] tcp_sendmsg+0x2f/0x50 [ 531.027046] inet_sendmsg+0x1a1/0x690 [ 531.030853] ? ipip_gro_receive+0x100/0x100 [ 531.035179] ? smack_socket_sendmsg+0x150/0x190 [ 531.039852] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 531.045395] ? security_socket_sendmsg+0x94/0xc0 [ 531.050151] ? ipip_gro_receive+0x100/0x100 [ 531.054478] sock_sendmsg+0xd5/0x120 [ 531.058195] __sys_sendto+0x3d7/0x670 [ 531.062036] ? __ia32_sys_getpeername+0xb0/0xb0 [ 531.066742] ? lock_release+0x970/0x970 [ 531.070718] ? arch_local_save_flags+0x40/0x40 [ 531.075318] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 531.080822] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 531.086374] ? put_timespec64+0x10f/0x1b0 [ 531.090524] ? nsecs_to_jiffies+0x30/0x30 [ 531.094681] ? do_syscall_64+0x9a/0x820 [ 531.098661] ? do_syscall_64+0x9a/0x820 [ 531.102640] ? lockdep_hardirqs_on+0x421/0x5c0 [ 531.107227] ? trace_hardirqs_on+0xbd/0x310 [ 531.111561] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 531.117108] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 531.122482] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 531.127942] __x64_sys_sendto+0xe1/0x1a0 [ 531.132010] do_syscall_64+0x1b9/0x820 [ 531.135898] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 531.141267] ? syscall_return_slowpath+0x5e0/0x5e0 [ 531.146198] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 531.151044] ? trace_hardirqs_on_caller+0x310/0x310 [ 531.156068] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 531.161099] ? prepare_exit_to_usermode+0x291/0x3b0 [ 531.166144] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 531.171000] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 531.176186] RIP: 0033:0x457579 [ 531.179411] Code: 1d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 531.198416] RSP: 002b:00007f02050efc78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 531.206142] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000457579 [ 531.213427] RDX: fffffffffffffe4e RSI: 0000000020000000 RDI: 0000000000000003 [ 531.220696] RBP: 000000000072bf00 R08: 00000000200000c0 R09: 0000000000000006 [ 531.227964] R10: 00000000000000c0 R11: 0000000000000246 R12: 00007f02050f06d4 [ 531.235235] R13: 00000000004c3929 R14: 00000000004d57c0 R15: 00000000ffffffff [ 531.251753] Task in /syz5 killed as a result of limit of /syz5 [ 531.264837] memory: usage 204800kB, limit 204800kB, failcnt 435148 [ 531.271188] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 531.271204] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 531.290437] Memory cgroup stats for /syz5: cache:32KB rss:60KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:156KB inactive_file:0KB active_file:0KB unevictable:0KB [ 531.310863] Memory cgroup out of memory: Kill process 14666 (syz-executor5) score 161 or sacrifice child 19:57:48 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375020060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:48 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375110060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 531.333734] Killed process 14666 (syz-executor5) total-vm:70472kB, anon-rss:96kB, file-rss:32832kB, shmem-rss:0kB [ 531.389113] oom_reaper: reaped process 14666 (syz-executor5), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB 19:57:48 executing program 1: pipe(&(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xd, 0xffffffffffffffff, 0x0) readv(r0, &(0x7f0000000300)=[{&(0x7f0000000200)=""/62, 0x3e}], 0x1) ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000040)={0x4, &(0x7f0000000000)=[{}, {0x0}, {}, {}]}) ioctl$DRM_IOCTL_UNLOCK(r1, 0x4008642b, &(0x7f0000000080)={r2, 0x3}) close(r1) 19:57:48 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375006260007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:48 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB="626a21a07ba5fdb107e049290c183d771bba20d30ec82d17013f23a93b8cd0efadc9e5f9bc16f5ee00832747d726e623fd8f9c9052789e73ff6050b86d6d830a1670b965de79ea8faa139816beccf4d3"]) write$P9_RREADDIR(r1, &(0x7f0000000100)=ANY=[@ANYBLOB="2a000000e9120000000000000000000eb5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400d29443a16b56b562349e"], 0x2a) r2 = syz_open_dev$usbmon(&(0x7f00000001c0)='/dev/usbmon#\x00', 0x0, 0x40) pipe(&(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000400)=r3, 0x4) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f0000000600)=ANY=[@ANYBLOB="2a000000290100000000000000000000005e04d7a4"], 0x1b9) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000005c0)='9p\x00', 0x0, &(0x7f00000007c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB="0002ed0300000071296f4eaf6333f1f3d1ca05dc6050a272d9305024d3e646555730d9aca8b2c99b40eec2a1e6233734c12b30e6d673a30af601bbe690eb9b5a8d6c91253d1cd003d21e77f04320fadaabbb837e0629d708e694db6d489fcc3b0b082f40aba301649c55d8d6bec979ce34590d1703945d8889b314f21146bb7ea9b2b0ad6476e246435468bae54566ffb5a9ee90fc886bd929e05ac13008de8879bac77092e36b4cbc0b4401198769963dbd157f650c2d554929832d342eec93fc91e62185426fb744aa0152baac613f800bfd60ba3406ed222396708f8ef7a75f658da894e762a0fba2965d1319b60da0238ef33e91a0bcf4602490cdd3859b6f00000000000000000000000000000000", @ANYRESHEX=r1, @ANYBLOB=',\x00']) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') 19:57:48 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x1100000000000000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:48 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375001660007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:48 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d53750a0060007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 531.571380] syz-executor5 invoked oom-killer: gfp_mask=0x7080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0 [ 531.593770] syz-executor5 cpuset=syz5 mems_allowed=0 19:57:48 executing program 1: openat$smack_task_current(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/self/attr/current\x00', 0x2, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000140)='./file0\x00', 0x0) mount(&(0x7f00000001c0)=ANY=[], &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) write$input_event(r0, &(0x7f00000000c0)={{r2, r3/1000+10000}, 0x12, 0x9, 0x400000000003}, 0xffffffffffffff9b) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) [ 531.616576] CPU: 0 PID: 14707 Comm: syz-executor5 Not tainted 4.19.0-rc6+ #41 [ 531.623891] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 531.633296] Call Trace: [ 531.635900] dump_stack+0x1c4/0x2b4 [ 531.639552] ? dump_stack_print_info.cold.2+0x52/0x52 [ 531.644765] dump_header+0x27b/0xf72 [ 531.648506] ? mark_held_locks+0x130/0x130 [ 531.652768] ? pagefault_out_of_memory+0x197/0x197 [ 531.657711] ? check_preemption_disabled+0x48/0x200 [ 531.662771] ? check_preemption_disabled+0x48/0x200 [ 531.667812] ? graph_lock+0x170/0x170 [ 531.671645] ? graph_lock+0x170/0x170 [ 531.675468] ? print_usage_bug+0xc0/0xc0 [ 531.679588] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 531.685156] ? find_held_lock+0x36/0x1c0 [ 531.689249] ? mark_held_locks+0xc7/0x130 [ 531.693412] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 531.698536] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 531.703653] ? lockdep_hardirqs_on+0x421/0x5c0 [ 531.708248] ? trace_hardirqs_on+0xbd/0x310 [ 531.712824] ? kasan_check_read+0x11/0x20 [ 531.716988] ? ___ratelimit+0x36f/0x655 19:57:48 executing program 1: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet6_int(r1, 0x29, 0x1000000000004d, &(0x7f0000534000), &(0x7f0000000040)=0x4) r2 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x0, 0x2) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r2, 0x84, 0x12, &(0x7f00000000c0)=0x100000001, 0x4) getsockopt$XDP_STATISTICS(r2, 0x11b, 0x7, &(0x7f0000000100), &(0x7f0000000140)=0x18) [ 531.720980] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 531.726465] ? trace_hardirqs_on+0x310/0x310 [ 531.730896] ? lock_downgrade+0x900/0x900 [ 531.735075] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 531.740232] ? ___ratelimit+0xaa/0x655 [ 531.744137] ? idr_get_free+0xec0/0xec0 [ 531.748121] ? kasan_check_write+0x14/0x20 [ 531.752367] ? do_raw_spin_lock+0xc1/0x200 [ 531.756629] oom_kill_process.cold.27+0x10/0x903 [ 531.761399] ? kasan_check_write+0x14/0x20 [ 531.765647] ? do_raw_spin_lock+0xc1/0x200 [ 531.769897] ? oom_evaluate_task+0x540/0x540 [ 531.774325] ? cgroup_procs_next+0x70/0x70 [ 531.777088] 9pnet: Insufficient options for proto=fd [ 531.778578] ? _raw_spin_unlock_irq+0x60/0x80 [ 531.778616] ? oom_badness+0xaa0/0xaa0 [ 531.778635] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 531.778655] ? mem_cgroup_iter_break+0x30/0x30 [ 531.788910] 9pnet: Insufficient options for proto=fd [ 531.792157] ? cgroup_file_notify+0x226/0x2f0 [ 531.792179] out_of_memory+0xa84/0x1430 [ 531.792199] ? lockdep_hardirqs_on+0x421/0x5c0 19:57:48 executing program 3: pipe2$9p(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RUNLINKAT(r1, &(0x7f0000000040)={0xffffffffffffffca}, 0x7) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount$9p_fd(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000340)='9p\x00', 0x0, &(0x7f0000000380)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) write$P9_RREADDIR(r1, &(0x7f0000000480)=ANY=[@ANYBLOB="2a000000290100000000000000000000b5e6bdbed0770cf084fe43b7ef984c3e0000a73d11108f872400"], 0x2a) write$P9_RGETATTR(r1, &(0x7f0000000200)={0xa0, 0x19, 0x1}, 0xa0) write$P9_RREADDIR(r1, &(0x7f00000004c0)=ANY=[@ANYBLOB="84000000290100000000000000000000005e04d7a4f5f27402c35102b562f3b28f507a0f97bc14921e55fdce8fad9fd4e9f3b36a3a2ce733dd8e2fbd9556776be86cf2c04e3f6edac531aa886dc989d80c352d7cd901d3711a45c64cc04c413eeefb39894a7258d03e6c2dc8a9ee98e07c8543ebb820749c296c3dc648748859e97dad9e59f0c6504e8ffad30a8dbf691e2a9c27e10033de0e48b087a0314fec410469b40236f897384bc2fe5b87"], 0x15) getrandom(&(0x7f0000000100)=""/34, 0x22, 0x3) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000002c0)='9p\x00', 0x850, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) lremovexattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.posix_acl_default\x00') r2 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000440)='/dev/vhci\x00', 0x80000, 0x0) getsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000580)=0x6, &(0x7f00000005c0)=0x2) r3 = fcntl$dupfd(r1, 0x406, r0) getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x0, 0x482, &(0x7f00000001c0)=""/11, &(0x7f00000003c0)=0xb) [ 531.800347] 9pnet: Insufficient options for proto=fd [ 531.801604] ? kasan_check_read+0x11/0x20 [ 531.801624] ? oom_killer_disable+0x3a0/0x3a0 [ 531.801639] ? kasan_check_write+0x14/0x20 [ 531.801660] ? do_raw_spin_lock+0xc1/0x200 [ 531.809447] 9pnet: Insufficient options for proto=fd [ 531.811261] mem_cgroup_out_of_memory+0x15e/0x210 [ 531.811278] ? memcg_memory_event+0x40/0x40 [ 531.811292] ? memcg_kmem_charge_memcg+0x7c/0x120 [ 531.811312] ? page_counter_try_charge+0x1c1/0x220 [ 531.837845] try_charge+0xc43/0x1690 [ 531.837864] ? lock_downgrade+0x900/0x900 [ 531.837882] ? check_preemption_disabled+0x48/0x200 [ 531.837905] ? mem_cgroup_count_precharge_pte_range+0x760/0x760 [ 531.847230] ? find_held_lock+0x36/0x1c0 [ 531.847255] ? get_mem_cgroup_from_mm+0x1e9/0x440 [ 531.847283] ? lock_downgrade+0x900/0x900 [ 531.847310] ? check_preemption_disabled+0x48/0x200 [ 531.847332] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 531.847348] ? kasan_check_read+0x11/0x20 [ 531.909121] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 531.909137] ? rcu_bh_qs+0xc0/0xc0 [ 531.909166] ? get_mem_cgroup_from_mm+0x206/0x440 [ 531.909200] memcg_kmem_charge_memcg+0x7c/0x120 [ 531.909219] ? memcg_kmem_put_cache+0xb0/0xb0 [ 531.918672] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 531.918701] memcg_kmem_charge+0x135/0x300 [ 531.918723] __alloc_pages_nodemask+0x72e/0xde0 [ 531.918740] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 531.918755] ? lock_downgrade+0x900/0x900 [ 531.918775] ? __alloc_pages_slowpath+0x2d80/0x2d80 [ 531.927194] ? check_preemption_disabled+0x48/0x200 [ 531.927219] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 531.927233] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 531.927246] ? percpu_ref_put_many+0x13e/0x260 [ 531.927261] ? rcu_pm_notify+0xc0/0xc0 [ 531.927286] ? copy_process+0x1ff4/0x8780 [ 531.993484] ? rcu_read_lock_sched_held+0x108/0x120 [ 531.998490] ? kmem_cache_alloc_node+0x349/0x730 [ 532.003252] ? kasan_check_write+0x14/0x20 [ 532.007502] ? do_raw_spin_lock+0xc1/0x200 [ 532.011752] copy_process+0xa09/0x8780 [ 532.015646] ? print_usage_bug+0xc0/0xc0 [ 532.019715] ? __lock_acquire+0x7ec/0x4ec0 [ 532.023936] ? print_usage_bug+0xc0/0xc0 [ 532.027993] ? lock_downgrade+0x900/0x900 [ 532.032166] ? check_preemption_disabled+0x48/0x200 [ 532.037193] ? __cleanup_sighand+0x70/0x70 [ 532.041451] ? mark_held_locks+0x130/0x130 [ 532.045678] ? print_usage_bug+0xc0/0xc0 [ 532.049729] ? print_usage_bug+0xc0/0xc0 [ 532.053779] ? mark_held_locks+0x130/0x130 [ 532.058004] ? __lock_acquire+0x7ec/0x4ec0 [ 532.062231] ? __lock_acquire+0x7ec/0x4ec0 [ 532.066453] ? graph_lock+0x170/0x170 [ 532.070260] ? check_preemption_disabled+0x48/0x200 [ 532.075280] ? check_preemption_disabled+0x48/0x200 [ 532.080302] ? mark_held_locks+0x130/0x130 [ 532.084529] ? print_usage_bug+0xc0/0xc0 [ 532.088590] ? find_held_lock+0x36/0x1c0 [ 532.092652] ? find_held_lock+0x36/0x1c0 [ 532.096704] ? print_usage_bug+0xc0/0xc0 [ 532.100754] ? __lock_acquire+0x7ec/0x4ec0 [ 532.104982] ? lock_downgrade+0x900/0x900 [ 532.109120] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 532.114662] ? check_preemption_disabled+0x48/0x200 [ 532.119673] ? check_preemption_disabled+0x48/0x200 [ 532.124684] ? __lock_acquire+0x7ec/0x4ec0 [ 532.128912] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 532.134454] ? mark_held_locks+0x130/0x130 [ 532.138693] ? rcu_read_unlock+0x16/0x60 [ 532.142760] ? lock_downgrade+0x900/0x900 [ 532.146895] ? check_preemption_disabled+0x48/0x200 [ 532.151913] ? rcu_read_unlock_special.part.39+0x11f0/0x11f0 [ 532.157712] ? kasan_check_read+0x11/0x20 [ 532.161847] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 532.167113] ? graph_lock+0x170/0x170 [ 532.170911] ? rcu_read_unlock+0x33/0x60 [ 532.174966] ? find_held_lock+0x36/0x1c0 [ 532.179037] ? graph_lock+0x170/0x170 [ 532.182828] ? delayacct_end+0x25/0x100 [ 532.186801] ? lock_downgrade+0x900/0x900 [ 532.190949] ? ktime_get+0x352/0x440 [ 532.194665] ? print_usage_bug+0xc0/0xc0 [ 532.198732] ? find_held_lock+0x36/0x1c0 [ 532.202800] ? delayacct_end+0xc5/0x100 [ 532.206782] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 532.211889] ? __lock_acquire+0x7ec/0x4ec0 [ 532.216127] ? trace_hardirqs_on+0xbd/0x310 [ 532.220436] ? kasan_check_read+0x11/0x20 [ 532.224584] ? delayacct_end+0xc5/0x100 [ 532.228613] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 532.234088] ? mark_held_locks+0x130/0x130 [ 532.238318] ? delayacct_end+0x5a/0x100 [ 532.242284] ? __delayacct_freepages_end+0xe0/0x140 [ 532.247307] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 532.252851] ? do_try_to_free_pages+0xe68/0x1290 [ 532.257604] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 532.263133] ? check_preemption_disabled+0x48/0x200 [ 532.268146] ? check_preemption_disabled+0x48/0x200 [ 532.273184] ? rcu_lockdep_current_cpu_online+0x1f0/0x2d0 [ 532.278717] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 532.284009] ? rcu_pm_notify+0xc0/0xc0 [ 532.287925] ? graph_lock+0x170/0x170 [ 532.291729] ? try_to_free_mem_cgroup_pages+0x58b/0xca0 [ 532.297124] _do_fork+0x1cb/0x11d0 [ 532.300659] ? fork_idle+0x1d0/0x1d0 [ 532.304377] ? percpu_ref_put_many+0x11c/0x260 [ 532.308988] ? lock_downgrade+0x900/0x900 [ 532.313162] ? check_preemption_disabled+0x48/0x200 [ 532.318181] ? kasan_check_read+0x11/0x20 [ 532.322324] ? rcu_dynticks_curr_cpu_in_eqs+0x9f/0x160 [ 532.327629] ? rcu_bh_qs+0xc0/0xc0 [ 532.331187] ? get_mem_cgroup_from_mm+0x206/0x440 [ 532.336037] ? do_syscall_64+0x9a/0x820 [ 532.339998] ? do_syscall_64+0x9a/0x820 [ 532.343960] ? lockdep_hardirqs_on+0x421/0x5c0 [ 532.348632] ? trace_hardirqs_on+0xbd/0x310 [ 532.352955] ? trace_hardirqs_on+0x310/0x310 [ 532.357352] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 532.362712] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 532.368166] __x64_sys_clone+0xbf/0x150 [ 532.372133] do_syscall_64+0x1b9/0x820 [ 532.376030] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 532.381393] ? syscall_return_slowpath+0x5e0/0x5e0 [ 532.386307] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 532.391136] ? trace_hardirqs_on_caller+0x310/0x310 [ 532.396153] ? prepare_exit_to_usermode+0x291/0x3b0 [ 532.401174] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 532.406022] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 532.411196] RIP: 0033:0x459f49 [ 532.414375] Code: ff 48 85 f6 0f 84 47 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 1e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 532.433283] RSP: 002b:00007ffd1aecd578 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 532.440978] RAX: ffffffffffffffda RBX: 00007f02050f0700 RCX: 0000000000459f49 [ 532.448253] RDX: 00007f02050f09d0 RSI: 00007f02050efdb0 RDI: 00000000003d0f00 [ 532.455521] RBP: 00007ffd1aecd780 R08: 00007f02050f0700 R09: 00007f02050f0700 [ 532.462779] R10: 00007f02050f09d0 R11: 0000000000000202 R12: 0000000000000000 19:57:49 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375000460007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 532.470044] R13: 00007ffd1aecd62f R14: 00007f02050f09c0 R15: 0000000000000000 [ 532.491021] Task in /syz5 killed as a result of limit of /syz5 [ 532.498506] memory: usage 204800kB, limit 204800kB, failcnt 435192 [ 532.516973] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 19:57:49 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375006860007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 532.537762] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 532.556534] Memory cgroup stats for /syz5: cache:32KB rss:60KB rss_huge:0KB shmem:60KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:100KB inactive_file:0KB active_file:0KB unevictable:0KB 19:57:49 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375006860007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:49 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375003e60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 532.578873] Memory cgroup out of memory: Kill process 14707 (syz-executor5) score 161 or sacrifice child [ 532.588992] Killed process 14707 (syz-executor5) total-vm:70340kB, anon-rss:96kB, file-rss:32768kB, shmem-rss:0kB 19:57:49 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000008a00)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000000)=ANY=[@ANYBLOB="050000000000080000000009b690f20005540098f72849000000004000000000010000000000000025000000fffffffdfb080100000000000a00000006cd"]) signalfd(r0, &(0x7f0000000040)={0x5}, 0x8) ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f0000000080)=ANY=[@ANYBLOB="06000000000000008601"]) [ 532.657374] oom_reaper: reaped process 14707 (syz-executor5), now anon-rss:0kB, file-rss:32772kB, shmem-rss:0kB 19:57:49 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @dev}, 0x10) sendto$inet(r0, &(0x7f0000000040), 0x0, 0x20000800, &(0x7f0000e68000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1e}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='ip6gre0\x00', 0x10) sendto$inet(r0, &(0x7f0000000000), 0xfffffffffffffe4e, 0xc0, &(0x7f00000000c0)={0x2, 0x8e0f0000}, 0x6) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) 19:57:49 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375001160007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:49 executing program 4: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="153f6234488dd25d766070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r1, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375003e60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:49 executing program 2: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375000e60007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) 19:57:49 executing program 1: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={"766574000000000000000000bd6800", 0x43732e5398417f1a}) ioctl$TUNDETACHFILTER(r1, 0x400454d4, 0x0) r2 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r2, 0x6, 0x13, &(0x7f000068cffc)=0x1, 0x1d) setsockopt$inet_tcp_int(r2, 0x6, 0x4, &(0x7f0000000080)=0x9, 0x4) r3 = add_key(&(0x7f0000000340)='.dead\x00', &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, 0x0) r4 = add_key(&(0x7f00000003c0)='encrypted\x00', &(0x7f0000000400)={'syz', 0x1}, &(0x7f0000000440)="33b3e234d9", 0x5, 0xfffffffffffffff8) keyctl$unlink(0x9, r3, r4) connect$inet(r2, &(0x7f0000000040), 0x10) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_percpu_user\x00', 0x0, 0x0) recvfrom$llc(r5, &(0x7f00000000c0)=""/83, 0x53, 0x2000, &(0x7f0000000180)={0x1a, 0x30b, 0x2, 0x8, 0x800, 0x8}, 0x10) socketpair$inet(0x2, 0x80a, 0x1, &(0x7f00000004c0)) setsockopt$sock_int(r2, 0x1, 0x80000000009, &(0x7f0000f0fffc)=0x77a, 0x4) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r5, 0x84, 0x70, &(0x7f00000001c0)={0x0, @in6={{0xa, 0x4e20, 0x1b2, @remote}}, [0x800, 0x2, 0x81, 0x4, 0x3, 0x3, 0x1, 0x100000001, 0x1, 0x2, 0x10000, 0xffffffffffffffa2, 0x1, 0x0, 0x5]}, &(0x7f00000002c0)=0x100) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r5, 0x84, 0x19, &(0x7f0000000480)={r6, 0x3}, 0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r5, 0x84, 0x22, &(0x7f0000000300)={0x6, 0x2, 0xb71, 0x9, r6}, 0x10) 19:57:49 executing program 0: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x100, 0xff1f) sendto$inet6(r0, &(0x7f0000000080)="020300000700000000000000fff55b4202938207c9fb3780398d5375003660007929301ee616d5c01843e06590080053c0e385472da7222a2bb42f2d1594c3b50035110f118d0000f55dc62600009b000000faffffff000000aeb46245004bae1356642490a7b5fc88046a0930a36ea0cc98", 0x72, 0x0, &(0x7f0000000000)={0xa, 0x200800800, 0x2000000000d, @mcast2}, 0x1c) [ 532.978925] syz-executor1 uses obsolete (PF_INET,SOCK_PACKET) [ 605.085763] device bridge_slave_1 left promiscuous mode [ 605.092007] bridge0: port 2(bridge_slave_1) entered disabled state [ 605.140474] device bridge_slave_0 left promiscuous mode [ 605.146286] bridge0: port 1(bridge_slave_0) entered disabled state [ 607.217178] team0 (unregistering): Port device team_slave_1 removed [ 607.228182] team0 (unregistering): Port device team_slave_0 removed [ 607.240284] bond0 (unregistering): Releasing backup interface bond_slave_1 [ 607.298711] bond0 (unregistering): Releasing backup interface bond_slave_0 [ 607.354464] bond0 (unregistering): Released all slaves [ 679.684992] INFO: task syz-executor3:14728 blocked for more than 140 seconds. [ 679.692426] Not tainted 4.19.0-rc6+ #41 [ 679.697760] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 679.705811] syz-executor3 D23816 14728 5467 0x00000004 [ 679.711484] Call Trace: [ 679.714063] __schedule+0x86c/0x1ed0 [ 679.717879] ? __sched_text_start+0x8/0x8 [ 679.722044] ? mark_held_locks+0x130/0x130 [ 679.726496] ? mark_held_locks+0x130/0x130 [ 679.730740] ? graph_lock+0x170/0x170 [ 679.734528] ? graph_lock+0x170/0x170 [ 679.738399] ? print_usage_bug+0xc0/0xc0 [ 679.742474] ? mark_held_locks+0x130/0x130 [ 679.746809] ? graph_lock+0x170/0x170 [ 679.750630] ? find_held_lock+0x36/0x1c0 [ 679.754692] schedule+0xfe/0x460 [ 679.758123] ? __schedule+0x1ed0/0x1ed0 [ 679.762092] ? lockdep_hardirqs_on+0x421/0x5c0 [ 679.766717] ? trace_hardirqs_on+0xbd/0x310 [ 679.771029] ? kasan_check_read+0x11/0x20 [ 679.775245] ? __rwsem_down_write_failed_common+0x8db/0x1670 [ 679.781076] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 679.786598] ? kasan_check_write+0x14/0x20 [ 679.790845] ? do_raw_spin_lock+0xc1/0x200 [ 679.795139] __rwsem_down_write_failed_common+0xbb9/0x1670 [ 679.800794] ? rwsem_spin_on_owner+0xa30/0xa30 [ 679.805476] ? mark_held_locks+0x130/0x130 [ 679.809751] ? rcu_bh_qs+0xc0/0xc0 [ 679.813306] ? rcu_bh_qs+0xc0/0xc0 [ 679.816925] ? unwind_dump+0x190/0x190 [ 679.820831] ? is_bpf_text_address+0xd3/0x170 [ 679.826124] ? __lock_acquire+0x7ec/0x4ec0 [ 679.830361] ? __save_stack_trace+0x8d/0xf0 [ 679.834679] ? graph_lock+0x170/0x170 [ 679.838645] ? mark_held_locks+0x130/0x130 [ 679.842906] ? save_stack+0xa9/0xd0 [ 679.846587] ? save_stack+0x43/0xd0 [ 679.850227] ? kasan_slab_free+0xe/0x10 [ 679.854188] ? kmem_cache_free+0x83/0x290 [ 679.858391] ? putname+0xf2/0x130 [ 679.861861] ? filename_lookup+0x39a/0x520 [ 679.866156] ? user_path_at_empty+0x40/0x50 [ 679.870487] ? path_removexattr+0xc1/0x210 [ 679.874875] ? __x64_sys_lremovexattr+0x56/0x80 [ 679.879556] ? do_syscall_64+0x1b9/0x820 [ 679.883613] ? __lock_is_held+0xb5/0x140 [ 679.887755] ? lock_acquire+0x1ed/0x520 [ 679.891742] ? vfs_removexattr+0x8a/0x1e0 [ 679.895958] ? lock_release+0x970/0x970 [ 679.899941] ? arch_local_save_flags+0x40/0x40 [ 679.904519] ? check_preemption_disabled+0x48/0x200 [ 679.909633] rwsem_down_write_failed+0xe/0x10 [ 679.914147] ? rwsem_down_write_failed+0xe/0x10 [ 679.918883] call_rwsem_down_write_failed+0x17/0x30 [ 679.923915] down_write+0xa5/0x130 [ 679.927641] ? vfs_removexattr+0x8a/0x1e0 [ 679.931812] ? down_read+0x1d0/0x1d0 [ 679.935631] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 679.941175] ? xattr_permission+0x261/0x310 [ 679.945581] vfs_removexattr+0x8a/0x1e0 [ 679.949550] removexattr+0xd3/0x130 [ 679.953161] ? vfs_removexattr+0x1e0/0x1e0 [ 679.958047] ? __lock_is_held+0xb5/0x140 [ 679.962105] ? preempt_count_add+0x7d/0x160 [ 679.966690] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 679.972280] ? __mnt_want_write+0x327/0x420 [ 679.976749] ? may_umount_tree+0x210/0x210 [ 679.980978] ? rcu_read_lock_sched_held+0x108/0x120 [ 679.986061] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 679.991592] ? __sb_start_write+0x1b2/0x370 [ 679.996012] path_removexattr+0x1b9/0x210 [ 680.000152] ? removexattr+0x130/0x130 [ 680.004023] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 680.009434] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 680.014910] __x64_sys_lremovexattr+0x56/0x80 [ 680.019392] do_syscall_64+0x1b9/0x820 [ 680.023262] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 680.028726] ? syscall_return_slowpath+0x5e0/0x5e0 [ 680.033801] ? trace_hardirqs_on_caller+0x310/0x310 [ 680.039012] ? prepare_exit_to_usermode+0x3b0/0x3b0 [ 680.044074] ? recalc_sigpending_tsk+0x180/0x180 [ 680.049246] ? kasan_check_write+0x14/0x20 [ 680.053479] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 680.058362] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 680.063540] RIP: 0033:0x457579 [ 680.066783] Code: 24 08 48 89 01 e8 d7 2d fc ff e8 22 7a fc ff b8 02 00 00 00 48 8d 0d 6a 60 09 01 87 01 8b 05 62 60 09 01 83 f8 01 0f 85 8a 00 <00> 00 b8 01 00 00 00 88 05 9e 65 09 01 84 c0 74 72 b8 01 00 00 00 [ 680.086363] RSP: 002b:00007fc69ca86c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000c6 [ 680.094070] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 0000000000457579 [ 680.101544] RDX: 0000000000000000 RSI: 0000000020000180 RDI: 0000000020000140 [ 680.108861] RBP: 000000000072bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 680.116174] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc69ca876d4 [ 680.123569] R13: 00000000004c270f R14: 00000000004d38d0 R15: 00000000ffffffff [ 680.130905] [ 680.130905] Showing all locks held in the system: [ 680.137253] 1 lock held by khungtaskd/983: [ 680.141470] #0: 0000000041efcd5d (rcu_read_lock){....}, at: debug_show_all_locks+0xd0/0x424 [ 680.150136] 1 lock held by rsyslogd/5275: [ 680.154272] #0: 000000009bd041ae (&f->f_pos_lock){+.+.}, at: __fdget_pos+0x1bb/0x200 [ 680.162299] 2 locks held by getty/5366: [ 680.166430] #0: 000000001daaf2a3 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 680.174844] #1: 0000000070edd4b8 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 680.183885] 2 locks held by getty/5367: [ 680.187905] #0: 00000000ce0ed618 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 680.196191] #1: 0000000038e4a4cd (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 680.205113] 2 locks held by getty/5368: [ 680.209084] #0: 00000000f9cd3f68 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 680.217947] #1: 00000000e9557c70 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 680.226853] 2 locks held by getty/5369: [ 680.230807] #0: 000000009b149ab1 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 680.239123] #1: 0000000072a26883 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 680.248017] 2 locks held by getty/5370: [ 680.252049] #0: 00000000808d48f9 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 680.260351] #1: 00000000b77d3ed9 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 680.269256] 2 locks held by getty/5371: [ 680.273211] #0: 000000003ccb6b4d (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 680.281505] #1: 000000003fe59a8c (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 680.290420] 2 locks held by getty/5372: [ 680.294376] #0: 000000003a6c9bb1 (&tty->ldisc_sem){++++}, at: ldsem_down_read+0x32/0x40 [ 680.302694] #1: 000000005bddfa49 (&ldata->atomic_read_lock){+.+.}, at: n_tty_read+0x335/0x1ce0 [ 680.311626] 2 locks held by syz-executor3/14727: [ 680.316434] #0: 000000004879755e (sb_writers#13){.+.+}, at: mnt_want_write+0x3f/0xc0 [ 680.324418] #1: 00000000d1c72ca2 (&sb->s_type->i_mutex_key#19){++++}, at: vfs_removexattr+0x8a/0x1e0 [ 680.334132] 2 locks held by syz-executor3/14728: [ 680.338924] #0: 000000004879755e (sb_writers#13){.+.+}, at: mnt_want_write+0x3f/0xc0 [ 680.347493] #1: 00000000d1c72ca2 (&sb->s_type->i_mutex_key#19){++++}, at: vfs_removexattr+0x8a/0x1e0 [ 680.356965] [ 680.358587] ============================================= [ 680.358587] [ 680.365683] NMI backtrace for cpu 1 [ 680.369304] CPU: 1 PID: 983 Comm: khungtaskd Not tainted 4.19.0-rc6+ #41 [ 680.376124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 680.385460] Call Trace: [ 680.388040] dump_stack+0x1c4/0x2b4 [ 680.391663] ? dump_stack_print_info.cold.2+0x52/0x52 [ 680.396840] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 680.402377] nmi_cpu_backtrace.cold.3+0x63/0xa2 [ 680.407097] ? lapic_can_unplug_cpu.cold.27+0x3f/0x3f [ 680.412274] nmi_trigger_cpumask_backtrace+0x1b3/0x1ed [ 680.417536] arch_trigger_cpumask_backtrace+0x14/0x20 [ 680.422769] watchdog+0xb3e/0x1050 [ 680.426313] ? reset_hung_task_detector+0xd0/0xd0 [ 680.431143] ? __kthread_parkme+0xce/0x1a0 [ 680.435361] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 680.440481] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 680.445586] ? lockdep_hardirqs_on+0x421/0x5c0 [ 680.450164] ? trace_hardirqs_on+0xbd/0x310 [ 680.454476] ? kasan_check_read+0x11/0x20 [ 680.458623] ? __kthread_parkme+0xce/0x1a0 [ 680.462974] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 680.468434] ? kasan_check_write+0x14/0x20 [ 680.472667] ? do_raw_spin_lock+0xc1/0x200 [ 680.476900] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 680.481995] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 680.487520] ? __kthread_parkme+0xfb/0x1a0 [ 680.491743] kthread+0x35a/0x420 [ 680.495102] ? reset_hung_task_detector+0xd0/0xd0 [ 680.499928] ? kthread_bind+0x40/0x40 [ 680.503726] ret_from_fork+0x3a/0x50 [ 680.507663] Sending NMI from CPU 1 to CPUs 0: [ 680.512238] NMI backtrace for cpu 0 skipped: idling at native_safe_halt+0x6/0x10 [ 680.514064] Kernel panic - not syncing: hung_task: blocked tasks [ 680.526145] CPU: 1 PID: 983 Comm: khungtaskd Not tainted 4.19.0-rc6+ #41 [ 680.533092] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 680.542468] Call Trace: [ 680.545058] dump_stack+0x1c4/0x2b4 [ 680.548685] ? dump_stack_print_info.cold.2+0x52/0x52 [ 680.554190] panic+0x238/0x4e7 [ 680.557368] ? add_taint.cold.5+0x16/0x16 [ 680.561519] ? nmi_trigger_cpumask_backtrace+0x16a/0x1ed [ 680.567090] ? nmi_trigger_cpumask_backtrace+0x1c4/0x1ed [ 680.572530] ? nmi_trigger_cpumask_backtrace+0x173/0x1ed [ 680.578072] ? nmi_trigger_cpumask_backtrace+0x16a/0x1ed [ 680.583529] watchdog+0xb4f/0x1050 [ 680.587066] ? reset_hung_task_detector+0xd0/0xd0 [ 680.591907] ? __kthread_parkme+0xce/0x1a0 [ 680.596134] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 680.601221] ? _raw_spin_unlock_irqrestore+0x82/0xd0 [ 680.606312] ? lockdep_hardirqs_on+0x421/0x5c0 [ 680.610879] ? trace_hardirqs_on+0xbd/0x310 [ 680.615191] ? kasan_check_read+0x11/0x20 [ 680.619323] ? __kthread_parkme+0xce/0x1a0 [ 680.623544] ? __bpf_trace_preemptirq_template+0x30/0x30 [ 680.628999] ? kasan_check_write+0x14/0x20 [ 680.633251] ? do_raw_spin_lock+0xc1/0x200 [ 680.637506] ? _raw_spin_unlock_irqrestore+0x6d/0xd0 [ 680.642703] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 680.648259] ? __kthread_parkme+0xfb/0x1a0 [ 680.652504] kthread+0x35a/0x420 [ 680.655864] ? reset_hung_task_detector+0xd0/0xd0 [ 680.660702] ? kthread_bind+0x40/0x40 [ 680.664497] ret_from_fork+0x3a/0x50 [ 680.669852] Kernel Offset: disabled [ 680.673485] Rebooting in 86400 seconds..