f2a5474217057c697052425f003c956ed582a8baf48a6a4c46724ebc218cb56e54873949ba9afa011ffeda9a85047da8183a3b21ed382465a2418a077cb4d503ae933173c8d18af0d4ec108c1abf5ce99f126bf2797e9c019aa79ea527b6278bea0035bcf9b63759175768548f239614031a14325bb7780abf76f91f936e1000af9dbf6505897e432b8cc7ebe7839b9c676e784636396252b5f78d7afd6464f68e9f4a6392e27af70bd02cce4b966f09891a4b454845c1bd8365ca437e2954e8a3aac59ecd53ddc686b666344123f6a721fc6c42c8aae0bc5009404938ae35dfa84538e039fa9f5123c0a1a04dc0d30178ba6166d99e0b51ccbd0bf73b48ceb7f27744b1ab58a8ccc173a603aaf77e6f8a7d3fec87ae06a9a9efae302e73bc8eb15d29ad0a9818e91e48be2362943d1f7798ec0aa5853247bf099b6549c893f10d54677b83dc6e0633544899de22cc2b3722698cae7eb9a0b624581076f190a77576e9a03a0fdf4bcdf3b5c054319c7c3ef6f13161f7ca5b3607b18657aa49e66c154d13339053f97cecb5f635eb6174d360e7230bdcce62aebf6c82b7e09f408d593701d5dfd58b432145c57b78fc9426aec7a04a571da0140ce5df86ab1756b22fcd046e2199f1ab055d403f65df68573ccca3d5f8ee25cde968cbb6c0b140b954459ed3653be0821e19f74be36b9f8be4d3ae058c6945dc40f04bdf8c4faf3aa8b760caa28060e06a6ff7ab6a74629e07e7319c157a8d43b3b390756fbe7e7458c1ebf9f899c391106f3d0d3787950fd983949d60bc19c6846cff08fb020b8af6aed1930a97380c14f82b249c3d6c8ffc006eeafbcf48da35080ca95e66bfd17e6580912ae729f2f983584d0c60662a1e30dd2ba45c26bd1bb0d64c09a0f103783fabcb5cf9ea5a10a2368bd5526120a7373b4c57f5f53b07f432aa0bef100705d3aff596cca34fbf4c864214ca3f53f94cb17f71e07033e1c76c7ca303e6955c6ac05782b035f77c6075021dbf1a71c76129bce72c5968a524f1ae50668f0516a2d22c543c19b195d4504f525c19ae319b7cd736b7f0d80f99165cb0dafa3ed647659080847415090f3be14e96d8c985edffa68b5f03c6aaaeed200053170c63a6b48479db0044a9e8f5b46b16df7be09a8995d9b5e9ccd15aa8eb421730db48babd8f3cb1dfda6724b9bfdbfc7ac6eb5c87709e5b64f5170c3374f35430e3d3aeacc692c890bc8138b30427cdf13c106bed2f97d49019a029b2cc099b12c354cc3b76438e7a6e7b3e126b8a29178af082e531fda4b8f3f576ebfe1fc660b68823ba18bb5e294983a0d355773726337191812dae3683c7a7d0c378d3bc40b53d9a87c05ebcae64e9a11c9e181f41dc868dccb822dee73da903b81f4c032b30beda95b90fe1a8461d9b5adc10c439efec3aadaefbb7ebd91d188c31ee93ea73e632705badc2fb121dd4148e584401a8057792bdae209880fbe896e7f8a5480796895c21407d0b0923eaed53ff68aa54d9067bac739ea9eaac759eb566abcf34c07e6eefd1ba3708e5c9a58c56e1a315aef6bf49f8818e20cab203460e8b37237d4c2629f0fe3cce640eb89ee856f237ca054ac241200b446f11ad23c3a64249fdfc64e5c95b65a089de36e9549faaec46e8699b325d54ffda7b470d6d95b30d38c116efc935b0cdec219b873c8b555db7f70db6e704395e52904a32bc3608a498f222ac14d8287d4a001ed0d939e65fe61bc52c1c857ac914bfee253f0a23b91c325828b20c38f8dfdf8e8d72ad24d367fa27edaf051cb03b504665cb21cc3ec39c2f437b9e06aa25a45aa0fc2de6e4bf97b1e23c1ef5dcd98a50b8923fd95d13c6ce156ee31815e170ebb3a713160f69c046444d9ae5b12d14993eb98e6ec0f6ab33d0e98c4f3ebefdc4f0127f5900d03d56a4a7c19246a1fc26566650207a5d14873fcd6c979730069452dce755bd117df3b289f4c5e67d522fb9f1006255dd7e89c49d4164b52c65c5193aa32122e487913e9ab32737fa31c97901857af3a60477a64d1137bc23943a230ae85b9f6abf31b44b2d2ac7da20958fdb6c6e290b63bda07e78c0ba9705947100ad7219108621ba81a5f2c9a6fdcd286becfd3a2b219109bb97f3f608262a784f5694143c016355cc6a002e6fcadeae53d364adf62212e34bd94e9f510ea5bd9cf2543dcf44cade79ff66ad7be91d2e5d3ce2247e4757109feb82de7ef52869d8d41c5feadf7ef1f45620c118999038b7d344d4eaff795525f6e0034c87f1a902f27e5afaa4592e87d4656d564b2eb283fdf2403341980366a2d4b01bb68b7f9a67f926f1f0d1356066ed9380c6ed8df725efec466d9e343095fd"}, @generic="a52e219c553b5c592bfd62462b102acb1a2cc509d7e2a1527662f8d2bb0d01a0bd1f5ba59a29e9664d6f28db32026e27db49af410bd9ec91e922b387fc8fd693be7ee5cea4382e5625fec08abc30cc4529571842f67015746bea15e6467ba8dde721c716d8442394bcc3", @generic="ce715034980e0264ccd552f12d8b7c38ec500a521a39a9301ba404d9fae78537a02f9b4062f3a596ed2ff2f1deb7a27cb0ae99b9f668439bc93f4473749519b4969e6c1b6873fc8e3892430730fd2d4e00a1a72603e6dca6accf12ec295a42a61b5492edbdcbce3141f72ae8d5cd8d7f8b11b1eb2adf6ae2b2d7e423d5215b7eae3a6c6e1dbe74c40cecc0054019797bce046c7a95a1", @typed={0x4, 0x48}, @typed={0x8, 0x3e, @uid=r1}, @typed={0x8, 0x71, @ipv4=@dev={0xac, 0x14, 0x14, 0x15}}, @typed={0x4, 0x15}, @typed={0x1c, 0x77, @str='/proc/self/net/pfkey\x00'}]}, @typed={0x8, 0x2b, @ipv4=@remote={0xac, 0x14, 0x14, 0xbb}}, @typed={0x30, 0x48, @str='!-lovboxnet0posix_acl_accessselinuxem0-/)}\x00'}, @nested={0x2104, 0x17, [@typed={0x1c, 0x8f, @str='/proc/self/net/pfkey\x00'}, @generic="c4341470979f2ded22ae75c3bac52e13d5f53b7ce11bf21916adecbc34174f72be1dbd4b078aa13e11e6df2253f190c66481a9f24780852a0db71edf08b3e49904a3d813ecc190642a292c07367b44aaac974e4a08661974609bf8ac2f9503788ceb50976e820f62fbb0af488a5afb101cc057aa6c1d97972f7e5bd168ebbfceec64eba48174dcb611fedabc9eae490389ee61bf94058c3d8c820a639c861e188f46890e175683dbdfb309cca2468d02bdafc521cb46467bce7a532ab14ac16e64873e2b06fb105fb3fdcfc70fc741491a75770198f122af3d2b6ba5fed19e06dbb49afec4a8cbf5f3298ff8361069db81bab3ef40db6c6a1e6dfd81d160c9c5b11f2ce0e056dfc3ce27001c47665c63588bea578071a04f5035e5865da63539601f13423e85788d424966667878651586bad530e2e0ea984002f0ad24292c932fc3e5455715e3c3de53e9f9e7cd11911e77c8ce100ef202120ec6f9604a26926b8b16585af9b324fc5ac2ab0253cb67c6e4ce6d73acd75f261d8774a2591d19e63ba743851629751e8de4470fea3b7ff3e2d119d33309dcc6b8393845ed47272acbdca832e8f8e958593ec61983f8545d290474c4771fef114e6db6af2379203ed7142b634dbcc3bbb2011b3e07ebb302a6c9b91c0b4db6dcaad70cab6831e0442a612f8ee1da3c9e1c3825f3c927a881f66dbc969e1406284e3b80b7b5ca0ee16dc8fa2906f92344dd5ea548af1d9693172e6c6e193d9ce90ea01d9f29b970f67ba3e8cfbed1c14ae2ffa9d335cea46dd68d823b6c3ca303ff608ec3e5db70de4d0aa9c5d27dd72b5eb6d2d38ff559fc318a1812c8a814d3a017fea537e0d5c632e75f6d3dfb15b087d280be8f5efc87a708f8744d13c9d2e916f6c252c58a858430d5f814ebe845053fdb65321f819a8f2eeec40a41362c3c6cecfaf3843f23cbf6beda63973305f2bf70b38998f4be7916e50f4b5d598450056e5b1dfb8440adc173f6d4da1aa0c197f810ab3495e195828148fbe5ec4116846906fed6d817ee4a4a2ef8c25fb5b76775baf56cbbcfa6e9f6341b1f66bea87fd4ac11e1b7ee0b0485131a79f3b9311adec645b787bea78e94416f82c79e980710ef0a1d811ed14234687e78f099b9d6b0e5e073d4e66e7c3cd9f26e0eecb687fd7a723ba95908d5522b066130cc93f7969f2dc05d2a913c4b84313d9c4428e087339d55a77928116a6ef28b763cd3bd5e65019a3960b18967d10e8c4c4b950e3027f4c8be1c9ae9477dedda551338508f6f28684b455bb512b6e2ac2ceb36b3630491c54f4480d48604a7ce2089153554ba0b85a3b7eb9a06cccd65aa42ccec20bbd91b0380d5d170dec26f59b347fb08c12785c2690e1b341fcd340037283539512ec41ad189d8089772700379265d9354427dc9bbe8081e7d37d58817efefad63021c9686ac4e1cde2d0477bffd6f9958a4663fe0f37fc9fd320a8b4227e8ca014065f65fd3d2f2e1fe323d7a9fb34617dbbd2027e78a5f40b535559b70c5821816c1b7fe489d0b1eb32e0c2b24dc7ac7a21abd9fc7c56cf03f0c8a7e0813af4b693ba2caf38c65517d558179a3ce28375034e8bea8957f83ab8e7484dcf15c881f7291b404995926a2cfd72e4b3fe166f5983695a91d24b4ba91dd5474c714744a98479850047ae534bad78aa10887f2f9ebc281ce98e74eacbca1c1a114db8b9be14bd59e4b0744c8e31532154caaaf19d6a2aa89ce46bef18c4243ca3ebe5b86b20a4799e413480bb67a0677039a6b71af5faaff789c12d9a89c40e6135786d882a094b1a6e381156bda7bd75fa236fcf7db0f9c915e673c8689c8c56ccbb75328a6eca266759dd74dab4cd91ff87536d6478be2541bedc7ea7453fe09ba44eeb3d40e7231b8580314ea0c03e67f7785d1905de83ed2263d1aedb5abf9888ca95909c9a34dd8866a33c5bc99e6daf403f1fa495987cdd5d445f31a81b3bd3254d152ba01ddfdfefc9c282e5b8cd63dfbf359ff3141734b94b1bc8eb549ba53a29ff13f6afc482a16eb5e704c0a664135a8c3d8d59b89ac22d0fe006a283c2447a064ea933906d9d922f8757e0079dd26d442fd5f061d16d1142eab4046749e78d7f23d94d14c349847a07a9359ade6c3d2f766fcac9af6f537a1b0b9da082c31c0f4df7e867c44e1f932b2763acd630b7b398c2eb773b0e6bfaea667f71a7c520078b1e10d7020d7963ad0c4ce2df23c1692b508d68643d2d884d4811370263950a7d064eaec8d5ecb649ab1915efcc2b76ebd1690aff02d8b2cdafbb04a82941b583dac041dff2ab5daeb2444512cf2e83afc486d4a0b91f676eda463e81a5af950ce1b4c69cb0811c093cec7cb98f074f93944611db333513898f3dda5ecfeb3f2a19d3c5f2779a1dde06a30105c6d5f3eb805d6ed8737a06a6684fb56d07dd872b6653aed0702a44aa2ce93608c58305f0c7f12bcb2684ea7d566db889850b7884797b82dc0e5a94379ea21ac6a37ae6c9c5ab88506c5769c1442a7cef87f0a6b476a7791ceb0cdc143b940cd0117f342c37766d4280182bad3c652c668455751d7d836fc3b93fcf1c3f312a63353f5ab017f28cb62ac19d9050f822ab4a5465d2c991c1f91fa4cdefcd81c7fe2d698faa74801fdc636fb0c4aae0918377e634c1f64fa12c45c070703399ee74779702bf5ce0a6c5986b37d9f57effba55599d5dd63be0b22583c42500c9cd81ff0a1843222363a30b67c65be9d880cb94bc4836c6bfdb920c81e5d3b7f73552abe8e10dae06f629d41675788daf2bcb9b67729e205dd5d58bbfd5c034d5eef59c17721cc3d320fc14df5becb558cc6b45eabea61e97d11b94e907c03623c18838baab7b9880a03c171a237f8c3a5744e0928eed798a2e39bf224e7e81fa9e903a042e340e3f423b39eafcd2c6cf56415a27cddd5fc7d3fae4afaf738d33f30ed3c8854b1def54ccd50c2a8310a68b11e0b45323fd2cc5d64a94d946d5ebd69ee869cad59d8331214c89bfc97d6e048b0a3cb77792dc445debf68ad83857b6d24b3b7ef7bd7d8aaf9830aae6ffb541b3947f1210d023f2b43efc184416e85e238bbe74eddb3e902ddfadd11c4637dc312709871e91c0fc498fc1a171650fb85ce70ba829afd1aeee6acf5f859ebcaf5ea4617cbbddffe6f8d521b537ccd2b1fafa2f173715050e9ee4e32ea00663679495212453d18a6fe18d30d888c922124b62958e42fc20730440a872970e0082916367e4c54f6e8317d634f82a229d301e2ae48e1f3ae852a1b3b5c8b6be4757966dc13f8487ad0fc2657e9529cbfcc82bd4502885de8b92fa7fcf2d05e145cd880a5c5cfeb690bb53276933c9353b6d2e8cd78e18df858d223da4661d7152db5e9f8f1e418d06902c3e28adfb6d7a3e260a4e58eefdf02ed4761793c74d54ce4b27c048fc7b1d4143ef675cea281a2886e2ff3f3a135cea1d85dc9c693c49939887f1913e8f9d27bfc29d9d9e9e0e35f9aaa6a40baea1ad5fa940865c51f69320431bddae6940fde4aeeb4f831f8d3126f5a720c9ac84c58f640cfbbaa6cc9d1744877ced7305b73412b9082f69d3e556aebd745687453d7b49438cc25159edb707badc4502d7b28f96267c2a9e43633e8a547582cc4588673e5bad75d94e58db859d72ae7d10bdee618985fd8cad4cf3bdefde0367b8a92491b16b4a7288580e069306372daf9727e3879f5329a2ce0642a5d7f58f66ccd27d4ad8cff38c705db11bb4f7a2fdbf3c547c22f8080fe31562bdc31c70cf41da172afb64bab3cb884dc82ba8b6c1fb0384158b210b4053a213ad0b56ebdfea164019ea7d80a33c193b46232c66d92324b25f23625512e87c0242c72eb1b0ce744982670b0c92994026522e46e7f30f89563418beb418c8de5bc2138b2bf3f0862549c23f485130c59607b7f0fdaf39048b7c5112a304e018c5b975582c032386e1f3c54e6746151c5035cc0627838ebd3cfac4f1c219b6d4b2bfd47c26a1b61d5ee5ac1ae73da2179ff7105382b33e5d88e3836a488b49430aacd497a38bafa2c180399c60e441d224e243bf9dd79a26557a4a347c94c3caa384e5f267a0b3e7c0561ead63bc44317e276b1754128ea30765750b5d23aaab323f3affd005af62f21d22e13f6f9640d692425ac98091a758ac44c76172dfafe8665dfa3449cc7ad2a11b7c76c8c86dfe70abc1f7a723017f83d31fa8fdc1b8e0c96ef2b1e40b50d9187c94b5206177fb2094443551ecfc9ce77dc4854ab8938e8f412c4706c77590f9fb66138263f09ea4ce9e986d37efed7233fa5960d823c4d531cb5de7bcbed117e59d5c369d780a56f7f4f553b2e6247f82635c9d3fcfc304317ab7c4e337fdc35726e85539f9e0805e4dcd149655089e78cb98185497beb0c0bcd84832a26a84ae3a26d5928dda879a479d6acfc25bc9bfa360564af08fa938caf4cb42e379e23c9b8e5a4bdb757fd9e8ca1a204a0e4c80ace0d6eace85f3ba376cdc79bcfea4db4e49b60f3038b4eda8009de400fc780aaf9e7c635420a4a5aa1372a52368b3e6c74fb980e632eead7ba9cb71aff26204451f34cf1b13d6662b28c479a05c5843c69c294b82c4a5b101e061205fdd0c0084a49835d425ce3d0503773bf427984c388850c3066bba37f7ee420a5b9b2c1af6a66724879daa0baa6e728377f9d7efb49d858a1369e7f19894810c7f1e047a3aa034a2afcac185b9b5b3c7fc789b8a9ef5e5dd6611f15b296dc74e396c16720b4fb13395cc041b8a31cdaabb9ecacdb12cd8edfa9f76b1be6c114cbe1ebba7413f16ee68474fdfb65ac0f1a1b6211826e985629b365bbf605e83888fee4ed3feb5453f0e8b49fbf08a70378f2fba6777ea82ee7ab596474cfaab3a02a0721f23d982f909dd1d4c9133b030a58136046b93e05e883664543381bda90aada2e8536c1384346b18d1052c5da33206111f67f153664d428eedba3db7678105c153a0fa46c48dc1ff9591178fd4126cffed4fe44ae90c7678290685a52e84907c6fbdab6800bb7cb9a46c31aaccecfcb69891cf7ed522f8397bf3519184030bcce788b26f3e6adcd8daa38c9fd1e5978aa92f6b01bcadc05f05bb1b92b064e3e6601fd9be896be5631d9220353cef23678c859db3a1c23a8a92a3f769ad983dd2b5172204fca2cfd1320f9618c02dc604590377dc8ef8cf3f44d50a1db71611488474b42945259f67d6672531bb86433565cc53ef4f1f9ee997c91510c5301d9875ff803f1a9d3b76531f852d4da4974ebc36097c10d3817754e9fbf3729c7f30e974b1ded0ee217f3f58fed49112fcda4e76bdb7eef9a444f1ab2f4c97b18e96bdf04edc21fc30fcb65a96b7645635e11fad5709770d32bfa7a62efb90d09a77af8bcc479f19b11c223c793ad887488743af773c4e339a2a355e27a35acf4f00fbb7c69e99e8f96e64a4b7db31d06b4f9383a1fde203109deacb14acffaef1980f4dc790d5d26c0d6419324786d80d301ee860acb4e5161d5afbe43a80d80b4e5e22fcb23b4f7c463501267ae1a7601d87529cac18669ac179d680a297ee32403ef9381a7c49ca44f8fa88d20a2fa1abe78a5a918f6716ea81442e736b17acc540b58d87850b23aa63d986bfdc640adb5992c87e39ba03fd34bf20d1eb6c603e8feb5ce7d45823612dafaaed9538cd9757c30a247a0749d0df9ddc77548f61d0d8f3bbfcb67a43a0358c1b66cbb76be60e98832d56d7927839a0f5d0ba04d84504e9305003441a7f50db566fa11206aee3336c2adfd58e154fa", @generic="5763a20eaafb2fb60a95c7b2f51abdae550d06e68fd1b3cdbdc67e718a25c2f5c37a1cee08dca768bb402b62ef25af8bf5caedee7f388b0ad4c5a8503e9be60cc27546cedca40715831aeca799ca6a1178d9e93d02da1c1e53388e8498692ba7ded6457a649b1db16e53f6574f67662982f68db7f9a0ae4c84c98c000049d4946fe1611bbb138e40d74ca248cb1796b528e7f294ade692f59cf95b65e5b4334580a36cff28ba7c521099b45fccad7f0ffa160b931f7c7dbe0a397683637bd6203b681420c1bfc4f4a097f104804cf87fda7b4c7ad2ce30b0c5553db695aace096e95fe1e59ed7adca925de597cede33754143948b0e55512394bb7f695cded8fc2052e023a5124d08f154bd6e4e788b45325078a7a857a1e514fe5e165eae338c73e78e5ea7d93d290cd92e31bf59b0859218b16c47873183be63aa5c5dfdebc959d44e5aa44b27ca6e687cc18d2496e804ae981c55068eb4e25be418a13ff160669e9a4b96bc3bbade91ed8cf151c49ad93d07eb5837a3de37832a209993661189c77829373ae0c73449fce9424c2421542e34fa2c5dfdc92392152060ec0a435dccdd5c4780947ed605cab784c634dbc827ce129f27b02bbbcb052c8d7d6fef21f19fa27a123425aae89062cf19c781b55268dc66bd7bb650f4005466783aaf9a7cf58d2ab46806200fc7b4f01a7954a1c4b984ae0d0167de9f82a4c890b99fd58fc37fd7f639b94705e92f044a6411b9c7bab32dc98c5442d2245b4ac5dd0aa703296c53951e1c38c523da31b579fae869f626e1d52004cb8502df378013c55dd72daaac979a859e3db485b2cdaf0ddff8c781c6cf1afd4873a810abaf6a0d12358947cf407738016d8b35b47c255230c4f78756d3881812c5ba9fe920be0c3c982d85b5dec357d0edb21c8b8242c2b068af6ba1e7e83d21b95de6a7a3184b75c10bff4a9da63f77ee1ba1c7120397d1f1acfafe0975d7f7be4f414a3f4422401fce07d46a4ea56b114ffb92f0058f480d6139ad6eea80ce7af894f00860b597c71e2a154abaf0708570c1ddd1dab92ec3c7d3e65a1e27abe65e12f83462738b61b7352c632e1af3248c5d8cc9906af09ec1cb37b3e6dd50bf3c20ec664e2aa30bc3d6af7d1395d3631a391ac2c374bf7eb0564f6ea17360043e8e77225c535ada4f850e9f9fc262a11cd1bd6b056508e2623bfffdbb3f411d9701548bc9cf50c01c7ca403d81c4205e1f69926f4ac5d9add31af61359c265f83d9e3f7f89949cf23af50940c94e1410779e999a64024fe04651cf75271cb8b4a101a675baca70eb353b6d9b246959e7aeb1b3e9b2cfa0ded6105d942988b5c06bce1c8726a266c4d33b739b44479e54b40a31eca2d5f480b264f783876288541d98f09019f46c026a8749e361ecacb643ad12429c4e3dcc14a781313de8295a5e1bdd81538860c100f648ac8e42d66ade2e92d002a9b5984566cec9ed9e5f84119daeca8c25c90414bed7bd981c5e111fb4ab3f8037d0be83a942b237489d3b780b145726de1b4fbdb0ab764c17327c93e98f076fe28045eed8210076e51f555e572670aeae4dc624a2229b702353a3cab4bc8ad83871b834a3630582afe76512cbc66219bbf870730c6cd7d6e515a39b58f5df2e1033ff615848098c819f4103f0a0d5ef4274298b10cb77cf0bf8010fcddc9653b956e907a22d1d6faca4dbf269a854bad528355acb17d0153f60691cb39172ab33f2de3a4173f41d71a24752461511b06b58cddb0f502c01953eaa1dd6bd1cbc1f7f63bd8905ccb57d818a21bddf96f9f95ffcc0be82e429bccae477d03b17fe72a23071e18da52c0a27cb7f8123d4f504a695158b0ab81f9fb25e3e409d07bf0cfcdd9feaad7fc97fcbe761203bb799fca9b35fd755f2ba3fa0aa595528c0e9121a988d23518df00b7d14ab162fb64026fdf498b50a02afa82ee52d2af02d20b79b6a7a9fe090707b1616b291199e3409f5ae232b759c62b8e18af6bff7fdae10a6fdd569f6830ed729fd8b0e7ebb14dbb42b4f4a524530b7926c5cdaa0f6267e6898e88bec7e6ce0e46817588a798c60bb1db348dfafe18f0bc34484d8f2199483fb4f51de70937b389e085c331b0748252dd443823d4231811ae6ece07914004c9f1faa847849ba49dfacc34c77e62d0ab49e2a242a350f642f3cd4a691669ad7350d1d53ab6dde7d35b3935862b96437766be47cd2eccb5fdbd5b06ec5aae98559fa0c0f911ba8f4d0f62ed1b6fc2b0f6664e8ce0e6c75360f957362d705d6c8bd5ae00893dbe399ffc537d77c494ad31b8ed5d0e0d0c7755b433ee63260f5be435a667ef8a00e2d4082dbf47c53eabbaf29525d79acce8d36ca5dd099d604c7785766ddace500f459960b161ddcc96064ae80e0439a4153bce71a15ee9d9521a204704ac82b4f0cf0c3834a4ea573458c3a0b265ca2c084af1dd3e262b2fd18f0c1164d625ec9f41e8f0ae7f1ad1204f607bb29b456a91ed3f7fe3b612b3a4786851d4d0ebee273850a86c2d0bb8929d7afea22538341bc59ad885a9f313d161257cb4793d6d9eb5798e42961668ecf320024ee68ebcd4899e944060395ac4371b8dfd99a438f13b222eac21f3102b760684b391127595311a7b34b8ed67b8eccef6ab4838bed0057cd74095cd164d3897bdcc5324fa5c711cf014ed6efec7a45fc1b7bfdeaf792f4dd6612db37078bd4ce641e9e97536d6b8120e3b3894fc75a99d6d126f978b5ee5705146a9680b82650ac5897eb86aa4dafbecb0030f762ed87000dd14e1856ffd216d156149b89b9580f72fa715934391bb4b06b0540debf2c1b9c96d8b8d636403772166ba7ac3b1b36b3b01b3f54eadd86089602530fd95ffd3e388c80a7aae275b9503ddf6697d1d7627dc5514ecf5faa7de84f232112629b698f3468aad3b13701e6ffec5bca5b377a2922e29d2fdc71d643f6e9891f83df9581e3236c50f51c5f0d4cbad918b53a1c1bcbc5a9f99e0363d71f7da1d60bedc382cb7039ffd4f32b32bbe1302df71394ea93f01d3c2c730570f7a89ae0a6ce883210ccda7aa42763083b2663e52979ed67c849d367a54c2cbdc5bc6086e0ddf53a478b23649952d7dfdf98b52c4268e43e9c2f874b61badd19405f3d1207593f337b85856f85873b154a0412f1c357e0de98c474993db949314cd3dee41fd70712099f9ab6150f310455c1ef07128995486566efa09311d1491b322004a2f9e398b00f99eaf6f4a4e56062b8bd5a4041d979df3c8ec4f76357e55e826b071ca08eccd2411253aaf9225c94b05c1e89f80b4fb817c7a79399b3e417dc1ce1a899d9f317002c3ac3628455fae091daad94ec2b02f7634f307d8a4894415f350249dbfe3f4ab38060d31f60495551c12e4147c388c9e6882f925c6fd2f387f83fa76bc47e47b62155d56cfec6db9b05943773005966c3bfab2bf8b47e981bc5021331f7dbfbf552686c5dbf7c1cc8d11aef1d939b9dcb18e5e1ad5b6d65a596f7eb702c9d8654bf6b16ae7e14e8b9eecc8b8fd843965570d35d2a01c4490f0d3e54cad52ab9510050958038d8a7ad483e759f65760a1bd6f9c3ba531d1c89dee4b08ec01a5446a6a87b67c9d35970b1fa91ce1e5a5d49a9c2f4d5dcc2503fbd681190f2cfdf0fa5954e78f36f18da7a791612e7010c5dc70415fe633a54dd78ba1fd1c425ef58ff1aa9045b9153f8539458b4194702ddb3425965d864d43f8f19e5206cd3acd9d80881bb6aae2b123698800e2c4c0ea95efd492343815bb8ec2bbd76af6d5c7a1d8a159248cb9d4fbf7369ca4d61ae2327f798cb5588e55e7a9a161b976caa5be01eb878b38d974d56e21edff6a0d599f8b63f8bda615328b6959cba8dcc9b71be43179c8e8b9a5db92ae17f6049dab2c8c4db0e5719f48f8877fe9c5cb3be3b7dd4db985064aa7388faa51d13a8925f9e2c0d5b3c985e888b3e78bd2b89dba46daed8a35308495ff1c2224cbe4865b60083c2bcc706e560c9f12e0c54a4cae2d0e4d73fd9efb313979e46a95466691cc9eec79a4bd25337b1818c1fb181b8226cf8086bc0534266660d028437b4c68269d063c4377b95f6f1362d09c4b332f8d25827b9c790222e80d0f35f00a96171d13c60661aec19322ed7264ce16d5f62545720a5b8f3dd7941e4370c2ec735030db63dfaaa25e77ef8594d5ce14d8ee9e78a7bedc53619c00c0f87421e8ecff98c5da9010cf5eccc4f9fbd1c1e405455faccd59fd530b21456f8dc604357b223a0519f876f8213939c6096a5fea700fb089d30dad432b4f924bfeafff5c2777de6a9cd8f17e88070769c2b9cf80e9ee4c70a89cdd859612fa27a5b0b58c854f3894f5b3311b8aedf56dd324ee9449d2522173240d0afc0d42d55810750eafa3bb62d0ed90322fec051ec681bd40db7696d5f6fff72f37f9b752721f296bc9d8f1b30b35b88dcdc204a169bc39f8cfb6c2be5382c9790ec47f082054c6422fcdbbac72d047c17d0e0969160e52fdfb907061fb453d632c794ac44ea0e4eedca26666a5683e00cd0553461b5fc321e1f351eb7bb998bfe1d3b13500d66a4e32b412b40f053529a76a8d9f22ff415ca68a7020d1914af37072365cfaee9692deab35344ef182130e89f40136e8bce9fd2d0adb6e3e8520cd1d207062ae307accb28f3a0698662ba912f943bdb816ba01e579c9f21801dae35d652947b223dcea8979b0696642f2b8118c53f35e9d8f33a1336a1ebe9bfab15670a375d9398c3f765eafd258a5ac43f484b2cf1ddba0e25770f91c55f3eae9587bbf7097cc4676d56957abaab98d07b0adaede54c7c71600b3df4d30664d13bcee36d62590c0542fcf0eda1ff337cf1b6391f8f59f02e04ccc0910606f4302b677edc3ab54b98fc83f6cdb90026296a791539649b900610371f6ed516d62273376337e6edb0f8a08905817bf21521f40f72405ad219d6dbfd9953fab7e474c8f679cc51309e773b3ae463743301c96a36fa8c1c8f57c98f3e0a74eaa70cfeaa2a8377209d5304a3e087ebb18d0e3a8bc92b55630c309595b2b36e8e2fbd7b7b9e3f1b7df9103a99abb546a02e75097b85750fb19a629223a36370a66b94e140d810a19f78418b17db64d6285b6bd33fb2c8a0dd5b3a98beff031ad8fabd0fbe6308362be7a0328c0c21dc21dc47be1e0b23e793028b624c34601e489205fa001d8535f93d14d065ea5a9828e4be12b192ac15bb4c9eaa2a6413232e71aff4511e0bba26df44eb6abbf9ce6b0a29f3f17c54e7f80fc3030169e265cd2cf3a5c5dfa1362bfa582d952c68d2ca5ef3b342be4dfefa8679ab64cc6e3eae12830268e591788cbef416b295c4c65877cfb4555f87d9b28010577e425998b64a65c85e177be49a6b7d22eff6a861f7cab4dd54de8c397352bb7239c19742853c8c2c769f1a39bb07ef5cd6c1f3a3c2e0c9332455906e0f93c379e29cb9ce5a50667d2de05523f91bc84c4577e85388c79c7d8080eb7f2d6e18135bc49247bf7b683da647b9f383e40806c1b1a06ca13ab54e3f529fe4b89687be8a29ab425d3e8b7d9571a09f09d1d034f9e73bf78377be8712c55cba1fd2314fe49b8b4682e890d47abbc90aa95310960f156239ad8836ee3d9d4afd97e1ed69637a4cbf2ea9b8bf7aad735e63bc76305997e49d1165fc6eb09fcd8683a86cb838d2203cd82e302f82252bb058078bbba755b90f3de18f74b8a20420d27dedf9e27227cacd4ca7fa1cd33cc28ffd190cdb75101399dc74cf427350df802b718d5a0e647e78ceed", @generic="157227244b5cfb3f4312359a5e803be8e0740bd5deca596f15ed5ba75492299d22e19fad0affb3c6ff2d015b1ad0b4276d72b350e4578b50ebd2fa95c646a804f80c1d8072bbf4e3b043d5cdb5f406d29c1cffb4799eb874202e9c5eb530ec7e6e1cddc9d021693f6f4b71d34806030b81523a6c63f4d85d57e2621858fe5f2367fc33605e482a4872b4a1eebbd087425ca765e4eccf96132f3a336a98f55245d376e43713797584576e9c7568d7cb9e950760ee1fc264", @generic="30175ffd8c35d5c7c49779d1a3926b49219741e1c12f3be6fdf7b1b620bb78e781ecd5e092c45c2b00166857"]}, @nested={0x1090, 0x27, [@typed={0xc, 0x56, @u64=0x100000000}, @generic="b8b2b5abaac5cdd86a88f95d287edb904de19f32a2fb0ff949658ba3194d276f1ea21082e3ac44c365b6846931f70ecd92712e0631b2a82cd31626b7ec9b43ccf00535308207c1ccc1c249d44c2b050f34f4eb75555396126f058dc5a6f7ce4afc9b2db33eb69d7761083872761097644cfc4e2a50a360f58dbf963ce08a401f54f9535d435491535cecced0f0dfd11fe3f7987af03719f297a6db0040c6e476b656664e3ca7123c1451d1b6d7616e6edbb662c63c6360f585de5c571e9e5b3a82046859c71443e9bebcbf3b94c2ab2690b82f4fafd9372f5aab1dee7da28daa2a21dbb7e0b86b5eaa3d7d1925956865f7f632e63bb86d1b59685d8432dad1a538a78620ef4ee786021c703f8b31d9dfbc428f4bd06e19471e61b7ec96f0979d7e531af8514c6a0c177cec6fefe28080c6eb14a9e731b56b278e6790f6a1935f16971cc08a4d8115dd587952776735690bfe9c1542dceb82d30224b7abbabeeb11b238c1b1cb3e55920e1ae9774beb16ada0ff70b0df59b497cd9b77cc94fed6ae7dde7b57499351383df4788466f74d792e619fd610f415e95b3ec673a1b52dfa5d199ee321cba7ee308d8eae12da7e9078827e87e13b391d5cabdaa77d7ebece47688ec7e8e57940bd0027e60f2c18cb481df5d1fd03a601bac27df108e95b6b45673ae79529e9315d007ab58710f1995b4fd24cc98f695afed48c4ca9861d221e8bf83beb330a099d1d71732a59373d63e27deaf90e63bdee490cfb366eecace9db44ba9fbb243034e91fc620b5fe98846a788eb660dde0bf90402fd3e9f57588a583b92a7afcfeeab391ee955be853fc4bbeffa9331a8061e70e846470ed1bc0aa47db0fb5550acc5f4d35874a0bccb1e5dabcc0c588bb1eb133379ebb09b9be23e21df5a2be6a1c36cd6edb629147dd830f2dff7666675ef5e114c733e752ae5fe4a698ddb6d732308af278b1e922e6d26ef179333bad7cf634857c5dd719bd2cc03424589d4156ce21ea3fe1caba1c72b83228de7338d7fae0b2262f81121fa5604963506093d08bb25dc327cd5304c057710187c18f0c5e404199fdc64800aa8c795f06a3bb2bb4acedbb1762d384e4c85b9ce0b8e865f43b10ce64db3ba6bcaa922ee2cc1f7d29ddcea75dfea4db388a1ef1ce16d04e2367c253cadf20733c4b31f9150a1b5dd9b5d59839e1eba86ee13b2745d4645b6fe66bc03a9390da1d3a0ce72f3637f1a0733f5e442c30ab0c7bb5f556d3b7c2b8f53dcd25c95fe7aa362727ccdd04a88da116b71e81f5ce680a14d360ca4dd1ad2c6e023b7828649d0d5daf1553bee0b06c4849303ee6efc3a1c1911bb0b8fbeadb44b063c39c5aa7833a30cfc649c7666d8070930b77182edd9f8ed8f06addcd9bb6e91590479998c901c57916b12c4f7e47a974a8b074be7c713e783abbd297fe5412f1222b6ca2a3793da876f11d9b0c521b178e3fca7e316db59823ff66055c296b79e6aa3b13acb141152076e98dda4b3de73023589b8ea796d4e487e1fa1be5b803c9430b16202048db0074d0c9d8efd245633b6f468814c0636f09f0ea255e5cb55bff77a0aacc6f314e7181cde310c4f778f6725807341a4aed2480fd9ca9ad4af1160befc61a711a8708a1e17f15f3cbbd4dc96039ed8705ad9c95e8bd7400ad94099b5121358ecf5fb501629bc1c9eb8e7474229cb791ca95b4a6ef35d1b8374cff91369fb076e7257d174920638fbb307581356344ffb98ae4fbfb9d0c3b7a4dc99bfb4bd2424d420da0aa3c76187a5d6dcba8c6c8772be074a60d64457a91c657105865154ef44f6dec5c897706fc1308fedb941dad7855f3e8512089b0f3314c6b8ab256c552da79cd88f09b0a3633021cf445d48fb54df770c93f017abef950c8b9e5f1f8f668b4139357de0c8656cd04638721a7096a0cd2110b72ed998d63e6fbc0e71a641e9bbe9cd7e076be88dfe440fb46ac281ab466bcdeb1759f331fb31cea3516e7696a4e5dcc4306abeecd4e960db8e888ead62b08a4d2e0d3ec31891491330392200b754abe55aee1993c787c8d497b6333bb25e7ce5cfc5d7b6992af2f84e6c7018754192e9316e567f70c0cec94074a9ee7360d87ed88591b171fb85c8b11dcbd32729d11552abc701b31a6101e330d9a13bacd193fb291a3c10bd90676decbeac1251356ae76b978b51bb11af730fead4b57c8a139dbc9986eaf8115c4ec73c21d5955d1911cbb6a4a7a482a402eb6bcb747693ed9b19a7dcd9be5f60b4da5667a47ee10e975236f6d0e452a246a33b23a4b12e76acf2eb1c36fa7dcc5ca1efa87a7de6426897bd858e11869757f3e6384a11ac6435a5c68c4f290f13d5ccd9e034241071b99a6c38bbb42c4810afa6f4b6469428547d0effae36fb65593e8fcbb9f04f77617440f5c7711295296739b10f59ba91a0a09e011dd2248fd7bcad4b48908f893537554edc199e34aced4eb8185f0c2dcde08fb73e7d2265eae8f523fc9b5237ab945a6e47758a6e490be79531b2f121102bfc60b6d53db9fed92c29b76568ee32a410618e4a7909740748091b05ae40ee5c3b809ecba6291de557cc594772b30f50b3e1aa313c6157d7758bd18f6610d0c69850646c51b6d8d71c35d6284e057540e08487662ae6e372e1a0c88ab348b7b3c7b7fc6745a7919baa09e97d489ee66e337af9e03c5893d2012e3d9c8681419bac743e2946e2ec859b8310d92b5d07a8d5f85b8386581f2aac40fcd814382da92f68c45a134bd7773af83dfbc484f0c9e9df45d6b915e5ffef5cecdaa76e40fa5a7f55838f944b6b50e59accd7c20d993e9c551d969f525957e3b7167ba6d338794070aaccffa32383e39de5134c988ccd54a0af58b0fe699657e476d88044ea57730f8098ca976b0c9ef9ed985c0f29cfc3e87fb9c5602204de88345b28b41a5aa98c7132c775e41fbd5aadfedfbf44dbbc515d94e6adb7d3db2d31b65b38a10235ed3ff9ed8f13baaca5a2a4c8cc97c85b7ac56e44e7a28857d2a7cc492e9f8d013227cd88c3922f03f20de59aa45f3f29631e06b8a78c605f766380e64b7fe51e631b4c8b2fd003d6c39ab5a85d08405428c0dd49de48411009a4c6c666bf75bfb6aae44b22659240cfedd6bb9a64a0005d16fc59ef029aefa95c726187dbd610d9b39305c7d5a869dad31d1ff60e7fd890ec1ad78821939b0737211d67d4258dc564316c6c2c498c07d79835313f6134f4acf2ddaf5a283a3a321d77c9978c7b9b9c14a1ff8e25405823fe49f485d01ef42225b221c12c0bf8a47f490c9d3add961d0f81721d6d5d7f07bd8060095936b32aa5efa4b4ac280c66dbccb03efc0a2973c37fdf92ebc0767f7961ef930f59bb779e42e966a8ec5fa6c3b4e4c8f87f20a87f5d1e03dc3fbd3b95feed3ef10b4bbb2131800bab3a09a04ed3f6efdfddf5194724ae0f48c9a6f92690370f619f4f9f8c9462a55bd56639ab866ee558b4b07a77a620ea8e273857aa3c0757340d15d191d7be14166adb73269e6f621c9c7792be9de5890c845cf1fb58cfbb46d001161c36e7c8f3d60661546ebba282be01d7cf075d23b4b474229438b64dcc71014bbc4097087d36542c0fc5de60a8358f07e8ca44da425625feb70e31a376c24254b20aa1eedb121b0f824f445ef535a273b6612d72b6b6d8c0768cd24b298ffb3cbc61dada012473eaae80b8d949d9d1701a490338984a1d2fb374598d939ca97234b1e965eac0475effbe4c47161eea443235ade605a2c9f802c2eeb49ce0feda7def7f22e2546408544a0947d87d7c8e7297259fc8f5e808800e18c29c213b99ffe4dc71ea65fb5d446f3149455ecf498d0bb82d4201880af2781e3740c37a1ebf5f58a93250df0490d8db84587624d35a5579ed180868c11ddaedae8b8fba8e5b661a55e882f7edd846c8b4c9b9fb4d914c16ebafc760bc09a1670bf6ab7eef219d5fae43be593af8faf83bfd732bf596eea629593d243ad7aa2a7e60f54c8b51d7dcefc9fbb298603eea17b44085e55a79d04a48b5e5382f884dc4279611bd4b4e92c11dcdfe09edee50f7c8eee42c99188e246608fc0c1fefc02a0e4e76d44dc9933b72c27c2a977d1bd6093f38ce2424300ea642e445a8f4342c660a3100066406d9f20e4749310f60198222fe0e5bfffcec80516c2198c453627e9b98126e274bc1c7c55cc3d5404d04dcb5a50f19df77b84250d564cf34024092f0c66d8c66726119a1b85bcfe74116b6617bf96bdd5324d8ef8c64f37e07cc9f94215614da61152721b8b7a514bacd7c8098f1a2f965532f8f7c1e8e1f463a44195987e203e172c115f11c327896cfb0b725e6854287ddc58c16037700423c490344bdcd44f2cc9434b04ad9470c471ad8880b194750d96416edade12ffa30f7c556a22c4242d4104f174996db3ad082397de0b4a872477581f08242942c2d78ca3a906d30210b6aca350bd1fe40785f8d465f9e92a3e58198c13338c91082a84b83fac8c6131b10c1427684ed433952087df76133e6cd80dacecdd6034a89998d6faa6036c9fe00f44c0ab2419d9d3c501bb26b715fd40bd4e500382edde0a18627e9b0f335628899bfd5230b7b186f7d4508a33a5c8803e399bb2eae9bddf7b53be9d8db0045894cf7e0bf0cc5e03a0c12a3ed3a7a2a0b0f3a38b5bde746feb81a98d67f7b5fb91adcc08dcf588b991362d6839a3123845910e38450afd7932ac5e545edebba2ea480a6dc42949aa27de6af1337321ad4fcf5ce25c6e597d6c556e37123ad395c5c04c5e4b9e4c3eae302f7ee333de29b710b20fb0de7317bf1189f7e0446b605cecce97d3ac029a094cfc18f13697a388f051cb60c6ca16dac18a8276b726dd13431217212e0d4d32e30ee64a9005bd105f9620ed2b17acf63b5c93603f4f48b7ee4bcac270b03788da9f8c2fe6b20070d006bfa827b9beba324697bfeacc2a6880f8c8d53f4d71fea445c1df101ebb57cdf58c95737e112907d5b7caa045e865b2ccaba8eb82e00f5b397d9d5c780a6e56e80a5026f347bd21e70cb290c31ff67c30f7902c2b40ca3b724685e37cda08e8f9c04801feb8c5f70ef3cf5fb4ad53ca4d0cad57756490f2431c29912c4a9bb198424d40f243ed3c3fb79745c593c8da49ae2d08462286fb6f9ece676ccc8d87a82d53af428dd346af50bcfa5fef88c9d3d9981cd97e8a1e7add205d21c421bc233e9cf67093cf5429d1671dffdaee8d9de53b2437789f5b721ff8844e684cee222516c43d89a39c05d20a78d20aae84f904d49a333a43d447a61b85b6a867bf12740c85483dda32e1728e3f9c5fa4c18d25a3afadb292202c2fc2fe42e6b77bb38559dd69d12a3d50d12210c22bcf7e364461c9089e98097ee8f53779529551902de051851ab60a023dea3d3c884e2f020d232af9b84879489e21b0d1816e4780b2e46e3643a248d7817adc0b0576053a2a78f987f68c1682429998dff2e6ee7d37f56a37f0b84f8fd1cc2ee9c11919bc880eac449204177a135e3ae575876b66a58ca27832a33089d7958362fe795a8f8523db68d4c301afe8f3cf32a581970119e496960c2be872d8bcdb000b0c2c2ae867e6a1987139465d4489cb4eaa4b6ff95495a2a4cd0d928559cc1a1428984d6ec36203ecbad21be806e9a28a1a6193a9e247b1f34ccdcc27ea86e513943557e6210f1f518ad74ad3a926e2244ff58cedeb6dc588731da3a2e7e8db562ac992d5b3672b9cb438239a6228cdd28b669f23707876ffdaf49cde28447f3040e01b529d90880df5", @generic="239d3ead5854eeaa35dde9b4eb8e100889eedb3901660f55f231e034e7e70ab692999762d36b92d09df60bb1fd61cd4ce3", @generic="a5b29a2623784b464cf1cd2d2d4438581802240daf01f302b4ec232ca3225adcf2b763f6d1b7e2426d16770eba125e6be7731ad88621942ecbd2f57f48a87c8670cfa3af71", @typed={0x8, 0x10, @fd=r0}]}, @nested={0x10d4, 0x21, [@generic="da867ded7eafa142b3bd220eca9cd75175e7592f7a6e02b9a96cc0b0e0a9fe95d97f4ba2946a4b74ba0dbc90312f0a2b61174035e08c6eeaae813680d175e8b9d748f12a8b0c6bf69da221c7b4ad27f3fd496c3e9fd9312219aaa0b139a3ef9e72c2e9eff59af6e75d6d2fd8ed31b16cbc9d8b39e43a0d8dc1cb83f42670b8db127eddc1f40ced7fccd1019c6f3c8db5ba46ebce1ef148825ab2595cec433cfb32d97d6a2d24469191dadafeb95e0c9a045612130f18845c7705e279bad3b52c55686aee33ea20f9ce0288e903ba0c25777d2e7306d17cbce1fe5220f893ec3766ec380f8d334fbecce3b2b129b18bd787d33ba7658faa35eeebc09e5ad0dde235147395172e01b96bc07599738a63f8bb78a85e8c2bbaa1f579bc500f26b6a7059d54cbe2ca525a44fa5793ab7570453ede7757c014dd06689dbdff66fee5fe3233b45c3495050ca222a1651c302a19a656b60e0754dd8c60dd126d3888f62ef708cabe780b3c26fa7601821451fbedfd952ae52355f83e11a5dfe37adbec82f3fef9329fc827dc23d5fbbe279108ad2e585154a62b2067f550286f39e5a4658159dbf22f0c100be71568868c03a2398868af452fc59d17342346231f519fed5b3392f91006c93b7c337ec9faa7a896bf1ac596ee495378adab441bbefafaa59de838624459d297319fd93060851526e64997b4e9668c57788fc4e18d9533bbbde9894ca0065f5a5e5868b1c4136ca4480275e0c91719921a89f6e3fe9ee60dea6cef7cc13c3143e303d973c8774a2e8f35aa5da9133d27a777ab3b305ae88b6b731ce3b699078983f4c2f37fc8f81191533f0c8023a6566b4e3a857382c205a0234334bea897904982ebdd090fda6b155038442c7bc4e692bb27e22c13e7d56d4838be506ec9b24bce35111384074d9a3334d9be0db3d55d5a55cd33104ae0f62082dd601122be0a1718dd1d60d8a1aeed977acb612f2ab587c7a2297ba215fc7158a5df25adfa8463fc3354d1bd5c8ae66d76331e948b070027a43ab383bb149ddcb9a3dcc91f49ae47b3574cb0b5eb88b756538ddb2d4a8bfbc6739c81480064b4c5d830f71d32528e7e409a303811d0fd99642562d76040d22384793fc20db3f1a9cbe911e894a372fa9e0ac45e8b18dff64e3ef812423624d206b5aeb11bc7443790f9d10a0a5a29d5edbb316f5ea71a827261cef67443931dc35caa2d2605e9563a82dc1116e1e7ae10d77a7e7d4882d06078498d0a06d3fb03bfb7e0096a1c1a0f7fd509e0ea4ed2579c5925b3e5a0f8d32d74324f09cd9c10f88339814e90696ec41a55f7ffbf72fe5e2af136ac2f89313e9e829c1d845066138fcfaa79ab1085088729a1b70adbf325699faa26577bfad764be9f6447770f4054b05b84190d3f5afbb86003be4f354261b11365f182e5c444bf70721e8098fbb1310ec77ae6636499c242b31188ca16d609b1b0a9e38b76472c417875aecfe0888c6ca3c90ea02e60df0ade0acdcb2d0fffdcd249dff21e61be93d9be31f499af6146c47a244f20d52ab21c6684571cdc94fbb27c2e9e1c51499acf3cb76b2177ef59e8f3bb88d2bc2c4fddf557303001f3309ce6b26e5414f79b0dc4e54cf7e564ea6dc4440c92bc2d90e4799c724eee4715b4c7c52d4da67d818c257e2c3f28c498d0c85691dab7f82612fd4c64080a158cc05b118d141a86a4328533f4c163ca1479e1ed32c9cfe70587fa8d60407fa520e2bdd88b4aef19e4c89936efdbfad7e8e2e4a8e9c48ab08cd5755afb168eeee48f5dd81af32f5912b5d1f160802357d19642529307824ed688503ce1719d601ea5414648928e4f4a09553b036c2bd27b095588093870cc903eabca808c3c1273d91afc2d34b968df328244804ee8239cb88cecbcbb3eab6ddb8c167da44e9be9fd1bceb12b4e1fb6ade2d921d864ddf8af77555f953a839c284d7c519b5988bf568157e0eaa91c6d21017ad170f30ea62145b19b7f3ca99a0d0763ef1055707cc963128204a5ff63b4b680512000090e5aec58bfff57b1d8aa61123a5eaf866bb3523bb860d12b3cb930c0a90e36301a75169593692631678be1960a6e3fe013964942667c56daeed882fe4d1820890f3cfdcd586154cf04339bf1d34800adbc88dbb7d55ef6dab95a7185537e500f3d75f9cc9c35492759d127cf4f8b71590401207490318a1f6c5ad9b74f704147d9cab6c74ecfbc2f0654e548606d0cd6f8d28450606df61031d8b5bb0bd43c97968ce65a5728ec196b9d81b887e100fc898d3b71b0007bae1e8c5b25122fd55c6364e47e324bed91d2c835adf0f7e2158ea29302cba7c27bfb12d61c5cd927c52c8865218641c9b4fa77eecca8e06fcfe1ef0137d0fd3ed082593ffbfc9f729b34f7edb333582f571bc9380d9c2eb5fbbb8b898a741048f1801462cd33b14d086f5f6edb0e748c2009321161f1aa0267cc002885e9a861c13e2c702d8defd3294ed7db56d523a9e6be6874f54d3c5f363dd7022a1affded55b29b2c730fb0d997e85df6d928c561decb6a7d68e5d93dccf988686e0b7bbed5ade041c90b35686d2e5ee533e60198fa666e839f8cf16612a97a241123de9a1f8a08bd4245a44f4b9dd7a6e14eb1d83e6a632b1d29ac32127f464014d8781ffcf3c8ee239aa38d193ccdfcf78334f51376ec83d97af8ff401a4ab2c11c19a389a280339191bc95d1fe42b9c3a3c7352b9a6dc56a899ec9b9f478592563fa9a9e67dbb6e1b91040b886ddcbef30ea8abab0f70bca04a3b5b984fc59ede8178e504fea35ae6010cadab33e0e81faf93e51ace91b4688d3a0c5ff0b74ec6b790f9410aace2d1e4b9a88911b2c4042651fccf458f603ee2604ff2b1ea5d5b7a220c9b74e8c6154d456e91292fc12972b0b680bd3cec25e082794cd0c098cd64b892d71d7750e5c58eae52e62d19f007e922783b750f8bcf94691d1c2855cf943b0868296536511858259d2765fba3660dedd493915e1c2408017d949550cc0bc5d7dd582c863022a9009620c0013696afdbd0f70cde6dab033cd3b34170000352bbac102618aed8f769beb86cfafccef1a08d807163a625f2c22fa4348b09314ca42a6f62e82be530832786a1ddba42581546683642501b8d8e99c4df8cbe6ebdc738073582eb76a69ec07ccef7eacc124bad3aab9451c8179a503e35ab8fe12a8ef7f0eaee8d90526795c5123d90906c8b702fd754c341b49b988a4982c143f7d4550e418b00b07d9546df651eb58ad13ed6d38284f4ca4801f91ab3a4d2726431cbe28b709e73e9f1d8bbaccf0c5a84c1c5e87e68fbe72c5aaf7a6b17c151c8274ee96902fe5ef8e241f873fd78787bf970dc1fb272b14f95fd9f527ffa813c6917865bc2592abe86865c0128dd2329b28e852ebbe4c4ff79981ca7a1b9f2840abad5139c91c331d622c1067fd11a92f922954a1ee7c43a210061f97e38e56fe941185495beeb1aaba0aa12497626b4334b5d203482ee0757788c87ef643c412852d54a6fec88ed215a789358c00ec0f4360045cc317b6aa8436ba8dfb98405ad73b173c5b01b26367e7bda70e70334e435d44793877a2bf2ae1b57687c393952092c9ef2e5c84d3d0974483d906aeea3e3c5cbe2d53c0c16e50b7e44a02d70d63d7a2e69860178f334d902d25365577e005d96f3fdd98048e18f0a72869d53c6cc71ca504db58fb56c613f703e134d976ddd4aa7e45fadeb942b55ce789b85166e59a334ffb81fe0be2c617bf2ab38bc27547380a2dca30a5747f4ce8c95b600cf05d613807272525fc63697a8a214fc462fe49e6c252c4ef24b16d6130c23fa2388cb9c373fead848665c9de545d3447dd27671b9c6ec973f36fadf553cfd928b78e450572bee9d78388ebe861417121f5fb3b71befc5c0d59be9945b12ca6c045c19f3a529e42860af66a4adaa25922ee41519eaa2dd55dab307e4a134a85f5498bc7379b8fe537850f812aad54f7fba406eee0d7356e601e80107ac4d3127ab1947b6587cdacc92b3036810b3781e10e90e7f319d9bc8326a8592b47ef44f6fea4c24845040150ef3cc9a02f329c4f6a3c68e9101512740b5e300b336e7a3a6af694a5762f5f4caf94a0b5949da5ceaf0de98ff48b918fb71d133ee56dd049eb2c412f48bcd7cc60316012911577be84e6ed2faadcd21cdcbddf7e971c963e6af31e3fc64076d4666488f4f8e0593d7423a3d4d86d4e7789ae5571f21afebcbd894d09c784d72f4415ed8027eee8c17ba33c81456a587ba20da47b00a1ed1e732fb457b4cc6e881dc1bbaaeed0cec024f7a00b7e04ae58a5a2e9e8a1d9466aa8379d304044d7e00ecfc7e0b5667f3bd74cc3e61801076e0003f5d4fecfda25405b05b77fa94b15f9440c1156c426728f0e57932c3241e383b93bdec1560eccf83aebe9a57d31a440dda6c95e9632a23b77ed39fb043ee30655c49d43b4532f19496ab56df3e5a9b89f2746ba2d9cb6871913e866378da00493dea39c91f17d718596499773beef2fd44259946d4dd6235a6c2eb74d4af0bd0759d9e7cd724edb39ebb878a6339830c3b1c0b3709374130571643aa509b999c34c02bd4a474ec7b773af66c679314d916d80257ddd63f3e5936ac3f83a4bae810eb6db97ebe91eeceb43b87a8054df0b783eac5076501ccd1676ba89ab83398b22ec6d1e83075cdebb13fa1b8934ce7f713e45e62113821f4339af19c8db4facc51ba09e9f36ba1c5236a501e88af6ebec67167ff1d0108bccb4a3dba6a4d49289bd4dfd947c441e38ba217ec85cd9fe0416712a78ed0e49d996078adaecd4bf17ca13d48b8c2e02af78c9d04bb3f2978061e23ba00725f83a31facc63f429d919ec29cc985e5b027eaba61300b8e04b24e9db2e83000e5978b0134406e597790f9a48d9544c8ae5a2a132b8ae2a3d86a7790c841cdc8b34130bdd9b2a3ee670cef52f3daafe6aa7bae78389e1b95e3a88d0a05318e64ca137682b0856204e50d052ee05c7c8804514dc27abb49a8d0ea39fcc535670c00c0c86108a975d02ae8a1f5b328ed1432b0cdcc7316e11e7c2801bdcc65c072af0b39371488312e313e1634934a2de9cdf191ace86390ce13d2cfd0a89501ad9f6ada7a10d7d8a989b66fd19039e74ffd4e381711263c466803d789e1ccdb963e419b6bedfd76dffc3d6b5ffb7852114ab8a29daef7ad9bc9c9fdd20931062c8f1e8c779c13e5bb7f86c7f31cc60f0522bafb9eb45d25d4825ea70b0504f175cb2a5aaddf7f694722c19f63fe9eb7b3afa432e3d54f847b34e425e308b8b9fb4682f9db561aba48ff213eb3d6fa33625e5f970ffb334e2de1db77912cbf432078e90212f1129f64d2cde1572a1d08a7be2fadedbe9e7760490ba64c03bebeb12ec63cc29629c7191e6e89b6d4e9221aabbc4853c4412c810c47f4d8feeb691e6b49f3781d0fb07e533d53d66240523beae901a69ea79d0b4509416e1269896c43039ed02f8d1d79deff40884f6727ef7b53a661221525c9600da034d8f53ab32065bae0b2c959d5f997caa9721141a882ef813d2481495dd70f21cac10db173067e52933a3baca8671b8306bbfc9ca7f2b289dd9525c3547a45f72ff239c718c2ed0538591eaa6ffc1e3286e44cc9335956cc7199644d08276429b10b8c6f9c514805ab91831ccf6db085632cc07a99263e0e96e01159e3c00640626ed66d92e6017e44d53b76ebbe809e145bb1a4f44862a36343fda1a316206b933f5a1eee3e4a30e22d2cf8eff042af34e147866d0c59da684c79cd", @generic="fe51f8a2b1d55cdb7921056830938efc99e7b3add213991ac22b1738a49326e1485908f0a51d4f606cb12c00ab82184a3822cb8ef18ebd91c6198c7835ee6318fc06bdb67427af44b5ae0b98e64fb10202545cc60a6d63ee312df794e8d6fefb54970e3284f1b4bc2795c655af7b9cee44b414eef77e65972a3af6ca0abf7b36ec2c9bbcaa3c12cd2d99b46ece4d0ae9168868d989", @typed={0x1c, 0x1e, @str='/proc/self/net/pfkey\x00'}, @typed={0x1c, 0x94, @str='/proc/self/net/pfkey\x00'}]}]}, 0x64e8}, 0x1}, 0x0) r2 = getpid() r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x240800, 0x0) perf_event_open(&(0x7f0000000000)={0x3, 0x70, 0x7, 0x0, 0x6, 0x4, 0x0, 0x6, 0x4088, 0x8, 0x4, 0x6, 0xfff, 0x6, 0x5, 0x7f, 0x506, 0x0, 0x6, 0x5, 0x25, 0x101, 0x8, 0xee5, 0x6, 0x200, 0x9, 0x2, 0x100000000, 0x93, 0x4, 0x5, 0x100000000, 0x1, 0x7, 0x59fa, 0x1000, 0xfcd, 0x0, 0x7, 0x0, @perf_config_ext={0x4, 0x6}, 0x2000, 0x6c7, 0x10000, 0x0, 0x78af, 0xfffffffffffffe01, 0x4}, r2, 0x2, r3, 0x0) 2018/03/26 13:05:21 executing program 6: getrandom(&(0x7f0000753ff1)=""/15, 0xfffffffffffffeec, 0x3) r0 = syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x8300) ioctl$int_in(r0, 0x5421, &(0x7f0000000080)=0x7) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$sock_inet_SIOCGIFADDR(r1, 0x8915, &(0x7f0000000000)={'bcsf0\x00', {0x2, 0x4e24}}) 2018/03/26 13:05:21 executing program 0: ioctl$VHOST_SET_LOG_BASE(0xffffffffffffffff, 0x4008af04, &(0x7f0000000080)=&(0x7f0000000040)) socket$inet_smc(0x2b, 0x1, 0x0) r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x200000000000002, &(0x7f0000690ffc)=0x77, 0xfc) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00007f3ffb)='yeah\x00', 0x5) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) sendto$inet(r0, &(0x7f0000f53fff), 0xfffffffffffffd79, 0x20000000, &(0x7f000006d000)={0x2, 0x4e23}, 0x10) shutdown(r0, 0x1) 2018/03/26 13:05:21 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) getsockopt$inet6_int(r1, 0x29, 0x2, &(0x7f0000000000), &(0x7f0000000040)=0x4) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000080)=0x8001, 0x4) r2 = semget$private(0x0, 0x5, 0x3) timer_create(0x1, &(0x7f0000001180)={0x0, 0x19, 0x2}, &(0x7f00000011c0)=0x0) timer_gettime(r3, &(0x7f0000001200)) semctl$IPC_INFO(r2, 0x0, 0x3, &(0x7f0000001240)=""/4096) ioctl$sock_inet_SIOCRTMSG(r1, 0x890d, &(0x7f0000000100)={0x9, {0x2, 0x4e20, @multicast1=0xe0000001}, {0x2, 0x4e24}, {0x2, 0x4e24, @local={0xac, 0x14, 0x14, 0xaa}}, 0xe8, 0x7f, 0x8c9b, 0xfffffffffffffffb, 0x9, &(0x7f00000000c0)='irlan0\x00', 0xf348, 0xffff, 0x4}) 2018/03/26 13:05:21 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') fcntl$setstatus(r0, 0x4, 0x800) ioctl$KVM_ASSIGN_DEV_IRQ(r0, 0x4040ae70, &(0x7f0000000000)={0x5, 0x8001, 0xb, 0x1}) ioctl$sock_bt_cmtp_CMTPGETCONNINFO(r0, 0x800443d3, &(0x7f0000000040)={{0x7f, 0x8, 0x2, 0x6, 0x101, 0x81}, 0x3, 0x8, 0x6}) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:21 executing program 4: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x5473, &(0x7f00000000c0)=0x200000ff8) eventfd(0x6) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r0}) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={0xffffffffffffff9c}) setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000100), 0x4) r2 = eventfd(0xfffffffffffe) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000182d45)={0x0, r2}) 2018/03/26 13:05:21 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'bridge0\x00', &(0x7f0000000080)=@ethtool_cmd={0x8}}) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000000)={0x7, r0, 0x1}) ioctl$DRM_IOCTL_INFO_BUFS(r1, 0xc0106418, &(0x7f0000000040)={0x7, 0x6e7, 0xfffffffffffffffd, 0x4, 0x8, 0xf97c}) syz_open_dev$vcsa(&(0x7f0000000100)='/dev/vcsa#\x00', 0x7, 0x101000) [ 1029.558697] oom_reaper: reaped process 24107 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:21 executing program 3: r0 = syz_open_dev$sndseq(&(0x7f0000923000)='/dev/snd/seq\x00', 0x0, 0x0) ppoll(&(0x7f0000000000)=[{r0}], 0x1, &(0x7f0000000040)={0x77359400}, &(0x7f0000000080), 0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, "706f72ff070000000000000000000000000b000000000000000000001f0000ffffff03000000ef000003ff02000000000012000000000000000000000600", 0xc3, 0x80003}) r1 = socket(0x11, 0x1, 0x7ff) sendmsg$nl_netfilter(r1, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000140)={0x124, 0x10, 0x0, 0x110, 0x70bd29, 0x25dfdbfd, {0x5, 0x0, 0x5}, [@nested={0x110, 0x1f, [@typed={0xc, 0x6a, @u64=0x9}, @generic="087bbf51c5d8cd92a419ce2c3b3ab0ccd89c0d5c5e79d922d3ec0a1202c93085441b3fb08ed406d52b086989fd1eb8fe2d80ac38f85522e427b08e3cecb646e9c97063cf7c472b0d7b2e136d303d06e91321ed8da31471a1ac95ed5ac5c6290aa44f612046225645a085a016fcc1b474c3d43377842552053b8030", @typed={0xc, 0x27, @u64=0x5}, @generic="35c8f6eaed768c08262c70b750591585508703565bd46c2c05458d3f61e94dd34211d003c1b08246b1aac09835ff99abea4e2561ab75c0ff70d7b70249d36de86712ec572bb0eff1abbff3f03c3cec047722dcdce262080adced246e536697ab72fea3018f06", @typed={0x8, 0x29, @u32=0xc8e}, @typed={0x8, 0x3b, @fd=r0}]}]}, 0x124}, 0x1, 0x0, 0x0, 0x80}, 0x40000) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x1, 0x0) close(r0) close(r2) 2018/03/26 13:05:21 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r1 = syz_open_dev$sndseq(&(0x7f0000027ff3)='/dev/snd/seq\x00', 0x0, 0x0) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc0a85352, &(0x7f00006e7f50)={{0x80}, 'port0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000040)={{0x7, 0x7f}, {0x9, 0x9}, 0xe5, 0x2, 0x5}) [ 1029.726813] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1029.737962] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1029.743142] CPU: 0 PID: 24160 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1029.750491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1029.759828] Call Trace: [ 1029.762398] dump_stack+0x194/0x24d [ 1029.766005] ? arch_local_irq_restore+0x53/0x53 [ 1029.770656] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1029.775831] dump_header+0x28c/0xe2b [ 1029.779537] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1029.784707] ? arch_local_irq_restore+0x53/0x53 [ 1029.789367] ? __lock_acquire+0x664/0x3e00 [ 1029.793581] ? print_irqtrace_events+0x270/0x270 [ 1029.798314] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1029.803411] ? trace_hardirqs_off+0x10/0x10 [ 1029.807706] ? __lock_acquire+0x664/0x3e00 [ 1029.811919] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1029.817094] ? __lock_acquire+0x664/0x3e00 [ 1029.821404] ? task_will_free_mem+0x252/0xaa0 [ 1029.825884] ? print_irqtrace_events+0x270/0x270 [ 1029.830626] ? ___ratelimit+0x30d/0x630 [ 1029.834579] ? lock_downgrade+0x980/0x980 [ 1029.838707] ? lock_release+0xa40/0xa40 [ 1029.842664] ? mark_held_locks+0xaf/0x100 [ 1029.846789] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1029.851871] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1029.856866] ? trace_hardirqs_on+0xd/0x10 [ 1029.860997] ? ___ratelimit+0x95/0x630 [ 1029.864869] ? idr_get_free+0xfd0/0xfd0 [ 1029.868821] ? find_held_lock+0x35/0x1d0 [ 1029.873059] oom_kill_process+0x8b9/0x1640 [ 1029.877272] ? lock_downgrade+0x980/0x980 [ 1029.881401] ? __lock_is_held+0xb6/0x140 [ 1029.885446] ? oom_evaluate_task+0x480/0x480 [ 1029.889842] ? rcu_read_unlock+0x35/0x70 [ 1029.893878] ? mem_cgroup_iter+0x363/0xbd0 [ 1029.898090] ? lock_downgrade+0x980/0x980 [ 1029.902223] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1029.906959] ? mark_held_locks+0xaf/0x100 [ 1029.911085] ? _raw_spin_unlock_irq+0x27/0x70 [ 1029.915560] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1029.920561] ? trace_hardirqs_on+0xd/0x10 [ 1029.924681] ? _raw_spin_unlock_irq+0x27/0x70 [ 1029.929154] ? css_task_iter_end+0x280/0x430 [ 1029.933537] ? _raw_spin_unlock_irq+0x27/0x70 [ 1029.938011] ? cgroup_procs_next+0x70/0x70 [ 1029.942224] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1029.947217] ? trace_hardirqs_on+0xd/0x10 [ 1029.951338] ? _raw_spin_unlock_irq+0x27/0x70 [ 1029.955813] ? oom_badness+0x980/0x980 [ 1029.959677] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1029.964409] ? mem_cgroup_iter_break+0x30/0x30 [ 1029.969327] ? finish_wait+0x268/0x490 [ 1029.973192] ? lock_downgrade+0x980/0x980 [ 1029.977494] out_of_memory+0x86d/0x1220 [ 1029.981458] ? oom_killer_disable+0x310/0x310 [ 1029.985927] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1029.991013] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1029.996015] ? trace_hardirqs_on+0xd/0x10 [ 1030.000152] mem_cgroup_out_of_memory+0x159/0x200 [ 1030.004972] ? swap_max_write+0x110/0x110 [ 1030.009095] ? do_raw_spin_trylock+0x190/0x190 [ 1030.013675] ? _raw_spin_unlock+0x22/0x30 [ 1030.017809] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1030.022802] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1030.028231] ? find_held_lock+0x35/0x1d0 [ 1030.032275] ? memcg_event_wake+0x420/0x420 [ 1030.036573] ? __do_page_fault+0x5f7/0xc90 [ 1030.040783] ? lock_downgrade+0x980/0x980 [ 1030.044912] pagefault_out_of_memory+0xbd/0x152 [ 1030.049556] ? out_of_memory+0x1220/0x1220 [ 1030.053763] ? handle_mm_fault+0x465/0xb10 [ 1030.057978] ? __handle_mm_fault+0x38c0/0x38c0 [ 1030.062542] ? vmacache_find+0x5f/0x280 [ 1030.066493] ? vmacache_update+0xfe/0x130 [ 1030.070625] mm_fault_error+0xd6/0x2c0 [ 1030.074494] __do_page_fault+0xb4d/0xc90 [ 1030.078551] ? mm_fault_error+0x2c0/0x2c0 [ 1030.082675] ? kernel_write+0x120/0x120 [ 1030.086627] ? do_syscall_64+0xb7/0x940 [ 1030.090580] do_page_fault+0xee/0x730 [ 1030.094357] ? __do_page_fault+0xc90/0xc90 [ 1030.098568] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1030.103304] ? syscall_return_slowpath+0x550/0x550 [ 1030.108208] ? syscall_return_slowpath+0x2ac/0x550 [ 1030.113116] ? prepare_exit_to_usermode+0x350/0x350 [ 1030.118108] ? retint_user+0x18/0x18 [ 1030.121800] ? page_fault+0x2f/0x50 [ 1030.125403] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1030.130223] ? page_fault+0x2f/0x50 [ 1030.133827] page_fault+0x45/0x50 [ 1030.137257] RIP: 0033:0x409b83 [ 1030.140422] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1030.145761] RAX: 0000001b9bc20000 RBX: 0000000000001262 RCX: 000000000040e950 [ 1030.153006] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1030.160256] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1030.167505] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1030.174749] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1030.182146] Task in /syz1 killed as a result of limit of /syz1 [ 1030.188188] memory: usage 0kB, limit 0kB, failcnt 3892 [ 1030.193539] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1030.200338] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1030.206530] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:05:22 executing program 0: openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='task\x00') ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000000)={0x0, 0xffffffffffffffff, 0x1}) ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0) write(r1, &(0x7f0000000080)="a6c40d410f65bfa77351ac7284a96c23ae7bc125e2657ec7ead04d2f0c8910bdbdc9e46bbf0810cb3af698d39bfe5bbdcb7f557ad64a8a9dcee2f53802a9e2f72afa508aaf1f0b0186c10862d4333bfa752ee04867c28e61f92ff5c2c0a43afda463d647f2dad3afec6bb1f9963a3b936794a43268e5e2205826e2d7e1ae1a93b2ef14ab513cea57ef40bdb1e8ef1fdc363ca13f2a9d5f3de9b8fb5dc0f83c351395a7918a6aa211e70ea50781ca53f329f69172dd20f1458af413740814613fe487346e4dd4837fdce2b57d0a6c35", 0xcf) 2018/03/26 13:05:22 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw-camellia-asm\x00'}, 0x58) r1 = dup(r0) listen$netrom(r1, 0x6) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f000007ff6f)="9fa0291e41797c3d71854a9fe2cd858674c82988348b5ca3a6103d5ca1cb9eef", 0x20) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000219fc8)=[{0x0, 0x0, &(0x7f000001c000)=[{&(0x7f0000219000)="cec3214e9441328ae007994ccc361d41", 0x10}], 0x1}], 0x1, 0x0) recvmsg(r2, &(0x7f0000214fc8)={&(0x7f0000214fec)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, 0x14, &(0x7f0000140fd0)=[{&(0x7f0000154fd6)=""/42, 0x2a}], 0x1, &(0x7f0000214000)=""/155, 0x9b}, 0x0) 2018/03/26 13:05:22 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r1 = syz_open_dev$sndseq(&(0x7f0000027ff3)='/dev/snd/seq\x00', 0x0, 0x0) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc0a85352, &(0x7f00006e7f50)={{0x80}, 'port0\x00'}) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000040)={{0x7, 0x7f}, {0x9, 0x9}, 0xe5, 0x2, 0x5}) 2018/03/26 13:05:22 executing program 6: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x2d7f557255e87979, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b3fdc)) r1 = syz_open_dev$tun(&(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x4) ioctl$PIO_SCRNMAP(r0, 0x4b41, &(0x7f0000000680)="8889f24d8d927d337a526471210a8a3cf16f83e7d9f678808628ec9271e65c489d5714c772db27363be3430d00f3101703c880ccad1d885076b83ab4744f") ioctl$TIOCGWINSZ(r0, 0x5413, &(0x7f0000000640)) ioctl$TUNSETVNETHDRSZ(r1, 0x400454d8, &(0x7f0000000040)=0x10000) r2 = syz_open_pts(r0, 0x0) r3 = fcntl$getown(r2, 0x9) tkill(r3, 0x3e) sendmsg$alg(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000140)="e11106c5542aff43e67edb488d412cc56909f3e0d6754ba27e0408d3f93ea4cf5aac247c985cd353eeaccc313d40bd0e09d34377dc62a8ea9fb4b9b0decdfa163701e115331969ae06a7741018091aa21028fc4a4223394d541e8a12779a944c53187b48cce59895bb541879ab20c804620e1431c1df16410dfe642dfccc6accb102e76a26cf3480e83524243708a443", 0x90}, {&(0x7f0000000200)="354b536d706cab99553cbab1a4bdc6e989eb62f14eafdb2043c44a281976262263c6c36aa7ed6ab17a9aa656f3", 0x2d}, {&(0x7f0000000240)="c5d03c4633d83d03f6a69b9563221bca663b426aac7b0e3d989b0ce02a269f600d1381760fce31c96b0c1f24bfa9f54d9ff818765fc41b93b051c3706db2d5f7d004c16f846c7dd8b1b152bec6140c8ba23f47e69856fe9f112d1151afd3e63ec1b0e145d556e05ef42f2f9a09d487219422a05586248c7dc4f448c736c88d1345736616c624c88a9c7fea3bc69c7ff0dc9c714fab9ad046e015505e1dded067cac4b6bbd88444481924d86680f88c83cb389267a2288621416e3ac2dea3c96d7624f95b38e055ac8b13d03a6d3bda9fe1135fc35f60f47a56e63dae824ebc4800e9021fc42aed4cb8c951", 0xeb}, {&(0x7f0000000340)="4d6e5047335c9a428aef6e98542d518f3edac1c3522c368c4b63", 0x1a}, {&(0x7f0000000380)="109d301fec382d294a8a01d40c3d539bdd050556b263dfceda62c567ba90579741d8abf1c72090f03fd8bf9489e990e3285c65ca0b7b07e566e1a7069f0914e5ba10285160242d1e229a2ff4d6a12ecb5a07c5c9b22a2ae4b78c64fb7cec981443e5abd869f494d58441b59af363fb069e0a0ca3921dbc8c57d0280ce5b5ad37873054b590334661789b12644c85871e15f85279567e90f7a2f19c4fee81", 0x9e}, {&(0x7f0000000440)="29a2918ae248d95bab9a2c067b024851ec1e170b505239a847d1ef3af51732ee73", 0x21}], 0x6, &(0x7f0000000500)=ANY=[@ANYBLOB="c8000000000000001701000002000000ad0000009cb1ed015c04238009653bf19e782d0d669bee66ff46c9255ee5454b2c2559127e0bd6ca41ec5467a086cc90ff4232d74c448712004e1994a0e9d6f4140b4dce5961cdcb0d699bec9d3b1594715a3655f47378c0140eaa99b49015192dcf36d36529add3fb894faf8e0a19dba1c90e436409d4a872847e41329e6aac294b4ff30aba8e7f60671cbb4beafd5b68cd0831d997d466f06be7e47c9065272139e009b984332023100000000000000018000000000000001701000004000000080000000000000000000000000000"], 0xe0, 0x4008000}, 0x4010) symlink(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='./file0\x00') ioctl$TCSBRKP(r2, 0x5425, 0x3) 2018/03/26 13:05:22 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x705, 0x10d081) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffff9c, 0x84, 0x6, &(0x7f0000000040)={0x0, @in6={{0xa, 0x4e23, 0xda5f, @dev={0xfe, 0x80, [], 0x15}}}}, &(0x7f0000000100)=0x84) setsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000140)={r2, 0x80000001}, 0x8) bind$alg(r0, &(0x7f00000b8fa8)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-des3_ede-asm\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000001f3a)="ad56b6c5820faeb995298992ea54c7beef9f5d56534c90c2", 0x18) io_setup(0x302, &(0x7f0000e4b000)=0x0) accept$alg(r0, 0x0, 0x0) io_submit(r3, 0x1, &(0x7f0000bd9fe0)=[&(0x7f0000617fc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, &(0x7f000007d000)="b3", 0x1}]) write$sndseq(r1, &(0x7f0000001180)=[{0x8001, 0x30, 0x7, 0x3ff, @tick=0x25, {0x40000, 0xfffffffffffffffb}, {0x7fffffff, 0x38d}, @control={0x8, 0x80000000, 0x6}}, {0x81, 0x3, 0x0, 0x81, @tick=0x2, {0x2, 0x1}, {0xffffffffffff8001, 0x800}, @ext={0x1000, &(0x7f0000000180)="81b365054f778ed1ed4ebf80fc98575fa48c328013799ed33cdfe18b4e3f5faa8de6f2fea91f6a0f06f63f2f8f57425970dd6a42787b3dfe258c2d37f2b65547d88e022ead38a7638bb1e623596aa93e5cf5282880a8986da5e9403333d02720f37ce2c720ae96b9ad66a18922196e9f7233175fe9e1cd7bcee6daff780cd286577d43cb4539f23c97b169510b5eb92e8131e25c0ff360ed25697dd994e7f891624d2136f644e49147005085fe09f1d69fac6ca9eeed818ca0eb246972749265565407ae0bca769ef29cb014ed33f8a24e2b8a52534b4d5c8bc737ad82a2055b90096ed499ac6094277d52e7fb7ff469762a5cff858304a38b3aebbe7962f0606e6acd44396e496518d04fc1f43c4ada78c8a540d9fe63f982e7e4f9bc9000ec03d6f4186334d2c4b613c190a5e1f24ebe39372ee8010fabcdb7de2e4f6b8d7ffab00807a2b565f5fa834c267327c9eaee69186cd0be1fb6099232b0774c94a0cfcfd34819c6328d801af1549572b5af5561c9b74aa08a786f2a710dbe8cce1e5e96a0ea7df00f3b857abf344a98ed3d170a0b8435381e8846fa9870f24640f725a5b36e9f9d54d616e02fd51faf8ec4f5e24a4d16f7d788f1ace3805e0b1dc1f3c530727fc30961c96244ef8f87752702df90c258ac261d32a6db546c6f41eb044198ae273969797fae170b982e6b23f51f2d763ac84e0871043b8c320d125fc5b95aa30cc1777c434a3f3ca263f61f85b6f7d0cf0713b70aa3adc4fdcda50ba6c20c26533ff05795320ec93398cc8f858de603aa15671714f32d495a130792fb9eb2baacca84e7c158f546a980f9afe57c5b1557d8d87284173c8bcdeac94b9e546f68e35e900d05c8122f49cfab382c024fe7c2b8996e6d62a54094f41c4295475f73d6b5af906eae5a006401e53ffcc8d91865baee35c8b3b1b1ea9fdfc6cb1938b9bcdd9ca9392d1ef1db9b849ded4dcd3316380bf9bf571362a547d08140d8a96afcacb184ef93360599ccaa8ff40a2519544d3ed747a361bdfb610dcda546aad6fb4ae8bdcf9bf8e7b2269dc21de69ea8a287278ee3fd88acf390c0cd70175623ba1e599609c189399523e4b20c316348908e4e176867b4b2b034c94c738d64029a46a60654bab79af8f56ff43631155f72a19b7b1ecddf906c39f45d99f4627fb00baa8f9466db28c84e7c7dbc589d383db06d0f22ac166fa899e0671ab3c09483a13ef043d3d931c718c5411444954866465812f4eac2cfc04abbaf0f201bb21b957d4f822ef24a228642db7bcd754875e6617d474ddca96cf281e0f004d07bcecbb0e9b814d925d9b38ace30e4860878dc94a63b6cde953e6f3b546cc196e7f949c58c13b1aca8d55af625e30a8ff40b862520af60a1f49268eb092594f4a2096489c45106d7ac55e99e24d7b1cae00f19d22fb8670cea2df31dc367d0543d46f65e3d6f12d2a85c8254b5b0bb656c1b91a64b42ec42e744b2e4d7773ca4e30c9aef1779ac574339255bcc2c044fbcafc163d8ac300f240939e17335cfe03c99dc1b1a2a36d978bfd75cea7cc66a9c48ff141b93cff30d36dbae423716fbaafab52db05a62e9b9d39eb8661e1184909b96584893f098d7fe6d236b04206ae987579eee4502b4f5678cda413df524c5c882ac9143af784d5e29183e792e872113f9ce22d53d93862a65a1665c4b1a2753a63d3401f5a0a610a2ff28239f4c696708e99a6f4e9b2764eaa76857bca8599f93b733eeb8f1409df29d8c6c427e66a9bb1794cf096005f677a7e7d2ffad5a5cf799517703b8c24c35b06a3e0f6a87beacc30c5cd659e786b2900a1035046b7651f01e95837577ef2d03958d59266119cc1695de78f2dbb4ef42d9e19d55f8304b7136badb6a52a546f20012d7da4a07987e3374a417c14aa7fcfe59d37782c3c06bff17b3e3cd087fa5cd01d2e924baa1951ddd1d0888311a8dbb749b5f8c3848cd95180e1499ed9ceb2cf382141fd6419cad034b8a91cd6d61599c197fdd8a22d3bdbc2493202e5ce973359f75d4d0721141f81ed7409bdaa7d5961767c5d28009f0cfecac3c1f0acdbb1a1cdf9dc992978108da2668bed5e4136cb8e8b3b0c01bdd85311d5c722099b788726fc4ee1ce23961e10313c6e0cd1859e28bf44c0a385fe2abb3ccf8775797eca27a7b250ce1516650289176d604e04ec418e2645352fe783a6c9857c206fdcba71cfeb43cde03d0412c4ad2e553e7a01d4d31e83eedc6f67f6d8444a0f8686dd63f5e5cb90fc33d9288bf3b436bcab1ddb7e964dac7379b808f44b5676a64cfae11be7822feda11ea5b404f5d355589663f05b661edd7091f054c3b16f104f7187e6b26285f47426f524dbf49681830423fc4e0391a49dd136f93caaee097287d5519b9a63dfef4959c52f78b4666399f3bbdd4e48ea510eb2c0e1c4a1ddfec92c1617aff316353b8a580dbd871ebcd9eac7a3422db2b71a1b124d6e241e833d7a26f0a4eae60e0392685e84c61d7acad3737479aae25e9da2e613dde1e4747e0039eed1a2d0d9c7631dd3299deb4e206cacd226341e24607f7393475fe27809a2e7fea4eedc14d1462d082ff2a5eba7400bc916c6fcdbcc181c93c6f71bf2a1e83f7edffd3bcd0568564fcec88cb671a309c56f50b86c7f654d4f4ebada9da1c65769527e6240df46816f646727b99d31988106841935d87624a6e53f2c3aeafc758d1cdf7cc50fbfbba3b7eefd3a24d10afb6985f1a22acc2f793b24a7bef0b8d465c5e6d8eeef5d4ba3bc6ad3a6ba0ff19da24a555b1d762a5d29d59473923c4f65f69026cc319745e28a905917a4b1efaa947954a716852921cc604646ee2bd82bcd1cfdf77fc327f91383bde01b3b42d92dd0c6b84735955e1d2bf9676228108a959dba744c11bca3ce5b4b55eaea5d61ff70bfdf949b251e8ff55f8d0c2a49360b9e449bd6c6fb60e18886be0684dde3f052c72f36b70d4f01cb6b3d02938eed873a6d1aec0d547a90a88cba2b512d002255fb56883237edb5383746de19655a8374771d7ef87caaaf9ccfc6ef2ffc9c9e8265e5e798dc0d8fd433e22b5d1cdc4ee6c11d589d13430c13a92e0fce1b097be93ed4bbd80405a34e75ca9e1ab6d69c65c9cacab6cfe3bff7cfb59a6f4f1202495080f7d398a21a52a7ce87d5e773cd8ffb73f0d18b20207f2e2ae78287b584d410b8bc966b0741aaefda9f8b74522098ed8bac4b511db85df35a7ada69ebcd61aadf2e690fc2d72cf635b57cc6ed3cfdc000021c551e12739f935b2df55ec38feec9371cf371559c4a0471f1020d6515a5fb69fca8d2959eb23977d3dd8b63be456ea6f9146984f00bb4382d7572dee650cab1af0592152f363600860808987998fabdd211326c852cfaba55400eb3033fc2b99605618ba08667b38afb8b8ea198d78ce29bb40a9204c969c71e917b7aa7372c14a0fbf035bfeb32371623933bb29d356520ea4a28164b164f4ceaf6a7b6444d1217c2ce2ff4e77da7d0262744c2392017f61eae9a85618be1d8a190749a3fd789330d09421c45002056fe07d6c5c3ea1588605f5cba19276d0fa484f1991078783a22e63ee504abaa76edd8223b1857cbb49c32601ce4034f403fd2a6509a2c7a1cbc3daac3b045a70a69278258dd763c797ee3a6f721cfaa83fbfeea4c20507cff7e01bea3eec661aba676b9bccc70831e7542ebd59055500f9aa851b5c531cee227ed32d026ff7af6a353959ea7f056fd22ce1e86a85e2100ad9642ede50c6a75df8da7db07e507c73f7f62e2d46ddeb49566db3d82920cc10729d33d6fae88437d4c81501b5e37bb1ef43299ddee3953b2c76b62b27eb114ad6e0046ae9a99efc192d6d231ac434f6f30f20e3e7684ffdd0b0576d300e2f263aa9e623131acb295ab6e517481788e6733f65a71d8a386c2d14d3447922d0c95d4d8f41e60fd689474088ab9d732668b9dc3d654e88c8ded615c09731f62710343a1fd05cf17bf64840215a753526152893327486dc51c271ed5795b862d2ac7f912f649bf016ca9fe11d1dea4575018c00fa308b6bb844128e189437a3ab3cc3f64456907d1a0d6c33636407acf3bdd0c5320d43e3191b954e3788593b66833a12395a0c445751f965da1e1c6538fd42d851c1501ffdbdb6bd7ac5d08e7052c55256e4cc106b15a241914a5666f9824c57f41e458b2e1d87d58458848c3ba99f5550d5b7cf3cb78d20d91733876c9bd2706fb0470abcc4c56bfc19c96ec41f27270b4b7d48be67b7d816d3a5e0c7e81153375ef23cd60cd37b037bb4ba01a09d1db2d869679af86f89128667eb840afd19766398391e7b2bc8a539109241d5d2344081367004f4c0d6643871aff98a85815db2d1db5265dff1963a1992bf3f1c71362fed1a0c215793b2a798bed2b32aebee6e06f3761bbf6a82af93bb3fbe50a69102b80f0de6a700de634edf1289bfe6a7c9d24bc6de336e01a499fbb0f0e736ced5d4e4afdcf642893be3cae2f9fc5fa011bed3dc458c69d7f619c5a5f7ece69a56c91f17ded8a1fb662bea48d8be611e1dedfef7c043609b97a05660a30767b3473a33aeacf0b4d7f35034f771e3f940cfdb27a16898768a5ef944924500014ebf77ef68b59f421b7a6a45e2bc1655545129689114d56ab13ff372f03986442a32477773aad4e87cb85f2f6bf0e4c7bb91bbfea3c66e25b5397279365bea02835f0c363537a899ebbffd448835e5f21728e9866dd4a418439546a1d633346ba570cc9d05ad1cc409df51a279337e821954ba25863a352ad72bc968872f00b92dd47ddc7cbe5c48162022b923f89a8e0be08b80ede4fc6798105975f047c3deb704ba4d410f1e55c977d9bf11d88319aa55b125a620ca4dd8429eb576628a2bc43b01d49e7c27a986c23b8ec631f8e71726c281642a6df135330ad6270bce02b7ae9a070c64f4a7c5a244931430683a74f62a544f43fb283d312fb6b731831d534c1432799acd7295a7c33241d41d51c29edf75ac1e721a08ec09da97a70e6c392062957e345667b507a6edf43d917a6270bd7694fa7f594101459bd90a46349d7360f8b630e7473ce8c1de1408cb59b2cb6ac9fbfaa2a4b2b42ec264af5cf03e9570a8ee25adbbebe9750d89e7876bca97ada2a9d9281f40bd9952421750315a82bb541ef6c348b03f174e728449761cc50d9c58a886018126b2648ff62cdb0f42518f74adbb619f09c052ff75c8209088e00db32101b48fe20999fe2d4aba49986fbd47fdb37cf570007068a04d799aca2f78f05de7a9591a7e7b4c17d78aeacf35d0680b2a4c5483131c5fe6f276cb89fa61e53fd2f64c5e9ef484fb66360f49dada304586846320fb12afb390232f1220f0780504a569ae6c68292dbbb8a88cbef65384c06e8133d751b355082d8a271f5955c295f1fe555e0690fca445c19da46c2284af574d91353c0dbc048703789a01604ea771a6362d542314091a1929bad27e9a3dbe1f1cfa117e7b05b04267fe02bcc48f5efbdf5b6647102cb29d110e214d7ec2a5d89fed044326de0bc216815f1b8c1c788222b84daa5c86ccd629fc43d3004272c07f6b3b9974e94403f9c9be6418c6fff6e6ab978633e06e915c25e6bbcfe60a94e18483cc7db0630e03bef6f77d288ba8bfd887a069597b4d18a7ab364ca5fdca7cd4a273e7a6e36a754f22b56473c35caef9036322c4a97b86d73c7004959b6d251eafcd0815118bc06f81fafb935ec602d672743adf545f31e6be6d9faf8a68a43c339a2215d2de6a0e2220c075f5a18b"}}, {0x9552, 0x10000000, 0x80, 0x5, @time, {0x0, 0x63}, {0x6, 0x3}, @raw32={[0x8, 0x9, 0x80000001]}}], 0x90) [ 1030.226040] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1030.234791] [24160] 0 24160 11408 2089 65536 0 0 syz-executor1 [ 1030.243706] Memory cgroup out of memory: Kill process 24160 (syz-executor1) score 2105000 or sacrifice child [ 1030.253735] Killed process 24160 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:22 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000140)=ANY=[]) shmat(0x0, &(0x7f0000ffd000/0x3000)=nil, 0x3000) mount(&(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000000040)) mount(&(0x7f0000fb6000)='./file0\x00', &(0x7f0000d78000)='.', &(0x7f0000fdb000)='ubifs\x00', 0x1000, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="02000000009c0300000000400000000000470f000000000001000040"]) 2018/03/26 13:05:22 executing program 1: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f000000cfe4)={0xa}, 0x1c) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r1, &(0x7f0000000400)={&(0x7f0000000280)={0x10}, 0xc, &(0x7f0000000000)={&(0x7f00000002c0)=@updpolicy={0xb8, 0x19, 0x213, 0x0, 0x0, {{@in=@loopback=0x7f000001, @in=@remote={0xac, 0x14, 0x14, 0xbb}, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}, 0x1}, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0xbf, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x7, 0x4, 0x488, 0x0, 0x0, 0x0, 0x3a0, 0x3a0, 0x3a0, 0x4, &(0x7f0000000080), {[{{@uncond, 0xf0, 0x130}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x7, 0x8, 0x3}}}, {{@uncond, 0xf0, 0x130}, @unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "982a54bec782e66e66f21e9b19a4cc353763424a1278e34b20eb5ac8f01d"}}, {{@uncond, 0xf0, 0x140}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @empty, @local={0xac, 0x14, 0x14, 0xaa}, @multicast1=0xe0000001, 0x8, 0xffffffff}}}], {{[], 0xc0, 0xe8}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x4d8) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'gretap0\x00', 0x0}) setsockopt$inet6_IPV6_PKTINFO(r0, 0x29, 0x32, &(0x7f0000000140)={@dev={0xfe, 0x80}, r3}, 0x14) [ 1030.391224] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1030.402276] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1030.407454] CPU: 1 PID: 24178 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1030.414810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1030.424161] Call Trace: [ 1030.426753] dump_stack+0x194/0x24d [ 1030.430383] ? arch_local_irq_restore+0x53/0x53 [ 1030.435057] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1030.440257] dump_header+0x28c/0xe2b [ 1030.443983] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1030.449185] ? arch_local_irq_restore+0x53/0x53 [ 1030.453864] ? __lock_acquire+0x664/0x3e00 [ 1030.458103] ? print_irqtrace_events+0x270/0x270 [ 1030.462855] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1030.467967] ? trace_hardirqs_off+0x10/0x10 [ 1030.472271] ? __lock_acquire+0x664/0x3e00 [ 1030.476483] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1030.481659] ? __lock_acquire+0x664/0x3e00 [ 1030.485870] ? task_will_free_mem+0x252/0xaa0 [ 1030.490349] ? print_irqtrace_events+0x270/0x270 [ 1030.495089] ? ___ratelimit+0x30d/0x630 [ 1030.499042] ? lock_downgrade+0x980/0x980 [ 1030.503173] ? lock_release+0xa40/0xa40 [ 1030.507127] ? mark_held_locks+0xaf/0x100 [ 1030.511253] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1030.516334] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1030.521328] ? trace_hardirqs_on+0xd/0x10 [ 1030.525454] ? ___ratelimit+0x95/0x630 [ 1030.529321] ? idr_get_free+0xfd0/0xfd0 [ 1030.533278] ? find_held_lock+0x35/0x1d0 [ 1030.537338] oom_kill_process+0x8b9/0x1640 [ 1030.541554] ? lock_downgrade+0x980/0x980 [ 1030.545684] ? __lock_is_held+0xb6/0x140 [ 1030.549726] ? oom_evaluate_task+0x480/0x480 [ 1030.554122] ? rcu_read_unlock+0x35/0x70 [ 1030.558157] ? mem_cgroup_iter+0x363/0xbd0 [ 1030.562370] ? lock_downgrade+0x980/0x980 [ 1030.566505] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1030.571241] ? mark_held_locks+0xaf/0x100 [ 1030.575368] ? _raw_spin_unlock_irq+0x27/0x70 [ 1030.579860] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1030.584854] ? trace_hardirqs_on+0xd/0x10 [ 1030.588977] ? _raw_spin_unlock_irq+0x27/0x70 [ 1030.593455] ? css_task_iter_end+0x280/0x430 [ 1030.597926] ? _raw_spin_unlock_irq+0x27/0x70 [ 1030.602406] ? cgroup_procs_next+0x70/0x70 [ 1030.606704] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1030.611698] ? trace_hardirqs_on+0xd/0x10 [ 1030.615821] ? _raw_spin_unlock_irq+0x27/0x70 [ 1030.620293] ? oom_badness+0x980/0x980 [ 1030.624158] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1030.628894] ? mem_cgroup_iter_break+0x30/0x30 [ 1030.633467] ? finish_wait+0x268/0x490 [ 1030.637334] ? lock_downgrade+0x980/0x980 [ 1030.641474] out_of_memory+0x86d/0x1220 [ 1030.645436] ? oom_killer_disable+0x310/0x310 [ 1030.649914] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1030.655000] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1030.660000] ? trace_hardirqs_on+0xd/0x10 [ 1030.664141] mem_cgroup_out_of_memory+0x159/0x200 [ 1030.668962] ? swap_max_write+0x110/0x110 [ 1030.673084] ? do_raw_spin_trylock+0x190/0x190 [ 1030.677650] ? _raw_spin_unlock+0x22/0x30 [ 1030.681780] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1030.686775] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1030.692204] ? find_held_lock+0x35/0x1d0 [ 1030.696249] ? memcg_event_wake+0x420/0x420 [ 1030.700549] ? __do_page_fault+0x5f7/0xc90 [ 1030.704762] ? lock_downgrade+0x980/0x980 [ 1030.708890] pagefault_out_of_memory+0xbd/0x152 [ 1030.713536] ? out_of_memory+0x1220/0x1220 [ 1030.717745] ? handle_mm_fault+0x465/0xb10 [ 1030.721958] ? __handle_mm_fault+0x38c0/0x38c0 [ 1030.726515] ? vmacache_find+0x5f/0x280 [ 1030.730476] ? vmacache_update+0xfe/0x130 [ 1030.734606] mm_fault_error+0xd6/0x2c0 [ 1030.738474] __do_page_fault+0xb4d/0xc90 [ 1030.742521] ? mm_fault_error+0x2c0/0x2c0 [ 1030.746647] ? kernel_write+0x120/0x120 [ 1030.750602] ? do_syscall_64+0xb7/0x940 [ 1030.754556] do_page_fault+0xee/0x730 [ 1030.758334] ? __do_page_fault+0xc90/0xc90 [ 1030.762545] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1030.767278] ? syscall_return_slowpath+0x550/0x550 [ 1030.772186] ? syscall_return_slowpath+0x2ac/0x550 [ 1030.777092] ? prepare_exit_to_usermode+0x350/0x350 [ 1030.782087] ? retint_user+0x18/0x18 [ 1030.785797] ? page_fault+0x2f/0x50 [ 1030.789399] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1030.794221] ? page_fault+0x2f/0x50 [ 1030.797825] page_fault+0x45/0x50 [ 1030.801254] RIP: 0033:0x409b83 [ 1030.804418] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1030.809758] RAX: 0000001b9bc20000 RBX: 0000000000001263 RCX: 000000000040e950 [ 1030.817003] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1030.824253] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1030.831497] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1030.838744] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1030.846284] Task in /syz1 killed as a result of limit of /syz1 [ 1030.852359] memory: usage 0kB, limit 0kB, failcnt 3900 [ 1030.857679] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1030.864468] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1030.870641] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1030.890138] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1030.898899] [24178] 0 24178 11408 2089 65536 0 0 syz-executor1 [ 1030.907817] Memory cgroup out of memory: Kill process 24178 (syz-executor1) score 2105000 or sacrifice child [ 1030.917837] Killed process 24178 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1031.134275] oom_reaper: reaped process 24178 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:23 executing program 6: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00', 0x0}) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000d0fff5)='/dev/audio\x00', 0x802, 0x0) ioctl$int_in(r2, 0x800000c004500a, &(0x7f0000e5a000)) write$selinux_create(r2, &(0x7f0000000000)=@objname={'system_u:object_r:cron_log_t:s0', 0x20, 'unconfined_u:system_r:insmod_t:s0-s0:c0.c1023', 0x20, 0x0, 0x0, 0x20, './file0\x00'}, 0x59) write(r2, &(0x7f0000000140)="498e6c4db29964", 0x7) close(r2) sendmsg$nl_route(r0, &(0x7f0000000180)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)=@bridge_newneigh={0x28, 0x1c, 0x401, 0x0, 0x0, {0x2, 0x0, 0x0, r1}, [@NDA_DST_MAC={0xc, 0x1, @link_local={0x1, 0x80, 0xc2}}]}, 0x28}, 0x1}, 0x0) 2018/03/26 13:05:23 executing program 3: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000f74fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}], 0x1c) sendto$inet6(r0, &(0x7f0000000080)='1', 0x1, 0x0, &(0x7f00004b0000)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) sendmmsg(r0, &(0x7f0000008e40)=[{{0x0, 0x0, &(0x7f0000000600)=[{&(0x7f0000000380)='R', 0x1}], 0x1, &(0x7f0000000040), 0x94}, 0xfffffffffffffffe}], 0x1, 0x0) 2018/03/26 13:05:23 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r1 = syz_open_dev$sndseq(&(0x7f0000027ff3)='/dev/snd/seq\x00', 0x0, 0x0) r2 = dup2(r1, 0xffffffffffffffff) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r2, 0xc0a85352, &(0x7f00006e7f50)={{0x80}, 'port0\x00'}) 2018/03/26 13:05:23 executing program 4: r0 = socket$inet_dccp(0x2, 0x6, 0x0) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000000000)) getsockopt$inet_int(r0, 0x10d, 0xbf, &(0x7f000079bffc), &(0x7f0000350ffc)=0x69c4a5d13df95edf) 2018/03/26 13:05:23 executing program 0: timer_create(0x2, &(0x7f0000000040)={0x0, 0x1f}, &(0x7f00002d3ffc)) timer_settime(0x0, 0x0, &(0x7f00000e4fe0)={{0x0, 0x989680}, {0x0, 0x1c9c380}}, &(0x7f000094c000)) clock_nanosleep(0x2, 0x0, &(0x7f0000c12ff0)={0x77359400}, &(0x7f0000558ff0)) timer_settime(0x0, 0x0, &(0x7f00007a3fe0)={{}, {0x77359400}}, &(0x7f0000000000)) 2018/03/26 13:05:23 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000)=0x80, 0x0, 0x0) 2018/03/26 13:05:23 executing program 5: r0 = gettid() r1 = syz_open_procfs(r0, &(0x7f0000000040)='net/ip6_flowlabel\x00') exit(0x1ff) ioctl$TIOCCONS(r1, 0x541d) ioctl$KDDELIO(r1, 0x4b35, 0x5) r2 = perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r2, r1) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) 2018/03/26 13:05:23 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffffc) add_key$user(&(0x7f0000000400)='user\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000000c0)="684b815bbd37465e1ba7334c72ee6ad928e6831d5419f9bf67807c026d1738680d69b85791756518190d27a26a23b0f8ae70689707009b0d9c9898f82a7cafb7f3eabd732cea707aba5da9805fdaf093ecf9bcdf121e5162f2366c5bb4e717375777d4937737720cb0b45690d44c849f6d9dacc24e2a8bdb81bfdbe00674a628eabc7e95d087f1e2a26e7074a01836a45f426a714e5a7555055412adce85c83c4b3fb4698d8f40413f3de684", 0xffffffffffffffa7, r0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x80, 0x0) ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000080)={0x0}) ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000380)={r2, 0x20}) r3 = open(&(0x7f0000000200)='./file0\x00', 0x10000, 0x1) recvfrom(r3, &(0x7f0000000240)=""/148, 0x94, 0x10102, &(0x7f0000000300)=@ipx={0x4, 0xaa, 0xdc, "4b50b6d58574", 0x2}, 0x80) r4 = add_key$user(&(0x7f0000002580)='user\x00', &(0x7f0000002680)={0x73, 0x79, 0x7a}, &(0x7f00000026c0)="d7", 0x1, 0xfffffffffffffffb) keyctl$set_timeout(0xf, r4, 0x0) [ 1031.349068] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1031.360074] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1031.365254] CPU: 1 PID: 24191 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1031.372614] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1031.381969] Call Trace: [ 1031.384589] dump_stack+0x194/0x24d [ 1031.388226] ? arch_local_irq_restore+0x53/0x53 [ 1031.392892] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1031.398085] dump_header+0x28c/0xe2b [ 1031.401801] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1031.406982] ? arch_local_irq_restore+0x53/0x53 [ 1031.411643] ? __lock_acquire+0x664/0x3e00 [ 1031.415862] ? print_irqtrace_events+0x270/0x270 [ 1031.420634] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1031.425784] ? trace_hardirqs_off+0x10/0x10 [ 1031.430084] ? __lock_acquire+0x664/0x3e00 [ 1031.434304] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1031.439485] ? __lock_acquire+0x664/0x3e00 [ 1031.443703] ? task_will_free_mem+0x252/0xaa0 [ 1031.448190] ? print_irqtrace_events+0x270/0x270 [ 1031.452950] ? ___ratelimit+0x30d/0x630 [ 1031.456916] ? lock_downgrade+0x980/0x980 [ 1031.461060] ? lock_release+0xa40/0xa40 [ 1031.465036] ? mark_held_locks+0xaf/0x100 [ 1031.469175] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1031.474271] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1031.479356] ? trace_hardirqs_on+0xd/0x10 [ 1031.483491] ? ___ratelimit+0x95/0x630 [ 1031.487363] ? idr_get_free+0xfd0/0xfd0 [ 1031.491321] ? find_held_lock+0x35/0x1d0 [ 1031.495390] oom_kill_process+0x8b9/0x1640 [ 1031.499609] ? lock_downgrade+0x980/0x980 [ 1031.503749] ? __lock_is_held+0xb6/0x140 [ 1031.507799] ? oom_evaluate_task+0x480/0x480 [ 1031.512209] ? rcu_read_unlock+0x35/0x70 [ 1031.516255] ? mem_cgroup_iter+0x363/0xbd0 [ 1031.520484] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1031.525233] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1031.529972] ? retint_kernel+0x10/0x10 [ 1031.533863] ? _raw_spin_unlock_irq+0x56/0x70 [ 1031.538357] ? css_task_iter_end+0x280/0x430 [ 1031.542832] ? _raw_spin_unlock_irq+0x27/0x70 [ 1031.547308] ? cgroup_procs_next+0x70/0x70 [ 1031.551520] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1031.556521] ? trace_hardirqs_on+0xd/0x10 [ 1031.560647] ? _raw_spin_unlock_irq+0x27/0x70 [ 1031.565129] ? oom_badness+0x980/0x980 [ 1031.568999] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1031.573744] ? mem_cgroup_iter_break+0x30/0x30 [ 1031.578332] ? finish_wait+0x268/0x490 [ 1031.582210] ? lock_downgrade+0x980/0x980 [ 1031.586347] out_of_memory+0x86d/0x1220 [ 1031.590320] ? oom_killer_disable+0x310/0x310 [ 1031.594795] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1031.599882] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1031.604884] ? trace_hardirqs_on+0xd/0x10 [ 1031.609041] mem_cgroup_out_of_memory+0x159/0x200 [ 1031.613868] ? swap_max_write+0x110/0x110 [ 1031.617993] ? do_raw_spin_trylock+0x190/0x190 [ 1031.622573] ? _raw_spin_unlock+0x22/0x30 [ 1031.626711] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1031.631714] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1031.637150] ? find_held_lock+0x35/0x1d0 [ 1031.641203] ? memcg_event_wake+0x420/0x420 [ 1031.645506] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1031.650507] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1031.655255] pagefault_out_of_memory+0xbd/0x152 [ 1031.659916] ? out_of_memory+0x1220/0x1220 [ 1031.664157] mm_fault_error+0xd6/0x2c0 [ 1031.668039] __do_page_fault+0xb4d/0xc90 [ 1031.672100] ? mm_fault_error+0x2c0/0x2c0 [ 1031.676252] ? kernel_write+0x120/0x120 [ 1031.680218] ? do_syscall_64+0xb7/0x940 [ 1031.684191] do_page_fault+0xee/0x730 [ 1031.687979] ? __do_page_fault+0xc90/0xc90 [ 1031.692203] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1031.696947] ? syscall_return_slowpath+0x550/0x550 [ 1031.701862] ? syscall_return_slowpath+0x2ac/0x550 [ 1031.706783] ? prepare_exit_to_usermode+0x350/0x350 [ 1031.711782] ? retint_user+0x18/0x18 [ 1031.715481] ? page_fault+0x2f/0x50 [ 1031.719092] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1031.723920] ? page_fault+0x2f/0x50 [ 1031.727531] page_fault+0x45/0x50 [ 1031.730965] RIP: 0033:0x409b83 [ 1031.734132] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1031.739482] RAX: 0000001b9bc20000 RBX: 0000000000001264 RCX: 000000000040e950 [ 1031.746731] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1031.753979] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1031.761230] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1031.768481] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1031.776102] Task in /syz1 killed as a result of limit of /syz1 [ 1031.782141] memory: usage 0kB, limit 0kB, failcnt 3908 [ 1031.787465] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1031.794257] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1031.800451] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1031.819924] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1031.828728] [24191] 0 24191 11408 2089 65536 0 0 syz-executor1 [ 1031.837687] Memory cgroup out of memory: Kill process 24191 (syz-executor1) score 2105000 or sacrifice child 2018/03/26 13:05:23 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r1 = syz_open_dev$sndseq(&(0x7f0000027ff3)='/dev/snd/seq\x00', 0x0, 0x0) dup2(r1, 0xffffffffffffffff) 2018/03/26 13:05:24 executing program 1: r0 = socket$inet6_dccp(0xa, 0x6, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000002640)='/dev/vcsa#\x00', 0x9, 0x10002) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffff9c, 0x84, 0x6d, &(0x7f0000002680)={0x0}, &(0x7f00000026c0)=0x8) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000002700)={r2, 0x1, 0xc305b3b602ab9c15}, &(0x7f0000002740)=0xc) setsockopt$inet6_buf(r0, 0x29, 0x23, &(0x7f0000000000)='*', 0x1) r3 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x3, 0x0) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r3, 0x84, 0x8, &(0x7f0000000080), &(0x7f00000000c0)=0x4) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r3, 0x84, 0x15, &(0x7f0000000100)={0x1}, 0x1) 2018/03/26 13:05:24 executing program 0: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000264ff7)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = socket$inet_sctp(0x2, 0x1, 0x84) getpeername(r2, &(0x7f0000000080)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @loopback}}}, &(0x7f0000000000)=0x80) fcntl$setsig(0xffffffffffffffff, 0xa, 0x0) mmap(&(0x7f0000000000/0x709000)=nil, 0x709000, 0x1, 0x32, 0xffffffffffffffff, 0x0) poll(&(0x7f0000000100)=[{r1, 0x4}, {r1, 0x408}], 0x2, 0x10000) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000040)) pwrite64(r0, &(0x7f0000000140)="a0c2b525bb05c3d070c613cd1d01f9792c4354325b948a5d71b8257e77bf1cdd17c25ea9fb7eb67fae7788cec6723f12c2b3791f8ea9d61c544808a5e620894b72acffa2143b762e4b0cca79b4a869e550f92349d686146b9040b6b932376d6d9d2f466316c6223936a2100e848ff7a1ffb50969f4082219a0d429ea85d2929ce4fa0e5877eff2ebb15f3679827aabe7c1ba7266f0fe523e", 0x98, 0x0) 2018/03/26 13:05:24 executing program 4: r0 = socket(0x2, 0x1, 0x0) getpeername$packet(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @local}, &(0x7f00000000c0)=0x14) bind$packet(r0, &(0x7f0000000100)={0x11, 0x0, r1, 0x1, 0x88, 0x6, @random='paP:[x'}, 0x14) setsockopt(r0, 0x1040000000000006, 0x6, &(0x7f0000000080)="0200", 0xffffffd8) recvfrom$ax25(r0, &(0x7f0000000140)=""/111, 0x6f, 0x2000, &(0x7f00000001c0)={0x3, {"5a1c3916a25122"}, 0x9}, 0x10) r2 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x0, 0x2000) setsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000200)={r1, @multicast2=0xe0000002, @local={0xac, 0x14, 0x14, 0xaa}}, 0xc) [ 1031.847747] Killed process 24191 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1031.861482] oom_reaper: reaped process 24191 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:24 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) connect$netlink(r0, &(0x7f0000000040)=@proc={0x10, 0x0, 0x25dfdbfd, 0x4100800}, 0xc) sendmsg$nl_generic(r0, &(0x7f0000018000)={&(0x7f000001a000)={0x10}, 0xc, &(0x7f0000000000)={&(0x7f0000024000)={0x174, 0x1c, 0x1, 0x0, 0x0, {0x8000000000000001}}, 0xb}, 0x1}, 0x0) 2018/03/26 13:05:24 executing program 3: ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000040)={0x6, 0xffffffffffffffff}) getsockopt$inet_dccp_buf(r0, 0x21, 0xe, &(0x7f00000000c0)=""/178, &(0x7f0000000180)=0xb2) unlinkat(r0, &(0x7f0000000080)='./file0\x00', 0x1ff) socketpair$unix(0x1, 0x8000000000005, 0x0, &(0x7f0000588ff8)={0xffffffffffffffff}) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) shutdown(r1, 0x1) 2018/03/26 13:05:24 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) syz_open_dev$sndseq(&(0x7f0000027ff3)='/dev/snd/seq\x00', 0x0, 0x0) [ 1031.945345] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1031.956540] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1031.961731] CPU: 1 PID: 24211 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1031.969088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1031.978433] Call Trace: [ 1031.981012] dump_stack+0x194/0x24d [ 1031.984625] ? arch_local_irq_restore+0x53/0x53 [ 1031.989366] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1031.994545] dump_header+0x28c/0xe2b [ 1031.998245] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1032.003419] ? arch_local_irq_restore+0x53/0x53 [ 1032.008077] ? perf_trace_lock+0xd6/0x900 [ 1032.013035] ? __lock_acquire+0x664/0x3e00 [ 1032.017256] ? trace_event_raw_event_lock+0x340/0x340 [ 1032.022434] ? perf_trace_lock+0xd6/0x900 [ 1032.026563] ? trace_hardirqs_off+0x10/0x10 [ 1032.030859] ? perf_trace_lock+0xd6/0x900 [ 1032.034996] ? trace_event_raw_event_lock+0x340/0x340 [ 1032.040173] ? __lock_acquire+0x664/0x3e00 [ 1032.044388] ? task_will_free_mem+0x252/0xaa0 [ 1032.048869] ? print_irqtrace_events+0x270/0x270 [ 1032.053624] ? ___ratelimit+0x30d/0x630 [ 1032.057586] ? lock_downgrade+0x980/0x980 [ 1032.061719] ? lock_release+0xa40/0xa40 [ 1032.065763] ? mark_held_locks+0xaf/0x100 [ 1032.069900] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1032.074995] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1032.079992] ? trace_hardirqs_on+0xd/0x10 [ 1032.084125] ? ___ratelimit+0x95/0x630 [ 1032.087992] ? idr_get_free+0xfd0/0xfd0 [ 1032.091948] ? find_held_lock+0x35/0x1d0 [ 1032.096002] oom_kill_process+0x8b9/0x1640 [ 1032.100221] ? lock_downgrade+0x980/0x980 [ 1032.104353] ? __lock_is_held+0xb6/0x140 [ 1032.108400] ? oom_evaluate_task+0x480/0x480 [ 1032.112799] ? rcu_read_unlock+0x35/0x70 [ 1032.116846] ? mem_cgroup_iter+0x363/0xbd0 [ 1032.121057] ? lock_downgrade+0x980/0x980 [ 1032.125191] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1032.129930] ? mark_held_locks+0xaf/0x100 [ 1032.134059] ? _raw_spin_unlock_irq+0x27/0x70 [ 1032.138536] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1032.143531] ? trace_hardirqs_on+0xd/0x10 [ 1032.147663] ? _raw_spin_unlock_irq+0x27/0x70 [ 1032.152136] ? css_task_iter_end+0x280/0x430 [ 1032.156522] ? _raw_spin_unlock_irq+0x27/0x70 [ 1032.160997] ? cgroup_procs_next+0x70/0x70 [ 1032.165213] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1032.170222] ? trace_hardirqs_on+0xd/0x10 [ 1032.174348] ? _raw_spin_unlock_irq+0x27/0x70 [ 1032.178823] ? oom_badness+0x980/0x980 [ 1032.182687] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1032.187423] ? mem_cgroup_iter_break+0x30/0x30 [ 1032.192016] ? finish_wait+0x268/0x490 [ 1032.195885] ? lock_downgrade+0x980/0x980 [ 1032.200022] out_of_memory+0x86d/0x1220 [ 1032.204002] ? oom_killer_disable+0x310/0x310 [ 1032.208479] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1032.213563] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1032.218558] ? trace_hardirqs_on+0xd/0x10 [ 1032.222694] mem_cgroup_out_of_memory+0x159/0x200 [ 1032.227515] ? swap_max_write+0x110/0x110 [ 1032.231646] ? do_raw_spin_trylock+0x190/0x190 [ 1032.236213] ? _raw_spin_unlock+0x22/0x30 [ 1032.240355] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1032.245351] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1032.250782] ? find_held_lock+0x35/0x1d0 [ 1032.254825] ? memcg_event_wake+0x420/0x420 [ 1032.259125] ? __do_page_fault+0x5f7/0xc90 [ 1032.263338] ? lock_downgrade+0x980/0x980 [ 1032.267469] pagefault_out_of_memory+0xbd/0x152 [ 1032.272114] ? out_of_memory+0x1220/0x1220 [ 1032.276323] ? handle_mm_fault+0x465/0xb10 [ 1032.280542] ? __handle_mm_fault+0x38c0/0x38c0 [ 1032.285109] ? vmacache_find+0x5f/0x280 [ 1032.289061] ? vmacache_update+0xfe/0x130 [ 1032.293194] mm_fault_error+0xd6/0x2c0 [ 1032.297064] __do_page_fault+0xb4d/0xc90 [ 1032.301116] ? mm_fault_error+0x2c0/0x2c0 [ 1032.305253] ? kernel_write+0x120/0x120 [ 1032.309208] ? do_syscall_64+0xb7/0x940 [ 1032.313165] do_page_fault+0xee/0x730 [ 1032.316947] ? __do_page_fault+0xc90/0xc90 [ 1032.321159] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1032.325895] ? syscall_return_slowpath+0x550/0x550 [ 1032.330802] ? syscall_return_slowpath+0x2ac/0x550 [ 1032.335713] ? prepare_exit_to_usermode+0x350/0x350 [ 1032.340707] ? retint_user+0x18/0x18 [ 1032.344402] ? page_fault+0x2f/0x50 [ 1032.348009] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1032.352838] ? page_fault+0x2f/0x50 [ 1032.356444] page_fault+0x45/0x50 [ 1032.359871] RIP: 0033:0x409b83 [ 1032.363038] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1032.368378] RAX: 0000001b9bc20000 RBX: 0000000000001265 RCX: 000000000040e950 [ 1032.375625] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1032.382871] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1032.390117] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1032.397363] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1032.405038] Task in /syz1 killed as a result of limit of /syz1 [ 1032.411078] memory: usage 0kB, limit 0kB, failcnt 3916 [ 1032.416390] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1032.423175] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 2018/03/26 13:05:24 executing program 4: syz_emit_ethernet(0x3e, &(0x7f00000000c0)=ANY=[@ANYBLOB="0180c20000000180c2000000080045000030000000000033907800000000ffffffff2100907800000000450000000000040000100000ac14ffbbe0000002"], &(0x7f0000000040)) r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/tcp\x00') getsockopt$inet_dccp_buf(r0, 0x21, 0xc, &(0x7f00000001c0)=""/4096, &(0x7f0000000080)=0x1000) ioctl$SNDRV_TIMER_IOCTL_STATUS(r0, 0x80605414, &(0x7f0000000100)=""/145) 2018/03/26 13:05:24 executing program 3: r0 = semget$private(0x0, 0x20000000103, 0x0) semtimedop(r0, &(0x7f000001dfd6)=[{0x0, 0xfffffffffffffff7}], 0x1, &(0x7f0000380000)={0x101}) semget$private(0x0, 0x1, 0x202) semtimedop(r0, &(0x7f0000033816)=[{}, {0x0, 0x8091}], 0x2, &(0x7f0000034000)={0x77359400}) semctl$IPC_RMID(r0, 0x0, 0x0) 2018/03/26 13:05:24 executing program 0: getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00007fbff0)={0x0, 0x1c, &(0x7f0000519fa8)=[@in6={0xa, 0x4e20, 0x0, @empty, 0x75}]}, &(0x7f0000f91ffc)=0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000903000)={0x1, 0x5, &(0x7f0000519fa8)=@framed={{0x18}, [@alu={0x4, 0x5, 0xb, 0x0, 0x1}], {0x95}}, &(0x7f0000c43000)='syzkaller\x00', 0x7ffe, 0x1000, &(0x7f00009ab000)=""/4096}, 0x48) r2 = fcntl$dupfd(r1, 0x406, r1) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r2, 0x84, 0x75, &(0x7f0000000000)={r0, 0xc063}, 0x8) [ 1032.429352] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1032.448854] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1032.457632] [24211] 0 24211 11408 2089 65536 0 0 syz-executor1 [ 1032.466544] Memory cgroup out of memory: Kill process 24211 (syz-executor1) score 2105000 or sacrifice child [ 1032.476571] Killed process 24211 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:24 executing program 1: r0 = socket$inet6(0xa, 0x1, 0x4732) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000002f80)={{{@in=@remote}}, {{@in6=@dev}, 0x0, @in6=@loopback}}, &(0x7f0000003080)=0xe8) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000040)=0x4) sendmsg(r0, &(0x7f0000003900)={&(0x7f00000030c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r0, 0x4, 0x4, 0x1, 0x1, {0xa, 0x4e20, 0x3, @ipv4={[], [0xff, 0xff]}, 0x100}}}, 0x80, &(0x7f0000003340)=[{&(0x7f0000003140)="8eec4cfc07283208a7da086fcb05f780339600a15deb2bf4466472a1a080b357c8621d227bdd9db51dc6ee4010e7ac669b21bd9d9dc5aeac4628614b9b00a75fd4b922ba4a33652e5c01b7ee885c3147eeb1b73f0a8130a09224eaff8a20bc5037528f7a09374f4ddec1212cc8c9d8c714fe49930c8349a2af43dfa5b987ce2f2896000f2d93f6ce07ef9bb774bd8d0eaac09e3f69d5d5cb664113b27001bdb13d91004d43705b109bea896152a4143f13f43398d24a224a17c612c3", 0xbc}, {&(0x7f0000003200)="2c45f64fa0ccce7934ee3d3df94b466f80979b5983b57945894c1e66fbb59a36041b7468507370c31d5b3048e80a89c6e6f9cb8f6096928bdc7a29e812851465a287a91c115f2a4b7b9c07489470ff1d5cbee8daee7a5d96fb17916615aac964bb19dca5967db4a01c4797a146c8872b3c2a0a8fb05094ba2ccd149309f9a551e0ac7187612fd37096c274d4954a6a80c8c1733dda7b24a571f4b56f0f859eaa732115439bb400249fae8f167051b821819ef1576156e05647ac83c7419373164cec5d0f31eb91c01a019b63d6dfb10bbff0b9e9b6b7c5a4fd0ec8824b0c7841f0e11b696a4680767b00f886b8151d5e45dad5", 0xf3}, {&(0x7f0000004040)="508559f7a65d343b1cc70c085f32162c6a5dd58bc77dfa316e072799036a2575c01d7397660b5ee12fe77377d1c667224054a04c88f55e88a1fdf66e410a15dc3b074413c930280cfedf869a9d47df16741e4678cdad9c57b32e95a60ecad7bc73977d83f24b05e9b3aa44367ef270bf1afd7dec4fe3898c436abf1715086e4ef93d13f5c648861d147835a515b51bad8262bf97650264c34594c91f53021de80e225569c9c04fb0d9f1c03d57aebf39e2a456ad19cebedfda8b962ba6b716e4f8a02b19e61301b711d26c794a000f7add337e0c65727208517a207ce70e1aadcfb13f6c6129fcaf72e0596a93aadca301eb2bd2590f7f70d468aa89df92d3a974c8b1160e24e3854235daaf7c2d65d7ef88d5a7d5687f6104e69fd31c5e7baa39eda6783a0a5ca0eaf6d556c29a6b35a35314429e56a71655ed7481229165a78c162a6cb2ca0810f8a2bba8acd20a621fac6254afb4b98a5fa2f4c5ae917a78e8be40918f94c05f2aa75bdb9d5d6ba48aeccc6bc12f455130232adbd2d87626396086c90ab6de3f26796fdb8c7e58e2bebc5b6e260e3090a6db5f2f71a515b1400d3e3ac14d15ead7ab3751c870147c125a9df1711154c0b0f74d7e25319c3997789f6e3f80e468a83f46af084b4d939999bd73b08759ca3f3c0e9683d9b15f0e97604b21f97b6bada25accee6f7049803f4702e035bf471af3a91aded08558c7a75d1f87c91e050f7fdccb9e222e87a999685fa62494353e64b678a1d38ebbb845d0822b9da912d41b328c302c90673cf908a8139ee13c51f5b5c610ab5123fb4750220a20a1b38f97de569d8bfcab2703912a6538831d2e57e8967d09b85be879a408b2e4f0d6526bab54f7c5bee5d6bd49070f89c52e6651415e46c2d32bc1fe8433771f107438a39afca13afbb77bdaac0fbe693e803c1de8b1e5a15a94e902d0259e4f1b2e702c76fd7651bb89cf86850ce85da5c9196d52461ba02c871390de903d77fa086bf42ecb7195f1b6371564ef51c90c27d367565cb7769a47d1ac8e83bb36a46e4374e2244c9e8733c1ce2ec54e86bcc10077c2aecf0b587f6cd5a910c330e69938da3000c89d0a67fc1e5576ee46a8f990a5aa8383b4062628d5b24f72a7dca507aadd0079b04e6bee365235f59da5fb8df5981a9a4bd95f187b6569d1104d541dab604970ec4e530e2619aa328a91751c3a20bde870357074d819a04e48bec652090664c3e2e0a7e3be2179703145f4bcf13fc8b2736ff7d37d3584126c29b0253ca803f8b1f8767ed54023891f366661ac24bc8d06e188cda5465fd9c77a3623f8c69583f0047a404c5680d958da7ad165f1248ff1caa348101814a0a9bdd0707448efa48644b674e0fc9fbf82c82a2c95d001a4e7bc2b17bede6fa5300833a14342e3da105958042d1ab591ecc74a49a3a453c96250c7410009ef136370936c37c88b1ee3876bd90ac71b2218f196908558563265d7a2df9c8c95f6d2af5038d654b2ced1489fbfe54963d6cc721be2164161da2b105c024e82732f7008539de7c186890b95599f607d469e91576747c6c63e19f54416fa6b46a174508fa0f4f806bfdf17f8df0add38bfc4e37dfd2a0981a838519d98edb3404c1619441a10ee7e70f442daabf1db254922f4a87ba6da02b8ae4ad4f3becff74a442bd3c6fd4003c24889b2088b5fd0ab985de4a88d0b8f439e3c4becf4e4540864c92e2ce67db9e9e94dd6a0619217279e66d82322b1d38eb277b106b4f81373bfd0f700cdc692713b9f9e3705c3cd9dd8e3b145508af4278435a4435bd452b805ac1b3777bfa01aa484ec204ec60cf24db92c8900bf7ee32b4a6b9bfbb89a04921d205c8bbf51caec231c0eb7448cde5e02fa83b88e320c2969181a4b4e6904997b3bb590c43a8e00615fd12a3114d0faeb3208ca60959091e18a012f49714076852a904278c78fdc245c413450e134e71d491f459f7b8974e63e21b4bc2cab67a18985a7080afb5886bd8ccf3fe936e9bc14d10fa80819bbcda2f3275745f7597048c627072373a5fd9de319d77929d4d5a0ef001dfdeb327efa27e1a5ff1ef4562337b1947052267fe32fab155ec53aaabeea1e25456b5c5945aa1d97162a94c817fd60cab5cc40aaee30dbf41b9d93f53659adf28320781d276cdc4b22a765521ad43d161f781788afe48fb2552c10df27ed9c69e42f0c6e28343066dbad9b0a899dfd49ae226a7001df7bf75759875a474cf25cc0f5b1a84e33cc96b3310e66369cc6fa720d1c82c11d476604faf160c68458341703f05128a0d1342127346a7f9f4092ebb474194c640bf7649358681cbb159acef9f4b4c73cdec0e5d807976d81f69a514a5bbc86fd06fd1f0377dabc6b9be96ae52768e3c0db52b318a6f10fb2b9d12e922450274153a59de488b1d88f8ced453d68ea14974e5f79ee7a647595e806dddd032b5d04041965c40272534d41333ca9a4c318d0e3ec6175df7fc5ced89c9639ae3605368543e1391e3c44bdd763836316159dac00d33f5fc866bb3399b0b4cca92b25b2cbacf7ba044afba8e0cd5abeb46375a3c9e4bbbaf53e0c0d6a5652cd7de20f8ac6488e7a13732eab4fd0d8609a1c76b5d88f6b16297f5b151384cdfc9550df54f69a348c15c0ab8726bb22f642c0c61df19a1e09a70c983d44f94fbc88dc717667de266fe061f3805ebe7617ffdfb4481ca5fcf7b079c4a77a6765ba1d10c27f806a9f44db021a261029a67bb374d7d24c7002b97eb28f4d2fd6776a46863a0ef2ef23ae04d9fad9134f61bf74ae52568ac4e51469b3411a07547c2262c52b48e83094610bc484bb35649051c4414c11c131c4cd658cf7fb564c2f95306150e710cd224a31f450d576e1b65107502a2c8dcb3a3aaa66036bc4fad62961b3f8b7847afd14356955bc51979ce74aa4520658cacbeb112882ad3c511f803d979320b927a9f664b4292a33afc1ae26c28d2d22dd7222422a708e76049c180b884d52aaf42dfe0c60d8080896a4461abcbcbca019429ade3095e99d46333a7ff1a555cf47c62fe8cffa35a728285b2bb111a1dd438cc1796afef1c90de0e18700bf303f73ff8352f8c6b6033b5d16636c438f16349cadaa119fe1208336c3fd75911f38506af31a4537e88247d968bb6f270c421317571883783a6cfe03d6d8c0135d4eef583e7c856e57b5d54e71d629010a09ce089cf879467a5586aeeb0e4b3f530fe0343ca722f793e5c03157fe13222b3ac4e5c93c41a60aa6a573daa22e917ed12bafc3ec82f58f590a383f13764b4717fd687778abff3ec22e749f13a7a95620bd8fce5d6575c3e179fac4445568770c1a9d88752a8201c7c9e86fe42cf912700317905f87e847f2fa68b32da8354d25e954f564c89372b9bd624e71406f876997d347e4dad875b6f804e89df5956e398b01bc6ef5dc648bf9f6a63e3a3bd7ea6cbd9f34a7164dc2a26e7afefeb697c0ab8a2902ad0eda3bd138f26743c03a2a4ac1b26e5698c69d427a7883c49383b9575a1200b3837ce1d10361442de68feb6882f8b90c04d7f9e31503b58d092f034ae708b8412de8be1a906c8299a88274a812e39e139f57a3fc016260e51d8bc3129ab3ef367027695d2b78dd3922141b5d72eaa2371bb9590865e789f4851c43b74019762d9cfde4d62c9a043fbf3377ab5e733cfc6634a2538039e05fb96a87e48af55a5560cc10100e2b26953d79442e65cf7cc6fff9e37d1befbf0f5887deab3ec1f762f2ac42c823ca66265fb9c722fe895eba84e40956a5adf2c347c7523582e56f668715c7d679428031154e96e3816670971f10134da71d69cb675eb55c8effcaa5368c525fba79034b51618beda99689dbb61771df1852ae23ff60536de4a0e2033f360cd17cf96a291963ca808643e1fae92aa50a2d2f1355cfc3d2772afc62b7fecde5dac59d0374be48a302cd39017ff831241c31f4d8c529beb71056bcf53df4c0dadac0ffd8f10556dc2e06b4f8271ff26e43c5e7e80545642732b58b6e1b7288b85cde3ea89c52d30b9bf6bd9ee48551d2324802c30649c902804856ed8277bcbb503f8e8420b3c94bbc21311752e8468d41670d3f48c0773e2af7a21023d0a59e5658bd1e518d2ab28d6e2a43edf24cb77a083740b26d77b6309a76345df847137ef5b8549b1a6784e103e04ae52a688fc29abd98e8a82269336cf690f299e7dafcbd8c4962ded861cdedee86b3ed2886ba13e8223899764bdfe20e5f1c4d70d4d42e89921eab68f827b4c97abb79f62e11b91aefff9853eecb3cf438be5f75239bb06b6a4e2db9308f175fa37805c06f5354c39cba0c7ef42d2bd0e70f5933035c0e98379900530979c3c5128d049102545244c46b74bead374006677ba300c472a40a14ce9430cdaa2a6e9772f36b6bce6093cbb1cc551df3a4affecccd446c639eca9b6c89be711464e7698cd91ab9bdb39f74a1ab76dbe56f1068877952a3b8ba4546615cdbd5b1149ada2cdd29ae033ee1b2a36dd0e1f3a7e558e0ead723e3150c76ffe6e52314a4d6729b929a9a93b7d6180d06a24b0ed65d35abb13a799eedc153d562ec51cf02e9bc90ec7c65f5ec7c9ba2e9bc83a08ee55179602ff1aa84790e81f16199496941c9e30157c67981214dd9e5fd9e7a0c232f02d140cda754394c054e2e376f32ac8b58cf73c2cab91937d1ade316be8fe204da0557202acc580eed1b986b9ec4b4ac9d26ca131bafbdbb36fa54c0ee19a5c852c310627f4ebc6dddce3f3e337a220150a6480bf1a2b860e39267a8f8a68c269640d845306c630889fa6f58eb2ca52ef6fef1609d577790c42b41cfc8d059255e4cb4f579bc8b9079f888a4e1996737877ae89569a0a24b8cc6840e8a3c82b54cb495868c41e67e0577796cd8b045c9dd32bd096be6d913c0c8e8656b6b9159e9574debd9223bf6cbd7515e6d40eeaf1df13f7ce0ab2d09134da1174871130c8d368ad3bdb30bcd28cc9c4af1cbd2d244c617aaf9e1c42c7cf9a79134bf9d9fc12b14d5bb32d5bd67406adfa15b57095a6a61026865ec22f427b862a366c29f243fa96f7f57027c15a90fb004ad1695f1028c123313ee90a86466784eac24d1f90dfb9e41a441db669ff27c75b793614149f2221c9a3dbc0531bc0b7b28b2e060c5c9e4bc5d0c068e9dc2f6bf574a052c56b02b9af4091e1507ee9d84bc13b58829014e6e358e10901834ba928de3e729f04f0847bd80f70538a5bfe5e800e3da883e5b3a74b470e0bc942f38f8d4f4a8b82064e6200d984a5b956c1087ae1297219e20a83582459d7f3afcca52d51d3304110a9e7997dda242b236cd7da976297095f83626f28e66ef22522be34b3feab6e48e119f66af3bf9ae8ff1d723b3bc1be9fbbf0558c412611cbc350b3238315cc5a88c924ae3c30a8c79b6ff9002ba95e4fff029b8c184e17887658c23528ba1a59e5cfcf2a466d22daf3fe9fe8ff521f43696ad21708109feb0e18f7507d350d3742062f11bc1643d6d8998e796328216997655e6420b34682c3d27b30aafd388949ed695ddb471b38185a15c250a8477daf8f303f63aae738c623968b1dc523c1cfd2bf1c50ae4d922d3385636ab3953cf56042b5ec54577d93a08ea518923942ffdf2d4980347658cd6c51f6a3581fe51d04a299793bab48098b6b5a41088823c7820c54770de4f03cd2477336ae7fa8ac72a0911d52be794d035b430f01105fe98d9717e55ebfeac8fae9898f3803d70d0f71d6b26b465864037a001e6792554e29919198cfbc6", 0x1000}, {&(0x7f0000003300)="c7641c907f489fcac88816ba1468fabaa5aeaef3f911c4ab1d32cc0f25f8c1f87999b089167462", 0x27}], 0x4, &(0x7f0000003380)=ANY=[@ANYBLOB="e0000000000000000901000001000080ed185bda9d6a299b326f7f2f3732e7268fa7f51f595c2b44dfc8e0a1410093847eff6278db69c3970c9300c7d84a594307eba052aa87c322b72f9c364e289796abeee783ab5ba026c239860a62bed7f17dc13f075865fd614eda6799977f9d5c6f6994c131908250fa01ede94b175308508d09f96335c53e24e421cb4bc1e5ac9945d9683e9e8158383cac6c3dce11d6f17207315660a598e190b00ba023baf0414848210f497bebcd7dd1188fb92e6c3f734c49513be91a36a563a3415014e42391de9067c7bb21760eee4900000000b8000000000000009f010000a47b000089e71862a62b586d4b3677631bd81e89f248eb9dac99bc317824a444b883676da58502b81605141f920ef59ec5775e3f088cf3701fedff86e6d13da1b86094f890b221f1d9e263e9a5fade59e25cd6e59375a7b724fdbde24afc99b653527af0f7a004de45b87db47361a02e2b2c701ccd2d580f5805b559500851af8edeb2924c12e0b35ac8bca36aeae7c1fdcb199637d3c550d6cc65f9ae8d1ab5f8991f9fe800000000000000d8000000000000000301000005000000c64046d6cf39c0a58c48d0a2ed120ebb71a55d48900b2ed41d63cd3b3a39c86c19e7e7b7da7789474673a7e754c15425d56722a2b34d5e6a3148e44d99a076f1fcc4ced8c24e65b46dba7523227b3cb92dc4935ac0a5c113ee4fac4f94e8cac5b552304f7f1a2c511122737b563f011b6b2c930ce923888a215d1b0184bade07d23ddcac04a4de767d1f243db97aa6d245969facf18394ea250c8aace8c50e0d98a2bd48e0dc985b7baa0793f7cce35fa08c07d656e8a93e92da843323b6a4437632670000000000c8000000000000000000000008000000bb9ad3ed735c7182393c09e58832adc22f508cc08881e7c1c5d822f307ff0db6f4008232ca8902fe5f9e1436363d2c408ffc05428ee28e42f262a7d44778cd6f70f6a07660fc8f6e6d65e4ae8c0ff42b4314d448417c071c208289ef1324bb32389c88a2d4b37e665437e6f2db07a53769a4b45512beb339f5bc9eeb742aab1a13d7c55a12c7108fbd6fe7aa8ed6f914a57ab478669902626b9796331a1fa50cf42dc95b76c1f354096f5c75993332bdf6410d7eec84bc0010000000000000000e0100000180000008010000000000008c010000ff7f0000daf0b5c18fcec2318c511e4f03c32273e057e90a7d39deea69c3b1bd21d5600042035ac2bb64265f483195dc3e7440659bdb48872eb6ce490e7455011fd30ed74ea8c98b39d3cfc241c8fd56a81fac491521c96240e27bb9568b44e5e1e270a09afb608bace6d9e3f213bcee5a3ae923d9f99ef8e1350833e903abb28d314a23e35841a48c29ff8b3a923dbee515a985941d26f7d05ab9af6d9469a36ded78d5a3866f64d27f98fc8b0aab43b1d30a301832cf0b0a57d2d8de63c40d5bd77f025a9b8b9b599ddfc87e1473f35e78e626b335251dc3e2926d9a6bb397e75be046bd9ae3425d78cecb93b6a3e9411a867e4b67e2e60e26709b0001000000000000040100004000000049394e417b269c3529c930a96734941d7954e98e67f29f3f6efc53580b3da60d3c3bcdb9f916bbd5d3319c2ca0025e6f8756c74e49e8d252f2f740f8fa44a2ae8664dbba732784f174265c8c897e21ed602be5c552562cee09e05408725823ba6b2088c25852b106eeed74da3d83f99ced93833cc18d30a697738e5da0c71c70d160be9ef786330b79ac44ede4f7d1cc9d150e623b95201b6f6ca744f91154a5a7df912092d1619c69b024e27957d550f867d1de3711c240e96ff26207365ac1b1994d493402b2aa3ddaca4876a3d1fb882ac70a45ad2ca183e789bcfafbfc77a225e00215f78a7ed8521a947c000000"], 0x550, 0x4}, 0x8081) recvmsg(r0, &(0x7f0000000280)={&(0x7f00000000c0)=@nl=@unspec, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000140)=""/107, 0x6b}], 0x1, &(0x7f0000000200)=""/84, 0x54, 0x4}, 0x10000) r2 = socket$inet(0x10, 0x2, 0x0) sendmsg(r2, &(0x7f0000013000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000006000)="240000005e00030207fffd946fa283bc0ae6e6d87986c4970b1d8568b51ba3a2d188737e", 0x24}], 0x1}, 0x0) 2018/03/26 13:05:24 executing program 5: r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x181000, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000180)=0x0) ptrace$getsig(0x4202, r2, 0x1, &(0x7f0000000240)) bind$rds(r1, &(0x7f0000000040)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x16}}, 0x10) readv(r0, &(0x7f0000000140)=[{&(0x7f0000000080)=""/154, 0x9a}], 0x1) sendmsg$nl_generic(r0, &(0x7f0000af9fc8)={&(0x7f000000eff4)={0x10, 0x34000}, 0xc, &(0x7f0000220000)={&(0x7f00004b0ed8)={0x14, 0x23, 0x301, 0x0, 0x0, {0xb}}, 0x14}, 0x1}, 0x0) syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x409, 0x0) 2018/03/26 13:05:24 executing program 4: setrlimit(0x9, &(0x7f0000000080)={0x199, 0x7ff}) syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], {@ipv6={0x86dd, {0x0, 0x6, "b40900", 0x30, 0x67, 0x0, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@time_exceed={0x21, 0x0, 0x0, 0x58, [], {0x0, 0x6, "b680fa", 0x0, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}}}}}}}}, 0x0) r0 = syz_open_dev$vcsa(&(0x7f00000000c0)='/dev/vcsa#\x00', 0x5, 0x0) ioctl$ASHMEM_GET_NAME(r0, 0x81007702, &(0x7f0000000100)=""/67) [ 1032.495209] oom_reaper: reaped process 24211 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1032.610891] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1032.621982] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1032.627173] CPU: 0 PID: 24230 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1032.634528] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1032.643878] Call Trace: [ 1032.646470] dump_stack+0x194/0x24d [ 1032.650102] ? arch_local_irq_restore+0x53/0x53 [ 1032.654779] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1032.659985] dump_header+0x28c/0xe2b [ 1032.663712] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1032.668930] ? arch_local_irq_restore+0x53/0x53 [ 1032.673611] ? __lock_acquire+0x664/0x3e00 [ 1032.677864] ? print_irqtrace_events+0x270/0x270 [ 1032.682969] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1032.688091] ? trace_hardirqs_off+0x10/0x10 [ 1032.692410] ? __lock_acquire+0x664/0x3e00 [ 1032.696672] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1032.701868] ? __lock_acquire+0x664/0x3e00 [ 1032.706102] ? task_will_free_mem+0x252/0xaa0 [ 1032.710613] ? print_irqtrace_events+0x270/0x270 [ 1032.715380] ? ___ratelimit+0x30d/0x630 [ 1032.719355] ? lock_downgrade+0x980/0x980 [ 1032.723509] ? lock_release+0xa40/0xa40 [ 1032.727493] ? mark_held_locks+0xaf/0x100 [ 1032.731631] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1032.736716] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1032.741712] ? trace_hardirqs_on+0xd/0x10 [ 1032.745842] ? ___ratelimit+0x95/0x630 [ 1032.749715] ? idr_get_free+0xfd0/0xfd0 [ 1032.753668] ? find_held_lock+0x35/0x1d0 [ 1032.757725] oom_kill_process+0x8b9/0x1640 [ 1032.761938] ? lock_downgrade+0x980/0x980 [ 1032.766065] ? __lock_is_held+0xb6/0x140 [ 1032.770107] ? oom_evaluate_task+0x480/0x480 [ 1032.774498] ? rcu_read_unlock+0x35/0x70 [ 1032.778535] ? mem_cgroup_iter+0x363/0xbd0 [ 1032.782746] ? lock_downgrade+0x980/0x980 [ 1032.786874] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1032.791607] ? mark_held_locks+0xaf/0x100 [ 1032.795730] ? _raw_spin_unlock_irq+0x27/0x70 [ 1032.800202] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1032.805196] ? trace_hardirqs_on+0xd/0x10 [ 1032.809322] ? _raw_spin_unlock_irq+0x27/0x70 [ 1032.813794] ? css_task_iter_end+0x280/0x430 [ 1032.818175] ? _raw_spin_unlock_irq+0x27/0x70 [ 1032.822645] ? cgroup_procs_next+0x70/0x70 [ 1032.826941] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1032.831932] ? trace_hardirqs_on+0xd/0x10 [ 1032.836054] ? _raw_spin_unlock_irq+0x27/0x70 [ 1032.840533] ? oom_badness+0x980/0x980 [ 1032.844400] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1032.849140] ? mem_cgroup_iter_break+0x30/0x30 [ 1032.853706] ? finish_wait+0x268/0x490 [ 1032.857574] ? lock_downgrade+0x980/0x980 [ 1032.861706] out_of_memory+0x86d/0x1220 [ 1032.865670] ? oom_killer_disable+0x310/0x310 [ 1032.870140] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1032.875221] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1032.880215] ? trace_hardirqs_on+0xd/0x10 [ 1032.884358] mem_cgroup_out_of_memory+0x159/0x200 [ 1032.889186] ? swap_max_write+0x110/0x110 [ 1032.893313] ? do_raw_spin_trylock+0x190/0x190 [ 1032.898062] ? _raw_spin_unlock+0x22/0x30 [ 1032.902189] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1032.907184] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1032.912632] ? find_held_lock+0x35/0x1d0 [ 1032.916679] ? memcg_event_wake+0x420/0x420 [ 1032.921069] ? __do_page_fault+0x5f7/0xc90 [ 1032.925302] ? lock_downgrade+0x980/0x980 [ 1032.929431] pagefault_out_of_memory+0xbd/0x152 [ 1032.934087] ? out_of_memory+0x1220/0x1220 [ 1032.938293] ? handle_mm_fault+0x465/0xb10 [ 1032.942505] ? __handle_mm_fault+0x38c0/0x38c0 [ 1032.947058] ? vmacache_find+0x5f/0x280 [ 1032.951004] ? vmacache_update+0xfe/0x130 [ 1032.955139] mm_fault_error+0xd6/0x2c0 [ 1032.959009] __do_page_fault+0xb4d/0xc90 [ 1032.963058] ? mm_fault_error+0x2c0/0x2c0 [ 1032.967182] ? kernel_write+0x120/0x120 [ 1032.971140] ? do_syscall_64+0xb7/0x940 [ 1032.975104] do_page_fault+0xee/0x730 [ 1032.978880] ? __do_page_fault+0xc90/0xc90 [ 1032.983099] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1032.987828] ? syscall_return_slowpath+0x550/0x550 [ 1032.992730] ? syscall_return_slowpath+0x2ac/0x550 [ 1032.997634] ? prepare_exit_to_usermode+0x350/0x350 [ 1033.002634] ? retint_user+0x18/0x18 [ 1033.006323] ? page_fault+0x2f/0x50 [ 1033.009923] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1033.014740] ? page_fault+0x2f/0x50 [ 1033.018342] page_fault+0x45/0x50 [ 1033.021767] RIP: 0033:0x409b83 [ 1033.024930] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1033.030268] RAX: 0000001b9bc20000 RBX: 0000000000001266 RCX: 000000000040e950 [ 1033.037510] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1033.044763] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1033.052018] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1033.059267] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1033.066869] Task in /syz1 killed as a result of limit of /syz1 [ 1033.072913] memory: usage 0kB, limit 0kB, failcnt 3924 [ 1033.078220] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1033.084986] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1033.091144] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:05:25 executing program 6: socket$inet(0x2, 0x3, 0x2) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x109900, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) setrlimit(0x7, &(0x7f0000becff0)) perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) 2018/03/26 13:05:25 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:25 executing program 4: r0 = creat(&(0x7f0000beaff8)='./file0\x00', 0x0) ioctl$KVM_ENABLE_CAP_CPU(r0, 0x4068aea3, &(0x7f0000000000)={0x0, 0x0, [0x3, 0x7f, 0x0, 0x10001]}) getsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000080)=0xea, &(0x7f0000000140)=0x4) getpeername$unix(r0, &(0x7f00000001c0), &(0x7f0000000240)=0x6e) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/ipv6_route\x00') ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000180)={0xdde, 0x2, 0xd80}) sendfile(r0, r1, &(0x7f0000000100), 0x26a950b) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000280)={0x8, 0x7, 0xc9, 0x7fffffff, 0x5, 0x0, 0x80000001, 0xfff, 0x4, 0x832d}) 2018/03/26 13:05:25 executing program 0: perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x9d7000)=nil, 0x9d7000, 0x4, 0x4d072, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x40000, 0x0) sendmsg$nl_generic(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x21112020}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, 0x1b, 0x400, 0x70bd2a, 0x25dfdbfd, {0x3}, [@nested={0x18, 0x45, [@typed={0x14, 0x15, @ipv6}]}, @typed={0x8, 0x86, @str='\x00'}, @typed={0x14, 0x10, @str='em1\'}em1)}eth0\x00'}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000004}, 0x10) mbind(&(0x7f0000175000/0x2000)=nil, 0x2000, 0x8003, &(0x7f00000001c0)=0x1000, 0x10000, 0x7) prctl$setfpexc(0xc, 0x0) 2018/03/26 13:05:25 executing program 2: syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') mlock2(&(0x7f0000ae3000/0x2000)=nil, 0x2000, 0xfffffffffffffffe) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:25 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x11, &(0x7f0000000280), 0x4) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r1, &(0x7f0000000000)={0xa, 0x4e22, 0x80000}, 0x1c) connect$inet6(r1, &(0x7f0000966fe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffff9c, 0x84, 0xf, &(0x7f00000002c0)={0x0, @in={{0x2, 0x4e23}}, 0x8, 0xff, 0x80000000, 0x6, 0x101}, &(0x7f00000000c0)=0x98) getsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000080)=@assoc_id=r2, &(0x7f0000000040)=0x1) restart_syscall() 2018/03/26 13:05:25 executing program 1: socket$inet(0x2, 0x0, 0x1ff) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = memfd_create(&(0x7f0000000080)='user,vmnet1\x00', 0x0) getsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000100), 0x2) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'bcsh0\x00'}) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000040)={'eql\x00', 0x0}) setsockopt$inet_mreqn(r0, 0x0, 0x1000000020, &(0x7f00000000c0)={@loopback=0x7f000001, @local={0xac, 0x14, 0x14, 0xaa}, r2}, 0xfe74) 2018/03/26 13:05:25 executing program 5: setxattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@known='trusted.syz\x00', &(0x7f0000000080)='em0\x00', 0x4, 0x1) mlock2(&(0x7f000067f000/0x4000)=nil, 0x4000, 0x4000) [ 1033.110580] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1033.119299] [24230] 0 24230 11408 2089 65536 0 0 syz-executor1 [ 1033.128156] Memory cgroup out of memory: Kill process 24230 (syz-executor1) score 2105000 or sacrifice child [ 1033.138160] Killed process 24230 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1033.320188] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1033.331242] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1033.336415] CPU: 1 PID: 24256 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1033.343767] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1033.353096] Call Trace: [ 1033.355663] dump_stack+0x194/0x24d [ 1033.359272] ? arch_local_irq_restore+0x53/0x53 [ 1033.363922] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1033.369113] dump_header+0x28c/0xe2b [ 1033.372810] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1033.377981] ? arch_local_irq_restore+0x53/0x53 [ 1033.382630] ? __lock_acquire+0x664/0x3e00 [ 1033.386843] ? print_irqtrace_events+0x270/0x270 [ 1033.391591] ? trace_hardirqs_off+0x10/0x10 [ 1033.395886] ? __lock_acquire+0x664/0x3e00 [ 1033.400099] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1033.405270] ? __lock_acquire+0x664/0x3e00 [ 1033.409483] ? task_will_free_mem+0x252/0xaa0 [ 1033.413960] ? print_irqtrace_events+0x270/0x270 [ 1033.418732] ? ___ratelimit+0x30d/0x630 [ 1033.422684] ? lock_downgrade+0x980/0x980 [ 1033.426814] ? lock_release+0xa40/0xa40 [ 1033.430769] ? mark_held_locks+0xaf/0x100 [ 1033.434897] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1033.439980] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1033.444975] ? trace_hardirqs_on+0xd/0x10 [ 1033.449102] ? ___ratelimit+0x95/0x630 [ 1033.452970] ? idr_get_free+0xfd0/0xfd0 [ 1033.456923] ? find_held_lock+0x35/0x1d0 [ 1033.460970] oom_kill_process+0x8b9/0x1640 [ 1033.465183] ? lock_downgrade+0x980/0x980 [ 1033.469313] ? __lock_is_held+0xb6/0x140 [ 1033.473359] ? oom_evaluate_task+0x480/0x480 [ 1033.477754] ? rcu_read_unlock+0x35/0x70 [ 1033.481790] ? mem_cgroup_iter+0x363/0xbd0 [ 1033.486000] ? lock_downgrade+0x980/0x980 [ 1033.490137] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1033.494967] ? mark_held_locks+0xaf/0x100 [ 1033.499093] ? _raw_spin_unlock_irq+0x27/0x70 [ 1033.503568] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1033.508570] ? trace_hardirqs_on+0xd/0x10 [ 1033.512693] ? _raw_spin_unlock_irq+0x27/0x70 [ 1033.517167] ? css_task_iter_end+0x280/0x430 [ 1033.521552] ? _raw_spin_unlock_irq+0x27/0x70 [ 1033.526030] ? cgroup_procs_next+0x70/0x70 [ 1033.530252] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1033.535249] ? trace_hardirqs_on+0xd/0x10 [ 1033.539380] ? _raw_spin_unlock_irq+0x27/0x70 [ 1033.543854] ? oom_badness+0x980/0x980 [ 1033.547719] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1033.552456] ? mem_cgroup_iter_break+0x30/0x30 [ 1033.557036] ? finish_wait+0x268/0x490 [ 1033.560906] ? lock_downgrade+0x980/0x980 [ 1033.565036] out_of_memory+0x86d/0x1220 [ 1033.568999] ? oom_killer_disable+0x310/0x310 [ 1033.573475] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1033.578557] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1033.583552] ? trace_hardirqs_on+0xd/0x10 [ 1033.587686] mem_cgroup_out_of_memory+0x159/0x200 [ 1033.592504] ? swap_max_write+0x110/0x110 [ 1033.596629] ? do_raw_spin_trylock+0x190/0x190 [ 1033.601194] ? _raw_spin_unlock+0x22/0x30 [ 1033.605321] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1033.610489] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1033.615920] ? find_held_lock+0x35/0x1d0 [ 1033.619962] ? memcg_event_wake+0x420/0x420 [ 1033.624263] ? __do_page_fault+0x5f7/0xc90 [ 1033.628475] ? lock_downgrade+0x980/0x980 [ 1033.632602] pagefault_out_of_memory+0xbd/0x152 [ 1033.637248] ? out_of_memory+0x1220/0x1220 [ 1033.641458] ? handle_mm_fault+0x465/0xb10 [ 1033.645672] ? __handle_mm_fault+0x38c0/0x38c0 [ 1033.650228] ? vmacache_find+0x5f/0x280 [ 1033.654177] ? vmacache_update+0xfe/0x130 [ 1033.658306] mm_fault_error+0xd6/0x2c0 [ 1033.662174] __do_page_fault+0xb4d/0xc90 [ 1033.666223] ? mm_fault_error+0x2c0/0x2c0 [ 1033.670349] ? kernel_write+0x120/0x120 [ 1033.674303] ? do_syscall_64+0xb7/0x940 [ 1033.678255] do_page_fault+0xee/0x730 [ 1033.682036] ? __do_page_fault+0xc90/0xc90 [ 1033.686249] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1033.690992] ? syscall_return_slowpath+0x550/0x550 [ 1033.695903] ? syscall_return_slowpath+0x2ac/0x550 [ 1033.700810] ? prepare_exit_to_usermode+0x350/0x350 [ 1033.705813] ? retint_user+0x18/0x18 [ 1033.709505] ? page_fault+0x2f/0x50 [ 1033.713106] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1033.717928] ? page_fault+0x2f/0x50 [ 1033.721531] page_fault+0x45/0x50 [ 1033.724960] RIP: 0033:0x409b83 [ 1033.728129] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1033.733469] RAX: 0000001b9bc20000 RBX: 0000000000001267 RCX: 000000000040e950 [ 1033.740715] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1033.747961] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1033.755219] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1033.762480] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1033.769977] Task in /syz1 killed as a result of limit of /syz1 [ 1033.776052] memory: usage 0kB, limit 0kB, failcnt 3932 [ 1033.781359] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1033.788137] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1033.794302] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1033.813751] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1033.822533] [24256] 0 24256 11408 2089 65536 0 0 syz-executor1 [ 1033.831419] Memory cgroup out of memory: Kill process 24256 (syz-executor1) score 2105000 or sacrifice child [ 1033.841467] Killed process 24256 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:26 executing program 5: r0 = socket$inet6_icmp(0xa, 0x2, 0x3a) r1 = pkey_alloc(0x0, 0x1) pkey_free(r1) r2 = getuid() r3 = syz_open_pts(0xffffffffffffffff, 0x40000) ioctl$TIOCSWINSZ(r3, 0x5414, &(0x7f0000000280)={0x5, 0xfff, 0x80000001, 0x1}) r4 = getgid() fchown(r0, r2, r4) r5 = syz_open_procfs(0x0, &(0x7f0000ee4000)='oom_adj\x00') ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r5, 0xc01064b5, &(0x7f0000000100)={&(0x7f00000000c0)=[0x0], 0x1}) getsockopt$ax25_buf(r5, 0x101, 0x19, &(0x7f0000000000)=""/111, &(0x7f0000000080)=0x6f) writev(r5, &(0x7f0000000200)=[{&(0x7f00000001c0)="dd", 0x1}], 0x1) ioctl$KVM_CREATE_DEVICE(r5, 0xc00caee0, &(0x7f0000000240)={0x6, r5}) getsockopt$sock_cred(r5, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000180)=0xc) 2018/03/26 13:05:26 executing program 6: r0 = open(&(0x7f0000000000)='./file0\x00', 0x412200, 0xa1) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000080)={&(0x7f0000000040)=[0x6], 0x1, 0x10000, 0x1, 0x6, 0x204, 0x3, {0x22859cdc, 0x1, 0xa7, 0x26ea, 0x200, 0x8000, 0x49, 0x6, 0x1, 0x6, 0xe000000, 0x7f19, 0x5c285a4d, 0x5, "cb3281a3ef0fb8456bf1698e96e0944d757054cf4fff6d72e8d444280c80ace7"}}) getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000100)=0x3, &(0x7f0000000140)=0x2) recvmsg$netrom(r0, &(0x7f0000000300)={&(0x7f0000000180)=@full={{0x3, {"e7fb5e3d55cb9f"}, 0xd10e}, [{"3c3bff17500c75"}, {"de21c6bdb258fc"}, {"4b2700a63d9305"}, {"e735ebe87e7744"}, {"b8a8bb9a423a0f"}, {"966341d9ea05a2"}, {"142974d8944b6c"}, {"09a6e39391ceb9"}]}, 0x48, &(0x7f00000002c0)=[{&(0x7f0000000200)="e916e0d3dcd9649997235c589a0e24c1941bc466fc2295e24a24d33f77304869e909d007d00a724ce19cc8dab0c9de817740044815b6028eb35a0ccfb9e45781ad1e81ee2115eef995828ebf6219c3f973afca855aae4d891c775720b5ea06594b43c39bc603a30d5b5dd1b52f73a65bf4917cfc7b9e8353cba94a3a3d8d3d06410a75f1da15a97af2", 0x89}], 0x1, 0x0, 0x0, 0x800}, 0x140) ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000380)={&(0x7f0000000340)=[0x7fff, 0x4e4, 0x7, 0xfffffffffffffffb, 0x38, 0x6], 0x6, 0x10001, 0x7f, 0x9, 0x20, 0x0, {0x0, 0xffffffffffff71e9, 0x63, 0x0, 0x4, 0x0, 0x2, 0x99e, 0x1, 0x5e, 0x4, 0x5, 0x41a, 0x6, "b8d86bd9c43c39980bc69f23863cd533426bac62d3fdc2a05502784f24837cf4"}}) getsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000400)=0x1, &(0x7f0000000440)=0x2) vmsplice(r0, &(0x7f00000004c0)=[{&(0x7f0000000480)="bfc3c7cb69453a8ddddb8189f3ef1027258f0e4ba1d3409a2f6418f7e5b3c1ac4e91e720766361e999f0e22a530c", 0x2e}], 0x1, 0x5) mincore(&(0x7f0000ffb000/0x4000)=nil, 0x4000, &(0x7f0000000500)=""/203) recvmsg$netrom(r0, &(0x7f0000000a40)={&(0x7f0000000600)=@ax25={0x3, {"25b9b2724cfef8"}}, 0x10, &(0x7f0000000680)=[{&(0x7f0000000640)="628dc71606c818511792d63a39e1b93530bd1d825da34dfb242c6eb5c16aa927b5f7b72cfe3bf570ecb375e9bdb6d4852f2f34df58328d526895d1a8d9cc", 0x3e}], 0x1, &(0x7f00000006c0)=[{0x28, 0x114, 0x200, "0b95ad6e540a07e4fd97947a9276a64e9c1e543a3907e175"}, {0x108, 0x101, 0x3f, "04b552511104e47460e756bf841ecb6baeddde02c8e988fd2d31900b76745ec2f8a056e21e91a37651b4813a65c04c338355010fa4ace8c743868769644ef75489da6ebc26ecc8f022f25d5b598f7bb8a8d9a79e461e9f2675ffdee28dfd35e8b9abd3b19ef5d67d7a88eb365de40a16389bb728476dd4367a8daa0404d5f2d1fb0aa93bd1eba53037303b918440824f7c9225a2bd3aa7ab07cf8cb7c1e4d5f5a13709e8e776648fe58fa83847c140922dfdf9cc8320266affaaccda5be25b1d5f3aa3b17255b051079fba26f00227c3f8dffa21094a89d3250e37d7bc9c51c4720088940641587fedf80785377838a123"}, {0xf0, 0x10d, 0x9, "8c810462ba5596ba9cd2740515853582b1e186b51289107ba5c6b8db02a1fc616a8928fc1a43e0d0ae28e7be0d8fa81562f01cd51b76bac96ac0c622bc02557516365d5bbd306fc64b998af356241ad25a873dee1672a8c29b662b055f2a68c0b0be756c4120d9ee5669279d0f3db207465a581a0bedc0258497eed88de24319ab717232174c82e4fd8a26090e2a39f3ddcf8780ca81d3c6a097f91b2a04fcc3d0cdd6b2ff451648fc6adc4a17832d91c37cc8e9096503edd9dc2882a5c8a8dc755cf9f310d1794d745c2d6dba174d2afed8eeac6625c251f6d85414"}, {0x78, 0x112, 0x100000000, "ac7a1fdabcbcd6d11d6d01e8b8cbd903d58d50ab0c0970d1048adec07059f2d654e0401183ff27e5a008fb36c5cc647c4bb253ff72400af5213626cb436ce70e40abdaa6110d90f465f73b3201c8e60a545ff25ca1f759a3d4a97bfcb18389cbc5d04ebe5eb636"}, {0xb8, 0x11b, 0x7, "c1e408522cb4deceda6831df1b27fb13ad6b107abf11be8034dd41d7f0fdb7f11f53af9a3d6e4312bcceb6dd048e1708a328914edf96c4541132be669ba284f4a2370fd151b0c05c411e7fd5545b4282c783c10c4df7591f2a5d516aa81fbee642897b708d820b73507afdd1c310d69f77d1ffff20509412d2400409486d3176bbca02a334a4f82e03aee17e61306c8cc7c4f94410b6bb5aee56d40d4e2d8c4e37598167c4a65ed5"}], 0x350, 0x20040055}, 0x40) r1 = syz_open_dev$midi(&(0x7f0000000a80)='/dev/midi#\x00', 0xe5, 0x20000) r2 = getpgrp(0xffffffffffffffff) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000ac0)={{{@in=@remote, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in=@rand_addr}}, &(0x7f0000000bc0)=0xe8) stat(&(0x7f0000000c00)='./file0\x00', &(0x7f0000000c40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000cc0)={r2, r4, r6}, 0xc) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000d00)={0x3, r1}) ioctl$TIOCGWINSZ(r1, 0x5413, &(0x7f0000000d40)) accept$alg(r1, 0x0, 0x0) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000d80)={0x4, [0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000dc0)=0x14) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000e00)={r7, 0x2}, &(0x7f0000000e40)=0x8) ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000e80)={@mcast2={0xff, 0x2, [], 0x1}, 0x22, r3}) ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000ec0)={0x100000000, 0x59}) ioctl$fiemap(r1, 0xc020660b, &(0x7f0000000f00)={0x3, 0xffffffff, 0x5, 0x395, 0x1, [{0x8, 0x4, 0x400, 0x0, 0x0, 0x200}]}) ioctl$KDENABIO(r1, 0x4b36) fcntl$notify(r0, 0x402, 0x10) syz_fuseblk_mount(&(0x7f0000000f80)='./file0\x00', &(0x7f0000000fc0)='./file0\x00', 0x1002, r5, r6, 0x3, 0x2, 0x400) socket$key(0xf, 0x3, 0x2) getdents(r0, &(0x7f0000001000)=""/165, 0xa5) ioctl$TTUNGETFILTER(r0, 0x801054db, &(0x7f00000010c0)=""/251) capset(&(0x7f00000011c0)={0x20071026, r2}, &(0x7f0000001200)={0x5, 0xb21, 0xfffffffffffffffc, 0x2, 0x7, 0x1}) symlink(&(0x7f0000001240)='./file0\x00', &(0x7f0000001280)='./file0\x00') 2018/03/26 13:05:26 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000040)={0x3, r0, 0x1}) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000180)=ANY=[@ANYRES32=0x0, @ANYBLOB="7900000025e502ada260f1a195b176399562cd5bd1d003867c2383175de5bb8a0fb865ba3c410c52400cbe8ca9333254e7be8009e5bc17b44515f0492c2d3ed80475b03d98d487b690d99ea99938f9e310ef1f0eff79fc9653ddf815a1c69098423519b1beedbb782ab88d8d95a4ca1e0104138e000000000000000000"], &(0x7f0000000280)=0x81) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000300)={r2, 0x6}, &(0x7f0000000340)=0x8) r3 = socket$kcm(0x29, 0x2, 0x0) sendmsg$kcm(r3, &(0x7f0000000380)={&(0x7f0000000080)=@ethernet={0x0, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}}, 0x80, &(0x7f00000002c0)=[{&(0x7f0000000240)='h', 0x1}], 0x1, &(0x7f0000000300)}, 0x0) close(r3) 2018/03/26 13:05:26 executing program 3: openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x8040, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000040)={0x6}) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000040)=""/121) 2018/03/26 13:05:26 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:26 executing program 1: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000c34000)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000b4e000)={{&(0x7f0000068000/0x800000)=nil, 0x800000}, 0x1}) pipe2(&(0x7f0000001ff8)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) ioctl$DRM_IOCTL_RM_MAP(0xffffffffffffffff, 0x4028641b, &(0x7f0000b1d000)={&(0x7f00003ba000/0x3000)=nil, 0x20000002, 0x0, 0x0, &(0x7f0000fff000/0x1000)=nil}) mprotect(&(0x7f0000b1d000/0x2000)=nil, 0x2000, 0x5) vmsplice(r2, &(0x7f0000b1d000)=[{&(0x7f0000005fe3)}], 0x1, 0x0) close(r1) 2018/03/26 13:05:26 executing program 0: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f000014dfc8)={&(0x7f000059cff4)={0x10}, 0xc, &(0x7f0000f9bff0)={&(0x7f0000000000)=ANY=[@ANYBLOB="fc000000190001040000000000000000ffffffff000000000000000000000000ac14000000000000000000000000000000000000000000000a0000000000000062595e6be5769e2dc09e45738de4f8fdc066482c49c802b8056147c1e0ed09b3b94e342f774c8c55ae71a7b9d6705e957614cf3be29943b77c1924852fe5027b420149f4a793309eb9753c62958bfb50642f5dcc4df89234dcfea48b57fde860a36f3da9bf3951a65e7bb0495828edad3595cc04a014b1260132496a437b3ac994a94899619bba44df31f88004e057f15bfc88e37e5c46c68e9d71e9768f65dd213333a77bd279b50761a1b4dc877a6c3138d126aa249cf4c01c38e159b78589177095556230862408c6e6fb73a2e327d0ca0ad1d022eeb104e060b15aedb4ddc95cbf2b20b669ed66272662cc6d1faa864ddd5fe0cba4f2a57c86cac570ff41f4af6ae5c730c88e67d5da7fc14761726f5e13b78a9aa5605685c1b8f4a4b6c17d3a6267b59a7b09a695684adf947a75d2549b17bce2be321c68a961eedf483d491b0b404aff5613a7e9c1b8a024f1eab7f124222032c4c02d309f0b03c75733699e79fea9ac9315e53898b0af22d2eb80da9dfa28f3e15409c1b574fe7383bb1131f8adb2b70dd2b8bac9c42dade8653f7b87ee1098eeb23f82bbfbcec525cd80900647e0b6a319f856694de3929ed15dae543c02998bd3", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000000000000000000000000000000270000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044000500fe8000000000000000000000000000ff00000000ff000000000000007f0000010000000000000000000000000000000000000200000000000000000000000000"], 0xfc}, 0x1}, 0x0) r1 = socket$inet(0x2, 0x80000, 0xf) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f00000002c0)=0x5, 0x4) 2018/03/26 13:05:26 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') ioctl$ASHMEM_PURGE_ALL_CACHES(r0, 0x770a, 0x0) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000000)={0x0, 0x6}, &(0x7f0000000040)=0x8) setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000000c0)={r1, @in={{0x2, 0x4e21, @multicast1=0xe0000001}}, 0x7, 0x81, 0x9, 0x2, 0x8}, 0x98) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) [ 1033.864830] oom_reaper: reaped process 24256 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:26 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:26 executing program 3: mmap(&(0x7f0000000000/0xfbf000)=nil, 0xfbf000, 0x0, 0x32, 0xffffffffffffffff, 0x0) rt_tgsigqueueinfo(0x0, 0x0, 0x0, &(0x7f0000000080)) r0 = gettid() r1 = gettid() rt_tgsigqueueinfo(r0, r1, 0x31, &(0x7f0000000000)={0x1e, 0x80, 0x4c}) ioctl$VHOST_SET_VRING_NUM(0xffffffffffffffff, 0x4008af10, &(0x7f0000000040)={0x1, 0x4}) r2 = accept4$ax25(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x10, 0x80000) listen(r2, 0x9) [ 1033.964597] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1033.975633] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1033.980831] CPU: 0 PID: 24277 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1033.982288] netlink: 68 bytes leftover after parsing attributes in process `syz-executor0'. [ 1033.988197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1033.988201] Call Trace: [ 1033.988217] dump_stack+0x194/0x24d 2018/03/26 13:05:26 executing program 5: socket$inet6_udp(0xa, 0x2, 0x0) r0 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$sock_void(r0, 0x29, 0x1, 0x0, 0x0) 2018/03/26 13:05:26 executing program 5: r0 = accept4(0xffffffffffffff9c, &(0x7f0000000000)=@ll, &(0x7f0000000080)=0x80, 0x800) setsockopt$IPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x41, &(0x7f00000000c0)={'filter\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) r1 = memfd_create(&(0x7f0000834000)='I', 0x0) pwrite64(r1, &(0x7f00000a9000)="da1ed4c6dded1b78fc32304d94d0495eb57495f26bd5e020039135e969d62de70774035020e85d75ca98aa392bd9112c8139f55a2a9aee87aa62b0c9a368a1866279463154ba1d39b42c188aa87a1db69f69fbfd67731bfaf62b639f911c4fe5aa163574d70d3127cad9d17ea2b888dfd9b4338d606825114f0aec9522b8eb85", 0x80, 0x0) mmap(&(0x7f0000001000/0x1000)=nil, 0x1000, 0x2000005, 0x11, r1, 0x0) symlink(&(0x7f0000001000)='./file0\x00', &(0x7f0000734000)='./file0\x00') creat(&(0x7f00007d3ff8)='./file0\x00', 0x0) open(&(0x7f000010a000)='./file0\x00', 0x0, 0x0) [ 1033.988231] ? arch_local_irq_restore+0x53/0x53 [ 1034.016907] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1034.022109] dump_header+0x28c/0xe2b [ 1034.025833] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1034.031026] ? arch_local_irq_restore+0x53/0x53 [ 1034.035711] ? perf_trace_lock+0xd6/0x900 [ 1034.039858] ? __lock_acquire+0x664/0x3e00 [ 1034.044094] ? trace_event_raw_event_lock+0x340/0x340 [ 1034.049301] ? perf_trace_lock+0xd6/0x900 [ 1034.053451] ? trace_hardirqs_off+0x10/0x10 [ 1034.057768] ? perf_trace_lock+0xd6/0x900 2018/03/26 13:05:26 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:26 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f00000001c0)=0xc) ptrace$setregs(0xf, r1, 0x7ff, &(0x7f0000000200)="b539b209672db18bee04bd688303ae716a5d2501e88ca84f645290b6305335806f11819ef65b26fdd529f72a70ead3a77b1bd83fc936bf23f2c2382051b76bcb899d87e8c07b38635585f40a419e20c07cb39fbc82d6f546a5cbeef1a9fedb4da3f5b47c63510a5e9082934a62973e982b10c31f90976105743c053ac1be0d289980bd3ca05eca71a83747256da67c68e7d440d65eefb570ae71d02f5fe68ad06b7e9e7e67547c411ee184f9bee17ef7cb8a6d1befb189208988726b7762814a48ca224ce3813c654e1cf956a2841de78608a6f9dc3d76cd19fc3bbb6940f21e57b3f3dd643e769c") bind$alg(r0, &(0x7f0000ffefa8)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(twofish)\x00'}, 0x58) r2 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00003bcfd0)="d3ab27191a01002356ba602dff05000bfef9b9d2a4b20079fffffffffffffe000225070097c11ed4c2c4dc42ffa86eb9", 0x30) sendmmsg$alg(r2, &(0x7f0000002c80)=[{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="5459fe772288f3dc3328e5c0e5fdf47d6cb04d0217c610f9edcbe98b122d55a444b47be2481792bf49e4b8aea1d91acc55b3555b77209a2439b66717490ef2beca8c26b543980602056608bd4bdfc3d03e6f0e7ddcf2eca3ca8cf29ef2eae42630285b07b7a592403a3737fe569d7b921467ac5ff84a0dc28c0ac8a4974f5efacf6c3c8166dcd9614c862e834d96e062fb6409ad412f05d4a4f8b1e90338997b5c5c8a691c99678e6c9823fefb1f84b49449d6dd46a4696c709d412353172ce7121f3707ecf78e4eab439f5998881ba0672db6fd73100c4ce0d1e4cf82804454", 0xe0}], 0x1, &(0x7f0000000200)}], 0x1, 0x0) recvmsg(r2, &(0x7f0000158000)={&(0x7f00002fffa0)=@nfc_llcp, 0x5c, &(0x7f0000000000)=[{&(0x7f000080f000)=""/4096, 0x1000}], 0x1, &(0x7f0000da2000)}, 0x0) [ 1034.061915] ? trace_event_raw_event_lock+0x340/0x340 [ 1034.067110] ? __lock_acquire+0x664/0x3e00 [ 1034.071343] ? task_will_free_mem+0x252/0xaa0 [ 1034.075849] ? print_irqtrace_events+0x270/0x270 [ 1034.080609] ? ___ratelimit+0x30d/0x630 [ 1034.084579] ? lock_downgrade+0x980/0x980 [ 1034.087481] netlink: 68 bytes leftover after parsing attributes in process `syz-executor0'. [ 1034.088810] ? lock_release+0xa40/0xa40 [ 1034.088828] ? mark_held_locks+0xaf/0x100 [ 1034.105391] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1034.110489] ? trace_hardirqs_on_caller+0x421/0x5c0 2018/03/26 13:05:26 executing program 7: ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:26 executing program 2: ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000140)=0x0) r1 = syz_open_procfs(r0, &(0x7f0000000100)='net/ip6_mr_vif\x00') sendfile(r1, r1, &(0x7f0000000280)=0x42402, 0x6) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000001000)={{{@in6=@mcast2={0xff, 0x2, [], 0x1}}}, {{@in6=@loopback={0x0, 0x1}}, 0x0, @in6}}, 0xe8) openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x10000, 0x0) r2 = socket$nl_generic(0xa, 0x3, 0x10) fcntl$setstatus(r2, 0x4, 0x800) setsockopt$netlink_NETLINK_PKTINFO(0xffffffffffffffff, 0x29, 0x48, &(0x7f0000001000), 0x4) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000000), &(0x7f0000000040)=0x4) setsockopt$netlink_NETLINK_RX_RING(r2, 0x29, 0x6, &(0x7f0000000ff0)={0x1c2, 0x0, 0x29, 0x2}, 0x1c2) uselib(&(0x7f00000000c0)='./file0\x00') 2018/03/26 13:05:26 executing program 7: ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) [ 1034.115502] ? trace_hardirqs_on+0xd/0x10 [ 1034.119653] ? ___ratelimit+0x95/0x630 [ 1034.123539] ? idr_get_free+0xfd0/0xfd0 [ 1034.127508] ? find_held_lock+0x35/0x1d0 [ 1034.131575] oom_kill_process+0x8b9/0x1640 [ 1034.135803] ? lock_downgrade+0x980/0x980 [ 1034.139954] ? __lock_is_held+0xb6/0x140 [ 1034.144030] ? oom_evaluate_task+0x480/0x480 [ 1034.148463] ? rcu_read_unlock+0x35/0x70 [ 1034.152615] ? mem_cgroup_iter+0x363/0xbd0 [ 1034.156847] ? lock_downgrade+0x980/0x980 [ 1034.160996] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1034.165751] ? mark_held_locks+0xaf/0x100 [ 1034.169896] ? _raw_spin_unlock_irq+0x27/0x70 [ 1034.174396] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1034.179431] ? trace_hardirqs_on+0xd/0x10 [ 1034.183592] ? _raw_spin_unlock_irq+0x27/0x70 [ 1034.188086] ? css_task_iter_end+0x280/0x430 [ 1034.192490] ? _raw_spin_unlock_irq+0x27/0x70 [ 1034.196978] ? cgroup_procs_next+0x70/0x70 [ 1034.201205] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1034.206217] ? trace_hardirqs_on+0xd/0x10 [ 1034.210360] ? _raw_spin_unlock_irq+0x27/0x70 [ 1034.214860] ? oom_badness+0x980/0x980 [ 1034.218743] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1034.223499] ? mem_cgroup_iter_break+0x30/0x30 [ 1034.228096] ? finish_wait+0x268/0x490 [ 1034.231978] ? lock_downgrade+0x980/0x980 [ 1034.236129] out_of_memory+0x86d/0x1220 [ 1034.240117] ? oom_killer_disable+0x310/0x310 [ 1034.244608] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1034.249712] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1034.254725] ? trace_hardirqs_on+0xd/0x10 [ 1034.258883] mem_cgroup_out_of_memory+0x159/0x200 [ 1034.263722] ? swap_max_write+0x110/0x110 [ 1034.267862] ? do_raw_spin_trylock+0x190/0x190 [ 1034.272453] ? _raw_spin_unlock+0x22/0x30 [ 1034.276608] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1034.281644] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1034.287095] ? find_held_lock+0x35/0x1d0 [ 1034.291155] ? memcg_event_wake+0x420/0x420 [ 1034.295473] ? __do_page_fault+0x5f7/0xc90 [ 1034.299713] ? lock_downgrade+0x980/0x980 [ 1034.303861] pagefault_out_of_memory+0xbd/0x152 [ 1034.308528] ? out_of_memory+0x1220/0x1220 [ 1034.312754] ? handle_mm_fault+0x465/0xb10 [ 1034.317073] ? __handle_mm_fault+0x38c0/0x38c0 [ 1034.321643] ? vmacache_find+0x5f/0x280 [ 1034.325592] ? vmacache_update+0xfe/0x130 [ 1034.329717] mm_fault_error+0xd6/0x2c0 [ 1034.333582] __do_page_fault+0xb4d/0xc90 [ 1034.337623] ? mm_fault_error+0x2c0/0x2c0 [ 1034.341745] ? kernel_write+0x120/0x120 [ 1034.345693] ? do_syscall_64+0xb7/0x940 [ 1034.349644] do_page_fault+0xee/0x730 [ 1034.353422] ? __do_page_fault+0xc90/0xc90 [ 1034.357633] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1034.362371] ? syscall_return_slowpath+0x550/0x550 [ 1034.367275] ? syscall_return_slowpath+0x2ac/0x550 [ 1034.372183] ? prepare_exit_to_usermode+0x350/0x350 [ 1034.377184] ? retint_user+0x18/0x18 [ 1034.380883] ? page_fault+0x2f/0x50 [ 1034.384499] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1034.389333] ? page_fault+0x2f/0x50 [ 1034.392935] page_fault+0x45/0x50 [ 1034.396364] RIP: 0033:0x409b83 [ 1034.399525] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1034.404863] RAX: 0000001b9bc20000 RBX: 0000000000001268 RCX: 000000000040e950 [ 1034.412108] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1034.419369] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1034.426612] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1034.433858] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1034.441312] Task in /syz1 killed as a result of limit of /syz1 [ 1034.447354] memory: usage 0kB, limit 0kB, failcnt 3940 [ 1034.452651] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1034.459427] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1034.465581] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1034.485045] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1034.493787] [24277] 0 24277 11408 2089 65536 0 0 syz-executor1 [ 1034.502650] Memory cgroup out of memory: Kill process 24277 (syz-executor1) score 2105000 or sacrifice child [ 1034.512663] Killed process 24277 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:26 executing program 6: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x80000, 0x0) mmap$binder(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x4, 0x80810, r0, 0x0) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000340)={0x0}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000140)={r1}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000180)={r2}) ioctl$DRM_IOCTL_AGP_ACQUIRE(r0, 0x6430) set_tid_address(&(0x7f0000000380)) r3 = perf_event_open(&(0x7f000025c000)={0x0, 0x78, 0x3e2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r4 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000100)='/dev/hwrng\x00', 0x20000, 0x0) ioctl$PERF_EVENT_IOC_DISABLE(r3, 0x2401, 0x3) r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x0, 0x0) utime(&(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)={0x4, 0x2}) io_setup(0x3, &(0x7f0000dc0ff8)=0x0) io_submit(r6, 0x1, &(0x7f0000b52fd8)=[&(0x7f0000587000)={0x0, 0x0, 0x0, 0x7, 0x0, r5, &(0x7f0000000080)="06000000000000009d", 0x9}]) lseek(r4, 0x0, 0x0) getsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000240)={0x0, 0x2}, &(0x7f0000000280)=0x8) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r4, 0x84, 0x71, &(0x7f00000002c0)={r7, 0x524}, &(0x7f0000000300)=0x8) 2018/03/26 13:05:26 executing program 5: r0 = socket$key(0xf, 0x3, 0x2) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x200000, 0x0) lstat(&(0x7f0000000140)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TUNSETOWNER(r1, 0x400454cc, r2) eventfd2(0x10001, 0x800) fdatasync(r1) ioctl$EVIOCGPHYS(r1, 0x80404507, &(0x7f0000000180)=""/4096) sendmsg$key(r0, &(0x7f0000cd0fc8)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000011c0)=ANY=[@ANYBLOB="020d000036000000e763b9bab55a85de1c8af9fffffffffdffff4b10863242ee0c26db1825469d0eccadbb8fbeb21d46b97cb677c92cf0955e"], 0x50a}, 0x1}, 0x3ffff) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r3 = mq_open(&(0x7f0000000000)='-$\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000664fc0)={0x0, 0x5, 0x2}) mq_timedsend(r3, &(0x7f0000e71fff), 0x0, 0x9, 0x0) bind$inet6(r1, &(0x7f0000001180)={0xa, 0x4e24, 0x4, @dev={0xfe, 0x80, [], 0xf}, 0x5}, 0x1c) mq_timedsend(r3, &(0x7f000066c000), 0x0, 0x9, &(0x7f000058eff0)={0x77359400}) mq_timedreceive(r3, &(0x7f0000659000)=""/131, 0x83, 0x0, 0x0) 2018/03/26 13:05:26 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) setsockopt(r0, 0x8000000084, 0x1, &(0x7f0000000000), 0x0) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/anycast6\x00') sendmsg$key(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x2, 0x10, 0x3f, 0x9, 0x2, 0x0, 0x70bd2d, 0x25dfdbfd}, 0x10}, 0x1}, 0x0) 2018/03/26 13:05:26 executing program 7: ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:26 executing program 4: perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x400000) sendmsg$nl_xfrm(r0, &(0x7f0000000380)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000340)={&(0x7f00000000c0)=@acquire={0x128, 0x17, 0x1, 0x0, 0x0, {{@in6=@mcast1={0xff, 0x1, [], 0x1}}, @in=@rand_addr, {@in, @in=@multicast1=0xe0000001}, {{@in, @in=@multicast1=0xe0000001}, {}, {}, 0x0, 0x0, 0x0, 0xf}}}, 0x128}, 0x1}, 0x0) getrusage(0x0, &(0x7f0000000200)) 2018/03/26 13:05:26 executing program 0: socket$inet6_icmp(0xa, 0x2, 0x3a) r0 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x800001, 0x0) ioctl$KIOCSOUND(r0, 0x4b2f, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000140)) r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000014f88)={0x1, 0x78, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000454000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) clone(0x0, &(0x7f0000aed000), &(0x7f0000922ffc), &(0x7f0000000080), &(0x7f0000c12000)) ppoll(&(0x7f0000000080)=[{r1}], 0x0, &(0x7f00000000c0), &(0x7f0000000100)={0x4}, 0x30f) 2018/03/26 13:05:26 executing program 3: r0 = gettid() rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) r1 = accept4$unix(0xffffffffffffff9c, 0x0, &(0x7f00000000c0), 0x80800) readv(r1, &(0x7f00000001c0)=[{&(0x7f0000000100)=""/161, 0xa1}], 0x1) timer_create(0x0, &(0x7f00009cefa8)={0x0, 0x12, 0x4, @tid=r0}, &(0x7f0000044000)) r2 = gettid() timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) r3 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x975, 0x1) perf_event_open(&(0x7f0000000000)={0x2, 0x70, 0x6, 0x3ff, 0x3a, 0x507b3927, 0x0, 0x0, 0x20001, 0xc, 0x101, 0x2d7, 0x0, 0xcc0, 0xb8, 0x3, 0x5, 0xffffffff, 0x3fd, 0x2, 0x4, 0x4e24, 0x5, 0x101, 0x2, 0x100000001, 0x7ff, 0x8001, 0x10000000, 0x8001, 0x0, 0x1f, 0x0, 0x15, 0x3, 0x10000, 0x2, 0x7fff, 0x0, 0x1, 0x0, @perf_config_ext={0x79f, 0x6}, 0x1, 0x4, 0x101, 0x7, 0x2, 0x9, 0x9}, r2, 0x9, r3, 0x2) tkill(r2, 0x1000000000016) 2018/03/26 13:05:26 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') socket$inet_dccp(0x2, 0x6, 0x0) creat(&(0x7f0000000000)='./file0\x00', 0x0) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x4000000) 2018/03/26 13:05:26 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:26 executing program 4: perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x1e, 0x4000000000000004, 0x0) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(0xffffffffffffffff, 0x40505331, &(0x7f00000000c0)) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000dc3ff0)=@req={0x3f9, 0x0, 0x1}, 0x10) sendmsg(r0, &(0x7f0000030000)={&(0x7f00004aeb5c)=@generic={0x10000000001e, "02ed010000000000e50000010027cc573c5bf86c483700c71e14dd6a7302ffea1b48006be61ffe0000e10300008001000004003f010039d8f9b1ff010003000024e7af50dd0700000000000000e3ad316a19830000000000000006cb24281e2780e503000076c3979ac40023bd07020078a1dfd300881a8365b186827436"}, 0x80, &(0x7f0000447ff0), 0x0, &(0x7f0000be4f70)}, 0x0) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000140)=0xc) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000000080)={0x0}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f00000001c0)={r1, @in6={{0xa, 0x4e24, 0x8, @loopback={0x0, 0x1}, 0x7fff}}, 0x0, 0xffff, 0x80000000, 0x8001, 0x10}, 0x98) 2018/03/26 13:05:26 executing program 3: chdir(&(0x7f0000000080)='./file0\x00') chroot(&(0x7f0000000300)='./file0\x00') symlink(&(0x7f0000000140)='./file0\x00', &(0x7f0000000100)='./file0\x00') umount2(&(0x7f0000000000)='./file0\x00', 0xa) statfs(&(0x7f00000000c0)='./file0/file0\x00', &(0x7f0000000180)=""/197) 2018/03/26 13:05:26 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:26 executing program 5: syz_emit_ethernet(0x42, &(0x7f0000000040)={@link_local={0x1, 0x80, 0xc2}, @dev={[0xaa, 0xaa, 0xaa, 0xaa]}, [{[], {0x8100, 0x10000, 0x9}}], {@ipv6={0x86dd, {0x0, 0x6, ')#2', 0x8, 0x0, 0x0, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}, @mcast2={0xff, 0x2, [], 0x1}, {[], @udp={0x0, 0x0, 0x8}}}}}}, &(0x7f0000000000)={0x0, 0x400000, [0x3, 0x0, 0x0, 0xfffefffffffffffe]}) r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x688000, 0xa2) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={'gretap0\x00', 0x20}) 2018/03/26 13:05:26 executing program 0: lstat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)) mknod$loop(&(0x7f0000000000)='./file0\x00', 0x4000000000002104, 0xffffffffffffffff) 2018/03/26 13:05:27 executing program 3: r0 = syz_open_dev$vcsa(&(0x7f0000000140)='/dev/vcsa#\x00', 0x4, 0x20) readv(r0, &(0x7f0000000400)=[{&(0x7f00000002c0)=""/10, 0xa}, {&(0x7f0000000300)=""/250, 0xfa}], 0x2) 2018/03/26 13:05:27 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:27 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x103000, 0x0) r2 = fcntl$getown(r0, 0x9) getresuid(&(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)=0x0) ioctl$DRM_IOCTL_GET_CLIENT(r1, 0xc0286405, &(0x7f00000001c0)={0x555ece08, 0x3, r2, 0x1fdbf761, r3, 0x1ff, 0xba}) r4 = syz_open_procfs(0x0, &(0x7f0000000040)='net/fib_trie\x00') bind$alg(r0, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-avx2\x00'}, 0x58) r5 = accept4$alg(r0, 0x0, 0x0, 0x0) sendfile(r5, r4, &(0x7f0000a2effc), 0x7) 2018/03/26 13:05:27 executing program 4: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000d0fff5)='/dev/audio\x00', 0x802, 0x0) ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000e5a000)=0xfffffffffffffffe) setsockopt$netrom_NETROM_T2(r0, 0x103, 0x2, &(0x7f0000000100)=0x3ff, 0x4) write(r0, &(0x7f0000b6efb3), 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000140), &(0x7f0000000040)=0x4) connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e) [ 1034.938899] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1034.950109] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1034.955277] CPU: 1 PID: 24316 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1034.962634] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1034.971988] Call Trace: [ 1034.974598] dump_stack+0x194/0x24d [ 1034.974612] ? arch_local_irq_restore+0x53/0x53 [ 1034.974626] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1034.974647] dump_header+0x28c/0xe2b [ 1034.974664] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1034.974678] ? arch_local_irq_restore+0x53/0x53 [ 1034.974693] ? __lock_acquire+0x664/0x3e00 [ 1034.974704] ? print_irqtrace_events+0x270/0x270 [ 1035.010643] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1035.010666] ? trace_hardirqs_off+0x10/0x10 [ 1035.010672] ? __lock_acquire+0x664/0x3e00 2018/03/26 13:05:27 executing program 1: syz_emit_ethernet(0x16, &(0x7f0000000000)={@random="cbbe990e24ef", @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}, [{[{0x9100, 0x2, 0x7, 0x4}], {0x8100, 0xfffffffffffffffe}}], {@generic={0x8906}}}, 0x0) 2018/03/26 13:05:27 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000fa9000)={0x1, {{0x2, 0x0, @multicast2=0xe0000002}}}, 0x88) setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f00006b8000)={0x1, {{0x2, 0x0, @multicast1=0xe0000001}}}, 0x90) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/self/net/pfkey\x00', 0xa00, 0x0) ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f0000000300)={0x3, 0x20}) ioctl$sock_inet_SIOCDARP(r0, 0x8953, &(0x7f0000000240)={{0x2, 0x4e23, @multicast1=0xe0000001}, {0x0, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x8, {0x2, 0x4e22, @rand_addr=0x1}, 'ip6tnl0\x00'}) r2 = syz_open_dev$audion(&(0x7f0000000380)='/dev/audio#\x00', 0x6, 0x80000) creat(&(0x7f0000000000)='./file0\x00', 0x1) getsockopt$inet_mtu(r2, 0x0, 0xa, &(0x7f00000000c0), &(0x7f0000000080)=0x4) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000003c0), &(0x7f0000000400)=0x4) setsockopt$inet_MCAST_MSFILTER(r0, 0x0, 0x30, &(0x7f00000007c0)=ANY=[@ANYBLOB="010000000000000002000000ac1414bb000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000002004e20ac1414bb0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002004e217f0000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e300000000000000000000000000000000000000000000000000000000000000000000000002004e20ac1414aa000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b400027a4ceb677ea2ea4afaca76d8523ff6bb003715eff7cc6ab1247e7967eb4ff34cd832a80fab5e43e729859b027197659074ba61aa13bf501e299a6876b3d2d6e7f9a4fe06882db53fae96f5fad99571588144d3006b61bb7c93adbc28ccb6559cb14a9f012c065a2047af1fff9fae4a0f4d6b499af08195ae9d4936dab2d9c38b5274bb89e6d175cbae27fcc7268c5377be5dc732008758f57ca481d9969ce05e08f5152f6fdf85e004f34c3955e124f7377d7347c7a8eb3c048c8b6f8ca13c1eed970a16ff24eb9f4318b62f00d34f9d7c22137e65d98570e357327d4ac3c2c780c4f552ec6f51292f5f1d967b615021481a2ec0a58fa2c2692bb37093f5ba36840593c84896db3d3fa23c0d9af59cde70cf4ef31a978293cad7b7ce9cec21982b82f0c0d17dd6a0a467b4dbd0ce013abb5caa4e47a354dddedcacb4af82189fa500d574c9224997f1dcab37a87daf5ac63b1622034b298291908fd511e71f255b89a447b68d769892cde4d93a878b34a19edb03"], 0x210) 2018/03/26 13:05:27 executing program 5: capset(&(0x7f0000000140)={0x20080522}, &(0x7f00000000c0)) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x40000, 0x0) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000001c0)={&(0x7f0000000000)='./file0\x00', r0}, 0x10) openat(r0, &(0x7f0000000080)='./file0\x00', 0x20000, 0x4) r1 = socket(0x1e, 0x2000000000000005, 0x0) ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f0000000100)) ioctl$sock_SIOCETHTOOL(r1, 0x89f0, &(0x7f0000000380)={'bridge0\x00', &(0x7f0000000180)=ANY=[@ANYBLOB="06ac2600bb7320378eae0a994f543a375b56b41ea7e5a59b97bbffe44b221c9f6e1f41008c1854190282d48fc27a5ad17fcff196a6de4fcf46c597"]}) sync_file_range(r0, 0x1, 0x4, 0x1) 2018/03/26 13:05:27 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x0, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:27 executing program 4: r0 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x7fffffff, 0x20000) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1=0xe0000001}, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000400)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f00000003c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="180000001600070000000000000000000a000000"], 0x1}, 0x1}, 0x0) [ 1035.010679] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1035.010692] ? __lock_acquire+0x664/0x3e00 [ 1035.010701] ? task_will_free_mem+0x252/0xaa0 [ 1035.010714] ? print_irqtrace_events+0x270/0x270 [ 1035.010729] ? ___ratelimit+0x30d/0x630 2018/03/26 13:05:27 executing program 4: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCDELDLCI(r0, 0x8981, &(0x7f0000000040)={'tunl0\x00', 0x7fffffff}) socket(0x0, 0x0, 0x0) 2018/03/26 13:05:27 executing program 6: r0 = socket(0x200000000010, 0x2, 0x0) write(r0, &(0x7f00000001c0)="2400000024007ffc0000120000000100000ff6ff010000000080f300f1ffffff1300ff10", 0x24) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x4000) openat$cgroup(r1, &(0x7f0000000040)='syz0\x00', 0x200002, 0x0) [ 1035.010737] ? lock_downgrade+0x980/0x980 [ 1035.010749] ? lock_release+0xa40/0xa40 [ 1035.010762] ? mark_held_locks+0xaf/0x100 [ 1035.010770] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1035.010779] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1035.010787] ? trace_hardirqs_on+0xd/0x10 [ 1035.010796] ? ___ratelimit+0x95/0x630 2018/03/26 13:05:27 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x0, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:27 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000005000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000015ff0)={&(0x7f0000023000)={0x18, 0x20, 0xafb, 0x0, 0x0, {0x3}, [@nested={0x4, 0x5}]}, 0x18}, 0x1}, 0x0) r1 = creat(&(0x7f00000000c0)='./file0\x00', 0x10) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'\x00', 0x0}) time(&(0x7f0000000080)) setsockopt$packet_drop_memb(r1, 0x107, 0x2, &(0x7f0000000180)={r2, 0x1, 0x3, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x10) 2018/03/26 13:05:27 executing program 1: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/sequencer\x00', 0x2, 0x0) ppoll(&(0x7f00000000c0)=[{r0}], 0x1, &(0x7f0000000000)={0x77359400}, &(0x7f0000000140), 0x8) pwritev(r0, &(0x7f0000000300)=[{&(0x7f0000000200)="95c487f24790a539c7271863c9952de11ab75fd39108a91bcb3dcc4a5895dd9e206870f0045fa847", 0x28}], 0x1, 0x0) read(r0, &(0x7f0000000240)=""/155, 0x9b) 2018/03/26 13:05:27 executing program 4: pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) setsockopt(r0, 0xff, 0x4, &(0x7f0000000040)="ff9f127e873771174d7659d21ef12694b89a65cdff2e82e0e6daa43af8307c066528afa071b46951d3404c14e74ecec11fd2b1ca675462b86c387bd3cfed2810c9241c2bd58cf434640f41c2f414568ad7bd14bd8925827ec72fd286ed55b87f067fa7f6216b1c469ac4063e97678d49facc883f81e9de12fea4bbacd0d398ca23c37cb8cbb3011b1d663e5eb0e42d6868eebd243b4ccb3767e51380e95ece61528116a043b9a1ec9d9debf67ec306a42f364fdcbd5b985ea46b00ebab73ba2b9274c8c16891", 0xc6) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) clone(0x0, &(0x7f0000000840), &(0x7f0000000900), &(0x7f0000000940), &(0x7f0000000980)) ioctl$TIOCLINUX3(0xffffffffffffffff, 0x541c, &(0x7f0000000a80)=0x3) ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f0000000bc0)=ANY=[@ANYBLOB="03000000000000000002000000000000000000000000000000000000000600000000000000000000000000000000"]) [ 1035.010805] ? idr_get_free+0xfd0/0xfd0 [ 1035.010812] ? find_held_lock+0x35/0x1d0 [ 1035.010829] oom_kill_process+0x8b9/0x1640 [ 1035.010836] ? lock_downgrade+0x980/0x980 [ 1035.010852] ? __lock_is_held+0xb6/0x140 [ 1035.010864] ? oom_evaluate_task+0x480/0x480 2018/03/26 13:05:27 executing program 0: bpf$MAP_CREATE(0x0, &(0x7f0000346fd4)={0x0, 0x0, 0x0, 0x45, 0x4}, 0xffffffffffffffe4) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000b7a000)={0x1, 0x5, &(0x7f0000346fc8)=ANY=[@ANYBLOB="18000000000000000000000000000000506e79d03143cb4f00000000000000009500000000000000"], &(0x7f0000f6bffb)='GPL\x00', 0x0, 0xffffffffffffff1c, &(0x7f00001a7f05)=""/251}, 0x18) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0x0, 0x0}) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000100)=r0, 0x4) r3 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r3, 0xc08c5335, &(0x7f0000000140)={0x34, 0xffff, 0x800, 'queue0\x00', 0x80000001}) sendmsg(r1, &(0x7f0000001380)={&(0x7f0000005240)=@nl=@proc={0x10}, 0x80, &(0x7f0000001340)=[{&(0x7f0000001240)="84987466fcdaca0600bf591a1e2675a346542aad", 0x14}], 0x1, &(0x7f00000016c0)}, 0x0) [ 1035.010882] ? rcu_read_unlock+0x35/0x70 [ 1035.010888] ? mem_cgroup_iter+0x363/0xbd0 [ 1035.010895] ? lock_downgrade+0x980/0x980 [ 1035.010908] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1035.010919] ? mark_held_locks+0xaf/0x100 [ 1035.010927] ? _raw_spin_unlock_irq+0x27/0x70 [ 1035.010936] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1035.010943] ? trace_hardirqs_on+0xd/0x10 [ 1035.010949] ? _raw_spin_unlock_irq+0x27/0x70 [ 1035.010956] ? css_task_iter_end+0x280/0x430 [ 1035.010963] ? _raw_spin_unlock_irq+0x27/0x70 [ 1035.010970] ? cgroup_procs_next+0x70/0x70 [ 1035.010975] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1035.010983] ? trace_hardirqs_on+0xd/0x10 [ 1035.010989] ? _raw_spin_unlock_irq+0x27/0x70 [ 1035.010997] ? oom_badness+0x980/0x980 [ 1035.011007] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1035.011022] ? mem_cgroup_iter_break+0x30/0x30 [ 1035.011044] ? finish_wait+0x268/0x490 [ 1035.011052] ? lock_downgrade+0x980/0x980 [ 1035.011063] out_of_memory+0x86d/0x1220 [ 1035.011079] ? oom_killer_disable+0x310/0x310 [ 1035.011084] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1035.011093] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1035.011101] ? trace_hardirqs_on+0xd/0x10 [ 1035.011118] mem_cgroup_out_of_memory+0x159/0x200 [ 1035.011125] ? swap_max_write+0x110/0x110 [ 1035.011130] ? do_raw_spin_trylock+0x190/0x190 [ 1035.011144] ? _raw_spin_unlock+0x22/0x30 [ 1035.011155] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1035.011164] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1035.011173] ? find_held_lock+0x35/0x1d0 [ 1035.011184] ? memcg_event_wake+0x420/0x420 [ 1035.011192] ? __do_page_fault+0x5f7/0xc90 [ 1035.011200] ? lock_downgrade+0x980/0x980 [ 1035.011211] pagefault_out_of_memory+0xbd/0x152 [ 1035.011218] ? out_of_memory+0x1220/0x1220 [ 1035.011223] ? handle_mm_fault+0x465/0xb10 [ 1035.011234] ? __handle_mm_fault+0x38c0/0x38c0 [ 1035.011240] ? vmacache_find+0x5f/0x280 [ 1035.011246] ? vmacache_update+0xfe/0x130 [ 1035.011256] mm_fault_error+0xd6/0x2c0 [ 1035.011267] __do_page_fault+0xb4d/0xc90 [ 1035.011282] ? mm_fault_error+0x2c0/0x2c0 [ 1035.011291] ? kernel_write+0x120/0x120 [ 1035.011301] ? do_syscall_64+0xb7/0x940 [ 1035.011310] do_page_fault+0xee/0x730 [ 1035.011318] ? __do_page_fault+0xc90/0xc90 [ 1035.011325] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1035.011334] ? syscall_return_slowpath+0x550/0x550 [ 1035.011343] ? syscall_return_slowpath+0x2ac/0x550 [ 1035.011351] ? prepare_exit_to_usermode+0x350/0x350 [ 1035.011358] ? retint_user+0x18/0x18 [ 1035.011367] ? page_fault+0x2f/0x50 [ 1035.011374] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1035.011384] ? page_fault+0x2f/0x50 [ 1035.011392] page_fault+0x45/0x50 [ 1035.011397] RIP: 0033:0x409b83 [ 1035.011400] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1035.011406] RAX: 0000001b9bc20000 RBX: 0000000000001269 RCX: 000000000040e950 [ 1035.011410] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1035.011413] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1035.011417] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1035.011420] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1035.011564] Task in /syz1 killed as a result of limit of /syz1 [ 1035.011583] memory: usage 0kB, limit 0kB, failcnt 3948 [ 1035.011587] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1035.011591] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1035.011595] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1035.011646] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1035.011772] [24316] 0 24316 11408 2089 65536 0 0 syz-executor1 [ 1035.011804] Memory cgroup out of memory: Kill process 24316 (syz-executor1) score 2105000 or sacrifice child [ 1035.011852] Killed process 24316 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1035.056850] oom_reaper: reaped process 24316 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1035.161484] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1035.161492] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1035.161513] CPU: 1 PID: 24369 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1035.161518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1035.161521] Call Trace: [ 1035.161536] dump_stack+0x194/0x24d [ 1035.161551] ? arch_local_irq_restore+0x53/0x53 [ 1035.161567] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1035.161592] dump_header+0x28c/0xe2b [ 1035.161613] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1035.161628] ? arch_local_irq_restore+0x53/0x53 [ 1035.161645] ? __lock_acquire+0x664/0x3e00 [ 1035.161656] ? print_irqtrace_events+0x270/0x270 [ 1035.161667] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1035.161695] ? trace_hardirqs_off+0x10/0x10 [ 1035.161701] ? __lock_acquire+0x664/0x3e00 [ 1035.161713] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1035.161729] ? __lock_acquire+0x664/0x3e00 [ 1035.161744] ? task_will_free_mem+0x252/0xaa0 [ 1035.161760] ? print_irqtrace_events+0x270/0x270 [ 1035.161780] ? ___ratelimit+0x30d/0x630 [ 1035.161790] ? lock_downgrade+0x980/0x980 [ 1035.161807] ? lock_release+0xa40/0xa40 [ 1035.161824] ? mark_held_locks+0xaf/0x100 [ 1035.161841] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1035.161855] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1035.161866] ? trace_hardirqs_on+0xd/0x10 [ 1035.161880] ? ___ratelimit+0x95/0x630 [ 1035.161890] ? idr_get_free+0xfd0/0xfd0 [ 1035.161899] ? find_held_lock+0x35/0x1d0 [ 1035.161921] oom_kill_process+0x8b9/0x1640 [ 1035.161931] ? lock_downgrade+0x980/0x980 [ 1035.161949] ? __lock_is_held+0xb6/0x140 [ 1035.161966] ? oom_evaluate_task+0x480/0x480 [ 1035.161992] ? rcu_read_unlock+0x35/0x70 [ 1035.162001] ? mem_cgroup_iter+0x363/0xbd0 [ 1035.162010] ? lock_downgrade+0x980/0x980 [ 1035.162029] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1035.162045] ? mark_held_locks+0xaf/0x100 [ 1035.162057] ? _raw_spin_unlock_irq+0x27/0x70 [ 1035.162070] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1035.162081] ? trace_hardirqs_on+0xd/0x10 [ 1035.162089] ? _raw_spin_unlock_irq+0x27/0x70 [ 1035.162100] ? css_task_iter_end+0x280/0x430 [ 1035.162109] ? _raw_spin_unlock_irq+0x27/0x70 [ 1035.162120] ? cgroup_procs_next+0x70/0x70 [ 1035.162128] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1035.162138] ? trace_hardirqs_on+0xd/0x10 [ 1035.162146] ? _raw_spin_unlock_irq+0x27/0x70 [ 1035.162159] ? oom_badness+0x980/0x980 [ 1035.162170] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1035.162184] ? mem_cgroup_iter_break+0x30/0x30 [ 1035.162212] ? finish_wait+0x268/0x490 [ 1035.162223] ? lock_downgrade+0x980/0x980 [ 1035.162239] out_of_memory+0x86d/0x1220 [ 1035.162263] ? oom_killer_disable+0x310/0x310 [ 1035.162270] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1035.162284] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1035.162294] ? trace_hardirqs_on+0xd/0x10 [ 1035.162317] mem_cgroup_out_of_memory+0x159/0x200 [ 1035.162327] ? swap_max_write+0x110/0x110 [ 1035.162335] ? do_raw_spin_trylock+0x190/0x190 [ 1035.162354] ? _raw_spin_unlock+0x22/0x30 [ 1035.162371] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1035.162384] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1035.162397] ? find_held_lock+0x35/0x1d0 [ 1035.162413] ? memcg_event_wake+0x420/0x420 [ 1035.162424] ? __do_page_fault+0x5f7/0xc90 [ 1035.162435] ? lock_downgrade+0x980/0x980 [ 1035.162452] pagefault_out_of_memory+0xbd/0x152 [ 1035.162462] ? out_of_memory+0x1220/0x1220 [ 1035.162469] ? handle_mm_fault+0x465/0xb10 [ 1035.162486] ? __handle_mm_fault+0x38c0/0x38c0 [ 1035.162493] ? vmacache_find+0x5f/0x280 [ 1035.162502] ? vmacache_update+0xfe/0x130 [ 1035.162516] mm_fault_error+0xd6/0x2c0 [ 1035.162532] __do_page_fault+0xb4d/0xc90 [ 1035.162555] ? mm_fault_error+0x2c0/0x2c0 [ 1035.162567] ? kernel_write+0x120/0x120 [ 1035.162581] ? do_syscall_64+0xb7/0x940 [ 1035.162596] do_page_fault+0xee/0x730 [ 1035.162608] ? __do_page_fault+0xc90/0xc90 [ 1035.162617] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1035.162631] ? syscall_return_slowpath+0x550/0x550 [ 1035.162642] ? syscall_return_slowpath+0x2ac/0x550 [ 1035.162654] ? prepare_exit_to_usermode+0x350/0x350 [ 1035.162665] ? retint_user+0x18/0x18 [ 1035.162678] ? page_fault+0x2f/0x50 [ 1035.162688] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1035.162703] ? page_fault+0x2f/0x50 [ 1035.162715] page_fault+0x45/0x50 [ 1035.162722] RIP: 0033:0x409b83 [ 1035.162726] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1035.162735] RAX: 0000001b9bc20000 RBX: 000000000000126a RCX: 000000000040e950 [ 1035.162740] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1035.162744] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1035.162749] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1035.162754] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1035.162878] Task in /syz1 killed as a result of limit of /syz1 [ 1035.162898] memory: usage 0kB, limit 0kB, failcnt 3956 [ 1035.162903] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1035.162907] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1035.162910] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1035.162965] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1035.163151] [24369] 0 24369 11408 2089 65536 0 0 syz-executor1 [ 1035.163158] Memory cgroup out of memory: Kill process 24369 (syz-executor1) score 2105000 or sacrifice child [ 1035.163179] Killed process 24369 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1035.169491] oom_reaper: reaped process 24369 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1035.426948] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1035.426955] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1035.426973] CPU: 1 PID: 24381 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1035.426977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1035.426981] Call Trace: [ 1035.426995] dump_stack+0x194/0x24d [ 1035.427013] ? arch_local_irq_restore+0x53/0x53 [ 1035.427026] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1035.427051] dump_header+0x28c/0xe2b [ 1035.427069] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1035.427083] ? arch_local_irq_restore+0x53/0x53 [ 1035.427097] ? __lock_acquire+0x664/0x3e00 [ 1035.427107] ? print_irqtrace_events+0x270/0x270 [ 1035.427134] ? trace_hardirqs_off+0x10/0x10 [ 1035.427141] ? __lock_acquire+0x664/0x3e00 [ 1035.427149] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1035.427165] ? __lock_acquire+0x664/0x3e00 [ 1035.427173] ? task_will_free_mem+0x252/0xaa0 [ 1035.427189] ? print_irqtrace_events+0x270/0x270 [ 1035.427208] ? ___ratelimit+0x30d/0x630 [ 1035.427218] ? lock_downgrade+0x980/0x980 [ 1035.427232] ? lock_release+0xa40/0xa40 [ 1035.427247] ? mark_held_locks+0xaf/0x100 [ 1035.427258] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1035.427269] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1035.427279] ? trace_hardirqs_on+0xd/0x10 [ 1035.427291] ? ___ratelimit+0x95/0x630 [ 1035.427301] ? idr_get_free+0xfd0/0xfd0 [ 1035.427310] ? find_held_lock+0x35/0x1d0 [ 1035.427330] oom_kill_process+0x8b9/0x1640 [ 1035.427338] ? lock_downgrade+0x980/0x980 [ 1035.427353] ? __lock_is_held+0xb6/0x140 [ 1035.427368] ? oom_evaluate_task+0x480/0x480 [ 1035.427390] ? rcu_read_unlock+0x35/0x70 [ 1035.427397] ? mem_cgroup_iter+0x363/0xbd0 [ 1035.427406] ? lock_downgrade+0x980/0x980 [ 1035.427422] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1035.427436] ? mark_held_locks+0xaf/0x100 [ 1035.427445] ? _raw_spin_unlock_irq+0x27/0x70 [ 1035.427456] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1035.427466] ? trace_hardirqs_on+0xd/0x10 [ 1035.427473] ? _raw_spin_unlock_irq+0x27/0x70 [ 1035.427483] ? css_task_iter_end+0x280/0x430 [ 1035.427490] ? _raw_spin_unlock_irq+0x27/0x70 [ 1035.427499] ? cgroup_procs_next+0x70/0x70 [ 1035.427505] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1035.427515] ? trace_hardirqs_on+0xd/0x10 [ 1035.427521] ? _raw_spin_unlock_irq+0x27/0x70 [ 1035.427532] ? oom_badness+0x980/0x980 [ 1035.427541] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1035.427553] ? mem_cgroup_iter_break+0x30/0x30 [ 1035.427578] ? finish_wait+0x268/0x490 [ 1035.427587] ? lock_downgrade+0x980/0x980 [ 1035.427600] out_of_memory+0x86d/0x1220 [ 1035.427620] ? oom_killer_disable+0x310/0x310 [ 1035.427626] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1035.427637] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1035.427647] ? trace_hardirqs_on+0xd/0x10 [ 1035.427668] mem_cgroup_out_of_memory+0x159/0x200 [ 1035.427676] ? swap_max_write+0x110/0x110 [ 1035.427683] ? do_raw_spin_trylock+0x190/0x190 [ 1035.427700] ? _raw_spin_unlock+0x22/0x30 [ 1035.427715] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1035.427726] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1035.427736] ? find_held_lock+0x35/0x1d0 [ 1035.427749] ? memcg_event_wake+0x420/0x420 [ 1035.427759] ? __do_page_fault+0x5f7/0xc90 [ 1035.427768] ? lock_downgrade+0x980/0x980 [ 1035.427782] pagefault_out_of_memory+0xbd/0x152 [ 1035.427790] ? out_of_memory+0x1220/0x1220 [ 1035.427796] ? handle_mm_fault+0x465/0xb10 [ 1035.427810] ? __handle_mm_fault+0x38c0/0x38c0 [ 1035.427817] ? vmacache_find+0x5f/0x280 [ 1035.427830] ? vmacache_update+0xfe/0x130 [ 1035.427843] mm_fault_error+0xd6/0x2c0 [ 1035.427856] __do_page_fault+0xb4d/0xc90 [ 1035.427875] ? mm_fault_error+0x2c0/0x2c0 [ 1035.427885] ? kernel_write+0x120/0x120 [ 1035.427897] ? do_syscall_64+0xb7/0x940 [ 1035.427908] do_page_fault+0xee/0x730 [ 1035.427918] ? __do_page_fault+0xc90/0xc90 [ 1035.427926] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1035.427937] ? syscall_return_slowpath+0x550/0x550 [ 1035.427947] ? syscall_return_slowpath+0x2ac/0x550 [ 1035.427957] ? prepare_exit_to_usermode+0x350/0x350 [ 1035.427966] ? retint_user+0x18/0x18 [ 1035.427977] ? page_fault+0x2f/0x50 [ 1035.427985] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1035.427998] ? page_fault+0x2f/0x50 [ 1035.428009] page_fault+0x45/0x50 [ 1035.428015] RIP: 0033:0x409b83 [ 1035.428018] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1035.428025] RAX: 0000001b9bc20000 RBX: 000000000000126b RCX: 000000000040e950 [ 1035.428028] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1035.428032] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1035.428036] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1035.428040] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1035.428134] Task in /syz1 killed as a result of limit of /syz1 [ 1035.428152] memory: usage 0kB, limit 0kB, failcnt 3964 [ 1035.428157] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1035.428161] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1035.428165] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1035.428236] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1035.428378] [24381] 0 24381 11408 2089 65536 0 0 syz-executor1 2018/03/26 13:05:29 executing program 3: syz_emit_ethernet(0x236, &(0x7f0000000280)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @remote={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xbb}, [], {@ipv6={0x86dd, {0x0, 0x6, 'jnF', 0x200, 0x84, 0x0, @empty, @mcast2={0xff, 0x2, [], 0x1}, {[], @tcp={{0x4e20, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}, {"5feba3ce7d76c137f5233e6a6dd475dae6faa914032c2c59433cd6e31fc95beb871973bf5677a63ca592cef83afb03a484de1cad76c301c96619cc0bc117e187bc94ec95946c721f513e99e699a301f5ff71bd5ce8dea383163da8485c8a8a6ee96e167c5835e0eab9a8737b352f08589076903485818ae50e588d4d2d0f28a9281555c95e2b6e9cf9dc97d032c7992b2cabf9385eeefa01cd3bb525b87b1321d588aeb73bdbf1cb624614d12c2b11350b9071184b7da629342444b2322d632d7deeebfc9115ef4a98686882eeee9fc8dc4d1879c566dee073ad3688175d5c6224eaa416b224347ea291dcebfb5239ed50e2429a17f8f8798f6061796194f11ab350a7864a80bdcbbcdc0040228e903eeeed32ca600d7935e9558b5db92cfdd0ad57785df29429cd7684e3a4b172be4e9aced9ae5f995a9aaf7d61fa4f8c6b0a9c1a9597cb91327e477ba1ce893064ccc17c27a594b070c82aacbd9c58e7715090253173e99557e1ad6ff25faabb4d90f7c0b4784760bc90d7cf7d7ab31214035cff1fcf11a51a586e2b179578c8ea95e9706526d953d64f4147929144d8974e80199309d831b1b459810360dc5bd383717349eafbeb0f0aeaac34d19fac175a10b1b2ce15a96b8c2c2a2def3b09a7ed226867b2321a2e58e2cbb0c7b6cd8d597f0104b05647731296da379c"}}}}}}}, &(0x7f0000000100)) lremovexattr(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)=@random={'trusted.', 'vmnet1wlan1selinux\x00'}) 2018/03/26 13:05:29 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)="6e95359b65742f6970365f6d725f76696600") sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x9, 0x80000) r1 = semget$private(0x0, 0x2, 0x80) semctl$IPC_INFO(r1, 0x3, 0x3, &(0x7f00000000c0)=""/165) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000080)={'ip6_vti0\x00', &(0x7f00000002c0)=ANY=[@ANYBLOB="3500000000000000110000000b3ddfa29e670c47594e2d75543f4ad2c51ab12aa77843a931bb2ee77c8972b2cb000000f4c033264a5bd2c54059dee0e765e068f5025ac7259c37af0970ceadef3297642ffc55a3bfc07045f4c9ab26e45483a13681ee877935cfb1447487ed2e18d7420857fe1e19014b6cd77419d434ff8922dd5ca513d9b6453d592eb1d14a2c8e0f9855d16f9fcd5d60e7a66dee03000400236b0000000000008426000000000000c004000000000000a226cf9f508fe0f931c0c45dcdea306cc4b054674ad65dfd139cb994c504954c"]}) 2018/03/26 13:05:29 executing program 1: unshare(0x20000400) r0 = semget(0x3, 0x1, 0x200) semctl$GETZCNT(r0, 0x3, 0xf, &(0x7f0000000000)=""/138) r1 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r1, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) connect$inet(r1, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10) sendmmsg(r1, &(0x7f000000b4c0)=[{{&(0x7f0000008f80)=@l2={0x1f, 0x712}, 0x80, &(0x7f000000b400)}}], 0x1, 0x0) 2018/03/26 13:05:29 executing program 5: r0 = syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x0, 0x0) finit_module(r0, &(0x7f0000000080)='/dev/loop#\x00', 0x3) fcntl$setflags(r0, 0x2, 0x1) ioctl$LOOP_SET_STATUS(r0, 0xc0481273, &(0x7f0000f58000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "000000000100000000001bf3fffffff6ff64000000edff00007db0e6330ee7f9b319d8000018e58d1c43473000e05026fb0000008001d1a7335d5bffff0001d7", "cea40005003500f7ff0002ff000000000000000000810000dc01867d00000ef1"}) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/ptype\x00') ioctl$KVM_NMI(r1, 0xae9a) 2018/03/26 13:05:29 executing program 6: r0 = socket$inet6(0xa, 0x400000000001, 0x0) chdir(&(0x7f00000003c0)='./bus/file0\x00') r1 = dup(r0) ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000000000)) setsockopt$inet6_tcp_int(r1, 0x6, 0x20000000000002, &(0x7f00007b1000)=0x81, 0x4) r2 = fcntl$getown(0xffffffffffffff9c, 0x9) move_pages(r2, 0x4, &(0x7f00000002c0)=[&(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil], &(0x7f0000000440)=[0x3, 0x7f, 0x1], &(0x7f00000004c0)=[0x0, 0x0, 0x0, 0x0], 0x2) ioctl$int_in(r1, 0x5421, &(0x7f00000006c0)=0x1f) bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e20, 0x200000000000, @loopback={0x0, 0x1}, 0x4}, 0x1c) ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f0000000480)=0xffffffffffffffff) recvfrom$inet6(r1, &(0x7f0000000700)=""/19, 0x13, 0x0, &(0x7f0000000740)={0xa, 0x4e20, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x7}, 0x1c) sendto$inet6(r0, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000400)=0x3, 0xfffffffffffffe42) rt_sigaction(0x20, &(0x7f0000000040)={0xfffffffffffff001, {0x4}, 0xc0000000, 0x515}, &(0x7f00000001c0), 0x8, &(0x7f0000000200)) ioctl$DRM_IOCTL_AGP_ENABLE(r1, 0x40086432, &(0x7f0000000140)=0x380) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000800)=ANY=[@ANYRES32=0x0, @ANYBLOB="7f00061f00ed07ff0719ef2e8c5b8072270bf4b9b820ebef19be022753e2c4c338c5a46439ed58416dd7af52e0fe14b460ca3d402ec12213ecf79e5c6ff1d2ecc3fbdff1b070aec5e40da2ea37366b66410e5dee08e88e0bd651cc2e1603a6a357c7667855c2594df1c2cde1fe66220a0a239e41c46fde2fde8a7c29298f695ae4e087c23b114c4252e098c902142bb81eeb693fa1c2d743e1b497eecc1dde3e767e52e11d5785c3a9fdd320674141feb3c2f3a472e0c83eeb30bba91e12beb0ba931ab3608bfff8800ace92d4f41fb9872384c37777a8dbdccab2caeddda3d57a473fc4c95d961d88b8aed1b87c28ac65c5622f1fadaa73e3e50f82168fe2b2e437382408db176379a2f6c998776d1bf536acb9ec3ee8ef2a6190674f442c6f6cc8ac00006cb9318b034c4ab58c1ea26124a9452231948ad02283be556537edf7dd499e30f6a9e221e68b33cd2bf240876468cba002a901bb2419a06c5bdf4632bdff9527605c2725834ab51e30786799a0e1a5a4fab7dbee8de1a2cf6076e1e619b06a8f481d3d0fadd1f232cc4d00069e9f3a7014e8e5996e6896c00c492961a9e7d200815a7463342f84f69505d99f390b26a2cc7cd83c2f1bd9d8f29f64ecdb0fafd1ca2176af4f1923dc4fd4f66bdaa45a99eb9ea5c5726503657c3538b41e1b3cc1f167335ddbdc61ccee6b3c2ac4fffb8f1c5e73c7515b9b008b335884c5db85945b0bedbf2074e8e634af3d3b4a92826c940d1ce2e95f193c25a30b5ffd099da6adb7f09b8c0966960516a24fab592bbd75b98b4a0db2155eec3aecdb3ea0b999d675fdc7d43f19b918b35f5854d8d188455619865fefb96ffcfe07ef08a39f8739a0b93e9ca70afa2c04bc3a12ee4f882779033a750b0d3aa9d277cb9499e8f601fefc7b2bf261b7b8bead88a079bf783ee3ae9137800cd957ffd4c462f8be72d08e77981417da25aa275894a4209cfc015120d6f2223e89f8b5d4e2dd09081500000000000000000000000000"], &(0x7f0000000080)=0x2) rename(&(0x7f0000000600)='./bus\x00', &(0x7f0000000640)='./bus/file0\x00') renameat(r1, &(0x7f0000000240)='./bus\x00', r1, &(0x7f0000000280)='./bus\x00') setsockopt$inet_sctp6_SCTP_ASSOCINFO(r1, 0x84, 0x1, &(0x7f00000000c0)={r3, 0x5, 0x1, 0x100, 0x6, 0xac2}, 0x14) ftruncate(r0, 0x2) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f00000005c0), &(0x7f0000000680)=0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000100)=0x200, 0x4) r4 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0) fcntl$setsig(r4, 0xa, 0x27) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, &(0x7f0000000300)={0x0, 0x3}, &(0x7f0000000340)=0x8) getsockopt$inet_pktinfo(r4, 0x0, 0x8, &(0x7f0000000500)={0x0, @remote, @local}, &(0x7f0000000540)=0xc) connect$packet(r1, &(0x7f0000000580)={0x11, 0x1d, r6, 0x1, 0x6, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000380)={r5, 0x3, 0x20}, 0xc) ftruncate(r4, 0x7fff) sendfile(r1, r4, &(0x7f0000d83ff8), 0x8000fffffffe) 2018/03/26 13:05:29 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x0, 0x5}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:29 executing program 0: r0 = socket$inet6(0xa, 0x2, 0x0) flistxattr(r0, &(0x7f0000000040)=""/63, 0x3f) setsockopt$inet6_int(r0, 0x29, 0x31, &(0x7f0000000080)=0x100, 0x4) bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e20}, 0x1c) syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @empty, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x11, 0x0, @local={0xac, 0x223, 0x14, 0xaa}, @dev={0xac, 0x14, 0x14}}, @udp={0x0, 0x4e20, 0x8}}}}}, &(0x7f00000000c0)={0x0, 0x0, [0x0, 0x2f6]}) r1 = syz_open_dev$mice(&(0x7f0000000100)='/dev/input/mice\x00', 0x0, 0x24000) setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r1, 0x111, 0x4, 0x1, 0x4) 2018/03/26 13:05:29 executing program 4: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rfkill\x00', 0xb0402, 0x0) r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000100)='fou\x00') sendmsg$FOU_CMD_GET(r0, &(0x7f00000001c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x3c, r1, 0x200, 0x70bd2d, 0x25dfdbfb, {0x3}, [@FOU_ATTR_PORT={0x8, 0x1, 0x4e21}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x67}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x21}, @FOU_ATTR_AF={0x8, 0x2, 0xa}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8000}, 0x8000) r2 = memfd_create(&(0x7f0000000000)=',%\x00', 0x3) fallocate(r2, 0x0, 0xa7b3, 0x1) pwritev(r2, &(0x7f00000002c0)=[{&(0x7f0000000040)='\a', 0x1}], 0x1, 0x0) lseek(r2, 0x0, 0x4) [ 1035.428384] Memory cgroup out of memory: Kill process 24381 (syz-executor1) score 2105000 or sacrifice child [ 1035.428418] Killed process 24381 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1035.431642] oom_reaper: reaped process 24381 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1037.620950] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1037.632048] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1037.637218] CPU: 0 PID: 24399 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1037.644579] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1037.653933] Call Trace: [ 1037.656522] dump_stack+0x194/0x24d [ 1037.660154] ? arch_local_irq_restore+0x53/0x53 [ 1037.664826] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1037.670040] dump_header+0x28c/0xe2b [ 1037.673773] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1037.678969] ? arch_local_irq_restore+0x53/0x53 [ 1037.683649] ? __lock_acquire+0x664/0x3e00 [ 1037.687886] ? print_irqtrace_events+0x270/0x270 [ 1037.692639] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1037.697760] ? trace_hardirqs_off+0x10/0x10 [ 1037.702075] ? __lock_acquire+0x664/0x3e00 [ 1037.706310] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1037.711506] ? __lock_acquire+0x664/0x3e00 [ 1037.715736] ? task_will_free_mem+0x252/0xaa0 [ 1037.720238] ? print_irqtrace_events+0x270/0x270 [ 1037.725013] ? ___ratelimit+0x30d/0x630 [ 1037.728988] ? lock_downgrade+0x980/0x980 [ 1037.733142] ? lock_release+0xa40/0xa40 [ 1037.737116] ? mark_held_locks+0xaf/0x100 [ 1037.741266] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1037.746367] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1037.751380] ? trace_hardirqs_on+0xd/0x10 [ 1037.755533] ? ___ratelimit+0x95/0x630 [ 1037.759411] ? idr_get_free+0xfd0/0xfd0 [ 1037.763363] ? find_held_lock+0x35/0x1d0 [ 1037.767424] oom_kill_process+0x8b9/0x1640 [ 1037.771643] ? lock_downgrade+0x980/0x980 [ 1037.775771] ? __lock_is_held+0xb6/0x140 [ 1037.779826] ? oom_evaluate_task+0x480/0x480 [ 1037.784248] ? rcu_read_unlock+0x35/0x70 [ 1037.788297] ? mem_cgroup_iter+0x363/0xbd0 [ 1037.792523] ? lock_downgrade+0x980/0x980 [ 1037.796762] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1037.801498] ? mark_held_locks+0xaf/0x100 [ 1037.805623] ? _raw_spin_unlock_irq+0x27/0x70 [ 1037.810096] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1037.815101] ? trace_hardirqs_on+0xd/0x10 [ 1037.819225] ? _raw_spin_unlock_irq+0x27/0x70 [ 1037.823706] ? css_task_iter_end+0x280/0x430 [ 1037.828090] ? _raw_spin_unlock_irq+0x27/0x70 [ 1037.832561] ? cgroup_procs_next+0x70/0x70 [ 1037.836769] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1037.841763] ? trace_hardirqs_on+0xd/0x10 [ 1037.845885] ? _raw_spin_unlock_irq+0x27/0x70 [ 1037.850365] ? oom_badness+0x980/0x980 [ 1037.855117] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1037.859856] ? mem_cgroup_iter_break+0x30/0x30 [ 1037.864436] ? finish_wait+0x268/0x490 [ 1037.868309] ? lock_downgrade+0x980/0x980 [ 1037.872432] out_of_memory+0x86d/0x1220 [ 1037.876415] ? oom_killer_disable+0x310/0x310 [ 1037.880886] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1037.885977] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1037.890968] ? trace_hardirqs_on+0xd/0x10 [ 1037.895100] mem_cgroup_out_of_memory+0x159/0x200 [ 1037.899923] ? swap_max_write+0x110/0x110 [ 1037.904044] ? do_raw_spin_trylock+0x190/0x190 [ 1037.908620] ? _raw_spin_unlock+0x22/0x30 [ 1037.912748] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1037.917741] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1037.923168] ? find_held_lock+0x35/0x1d0 [ 1037.927206] ? memcg_event_wake+0x420/0x420 [ 1037.931517] ? __do_page_fault+0x5f7/0xc90 [ 1037.935732] ? lock_downgrade+0x980/0x980 [ 1037.939856] pagefault_out_of_memory+0xbd/0x152 [ 1037.944501] ? out_of_memory+0x1220/0x1220 [ 1037.948709] ? handle_mm_fault+0x465/0xb10 [ 1037.952920] ? __handle_mm_fault+0x38c0/0x38c0 [ 1037.957475] ? vmacache_find+0x5f/0x280 [ 1037.961434] ? vmacache_update+0xfe/0x130 [ 1037.965563] mm_fault_error+0xd6/0x2c0 [ 1037.969430] __do_page_fault+0xb4d/0xc90 [ 1037.973473] ? mm_fault_error+0x2c0/0x2c0 [ 1037.977598] ? kernel_write+0x120/0x120 [ 1037.981564] ? do_syscall_64+0xb7/0x940 [ 1037.985514] do_page_fault+0xee/0x730 [ 1037.989289] ? __do_page_fault+0xc90/0xc90 [ 1037.993504] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1037.998241] ? syscall_return_slowpath+0x550/0x550 [ 1038.003154] ? syscall_return_slowpath+0x2ac/0x550 [ 1038.008064] ? prepare_exit_to_usermode+0x350/0x350 [ 1038.013060] ? retint_user+0x18/0x18 [ 1038.016750] ? page_fault+0x2f/0x50 [ 1038.020358] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1038.025182] ? page_fault+0x2f/0x50 [ 1038.028793] page_fault+0x45/0x50 [ 1038.032230] RIP: 0033:0x409b83 [ 1038.035403] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1038.040754] RAX: 0000001b9bc20000 RBX: 000000000000126c RCX: 000000000040e950 [ 1038.047997] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1038.055248] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1038.062497] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1038.069742] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1038.077304] Task in /syz1 killed as a result of limit of /syz1 [ 1038.083342] memory: usage 0kB, limit 0kB, failcnt 3972 [ 1038.088640] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1038.095406] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1038.101565] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1038.121034] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1038.129783] [24399] 0 24399 11408 2089 65536 0 0 syz-executor1 [ 1038.138670] Memory cgroup out of memory: Kill process 24399 (syz-executor1) score 2105000 or sacrifice child [ 1038.148683] Killed process 24399 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:30 executing program 3: r0 = socket$inet_udp(0x2, 0x2, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = eventfd2(0x200000005, 0x80800) readv(r1, &(0x7f0000001600)=[{&(0x7f0000000100)=""/8, 0x8}, {&(0x7f0000001500)=""/231, 0xe7}], 0x2) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f000001b000)={@multicast2=0xe0000002, @loopback=0x7f000001, @dev={0xac, 0x14}}, 0xc) setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000008000)={0x1, {{0x2, 0x4e20, @multicast2=0xe0000002}}}, 0x90) r2 = socket$inet_udp(0x2, 0x2, 0x0) dup2(r0, r2) setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f000001b000)={@multicast2=0xe0000002, @loopback=0x7f000001, @dev={0xac, 0x14}}, 0xc) getsockopt$inet_buf(r2, 0x0, 0x30, &(0x7f0000008000)=""/144, &(0x7f0000004000)=0x90) getsockopt$inet_buf(r0, 0x0, 0x30, &(0x7f0000008000)=""/144, &(0x7f0000004000)=0x90) 2018/03/26 13:05:30 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0xfffffffffffffffe, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:30 executing program 1: r0 = request_key(&(0x7f0000000100)='dns_resolver\x00', &(0x7f0000001380)={0x73, 0x79, 0x7a, 0x0}, &(0x7f00000013c0)='/dev/infiniband/rdma_cm\x00', 0xffffffffffffffff) keyctl$update(0x2, r0, &(0x7f0000001400)="7e10dd81cc5aff990769859c1bc1218701c1362511", 0x15) perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r1, &(0x7f0000001e40)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001e00)={0xffffffff}, 0x13f}}, 0x20) r3 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x8d80, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000000c0)={r3, &(0x7f0000000280)="f0ee787baf651320a003cb584515042504ae389b2996087a43a230325d505b87d944995d7b2188ec363626d0f29c5718978b497cd547d76e4cb39d28240534f2275e487611a5f5801b024201f165242a81f9dc5871a6b361859a076643a4127c5c0ae6fd9a828b951366e865f45a562edc8a21a5bdc9d3d91d7161d146cadd10a844470d53372b12f491d21b50463935e0a0dff720b346d241a0a1ad3a3b6c5bdee47cf8b6cf81c45c7e3eb66759ab1341050085d2e4f09e9c231b790f8a10bc4e711e65", &(0x7f0000000380)="9c3d14030cf072a4020ea7b89f7f4e3001a136e0781f9bff153b44090247cc8d6b0f7ff86f936b7ce48106c99538f74f28eebbe3532fab41f7828dabe39eaba5adf8dd884f143cfbdd8e585e9cf9c6a3a9b72246b0ae0204b753509c9901a94d9c9917e6ddc70b5d4c6cdd40becc40f850760388da9c4de5695ae081558bab0dedd6e178d0a1984cc98268449f273369f7ae64a1f5660ed671d71e7a74ecfc102ee3693206e29b6ef0cd979797a75ba1f37066b76b7adcb7e96f2036a5fd5da3532e25948f7717c417fed525b9ff6f50156cc7c5dba0cdec6a924b1ca2b54ac39ae85374d8cc1272aa914a0ab3616e3e81ac17a25728a1eef23c22921d22791ae1cf2e0ccd7ca6fb50dbac85745c2ad165f6fe6d1469bab6229bb84417a12bd3286dc3316f76b12c9583146bc54a9ec8dfa5a109be4658f402ee869023d604b5e93613ab7505ed4dfbecd293cc9b7925ecab5347694989d21e6afb37332c611fbd5df6bdacf1d5677ca19adcc57213f0c0e3a6da264e88af8df1e6683d5679775e0dcb0c79bc80c62a8f69e5102d0914134dcf6a5fc2783811ba71e0c04f8c468998b22ff93a7b13fb758656169e83048b718699656332f7f6c91231f412c8e48d2aa78d885e1633d081fb69b37b4434119fe2c3bdb47c4cb73e5d1d9ccaa464d1316f0ac6cc05f116ec8b2774135bfe241f825adb1b7124ee069c30084de3f9d49412ff074b83f81dcfc74338daec4cf4ff4190dd1447840bf81ff493c79456e35987d08965b0f3eb023c983b375572a56a0d64deaab21d87736890637b1a208c3c24e0c026a0040743f48716f5bbf554855a2f24848ffd09495df1f95ceb156201af5f38dbed8ce1c6239bb6825c63c1f43d6fdd48f0eba3c0ab9d2391ff7f003fdc156e91cb6d3094ba7ba034a6a1661af11f3c24fe7748b83b4c84bbd2b60df0d61e7f9cbe55c769190dda86f336fdacde62ddfc3f33674b121f58bfeb1f9da257636071c17e64d30ad0fe340a185a90b38129d543808eb00251f45e88320af218b264550146ce1f83fd44cf349c1335d36470d5a377c93466001471248ae18e52893d778a61f2859e33d764eed7693a4c7d7ae4036c683d056c41957d407b1994d108f5d95f83e11dd9f30218a9c3aa1e637056511b86371ede4d85fbef5af9dfe631f11c5dafd17e1bf1d1ba9bcca4de7b09621492412ad611aa8f109cc5839228accb80dfd9b6cfd14e232d500c606ec3c9f2910f28990a3b3ce25585d08426ade58e74866fb72b70e8c25adf24a2499b5cc685cd5cb724de52a5ea8fd87ac566252a71f9641b4b07e8fde1bf6260383f67086fddc0c2a04c393ca6b093f4698a53b364bbd40228d7926bb0ac03437c7eb2e9204f704a3b472777ac6926269d2c3ea99b6d0ff796127efe729b7fda5d7875dc8e12013f00434dd116bd34c564cc9fece99eec4f8b7c9e9775affb6727b7ec706e802b04b69346a0487c0210c7d4db9117d3ee64a6b8e885c98fdf5ddd52858441909de1ffbaa49867eadb32b4e53076486807115e93f2a984200fdd53ba02a2160a634b018769d5ca8e30dea3e6c68c5b3161086e0eec96dc049c06136f3cf3508cd8f9aa6299e27a10aa9331f7287ae67d11643246739254fbefdee9055798acfbfad7488fec02e2e61b48820ac1fcca8d11503e3ad40d9a3f1432a9eaebb4287b42c10c4464d31343c012bf701a559550a3e45d57ce969f67a5d16347d2449f077c7f9f4c6992eab1ece059ea0f7e5750e32bc5dc7ccd1913841846d9503c21e4254a431ace51b57f8c55f9dc143332557c1a4cdaca40081369122842c8de1f50eafe6fe33c8ab7135253cb8828aeefd25435d5b5c851b9a30cb591f0aa1e11a683f0b69b1770b8d482f70f41a886cb0faf21de4489d8347a1fae9725bbd3ed119c6e127204163366ae616690328c040890027fd9eb58ac34c87c5c1ecacaf9c36e6775afa36ad6571e31d71c651652d36df6d39d65b18c3dbbc9f6a14d7a956cb430427fcc6e81aff5cec41bf773f55ccd78f23a60a69eae8afac48c6dd58f0bb7e762e8cae4aa5fc3a75a55b66b94013111935b6892231fa42ed68963ac64bdeaae1f9a3a241b70eccb7e49d647ca0ebfa8ef870ec3710f53357bb6b1954cb30807091781665cf18d497e6b04c235850070522b17af1017e0c49561e58310f3181d66861670f19b07d39d7cf62c9af35212d6014fed36ba57cfd27e7248fd5f1d8f7dfd2c75bae0c9a9e2d09a468c219d190334998a0c37afdf6f851e3699cc4fb0642c16a0966840847b3611a471da6128ebb10a7ac62fced6185300a10d2f0d4695c57a34d4af448f5137afe29de72815205d346df9b6b5fb835da0a6a6f0b46cb07736cc9b687070ae261895e29d7e13c33428508e908d4889c6be0d7e59a8cf005b0f2b34ce8d2ee08b18c807f11425f64e7fa7e94666d717974906f76dfbdb742d3de2a3ceb3d526ff034a2a75211df4922c8e200b4ed6d1d6e18342c4e50737db8af1aa8d57d6403db27b225d044642de241ba57124373469202c3d77470db5b7ff2bf3d12a9f35b0b67ad4b4d77574351cb6d7966c6b1b70c095341673f25e4093399e239bb1bae1fdc999e08ae36cf9ca46883ef80f83330cbb2ab16ce134d2864e0a998da8bb84b9518c15e69c8b2e6c1eb3007b68c7441530f45bd9d00c283bc18d18839a5e4101ef746165e3fc5e1633d7e064d67ffc56c18821d8deb037ceed427baec53d2ce46cb6561293b03a506a46bb16079569f906a77f0c9185c84b5cb63df2f3d9bb53c2160e5c27a8ebb3bc60fc4bea4daa55118c755989d499b855ff08783ef37cad9cda6463ce79d9deca205e97aa77747999b6dea6649cc001ae3e15d913f2c84ad7df103dd842988128a035871c62ad134287d945662f0cc3cf7b68197e8debd5b52e6f89db681d49234b98000029985c1a37bf63f610ae5a3826c462ebb4f1b78ba3f3be62796d040548f25816676b76497da1e794faed6027381688777b87f541412b22bf0d4c829666ea5d2209a108ca44a4324d23a29f5dbabbd318e4be71af24476eb0d15b15727ce5e85518d189ff4f91f0e3e029d3d113a18a46a61942e2e3263bdc134ac2db25f15a1e4a5c627d38060676bfc7dae6d38640923ea60d6be008a8f7429042118b85130a47da5d60f22455f1ed221f886ba58b9d22fc8cf3f8b48b79e60907b10cb404fb9b9323538d8ed11445afa57a3290ce46d0900a5c3735f16a99c511903fcb5e63d9b0d5c83088df3d3351c4b6f72d6467a77a751a349bfe3bb4aeb3ad15e13f3015d7f1cc22294bfd08a600ecf1fe6d26ff2ce3869059dc57893d3d7b43759b34c19674fa5089fbf63e045eaf92a0c899531ae798a781e829721f0906995c4ebde19bb433b98938d7760c777568918992d3bf1bdd7e1b1aa7833f5876f42727ee89a553a5c69739cdf06594b4951796a236159a23dfd9745cddab6f5c100bb10e79b3d56d944f076fae9999cc74b29916a203adee931fa291a52be58ee64eef08d653d702c7bad8b41f7e51d02a0e1f714b49cad1c1580751500456f768d07b0b9978be1414d1923cb1b5f6492dba7941277f00daa99f21824e951aec36499864b0ca96b1db43c67732e421c8cd31bf381f2d73ecd68cb08729e70e24b24217b111fd8c02908d25d3d56d04b3b58d1f33acc374cb3185f7c5d6e770204b89a8e59a78c6996536be79188beb7b911d888dfc0b6d540a8e613d8ebf2cfee419bd2a46665c6e72ece8183636ee846fb2dbdca8b650e2a34365a1f5c030c30d6891b22b30d9539ce1122a55de787e3b5712dbe04131f79985f9b33af56adda6ee2dfd0dad5f18c5c76e6f4a3dd3a87398832c956ff51798b60e15bb313000b6d2d5a3b7aacef293c56dc53344899f4aba67d3c64803fb49356aaa0f35f1cdb513633743d5481962b23ce77a23d56998f3162225db5ba13a4fada58673901b3b87d8c49d8afd39e0b016e149297ced7277dbd60abe3677ba833b080874f6ad4de03c06127c8d65102c7e9daa496f7ac93ee039ae9df085b61b070bdcdc1f1067b989bbc6cf16025a03993d747c62a2b11acf7975a4d5fdcf57a0573e291b2a46ef81623dd2d49ddceacb958f5275242c498064a5bc81910a70289dc6eae30466afe2f1b39983720cee406d47f6ad21c17b8e90df0fb769ad79399b67935abcf4d78bd471553b8181957b37b799a4fc7e6f888117f4460699adf1e18e53446c04c15564c74aa2aea0d18e852132a798914065a862d3884c0ead6df1058cbb7ec671a9f0791aeec99283025b10a4ea87e54bb59a4dddf828f3d70f1993ea80e5754a0190d6fb49eff042bf5c3e203f04ced59e7bc84b7990598242bc0c2fb8623b617fb229e1c0fd3193385b87594421bb6c52884fdc4d4ebe177dcea10040d84a454979b26cb204564957b8c0d2264ccbe1fbb13bc7a9c0a17c86e8d38f6898eb4a7e80440c56b04195cfd23b60f2e85c0527a08fb0beab2a8c72f57d9e77286744fb926131be111f2f43fd0acb9d999286e28fb42865b4f804b31755b717f8aa6a612809a5a91ca06bf25226530eebda7c6488dfdea9460fe3d209f7e49889163b99cfe87463b8f281c527177dd8b31fe09dfd1a182c45f10672844652f5b40022f391d93c26242e20d8c2d07e0bf7d6d94d8931aa12874e8c373c507a8290751348c347acf6bdef614659576692f37ef87697ffcb12e1a6ff577a8d6e20f6d6a4785526963d0c55c748750096ce021ca23545fa2ddc0a329c3d48907827fa341fa4955d98f6b001fafff8f2766ad9cb61686f550d0eec5403eede2c51ee62d4a4a5993c38008a71b85dcf114f7cdb0fc720893e7a8310347c9dd747320d3fc9980b3a1d1c16cfd7a8291c3eed184066477da92f52b6752c263b20da29dc04521b41a95fcb2ac0b892412893b75ac8137ae4d7cddea3787440c2317c427e54db5bdea25ab47c8531db79625c6d08c4d396a03f8b6a066e281b1e8c12fb823e6202d151979d8a39343273b97af373b7308eb3d2a090a6d39d68bc40552a3affce61adbede6d2b931dc9c3eed6f5770000fe9560b88db28f6be142d5ad9bd297b4d35c3ee1a279b3b2358579ad3407b2363b4ddb28aee34bbac3b84e01bc159574c593ae5fe9f76f8e34f84eec7bff0c45eab9f17356c0e987101492e2725ce023cdf13e6a9efdfe2e135f2dfe6c55bc37721f6de4b5c8590db3746afec9b2b83d8f794a6bff77b5a36dd724318c54c9ac1b205b166a6bd4e75477cb1d7ec56285b0c13016e2570cbe84dffcf20176a7e54dcd7c70088ccc3c3e7a15b7fb50461291fb29e3238fe40d4313fe916e2bda5a02fb6d53185fa612a3d0f600d3956f08ce2802704a7b259d6c182958af9414c44591867afd52833de749c97191ec1e2292b7bd7849ac463e8fbae3936416147b32e98d9d88b43b76efd3bbd36e7e8d3c9acd7ed51c45a51131085953854ff27752d177560ee86bb924bacbcba3e907d529cc26174fd2116c938589cc0cb3eb6fc14fc558717145fbc57148c96f0c75208ead009d6914b04ace6a6bf97466dad89964f1097c7fa4fe868ded9c1f622c60b0c8450422c21e2055287501cdcccf5a72d47477480aaa51e1b5689d588688e850b07ef40d1b6ccfe64c6a42885791c4ee1f163d24ceab10ad620c4de1634a4b8be609b47193fd84990d8c6533d7600d331b39a46733c460ab1a5b309fadf473663c18896ae7364f3cc00ee41913fcb786"}, 0x20) write$rdma_cm(r1, &(0x7f0000000140)=ANY=[@ANYBLOB="08000000200100fa00000000000000000000000000000000025e8501ef2149677b47d2f9edf72628a6c50022ccf3c55bc948c0e7cc39107575c029f9c7e0bcd228832ee360e346fdbe1f6dd0939574b5c9419a3c2a613e35ca5c825e13c0a193be55b090057d9ef04a8b79c11afb300909cd9d62129fa09d08116781050c7fd9ea4dd01cc8b68da90550a31d1dd3cea71ece00a4a8026756e4b9fc4445bfcd1c81ac072c5fdc9961ed92d48b39bac9b1498f86c19f1ea21cade73b61d731481962806a99ba97b31a15ed4fe4e64f5349d2090aa3e0a3899767f59cfbd58797f3f9c9cd7f2cdf2cda83779dae0f242d17fc66ef0bcfde11c9b5df84421e71d950a37c94134e86249746014d158a24b8bf76fdc142fc384efc0000000000000001", @ANYRES32=r2, @ANYBLOB="081a0001"], 0x128) 2018/03/26 13:05:30 executing program 4: r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x44200, 0x0) r1 = syz_genetlink_get_family_id$fou(&(0x7f00000001c0)='fou\x00') ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x3) sendmsg$FOU_CMD_GET(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x40, r1, 0xf00, 0x70bd2b, 0x25dfdbfb, {0x3}, [@FOU_ATTR_PORT={0x8, 0x1, 0x4e20}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e20}, @FOU_ATTR_TYPE={0x8, 0x4, 0x1}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_AF={0x8, 0x2, 0xa}, @FOU_ATTR_TYPE={0x8, 0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x880}, 0x0) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) sendmmsg(r2, &(0x7f0000005d40), 0x2, 0x20040080) 2018/03/26 13:05:30 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') ioctl$KVM_ARM_SET_DEVICE_ADDR(r0, 0x4010aeab, &(0x7f0000000000)={0x4, 0xf000}) ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:30 executing program 0: r0 = syz_open_dev$sndtimer(&(0x7f0000000040)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000029fcc)={{0x1, 0x2, 0x0, 0x0, 0x10000}}) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x20400, 0x0) getsockopt$bt_BT_POWER(r1, 0x112, 0x9, &(0x7f0000000100), &(0x7f0000000140)=0x1) getsockopt$bt_l2cap_L2CAP_LM(r1, 0x6, 0x3, &(0x7f0000000080), &(0x7f00000000c0)=0x4) 2018/03/26 13:05:30 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'syz_tun\x00'}) sendmsg$nl_route(r0, &(0x7f00000018c0)={&(0x7f00000002c0)={0x10}, 0xc, &(0x7f0000001880)={&(0x7f0000000000)=ANY=[@ANYBLOB="2c00000013000501000000000000000000000000", @ANYBLOB="00000000000000000c002b000800010008000000"], 0x2}, 0x1}, 0x0) 2018/03/26 13:05:30 executing program 5: r0 = syz_open_dev$evdev(&(0x7f0000237fee)='/dev/input/event#\x00', 0x0, 0x28001) writev(r0, &(0x7f0000000780)=[{&(0x7f0000000240)="7c707fd76e73925a0f9bfd0b611521d14cb7df434998b94f6c41af76bff4efeeb977a42eab152abb61632a858a45d34e5c7ebf5c15ed67b4704821a33194be2ceb5bee6cdeec18c91ddb9457b81f7d989c976c0f9e61b62df6cf8b620349a9dce2162421892cc463341c4ec1267f13193f802e460a6252a4", 0x78}, {&(0x7f0000000380)}, {&(0x7f0000000400)="7994c3703b1b5754a32e19788f6b0a46f8d9b178fe4173f1ade8425901b9bb04aa37cb0dca3af567d5f28d9ae7be935f6fdb4e206f2349978be567ad1d72980bd633594416a4533a298601bfc3e1600a75bf3808eab7ce2d1628899190dbae2674053d45996aadde9c3fcc641f8af86577d931c8d848c80d48b7a695997f854c7e47864a8964dcf8c5eeab0115efbaceea571888350d52ed505fc2a864b40f43c4670974b5a158d42120b9c600f9285194389ad3", 0xb4}, {&(0x7f0000000540)="3069b49414b0bfd83747def47b14e506616d9c1193eeb3240614d29c4b17e02dba796d873bf230a8a2afe69b3a32e73e0b6ebbf9cbe03596f6192a72d854c9fb0d7a19a2fa6ce6af3591f4964e6a29b146d7c1054c85aa193906920db1ceb5add4ed9cc26e9f44c24ebe062bacd6859f7ef88f1f6e95a86fd95796993a8aabaa50385415400c30e9e856e164a4b5c644f750ad7b1b0aa98a943240be0eea0f352ed952efea39183f074827916d7ea5cc0ab759603da8be7223b1c60d875ba5bc0ed89b8c5dc9ff27c67ff2505b7371024d41e012b84d454872e6d4d1e667d632098990263ca3026d13dc979b975102df1f14efaabc4e40d0bd94ba", 0xfb}, {&(0x7f0000000680)="7a6014ef5ba6ddde5b13ed29eeaf66e8837e25476cfdc1c599b2e968995d32849a756e5dc1319b8fb276ee696c63c99186304a223b8b3b990ff5e634905b363bca474419de34959b1f184304c1afb413ee2f86583afd3a563aa273a9cebf6b8bc8259368e497c3f18f2ca00d31ed6c4a0c62e4b6905c83af754ec02fe86c6a4510a9d2168ee4c8ae224103f7d6753dbaf71036a8b9ddcd657bee57dcd190624d53c0c546", 0xa4}], 0x5) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x2002, 0x0) bind$ax25(r1, &(0x7f0000000040)={0x3, {"c917970a0f0467"}, 0x5}, 0x10) 2018/03/26 13:05:30 executing program 4: r0 = syz_open_procfs(0x0, &(0x7f0000b74fbc)='oom_score_adj\x00') ioctl$DRM_IOCTL_GET_UNIQUE(0xffffffffffffffff, 0xc0106401, &(0x7f0000000000)={0xe2, &(0x7f0000000100)=""/226}) writev(r0, &(0x7f0000000400)=[{&(0x7f0000000040)="7d270d21bfd0ec60a1b1f07bcf01f2ec1885c159f9e7f5220d242f55d097ab2ac932dfe1ca59b735e236e262f85d5f41149655d821879ef4073062abb16428fe693254e6e48db112057e196425a87b", 0x4f}, {&(0x7f00000000c0)="85394554e5fe32f84b9f87bdb700d3f4787cd152976469b47d910a1b4994b40f1e96d00f1a360f7657fc8af033761a3248f5e63c0213b3619d7a3a71", 0x3c}, {&(0x7f0000000200)="e7da7ebee297cc86f07162a79e9db9d6aa94f5781ea1f2f82a7da8795a92fc722832df4d341c4e5924aebd16de937f70da30420359977d17522c1e9028e556e9fa0285a6142a2bf0ab7bdf59b56a8d66a3bc2bac1d94e9d9dd4deb341790ea1af99c15509521dcf4a1752e58ab69598e399bd31cb3462d88be965db217cfd9b6e0cc36f2c122dbee539eff61d5a9386ae0aa3cc00e24314fda358d0d8d2331ea2d4069769883b6f65520d8b4a5699d8d9591f154b07080", 0xb7}, {&(0x7f00000002c0)="f4f3dcd565dcf79dc62b", 0xa}, {&(0x7f0000000300)="78b6cef2742161f49321ae1ce0da99da19a2e0c7b9b819d9191d84c247e5732539124245b13a15b49121f760d662bab6e603c6dfa3605aa56eb6c7c6331a78407642ef234b6cbe639dcee77507f6e10231bd2ae8581561f3ce9d5105f5375b4cd3da64b9a2cb7ca984f214c770ef7f37e51cf20a5d1173c4bdf983c5c693cb596a725f3c18358603df2c1fe931adaa5b4da4437f3528567fd37abd8f1cac4abf2fe4c2475d77012a25906d5ad51cc94d1c043d9dd005f415fc71d906d5a007e15e60ded47fd11af837a5bf10b0546ce94cbf150bb83f1465638fe0d803a24e2a1fd2adb421f8", 0xe6}], 0x5) 2018/03/26 13:05:30 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x9, 0x1, 0x8, 0x9, 0xc, 0xffffffffffffffff, 0x2}, 0x2c) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000784000)={0xd, 0x4, 0x4, 0x1, 0x0, r0}, 0x2c) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00005f1000)={r1, &(0x7f0000eed000), &(0x7f0000b88000)="13", 0x2}, 0x20) 2018/03/26 13:05:30 executing program 6: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00001b3000)='/dev/vhost-vsock\x00', 0x2, 0x0) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000f82ffc)=0x4000000000000000) 2018/03/26 13:05:30 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0x4, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:30 executing program 5: r0 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x3, 0x40000) ioctl$sock_SIOCGIFCONF(r0, 0x8910, &(0x7f0000000100)=@buf={0x8d, &(0x7f0000000040)="5b64045ea9460fa6c629d410b504f41553e007201aec48e3511d35d00cd812a8bc02df9c7fccd7d3e67376256cfdd3b87cff17c406d153216b5538d2d73fd32ec0e4ab2299d07f5d4bdf806f7dc4e624ae0ef523f55d0971ec855358940f0e1b3a1539c91a49af2e5e34ba4cc5483d4b5e6f0dd9f22e1b02bffa3531f04a3e77f92e1acac55ec0c5adf1895ef3"}) r1 = socket(0x1e, 0x2, 0xde) sendmsg(r1, &(0x7f0000f36fc8)={&(0x7f0000fdbf80)=@generic={0x10000000001e, "02010000000020df0000000000000000805bf86c57020002000000f1fffff400000000000000000000010300000000e4ff064b3fdf3a000000080000000000000000ac50d5fe32c4000000007fffffff6a008356edb9a6341c1fd45624281e00070ece000206000000090000fd00000900000000000b0000db000004da36"}, 0x80, &(0x7f0000001380), 0x0, &(0x7f0000d19000)}, 0x0) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000440)={0x7fff}, 0x4) unlink(&(0x7f0000000480)='./file0\x00') ioctl$DRM_IOCTL_VERSION(r0, 0xc0406400, &(0x7f0000000400)={0x3, 0x32c, 0x0, 0xfc, &(0x7f0000000140)=""/252, 0xcc, &(0x7f0000000240)=""/204, 0x8b, &(0x7f0000000340)=""/139}) [ 1038.396371] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1038.407402] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1038.412573] CPU: 1 PID: 24426 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1038.419927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1038.429278] Call Trace: [ 1038.431961] dump_stack+0x194/0x24d [ 1038.435573] ? arch_local_irq_restore+0x53/0x53 [ 1038.440223] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1038.445398] dump_header+0x28c/0xe2b [ 1038.449107] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1038.454288] ? arch_local_irq_restore+0x53/0x53 [ 1038.458941] ? __lock_acquire+0x664/0x3e00 [ 1038.463155] ? print_irqtrace_events+0x270/0x270 [ 1038.467903] ? trace_hardirqs_off+0x10/0x10 [ 1038.472199] ? __lock_acquire+0x664/0x3e00 [ 1038.476413] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1038.481583] ? __lock_acquire+0x664/0x3e00 [ 1038.485794] ? task_will_free_mem+0x252/0xaa0 [ 1038.490270] ? print_irqtrace_events+0x270/0x270 [ 1038.495012] ? ___ratelimit+0x30d/0x630 [ 1038.498970] ? lock_downgrade+0x980/0x980 [ 1038.503110] ? lock_release+0xa40/0xa40 [ 1038.507064] ? mark_held_locks+0xaf/0x100 [ 1038.511205] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1038.516289] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1038.521283] ? trace_hardirqs_on+0xd/0x10 [ 1038.525409] ? ___ratelimit+0x95/0x630 [ 1038.529274] ? idr_get_free+0xfd0/0xfd0 [ 1038.533225] ? find_held_lock+0x35/0x1d0 [ 1038.537273] oom_kill_process+0x8b9/0x1640 [ 1038.541484] ? lock_downgrade+0x980/0x980 [ 1038.545612] ? __lock_is_held+0xb6/0x140 [ 1038.549654] ? oom_evaluate_task+0x480/0x480 [ 1038.554053] ? rcu_read_unlock+0x35/0x70 [ 1038.558087] ? mem_cgroup_iter+0x363/0xbd0 [ 1038.562298] ? lock_downgrade+0x980/0x980 [ 1038.566427] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1038.571163] ? mark_held_locks+0xaf/0x100 [ 1038.575300] ? _raw_spin_unlock_irq+0x27/0x70 [ 1038.579775] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1038.584769] ? trace_hardirqs_on+0xd/0x10 [ 1038.588893] ? _raw_spin_unlock_irq+0x27/0x70 [ 1038.593366] ? css_task_iter_end+0x280/0x430 [ 1038.597749] ? _raw_spin_unlock_irq+0x27/0x70 [ 1038.602231] ? cgroup_procs_next+0x70/0x70 [ 1038.606442] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1038.611436] ? trace_hardirqs_on+0xd/0x10 [ 1038.615559] ? _raw_spin_unlock_irq+0x27/0x70 [ 1038.620033] ? oom_badness+0x980/0x980 [ 1038.623899] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1038.628633] ? mem_cgroup_iter_break+0x30/0x30 [ 1038.633205] ? finish_wait+0x268/0x490 [ 1038.637072] ? lock_downgrade+0x980/0x980 [ 1038.641199] out_of_memory+0x86d/0x1220 [ 1038.645159] ? oom_killer_disable+0x310/0x310 [ 1038.649627] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1038.654710] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1038.659725] ? trace_hardirqs_on+0xd/0x10 [ 1038.663861] mem_cgroup_out_of_memory+0x159/0x200 [ 1038.668690] ? swap_max_write+0x110/0x110 [ 1038.672813] ? do_raw_spin_trylock+0x190/0x190 [ 1038.677388] ? _raw_spin_unlock+0x22/0x30 [ 1038.681519] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1038.686537] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1038.691975] ? find_held_lock+0x35/0x1d0 [ 1038.696022] ? memcg_event_wake+0x420/0x420 [ 1038.700410] ? __do_page_fault+0x5f7/0xc90 [ 1038.704623] ? lock_downgrade+0x980/0x980 [ 1038.708752] pagefault_out_of_memory+0xbd/0x152 [ 1038.713398] ? out_of_memory+0x1220/0x1220 [ 1038.717606] ? handle_mm_fault+0x465/0xb10 [ 1038.721838] ? __handle_mm_fault+0x38c0/0x38c0 [ 1038.726406] ? vmacache_find+0x5f/0x280 [ 1038.730355] ? vmacache_update+0xfe/0x130 [ 1038.734487] mm_fault_error+0xd6/0x2c0 [ 1038.738354] __do_page_fault+0xb4d/0xc90 [ 1038.742402] ? mm_fault_error+0x2c0/0x2c0 [ 1038.746529] ? kernel_write+0x120/0x120 [ 1038.750494] ? do_syscall_64+0xb7/0x940 [ 1038.754449] do_page_fault+0xee/0x730 [ 1038.758228] ? __do_page_fault+0xc90/0xc90 [ 1038.762439] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1038.767174] ? syscall_return_slowpath+0x550/0x550 [ 1038.772079] ? syscall_return_slowpath+0x2ac/0x550 [ 1038.776986] ? prepare_exit_to_usermode+0x350/0x350 [ 1038.781985] ? retint_user+0x18/0x18 [ 1038.785676] ? page_fault+0x2f/0x50 [ 1038.789279] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1038.794100] ? page_fault+0x2f/0x50 [ 1038.797704] page_fault+0x45/0x50 [ 1038.801144] RIP: 0033:0x409b83 [ 1038.804325] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1038.809664] RAX: 0000001b9bc20000 RBX: 000000000000126d RCX: 000000000040e950 [ 1038.816917] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1038.824163] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1038.831424] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1038.838667] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1038.846128] Task in /syz1 killed as a result of limit of /syz1 [ 1038.852166] memory: usage 0kB, limit 0kB, failcnt 3980 [ 1038.857466] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1038.864300] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1038.870465] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1038.889940] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 2018/03/26 13:05:30 executing program 0: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getresuid(&(0x7f0000000040), &(0x7f0000000080)=0x0, &(0x7f00000000c0)) r2 = geteuid() socket$netlink(0x10, 0x3, 0x13) setreuid(r1, r2) r3 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000006d40)={'gretap0\x00', 0x0}) sendmsg$nl_route(r3, &(0x7f0000000480)={&(0x7f0000000140)={0x10}, 0xc, &(0x7f0000000440)={&(0x7f00000003c0)=@ipv4_newaddr={0x34, 0x14, 0x63f, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r4}, [@IFA_LOCAL={0x8, 0x2}, @IFA_CACHEINFO={0x14, 0x6, {0x7ff}}]}, 0x34}, 0x1}, 0x0) r5 = dup(r3) close(r0) getdents(r5, &(0x7f0000000100)=""/61, 0x3d) 2018/03/26 13:05:31 executing program 1: r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x9) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000200)={{0xa, 0x4e22, 0x20000008, @mcast2={0xff, 0x2, [], 0x1}, 0x5}, {0xa, 0x4e21, 0x5, @mcast1={0xff, 0x1, [], 0x1}}, 0x6, [0x10000, 0x4f1, 0x9, 0x8, 0xb19e, 0x6, 0xffffffff, 0x3]}, 0x26e) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000002ff4)='smaps\x00') preadv(r1, &(0x7f0000005000)=[{&(0x7f0000000fff)=""/1, 0x1}], 0x1, 0x10000000000000) [ 1038.898698] [24426] 0 24426 11408 2089 65536 0 0 syz-executor1 [ 1038.907596] Memory cgroup out of memory: Kill process 24426 (syz-executor1) score 2105000 or sacrifice child [ 1038.917671] Killed process 24426 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1038.936299] oom_reaper: reaped process 24426 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:31 executing program 2: r0 = syz_open_dev$amidi(&(0x7f0000000140)='/dev/amidi#\x00', 0x1ff, 0x2000) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000180)={0x0, 0x2e, "e4e0013102ba0562fae64c7b7110954568f8be8279eeb45445a400241468b0edf697d3eb8e9915abbb50bd208fdc"}, &(0x7f00000001c0)=0x36) getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000200)={r1, 0xfffffffffffffffa}, &(0x7f0000000240)=0x8) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') io_setup(0x2, &(0x7f0000000000)=0x0) io_cancel(r3, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x3, 0x4, r2, &(0x7f0000000040)="3c1aa63f53baf40b67cec7ae0d1ad7763a711eed4411dd129f6ea5433f8b4319", 0x20, 0x5, 0x0, 0x0, r2}, &(0x7f0000000100)) sendfile(r2, r2, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000a1a000), 0x0, 0xfffffffffffffffc) 2018/03/26 13:05:31 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0x0, 0x8000, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) [ 1039.111566] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1039.122617] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1039.127798] CPU: 1 PID: 24462 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1039.135153] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1039.144498] Call Trace: [ 1039.147068] dump_stack+0x194/0x24d [ 1039.150764] ? arch_local_irq_restore+0x53/0x53 [ 1039.155415] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1039.160590] dump_header+0x28c/0xe2b [ 1039.164290] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1039.169461] ? arch_local_irq_restore+0x53/0x53 [ 1039.174114] ? __lock_acquire+0x664/0x3e00 [ 1039.178328] ? print_irqtrace_events+0x270/0x270 [ 1039.183076] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1039.188209] ? trace_hardirqs_off+0x10/0x10 [ 1039.192507] ? __lock_acquire+0x664/0x3e00 [ 1039.196719] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1039.201891] ? __lock_acquire+0x664/0x3e00 [ 1039.206104] ? task_will_free_mem+0x252/0xaa0 [ 1039.210594] ? print_irqtrace_events+0x270/0x270 [ 1039.215335] ? ___ratelimit+0x30d/0x630 [ 1039.219287] ? lock_downgrade+0x980/0x980 [ 1039.223417] ? lock_release+0xa40/0xa40 [ 1039.227373] ? mark_held_locks+0xaf/0x100 [ 1039.231508] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1039.236588] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1039.241580] ? trace_hardirqs_on+0xd/0x10 [ 1039.245709] ? ___ratelimit+0x95/0x630 [ 1039.249573] ? idr_get_free+0xfd0/0xfd0 [ 1039.253523] ? find_held_lock+0x35/0x1d0 [ 1039.257570] oom_kill_process+0x8b9/0x1640 [ 1039.261790] ? lock_downgrade+0x980/0x980 [ 1039.265920] ? __lock_is_held+0xb6/0x140 [ 1039.269974] ? oom_evaluate_task+0x480/0x480 [ 1039.274370] ? rcu_read_unlock+0x35/0x70 [ 1039.278415] ? mem_cgroup_iter+0x363/0xbd0 [ 1039.282629] ? lock_downgrade+0x980/0x980 [ 1039.286847] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1039.291581] ? mark_held_locks+0xaf/0x100 [ 1039.295710] ? _raw_spin_unlock_irq+0x27/0x70 [ 1039.300183] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1039.305178] ? trace_hardirqs_on+0xd/0x10 [ 1039.309313] ? _raw_spin_unlock_irq+0x27/0x70 [ 1039.313796] ? css_task_iter_end+0x280/0x430 [ 1039.318191] ? _raw_spin_unlock_irq+0x27/0x70 [ 1039.322681] ? cgroup_procs_next+0x70/0x70 [ 1039.326896] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1039.331899] ? trace_hardirqs_on+0xd/0x10 [ 1039.336028] ? _raw_spin_unlock_irq+0x27/0x70 [ 1039.340503] ? oom_badness+0x980/0x980 [ 1039.344365] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1039.349098] ? mem_cgroup_iter_break+0x30/0x30 [ 1039.353672] ? finish_wait+0x268/0x490 [ 1039.357541] ? lock_downgrade+0x980/0x980 [ 1039.361670] out_of_memory+0x86d/0x1220 [ 1039.365634] ? oom_killer_disable+0x310/0x310 [ 1039.370104] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1039.375187] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1039.380180] ? trace_hardirqs_on+0xd/0x10 [ 1039.384315] mem_cgroup_out_of_memory+0x159/0x200 [ 1039.389136] ? swap_max_write+0x110/0x110 [ 1039.393258] ? do_raw_spin_trylock+0x190/0x190 [ 1039.397822] ? _raw_spin_unlock+0x22/0x30 [ 1039.401950] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1039.406946] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1039.412375] ? find_held_lock+0x35/0x1d0 [ 1039.416417] ? memcg_event_wake+0x420/0x420 [ 1039.420718] ? __do_page_fault+0x5f7/0xc90 [ 1039.424930] ? lock_downgrade+0x980/0x980 [ 1039.429057] pagefault_out_of_memory+0xbd/0x152 [ 1039.433705] ? out_of_memory+0x1220/0x1220 [ 1039.437914] ? handle_mm_fault+0x465/0xb10 [ 1039.442132] ? __handle_mm_fault+0x38c0/0x38c0 [ 1039.446691] ? vmacache_find+0x5f/0x280 [ 1039.450640] ? vmacache_update+0xfe/0x130 [ 1039.454770] mm_fault_error+0xd6/0x2c0 [ 1039.458637] __do_page_fault+0xb4d/0xc90 [ 1039.462682] ? mm_fault_error+0x2c0/0x2c0 [ 1039.466821] ? kernel_write+0x120/0x120 [ 1039.470773] ? do_syscall_64+0xb7/0x940 [ 1039.474725] do_page_fault+0xee/0x730 [ 1039.478503] ? __do_page_fault+0xc90/0xc90 [ 1039.482723] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1039.488238] ? syscall_return_slowpath+0x550/0x550 [ 1039.493144] ? syscall_return_slowpath+0x2ac/0x550 [ 1039.498065] ? retint_user+0x18/0x18 [ 1039.501757] ? page_fault+0x2f/0x50 [ 1039.505358] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1039.510180] ? page_fault+0x2f/0x50 [ 1039.513788] page_fault+0x45/0x50 [ 1039.517214] RIP: 0033:0x409b83 [ 1039.520378] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1039.525719] RAX: 0000001b9bc20000 RBX: 000000000000126e RCX: 000000000040e950 [ 1039.532963] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1039.540208] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1039.547452] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1039.554699] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1039.562158] Task in /syz1 killed as a result of limit of /syz1 [ 1039.568190] memory: usage 0kB, limit 0kB, failcnt 3988 [ 1039.573512] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1039.580296] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1039.586525] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1039.605983] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1039.614764] [24462] 0 24462 11408 2089 65536 0 0 syz-executor1 [ 1039.623657] Memory cgroup out of memory: Kill process 24462 (syz-executor1) score 2105000 or sacrifice child [ 1039.633710] Killed process 24462 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1039.648770] oom_reaper: reaped process 24462 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:31 executing program 4: r0 = socket$inet(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000eed000)={0x2, 0x4e21}, 0x10) syz_emit_ethernet(0x423, &(0x7f000018f000)={@broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], @empty=[0x0, 0x0, 0x14], [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x415, 0x0, 0x0, 0x0, 0x200000000000011, 0x0, @rand_addr, @multicast1=0xe0000001}, @dccp={{0x4e20, 0x4e21, 0x4, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "d70502", 0x0, "f53475"}, "b441d632cdbbcb211363807aec73d3883762a61dc02d349bfa3ac974b987aa7fb97eb324d594fbbb77bab759418aa8d451d921e8f5d2cf2b08292111701192e97cac366dd3eb2e0fb039e58314ef4709c5f3556db6a1ab6b4fb2bdd83cdc26e8395ec4984ec3faf71a611d1569545d654cded93be827a85188b803c19c1b56aab522862a718b81e512b49690994d3425e33bd93f0e744c66a083c1f9f1bd7bb8f9e123c08f3f041ed3fdc058136cf0071a47cc0e38720a12e11e842a7b5b26dff07f578fdb9a7b14662a625c1ee76c41ccb2b1fc6376aa718e1067b9e4af511ef5b360dbfad326108bb033db193dab27974eb8c462739eaee51d87f31c516e7e391073770da3202e02c41a7277c847df24bd5b0a7ab6e252f3c8ebf00688cc55311d887e8bfd95a7f4c6a126af3fe26714ddb869c66d18f870631bbd497e8a06881b754ecdcdd0dcffc51cd52a6b560f8d64b63a1674745edc5f53b18a8ffcc5c2fbc4d2bbcc2faf3c189d9b36c0655d1394f5c127ec86b8a764a87b546c2b6ac37d0a8ec3edd7cda6f930570763dbdc0640d219749bd57c7c89eaadfdae41d654a46b17be069a32a7d94d29b612fbe61b8bd11a2d10ba5d4ac7014fc0465c3f144598bd1f913343e7293711040eee0ae8df1e49f04ed1037d4b742aed0e932116060aaf6b985238d2e10fb5b11d19d7801befed4833287d96a85a7cdd9e211a672760335655576fc0fa0336621c2b2b1018ef71bb5077c67ee5fa8d479d6776013363e98b1f1213712be7e47549b6035459008c509f0f983130a451531381ee3c1ab9e1cbb8e558b56ca1a70939389addc5f9632b37ff3f634abb504bb0be0a51649683f6e29588c15cda40255e173328681884ffef6729e9058c5623e1401fdcc7b8cb5623a8fd725fbeea05fc417c44e46500619218dff7c70aa068994c58883cada505a2aa85b6620dfe9c45b707c9aa1222b86972eae564b28a05ddfa3545df231fde2707d4bf67dc6ba41daba91dee8081e5c7e2bcfbebebd42d5ab8a32d6e098fd57233e3b813dc0d772134775def451823b7fef2bc93da01722cd613b9a3db7e2d4c51fb7b56006ee9cea53b62343599a56167388d45247f9289fb1cab67a7cb0c3665ddf1e1411875b4de3428b32fc6603691a023d8e4cb93c667acb7b535fb5f77af9a49640cbe8ffe3a193cf4df1b556a67cb753c60bdf978b871aa513c07074c6602037ebc32199290e3c7ac6f103ad9358951ad4de0c8f1b34951b0e6a48295975cf08b2c3c95064855fc95317e386f1c18608d1d08699003c998b93332cd316f17a5139d350cbfa9dabc3f77c4197a0186e50913978e980a7a028e7ccdeee718af028200e94a6b3a0ec93ba14b0c64dfaf3967e230d8cf876f26287d436ebc9588b52b43f2380836bfe3"}}}}}, 0x0) sendto$inet(r0, &(0x7f0000168f26), 0x0, 0x0, &(0x7f00008d2000)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10) ioctl$sock_inet_udp_SIOCINQ(r0, 0x541b, &(0x7f0000b0d000)) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000140)=0x7fff, 0x4) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0xfff, 0x2) ioctl$SNDRV_TIMER_IOCTL_GINFO(r1, 0xc0f85403, &(0x7f0000000040)={{0x3, 0x1, 0x3f, 0x3, 0x7}, 0x7, 0x3, 'id1\x00', 'timer0\x00', 0x0, 0xff, 0x3, 0x0, 0x7fff}) 2018/03/26 13:05:31 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c8afd0)="d3ab27191af8ff2356ba602dff05130bfef9b9d2a4b279fffffffffffe00022507", 0x21) 2018/03/26 13:05:31 executing program 5: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0) migrate_pages(0x0, 0x5, &(0x7f0000000000), &(0x7f0000000040)) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000080)=0x0) ptrace(0xffffffffffffffff, r0) 2018/03/26 13:05:31 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000080)={0x960, 0xfffffffffffffff7, 0x0, 0x0, 0x7, 0x4, 0x0, 0x0, 0x1000000000, 0x0, 0x4, 0x0, 0x0, 0x528}) r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x2, 0x0) getsockopt$inet6_dccp_int(r3, 0x21, 0xf, &(0x7f00000000c0), &(0x7f0000000100)=0x4) ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000000)={0x832e, 0x7fffffff}) 2018/03/26 13:05:31 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:31 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x3) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:31 executing program 1: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000080)) sendmsg$nl_netfilter(r0, &(0x7f0000065fc8)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000fd1000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000000d0afd170000000000000000000000005ca0c02089e7e75302be4b3c204dde4aa3640027dad95916cae9e989f785ce1e6767648404e7f650c6ab5d7eac4e4674b662046100340c6640c91b86b536aa1db6e7c07c7ee37a87b6bcceaca64033c382d3f60ab199e6f69d57bd826d7fad2e547deee957934fcade0baba6c235d4a23fc7f8da1067627037e501d302e4b37aa6cfb4b25e5092f811ef12865a20a2df8de8654171e74f72a343784014c2a7350634df"], 0x14}, 0x1}, 0x0) bind$netlink(r0, &(0x7f00000000c0)={0x10, 0x0, 0x25dfdbfe, 0x4000}, 0xc) 2018/03/26 13:05:31 executing program 0: openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet6_mreq(r0, 0x29, 0x4, &(0x7f0000000000)={@local}, &(0x7f0000000ffc)=0x14) prctl$intptr(0x2000000000029, 0x3) r1 = memfd_create(&(0x7f0000ed5ff2)="73656c662b65746831a470703100", 0x0) mmap(&(0x7f0000000000/0xaa2000)=nil, 0xaa2000, 0x0, 0x88011, r1, 0x0) [ 1039.812913] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1039.824042] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1039.829284] CPU: 0 PID: 24482 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1039.836639] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1039.845997] Call Trace: [ 1039.848586] dump_stack+0x194/0x24d [ 1039.852221] ? arch_local_irq_restore+0x53/0x53 [ 1039.856896] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1039.862097] dump_header+0x28c/0xe2b [ 1039.865820] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1039.871015] ? arch_local_irq_restore+0x53/0x53 [ 1039.875690] ? __lock_acquire+0x664/0x3e00 [ 1039.879933] ? print_irqtrace_events+0x270/0x270 [ 1039.884689] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1039.889812] ? trace_hardirqs_off+0x10/0x10 [ 1039.894127] ? __lock_acquire+0x664/0x3e00 [ 1039.898346] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1039.903522] ? __lock_acquire+0x664/0x3e00 [ 1039.907735] ? task_will_free_mem+0x252/0xaa0 [ 1039.912211] ? print_irqtrace_events+0x270/0x270 [ 1039.916962] ? ___ratelimit+0x30d/0x630 [ 1039.920912] ? lock_downgrade+0x980/0x980 [ 1039.925044] ? lock_release+0xa40/0xa40 [ 1039.928999] ? mark_held_locks+0xaf/0x100 [ 1039.933130] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1039.938211] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1039.943207] ? trace_hardirqs_on+0xd/0x10 [ 1039.947344] ? ___ratelimit+0x95/0x630 [ 1039.951210] ? idr_get_free+0xfd0/0xfd0 [ 1039.955160] ? find_held_lock+0x35/0x1d0 [ 1039.959213] oom_kill_process+0x8b9/0x1640 [ 1039.963426] ? lock_downgrade+0x980/0x980 [ 1039.967554] ? __lock_is_held+0xb6/0x140 [ 1039.971596] ? oom_evaluate_task+0x480/0x480 [ 1039.975992] ? rcu_read_unlock+0x35/0x70 [ 1039.980039] ? mem_cgroup_iter+0x363/0xbd0 [ 1039.984252] ? lock_downgrade+0x980/0x980 [ 1039.988381] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1039.993211] ? mark_held_locks+0xaf/0x100 [ 1039.997337] ? _raw_spin_unlock_irq+0x27/0x70 [ 1040.001811] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1040.006805] ? trace_hardirqs_on+0xd/0x10 [ 1040.010928] ? _raw_spin_unlock_irq+0x27/0x70 [ 1040.015409] ? css_task_iter_end+0x280/0x430 [ 1040.019795] ? _raw_spin_unlock_irq+0x27/0x70 [ 1040.024288] ? cgroup_procs_next+0x70/0x70 [ 1040.028499] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1040.033491] ? trace_hardirqs_on+0xd/0x10 [ 1040.037621] ? _raw_spin_unlock_irq+0x27/0x70 [ 1040.042093] ? oom_badness+0x980/0x980 [ 1040.045963] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1040.050697] ? mem_cgroup_iter_break+0x30/0x30 [ 1040.055268] ? finish_wait+0x268/0x490 [ 1040.059133] ? lock_downgrade+0x980/0x980 [ 1040.063263] out_of_memory+0x86d/0x1220 [ 1040.067226] ? oom_killer_disable+0x310/0x310 [ 1040.071694] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1040.076776] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1040.081769] ? trace_hardirqs_on+0xd/0x10 [ 1040.085902] mem_cgroup_out_of_memory+0x159/0x200 [ 1040.090722] ? swap_max_write+0x110/0x110 [ 1040.094844] ? do_raw_spin_trylock+0x190/0x190 [ 1040.099430] ? _raw_spin_unlock+0x22/0x30 [ 1040.103661] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1040.108659] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1040.114089] ? find_held_lock+0x35/0x1d0 [ 1040.118132] ? memcg_event_wake+0x420/0x420 [ 1040.122431] ? __do_page_fault+0x5f7/0xc90 [ 1040.126644] ? lock_downgrade+0x980/0x980 [ 1040.130780] pagefault_out_of_memory+0xbd/0x152 [ 1040.135427] ? out_of_memory+0x1220/0x1220 [ 1040.139633] ? handle_mm_fault+0x465/0xb10 [ 1040.143847] ? __handle_mm_fault+0x38c0/0x38c0 [ 1040.148405] ? vmacache_find+0x5f/0x280 [ 1040.152355] ? vmacache_update+0xfe/0x130 [ 1040.156481] mm_fault_error+0xd6/0x2c0 [ 1040.160349] __do_page_fault+0xb4d/0xc90 [ 1040.164393] ? mm_fault_error+0x2c0/0x2c0 [ 1040.168516] ? kernel_write+0x120/0x120 [ 1040.172478] ? do_syscall_64+0xb7/0x940 [ 1040.176432] do_page_fault+0xee/0x730 [ 1040.180212] ? __do_page_fault+0xc90/0xc90 [ 1040.184422] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1040.189156] ? syscall_return_slowpath+0x550/0x550 [ 1040.194066] ? syscall_return_slowpath+0x2ac/0x550 [ 1040.198971] ? prepare_exit_to_usermode+0x350/0x350 [ 1040.203975] ? retint_user+0x18/0x18 [ 1040.207668] ? page_fault+0x2f/0x50 [ 1040.211270] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1040.216095] ? page_fault+0x2f/0x50 [ 1040.219701] page_fault+0x45/0x50 [ 1040.223127] RIP: 0033:0x409b83 [ 1040.226291] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1040.231629] RAX: 0000001b9bc20000 RBX: 000000000000126f RCX: 000000000040e950 [ 1040.238873] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1040.246119] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1040.253364] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1040.260610] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1040.267996] Task in /syz1 killed as a result of limit of /syz1 [ 1040.274068] memory: usage 0kB, limit 0kB, failcnt 3996 [ 1040.279383] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1040.286175] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1040.292331] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:05:31 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000000)=0x6, 0x4) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x65af02, 0x0) sendto$inet6(r1, &(0x7f0000000080)="88a14045850d5008b282d8a851fc6128083f120ad0dd6345498c5f8f6ef130fbee928fa0ab17f956c7c2aef39bbe8c18095637a770f8022e", 0x38, 0x20000000, &(0x7f00000000c0)={0xa, 0x4e20, 0x4, @mcast2={0xff, 0x2, [], 0x1}, 0x4}, 0x1c) sendto$inet6(r0, &(0x7f0000003fd9), 0x2ab, 0x0, &(0x7f0000008000)={0xa, 0x0, 0xf, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) socket$packet(0x11, 0x3, 0x300) 2018/03/26 13:05:31 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000100)=ANY=[@ANYBLOB="0f310ca4aa02208b"]) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) pipe2(&(0x7f0000000700)={0x0, 0x0}, 0x0) ioctl$KVM_SET_XSAVE(r1, 0x5000aea5, &(0x7f0000000740)={"821c059ceb3c1a4b565cba916ba4cfe805163ba44e5dbef061fe0302945e42db54da3f05792113b780f3efb176690c8b67a4a17d8eae46cfb5eda672a90b88c0fffc17223e428569632b728bee37f4076374f505127edb8b822bd97d7c2f365fccb858450dfdf95ee07aaaf0a2c0136eed7fb5d14f5298b788d36b009d57a7de914fc02a489daf7c75f37d0ee20c2cde218d30661a4702f06301ab93f72d09911254d39a2fa5c6611ade75a7f534b90f49bfcb548589c975c0f56724df4f35816c4a83d2f9b106570bf065387c7769361f0ac9d641eec9d2107feaf8a65aada58f689c5aafc869c8ce6447fa017e357949d836daaa4d323c710fc314b6345a4da62e25f581c6ff59365a9bf8b6f3732d3b23fa543d7dca7c758d403c726814f72c0304ea5694ccf90468ab91e4b4238655023b7ff2db190e92e7b6ddd4b850147bcbeb69b5b17b2939e69c6a117ff3aa3ec0d44fc64ddd7431ba8397effc54df00c9b7afb061f2aa5eb0fa7c0e010bf22da72fd45e1406e6abf9da38eb4e86f0f67706877b24e4ee61b1185f46d4740579a7d2f28e34cfd1e4365358e49bf25c327c2298d89f78cf6fd717254e18d492ce2e09151abb74a9d0ca7d2290879e0e87264307cbeefb7420d7b6451462bc39a8361eba00b6760b723f4b03141e31c402b36fe6e90752393e66d5897bec98b856592c114e16a8f150117a29e890286e845324779aea566e472a1ecf201cb36a64b0472b4dfdcab391ed2356d1eb646adc71e1bf1df38daeadf199e93616e3f8da94574df04629e9b355e60edc1075ab2afc1fbffdc901d8b6091d15fcdeca25199439ccd63320667d9fe382f8174676c6435cc08ce09833d0eb4cee3cbee55af63c6d060c6f5153a862b28fda51dd5fcc6daca8f571cc87da9aab50a1f7daed9497f49535c1f499db0724c16bcf94730190c91134149e32fc57c14290d9a255d027813517b42bfbfa485493558477a14a26741613141a55237bba1fe3a4f68b8d3df7935a63a683488cd7539cbc404d8968616657af33ecfef04d2e0f41fd52523319892decf7b63ae9f9cdb6847eaa0d2af35bb71577c3cfc6b9705da1a0712e50a7a90063601763af4efd1f559e20b5e78340dd5454d6a3f726a0cd3b218375a54822ade6c69e2d98ea3f43e3bc736177ee0615590ff84dfb50e78d118abf8361d7c90d2f0672e87a1dd349562c70543e89ba93d58c57c1189799766b45819ac197993d575c0ec11028be5751b5115dfb27c39bd96856bb54f39643fdd7326108ec9f830f805e6e90787f09f20b56b98000a946b1eb2e80777135415e79d233d6e0905e1188cfed7fefb03fe5b9a21e87d63196095f89abf5c562956076a5487afad22b1afbc54efdb3a56e6994ec0294c473b73f52073560eb1e2810c2b9f45b5bef9b26801822514932c9019d2f"}) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) dup3(r4, r3, 0x0) getgid() munlockall() clock_gettime(0x7, &(0x7f0000000000)) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000decfe0)={0x10005, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4040aea0, &(0x7f0000460fe4)={0x0, 0x7, 0x2, 0x0, 0x4, 0x8, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x805}) epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r2, &(0x7f0000000200)={0x7000001d}) ioctl$sock_inet6_tcp_SIOCINQ(r2, 0x541b, &(0x7f0000000040)) socket(0xf, 0x6, 0x5) getsockopt$ax25_buf(r3, 0x101, 0x19, &(0x7f0000000140)=""/53, &(0x7f0000000180)=0x35) openat$selinux_enforce(0xffffffffffffff9c, &(0x7f00000001c0)='/selinux/enforce\x00', 0x10000, 0x0) syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000753000/0x18000)=nil, &(0x7f0000000300)=[@text32={0x20, &(0x7f00000000c0)="0fc7280f080f20030f01727166ba4200b834000000ef66bad10466edb81da1fb500f23d00f21f835300000050f23f8c4c3194bfc360f20030fc76d08", 0x3c}], 0x1, 0x7, &(0x7f0000000380), 0x10000181) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r1, 0x8008ae9d, &(0x7f0000000340)=""/250) [ 1040.311784] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1040.320544] [24482] 0 24482 11408 2089 65536 0 0 syz-executor1 [ 1040.329417] Memory cgroup out of memory: Kill process 24482 (syz-executor1) score 2105000 or sacrifice child [ 1040.339424] Killed process 24482 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:32 executing program 0: perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000011000)='./bus\x00', 0x0, 0x40) truncate(&(0x7f0000011000)='./bus\x00', 0xfffc) mmap(&(0x7f0000000000/0x11000)=nil, 0x11000, 0x3, 0x11, r0, 0x0) r1 = userfaultfd(0x0) r2 = memfd_create(&(0x7f0000000080)='md5sum\x00', 0x2) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000040)=0x17, 0x4) ioctl$KVM_GET_XSAVE(r0, 0x9000aea4, &(0x7f00000000c0)) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000e53fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000007fe0)={{&(0x7f0000000000/0x4000)=nil, 0x4000}, 0x1}) ioctl$UFFDIO_UNREGISTER(r1, 0xc020aa04, &(0x7f0000007ffc)={&(0x7f0000000000/0x2000)=nil, 0x2000}) 2018/03/26 13:05:32 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:32 executing program 5: r0 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x4cb}, 0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0) r1 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, 0xfffffffffffffffa) r2 = add_key$keyring(&(0x7f0000000280)='keyring\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, r1) keyctl$restrict_keyring(0x1d, r2, &(0x7f0000000040)='asymmetric\x00', &(0x7f00000000c0)='self.posix_acl_access\x00') ioctl$SIOCSIFMTU(r0, 0x8922, &(0x7f0000000080)={'rose0\x00', 0x8}) 2018/03/26 13:05:32 executing program 2: sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:32 executing program 4: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000013c0)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet6_dccp_buf(r1, 0x21, 0x80, &(0x7f0000000000)=""/11, &(0x7f0000000040)=0xb) getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000013ff4)=@assoc_value, &(0x7f0000002000)=0x8) mmap(&(0x7f0000000000/0x22000)=nil, 0x22000, 0x20000000000003, 0x32, 0xffffffffffffffff, 0x0) close(r0) 2018/03/26 13:05:32 executing program 1: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) sendto$inet(r0, &(0x7f000026cfff)="c6", 0x1, 0x0, &(0x7f0000033ff0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10) r1 = dup(r0) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f00000000c0)=0x5) shutdown(r1, 0x4000000000) getrusage(0xffffffffffffffff, &(0x7f0000000000)) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f000005a000)={0x0, 0x2000000002}, 0x8) sendmsg$alg(r1, &(0x7f000065d000)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000205000)="e2434adeba9041ac2b9f818de12a11156b66bf344dc1e478a21c93089bbe38c53bc32ae9c3cb7b6cffb221131bfa629b288932cd806b313ba55782f6c672636814db215a6d5d59021a6036a7b261dafc924f629ab5f950d1ff2d68cff504830944652e007dc0d49e38749a0545e491e377b99eb2405c974f29fa1ff36f9c57d17a0773a765ba54bc188c53c20758b98f0cd4f7e37a6b1d3a8df6606193a51fdcfcd3bc286725ba48f3f5146c0d6c141197cc97822c2881718ae6d52da690f2bf5f0a2773bb854558c4e35bf5b81fe9873710cdf91914d72f90de81f21374bef6680738a60dd4aa9f7b77851b96b7dac87a0ced37550c563c9617c5daad0845d392c4ef69590144ca09a8ca17766bdc94a2dddc6825162af6f0a36c2b63d346ebbf0a51b8e7ffdcc657f9feee74bd4285bd7158370df4dc8cdd8c5408412d45c8bb9f55b96bbac5a16cddc9b02dd2357c2397ee7c48d7a3645be37a14fe9810e8025e3a9fd13d246ba893dd7badb177f6d17b009a3789652e9d02396f20f5664658c5663625340301c7c42ffc3d26563320eb824549e1522e0b879f437618b21e8131b40abb9cb096d567307d01769429d61069217e3e02ea2d0f24327d7d2a29046ee4e9e66144aa52ac09d7a1754cf8134fee832b83cff8fbbb59d9b31d6515ffbdb96af6c9ee97af4a8a2a0c1efe40e0c81e61d6a82eb159f3fff55904e83e67654aed207c83e504cbe38241217e2c31439df99550e1cf94a89b4d7603198b7bddb2cf61e57fec9fdf983f8e0a9736e4d70ce2e75001f368f539f0657a8fc0ccfd7eb2c2af8fd85e0b0b970aaa13a657e645820fa9b19f1ef331347adfc917c06e76a90c8983ce04dc715c3f10ad7c4fc2928861b5b6c6873c9b7939e677b2bafb64c365b2f564e0be16546a82918fd08a92e6a1576fa85949bbf56ea08e6a0e4245f0a2a3e36c8e422f51a55115456ee3cc6a040b6dafc43e372681817fd98e0510e7e152dd3b5ec81469160f61a2e3a32024467eb16da4729f7873f847c7ff86f6ef3e7f40e7844e7d61316dad71e9f6a034d614037b8d10ac1ecf2bfafb139cf1858690f121a76e5f0c616e167f0affe77716a2ee0ecbd9f98a1233e1dd3659b6587fdaa9a6b3ef9e536c608b519c48d7cbe4381510ca20d2abb44d01ff3d1d7d19b792f07d6bee10d0a73f4309ccb935d4bf18eb26ef24e5b9a04f7ea66b464f9e835474ba47e80ba8a056746cf59cd79bbf377f73727008d52f85fc6d86a07b7a883d7c0dc0862b10377c6c3424123272b8413fd3f135c65782af4b4c2e2544fea167f8db8622f9e8c7a31db202fdbe8dc746073e5009572eeab63918a3a9839ea729761642a1b9e4d7f97b51558e9f487047817a3d9838355f7d55b9684ada4658497f7832d46edc9eca2b67b282cc403590ad4c6e2492f37ae38b2ea39d005bd086aad9e3be8dad956455d00b7dbe6fc4897a1f31cba1dd8a8c981aedeee9ced95a4d41bad4b09bff5e2cf42c25dce2dc4ed2a5610dc95270d2758a0f56b3cd94d2d0c45a554adec9b28de1c85b7f54c2e54349706ae36ad48f7eab6e17a7555142fef0f2d3a627db1f7cafe90840e5ef65240863e33681acbae2ef49a76c38813f231f530aaf96dfc6bbe044928363ca8931e503f976918bc63c3832a2c5f522481a9ddffdccd1029556a33374a854a8530617ceb85673c891bbdd2178a6ca174b150b1bc265973e973289db3631e4535df0fe52de1bf2ca4eac364cba5204fb", 0x215}], 0x1, &(0x7f0000221fe8)}, 0x0) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000200), 0x8) 2018/03/26 13:05:32 executing program 6: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x400000, 0x0) r1 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffff9c) epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x90000014}) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000564000)=@abs, 0x6e, &(0x7f0000451ff0)=[{&(0x7f0000007000)="002a932f01000000cf960802e02348f800000000001c0003f2a576", 0x1b}], 0x1, &(0x7f00001f9fe0)}, 0x0) ioctl$LOOP_GET_STATUS(r1, 0x4c03, &(0x7f0000000180)) r2 = syz_open_dev$sg(&(0x7f00000c5ff7)='/dev/sg#\x00', 0x0, 0x0) fstat(r1, &(0x7f00000000c0)) eventfd(0x0) ioctl$EVIOCSABS0(0xffffffffffffffff, 0x401845c0, &(0x7f0000007000)={0x0, 0x0, 0x80da14, 0x5, 0x20000000}) ioctl$sock_SIOCOUTQ(r2, 0x5411, &(0x7f0000000140)) ioctl(r2, 0x2285, &(0x7f0000007000)='S') ioctl$VHOST_SET_VRING_CALL(r1, 0x4008af21, &(0x7f0000000240)) 2018/03/26 13:05:32 executing program 3: r0 = socket(0x18, 0x0, 0x1) ioctl$sock_SIOCGIFBR(r0, 0x8940, &(0x7f0000000180)=@add_del={0x2, &(0x7f0000000140)='vcan0\x00', 0x3}) getsockopt$sock_buf(r0, 0x1, 0x1c, &(0x7f0000000000)=""/198, &(0x7f0000000100)=0xc6) 2018/03/26 13:05:32 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:32 executing program 3: r0 = syz_open_dev$dspn(&(0x7f00000013c0)='/dev/dsp#\x00', 0x7fff, 0x20000) epoll_wait(r0, &(0x7f0000001400)=[{}, {}, {}], 0x3, 0x7) setsockopt$inet_dccp_buf(0xffffffffffffffff, 0x21, 0x0, &(0x7f0000000180)="a123", 0x2) add_key(&(0x7f0000000100)='dns_resolver\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a}, &(0x7f0000000000)="b4fc8a9101607d9542aafc73bf5b2b36fc1ce9528b1ca6127e1bbba49b808505da044438e7779c728432ea7a35f3f00decc6d55c9f8d396360c536d189d32137f6185d2feb8240ae6fad4d7bfa4f0b403d2af7b95df9386dc7d29adb80adf755a836ee6e07dd398eb726c25ea929570b3fae7ac9d3280451f69cccf0c457206ca5226ee41470a603f60169c074166fea0b5d271e1b16aaf5fa3fd1b19623d4ddd764b0c60c98a04b26c94ed1b540066fed88cc6af59b816679da59b339c13cca9178bb7cbe75bf3815a6b8034971eeb9f14044bed264c4437c7a8d5497b836fb4170b9124caf04853a7fe0d7251dad", 0xef, 0xfffffffffffffffb) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f00000001c0)={0x7, 0xffffffffffffffff, 0x1}) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r1, 0x118, 0x1, &(0x7f0000001440)=0x100000001, 0x4) setsockopt$inet_dccp_buf(r1, 0x21, 0xf, &(0x7f0000000280)="bd039dfc7455fcd74009fb6b82dc5e6fddde5903aa4d739a43c0d70328d3010358bda3e8d9bda974256c2c009f456271629cdb020009d387ec718b89ba0612b1eb58590a5287cb6a59f1724b88ecd787c5ecf6bdb7a8fb43111ea45b2881f95cbd983d367a0b326eec89b6ae34033590a7049a8fe81e1d033e03c15f3e842eb8dbca7a337b4b66a37dfcf772b88b899dd5ef9330186a03d87f22f98bd251dddc675d8122991a3a9e49b73b8df07e301f509025585de48d88c773acf3e19b2ece99f2f19ddd82790e6d3253da1555101589a82adcf545a7e56c011a883805437c8c2374f7a6cbd0a67728bb36d7be3cf835f8330b45b513b03dde01452dcc202d35f03eca295ebba244e60dce442f47aa54297b46597d017051c5cbaec676e33fc66b1a7670c3219394a1d915905555e1fc69dc372852af6e78a3a22b4fa09ebbb8b86d2086e2cb7819f2bf941bdee1ae8f75566d19ca2b1d0146e2503e8ae5d0f7ca8e730a84728b93c1cbffe3607a225969b6729eed62da08fb4ca5a1eab84f8a79b298ee3139c0f4471b8acb6d0c88d4009a891d378b0fb2f15b291a060bf80a071392ecc43640abee9a691cad9bbb3aba5a40ef0d18c1e3b8d4472a5d4acc614b1e1a7d6ef4c623af38252ccf5c86ca654447bf07c9aefe48617e85dd5be01f3a1b0364ba627908e7b65f2814e416e6198fb617a722d2be3ceb4529a3c8afd7da1536c0191f934f756f5b83551603e7932773cd2970b697fea079fc02919d8631cd10937eee978d04443f0359b2ffc0bb0ae4e783946e4cdf5387bbe65dfd2c5116e2357b49196d339c01cd01eff3757d3e696dedb2d2c416a9cec05a769eb22d71cbc315a26c26fdb1642d9cf9c2ae51ce39c17e1eb64b6bc5f3d3e564d3dffd518f304761874635fcebeb045c1aec657cb3a2c1b925317fd0d691de1ef8e02e0aec11e9a2e400253ce415f18ed1e401c5cb3ae708475e504ac3ea160a595477f0d44c227c054b9a67084b5feef2d0fcda07399b7133c9e40f76a95b8738504498bf9225ab47abf5ba190a0e7b31d0b36a346d6793e19b027388b105f04b73673b29d151466c89facadcc35ac3183ffc32731b4da2e707fb6850f7b124b0f6d93104f54738dee9ebd9b5cf0d171a45b10ec3553a635b98a88d7c4447d53e2335b2b1afb72a0c9708162a45f7df93f5605d5b97492c86f76e78c9cded2e25e4b34868c72890f6b9d1e5eefd0804cac72d73cb48c485f431f1ab78db10dbc02dc9c73efde211b2582580554929c7613dbc347ae1dfb6da2be9604c8c89c015d3598602956d39d218f114ecb4728dae6e379c23b73c06a32be2757a6efac2859c7375d04fad729b092a502d24653864c20bea8ec2aefc8401983f09f303af796b8395c939725b667ae46edae3b6e35c38ebcdb5f71e345e38061fd42016068639e34557f8a4a83ed0366c90364dc12a05cea82b36e91329255e41f43a0e2625645e16afe11013c5973f20951f5338ee153b21f00cbff636264a6a5e932bee375561b4737db8b46c434e07b590295dbc57b2ecca58d28ae849834d3fce0da6b66d0b971d75b7dc7bfc67c9fc1fe4f116b90b27169138df27f55a4be2f08fa68bfc953d074a375b13f97530afd18d109c7b38aeafc291515e92abac3b3ca726f4b2539e69f52bf9230ec7eb2d4d7b7c359311c3f4f04740fee9c2bfd5462b113fdbe00260395aa82da1dd47a21768bd71d66aad364e6e63be06ce1e231388381861149b1bd6233543b9fd832a0d501d9bdfe736378af2988de54bba00b902afc48b42d8de9f9902358375eb35c6aee7eb87feaf7f3e00eb068f1af957a640a616a2f6a2f44eb3ef5fc38c678c542800f7223e654f4a5343dda9a6b6caf0a78b8832aefab416b706a12ce064746d0e5cbeeac09521db109a4f6fb6d7b9bb8174d12393dbbd1b9e3f13e3135f11999226e6b29f7fb26a189ee47664b8c0ae4395e7f0eb101c5dc917c812ce101aef08aaec3c0a599341ad92f4bc86f275f6a7cc33d22ee95e67ec9de966a8d6f2331b3a1c540faf36b221b2f1918791b91a7ca061e9db798b1c803efad0cfb0bddd4bf6d86c4fab4a25bf4eda1f4d5522b2f329ea3a9ea9aa196021bce38724674cdae975d4958e7cfa8dfe602d194a0fb3ce65f0f565eacca5c4c5b17ef9376f7246b01dfb28668f1ba53d2e17f8f059308834835ffccefe2cb09cf531df481dbcdfa469218c8564a24b37f0f703965b9003a26c7bb7089ec2a6b9bec118819980d404c3740064f2d24b153ea74bb5848a749495a12f178ec5834f6b86db470e067cab7a9fcbbf12a72fc764722408991fc0b78a45c94f60c27ede362396f9d714e632aa2211db1cdc53003d127c2da345dd3fff4df07ed64bf61ad542c43b839e546324e6bef84130f1d5e76cb3e7a500dad1a828ec2c25ed8f9cae585b83b09d0c925a6c10f20bc4fca733541bb1a04c83d6f26eaa56f58180d3475050fc27b0c38fa423e84e6b3c6bbeb36790c3600f73ce9cc973ff84a8f4b00c281847978a3003f902b959da14e6c2af733ecf7e9a83858bfdfd88a0e9c3d2df0b5e9a07c2edf90aee0d331c6c906fa2c34f025ca6f5f7057dbca85c88d88ef1ee7a2da4abad9f8154b1ef92905b349f097c183a9c309990064cdf038bd48098b492817b3271601c9350af558fb18ade858032ee4eac924e7042c00dc5968f8bf1d9b15cc220b8d9c9aa199ab4065b87dcd961ea7fa06f65591dc5f2d4e2f42d1e76f19bb2a29b2abfe31259e7e646898c1a7df604132687b8c27c14e07005b8faccc4813726c18447a79e973d8c731213101b31f432f483457d2d4fd5dbc4ba026436a1a8f67012fdc73d98a314758fce42c5f3cf7cf662d20c46b557da54245c3e82f67c498f23ab78aab1a55ae54293b9d162142b91ecd57c44765b52e0927e23fbacc9905cf1dba948ad5f389df22c61814dfaebd833a997b84c7d8e4c5229e7b74e378f6acc9b0c39a3e98739bb0b398ae172119e95e63e7e9457560db39941eb8b814c4d94b86cdbfaa9c9039890a4ecb10366f5c019614fdc062ba6bbbdce9defcdf216b4dbf6a76258fd87868f87344160648c3390d149dc416ec41da05e73e1bf8464e366bd0f973dea219c79d3fb7b0f47373d59d771d8dc3651cc65d4288373b08dc65377d52344a8d477dd0366e442eeb1064e970861151cc297a90ce8301726dd1794219a09a3d618d7372f087c7fe8f5bd027b9e898ebee9b75409c5644733a1dd20cb4e77a72cc1c0d844e382d04ef1b70fd89e974142093e9e17696e6ea685fefdc7870973038634ae30c447309f83ca9b319fca2e337fed42298831108a90fb1cf702f4b73b41b4e2ed48c6c1062c343f9a90e2979a9361d452d01512750aa14e4018927a1a0580f168bf860e06d84b92410cc5bd7ca80ef62babae9efd71e3ce4c7ebc6d75cd6a0bc02a44e4c4f893718352303be7ef7601bc2ce0efffe6e0e58064da37750ece99b9990f1258146a2f45c09b6cbe82d52efa4e2ded7064cb8e092c01896615d74c98c2763006fefe0813849bbad333c6518e5f2804fac77ab16731bc6771a49f700af768d0868c363459136eeb9703374e28cabb1e1b12b5a015d4856fd44876d2d100ca776dba599f9ddf2ee7ace4bb8d9dc51aa992d2395fae6fdc24b5541c4eb9485ea1622acb7c2a175de437bd8899e4d26d3da0b28092d9ca43dea3c24d30071c58ae07ec630863ad59ce0b609ef265e3c4105129d7adea4c363d7cdd271ba5b5e540a362df1d93b774e45bad83a4ec1588166af8b3f5daef6cfd5b6ed4707878a69977301a7a8698fb4ab9c8f751c30e62d44f9093a0aa263bb774a3faaf8c9e9ef18e94cd1f6315bc304428a80f84441a5c5feccdd70b3f69646f5613791bab5294e3317d2ddde6332c3022d3a5ea878f6946bbd9f5b076dc98425ac24e85d0bf8d912d584bfa43732b2b8e44fde4ecb6ec346af2f444f151580c337c0a49a4da0256586c8d12edb1bcc0a0ad4afa54747a05330dd074c124d6bc24c2bef38108085a9820d0670f85f8e64cfe2937ea60857f79beec1633ba33fd0ff4b7a2605155335eb5fc30625802c85b1657f66c638b50e50d2e56db54868fcc38e2d5e7b413020939af4b818d7846ba7b3e8414238cc6a25fa6a49c2a776a8f5bb468334628993594e594a51e9f7d49b0fdf9a9893029734d127d7b50378c6eabe59a8ad0680083d02d318dbdd54bd6774d80a1b013fb2fe30e38f58fd635c51a10cf0a532035aa7f0ee4d1fde50c7e4d3f25c94a4f05c7ffc9ac9a53a9fa9a2e93d02e6c5362d92c5d47e0b1c488b85c7f7a66c0bf737212d9b0d57be83afa27fe96f4fe0e009e9937b5df5d0fdbe262765977924b6621e775ba137718d197ed460c71847b78043c2155107bf70a8375501e1c8602d0d44988022477f69c85bd09209fbae711b6ae1800851f5136345d1d825d7f6c67e9ffcad1b5d12d4a3f2ee858c0e4d145a985aa0e85c3016b4b59d6a8ef9046e53b68e71f27a542cc63093587e3b686b6911e89bd01806234f3294086d571e7da1ac76dafd884c162cb7ab81a5158911d8d7bb0bfd6495c972a6010c95f9a2292d730ba7a67ca3ab273f11c0265e15476da4c76c5acdaeb84b96906265821be18e9a05afd50cf5954e1eec5b7cc63c28020428662a8e40d71f2ecf2a23202bbe4f67ad783839826678368e81e18574e53409175ee6c05c011e20aac43b0505efbce76a5771e43cd66ef5c7e22ac0c757ce44fc55bed40a83ba53dd7cd9bdbca3652faed9732a8be51cdd1fb21dea91730292044cb754fa385e182a1f6d68cee5103aaf20951de2c85b23fa7c15c5fd5c5d47611b7827292cef889293ccd3aea05537afa6b325c7f252d0a4c57b0f8eadf060ccff7a4208c8fcb8c411fe76835ff747e35bd77347d7229aacba1d72aa5459016f7d008da4c1d792270247ddca8762abbd28b145dd928d00c35f77e729c2bcb877b3c08df10f52eb1763126f1a8f7d581f112f023457be06dd13a6d81baf3adce34ff1bf04ca304dfe76f41fc8d35cd33bf01b2df717b1cd7877c729b023fb524ab644158e3fcded0e889ce2c527e364ec96b7d423b852bf2d9b696d186097adc5a767504504bb32e81476dfb123c7cadfb5faf973a4369380e053aef3ea463af41cd49f63177ae4d4c61e19d1d894202d019475e899daddf1995f4e58d8deb3b5fd26761ba0ee829981f53a7c6f7ac4930252f9a442abb3e969ac148b3ee4274cf0ae72967039a7e2968ddb3c9bf288f0ff46f9bbc114cd4ace0d9cf79ecae8d7ebadcc96bb2d0462c282044928e455ae7ada235258c4b617b30084f2152fbd4c9584f15c82582a6b42588c558d894b3a6a3e24aac73ff633959e7aca73a155f3ef392535838a420f3a6ab545cd5bb1a7e0d83dd52171dbcf938c7d21a1ab17ef2964b0e779bdb2da0e617952dda6f709e122e7c0b56edfbd34d6a23a22dcbad14754669c7f4ef311931d754e96fa9d5daaa45ce58313a78e64eab2f7c327e020fa344bc082c305bda4108f5d4341f3a33c4656f5db4df966b64b82ff15e1ab8f03c1f076f6ca75922c9e653e05b0390b27e1534c7a96a674b452bc924aa4671a51e65d7d5e967920c31768c7f05e82f0c01b2a57b34d5969f0712f5e3f2df6c5a854312219d94eecb836dc8207d96a097cf98094f1df177088988f60966045712691f34031d15749e486af25475ccf53ffcb5cf3af530cffe651e72a45ee464", 0x1000) ioctl$KVM_SET_GUEST_DEBUG(r1, 0x4048ae9b, &(0x7f0000001280)={0x30000, 0x0, [0x7, 0x7fffffff, 0x7d7e6e36, 0x0, 0x2, 0x0, 0x400, 0x8]}) getsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000200)=0x10d5, &(0x7f0000000240)=0x2) syz_open_dev$usbmon(&(0x7f0000001380)='/dev/usbmon#\x00', 0x3, 0x902) sendto$inet(r1, &(0x7f0000001300)="713a08632cf93f131a78aebcbf05988be4a762c06c86b39248963eded4f69a92715d1121e8274b39644a663e03c282b5372504b7d84ddc0b348958ca9f741d", 0x3f, 0x800, &(0x7f0000001340)={0x2, 0x4e20, @broadcast=0xffffffff}, 0x10) [ 1040.610636] sctp: [Deprecated]: syz-executor4 (pid 24517) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1040.610636] Use struct sctp_sack_info instead 2018/03/26 13:05:32 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x8010000000000084) fsetxattr(r0, &(0x7f0000000040)=@random={'trusted.', '-\x00'}, &(0x7f0000000080)='-em1eth1\'\\em1\x00', 0xe, 0x2) bind$inet6(r0, &(0x7f000067efe4)={0xa, 0x4e20}, 0x1c) sendto$inet6(r0, &(0x7f00005a0fff)='8', 0x1, 0x0, &(0x7f00007bcfe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) r1 = gettid() ptrace$getregs(0xe, r1, 0x7ff, &(0x7f00000000c0)=""/24) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000bd6ff4)={0x0, 0x0, 0x4000020030}, 0xc) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000000)={0x0, 0x1}, 0x8) write(r0, &(0x7f0000cbdfb8)='v', 0x1) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000f0cffc), 0x4) write(r0, &(0x7f0000000340)="867f60b6123f3dbc76c824d83435f62772edc51899d03489c56279d859638a8ee3eeb7ad38980ed7a79f25852fad3d46b096739cf22e557f9749a0090cae4d39a1fbe518c9536a4ceed0152fc76239e2b9586132a713d13f54a4de3d6231201a26b847a5c4ad682cbc246ac559bcf49053c3fbb445f91c1f3e2d5ff979fe92d6eb4107d65fe9356d81db1aaf772345552779f679a12a0322411d2fd32efa85927529d0fffecaf0c5bf00a96c7ae3b1c80b022941d597f82d8ab9bcc20158311d8d66ce86fb2f2cf80064b3f84cb62601f59999c466fc2341d3cd1410e0d79972caff1cc3e45a8896a5338d835182abb16f1e33e7150d9c7f2668193443dc90ab18c5e9d89b9902ebcde81ddf7432756044ccdb6182c205913dcdd3a608ac5094c71b8baaacd4fe1f173bde0c21f99aa1cb514820cbde7689dce0ebfe543930b98cebc03a258011319858ffeb1f95ab68b9b31334e0eec1c2633a56fc67a8b0fdcce1e6161e51a104d750616bcac1fad829b1cfc7e95fee43464b00501e0a042edc5be4fd85b72cc5a866f46c0975566b394a036097acd1621194e1ce84c9c44b3e0c51ab8f83c2178940490983a932a94911756da4384ecf9218682b9b6f3ddc933131b44925ba6b91280a1ca2f507cc4b0e02c388ab702b3a3eff97a6b197526ef11e19c555486f8edc9685536870b9821883a2dec1ffe96e822ff5857fc32a47e882c5d09aee4fc4976b114de052eeae1bad9a327e02de3afc20226e8b035f5503e6fd4b643e8204ba1dee3e2c6999d0a4a29529d4f4b3fee8d5febc3e131affa25e5310126e604293178b164c6c9c00f76d9ad867d9efa523fda42fc2d831e7196a26741dab388a87138b315ecf22ea91fa80e752db67665128bbcf5550dec6e15f085ff73695e26bd130fd5c51b4c450f7d62cda36c30e486f001a57aef8661e63ccb402f9bf3227c4a830beab7da39f3ef8bf61c216bb677eac3ba4c3586290b63a1b0d640af3fcddc1e790ff90a08fe576ae6644f898f121831a34ccf30e52e462acbe19f10755ee76baec07becb656bc044c877898dbdb0c480d8fbe6e25218816cce86bee917efaad83747cf2c7129585dc8c77808805a6c697efde0547ca2a8ca5f770242edf46dd9958df9f9efc84cf96fa6114f18cbfdc6d89e3498ec6787f0b16a99e68c6c278067f08339338a7460ad9194c95bc75a67a6f78462e9cf0933db52a7d8c30271d6a4231cfec27bece87aafe8065e2e1b3781f3973e763ca755e672f2a3455d4ab46af61c2f0f012be6d5811375cd6a25692e16dd9f848a1c573d0ccf1b0e338f96c6bf67ab795343bb75c45dfa89242b51e1bb785f8ab65d4a61659a671cd3486d357ced093158a0990950ab55f44dfcccebbedcec848c6b2eda2bec5e8c5d2af971a0063e11b27c0e7e202b85e823723f7f3745ca1d11fb4306df01c9d6c7346eb28244f758c0bdbabb9d18d751438a191614db005d25737d183459a1139cfc62714b49ee573f2a543a8ab14141849b1e70e7fbea17098da241de34eee59e1e663791204c1c8e4648ef9ad81c1582f1a64491376cbbf95b0e4efc552c346d143bb994a69f0f84028836b98ca3f8e670fdda047920e4bfc65126fcb3a3234d6c47a11bc33be10b657b499970db79431988c885f6be8d62123d5436c4a68d598071d5cb17d50d1e6383312cb1f219b362516ef8a681159fc86166ae4fe40d14558a2004a5095a0a9daf25c9cceb8fd7a29ebe1343ce6839b798cf9f331726244b591da0822ce35bb845659e3a34ce8c7881a7690625a1de677e083e535349915431ebfddbe50916d15c061d9b68488302d8320be4d5ae92dcca1fc59115b4132a1a18a7b46ae6d4d4d9c110cc4bc296b7312f64599bd2b9ece96e2b91072fb83f87252eb36156d84d5519ca6cf19eaa1ef6611d7373659efb14cead84f00bbf5a29ee13bea895145623d6c704d686a1d793399ae92341b84e61ff39fc799866bf068ad3fd68e831b835f8374ccc6e211344e5d5b4b0a368fb16e6e37ffd47a0c381784cbe294901c3bfcfe9ff1f6de7c02769592d01a516523ed6d90475f48b8a07748bf669fc018843114fb4ad12284cd77db7431b4601608421186c1148da8c0d95da4352d093208d19e31501814c8e7970fb3f07b700b3f65234ba49685e233f400f148078e59adc426538dc7775e235ed635c659c666132c2a084b83c91f037541f15152d4e2ce51bca1b8562b1df16d9f49339f65103af05ae6f58a9ec9028d135a26b4e4fc86b0999b17a2aa2f8bebf6bf9d172511b53351b9443b9d319d178a614cc332259b6b2e784d53395d8713dc9131bce09916e5730681772830348df828841636c0c88ecb17a3dfe33842fed86be157176d3fa142d26316b8c874ad50621d03ee9b1eab1beff957f39470713b0b87a22a40f12bc2415348c82237abc0ff93d86a79f89f7627cfd5b6588640beeabdb28c353af3fc5f2d7fa7f70edf241f32427ab7daa1d92f3e555626354928b99d0b4e3d174c3dd89a25a01bd634487d14d261a84e5230327d4fccbaf9137e7912a1f4146008b924a46f0cd00033a926db6703a1686fc8e8b1490df2faf4b97ee7e4fe5e6fc854ee242aaae0afdb65c207795af97684d40e23ee5226e3792d75a4449b5cdd0a95cedfb0b7fd4e3bb9a5103e743ad2171d084dcc6bbac4bdc5c7cc25f0fec787c43fd39e95eb0f118f234faf0a2e3537f247b2bae29b432ad381d5bfa4f557ab47db8aaf53dbbaa5da1e714edbfccedc4801ec4dc8a82e9674979876f3afe809835af0b55da62351bd1584e8e79c8e5dac1fb9cd563165c14a5323bf5d4099ec2f3dc15631a6b13370956940ce1f94be78c9260f80ec355c2a7f1968d23c2638d9d903a8619e3dca050b5e2d278a2a05ec3fdf78a1a2927bd7288766379595abe28781b5f86d2241d2d508e2ba88457503f405c6e3da47dbb7daeb3b8d0be389f68a0d4ee1cecc4898eeabe12707200df9a4f638e38277bf9f664d87749a5e99d08894b9c0861af47a757d329e4921036e2386470eeb5c14718ffed69487670c2f588c06db7f2016bf272a9118bf5074397c95febc97489e6ab2b2a4bf351e901ee7c25183e5285684fa46caac3bb5f1465f7e34deefc7a16577259650912010859c3d798f65bfb8f7c15ada9c8f1b0671d0be3a12e4ba0ff2fec275820e8201642d96d1fd9acf5de9ce795a8015df54f3d31db48e8495999f61fc80bdfdc0d780dbefded8059995ce478307f3f0e74228d320f73cd21f78c59cad887e18a5fc573f78a7aad95e536b7af0e1e030250bd3b25d381e8eade12c90879517f57c41d42163bdcde2a97bfaea2d65f357adbcb924ef63652717f4f225f9fa1e3e536de683daa654c9c6c02ca438af2fc2ec9edc4dc86164c9a9896d8d1771470e51da28028293171f1ef54b5ce702780cf72ff4d0a189f9d663e985970c28ff8877b5625d9730df6c72be60723c1dae25b9f29e42d62478676e55dc394ed22779464bc0160036222d1b814675a599d132b83d28c368a93444138580b3f74bd95406ef46457f541511f63923329ddc93b736844916d8797d30c592efcf8e2e5fe7b127308e827190393a7fa810a0c87d7cca18e97d29a877069c1e2d56be76b7dbfa6aad19987ead6033cc8e5a759524fc76420c00fcdee9009a98b69f3a4e328a1c5449a5089eeecfb22e7695d155b4aca3e50afa30f499f34ed3eb0442ff9229808785bcdd50f1a2e12cf05053117448343f9dc60c7c58e735ade8b41a6044b57edf165e03c0ce871b8c6e766fd1f99c8355ce2dd9667d6eeac6c03688641e5b96edb9f21f9358c61f0cc8318823201f96715a58868ac3571c1214adf9b0a80ccf8a8b32fc96ba935be8db596bdd1b487ca46f566d1f117e319d01455c4a21383ed795b4ca3418645ad2acbb55000b39d8405bec442beb6db050fbe5e74d01b257557c1b685c6ea5974a9d268a2a5a05d8f776aeb3615157da9ff6cdb6f169ad9d5fa526f6a90e36bf93df78314af5c2e27c4b5b43ab53576036bb50cff793a70dda7f92e2fa69a85e84672ff9ba6411df1027675997237469518063269f43758434b0eac908fa23890d1b6e1c46e0796bb96ab6b40a33011ba6b9add8d13a2a348b6f166da745a73aa118e9a60a9069c142816396124f7c78481ce60b87c775de577731db975916eae5b0ed9c8bcbcc084012a96584ba60bb1132b22ba651837d7d05250eeb448a2738c64d4d1973849b9bd843a46150641cc965f2dab2db7d22a4a6e1f9842e30738ce9f847c457185823a8474ec40a7c4de069a8d4549882ef3a9df32d23886e1c10d337f39572cba4e5a8423fe0c3dd0b7373dc08a1a39051a91d86e4e58e7ce921159c67883411eac6130dc02afd21bc3057c6c40aaf0ca238c1babf68bd59908369492d53beda3b46f1581c602b2f3b4e43e54e59a225390faeb9e8e9c05df40162313b940c1d8e7da1da93400f8641b663d9e4c412eae408d2f325517a76cd9a013f42fdcdb06c408c6be546a7e03fe1305337d884bcce1af79a0274e201aaeeddfe4bb0347b5ad941b826759aa7eac5f9f3ed3ea55c539e0ceffa5737ab8dbb6185d39fee85b31b3301a157c28a281ffcd0bd91dee263a1f9dc1462f86be07b3fd5c4d44f6ec2f0c2805866e3190743b3726c662fee060225c7da979a29891611f1dc04642ef44993248de08aa47030becce89b9232462028a4d8fa742fb5d6ccefa923fa1034c0ff7aa60663c009fa6671e698b072e9707aed41d88f47f468fbbcd6cf34875d0e1515e6aad67dba9c6940862f06063fa75269b48b05c269d864de0f985f8b2cbfbe521b3a41aafdeadf29329531a96d3394a883a176cf2a113e9514ea9705573f64169e88b8daad78fac136d6a4cb9aebd36f564eff0674a7013a1dabfa63dcf572412125f94b533b51f48d9f35b8b01bc41ab120a913a50634063addb81105be44b0fa2d58534237694a670dba2311222190a8f6ff0d2b410992eb5e0b9034f5158ffe53ef60a3fd614b5d9", 0xe01) 2018/03/26 13:05:32 executing program 6: unshare(0x40000002) r0 = socket(0x18, 0x80008, 0x2) r1 = dup2(r0, r0) getpeername$netlink(r1, &(0x7f0000000200), &(0x7f0000000040)=0x1bf) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000000c0)={0x0, @in6={{0xa, 0x4e24, 0x100, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0xf}}, 0x7}}, 0x80, 0xfffffffffffffff7, 0x3, 0x5, 0x8}, &(0x7f0000000000)=0x98) getsockopt$inet_sctp6_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000180)={r2, 0x7}, &(0x7f00000001c0)=0x8) 2018/03/26 13:05:32 executing program 0: r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9) clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8)) ustat(0x7, &(0x7f0000000000)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) mlock2(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0) wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100)) 2018/03/26 13:05:32 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) [ 1040.694659] sctp: [Deprecated]: syz-executor4 (pid 24528) Use of struct sctp_assoc_value in delayed_ack socket option. [ 1040.694659] Use struct sctp_sack_info instead [ 1040.758719] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1040.769745] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1040.774896] CPU: 1 PID: 24511 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1040.782239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1040.791567] Call Trace: [ 1040.794135] dump_stack+0x194/0x24d [ 1040.797745] ? arch_local_irq_restore+0x53/0x53 [ 1040.802411] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1040.807588] dump_header+0x28c/0xe2b [ 1040.811286] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1040.816455] ? arch_local_irq_restore+0x53/0x53 [ 1040.821105] ? __lock_acquire+0x664/0x3e00 [ 1040.825317] ? print_irqtrace_events+0x270/0x270 [ 1040.830048] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1040.835139] ? trace_hardirqs_off+0x10/0x10 [ 1040.839437] ? __lock_acquire+0x664/0x3e00 [ 1040.843652] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1040.848824] ? __lock_acquire+0x664/0x3e00 [ 1040.853036] ? task_will_free_mem+0x252/0xaa0 [ 1040.857515] ? print_irqtrace_events+0x270/0x270 [ 1040.862255] ? ___ratelimit+0x30d/0x630 [ 1040.866207] ? lock_downgrade+0x980/0x980 [ 1040.870335] ? lock_release+0xa40/0xa40 [ 1040.874291] ? mark_held_locks+0xaf/0x100 [ 1040.878414] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1040.883495] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1040.888500] ? trace_hardirqs_on+0xd/0x10 [ 1040.892625] ? ___ratelimit+0x95/0x630 [ 1040.896491] ? idr_get_free+0xfd0/0xfd0 [ 1040.900443] ? find_held_lock+0x35/0x1d0 [ 1040.904491] oom_kill_process+0x8b9/0x1640 [ 1040.908702] ? lock_downgrade+0x980/0x980 [ 1040.912830] ? __lock_is_held+0xb6/0x140 [ 1040.916870] ? oom_evaluate_task+0x480/0x480 [ 1040.921276] ? rcu_read_unlock+0x35/0x70 [ 1040.925323] ? mem_cgroup_iter+0x363/0xbd0 [ 1040.929550] ? lock_downgrade+0x980/0x980 [ 1040.933680] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1040.938416] ? mark_held_locks+0xaf/0x100 [ 1040.942542] ? _raw_spin_unlock_irq+0x27/0x70 [ 1040.947020] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1040.952022] ? trace_hardirqs_on+0xd/0x10 [ 1040.956147] ? _raw_spin_unlock_irq+0x27/0x70 [ 1040.960620] ? css_task_iter_end+0x280/0x430 [ 1040.965012] ? _raw_spin_unlock_irq+0x27/0x70 [ 1040.969488] ? cgroup_procs_next+0x70/0x70 [ 1040.973698] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1040.978691] ? trace_hardirqs_on+0xd/0x10 [ 1040.982813] ? _raw_spin_unlock_irq+0x27/0x70 [ 1040.987287] ? oom_badness+0x980/0x980 [ 1040.991153] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1040.995894] ? mem_cgroup_iter_break+0x30/0x30 [ 1041.000466] ? finish_wait+0x268/0x490 [ 1041.004329] ? lock_downgrade+0x980/0x980 [ 1041.008454] out_of_memory+0x86d/0x1220 [ 1041.012416] ? oom_killer_disable+0x310/0x310 [ 1041.016889] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1041.021971] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1041.026964] ? trace_hardirqs_on+0xd/0x10 [ 1041.031099] mem_cgroup_out_of_memory+0x159/0x200 [ 1041.035916] ? swap_max_write+0x110/0x110 [ 1041.040038] ? do_raw_spin_trylock+0x190/0x190 [ 1041.044604] ? _raw_spin_unlock+0x22/0x30 [ 1041.048732] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1041.053729] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1041.059158] ? find_held_lock+0x35/0x1d0 [ 1041.063199] ? memcg_event_wake+0x420/0x420 [ 1041.067497] ? __do_page_fault+0x5f7/0xc90 [ 1041.071708] ? lock_downgrade+0x980/0x980 [ 1041.075836] pagefault_out_of_memory+0xbd/0x152 [ 1041.080481] ? out_of_memory+0x1220/0x1220 [ 1041.084691] ? handle_mm_fault+0x465/0xb10 [ 1041.088914] ? __handle_mm_fault+0x38c0/0x38c0 [ 1041.093473] ? vmacache_find+0x5f/0x280 [ 1041.097423] ? vmacache_update+0xfe/0x130 [ 1041.101551] mm_fault_error+0xd6/0x2c0 [ 1041.105417] __do_page_fault+0xb4d/0xc90 [ 1041.109461] ? mm_fault_error+0x2c0/0x2c0 [ 1041.113586] ? kernel_write+0x120/0x120 [ 1041.117538] ? do_syscall_64+0xb7/0x940 [ 1041.121506] do_page_fault+0xee/0x730 [ 1041.125284] ? __do_page_fault+0xc90/0xc90 [ 1041.129496] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1041.134228] ? syscall_return_slowpath+0x550/0x550 [ 1041.139135] ? syscall_return_slowpath+0x2ac/0x550 [ 1041.144040] ? prepare_exit_to_usermode+0x350/0x350 [ 1041.149035] ? retint_user+0x18/0x18 [ 1041.152727] ? page_fault+0x2f/0x50 [ 1041.156329] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1041.161151] ? page_fault+0x2f/0x50 [ 1041.164756] page_fault+0x45/0x50 [ 1041.168184] RIP: 0033:0x409b83 [ 1041.171347] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1041.176686] RAX: 0000001b9bc20000 RBX: 0000000000001270 RCX: 000000000040e950 [ 1041.183942] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1041.191200] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1041.198443] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1041.205698] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1041.213170] Task in /syz1 killed as a result of limit of /syz1 [ 1041.219212] memory: usage 0kB, limit 0kB, failcnt 4004 [ 1041.224513] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1041.231297] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1041.237467] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:05:33 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') ioctl$KVM_GET_REG_LIST(r0, 0xc008aeb0, &(0x7f0000000000)={0x5, [0x7, 0x5, 0x9, 0x8, 0x90cd]}) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r0, 0xc0505405, &(0x7f00000000c0)={{0x0, 0x0, 0x0, 0x3, 0x8}, 0x5, 0xfff, 0x7ff}) ioctl$KVM_GET_CPUID2(r0, 0xc008ae91, &(0x7f00000002c0)={0x9, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}]}) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f00000001c0)={0x80000004, 0x8000, 0xfffffffffffffff3, 0x40000000000008, 0x5, 0x100}) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000040)=0x7) 2018/03/26 13:05:33 executing program 3: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xd, 0x32, 0xffffffffffffffff, 0x0) openat$cuse(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cuse\x00', 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f00008f0a07)='pagemap\x00') perf_event_open(&(0x7f0000d2af88)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pread64(r0, &(0x7f0000fd7000)=""/8, 0x398, 0x100000) setsockopt$inet_sctp_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000080)=0x7, 0x4) 2018/03/26 13:05:33 executing program 4: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000d0fff5)='/dev/audio\x00', 0x1, 0x0) ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000000)={'\x00', 0x200}) syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x1, 0x181000) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f0000000080)={0x0}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r0, 0xc018620b, &(0x7f00000000c0)={r1}) ioctl$int_in(r0, 0x800000c004500a, &(0x7f0000e5a000)) write$selinux_create(r0, &(0x7f0000000040)=ANY=[], 0x2b6) write$selinux_create(r0, &(0x7f0000000180)=@objname={'system_u:object_r:tpm_device_t:s0', 0x20, '/usr/sbin/cups-browsed', 0x20, 0x0, 0x0, 0x20, './file0\x00'}, 0x44) [ 1041.256908] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1041.265666] [24511] 0 24511 11408 2089 65536 0 0 syz-executor1 [ 1041.274558] Memory cgroup out of memory: Kill process 24511 (syz-executor1) score 2105000 or sacrifice child [ 1041.284621] Killed process 24511 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:33 executing program 1: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000fcbff7)='/dev/kvm\x00', 0x0, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getpriority(0x0, 0x0) socket$bt_rfcomm(0x1f, 0x1, 0x3) openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000f80)={"24289e7f0291e6394ba1d287ac8d3822cd0f8ff9f202879b433b32fd2934dd3b780f8d26a2c48623339449ae57db681061df8b75874260e55871da7987cb729464d54a9bebf5fd0b3b34ddd91b32b56a90a3bdea993dd76824eab0e786ba569d5c5a2d0a10b61c7ab7a2a91c1554448fd80935a9a116e44af3e6d9a0b302c6c58ee103a94f7a23d10a66e8df40ca865a271796bfb6a1cd5f9fc5d1988a61308b46f0c1f8dfa2ee6c6ac2b7e3fab61988c32cc6daceb67ad517c1cf1a0c5bd5a05435c0f62aa1fcfff7d6b27c995d5c60e9b28b21529f9c9648bdc5a9d34baa38cde63547430f01f72012d88d9d2d2545b433f9b0c4fe4acd9716ef160cb005617423e0d98859cdf1cec8ba9fedc7ff24b6a90310784678ae7932a92b7f74fe6fe9d25ae3edae43dc593ac40a9e7e0c22b29a7f0425ec6ca912ef42e5f2ccb4d5c13ada71e7d3ef741aed23aa8c4151b4a8fb123efce667002c76427bf45a6de08a6ca08256bc1fb4456b9c1e9047b82b401af6b50b6b29e09ba7705da0b1ee909b75711bc9435de214bdebde4aaac83394f8457a8e52f8d7af83487787f0b11f63a7649deb6469ee4a2c75624e656118c8940b197ba8b4d6435b4cedcf543e084f4c07647f621d7bb544ee86bd6fa1d43e30fcf929ae6342a2036692dc8c7892a9d43ccefe6d302da5b8cfc649c42b63526742e928842729757d5d1b87a396d14405f96d1f261fcdf89e4dc8f84f1cd67eacb5cb79647d80a0e9b729aa4330c9a9f5cbd66b08ca7b59fcd1c439ee799f8c37e00b6684864b56326f54650e4a3c73d27c7c805115ceb6208d8de4b8be966db97a111d88da0875e489af474f5476dc467b1dd0e21fb2a1fefdef092c7c3aef1a659284dd5762ef7869c5536d83303acd409979928f5d75e555c83909c14f6f27eaf95d2a28b553ee3673aabc3e2d09df9430708c5e340c7c5c64aa3c5b42c22091fedbc2cc8dd9fa13fc1da403be72f59f1cd097226b79ec78624114e3161285f6a87b64ad10618ee4a18984352fb542da4c734c7f6da88be2a65d62e69faa3f93f270cbcdcff2765159277a5072531360228c17f191eb2c6058d2a12b5afe0adfc72399fb368fc8b95a24ceef700c3ea2df6d756474575366508606a3197b34161e75079e12381fa6a510e4274685c17f231b677ba75e2fc00d828b53ff6f6c83417bca1fade5a5379a3dea1932ba4d93036aea7aa8d12f84767746730b20df57f364499198e54b2a7d63079b660d49fe5341c7b9b1ffff8207445f9035cabad16586e63ba14db7cb4895eede838a4999d2cd4c9e43a27798c2b4fc70e728251d9017d78c8aaa4e0850be171ce5ae63a2e7bbfa7612f87519a344d5d043d869aaab87f978bd13e94a181330a57f8c83a0c0ebd846c1ce4d6d2f4c51b8c928fbbc689f6c242ef0f10369970f814a"}) [ 1041.356519] oom_reaper: reaped process 24511 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1041.701277] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1041.712295] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1041.717471] CPU: 0 PID: 24543 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1041.724821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1041.734166] Call Trace: [ 1041.736735] dump_stack+0x194/0x24d [ 1041.740341] ? arch_local_irq_restore+0x53/0x53 [ 1041.744991] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1041.750169] dump_header+0x28c/0xe2b [ 1041.753866] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1041.759046] ? arch_local_irq_restore+0x53/0x53 [ 1041.763695] ? __lock_acquire+0x664/0x3e00 [ 1041.767907] ? print_irqtrace_events+0x270/0x270 [ 1041.772640] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1041.777740] ? trace_hardirqs_off+0x10/0x10 [ 1041.782037] ? __lock_acquire+0x664/0x3e00 [ 1041.786248] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1041.791419] ? __lock_acquire+0x664/0x3e00 [ 1041.795631] ? task_will_free_mem+0x252/0xaa0 [ 1041.800113] ? print_irqtrace_events+0x270/0x270 [ 1041.804853] ? ___ratelimit+0x30d/0x630 [ 1041.808804] ? lock_downgrade+0x980/0x980 [ 1041.812931] ? lock_release+0xa40/0xa40 [ 1041.816886] ? mark_held_locks+0xaf/0x100 [ 1041.821017] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1041.826100] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1041.831097] ? trace_hardirqs_on+0xd/0x10 [ 1041.835227] ? ___ratelimit+0x95/0x630 [ 1041.839094] ? idr_get_free+0xfd0/0xfd0 [ 1041.843051] ? find_held_lock+0x35/0x1d0 [ 1041.847097] oom_kill_process+0x8b9/0x1640 [ 1041.851312] ? lock_downgrade+0x980/0x980 [ 1041.855439] ? __lock_is_held+0xb6/0x140 [ 1041.859480] ? oom_evaluate_task+0x480/0x480 [ 1041.863875] ? rcu_read_unlock+0x35/0x70 [ 1041.867914] ? mem_cgroup_iter+0x363/0xbd0 [ 1041.872133] ? lock_downgrade+0x980/0x980 [ 1041.876264] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1041.880997] ? mark_held_locks+0xaf/0x100 [ 1041.885125] ? _raw_spin_unlock_irq+0x27/0x70 [ 1041.889598] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1041.894592] ? trace_hardirqs_on+0xd/0x10 [ 1041.898714] ? _raw_spin_unlock_irq+0x27/0x70 [ 1041.903187] ? css_task_iter_end+0x280/0x430 [ 1041.907570] ? _raw_spin_unlock_irq+0x27/0x70 [ 1041.912044] ? cgroup_procs_next+0x70/0x70 [ 1041.916252] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1041.921243] ? trace_hardirqs_on+0xd/0x10 [ 1041.925366] ? _raw_spin_unlock_irq+0x27/0x70 [ 1041.929838] ? oom_badness+0x980/0x980 [ 1041.933705] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1041.938438] ? mem_cgroup_iter_break+0x30/0x30 [ 1041.943015] ? finish_wait+0x268/0x490 [ 1041.946890] ? lock_downgrade+0x980/0x980 [ 1041.951022] out_of_memory+0x86d/0x1220 [ 1041.954983] ? oom_killer_disable+0x310/0x310 [ 1041.959454] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1041.964536] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1041.969528] ? trace_hardirqs_on+0xd/0x10 [ 1041.973662] mem_cgroup_out_of_memory+0x159/0x200 [ 1041.978480] ? swap_max_write+0x110/0x110 [ 1041.982602] ? do_raw_spin_trylock+0x190/0x190 [ 1041.987167] ? _raw_spin_unlock+0x22/0x30 [ 1041.991295] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1041.996300] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1042.001727] ? find_held_lock+0x35/0x1d0 [ 1042.005768] ? memcg_event_wake+0x420/0x420 [ 1042.010066] ? __do_page_fault+0x5f7/0xc90 [ 1042.014289] ? lock_downgrade+0x980/0x980 [ 1042.018422] pagefault_out_of_memory+0xbd/0x152 [ 1042.023067] ? out_of_memory+0x1220/0x1220 [ 1042.027274] ? handle_mm_fault+0x465/0xb10 [ 1042.031488] ? __handle_mm_fault+0x38c0/0x38c0 [ 1042.036046] ? vmacache_find+0x5f/0x280 [ 1042.039998] ? vmacache_update+0xfe/0x130 [ 1042.044132] mm_fault_error+0xd6/0x2c0 [ 1042.047997] __do_page_fault+0xb4d/0xc90 [ 1042.052067] ? mm_fault_error+0x2c0/0x2c0 [ 1042.056278] ? kernel_write+0x120/0x120 [ 1042.060232] ? do_syscall_64+0xb7/0x940 [ 1042.064187] do_page_fault+0xee/0x730 [ 1042.067966] ? __do_page_fault+0xc90/0xc90 [ 1042.072177] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1042.076911] ? syscall_return_slowpath+0x550/0x550 [ 1042.081838] ? syscall_return_slowpath+0x2ac/0x550 [ 1042.086744] ? prepare_exit_to_usermode+0x350/0x350 [ 1042.091737] ? retint_user+0x18/0x18 [ 1042.095428] ? page_fault+0x2f/0x50 [ 1042.099032] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1042.104374] ? page_fault+0x2f/0x50 [ 1042.107979] page_fault+0x45/0x50 [ 1042.111416] RIP: 0033:0x409b83 [ 1042.114581] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1042.119921] RAX: 0000001b9bc20000 RBX: 0000000000001271 RCX: 000000000040e950 [ 1042.127166] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1042.134412] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1042.141743] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1042.148994] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1042.156723] Task in /syz1 killed as a result of limit of /syz1 [ 1042.162770] memory: usage 0kB, limit 0kB, failcnt 4012 [ 1042.168113] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1042.174914] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1042.181121] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1042.200597] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1042.209375] [24543] 0 24543 11408 2089 65536 0 0 syz-executor1 [ 1042.218269] Memory cgroup out of memory: Kill process 24543 (syz-executor1) score 2105000 or sacrifice child [ 1042.228468] Killed process 24543 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:34 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:34 executing program 5: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) socketpair(0x1f, 0x800, 0xff, &(0x7f0000000180)={0xffffffffffffffff}) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f00000001c0)="6f6a268b08b449", &(0x7f0000000200)="eb53fc63ac5ab9f0b2f634461b11f2fe942ff9c9542ffb5a5f0828b7887a913d45d48c4f5594ed67cf38287e1f646fad290f411ad16d89247599829a0b7d33526a2b1a5de7fd80fc3723ed24cb13da23bec1779988b2a112c7997bef45c9669529c74a6607d8091bbb190949286df9715b8f209044bdaa507b5a1d7c45d08015dbb277c8df8b595aee6c9a7862887a9802d131e9a9cf04455138a89045cfdae27fd1fa6eae41150e54ffcd", 0x1}, 0x20) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x0, &(0x7f0000000040)) r1 = accept4$inet6(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, @local}, &(0x7f0000000080)=0x1c, 0x80000) getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000100), &(0x7f0000000140)=0x4) 2018/03/26 13:05:34 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0xc) r1 = syz_open_procfs(r0, &(0x7f00000000c0)='mountstats\x00') fcntl$setstatus(r1, 0x4, 0x4000) pread64(r1, &(0x7f0000002000)=""/4096, 0x1000, 0x0) 2018/03/26 13:05:34 executing program 4: getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00005c3ff0)={0x0, 0x1c, &(0x7f0000519fa8)=[@in6={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x1, [], 0x1}, 0x4}]}, &(0x7f0000f91ffc)=0xc) r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000001580)={r0, @in6={{0xa, 0x8, 0x3, @loopback={0x0, 0x1}, 0x8}}, 0x3, 0x5}, &(0x7f0000001640)=0x90) r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000001000)='/dev/mixer\x00', 0x40000, 0x0) recvmsg$netrom(r2, &(0x7f0000001540)={&(0x7f0000001100)=@ax25={0x3, {"0fa09cc349f23a"}, 0xdd2}, 0x10, &(0x7f0000001300)=[{&(0x7f0000001140)="6f36a5b8b570063946696066b70362b059c410e9fa7bf976321b5bf287b76bbf4af4764667fe2f3907ac9f86f3fd4cdcab5c698eecc1ecdb71e801347b5c956e79139c1bc81703596305ba3675fe931a55d8c7f6a9dc4cd1b53c3091b82bf19741c0267cf6534ce767b8eb797d86a0bda69117fbd0cabcff0a1ac0fa47d087fcf0494ba1712d98f60dc6240c1bf049f2c0ff53bbed", 0x95}, {&(0x7f0000001200)="d195918aaf198ae0e29dc516e1b10b6b8056853b5e2a8fb95a35028f8086feceaca2801732139d13336411beb1ca417912d92d6f0bd06f40b2b63b58bda1b94291c9f9", 0x43}, {&(0x7f0000001280)="4f484e6fefc7d6400d72a17f3586d1166cdfe9fb1c952685d2a00a830d90f6cde6ecfb2e6d017b98c8c35596889e832f134d17a1e22f4cb171f5856b9dd549386959518dd02b71c40af3e17317cf41654ff22678b3ab1a5e5c", 0x59}], 0x3, &(0x7f00000018c0)=[{0x110, 0x100, 0x2, "1737b7467a252a9b44f31576f950a9f025df3326dc649db6e292ea35427a837e87def32e1732084bf789f15afa571af871a9c17cfb2a89e50bd5d6c80aa1cef2f3cfd1e4ca189d4043d5fd7c01275c48075c2b7fd9efef76efe566627d6302d02c8b938fc6d50a2e17e5e102746f2c5f45314f47ac512ff8e2e09a32a4d694cc41cf171a8ee3377f8a5db1715070416872c0fe82da89d00c9f7f8036c9731d03dee413392218d5162fe44435a6cd406d496ed5affe811f93695c3953c848737b08d4023004d1e8e8b924d7c898b85db158add40e9fcfe5d0bafe5b6b51e83debd53cfd1a35d6645a955e4d799ca490000000000000000000000000"}, {0xd0, 0x18a, 0x5, "8592187add0115c0e79a8de3b4878ad8bd55e6a93d45c66ab6aeb6209add9c83ea045e6708e63d1a1934a1c9db6c655f03d7d6d4670584fdf3b6609badb574cadcd21139eea9b5045ef858db80aa801876e39b63560e21b2e51927ca97de7dc567fb9eaf4fca853bc88cebec4d9832dc081d519d6d0b35f39e3d238d79704a27c3f80799de0ef5bd856dd864b976a6f7b148b10bd54a4e893d4bf767346657462f6181bc5dd2479a778158a1e698533bb61b9fadf5bafb1d23d4"}, {0x130, 0x1ff, 0x0, "ffc39fe0a54d65d0dc9cc8cb0763da84a9ad23000000007c5d58bcb2bf822d45bed6e35015c85422378dbec7b0ff38f986219b659bbae22b6f410aea65d127134411af6627132facf19e28f34c8a73bec7a0d6585a52a762e92062a958d59968ea461c57c4ac6ead9620011bc77fab9f55e693bd83b9843b8baf71a434a43c46ce79ca244fc2204d8e860967116b039eda0ae742719c515296b70120f625abe10bfda7fceec0b643822fe4cc1fdc7a753b07c4be27cfb389f7f6bb1b7ebb1614df271c119f3c42c5ac21d18e38cd233c85069e193b63143c91a3099a013ada11666341091c957d4cc0afae5bfe222b2b96be6559d413e80ae8e350178bbe078e6cd9ce25d43e0b696194ca16b88eea25f4549886baf111ccec9600"}], 0x310, 0x40}, 0x40000001) bpf$PROG_LOAD(0x5, &(0x7f0000a23fb8)={0x1, 0x5, &(0x7f0000001080)=ANY=[@ANYBLOB="1800000000000000000000000000000009000000000000000000000000000000950001002100000029ec5ae7e487946d4c0a48d9fa9e5e75b20bf20ff9004f219fc196576897153d6b90eb12f57ffbca329c04b0bfe214"], &(0x7f0000001040)="73597a6b618f6c65000d", 0x5, 0x1000, &(0x7f0000000000)=""/4096, 0x0, 0x1}, 0x48) 2018/03/26 13:05:34 executing program 6: r0 = socket$netlink(0x10, 0x3, 0xa) sendmsg$nl_route(r0, &(0x7f0000000280)={&(0x7f0000000300)={0x10}, 0xc, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1c0000001807000000000000000000001c0000000000000000000000"], 0x355}, 0x1}, 0x0) 2018/03/26 13:05:34 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) ioctl$LOOP_SET_FD(r0, 0x4c00, r0) ioctl$sock_ipx_SIOCAIPXPRISLT(r0, 0x89e1, &(0x7f0000000000)=0x3) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:34 executing program 1: r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$sock_int(r0, 0x1, 0x2c, &(0x7f0000d2effc)=0x81, 0x4) setsockopt$sock_int(r0, 0x1, 0x2c, &(0x7f0000d32000)=0xfffffffffffffffc, 0x4) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x8000, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000040)={0x10000, 0x200, 0x1, 0x101, 0x0}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000000c0)={r2, 0x100000000, 0x7fff}, &(0x7f0000000100)=0x8) 2018/03/26 13:05:34 executing program 0: r0 = semget$private(0x0, 0x0, 0x4) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000389000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = socket$inet_sctp(0x2, 0x1, 0x84) getsockopt$IPT_SO_GET_REVISION_TARGET(r1, 0x0, 0x43, &(0x7f0000000040)={'NETMAP\x00'}, &(0x7f0000000080)=0x1e) semctl$SETVAL(r0, 0x6, 0x10, &(0x7f0000000240)=0x8) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) capset(&(0x7f0000c6bff8)={0x20080522}, &(0x7f0000034000)) r2 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffb000/0x4000)=nil) shmctl$SHM_LOCK(r2, 0xb) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$fiemap(r3, 0xc020660b, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000000000001000000000000200700000008000000f502000000000000"]) r4 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0xda, 0x111001) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f0000000040)={{{@in=@loopback, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in=@loopback}}, &(0x7f0000000140)=0xe8) r7 = add_key$keyring(&(0x7f0000000400)='keyring\x00', &(0x7f0000000440)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffffc) add_key(&(0x7f00000002c0)='id_resolver\x00', &(0x7f00000003c0)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, r7) quotactl(0x3, &(0x7f0000000200)='./file0\x00', r6, &(0x7f0000000340)="cf988f8f9afc5b03577dd5c945f41ca3519c8ce85491661a7b99e887eee01b0f98e96bbbf10f207098f504174ae359cc97c45e9000097f97d7ae5ce01ab5585b3ff7acadc819ed44af6fe81108e3476f0391f136a9155f51ab411863f35cc02b9a74c8bd2e94b0a66e0d20da819927125313b2965e7643789f4518b97802") setsockopt$inet6_mreq(r4, 0x29, 0x14, &(0x7f0000000180)={@empty, r5}, 0x14) keyctl$session_to_parent(0x12) r8 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/commit_pending_bools\x00', 0x1, 0x0) ioctl$sock_inet_sctp_SIOCINQ(r8, 0x541b, &(0x7f0000001200)) 2018/03/26 13:05:34 executing program 6: mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x2c871, 0xffffffffffffffff, 0x0) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) pwrite64(r0, &(0x7f0000000140)="5364b97c99d8a2a22cd4e3579843d32d7ef59b1ebd36feddd72b35a20221e5b5804885232c411c1e99cac619fbe3fbc809d2e27e8a42514b8e", 0x39, 0x4d) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x101000, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffff9c, 0x29, 0x22, &(0x7f00000001c0)={{{@in=@local, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6}}, &(0x7f00000002c0)=0xe8) setsockopt$netrom_NETROM_T1(r1, 0x103, 0x1, &(0x7f0000000440)=0x5, 0x4) socketpair$inet_icmp_raw(0x2, 0x3, 0x1, &(0x7f0000000480)) r3 = syz_open_dev$dspn(&(0x7f0000000400)='/dev/dsp#\x00', 0x4, 0x80000) ioctl$LOOP_SET_FD(r1, 0x4c00, r3) sendmsg$nl_route(r1, &(0x7f00000003c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000808}, 0xc, &(0x7f0000000380)={&(0x7f0000000300)=@ipv6_newaddr={0x74, 0x14, 0x704, 0x70bd2b, 0x25dfdbff, {0xa, 0x1, 0x60, 0xff, r2}, [@IFA_FLAGS={0x8, 0x8, 0x5c0}, @IFA_FLAGS={0x8, 0x8, 0x88}, @IFA_FLAGS={0x8, 0x8, 0x4}, @IFA_CACHEINFO={0x14, 0x6, {0x1, 0x8, 0xfffffffffffff000, 0x100000000}}, @IFA_CACHEINFO={0x14, 0x6, {0x1f, 0x81, 0x5}}, @IFA_ADDRESS={0x14, 0x1, @remote={0xfe, 0x80, [], 0xbb}}, @IFA_FLAGS={0x8, 0x8, 0x280}]}, 0x74}, 0x1}, 0x4) write$rdma_cm(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="03000000000000fa0a00000000000000fe8000000000000000000000000000bb000000000a00000000000000ff01000000000000000000000000000100000000", @ANYRES32=0xffffffff, @ANYBLOB="01d69d00553f2fdfb8808ac4dc0cccb2cb0b5b8e9381d1b426c2215a3b988d1de6b6abc2f2543d910a28f68d0b7503a26d4b02862feaeab28ff089ac486528c8296e95142d6bf7adf12788092e39fba615d78941c074045228"], 0xff46) 2018/03/26 13:05:34 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:34 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_open_dev$binder(&(0x7f0000000040)='/dev/binder#\x00', 0x0, 0x802) r0 = syz_open_procfs(0x0, &(0x7f0000000100)='net/igmp6\x00') ioctl$DRM_IOCTL_RES_CTX(0xffffffffffffff9c, 0xc0106426, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0}]}) ioctl$DRM_IOCTL_SWITCH_CTX(r0, 0x40086424, &(0x7f00000001c0)={r1, 0x3}) set_mempolicy(0xc003, &(0x7f0000003ff8), 0x401) set_mempolicy(0x0, &(0x7f0000aa9ff8), 0x1) r2 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x9, 0x119000) ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f00000000c0)=0x1) 2018/03/26 13:05:34 executing program 3: lookup_dcookie(0x8001, &(0x7f0000000100)=""/126, 0x7e) r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/enforce\x00', 0x105541, 0x0) pwrite64(r0, &(0x7f0000000200)="9a", 0x1, 0x0) umount2(&(0x7f0000000180)='./file0\x00', 0x2) fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, 0x0}) fcntl$setownex(r0, 0xf, &(0x7f0000000080)={0x2, r1}) ioctl$SNDRV_TIMER_IOCTL_PAUSE(r0, 0x54a3) ioctl$sock_bt_cmtp_CMTPGETCONNINFO(r0, 0x800443d3, &(0x7f00000000c0)={{0x1, 0x401, 0x5, 0x8, 0x2, 0x8}, 0x1ff, 0x7fff}) 2018/03/26 13:05:34 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x0, 0x3}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:34 executing program 6: r0 = socket$can_bcm(0x1d, 0x2, 0x2) delete_module(&(0x7f00000000c0)='vcan0\x00', 0xa00) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', 0x0}) connect$can_bcm(r0, &(0x7f0000001ff0)={0x1d, r1}, 0x10) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$can_raw(r0, &(0x7f0000001fc8)={&(0x7f000000a000)={0x1d}, 0x10, &(0x7f0000000040)={&(0x7f000000a000)=@canfd={{0x1}, 0x0, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5f700000000000000004e2f9663a918fa1efd9b0b"}, 0x48}, 0x1}, 0x0) [ 1042.589119] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1042.600272] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1042.605451] CPU: 1 PID: 24561 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1042.612807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1042.622156] Call Trace: [ 1042.624745] dump_stack+0x194/0x24d [ 1042.628378] ? arch_local_irq_restore+0x53/0x53 [ 1042.633048] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1042.638252] dump_header+0x28c/0xe2b [ 1042.641975] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1042.647170] ? arch_local_irq_restore+0x53/0x53 [ 1042.651842] ? perf_trace_lock+0xd6/0x900 [ 1042.655985] ? perf_trace_lock_acquire+0xe3/0x980 [ 1042.660810] ? __lock_acquire+0x664/0x3e00 [ 1042.665033] ? trace_event_raw_event_lock+0x340/0x340 [ 1042.670202] ? perf_trace_lock+0x900/0x900 [ 1042.674417] ? perf_trace_lock+0xd6/0x900 [ 1042.678540] ? perf_trace_lock_acquire+0xe3/0x980 [ 1042.683370] ? trace_hardirqs_off+0x10/0x10 [ 1042.687672] ? trace_event_raw_event_lock+0x340/0x340 [ 1042.692845] ? __lock_acquire+0x664/0x3e00 [ 1042.697060] ? task_will_free_mem+0x252/0xaa0 [ 1042.701539] ? print_irqtrace_events+0x270/0x270 [ 1042.706281] ? ___ratelimit+0x30d/0x630 [ 1042.710235] ? lock_downgrade+0x980/0x980 [ 1042.714365] ? lock_release+0xa40/0xa40 [ 1042.718325] ? mark_held_locks+0xaf/0x100 [ 1042.722455] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1042.727538] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1042.732532] ? trace_hardirqs_on+0xd/0x10 [ 1042.736674] ? ___ratelimit+0x95/0x630 [ 1042.740540] ? idr_get_free+0xfd0/0xfd0 [ 1042.744491] ? find_held_lock+0x35/0x1d0 [ 1042.748543] oom_kill_process+0x8b9/0x1640 [ 1042.752756] ? lock_downgrade+0x980/0x980 [ 1042.756890] ? __lock_is_held+0xb6/0x140 [ 1042.760935] ? oom_evaluate_task+0x480/0x480 [ 1042.765333] ? rcu_read_unlock+0x35/0x70 [ 1042.769370] ? mem_cgroup_iter+0x363/0xbd0 [ 1042.773584] ? lock_downgrade+0x980/0x980 [ 1042.777717] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1042.782455] ? mark_held_locks+0xaf/0x100 [ 1042.786584] ? _raw_spin_unlock_irq+0x27/0x70 [ 1042.791061] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1042.796059] ? trace_hardirqs_on+0xd/0x10 [ 1042.800186] ? _raw_spin_unlock_irq+0x27/0x70 [ 1042.804660] ? css_task_iter_end+0x280/0x430 [ 1042.809046] ? _raw_spin_unlock_irq+0x27/0x70 [ 1042.813518] ? cgroup_procs_next+0x70/0x70 [ 1042.817729] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1042.822725] ? trace_hardirqs_on+0xd/0x10 [ 1042.826850] ? _raw_spin_unlock_irq+0x27/0x70 [ 1042.831324] ? oom_badness+0x980/0x980 [ 1042.835191] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1042.839927] ? mem_cgroup_iter_break+0x30/0x30 [ 1042.844502] ? finish_wait+0x268/0x490 [ 1042.848370] ? lock_downgrade+0x980/0x980 [ 1042.852499] out_of_memory+0x86d/0x1220 [ 1042.856466] ? oom_killer_disable+0x310/0x310 [ 1042.860946] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1042.866037] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1042.871035] ? trace_hardirqs_on+0xd/0x10 [ 1042.875173] mem_cgroup_out_of_memory+0x159/0x200 [ 1042.880005] ? swap_max_write+0x110/0x110 [ 1042.884134] ? do_raw_spin_trylock+0x190/0x190 [ 1042.888703] ? _raw_spin_unlock+0x22/0x30 [ 1042.892833] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1042.897829] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1042.903258] ? find_held_lock+0x35/0x1d0 [ 1042.907301] ? memcg_event_wake+0x420/0x420 [ 1042.911601] ? __do_page_fault+0x5f7/0xc90 [ 1042.915813] ? lock_downgrade+0x980/0x980 [ 1042.919944] pagefault_out_of_memory+0xbd/0x152 [ 1042.924596] ? out_of_memory+0x1220/0x1220 [ 1042.928806] ? handle_mm_fault+0x465/0xb10 [ 1042.933033] ? __handle_mm_fault+0x38c0/0x38c0 [ 1042.937592] ? vmacache_find+0x5f/0x280 [ 1042.941542] ? vmacache_update+0xfe/0x130 [ 1042.945671] mm_fault_error+0xd6/0x2c0 [ 1042.949551] __do_page_fault+0xb4d/0xc90 [ 1042.953781] ? mm_fault_error+0x2c0/0x2c0 [ 1042.957906] ? kernel_write+0x120/0x120 [ 1042.961861] ? do_syscall_64+0xb7/0x940 [ 1042.965817] do_page_fault+0xee/0x730 [ 1042.969597] ? __do_page_fault+0xc90/0xc90 [ 1042.973813] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1042.979328] ? syscall_return_slowpath+0x550/0x550 [ 1042.984235] ? syscall_return_slowpath+0x2ac/0x550 [ 1042.989162] ? retint_user+0x18/0x18 [ 1042.993036] ? page_fault+0x2f/0x50 [ 1042.996642] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1043.001469] ? page_fault+0x2f/0x50 [ 1043.005081] page_fault+0x45/0x50 [ 1043.008512] RIP: 0033:0x409b83 [ 1043.011676] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1043.017021] RAX: 0000001b9bc20000 RBX: 0000000000001272 RCX: 000000000040e950 [ 1043.024281] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1043.031529] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1043.038777] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1043.046026] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1043.053666] Task in /syz1 killed as a result of limit of /syz1 [ 1043.059716] memory: usage 0kB, limit 0kB, failcnt 4020 [ 1043.065069] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1043.071862] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1043.078060] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1043.097529] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1043.106331] [24561] 0 24561 11408 2089 65536 0 0 syz-executor1 [ 1043.115232] Memory cgroup out of memory: Kill process 24561 (syz-executor1) score 2105000 or sacrifice child [ 1043.125271] Killed process 24561 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1043.138401] oom_reaper: reaped process 24561 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:35 executing program 3: munlockall() r0 = socket$inet(0x2, 0x3, 0x1) r1 = syz_open_dev$adsp(&(0x7f0000000180)='/dev/adsp#\x00', 0x405, 0x400) ioctl$ASHMEM_GET_PROT_MASK(r1, 0x7706, &(0x7f00000001c0)) perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_all\x00', 0x0, 0x0) ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000140)={0x75cd, 0x4, 0x0, 0x8, 0x2c, 0x1, 0x1, 0xffff, 0x8, 0x3}) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r2, 0xc10c5541, &(0x7f0000000200)={0x1ff, 0xfffffffffffffff8, 0x80000000, 0x0, 0x0, [], [], [], 0x1, 0x3}) getsockopt$inet_opts(r0, 0x0, 0x480, &(0x7f0000000080)=""/188, &(0x7f0000000000)=0xa8) ioctl$TCSBRKP(0xffffffffffffffff, 0x5425, 0x0) 2018/03/26 13:05:35 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000000)={0x0, r0, 0x1}) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffff9c, 0x84, 0x10, &(0x7f0000000040)=@sack_info={0x0, 0x1, 0xa93}, &(0x7f0000000080)=0xc) setsockopt$inet_sctp_SCTP_AUTH_DELETE_KEY(r1, 0x84, 0x19, &(0x7f00000000c0)={r2, 0x5}, 0x8) r3 = socket$inet6(0xa, 0x2, 0x0) r4 = socket$inet(0x2, 0x1, 0x0) connect(r3, &(0x7f0000ed9fe4)=@in6={0xa, 0x4e20, 0x0, @ipv4={[], [0xff, 0xff], @loopback=0x7f000001}}, 0x1c) setsockopt$inet_MCAST_JOIN_GROUP(r4, 0x0, 0x2a, &(0x7f0000831000)={0x6, {{0x2, 0x4e20, @multicast2=0xe0000002}}}, 0x90) sendto$inet6(r3, &(0x7f0000cf4fa3), 0x0, 0x0, &(0x7f00009c1000)={0xa, 0x4e21}, 0x1c) dup3(r3, r0, 0x0) setsockopt$sock_int(r0, 0x1, 0x35, &(0x7f0000fb6ffc)=0x1, 0x4) 2018/03/26 13:05:35 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:35 executing program 1: r0 = socket$vsock_stream(0x28, 0x1, 0x0) r1 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x7, 0x30000) ioctl$TIOCPKT(r1, 0x5420, &(0x7f0000000680)) getsockopt$inet_sctp_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000140)={0x0, 0x4, 0x5, 0xd5b, 0x5, 0xfffffffffffffff8, 0x16, 0xbd, {0x0, @in6={{0xa, 0x4e21, 0x9, @mcast1={0xff, 0x1, [], 0x1}, 0xfffffffffffffffa}}, 0x5, 0x3, 0x7fff, 0x8, 0x25}}, &(0x7f0000000200)=0xb0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000240)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000280)=0x1c) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000340)={0x0, 0x68, &(0x7f00000002c0)=[@in={0x2, 0x4e21}, @in6={0xa, 0x4e22, 0x9, @loopback={0x0, 0x1}, 0xfffffffffffffffd}, @in={0x2, 0x4e21, @rand_addr=0x4}, @in={0x2, 0x4e20, @multicast2=0xe0000002}, @in6={0xa, 0x4e24, 0x1, @mcast1={0xff, 0x1, [], 0x1}, 0x100000001}]}, &(0x7f0000000380)=0x10) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000400)={0x0, 0x5}, &(0x7f0000000440)=0x8) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(r1, 0x84, 0x1b, &(0x7f0000000480)={0x0, 0x4f, "8d072da2c66e0c080426911990b50c9caefc31cca6231a5cb9a620be4cf54e678ac7f7356c8179b56ddc370ee428093b851c116560e8239f2918393bf44bdf9a751b9195a194cb71d0d099b4c641a2"}, &(0x7f0000000500)=0x57) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000580)={0x0}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f00000000c0)={r2, 0x28, "37330a6fdaea36e90ec8aef84718884f3d211f4a15fbd82ab1122691d84e7c4f2fe85a8b185afeee"}, &(0x7f00000003c0)=0x30) getsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000600), &(0x7f0000000640)=0x8) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000080)={r3, 0xff, 0x30, 0x8a, 0x4}, &(0x7f0000000540)=0x10) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000100)={r4, 0x8}, 0x8) ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, &(0x7f00000006c0)={0x2, r0}) r5 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0xfffffffffffffff9, 0x4000) ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) 2018/03/26 13:05:35 executing program 6: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e13000)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) listen(r0, 0x0) syz_emit_ethernet(0xcf, &(0x7f00000004c0)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, &(0x7f0000000480)) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x4000, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000140)={0x81, 0x0, 0x2, 0x7}) ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f0000000180)={0x0, r2, 0x1, 0x6}) getsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000000080)={0x0, @loopback, @local}, &(0x7f00000000c0)=0xc) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000040)={'ip6tnl0\x00', &(0x7f0000000000)=@ethtool_rxfh_indir={0x39, 0x1, [0x2]}}) 2018/03/26 13:05:35 executing program 4: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vcs\x00', 0x0, 0x0) ioctl$KVM_GET_VCPU_EVENTS(r0, 0x8040ae9f, &(0x7f0000000140)) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x4, 0x4) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f0000000200)={'raw\x00', 0x2d, "31feb05f4807e16a7ca91d97c848cddf287df4b3015d530d1548e0ef023334769aa4c1cc883fa4eb6ea800fc10"}, &(0x7f0000000280)=0x51) syz_emit_ethernet(0x45, &(0x7f0000000000)={@random="ff3997ffcd00", @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "c8fba2", 0x8, 0x40000000002c, 0x0, @empty, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@mld={0x0, 0xd, 0x0, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}}}}}, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x204400, 0x0) r2 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x1, 0x222280) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f00000001c0)={0x10000000}) ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2) 2018/03/26 13:05:35 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000fcbff7)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f00000000c0)={0x79}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x20000, 0x0) socketpair(0x1d, 0x8000a, 0x1, &(0x7f00000005c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$DRM_IOCTL_GET_UNIQUE(r4, 0xc0106401, &(0x7f0000000080)={0x96, &(0x7f0000000780)=""/150}) accept4$unix(r3, &(0x7f0000000600), &(0x7f0000000680)=0x6e, 0x80000) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000140)={"d1d836b2a47d359d55fac523f090644d629e4ae0f4452f0186900c96d1e460f380fe4630e0fcd7782ed097843c715580cfbddbb10b43e4e80b8879d4d8c84ce706f54af35e22c967ecb9be5e55ebe51fc3c8880434e90f6718adec52e3dccedc4eed13d519291beea8089f539675b480c5c15103f27aaa165eab8293293f18d7cabda7b32e1b54f373fb03568e6310334b6d6e24420952a3d6fe1ae2748240c24239e40a5863ebf25c55bc61b0ecb84c9938dd019465f70dfb7d94967bf819f8314dbd06d6cceb1af934ef75f0b462ac0704fec1368e275f5795fca72dfd273b3721fddcba495b65580a13926dabf0f0b8578b329fa8871b7bae51b14088bec5f7f00262d6516fff0b860d388e97ffb6576e8281ab2e6fc706d223167b37f38cedb3844702484cd87a43c0e324260b07f373b9b8feaff4241d8b6be860ffdc62d20bb59869da47ecac8ec17409df1f79977be9291fd9c9ddd3186bd1a116d3aeea27d14f82af6a394b9482c641a0c545fdcf447b7951146d0f4b14c2b9ae7bcc02d4bcb960f1186f7ba6990febd54ecbd3a3041f87a71607794cb693ef57a0ff58d68bcbbdf5b17aaf6b6cc692de2f2d1b102981eeecb487f4ba01db1a222ebb84e9e70259d0e37cb88c45e5b5e8f57dc06b341480c267c17572031964a8ebb24bade37e389bd7737b9c9a2267d7efe1c94a4ea510d8d7d4cc2dde9637931555f2d29a8b1e5e42e894e1a2563eb988e24c36df05c541ed148277b2023b7ca874b0dede4f35536f73b44e8c107418f8ace580b318cbdf780cc114c045270310e2372456ae45f181e54c65c1756a492c242f57194b4c109284a12a06a8220600f151ce2d8ea755761fd7993c5c620664364c3407c595b2b1f0c9572b53aaa19446444300247750ca433da7cf51330e2e4a8ade85c8fc44d923f8f47a71d737bc55c11e966341510f03c038aa0b7fd47763c8e1dbc0b4cd5cca279bbe4fa261ba7d1a2ee643aa09db5d90940e9850cea3f37cd6ecd97c03e742283b1f6e24cec0bf3b681e6330d5b6dabc79c8917c74dc3620bad126888a3fae72967e0fa5a799311aad54a709fbcb3329888f8e83efdfaf8ed0d42ff0166b3d6629771e4f57b2ba30093db6d1b15be74972eca2b79d29af78af9f14dd5cb3c608b1f5ba0d9b542fcde25c6d612745d017d5a72df118f3c839c256f557cc0dfd949d1702fd290f241431b9ef9dbb0f9e0aae63943f22bd585fd450d8bd161c7df1faafb793569351ead07b0a0ee18a2b338a3b4f7ab6a887bafdfcfed36c75e7cfa98f2f50107100564077eea2443186b1b9688450f7b054d0ab48b53c0a2ee21c2c094c225382618a99315d6f1e06a75ea961fff067a6b84d5fa95f95bf76eba9a456c746cc9ba5c7398f4ccb947362e8c24a0a43739a94623f87a50b46dd2f26720cb8e81c7335"}) ioctl$KVM_RUN(r2, 0xae80, 0x0) r5 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0) ioctl$EVIOCSFF(r5, 0x40304580, &(0x7f00000006c0)=ANY=[@ANYBLOB="f30e14cf01f9050008000000000000033ce8f19986faaa1db734200ff675cfa065e801147518197729318e09b5217b50c67be478b1a862cb7f4d7af4508e0808b1c7b97224d64cccb8f2f98be0b5ab4d794364bcddf2a1a062bd03cc01ad5e8d17c9ff67d7f2de5054048c6c110c51f39200676e05b6fe8f8b5f0bfc97e809a4a7710769f260e456615e725925b4fac01e7d6788dde336f42b52f4d232042f208e23c837038cb5efbe3082175453178ab63faa7d59c6de66631e3259"]) accept$alg(r4, 0x0, 0x0) 2018/03/26 13:05:35 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) flistxattr(r0, &(0x7f0000000000)=""/78, 0x4e) 2018/03/26 13:05:35 executing program 3: r0 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000005fd8)={'vcan0\x00', 0x0}) connect$can_bcm(r0, &(0x7f0000001ff0)={0x1d, r1}, 0x10) r2 = perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$can_raw(r0, &(0x7f0000001fc8)={&(0x7f000000a000)={0x1d}, 0xffd1, &(0x7f0000000ff0)={&(0x7f000000a000)=@canfd={{0x1}, 0x0, 0x0, 0x0, 0x0, "0327e1b22b5fcef7739c699f5ff986ca08990039576a7d5cb2bdac3fa80acf584ecb5fee496e6866856b76b5f700000000000000004e2f9663a918fa1efd9b0b"}, 0xfeb8}, 0x1}, 0x0) r3 = creat(&(0x7f0000001f40)='./file0\x00', 0x8) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000004000)={0x0, 0x7ff, 0x1f, 0x9, 0x1ff, 0x1, 0x0, 0x5, {0x0, @in={{0x2, 0x4e20, @loopback=0x7f000001}}, 0x9, 0xff, 0x43f29fa8, 0x6, 0x9}}, &(0x7f0000001f80)=0xb0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f00000040c0)={r4, @in={{0x2, 0x4e23, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x1, 0x1, 0x2, 0x2, 0x14}, &(0x7f0000004180)=0x98) dup2(r2, r0) 2018/03/26 13:05:35 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4"}) 2018/03/26 13:05:35 executing program 4: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000bbfff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)) r1 = syz_open_pts(r0, 0x41) r2 = dup2(r1, r0) writev(r1, &(0x7f000036ef90)=[{&(0x7f0000dcb000)="10", 0x1}], 0x1) getsockopt$ax25_int(r2, 0x101, 0x9, &(0x7f0000000040), &(0x7f0000000080)=0x4) [ 1043.773000] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1043.784356] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1043.789532] CPU: 1 PID: 24600 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1043.796896] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1043.806242] Call Trace: [ 1043.808818] dump_stack+0x194/0x24d [ 1043.812433] ? arch_local_irq_restore+0x53/0x53 [ 1043.817087] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1043.822276] dump_header+0x28c/0xe2b [ 1043.825985] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1043.831162] ? arch_local_irq_restore+0x53/0x53 [ 1043.835822] ? perf_trace_lock+0xd6/0x900 [ 1043.839953] ? __lock_acquire+0x664/0x3e00 [ 1043.844175] ? trace_event_raw_event_lock+0x340/0x340 [ 1043.849357] ? perf_trace_lock+0xd6/0x900 [ 1043.853488] ? trace_hardirqs_off+0x10/0x10 [ 1043.857800] ? perf_trace_lock+0xd6/0x900 [ 1043.861931] ? trace_event_raw_event_lock+0x340/0x340 [ 1043.867108] ? __lock_acquire+0x664/0x3e00 [ 1043.871324] ? task_will_free_mem+0x252/0xaa0 [ 1043.875811] ? print_irqtrace_events+0x270/0x270 [ 1043.880565] ? ___ratelimit+0x30d/0x630 [ 1043.884522] ? lock_downgrade+0x980/0x980 [ 1043.888673] ? lock_release+0xa40/0xa40 [ 1043.892640] ? mark_held_locks+0xaf/0x100 [ 1043.896773] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1043.901860] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1043.906858] ? trace_hardirqs_on+0xd/0x10 [ 1043.910993] ? ___ratelimit+0x95/0x630 [ 1043.914869] ? idr_get_free+0xfd0/0xfd0 [ 1043.918823] ? find_held_lock+0x35/0x1d0 [ 1043.922881] oom_kill_process+0x8b9/0x1640 [ 1043.927100] ? lock_downgrade+0x980/0x980 [ 1043.931239] ? __lock_is_held+0xb6/0x140 [ 1043.935290] ? oom_evaluate_task+0x480/0x480 [ 1043.939699] ? rcu_read_unlock+0x35/0x70 [ 1043.943739] ? mem_cgroup_iter+0x363/0xbd0 [ 1043.947956] ? lock_downgrade+0x980/0x980 [ 1043.952098] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1043.956841] ? mark_held_locks+0xaf/0x100 [ 1043.960973] ? _raw_spin_unlock_irq+0x27/0x70 [ 1043.965452] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1043.970450] ? trace_hardirqs_on+0xd/0x10 [ 1043.974578] ? _raw_spin_unlock_irq+0x27/0x70 [ 1043.979065] ? css_task_iter_end+0x280/0x430 [ 1043.983462] ? _raw_spin_unlock_irq+0x27/0x70 [ 1043.987939] ? cgroup_procs_next+0x70/0x70 [ 1043.992150] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1043.997147] ? trace_hardirqs_on+0xd/0x10 [ 1044.001272] ? _raw_spin_unlock_irq+0x27/0x70 [ 1044.005756] ? oom_badness+0x980/0x980 [ 1044.009636] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1044.015252] ? mem_cgroup_iter_break+0x30/0x30 [ 1044.019841] ? finish_wait+0x268/0x490 [ 1044.023711] ? lock_downgrade+0x980/0x980 [ 1044.027847] out_of_memory+0x86d/0x1220 [ 1044.031821] ? oom_killer_disable+0x310/0x310 [ 1044.036294] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1044.041383] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1044.046382] ? trace_hardirqs_on+0xd/0x10 [ 1044.050531] mem_cgroup_out_of_memory+0x159/0x200 [ 1044.055355] ? swap_max_write+0x110/0x110 [ 1044.059480] ? do_raw_spin_trylock+0x190/0x190 [ 1044.064060] ? _raw_spin_unlock+0x22/0x30 [ 1044.068198] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1044.073198] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1044.078633] ? find_held_lock+0x35/0x1d0 [ 1044.082683] ? memcg_event_wake+0x420/0x420 [ 1044.086985] ? __do_page_fault+0x5f7/0xc90 [ 1044.091202] ? lock_downgrade+0x980/0x980 [ 1044.095338] pagefault_out_of_memory+0xbd/0x152 [ 1044.099986] ? out_of_memory+0x1220/0x1220 [ 1044.104198] ? handle_mm_fault+0x465/0xb10 [ 1044.108438] ? __handle_mm_fault+0x38c0/0x38c0 [ 1044.112998] ? vmacache_find+0x5f/0x280 [ 1044.116955] ? vmacache_update+0xfe/0x130 [ 1044.121088] mm_fault_error+0xd6/0x2c0 [ 1044.124974] __do_page_fault+0xb4d/0xc90 [ 1044.129040] ? mm_fault_error+0x2c0/0x2c0 [ 1044.133170] ? kernel_write+0x120/0x120 [ 1044.137130] ? do_syscall_64+0xb7/0x940 [ 1044.141091] do_page_fault+0xee/0x730 [ 1044.144885] ? __do_page_fault+0xc90/0xc90 [ 1044.149101] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1044.153852] ? syscall_return_slowpath+0x550/0x550 [ 1044.158764] ? syscall_return_slowpath+0x2ac/0x550 [ 1044.163674] ? prepare_exit_to_usermode+0x350/0x350 [ 1044.168673] ? retint_user+0x18/0x18 [ 1044.172371] ? page_fault+0x2f/0x50 [ 1044.175982] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1044.180811] ? page_fault+0x2f/0x50 [ 1044.184423] page_fault+0x45/0x50 [ 1044.187863] RIP: 0033:0x409b83 [ 1044.191036] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1044.196386] RAX: 0000001b9bc20000 RBX: 0000000000001273 RCX: 000000000040e950 [ 1044.203634] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1044.210884] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1044.218141] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 2018/03/26 13:05:36 executing program 6: r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x4100, 0x0) bind$bt_rfcomm(r0, &(0x7f0000000180)={0x1f, {0x6, 0x1ba, 0xc3c, 0x100000001, 0x2, 0x3}, 0x101}, 0xa) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r0, 0x408c5333, &(0x7f00000001c0)={0x4, 0x8000, 0x5, 'queue1\x00', 0x107a}) setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) r2 = perf_event_open(&(0x7f0000000100)={0x4000000002, 0x70, 0x1e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) connect$inet6(r1, &(0x7f00000000c0)={0xa}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x4) dup3(r2, r1, 0x0) [ 1044.225388] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1044.232739] Task in /syz1 killed as a result of limit of /syz1 [ 1044.238765] memory: usage 0kB, limit 0kB, failcnt 4028 [ 1044.244095] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1044.250879] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 2018/03/26 13:05:36 executing program 0: r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84) connect$inet(r0, &(0x7f0000f6fff0)={0x2, 0x2000004e23, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x77) listen(r0, 0x110000000010) r1 = accept(r0, &(0x7f0000000240)=ANY=[], &(0x7f0000123000)) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x80000000}, &(0x7f00000001c0)=0x18) 2018/03/26 13:05:36 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4"}) [ 1044.257077] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1044.276543] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1044.285295] [24600] 0 24600 11408 2089 65536 0 0 syz-executor1 [ 1044.294186] Memory cgroup out of memory: Kill process 24600 (syz-executor1) score 2105000 or sacrifice child [ 1044.304207] Killed process 24600 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:36 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') fcntl$setflags(r0, 0x2, 0x1) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:36 executing program 1: ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000040)={0xffffffffffffff9c}) preadv(r0, &(0x7f0000001240)=[{&(0x7f0000000100)}, {&(0x7f0000000140)=""/215, 0xd7}, {&(0x7f0000000240)=""/4096, 0x1000}], 0x3, 0x0) perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet_udp(0x2, 0x2, 0x0) getsockopt$ARPT_SO_GET_ENTRIES(r1, 0x0, 0x61, &(0x7f00000000c0)=ANY=[@ANYBLOB="66696c746572000000000000002a58158800000000000000000000000000000000000000"], &(0x7f0000000080)=0x28) [ 1044.336347] oom_reaper: reaped process 24600 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1044.434360] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1044.445394] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1044.450580] CPU: 0 PID: 24636 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1044.457936] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1044.467287] Call Trace: [ 1044.469879] dump_stack+0x194/0x24d [ 1044.473513] ? arch_local_irq_restore+0x53/0x53 [ 1044.478186] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1044.483388] dump_header+0x28c/0xe2b [ 1044.487119] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1044.492319] ? arch_local_irq_restore+0x53/0x53 [ 1044.496993] ? perf_trace_lock+0xd6/0x900 [ 1044.501153] ? __lock_acquire+0x664/0x3e00 [ 1044.505393] ? trace_event_raw_event_lock+0x340/0x340 [ 1044.510596] ? perf_trace_lock+0xd6/0x900 [ 1044.514724] ? trace_hardirqs_off+0x10/0x10 [ 1044.519030] ? perf_trace_lock+0xd6/0x900 [ 1044.523159] ? trace_event_raw_event_lock+0x340/0x340 [ 1044.528329] ? __lock_acquire+0x664/0x3e00 [ 1044.532541] ? task_will_free_mem+0x252/0xaa0 [ 1044.537108] ? print_irqtrace_events+0x270/0x270 [ 1044.541850] ? ___ratelimit+0x30d/0x630 [ 1044.545802] ? lock_downgrade+0x980/0x980 [ 1044.549935] ? lock_release+0xa40/0xa40 [ 1044.553898] ? mark_held_locks+0xaf/0x100 [ 1044.558033] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1044.563117] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1044.568122] ? trace_hardirqs_on+0xd/0x10 [ 1044.572423] ? ___ratelimit+0x95/0x630 [ 1044.576288] ? idr_get_free+0xfd0/0xfd0 [ 1044.580250] ? find_held_lock+0x35/0x1d0 [ 1044.584297] oom_kill_process+0x8b9/0x1640 [ 1044.588516] ? lock_downgrade+0x980/0x980 [ 1044.592651] ? __lock_is_held+0xb6/0x140 [ 1044.596690] ? oom_evaluate_task+0x480/0x480 [ 1044.601100] ? rcu_read_unlock+0x35/0x70 [ 1044.605142] ? mem_cgroup_iter+0x363/0xbd0 [ 1044.609362] ? lock_downgrade+0x980/0x980 [ 1044.613495] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1044.618228] ? mark_held_locks+0xaf/0x100 [ 1044.622358] ? _raw_spin_unlock_irq+0x27/0x70 [ 1044.626851] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1044.631856] ? trace_hardirqs_on+0xd/0x10 [ 1044.635991] ? _raw_spin_unlock_irq+0x27/0x70 [ 1044.640484] ? css_task_iter_end+0x280/0x430 [ 1044.644867] ? _raw_spin_unlock_irq+0x27/0x70 [ 1044.649338] ? cgroup_procs_next+0x70/0x70 [ 1044.653550] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1044.658544] ? trace_hardirqs_on+0xd/0x10 [ 1044.662668] ? _raw_spin_unlock_irq+0x27/0x70 [ 1044.667143] ? oom_badness+0x980/0x980 [ 1044.671011] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1044.675750] ? mem_cgroup_iter_break+0x30/0x30 [ 1044.680315] ? finish_wait+0x268/0x490 [ 1044.684196] ? lock_downgrade+0x980/0x980 [ 1044.688338] out_of_memory+0x86d/0x1220 [ 1044.692298] ? oom_killer_disable+0x310/0x310 [ 1044.696769] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1044.701854] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1044.706859] ? trace_hardirqs_on+0xd/0x10 [ 1044.711036] mem_cgroup_out_of_memory+0x159/0x200 [ 1044.715856] ? swap_max_write+0x110/0x110 [ 1044.719983] ? do_raw_spin_trylock+0x190/0x190 [ 1044.724550] ? _raw_spin_unlock+0x22/0x30 [ 1044.728679] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1044.733682] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1044.739124] ? find_held_lock+0x35/0x1d0 [ 1044.743168] ? memcg_event_wake+0x420/0x420 [ 1044.747477] ? __do_page_fault+0x5f7/0xc90 [ 1044.751692] ? lock_downgrade+0x980/0x980 [ 1044.755828] pagefault_out_of_memory+0xbd/0x152 [ 1044.760472] ? out_of_memory+0x1220/0x1220 [ 1044.764680] ? handle_mm_fault+0x465/0xb10 [ 1044.768893] ? __handle_mm_fault+0x38c0/0x38c0 [ 1044.773448] ? vmacache_find+0x5f/0x280 [ 1044.777403] ? vmacache_update+0xfe/0x130 [ 1044.781530] mm_fault_error+0xd6/0x2c0 [ 1044.785483] __do_page_fault+0xb4d/0xc90 [ 1044.789526] ? mm_fault_error+0x2c0/0x2c0 [ 1044.793656] ? kernel_write+0x120/0x120 [ 1044.797622] ? do_syscall_64+0xb7/0x940 [ 1044.801573] do_page_fault+0xee/0x730 [ 1044.805349] ? __do_page_fault+0xc90/0xc90 [ 1044.809560] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1044.815082] ? syscall_return_slowpath+0x550/0x550 [ 1044.819989] ? syscall_return_slowpath+0x2ac/0x550 [ 1044.824912] ? retint_user+0x18/0x18 [ 1044.828602] ? page_fault+0x2f/0x50 [ 1044.832204] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1044.837041] ? page_fault+0x2f/0x50 [ 1044.840643] page_fault+0x45/0x50 [ 1044.844069] RIP: 0033:0x409b83 [ 1044.847260] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1044.852597] RAX: 0000001b9bc20000 RBX: 0000000000001274 RCX: 000000000040e950 [ 1044.859842] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1044.867186] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1044.874432] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1044.881694] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1044.889207] Task in /syz1 killed as a result of limit of /syz1 [ 1044.895247] memory: usage 0kB, limit 0kB, failcnt 4036 [ 1044.900547] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1044.908044] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1044.914205] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1044.933737] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1044.942486] [24636] 0 24636 11408 2089 65536 0 0 syz-executor1 [ 1044.951356] Memory cgroup out of memory: Kill process 24636 (syz-executor1) score 2105000 or sacrifice child [ 1044.961542] Killed process 24636 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:37 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4"}) 2018/03/26 13:05:37 executing program 4: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = memfd_create(&(0x7f0000000040)='/dev/kvm\x00', 0x0) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$inet6_tcp_buf(r2, 0x6, 0x0, &(0x7f0000000080)="485598c02cbcdb8915adb45704818c83422abb14439b9174b9cbf80e75e21e7c1ee078eb019ec74ce3c67148fb7f892c58b6507b4f80e083eb89845d3535e254ee07a7eb1d0fb921fdf5b522945c34ffeb2f93", 0x53) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xd000) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000bf7000)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x7, 0x11, r2, 0x0) sendto$inet(r2, &(0x7f00000001c0)="4bc89230076422dfa8777b0c24e28520406d07da9c1f0d217dc9701d2da8daa5a7579816bfab9279ce4c2dc3b3720cc9ddaba3a56b99e4320fd8ac745792adffcd93fff35e880bf9dcd863089e7748c972ab849ccceae8768d3545dbfd0b809a22afcc6d40760b69d870a34acd591dcee6e71b8c913145a467ee0f5022f25666743d932f220d8c37eeffea90d42c93b8b5ee45d045c5e0", 0x97, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 2018/03/26 13:05:37 executing program 3: r0 = socket(0x40000000015, 0x5, 0x0) bind$inet(r0, &(0x7f0000001ff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) mmap(&(0x7f0000000000/0xfd5000)=nil, 0xfd5000, 0x300000c, 0x32, 0xffffffffffffffff, 0x0) setsockopt(r0, 0x114, 0x3, &(0x7f0000000000)="2a8e339cbc4a24cbdd2186b32c816dac", 0x10) ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r0, 0x800443d2, &(0x7f0000000080)={0x2, &(0x7f0000000040)=[{}, {}]}) 2018/03/26 13:05:37 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r0, r0, &(0x7f0000000000)=0xffffffffffffffff, 0x9) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000040)={0x3ff, 0x0, 0x10001, 0x10000}) ioctl$DRM_IOCTL_AGP_FREE(r0, 0x40206435, &(0x7f00000000c0)={0x3, r1, 0x10000, 0x8}) accept$packet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000140)=0x14) connect(r0, &(0x7f0000000180)=@hci={0x1f, r2, 0x3}, 0x80) ioctl$TUNSETPERSIST(r0, 0x400454cb, 0x0) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:37 executing program 0: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000001fe8)={0xaa}) r1 = epoll_create1(0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000019fe0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x4, 0x1) close(r2) r3 = memfd_create(&(0x7f0000a98000)='y#\x00W', 0x0) r4 = getpgrp(0x0) sched_setaffinity(r4, 0x8, &(0x7f0000c35000)=0x1) socket$packet(0x11, 0x3, 0x300) pwritev(r3, &(0x7f0000000000)=[{&(0x7f0000012000)="ca", 0x1}], 0x1, 0x0) fremovexattr(r1, &(0x7f00002a8000)=@known='system.posix_acl_default\x00') write(r1, &(0x7f000014d000), 0x0) close(r0) 2018/03/26 13:05:37 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)="2e2f6367726f757000361a6f74a1b774b8642f3dfdd313d92946ff0167415d8dc22791dcd496520c1c99f4b07d3b2a11090000000229210b73abdcd2986fc290ac9b6ace278586d39949a54fb276eb1fd3964b0cad27e417b33abb8d3b00e64e75e4dff47de27536dccdde5fc746b04faafcec347560a31b3a35a5f20bc949d75cbb763987", 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) read(r1, &(0x7f0000000380)=""/173, 0x3e7) msync(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1) perf_event_open(&(0x7f0000220000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup3(r0, r1, 0x0) 2018/03/26 13:05:37 executing program 6: clone(0x200, &(0x7f0000000840), &(0x7f0000000580), &(0x7f0000f57ffc), &(0x7f00000008c0)) mknod(&(0x7f00000000c0)='./file0\x00', 0xffd, 0x0) execve(&(0x7f0000000100)='./file0\x00', &(0x7f0000000080), &(0x7f0000868000)) getpgrp(0x0) gettid() readv(0xffffffffffffffff, &(0x7f0000bf5000)=[{&(0x7f0000175fb8)=""/72, 0x3b}], 0x1) r0 = creat(&(0x7f0000000000)='./file0\x00', 0x2) write$vnet(r0, &(0x7f0000000040)={0x1, {&(0x7f0000000140)=""/221, 0xdd, &(0x7f0000000240)=""/217, 0x3}}, 0x68) creat(&(0x7f0000000600)='./file0\x00', 0x0) 2018/03/26 13:05:37 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x12, &(0x7f0000000040)=@raw={'raw\x00', 0x9, 0x3, 0x298, 0x0, 0xffffffff, 0xffffffff, 0xf0, 0xffffffff, 0x1c8, 0xffffffff, 0xffffffff, 0x1c8, 0xffffffff, 0x3, &(0x7f0000000000), {[{{@ipv6={@local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, [], [], 'teql0\x00', 'ifb0\x00'}, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00'}}, {{@uncond, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00', 0x1}}], {{[], 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x0, 0xfffffffffffffffe}}}}, 0x2f8) getsockopt$inet6_int(r1, 0x29, 0x3, &(0x7f0000000380), &(0x7f00000003c0)=0x4) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000002c0)={0x0, &(0x7f0000000280)}, 0x10) 2018/03/26 13:05:37 executing program 3: r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x80000000, 0x200000) ioctl$DMA_BUF_IOCTL_SYNC(r0, 0x40086200, &(0x7f0000000040)=0x2) openat$rfkill(0xffffffffffffff9c, &(0x7f0000a13ff4)='/dev/rfkill\x00', 0x0, 0x0) mprotect(&(0x7f0000af9000/0x1000)=nil, 0x1000, 0x0) madvise(&(0x7f0000a5c000/0x1000)=nil, 0x1000, 0x10200000008) 2018/03/26 13:05:37 executing program 7 (fault-call:2 fault-nth:0): r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) [ 1045.201453] FAULT_INJECTION: forcing a failure. [ 1045.201453] name failslab, interval 1, probability 0, space 0, times 0 [ 1045.213292] CPU: 1 PID: 24669 Comm: syz-executor7 Not tainted 4.16.0-rc7+ #367 [ 1045.220660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1045.230011] Call Trace: [ 1045.232605] dump_stack+0x194/0x24d [ 1045.236244] ? arch_local_irq_restore+0x53/0x53 [ 1045.240934] should_fail+0x8c0/0xa40 [ 1045.244657] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 1045.249771] ? snd_seq_ioctl+0x1e8/0x3d0 [ 1045.253842] ? snd_seq_ioctl+0x1e8/0x3d0 [ 1045.257932] ? find_held_lock+0x35/0x1d0 [ 1045.261999] ? __lock_is_held+0xb6/0x140 [ 1045.266073] ? check_same_owner+0x320/0x320 [ 1045.270388] ? trace_hardirqs_off+0x10/0x10 [ 1045.274710] ? rcu_note_context_switch+0x710/0x710 [ 1045.279657] should_failslab+0xec/0x120 [ 1045.283620] kmem_cache_alloc_trace+0x4b/0x740 [ 1045.288185] ? find_held_lock+0x35/0x1d0 [ 1045.292257] snd_seq_create_port+0xfc/0x750 [ 1045.296557] ? lock_downgrade+0x980/0x980 [ 1045.300693] ? trace_hardirqs_off+0x10/0x10 [ 1045.304998] ? check_same_owner+0x320/0x320 [ 1045.309303] ? snd_seq_port_query_nearest+0x210/0x210 [ 1045.314479] ? __might_sleep+0x95/0x190 [ 1045.318454] snd_seq_ioctl_create_port+0xed/0x670 [ 1045.323278] snd_seq_ioctl+0x215/0x3d0 [ 1045.327151] ? snd_seq_open+0x570/0x570 [ 1045.331126] ? vfs_write+0x374/0x510 [ 1045.334833] ? wait_for_completion+0x770/0x770 [ 1045.339399] ? snd_seq_open+0x570/0x570 [ 1045.343352] do_vfs_ioctl+0x1b1/0x1520 [ 1045.347223] ? ioctl_preallocate+0x2b0/0x2b0 [ 1045.351611] ? fget_raw+0x20/0x20 [ 1045.355046] ? __sb_end_write+0xa0/0xd0 [ 1045.359019] ? fput+0xd2/0x140 [ 1045.362195] ? SyS_write+0x184/0x220 [ 1045.365890] ? security_file_ioctl+0x89/0xb0 [ 1045.370279] SyS_ioctl+0x8f/0xc0 [ 1045.373630] ? do_vfs_ioctl+0x1520/0x1520 [ 1045.377759] do_syscall_64+0x281/0x940 [ 1045.381621] ? __do_page_fault+0xc90/0xc90 [ 1045.385832] ? _raw_spin_unlock_irq+0x27/0x70 [ 1045.390308] ? finish_task_switch+0x1c1/0x7e0 [ 1045.394781] ? syscall_return_slowpath+0x550/0x550 [ 1045.399690] ? syscall_return_slowpath+0x2ac/0x550 [ 1045.404610] ? prepare_exit_to_usermode+0x350/0x350 [ 1045.409607] ? entry_SYSCALL_64_after_hwframe+0x52/0xb7 [ 1045.414953] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1045.419792] entry_SYSCALL_64_after_hwframe+0x42/0xb7 [ 1045.424958] RIP: 0033:0x454879 [ 1045.428123] RSP: 002b:00007ffa98793c68 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 1045.435809] RAX: ffffffffffffffda RBX: 00007ffa987946d4 RCX: 0000000000454879 [ 1045.443073] RDX: 0000000020c03000 RSI: 00000000c0a85320 RDI: 0000000000000013 2018/03/26 13:05:37 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$VHOST_SET_VRING_NUM(r0, 0x4008af10, &(0x7f00000000c0)={0x0, 0xfffffffffffffffc}) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000415fc8)={&(0x7f000034c000)={0x10}, 0xc, &(0x7f00000daff0)={&(0x7f0000000500)=@newpolicy={0xfc, 0x13, 0x309, 0x0, 0x0, {{@in6=@loopback={0x0, 0x1}, @in=@local={0xac, 0x14, 0x14, 0xaa}, 0x0, 0x0, 0x0, 0x0, 0xa}}, [@tmpl={0x44, 0x5, [{{@in=@remote={0xac, 0x14, 0x14, 0xbb}}, 0x0, @in=@multicast2=0xe0000002}]}]}, 0xfc}, 0x1}, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(r0, 0x89e2, &(0x7f0000000040)={r0}) ioctl$PPPIOCSMRU(r1, 0x40047452, &(0x7f0000000080)=0x8) 2018/03/26 13:05:37 executing program 0: r0 = syz_fuse_mount(&(0x7f00000000c0)='./file0\x00', 0x4000, 0xffffffffffffffff, 0xffffffffffffffff, 0x7, 0x200040a) r1 = dup2(0xffffffffffffff9c, r0) setsockopt$inet_icmp_ICMP_FILTER(r1, 0x1, 0x1, &(0x7f0000000080)={0x800}, 0x4) getpeername$llc(r1, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f0000000140)=0x10) ioctl$EVIOCSMASK(r1, 0x40104593, &(0x7f0000000240)={0x5, 0x81, &(0x7f0000000180)="64b6faf94fc679ac9748cf2da506987bd342a146a057a2480acf9ef4c9a93f59caeb7159c0602d49030c2f7c8076dc7ff3313a276ff40ad1ea128ad0a96d470b4e241efee3e7ee315f09e586325302cf47bba3311221af0e8fced9d9dc15d1b6d10f4be1f4229f5f523dfa5a8d53a4c9eaa7097f89910505fec6cf62526dc5feb4"}) syz_emit_ethernet(0x66, &(0x7f0000000000)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="b6992d0c6767", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}, @broadcast=0xffffffff}, @gre={{0x0, 0x0, 0x1, 0x0, 0xb, 0x0, 0x0, 0x8, 0x880b}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86dd}}}}}}, 0x0) [ 1045.450330] RBP: 000000000072bea0 R08: 0000000000000000 R09: 0000000000000000 [ 1045.457579] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 1045.464826] R13: 00000000000002be R14: 00000000006f5270 R15: 0000000000000000 2018/03/26 13:05:37 executing program 6: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x416000, 0x0) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000000040)={0x0, 0xfffffffffffffffd, 0x7c, 0x9, 0xd14c, 0xffff}, &(0x7f0000000080)=0x14) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000100)={r1, @in6={{0xa, 0x4e24, 0xe6, @remote={0xfe, 0x80, [], 0xbb}, 0x1}}, 0x6, 0x2d, 0xfffffffffffffffe, 0x7fff, 0x4}, &(0x7f00000001c0)=0x98) r2 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3}, 0x20) 2018/03/26 13:05:37 executing program 3: add_key(&(0x7f0000000080)='encrypted\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, &(0x7f0000000100), 0x0, 0xfffffffffffffffb) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0xc13cf6aba9095f9b, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r0, 0x40405514, &(0x7f0000000040)={0xe6a, 0x0, 0x9a, 0x27, "22d6c799b09af3442cc62f07fcf8da0c29c6c764e7a103eef510f39bbfb2cd58d9a861d2f30f304b44792f3d", 0x5}) 2018/03/26 13:05:37 executing program 0: syz_emit_ethernet(0x12, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffaaaaaaaaaa0001000000004700000000f834510c83132d651083a007e1691c0a4ddd4928e5ed926a8d4cde0e8f6b6776e7e388fc94333228472b9b37a96456dae45fc28099674ed039e4f77129ec02deebb56589c5ef0cb8e9dbe9f6722493d2d48129fa2c1016dd4dd0de853a2c3e7957c07cf1b2a30a62d1cfa0e515cd99af9954c6e78ad73d97524fc47db5f55bedf7f9a1e04e4ff6d2e88c397818276ad3cfb8c8c4f11f7fac228ecd2cb8f5e3e78efa520a69d28f18a73b77177b67e6d0bd451036fba1c0bd3f469afa70d53e0dfed067ef9110bb9f69bb849eaaaee2ebb48f8babacc12f3f4c881d117a31157182b2b29a6e8c1bf3def0027459569b41aa4710f2a1c9bcd7230cebcace396ea926dc29d9c2041f096b77e92defc42242003b092f84fb6bb72d0b0e319a36264c8f3bcc323fa80367ff89e732cc397de2933a18e76060f6db9a9684b015038b9674e5a26d87e3f86793734663a8d71305ec1e0ced5123d4e6cac3b518daf7fd728066"], &(0x7f00000000c0)) [ 1045.562553] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1045.573613] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1045.578844] CPU: 1 PID: 24648 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1045.586292] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1045.595650] Call Trace: [ 1045.598272] dump_stack+0x194/0x24d [ 1045.601902] ? arch_local_irq_restore+0x53/0x53 [ 1045.606584] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1045.611765] dump_header+0x28c/0xe2b [ 1045.615467] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1045.620644] ? arch_local_irq_restore+0x53/0x53 [ 1045.625296] ? perf_trace_lock_acquire+0xe3/0x980 [ 1045.630118] ? __lock_acquire+0x664/0x3e00 [ 1045.634335] ? print_irqtrace_events+0x270/0x270 [ 1045.639077] ? perf_trace_lock+0x900/0x900 [ 1045.643297] ? perf_trace_lock_acquire+0xe3/0x980 [ 1045.648128] ? trace_hardirqs_off+0x10/0x10 [ 1045.652426] ? perf_trace_lock_acquire+0xe3/0x980 [ 1045.657247] ? perf_trace_lock_acquire+0xe3/0x980 [ 1045.662075] ? perf_trace_lock+0x900/0x900 [ 1045.666287] ? __lock_acquire+0x664/0x3e00 [ 1045.670511] ? task_will_free_mem+0x252/0xaa0 [ 1045.674993] ? print_irqtrace_events+0x270/0x270 [ 1045.679743] ? ___ratelimit+0x30d/0x630 [ 1045.683699] ? lock_downgrade+0x980/0x980 [ 1045.687830] ? lock_release+0xa40/0xa40 [ 1045.691788] ? mark_held_locks+0xaf/0x100 [ 1045.695935] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1045.701027] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1045.706028] ? trace_hardirqs_on+0xd/0x10 [ 1045.710159] ? ___ratelimit+0x95/0x630 [ 1045.714032] ? idr_get_free+0xfd0/0xfd0 [ 1045.717988] ? find_held_lock+0x35/0x1d0 [ 1045.722048] oom_kill_process+0x8b9/0x1640 [ 1045.726349] ? lock_downgrade+0x980/0x980 [ 1045.730495] ? __lock_is_held+0xb6/0x140 [ 1045.734548] ? oom_evaluate_task+0x480/0x480 [ 1045.738948] ? rcu_read_unlock+0x35/0x70 [ 1045.742996] ? mem_cgroup_iter+0x363/0xbd0 [ 1045.747212] ? lock_downgrade+0x980/0x980 [ 1045.751346] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1045.756086] ? mark_held_locks+0xaf/0x100 [ 1045.760212] ? _raw_spin_unlock_irq+0x27/0x70 [ 1045.764689] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1045.769686] ? trace_hardirqs_on+0xd/0x10 [ 1045.773808] ? _raw_spin_unlock_irq+0x27/0x70 [ 1045.778280] ? css_task_iter_end+0x280/0x430 [ 1045.782683] ? _raw_spin_unlock_irq+0x27/0x70 [ 1045.787155] ? cgroup_procs_next+0x70/0x70 [ 1045.791364] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1045.796360] ? trace_hardirqs_on+0xd/0x10 [ 1045.800490] ? _raw_spin_unlock_irq+0x27/0x70 [ 1045.804965] ? oom_badness+0x980/0x980 [ 1045.808831] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1045.813569] ? mem_cgroup_iter_break+0x30/0x30 [ 1045.818143] ? finish_wait+0x268/0x490 [ 1045.822014] ? lock_downgrade+0x980/0x980 [ 1045.826151] out_of_memory+0x86d/0x1220 [ 1045.830117] ? oom_killer_disable+0x310/0x310 [ 1045.834591] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1045.839677] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1045.844671] ? trace_hardirqs_on+0xd/0x10 [ 1045.848809] mem_cgroup_out_of_memory+0x159/0x200 [ 1045.853633] ? swap_max_write+0x110/0x110 [ 1045.857755] ? do_raw_spin_trylock+0x190/0x190 [ 1045.862323] ? _raw_spin_unlock+0x22/0x30 [ 1045.866457] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1045.871454] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1045.876887] ? find_held_lock+0x35/0x1d0 [ 1045.880930] ? memcg_event_wake+0x420/0x420 [ 1045.885230] ? __do_page_fault+0x5f7/0xc90 [ 1045.889442] ? lock_downgrade+0x980/0x980 [ 1045.893581] pagefault_out_of_memory+0xbd/0x152 [ 1045.899193] ? out_of_memory+0x1220/0x1220 [ 1045.903403] ? handle_mm_fault+0x465/0xb10 [ 1045.907619] ? __handle_mm_fault+0x38c0/0x38c0 [ 1045.912199] ? vmacache_find+0x5f/0x280 [ 1045.916149] ? vmacache_update+0xfe/0x130 [ 1045.920280] mm_fault_error+0xd6/0x2c0 [ 1045.924150] __do_page_fault+0xb4d/0xc90 [ 1045.928201] ? mm_fault_error+0x2c0/0x2c0 [ 1045.932331] ? kernel_write+0x120/0x120 [ 1045.936289] ? do_syscall_64+0xb7/0x940 [ 1045.940244] do_page_fault+0xee/0x730 [ 1045.944031] ? __do_page_fault+0xc90/0xc90 [ 1045.948255] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1045.952992] ? syscall_return_slowpath+0x550/0x550 [ 1045.957910] ? syscall_return_slowpath+0x2ac/0x550 [ 1045.962821] ? prepare_exit_to_usermode+0x350/0x350 [ 1045.967816] ? retint_user+0x18/0x18 [ 1045.971511] ? page_fault+0x2f/0x50 [ 1045.975114] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1045.979941] ? page_fault+0x2f/0x50 [ 1045.983548] page_fault+0x45/0x50 [ 1045.986978] RIP: 0033:0x409b83 [ 1045.990145] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1045.995486] RAX: 0000001b9bc20000 RBX: 0000000000001275 RCX: 000000000040e950 [ 1046.002742] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1046.009988] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1046.018194] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1046.025446] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1046.033098] Task in /syz1 killed as a result of limit of /syz1 [ 1046.039131] memory: usage 0kB, limit 0kB, failcnt 4044 [ 1046.044502] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1046.051295] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1046.057476] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1046.076939] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1046.085692] [24648] 0 24648 11408 2089 65536 0 0 syz-executor1 [ 1046.094615] Memory cgroup out of memory: Kill process 24648 (syz-executor1) score 2105000 or sacrifice child [ 1046.104660] Killed process 24648 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:38 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00006f0000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x31, 0x0) ppoll(&(0x7f0000000000)=[{r1, 0x4}], 0x1, &(0x7f0000000040), &(0x7f0000000280), 0x8) ppoll(&(0x7f00005e1ff8)=[{r1}], 0x1, &(0x7f0000001000), &(0x7f0000001000)={0x1ff}, 0x8) recvmmsg(r0, &(0x7f0000000bc0)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)=""/217, 0xd9}, {&(0x7f00000002c0)=""/165, 0xa5}], 0x2, &(0x7f0000000380)=""/242, 0xf2, 0x9}, 0x4}, {{&(0x7f0000000480)=@nl=@proc, 0x80, &(0x7f0000000740)=[{&(0x7f0000000500)=""/220, 0xdc}, {&(0x7f0000000600)=""/79, 0x4f}, {&(0x7f0000001040)=""/4096, 0x1000}, {&(0x7f0000000240)=""/27, 0x1b}, {&(0x7f0000000680)=""/161, 0xa1}, {&(0x7f0000002040)=""/4096, 0x1000}], 0x6, &(0x7f00000007c0)=""/252, 0xfc, 0x4}, 0x5}, {{&(0x7f00000008c0)=@vsock={0x0, 0x0, 0x0, @host}, 0x80, &(0x7f0000000a80)=[{&(0x7f0000000940)=""/100, 0x64}, {&(0x7f00000009c0)=""/161, 0xa1}], 0x2, &(0x7f0000000ac0)=""/200, 0xc8, 0xefc0}, 0x8}], 0x3, 0x2000, &(0x7f0000000c80)={0x0, 0x989680}) dup3(r1, r0, 0x0) 2018/03/26 13:05:38 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet(0x10, 0x3, 0x10) sendmsg(r0, &(0x7f0000003000)={0x0, 0x0, &(0x7f0000004000)=[{&(0x7f0000002000)="2300000024009115460000000012000001000000000000270100008000000011007352", 0x23}], 0x1}, 0x0) r1 = dup(r0) r2 = shmget$private(0x0, 0x3000, 0x78000000, &(0x7f0000ffd000/0x3000)=nil) shmctl$SHM_INFO(r2, 0xe, &(0x7f00000000c0)=""/134) getsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000040), &(0x7f0000000080)=0x4) [ 1046.117527] oom_reaper: reaped process 24648 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1046.198533] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1046.209547] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1046.214731] CPU: 0 PID: 24694 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1046.222088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1046.231449] Call Trace: [ 1046.234041] dump_stack+0x194/0x24d [ 1046.237680] ? arch_local_irq_restore+0x53/0x53 [ 1046.242351] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1046.247554] dump_header+0x28c/0xe2b [ 1046.251265] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1046.256447] ? arch_local_irq_restore+0x53/0x53 [ 1046.261108] ? __lock_acquire+0x664/0x3e00 [ 1046.265326] ? print_irqtrace_events+0x270/0x270 [ 1046.270064] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1046.275172] ? trace_hardirqs_off+0x10/0x10 [ 1046.279473] ? __lock_acquire+0x664/0x3e00 [ 1046.283692] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1046.288874] ? __lock_acquire+0x664/0x3e00 [ 1046.293089] ? task_will_free_mem+0x252/0xaa0 [ 1046.297578] ? print_irqtrace_events+0x270/0x270 [ 1046.302329] ? ___ratelimit+0x30d/0x630 [ 1046.306289] ? lock_downgrade+0x980/0x980 [ 1046.310427] ? lock_release+0xa40/0xa40 [ 1046.314394] ? mark_held_locks+0xaf/0x100 [ 1046.318524] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1046.323611] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1046.328612] ? trace_hardirqs_on+0xd/0x10 [ 1046.332745] ? ___ratelimit+0x95/0x630 [ 1046.336619] ? idr_get_free+0xfd0/0xfd0 [ 1046.340573] ? find_held_lock+0x35/0x1d0 [ 1046.344636] oom_kill_process+0x8b9/0x1640 [ 1046.348853] ? lock_downgrade+0x980/0x980 [ 1046.352993] ? __lock_is_held+0xb6/0x140 [ 1046.357057] ? oom_evaluate_task+0x480/0x480 [ 1046.361470] ? rcu_read_unlock+0x35/0x70 [ 1046.365511] ? mem_cgroup_iter+0x363/0xbd0 [ 1046.369727] ? lock_downgrade+0x980/0x980 [ 1046.373881] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1046.378628] ? mark_held_locks+0xaf/0x100 [ 1046.382760] ? _raw_spin_unlock_irq+0x27/0x70 [ 1046.387244] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1046.392242] ? trace_hardirqs_on+0xd/0x10 [ 1046.396369] ? _raw_spin_unlock_irq+0x27/0x70 [ 1046.400849] ? css_task_iter_end+0x280/0x430 [ 1046.405247] ? _raw_spin_unlock_irq+0x27/0x70 [ 1046.409726] ? cgroup_procs_next+0x70/0x70 [ 1046.413938] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1046.418941] ? trace_hardirqs_on+0xd/0x10 [ 1046.423072] ? _raw_spin_unlock_irq+0x27/0x70 [ 1046.427563] ? oom_badness+0x980/0x980 [ 1046.431434] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1046.436178] ? mem_cgroup_iter_break+0x30/0x30 [ 1046.440767] ? finish_wait+0x268/0x490 [ 1046.444639] ? lock_downgrade+0x980/0x980 [ 1046.448775] out_of_memory+0x86d/0x1220 [ 1046.452761] ? oom_killer_disable+0x310/0x310 [ 1046.457235] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1046.462326] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1046.467324] ? trace_hardirqs_on+0xd/0x10 [ 1046.471484] mem_cgroup_out_of_memory+0x159/0x200 [ 1046.476308] ? swap_max_write+0x110/0x110 [ 1046.480433] ? do_raw_spin_trylock+0x190/0x190 [ 1046.485019] ? _raw_spin_unlock+0x22/0x30 [ 1046.489159] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1046.494162] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1046.499597] ? find_held_lock+0x35/0x1d0 [ 1046.503647] ? memcg_event_wake+0x420/0x420 [ 1046.507961] ? __do_page_fault+0x5f7/0xc90 [ 1046.512179] ? lock_downgrade+0x980/0x980 [ 1046.516325] pagefault_out_of_memory+0xbd/0x152 [ 1046.520976] ? out_of_memory+0x1220/0x1220 [ 1046.525188] ? handle_mm_fault+0x465/0xb10 [ 1046.529499] ? __handle_mm_fault+0x38c0/0x38c0 [ 1046.534061] ? vmacache_find+0x5f/0x280 [ 1046.538029] ? vmacache_update+0xfe/0x130 [ 1046.542173] mm_fault_error+0xd6/0x2c0 [ 1046.546054] __do_page_fault+0xb4d/0xc90 [ 1046.550127] ? mm_fault_error+0x2c0/0x2c0 [ 1046.554259] ? kernel_write+0x120/0x120 [ 1046.558219] ? do_syscall_64+0xb7/0x940 [ 1046.562183] do_page_fault+0xee/0x730 [ 1046.565969] ? __do_page_fault+0xc90/0xc90 [ 1046.570184] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1046.574940] ? syscall_return_slowpath+0x550/0x550 [ 1046.579858] ? syscall_return_slowpath+0x2ac/0x550 [ 1046.584773] ? prepare_exit_to_usermode+0x350/0x350 [ 1046.589773] ? retint_user+0x18/0x18 [ 1046.593472] ? page_fault+0x2f/0x50 [ 1046.597080] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1046.601912] ? page_fault+0x2f/0x50 [ 1046.605525] page_fault+0x45/0x50 [ 1046.608966] RIP: 0033:0x409b83 [ 1046.612135] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1046.617480] RAX: 0000001b9bc20000 RBX: 0000000000001276 RCX: 000000000040e950 [ 1046.624756] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1046.632009] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1046.639264] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1046.646510] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1046.654093] Task in /syz1 killed as a result of limit of /syz1 [ 1046.660135] memory: usage 0kB, limit 0kB, failcnt 4052 [ 1046.665463] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1046.672235] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1046.678488] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1046.697936] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1046.706701] [24694] 0 24694 11408 2089 65536 0 0 syz-executor1 [ 1046.715575] Memory cgroup out of memory: Kill process 24694 (syz-executor1) score 2105000 or sacrifice child [ 1046.725672] Killed process 24694 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:38 executing program 3: mkdir(&(0x7f0000fd5ff8)='.', 0x0) mount(&(0x7f000000a000)='./file0\x00', &(0x7f0000026ff8)='./file0\x00', &(0x7f000000c000)='ramfs\x00', 0x0, &(0x7f000000a000)) mount(&(0x7f0000d04000)='./file0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000811ffa)='bdev\x00', 0x100000, &(0x7f0000000040)) mount(&(0x7f0000fb6000)='./file0\x00', &(0x7f0000d78000)='.', &(0x7f0000fdb000)='ubifs\x00', 0x1000, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x0, 0x0) mount(&(0x7f00002b9ff8)='./file0\x00', &(0x7f0000cbeff8)='./file0\x00', &(0x7f00005f7ffa)='ramfs\x00', 0x80000, &(0x7f000002f000)) fchmodat(0xffffffffffffffff, &(0x7f00000002c0)='./file0/file1\x00', 0x0) r0 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x32ec, 0xc000) ioctl$KVM_SET_FPU(r0, 0x41a0ae8d, &(0x7f00000000c0)={[], 0x80, 0x401, 0xbd2, 0x0, 0x200, 0x6000, 0x0, [], 0x200}) mount(&(0x7f0000377ff8)='.', &(0x7f0000187ff8)='.', &(0x7f0000753000)='mslos\x00', 0x5010, &(0x7f00000e7000)) 2018/03/26 13:05:38 executing program 1: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ppp\x00', 0x0, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000000)=""/246) ioctl$sock_bt_hidp_HIDPGETCONNLIST(0xffffffffffffffff, 0x800448d2, &(0x7f0000000000)={0x1, &(0x7f0000000240)=[{}]}) ioctl$EVIOCGREP(r0, 0x40107447, &(0x7f0000000000)=""/174) chroot(&(0x7f0000000100)='./file0\x00') 2018/03/26 13:05:38 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000080)) r0 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x0, 0x400) getsockopt$inet_int(r0, 0x0, 0x5, &(0x7f0000000040), &(0x7f00000000c0)=0x4) prlimit64(0x0, 0x0, &(0x7f0000000640), &(0x7f0000000680)) 2018/03/26 13:05:38 executing program 5: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='attr/fscreate\x00') ioctl$DRM_IOCTL_MODESET_CTL(r0, 0x40086408, &(0x7f0000000040)={0x4, 0x280}) setsockopt$inet_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x4) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f00000000c0)=""/64) getsockopt$inet_mreqsrc(r0, 0x0, 0x2f, &(0x7f0000000100)={@broadcast, @multicast2, @loopback}, &(0x7f0000000140)=0xc) mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2) fcntl$getown(r0, 0x9) setsockopt$inet6_icmp_ICMP_FILTER(r0, 0x1, 0x1, &(0x7f0000000180)={0x2}, 0x4) setsockopt$RDS_GET_MR(r0, 0x114, 0x2, &(0x7f0000001200)={{&(0x7f00000001c0)=""/4096, 0x1000}, &(0x7f00000011c0), 0x51}, 0x20) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f0000001240)={{0x100000000, 0x1000}, 'port1\x00', 0x81, 0x8, 0x2, 0x6d9, 0x6, 0x9, 0x2, 0x0, 0x6, 0xea}) setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000001300)={0x2, 0x4e21}, 0x10) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000001340)={@any=0xffffffff}) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000001380)=0x3, 0x4) ioctl$SNDRV_TIMER_IOCTL_STATUS(r0, 0x80605414, &(0x7f00000013c0)=""/196) epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r0, &(0x7f00000014c0)={0x40000000}) r1 = epoll_create1(0x80000) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000001500)={0x0, 0x16, "ffccfc8c2e597185e834b56000722bba1a99ee478eb1"}, &(0x7f0000001540)=0x1e) setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000001580)={r2, @in={{0x2, 0x4e24, @rand_addr=0x7c}}}, 0x84) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000001640)=[@in={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, @in6={0xa, 0x4e21, 0xe38, @mcast1={0xff, 0x1, [], 0x1}, 0x4}, @in6={0xa, 0x4e21, 0x4, @dev={0xfe, 0x80, [], 0x18}, 0x8}, @in={0x2, 0x4e24, @broadcast=0xffffffff}, @in6={0xa, 0x4e24, 0xa9f, @local={0xfe, 0x80, [], 0xaa}, 0x1}, @in={0x2, 0x4e23}], 0x84) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000001700)={0x1}) ioctl$EVIOCGVERSION(r0, 0x80044501, &(0x7f0000001740)=""/135) fcntl$F_GET_RW_HINT(r0, 0x40b, &(0x7f0000001800)) ioctl$TIOCLINUX5(r0, 0x541c, &(0x7f0000001840)={0x5, 0x4, 0x7, 0xd1a8, 0x6}) r3 = ioctl$LOOP_CTL_GET_FREE(r0, 0x4c82) ioctl$LOOP_CTL_ADD(r0, 0x4c80, r3) ioctl$sock_ipx_SIOCAIPXPRISLT(r0, 0x89e1, &(0x7f0000001880)=0x7) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000018c0)={{{@in6=@dev, @in6=@loopback}}, {{@in6=@dev}, 0x0, @in=@local}}, &(0x7f00000019c0)=0xe8) ioctl$sock_SIOCGSKNS(r0, 0x894c, &(0x7f0000001a00)=0xffffffffffffffff) fcntl$getown(r0, 0x9) eventfd2(0x7fff, 0x80800) 2018/03/26 13:05:38 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f00000001c0)={0x0, 0x7}, &(0x7f0000000200)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000240)={r1, 0x5}, &(0x7f00000002c0)=0x8) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) sendto$inet(r0, &(0x7f0000000000)="0bb574a48d195c8a374e13", 0xb, 0x10, &(0x7f0000000040)={0x2, 0x4e24, @broadcast=0xffffffff}, 0x10) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000)=0x5, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f00000000c0)={0x0, 0x6, 0x8, 0x7, 0x6, 0xffffffff}, &(0x7f0000000100)=0x14) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000140)=@sack_info={r2, 0xff}, &(0x7f0000000180)=0xc) 2018/03/26 13:05:38 executing program 6: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$sock_int(r0, 0x1, 0x22, &(0x7f0000000000)=0x2000000000007, 0x4) write(r1, &(0x7f00000000c0)="8c", 0x1) recvmsg(r0, &(0x7f0000019fc8)={0x0, 0x0, &(0x7f0000984000), 0x0, &(0x7f0000019000)}, 0x2002) write$fuse(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[], 0x0) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x200000, 0x0) getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffff9c, 0x84, 0x1, &(0x7f0000000100)={0x0, 0xf8d, 0x0, 0x400, 0x6, 0x1}, &(0x7f0000000140)=0x14) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000180)={r3, 0x8}, &(0x7f00000001c0)=0x8) 2018/03/26 13:05:38 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:38 executing program 0: ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000080)) getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100), &(0x7f0000000140)=0xc) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000180)) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)={0xd, 0x8000, 0x5, 0x8, 0x4, 0xffffffffffffffff, 0x4}, 0x2c) fcntl$getown(r0, 0x9) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='maps\x00') preadv(r1, &(0x7f0000a5df90)=[{&(0x7f0000000000)=""/88, 0x58}], 0x1, 0x100001) [ 1046.913171] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1046.924249] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1046.929446] CPU: 1 PID: 24702 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1046.936809] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1046.946146] Call Trace: [ 1046.948719] dump_stack+0x194/0x24d [ 1046.952335] ? arch_local_irq_restore+0x53/0x53 [ 1046.956991] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1046.962205] dump_header+0x28c/0xe2b [ 1046.965920] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1046.971104] ? arch_local_irq_restore+0x53/0x53 [ 1046.975847] ? perf_trace_lock+0xd6/0x900 [ 1046.979978] ? perf_trace_lock_acquire+0xe3/0x980 [ 1046.984797] ? __lock_acquire+0x664/0x3e00 [ 1046.989028] ? trace_event_raw_event_lock+0x340/0x340 [ 1046.994206] ? perf_trace_lock+0x900/0x900 [ 1046.998431] ? perf_trace_lock+0xd6/0x900 [ 1047.002561] ? perf_trace_lock_acquire+0xe3/0x980 [ 1047.007386] ? trace_hardirqs_off+0x10/0x10 [ 1047.011700] ? trace_event_raw_event_lock+0x340/0x340 [ 1047.016881] ? __lock_acquire+0x664/0x3e00 [ 1047.021100] ? task_will_free_mem+0x252/0xaa0 [ 1047.025592] ? print_irqtrace_events+0x270/0x270 [ 1047.030347] ? ___ratelimit+0x30d/0x630 [ 1047.034307] ? lock_downgrade+0x980/0x980 [ 1047.038452] ? lock_release+0xa40/0xa40 [ 1047.042448] ? mark_held_locks+0xaf/0x100 [ 1047.046583] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1047.051672] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1047.056673] ? trace_hardirqs_on+0xd/0x10 [ 1047.060809] ? ___ratelimit+0x95/0x630 [ 1047.064684] ? idr_get_free+0xfd0/0xfd0 [ 1047.068639] ? find_held_lock+0x35/0x1d0 [ 1047.072708] oom_kill_process+0x8b9/0x1640 [ 1047.076924] ? lock_downgrade+0x980/0x980 [ 1047.081070] ? __lock_is_held+0xb6/0x140 [ 1047.085123] ? oom_evaluate_task+0x480/0x480 [ 1047.089539] ? rcu_read_unlock+0x35/0x70 [ 1047.093580] ? mem_cgroup_iter+0x363/0xbd0 [ 1047.097799] ? lock_downgrade+0x980/0x980 [ 1047.101965] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1047.106712] ? mark_held_locks+0xaf/0x100 [ 1047.110847] ? _raw_spin_unlock_irq+0x27/0x70 [ 1047.115331] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1047.120334] ? trace_hardirqs_on+0xd/0x10 [ 1047.124465] ? _raw_spin_unlock_irq+0x27/0x70 [ 1047.128943] ? css_task_iter_end+0x280/0x430 [ 1047.133333] ? _raw_spin_unlock_irq+0x27/0x70 [ 1047.137811] ? cgroup_procs_next+0x70/0x70 [ 1047.142031] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1047.147039] ? trace_hardirqs_on+0xd/0x10 [ 1047.151168] ? _raw_spin_unlock_irq+0x27/0x70 [ 1047.155652] ? oom_badness+0x980/0x980 [ 1047.159525] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1047.164269] ? mem_cgroup_iter_break+0x30/0x30 [ 1047.168861] ? finish_wait+0x268/0x490 [ 1047.172734] ? lock_downgrade+0x980/0x980 [ 1047.176877] out_of_memory+0x86d/0x1220 [ 1047.180867] ? oom_killer_disable+0x310/0x310 [ 1047.185344] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1047.190438] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1047.195445] ? trace_hardirqs_on+0xd/0x10 [ 1047.199600] mem_cgroup_out_of_memory+0x159/0x200 [ 1047.204429] ? swap_max_write+0x110/0x110 [ 1047.208644] ? do_raw_spin_trylock+0x190/0x190 [ 1047.213225] ? _raw_spin_unlock+0x22/0x30 [ 1047.217373] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1047.222375] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1047.227810] ? find_held_lock+0x35/0x1d0 [ 1047.231863] ? memcg_event_wake+0x420/0x420 [ 1047.236167] ? __do_page_fault+0x5f7/0xc90 [ 1047.240387] ? lock_downgrade+0x980/0x980 [ 1047.244526] pagefault_out_of_memory+0xbd/0x152 [ 1047.249177] ? out_of_memory+0x1220/0x1220 [ 1047.253387] ? handle_mm_fault+0x465/0xb10 [ 1047.257612] ? __handle_mm_fault+0x38c0/0x38c0 [ 1047.262170] ? vmacache_find+0x5f/0x280 [ 1047.266124] ? vmacache_update+0xfe/0x130 [ 1047.270345] mm_fault_error+0xd6/0x2c0 [ 1047.274224] __do_page_fault+0xb4d/0xc90 [ 1047.278284] ? mm_fault_error+0x2c0/0x2c0 [ 1047.282415] ? kernel_write+0x120/0x120 [ 1047.286381] ? do_syscall_64+0xb7/0x940 [ 1047.290341] do_page_fault+0xee/0x730 [ 1047.294126] ? __do_page_fault+0xc90/0xc90 [ 1047.298343] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1047.303861] ? syscall_return_slowpath+0x550/0x550 [ 1047.308773] ? syscall_return_slowpath+0x2ac/0x550 [ 1047.313695] ? retint_user+0x18/0x18 [ 1047.317394] ? page_fault+0x2f/0x50 [ 1047.321025] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1047.325862] ? page_fault+0x2f/0x50 [ 1047.329474] page_fault+0x45/0x50 [ 1047.332912] RIP: 0033:0x409b83 [ 1047.336081] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1047.341429] RAX: 0000001b9bc20000 RBX: 0000000000001277 RCX: 000000000040e950 [ 1047.348677] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1047.355924] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1047.363171] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1047.370431] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1047.377893] Task in /syz1 killed as a result of limit of /syz1 [ 1047.383945] memory: usage 0kB, limit 0kB, failcnt 4060 [ 1047.389259] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1047.396067] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 2018/03/26 13:05:39 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0xffff7fffffffffff) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x8000, 0x0) ioctl$EVIOCGLED(r1, 0x80404519, &(0x7f0000000080)=""/62) ioctl$LOOP_SET_FD(r1, 0x4c00, r0) 2018/03/26 13:05:39 executing program 5: r0 = fcntl$dupfd(0xffffffffffffff9c, 0x406, 0xffffffffffffff9c) ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000000000)=0x72c) clock_gettime(0x5, &(0x7f0000000080)) setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x10}}, 0x10) clock_gettime(0x5, &(0x7f00000000c0)) 2018/03/26 13:05:39 executing program 3: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x4, 0x4, 0x4, 0x9}, 0x2c) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000280)={r0, &(0x7f0000000080), &(0x7f0000000180)=""/253}, 0x18) socketpair$ax25(0x3, 0x2, 0xca, &(0x7f0000000000)) 2018/03/26 13:05:39 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000240)='./cgroup\x00', 0x200002, 0x0) r1 = openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000000c0)='./cgroup.net\x00', 0x200002, 0x0) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x280000, 0x0) ioctl$sock_ipx_SIOCGIFADDR(r2, 0x8915, &(0x7f0000000080)={'gre0\x00', {0x4, 0x1000, 0x400, "7433d6a70fc0", 0x6}}) write$cgroup_subtree(r1, &(0x7f0000000080)=ANY=[], 0x0) [ 1047.402239] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1047.421714] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1047.430484] [24702] 0 24702 11408 2089 65536 0 0 syz-executor1 [ 1047.439382] Memory cgroup out of memory: Kill process 24702 (syz-executor1) score 2105000 or sacrifice child [ 1047.449525] Killed process 24702 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:39 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000000)=0x1) 2018/03/26 13:05:39 executing program 0: r0 = socket$inet6_sctp(0xa, 0x1, 0x84) bind$inet6(r0, &(0x7f0000fa8fe4)={0xa, 0x4e23}, 0x1c) connect$inet6(r0, &(0x7f000098cfe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000640)=0x9fc8, 0x4) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000680)='/proc/self/net/pfkey\x00', 0x40000, 0x0) socketpair(0x10, 0xa, 0xbbe, &(0x7f0000000700)={0xffffffffffffffff, 0xffffffffffffffff}) renameat2(r1, &(0x7f00000006c0)='./file0\x00', r2, &(0x7f0000000740)='./file0\x00', 0x3) setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000040)=0x8, 0x4) r3 = dup(r0) write$eventfd(r3, &(0x7f0000605ff8), 0x101bc) write$eventfd(r3, &(0x7f0000000000), 0x8) sendmmsg$alg(r3, &(0x7f0000003f00)=[{0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000080)="838531fc69fd34ada3420dda7283da2e783e9ff3bc189b17defd058fbb915bd0be0f0b8c44da092b8a1b5c7a55484d65365c029c5b47fb279b710033a8c07f6bdc83531245eacb4ca98864ad072b6ce24c377d4e7c573028a5383a1756cf7e3037daae06eea18967a05905fbd53d5f363ed37c39c15d46c1d5945073ec40124c0101592489d0b9d60cba3fd39a317b6af74a6e286132d084754498e00f0ef6ba60b5a62c44934444f7c2cd3013b3d103a0f96a5f531653a84ff20d20973ecdc34583d57d93598fa86b6c1d1f692604485ed5f0092969d7a0fb704464d28192e88408978e3ad5fcd98cc0b5ddf74cbe3da7c1cf2ccbe6200b0a1407a9a9096d5868cd7fd6cb864dbba08b0db680b780db66dbf7cbe121b5d44d53a6ba79a803537c22faf9ad9d1985d9728cfa5da0834437ee239eec037fc545fe30fb883fbc19eda9761da6304042e20eadef9b147f4af4154192b148c0cc89a792dee6bbef7ac8e8ca8cf1fb943894e22a3be06aaed56403817fd53a17ad185838398835168777a4a861bf7b96e387ed5b420584ad67829d3e0a1b0074b2d049973bf72dca5a6937d249f5d26f484deb38425efa7f4db97699b61fb11ff25c9ab0964d5d6a68b229f8c51de6ae2463e944fee1045a7204196dad7b0754a3772774070995e3dd7ecb4839c6ea265eb9612c50876bb3a093d597a7ddde5d94cdde639b65ca1024e2f5e3a436aaca148c4cee675f24f35711b2f84a999f2e0a963301e937a8ceab683ab0d7f87759fdd72c3b7fa91cba3ce3951e182861030ff0d1d11b543853435020c1f9b57f981b114adb493b07667633a4dc6be0bf62ef8b4320a112920702cf2611aa90e5f6630e97820461c1ea68b868dc87a48c1373359972e6cd3b3a6de57090c65adf66a2c875d38e81d69a4de4794104a9baa331558820040284f089ead6b083f5e64d1d3b35f79f67630f1691e7854ea025fb158187038e11dd2ab628687c8758a918bf4b629585d3ad94a93c2e63b92363a783b8b35c303ef4515b745d3ef77d35de605db6fa0f3885ffdb27ecf3aa6c966f9ca352423c5f7e2613563a01dc3b212255569a0f774f36cdb11d4c5537bb8a521906996d86a52de838dbe6308ba429489a76b4536b103bf12d815844d940d018556d1c910e003b043f447a2458ee253a90cfa6aec9681276fb05204c8de0d58ba22f18f38452a85fce43b37aa8f12e7b037b99f9a158926e6edec6f2f3cb45ba44b7b551fbad6514678bb2618924bd12ece5c294cf86507f715b090e7cc9d9a5aba0f9705bcd3eef88f65a97e734e9fd85400278bc1982cee59e2c6861ccb5b3d7c4ce13dd5b57ddd8fe5c74774a355e8ff8abc2e3f9c0b38fbaa9e752c270563118849b1dbbea340c4de4902235b9472f7114f562b5eb5bd4f9b26759f8f1e8aeaaf5f2f23d02df6912fa36e97ddcdfbc88db94a036dfcbe089f0f1218d5a147fef06315cd5b99f80da1611721d69aeb5034b974e8bffa0ec524994ac93f8ccbfc1ebbb5d00f31970f8c9920ac4672fd2b69a6c187ab4dc9814dc2201374cb9086e33411493793758f0e8c58237aaea17ef1e8053a846ff70813bfd1448203912377c83304a273ed6a98e9deb6b25429170f334fb1767a2f7fca9cb8aeb27cd03beb7dee807d993d0921d02c4fb62f5b6f67c42ab6234b4222cd3c678a697d988c860a48b4e21859d0bb0d7f846c319c16e46d3749e45bf9640dbe319045da894296a91901f332d98ff4a6f413228121fa6eb121df4563718858ee839ddd8eb9cb89119f8e6a57546aaa9365d40450e23e3a19459554c1971519748d70f78f160438c6aa67e6096f348067749cba61a5fe1858c05096962dbae3ed035d5c5ed67685f7bd642dd5b1549914011e172592976bcfbf3e200cf415cec73fea13304d224f8d6cc96a1c833d216b85e235aa20fa37daa904a612a55a4451f800c89c4f1b15ca42581917fdb57b1c7a23d90bab0c68ae7936c3c54c02fed68debb847ab0ad", 0x599}], 0x1}], 0x1, 0x0) 2018/03/26 13:05:40 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0xb0002}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x200000, 0x0) setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000000040)={0x4, {{0x2, 0x4e23, @multicast2=0xe0000002}}, 0x0, 0x4, [{{0x2, 0x4e22, @rand_addr=0x84}}, {{0x2, 0x4e22}}, {{0x2, 0x4e20}}, {{0x2, 0x4e23, @rand_addr=0x2}}]}, 0x290) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000f00)={{{@in6=@loopback, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@loopback}, 0x0, @in=@local}}, &(0x7f0000001000)=0xe8) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000001040)={r2, 0x1, 0x6, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x16}}, 0x10) syz_open_dev$sndseq(&(0x7f0000000300)='/dev/snd/seq\x00', 0x0, 0x420002) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000340)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x76, 0x0, 0x0, 0x3}) 2018/03/26 13:05:40 executing program 4: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu\x00', 0x200002, 0x0) r1 = openat$cgroup_int(r0, &(0x7f00000002c0)='cpuset.mems\x00', 0x2, 0x0) socket$inet_tcp(0x2, 0x1, 0x0) read(r1, &(0x7f0000000140)=""/232, 0xe8) 2018/03/26 13:05:40 executing program 3: r0 = userfaultfd(0x800) gettid() ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000001fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc028aa03, &(0x7f0000019fe0)={{&(0x7f0000012000/0x2000)=nil, 0xffffffffffffff81}, 0xffff8000}) 2018/03/26 13:05:40 executing program 5: r0 = socket(0x10, 0x802, 0x0) sendmsg$nl_route(r0, &(0x7f00001fb000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000040)={&(0x7f00003b7f2c)=ANY=[@ANYBLOB="2800a5a898840da7e2cb00000000000000000000", @ANYRES32=0x0, @ANYBLOB="000000000000000008000a0001000000"], 0x28}, 0x1}, 0x0) 2018/03/26 13:05:40 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') getsockopt$inet_tcp_buf(r0, 0x6, 0x3f, &(0x7f0000000000), &(0x7f0000000040)) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ppoll(&(0x7f00000000c0)=[{r0, 0x100}, {r0, 0x2208}, {r0, 0x8000}, {r0, 0x2}, {r0}, {r0, 0x10}, {r0, 0x8000}, {r0, 0x1000}, {r0, 0x1331}], 0x9, &(0x7f0000000140)={r1, r2+10000000}, &(0x7f0000000180)={0x8}, 0x8) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) 2018/03/26 13:05:40 executing program 6: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) unshare(0x2000200) r1 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x80000, 0x0) setsockopt$EBT_SO_SET_COUNTERS(r1, 0x0, 0x81, &(0x7f0000000100)={'raw\x00', 0x4, [{}, {}, {}, {}]}, 0x68) getsockname$inet(r0, &(0x7f0000000040), &(0x7f0000000080)=0x10) 2018/03/26 13:05:40 executing program 1: perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x5, 0x84) sysfs$1(0x1, &(0x7f0000000240)='nfs4\x00') getsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r1 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0xfffffffffffffffc, 0x2000) ioctl$ASHMEM_GET_PIN_STATUS(r1, 0x7709, 0x0) 2018/03/26 13:05:40 executing program 0: r0 = syz_open_dev$loop(&(0x7f0000912000)='/dev/loop#\x00', 0x0, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)=0x0) sched_getparam(r1, &(0x7f0000000040)) ioctl$LOOP_SET_DIRECT_IO(r0, 0x80081272, 0x20000005) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x200, 0x0) openat$cgroup(r2, &(0x7f00000000c0)='syz1\x00', 0x200002, 0x0) [ 1047.999552] oom_reaper: reaped process 24702 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:40 executing program 3: r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/cuse\x00', 0x48000, 0x0) ioctl$sock_inet_SIOCGIFBRDADDR(r0, 0x8919, &(0x7f0000000600)={'yam0\x00', {0x2, 0x4e21, @multicast2=0xe0000002}}) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000640)) socket$inet6_icmp(0xa, 0x2, 0x3a) socket$inet_smc(0x2b, 0x1, 0x0) r1 = syz_open_dev$midi(&(0x7f00000004c0)='/dev/midi#\x00', 0x3, 0x2) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000500)='/dev/sequencer2\x00', 0x20400, 0x0) syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000580)=[@text32={0x20, &(0x7f0000000540)="9a41daffda0c01642e0f01c9440f20c0350a000000440f22c02736f30f10090f01ca0f01c8c4e15a536000b9780200000f322636646667660f383790fd00", 0x3e}], 0x1, 0x1, &(0x7f00000005c0), 0x0) syz_open_dev$dmmidi(&(0x7f0000000400)='/dev/dmmidi#\x00', 0x1, 0x4000) socket$inet_tcp(0x2, 0x1, 0x0) socket$bt_hidp(0x1f, 0x3, 0x6) accept4$llc(0xffffffffffffff9c, 0x0, &(0x7f0000000440), 0x80800) syz_open_dev$sndpcmp(&(0x7f0000000480)='/dev/snd/pcmC#D#p\x00', 0x1, 0x8001) r3 = dup(0xffffffffffffffff) r4 = fcntl$getown(r3, 0x9) r5 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000200)='cpu.stat\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0xffffffffffffff4b, 0xb71, 0x0, 0x1, 0x0, 0x3f, 0x50, 0x8, 0xffffffffffffff81, 0xc1b, 0x80000000000000, 0x2, 0x7f, 0x9, 0x3, 0x4, 0x7ff, 0x0, 0xcd3, 0x5, 0x6caa, 0x6, 0xd4, 0x40, 0x800, 0x7ff, 0x4, 0x8, 0x7fffffff, 0x6, 0x80000000, 0x3ff, 0x1000, 0xffff, 0x3, 0x7, 0x0, 0x20, 0x2, @perf_config_ext={0x9, 0xed}, 0x20a0, 0x2, 0x105, 0x4, 0x2, 0x6479, 0xfff}, r4, 0xf, r5, 0x2) r6 = syz_open_dev$amidi(&(0x7f0000000100)='/dev/amidi#\x00', 0x8, 0x0) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r5, 0xc0505405, &(0x7f0000000080)={{0xffffffffffffffff, 0x3, 0xffffffffffffffc1, 0x3, 0x1}, 0xfffffffffffffc00, 0x8}) ioctl$TCGETA(r6, 0x5405, &(0x7f0000000140)) setsockopt$inet_tcp_int(r6, 0x6, 0x1a, &(0x7f0000000240), 0x4) perf_event_open(&(0x7f000025c000)={0x800000002, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r7 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x501000, 0x0) prctl$intptr(0x1f, 0x0) getsockname$netrom(r6, &(0x7f00000002c0), &(0x7f0000000380)=0x10) accept$packet(0xffffffffffffff9c, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000340)=0x14) setsockopt$inet_pktinfo(r7, 0x0, 0x8, &(0x7f0000000280)={r8, @local={0xac, 0x14, 0x14, 0xaa}, @remote={0xac, 0x14, 0x14, 0xbb}}, 0xc) r9 = syz_open_dev$usbmon(&(0x7f00000005c0)='/dev/usbmon#\x00', 0x3, 0x800) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r9, 0x84, 0x6b, &(0x7f0000000680)=[@in6={0xa, 0x4e21, 0xfa4, @empty, 0x100000001}, @in={0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}], 0x2c) 2018/03/26 13:05:40 executing program 5: r0 = socket$inet(0x2, 0x1, 0x0) mmap(&(0x7f000092d000/0x400000)=nil, 0x400000, 0xfffffffffffffffc, 0x8972, 0xffffffffffffffff, 0x0) bind$inet(r0, &(0x7f0000134000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) connect$inet(r0, &(0x7f00000e5000)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) fcntl$setflags(r0, 0x2, 0x1) connect$inet(r0, &(0x7f00009322c4)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300)='/dev/hwrng\x00', 0x2, 0x0) getsockopt$packet_int(r1, 0x107, 0x13, &(0x7f0000000340), &(0x7f0000000380)=0x4) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='veno\x00', 0x5) connect$inet(r0, &(0x7f00000dcff0)={0x2, 0x4e23, @loopback=0x7f000001}, 0x10) shutdown(r0, 0x1) 2018/03/26 13:05:40 executing program 0: r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x1}, 0x10) r1 = socket(0x1e, 0x4, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x709000)=nil, 0x709000, 0x0, 0x44031, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000140), 0x0) msgget(0x1, 0x100) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x1}, 0x10) writev(r1, &(0x7f000069c000)=[{&(0x7f0000dbd000)='T', 0x1}], 0x1) close(r1) socketpair(0x8000000000001e, 0x5, 0x0, &(0x7f000000dff8)={0xffffffffffffffff, 0xffffffffffffffff}) close(r3) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc, 0x0, 0x1}, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vlan0\x00'}) read(r0, &(0x7f0000b81000)=""/7, 0xffa40e52) [ 1048.108296] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1048.119329] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1048.124510] CPU: 0 PID: 24755 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1048.131863] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1048.141217] Call Trace: [ 1048.143808] dump_stack+0x194/0x24d [ 1048.147435] ? arch_local_irq_restore+0x53/0x53 [ 1048.152105] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1048.157295] dump_header+0x28c/0xe2b [ 1048.160999] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1048.166173] ? arch_local_irq_restore+0x53/0x53 [ 1048.170821] ? perf_trace_lock_acquire+0xe3/0x980 [ 1048.175636] ? __lock_acquire+0x664/0x3e00 [ 1048.179849] ? print_irqtrace_events+0x270/0x270 [ 1048.184584] ? perf_trace_lock+0x900/0x900 [ 1048.188810] ? perf_trace_lock_acquire+0xe3/0x980 [ 1048.193631] ? trace_hardirqs_off+0x10/0x10 [ 1048.197927] ? perf_trace_lock_acquire+0xe3/0x980 [ 1048.202744] ? perf_trace_lock_acquire+0xe3/0x980 [ 1048.207579] ? perf_trace_lock+0x900/0x900 [ 1048.211792] ? __lock_acquire+0x664/0x3e00 [ 1048.216001] ? task_will_free_mem+0x252/0xaa0 [ 1048.220486] ? print_irqtrace_events+0x270/0x270 [ 1048.225227] ? ___ratelimit+0x30d/0x630 [ 1048.229179] ? lock_downgrade+0x980/0x980 [ 1048.233308] ? lock_release+0xa40/0xa40 [ 1048.237262] ? mark_held_locks+0xaf/0x100 [ 1048.241388] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1048.246470] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1048.251461] ? trace_hardirqs_on+0xd/0x10 [ 1048.255586] ? ___ratelimit+0x95/0x630 [ 1048.259450] ? idr_get_free+0xfd0/0xfd0 [ 1048.263401] ? find_held_lock+0x35/0x1d0 [ 1048.267448] oom_kill_process+0x8b9/0x1640 [ 1048.271661] ? lock_downgrade+0x980/0x980 [ 1048.275794] ? __lock_is_held+0xb6/0x140 [ 1048.279838] ? oom_evaluate_task+0x480/0x480 [ 1048.284239] ? rcu_read_unlock+0x35/0x70 [ 1048.288277] ? mem_cgroup_iter+0x363/0xbd0 [ 1048.292487] ? lock_downgrade+0x980/0x980 [ 1048.296619] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1048.301356] ? mark_held_locks+0xaf/0x100 [ 1048.305479] ? _raw_spin_unlock_irq+0x27/0x70 [ 1048.309952] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1048.314947] ? trace_hardirqs_on+0xd/0x10 [ 1048.319077] ? _raw_spin_unlock_irq+0x27/0x70 [ 1048.323550] ? css_task_iter_end+0x280/0x430 [ 1048.327936] ? _raw_spin_unlock_irq+0x27/0x70 [ 1048.332408] ? cgroup_procs_next+0x70/0x70 [ 1048.336618] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1048.341611] ? trace_hardirqs_on+0xd/0x10 [ 1048.345733] ? _raw_spin_unlock_irq+0x27/0x70 [ 1048.350207] ? oom_badness+0x980/0x980 [ 1048.354073] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1048.358810] ? mem_cgroup_iter_break+0x30/0x30 [ 1048.363383] ? finish_wait+0x268/0x490 [ 1048.367246] ? lock_downgrade+0x980/0x980 [ 1048.371375] out_of_memory+0x86d/0x1220 [ 1048.375335] ? oom_killer_disable+0x310/0x310 [ 1048.379808] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1048.384893] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1048.389892] ? trace_hardirqs_on+0xd/0x10 [ 1048.394034] mem_cgroup_out_of_memory+0x159/0x200 [ 1048.398854] ? swap_max_write+0x110/0x110 [ 1048.402974] ? do_raw_spin_trylock+0x190/0x190 [ 1048.407539] ? _raw_spin_unlock+0x22/0x30 [ 1048.411671] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1048.416663] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1048.422089] ? find_held_lock+0x35/0x1d0 [ 1048.426137] ? memcg_event_wake+0x420/0x420 [ 1048.430446] ? __do_page_fault+0x5f7/0xc90 [ 1048.434656] ? lock_downgrade+0x980/0x980 [ 1048.438784] pagefault_out_of_memory+0xbd/0x152 [ 1048.443428] ? out_of_memory+0x1220/0x1220 [ 1048.447635] ? handle_mm_fault+0x465/0xb10 [ 1048.451850] ? __handle_mm_fault+0x38c0/0x38c0 [ 1048.456405] ? vmacache_find+0x5f/0x280 [ 1048.460355] ? vmacache_update+0xfe/0x130 [ 1048.464481] mm_fault_error+0xd6/0x2c0 [ 1048.468352] __do_page_fault+0xb4d/0xc90 [ 1048.472405] ? mm_fault_error+0x2c0/0x2c0 [ 1048.476530] ? kernel_write+0x120/0x120 [ 1048.480484] ? do_syscall_64+0xb7/0x940 [ 1048.484437] do_page_fault+0xee/0x730 [ 1048.488213] ? __do_page_fault+0xc90/0xc90 [ 1048.492428] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1048.497942] ? syscall_return_slowpath+0x550/0x550 [ 1048.502848] ? syscall_return_slowpath+0x2ac/0x550 [ 1048.507766] ? retint_user+0x18/0x18 [ 1048.511456] ? page_fault+0x2f/0x50 [ 1048.515057] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1048.519882] ? page_fault+0x2f/0x50 [ 1048.523484] page_fault+0x45/0x50 [ 1048.526913] RIP: 0033:0x409b83 [ 1048.530077] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1048.535417] RAX: 0000001b9bc20000 RBX: 0000000000001278 RCX: 000000000040e950 [ 1048.542661] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1048.549916] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 2018/03/26 13:05:40 executing program 4: socketpair(0x8000000000001e, 0x1, 0x0, &(0x7f000000dff8)={0xffffffffffffffff, 0xffffffffffffffff}) poll(&(0x7f0000000240)=[{r0}], 0x1, 0x7ff) setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f000020cffc), 0x4) ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r0, 0x8008ae9d, &(0x7f0000000000)=""/184) 2018/03/26 13:05:40 executing program 7: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x7, 0x200) r1 = accept4$netrom(0xffffffffffffff9c, &(0x7f0000000680)=@full, &(0x7f0000000700)=0x48, 0x800) r2 = syz_open_dev$sndpcmp(&(0x7f0000000740)='/dev/snd/pcmC#D#p\x00', 0xffffffff, 0x18000) pipe(&(0x7f0000000780)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ION_IOC_HEAP_QUERY(0xffffffffffffff9c, 0xc0184908, &(0x7f00000007c0)={0x6, 0x7, 0x0, 0xffffffffffffffff}) r5 = fanotify_init(0x2a, 0x109000) r6 = syz_open_dev$urandom(&(0x7f0000000800)='/dev/urandom\x00', 0x0, 0x100) r7 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000840)='/dev/dsp\x00', 0x1, 0x0) r8 = accept$alg(0xffffffffffffff9c, 0x0, 0x0) sendmsg$unix(r0, &(0x7f00000008c0)={&(0x7f0000000040)=@abs={0x1, 0x0, 0x4e23}, 0x6e, &(0x7f00000005c0)=[{&(0x7f00000000c0)="9257d4e35b395240bdddbc494c160793975d77db0e8b6e112efedd6a22da816a9610296604c30f1184ebcc5ecd14b48834239b2bc380f48c434bd394b8fc2c8019891d6bc13a952eb608982a58b0d9b57ca8df3b4cbdb5c35c01597698872c43e12e2456cee50cbd06bff425295c6f3d597804bad178b4", 0x77}, {&(0x7f0000000140)="9ad0f3ef905873e3abbd8f832f62e9853ee36dea9247c1799ffe8fbaa0eb95732fb5f41d0b540d25048dd6778ef6e1d01cf8adfc84", 0x35}, {&(0x7f0000000180)}, {&(0x7f00000001c0)="a5eb0f025bdf2c85b505f9ef1f1af188f8dc75515bfdf026090b86743ff02cecf5f78f624f43d9442007e87dbe91ad71cd919c84c7a31cd531f68fb908ea152bac15833611fe3b57004670f4ec6918ab198d3bb3d8dab8c8b25e7f2937604a43d482100825652bc01ba36796d1bc937582022a2915c73bd88d0b545b5520aff247df9ea4ddf1f15cf1bc6a7f0a2b1cc1f59a399f14bb13bc1128ddd8db80e46c8891a78839e238e09fb64e2300b099740680af2b717dab81b84e996bd4dbad157b7718ae664b1a8a88e27d529d607abddd", 0xd1}, {&(0x7f00000002c0)="387af6c5ceeb81bf6a2ecee6620bb49d8624751837f723f7927d75b56c366bc35e59c7d6965ddbec6f2f4a2ac80f8208d02520dcd61472a376bef29401e68fe282d657f929e45554fbfb4e0e3d6f4ba85313101bdb9f38cb387fe6460de0a5563bfeb5e300fb75732ef73f6164", 0x6d}, {&(0x7f0000000340)="3bc0a349a3f10c3ff5149e7d07341fb3c7934ee0993d856ea7053344a39100c3afdf14eff53a37a03824e61a6a37c31faeed6079e67f9ef522ff648b1e51acd05a46677b191fe18d6ae5615077b7282ebcb18f5d664563d11ebfbd7c46bc31af92b5b5be009712114327506dd7b850e3caf9c8f7c0f429ebcc56b6970d1150150b1d3da07c89ebda291bd66aecd77b80", 0x90}, {&(0x7f0000000400)="c0eb37e6e956f631dbd28315e8a02d62c5bd429862a47debeb475704cdccef33b4da7db0624fd3", 0x27}, {&(0x7f0000000440)="fa1d95a882287822b6c82f0cf56219b310794e1edd68158d2cdfd0fc3ecf13b4186b99bcb708977b0cf1c91dd4e6ad6edff9cbccf37b0b3c994fff498acb13f9f986459c9b4542d0", 0x48}, {&(0x7f00000004c0)="98f41980c83c1d43ef3b5b1e32a174669c9e09c3e4fcaf4eac1f2eb523737b654f427e5ec62025cc9c6d76150adc0516ff45be14771412065f2f5381fe303abd06878773e19012fdebe2495521ea84504a16714773d0767c24cdac64cdafcab4678cd4c50b28d627604a6c626a906e87b2f6913a7b889ab1ac3b60ecf05ef4b7dc9791829e12490c90137a3e21e478780a9540367e3b865c33b61a241819b14728a354d5015cf89479af2140421dd97953c1407c586bcfb4e09575552916ecba1d67b172d381e26f241557ad9af6ce37817ea66136f46025f5c6378cce61a8b767b27990", 0xe4}], 0x9, &(0x7f0000000880)=[@rights={0x30, 0x1, 0x1, [r1, r2, r3, r4, r5, r6, r7, r8]}], 0x30, 0x1}, 0x4000000) r9 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r9, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r9, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) [ 1048.557160] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1048.564411] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1048.571829] Task in /syz1 killed as a result of limit of /syz1 [ 1048.577903] memory: usage 0kB, limit 0kB, failcnt 4068 [ 1048.583230] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1048.590039] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 2018/03/26 13:05:40 executing program 6: bind$alg(0xffffffffffffffff, &(0x7f0000001000)={0x26, 'hash\x00', 0x0, 0x0, 'michael_mic\x00'}, 0x58) setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0xffffffffffffff6e) r0 = socket(0x10, 0x4000000000080003, 0x0) setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f00006e8000)=0x2, 0x4) setsockopt(r0, 0x107, 0xd, &(0x7f0000001000), 0x1fd) [ 1048.596246] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1048.615707] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1048.624468] [24755] 0 24755 11408 2089 65536 0 0 syz-executor1 [ 1048.633379] Memory cgroup out of memory: Kill process 24755 (syz-executor1) score 2105000 or sacrifice child [ 1048.643425] Killed process 24755 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:40 executing program 7: r0 = accept4$nfc_llcp(0xffffffffffffff9c, &(0x7f0000000000), &(0x7f0000000080)=0x60, 0x800) preadv(r0, &(0x7f0000001440)=[{&(0x7f00000000c0)=""/243, 0xf3}, {&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/234, 0xea}, {&(0x7f00000012c0)=""/77, 0x4d}, {&(0x7f0000001340)=""/69, 0x45}, {&(0x7f00000013c0)=""/85, 0x55}], 0x6, 0x0) r1 = syz_open_dev$mouse(&(0x7f0000001600)='/dev/input/mouse#\x00', 0x3b48, 0x2) ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000001640)) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000001500)='/dev/rtc\x00', 0x8000, 0x0) openat$dsp(0xffffffffffffff9c, &(0x7f0000001680)='/dev/dsp\x00', 0x200, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r2, 0xc0a85320, &(0x7f0000001540)={{0x6}, 'port1\x00', 0x1a, 0x41000, 0x10000, 0x81, 0x33, 0xfff, 0x7ff, 0x0, 0x2, 0x524}) r3 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) r4 = openat(0xffffffffffffff9c, &(0x7f00000014c0)='./file0\x00', 0x14d000, 0xa) ioctl$TCSBRK(r4, 0x5409, 0xfffffffffffffffa) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:40 executing program 5: r0 = openat$selinux_load(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/load\x00', 0x2, 0x0) flistxattr(r0, &(0x7f0000000400)=""/85, 0x951678dba3727c7a) syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x80, 0x0) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcs\x00', 0x101000, 0x0) fanotify_mark(r1, 0x1, 0x48000000, r2, &(0x7f0000000340)='./file0\x00') getegid() r3 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/policy\x00', 0x0, 0x0) preadv(r3, &(0x7f0000001480)=[{&(0x7f0000000200)=""/168, 0xa8}, {&(0x7f00000002c0)=""/87, 0x57}, {&(0x7f0000000140)=""/25, 0x19}], 0x3, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(0xffffffffffffffff, 0x40045532, &(0x7f0000006000)=""/136) r4 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000) ioctl$EVIOCGEFFECTS(r4, 0x80044584, &(0x7f0000000180)=""/107) 2018/03/26 13:05:40 executing program 4: perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) pipe2(&(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}, 0x84000) ioctl$KVM_GET_MP_STATE(r0, 0x8004ae98, &(0x7f0000000100)) add_key(&(0x7f0000000140)='blacklist\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000300)="01878dc31e170d026890a4eaf235085b553c28e97ebd3993e1c7fa606a14e166bbe5f4c3426854ad5d5f17e7b3b26ee01ac0091f3410ea89ba31049765a673250ba1b33ab688c1e078858d55142c7705fcb4480e51d935a3fcffcb47bd6ed3f930b3c53e3710bc427aa8c11ecd512cb67f1c2f68ad6951a638d823f94d94c2681d3ff60eb20727a7e729e8b3e4764e2a71343bf0853020777d8c508600f00161da0c40fd5bb599bff12417ec77a6e5d9b8ec06997b1a23ec9e96da80158208a6c1c598faf85e4db6f606011599e2cfeb870aad8516d17e26db70d0e727c46b132f1f2bfa84c1e8f4e72084ec69a1dc8c7b882107d94daf2458974d12c1ace9f843c90b7e236e9c57ebf55fa5704799ad264c4798b4aa30aaf6bcd8fa82b362c536df52d69dd5c2bb1f6409241c7e577cf7309fc0bc51dd36ccd97df8609fb30da866a4d0917d0b6913e789bbe7e0f6f3068e8d3cbf14bdf6c2cc7495fdff4987be1db23ec4746d91d7fceafbda0b52a4b2a51c544295e739406b400ce66081341aa2fbd8df28767689bdf96467546e5e882b6174d82225544fc1cf8f0b7d8c0ed503ad0a3db2f4d4ea89552e31a3956dfabe3e50d60829f1519e24e480769a4361c4e6e271df23c263e7604d2b9a1ed590a93b262f3d394bc177a123c465501062937485f5ba1b4b7ff93eb7cf4251fc4574c392e893120be63d87f929fdd1ff9908c00f07c3de8451ec500200077d2ebe23fa49e4e3c42f5363611176ab6f5c54caf79c6dbceed832100474e8a12e7f93dd55fe76b2cde00cd757105ce72d575e591e7ec6e0ad648d54ae2eaf7b0d34be11e14997f47e01f0b7417cd0faccf87b9452ab53cc16268767b766cb065a9fc3e70730fcfd074f59d15d550fbb710e89a7685fbc974344995853f4be55409bf523c22fe8cab230a78e545e0bda7a79003b6618fc99039ddadd17e3bc838289c31e11ffe37256f1d3b6d1129d059dc521c0fd7561924aa49a13bcf135ad2d195f912c934cc2865c9b87e0ade1ee033c1487b7ed2d56e42075aa2a8599138fc1449d84f9b5163298d7d07f3fa7d0a32b0986721f488253032ffd2affa00fd68aeca0a13c2a2aaf7d1b2b6d658408ad3ef4561df2a7329abb365479faf34697f767014f0e6debe2ca4902f72b3953b55e9ebed8dac05fa7b40191c4c1b23973a9df8060f7cb760406fcda676fdb987450fec98f04b7334c6af74f5db2c36aa8f344c22c065584770ce35f62391a2dcb907e15bea505bfb826b462f579d46738693e296724b09ace0f1e1750b4947263e80299f453acf333c61731493c3e01cd80088d78252cba90c56a4f7314e2050a41a7755cd57350042dedbeb1ab1eefa9506b3d14400b48cc8b10db20a352b7e147bc5a6a0cbcc238101994ec4702504c8c6775fb901052ab34e1443a3502262165c5f2a7c1acaaea1c222dfeb1e33c3e9eea47d649277174a5a254e2aa763a52384fd382121b4eed13647b789800a2de3ee8307c4d30e17e5c32d7783e5f4456f98adb8644c8883762c388b9c66d8b50fad36251c16dd26a8df1898aedbe84380db19f8f67baaafa55f34cdd677658c73274f81374e77c639fcd5860d45d32c7fcbd3c5f9ac3445da91ce7d44bda49ad5e6ed4133457d39fc5fe0c73526001be97c25ca72e045eff5c64cc45002fa1a621fae3e28b482bf5247e59ad1a360bfa48145a39cbf243e0172d21b63e1b3da5cd29aea559d37ba05dff4b14c16690fd33f8d39cd1d74e8d66e364cfdff89352d66b7e8a52d66ff3e09f6ef2f7227cca4dc7ce8ef82913f08611f828f6b885afe583d7f28a34039bbed2f3409cb68102605ee8bd37db72160fb85e461757a354b2ca7b67cfd5a2aa889a44295a8704def2c5a01ea9a41401f3065c5d1251ef069a960fd53c5bfa210f3343c7609711b6598145829944c0d69a8b1c882bfd950f25ad53dbba926a27158160b161702497bc8892ebbba782379af44652541af42a2efd0c4bcc85a60ea6ab14130d9f8fa74c1d47aed393fe87a157c2cd268bd4aa9d17235472a40965fb37cb3c2199a4f2a4eb89e79abf9495ec73db0b7085dfff3f0b41618f506950c476905ad06ce6ce23e3e753ab188ca254c0f5c4e8289ff93c5c5ff84d6ca65dac7d341863515c7c55705fd136450a360b11e8ab31f9effdd2da40f3bab3b9d95bd5840d0bfcc2c7565ae0ac66db3930897d849e5e8b5fd26e9d7328c880a8fe26ead90298ce39ea100c348724910db3c41d878c2baad3904668c1302efc5048e338409260387354cb8d3dd182e64517433c32f4ab9dd6b0a1a1578ea90bb96578ee6dc6fe654fcd5ef83065f708807d8b91faf9b2034e627fec05df1c9c25de69726d84b29870edb50984511355bd09d22e65db8199ef8a7baf6f081ca6fe8c792ae2b08cabc4e25c3da78b0e1d9f5f58471433b37960d7669dfffecf1623346344d3af68a34cdcbc7c6adb25d3ad126dab4bdb351a19453df8f71caa7eb752a060334725e9e636bb99038dfdab6b02c179c3344804f87d763953eb19623a2eb464be03e23df338122d140ce5fe93d1077c8bc32848a190f005003980e17b9630d4914505ee8992ca41394500160e0ee18ab9b8fb2b2110568e97865e9385ee52330f7eaea874215814f6ba5a42ecd65adb60374ae5e858d8a37fc805858104ea377cceaa2ca0360f8a5f8f6a1c21c81ed734851ea1b90297da5fff3a99b20818d0ba5480b6e24128200aaf84309e18e5c6cf80d6a29f0b84c4dfc1ac0e77cc3c15f6c5739350490bc031084ddc7c981795b20dad21baea90af18611d7844b5e1b8f975a3d8111d60f889bba5514ebd28aa9728ca5dcd7adac9c73761cbe153be81bf587ac4c1666384a6cbb0a90658a9622d5ad3fa94844ddfed7632061066398db5e4ceecf79c690020edabaef727a190702f88c13c3343538ea35c4e4e584797d75c2f0f17c574d858ab510c83cf562599796ea4e8c6ef293a86b1a774ba8c16a21c0a57a87680b660cdcc68c990ff3bde41779ea646fc9807b16d141b47acdee96c330dad3fb3b84fe5a33eb60a816ed6db5a0aff0ed483b2280f131a47b2f7d9cd54588cc90fcb618391484c77259f5de6fe544628aae95039abd479815126582fb949f66b98c19561a7f225bb096f0aa1634a43f1eb634fda140642f487855cb072fdef19e2c115106a9ef6d046dbb2ab79f23a900965d8a557cb30b730962f4ac03a4b82845e1bda8d1ed5b382235d40f16a4f3c15d28dc371ae357f828b13ba0597ddf0c1f56afc93d26669ad4dc0695e2ec35d3a68fef004cee25b6b753fd8d2d49df9afae2fb3760961bb0392720d76495454bd6bf4032a095e23308a6dbf6354dba45ff2b737321ca93633504bea2102d51eafd4a2792f07977ef4be3ec07f6bd6b87410a4edaf01e522c438a212b5d49e9d44b3f1cfc61fd5e6df13b4dbcae49cc9500dc8b33e1e22fcd16cb0d4f87568e257a652bf1716369faa351d0b8e72759e3ca0a4aa7b98abd35db25da315a1a2ce0e178a9ae729f70ff2863db4ce0380527b4af2baf735cf60cbbb0b7b522bff86f342c04fa91da60fa0012f32625b3362b113145dd6f6e4167dff1605ec6046cf476320c8e904eb12c978e8d1d341b45afd46dbda9fed474d153598c0dcc0816d9fda578874d8874722a7c364416f4b2356c423a442528c0b05039d0a36a04f78c276e6907f585c1f3dc3ebedd238afb8d86436a4ac306107865de540b9f7d929834d69e93e4383e3c3e93519d7199f3e1ed0c14d27272e390e64edc681bb9e1a0c02b4003cfe592db99c94d121cc9912769c5f42dc4aef2c0b788c2280b2aa8bf38a94795ab3d8af127489ba2ca1ece999b7731e28e1a636da887795a934b97137445211bf96e058b2471e91b0c2e055875efd2ed99d34797ec86198becd1154d62e7302cd117d8158a58860d3def50e5255c65298f694ccaefde72e87a884dd4c024dbf324f78353cd62ecf4fe2cbdf91dcc4c8ba0ebff581d31a4b1b1733a0be4d21f0e1e2e2ced371e50abecbd9642eb4eac1266ba8ce23d4523c567c0055892f697b6f720abca1354d5e448123d3d7de5173af540cdf429b03dd572175c48b6527a753e1b0e4929918ead897e89b1eed49fdbba5ac3131835293489a76d9a71dc1c61c098399ae4e3dc09b1fb44ec93bb62a099db95dc02ca90a1b7620577d6aa08a4b3a6e1fb67938f0765b56097eaac2c79603e90bff5d5eabbc01bf9cbd3b31a325bf609bf41848f60180ed2e82db320212a4b9a5905459d3654e602409782dc44dae83138c32a42c7c5b9761629ee1b120ef0d4eee087a81d63cc14db4a414de69cf953e02cc0976a1fc47c17ef0adc858de23d5e79a794471f2b1d9f71b77abf1b11eb27bbe88e94e9c6aafeab0071825b043ae89deed3836be51cda7ef0494decc7a49cf5206b5988adeb1699d8c3f72538988bcb83b39be8b516a36f7a63a779b66d5572b6cd71f0c7c730b6740c7959a2ec51a2b5af4ab590487767675bdd543edced8f4e7940393becd9ecbc20319a915889c4c587361ea9877c4afcc358366bcf720ac197b43ca2ef9bcb30f4cbbad42f47d9cb9f2e75084da56e894010a19e7acf5347635c45c40de6d7f8859cb53f86e00e1decab2a09af93036db6e006bd1734125267a9fff61d6c168bb0a0e3dda8f8c195424df26e78aebf7183b65f89e20c377c2a622c2255a0528c23dbf100570c67a62b3ab5b6e7e06d1016c5f3836d51c062b2a0651473837f44a5049262b9c7add5647b760f040dd5eb2d52aa2329b53123ec0162ccda4226d429d8b72992847b7818d5d1d682bb3b65dbf8fea89c65eeb878a1c8a6ae247fbbf60493790e7a9727787ef53ac3ac02c5722aa77680237003619bf84be333c61379b297e1110a22b313e1003e947fc074731762366b6beeaab9df584bd6f5515227b898f45ff922489719db88fba5fe35b632d6b92d58e95879189d0eba3c79fe550a6b74a183048c8bed03b36e8fc2e46a5634eeda7bd3da279ea67ee6335e661e50bb9c9919feb3041f1c057de4161f207447c5c9108c509cb7f35306635aebeae3f4e049e7d21227fa8e25fe39536cce8fd1facf9880f7063339989f15938d3141018ddc72a76d99179677650b165b897ffcc3ab7ce1e09d3a34ec153dfbf0fd2c438f120a4cd9314fcd7798248374cac6c21b19cf5512e228aa5dfe61b607eb59db2c07160d82ff87ccd6461febea7b11267e90ba6315bc623590397eac7447cd2ed25f2e024386dd71151652341f61668a3c8e163a9e0cac8efb552e58947b985ffac226ff923692947eff366fb509916f0649d2afefca97d192b9a21a0abf1fe5c30ac00e98a32eb8d5761193d5dbb939385230d18dccb528f08d4b3be315f4e78d78af416b1036382deb313011be44bc8b1e93db967730c20ba139250aeadb58771da2dc2b7f11b040f864ecaafc9c827fbfad2f357e7dbe9c0cd621e90973bf58eacdb67da2303ce93b92735a6d380e18c1fec50f17990da3d38b96c6fc7d5da5cc7d02242e8f98ad9ad4bf7fb75cb6358b4986674b6d722327eaa0b740bbc729178165704da7df924e5b81dccdeeed388dc778c02364ac4069c56480ef0d73d0363e9fd781226149ae0f59d9d6f1f058979051fe44e99a4b674d365de818902cc1099e4373ee8301a68094348d6a30fc50b0ef6833ff4932a36ee265c99d1a6d70d0fa185ebfd2953ecc778c25569665e68ac360249b7a9c194c3", 0x1000, 0xfffffffffffffffe) r1 = add_key(&(0x7f0000000200)='big_key\x00', &(0x7f0000000240)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000001300)="83b52f95749fb3a78721f134c8357ca57391c7430dc72a042c9cda19f6eeb3dc19475cff6fb55340c107a8d726331a5580133f2b429ab2272211d1bcfba9c4f3e5299d4cea7de1c48af232c8a0891bb28d49732c0b1c92e23ae8b97e9aac74b443316c658cdaedc21e29f10f5b09a63ac3d001d5d6bbe61d983705c8b577f3712b686c1a8787bb387306ea7e1d8b32dcf6cb9bb253511d7c9dc115b8020ee00ebd11f5d282f2d01c", 0xa8, 0xffffffffffffffff) r2 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, r1) keyctl$restrict_keyring(0x1d, r2, &(0x7f0000000040)='asymmetric\x00', &(0x7f00000000c0)='self.posix_acl_access\x00') 2018/03/26 13:05:40 executing program 3: r0 = accept4$ax25(0xffffffffffffff9c, &(0x7f0000000000), &(0x7f0000000040)=0x10, 0x800) flock(r0, 0x8) r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000080)='cpuset.memory_pressure\x00', 0x0, 0x0) ioctl$TCSETSF(r1, 0x5404, &(0x7f00000000c0)={0x4, 0x9, 0x6, 0x3, 0x8, 0x2, 0x3, 0x0, 0x51, 0x2, 0x1, 0xddb}) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000100)={0x3, [0x0, 0x0, 0x0]}) mkdirat(r1, &(0x7f0000000140)='./file0\x00', 0x100) ioctl$BINDER_SET_MAX_THREADS(r1, 0x40046205, 0x5) r2 = shmget(0x2, 0x1000, 0x2, &(0x7f0000fff000/0x1000)=nil) shmat(r2, &(0x7f0000ffe000/0x2000)=nil, 0x4000) r3 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer\x00', 0x101000, 0x0) ioctl$KDGETLED(r3, 0x4b31, &(0x7f00000001c0)) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000200)={0x5}, 0x4) pipe2(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) getsockopt$inet_sctp_SCTP_MAX_BURST(r4, 0x84, 0x14, &(0x7f0000000280)=@assoc_value={0x0}, &(0x7f00000002c0)=0x8) getpeername$packet(r4, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f00000003c0)=0x14) ioctl$sock_inet6_SIOCSIFDSTADDR(r4, 0x8918, &(0x7f0000000400)={@dev={0xfe, 0x80, [], 0xc}, 0x71, r7}) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r1, 0x84, 0x7, &(0x7f0000000440)={0x8}, 0x4) ioctl$DRM_IOCTL_MAP_BUFS(r4, 0xc0186419, &(0x7f0000001680)={0x2, &(0x7f0000000480)=""/168, &(0x7f0000001640)=[{0x8000, 0xc8, 0x100, &(0x7f0000000540)=""/200}, {0x5, 0x1000, 0x10000, &(0x7f0000000640)=""/4096}]}) ioctl$VHOST_SET_LOG_FD(r5, 0x4004af07, &(0x7f00000016c0)=r3) ioctl$PIO_CMAP(r4, 0x4b71, &(0x7f0000001700)={0x1, 0x3, 0x0, 0x4, 0x1f, 0x100000000}) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r3, 0x84, 0xa, &(0x7f0000001740)={0xc6, 0x1, 0x8006, 0x7, 0x9, 0x8, 0x2, 0x0, r6}, 0x20) getrandom(&(0x7f0000001780)=""/82, 0x52, 0x3) bind$inet(r5, &(0x7f0000001800)={0x2, 0x4e21}, 0x10) syz_open_dev$sndmidi(&(0x7f0000001840)='/dev/snd/midiC#D#\x00', 0x9, 0x400) r8 = semget(0x3, 0x0, 0x200) semctl$SETVAL(r8, 0x3, 0x10, &(0x7f0000001880)) ioctl$KVM_X86_SETUP_MCE(r1, 0x4008ae9c, &(0x7f00000018c0)={0x5, 0x1, 0x5}) syz_open_dev$evdev(&(0x7f0000001900)='/dev/input/event#\x00', 0x8, 0x1) setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x1f, &(0x7f0000001940)={r6, @in6={{0xa, 0x4e23, 0x1ff, @empty, 0x5}}, 0x1, 0x9}, 0x90) connect$l2tp(r3, &(0x7f0000001a00)=@pppol2tpv3={0x18, 0x1, {0x0, r4, {0x2, 0x4e21, @multicast1=0xe0000001}, 0x2, 0x2, 0x2, 0x3}}, 0x2e) 2018/03/26 13:05:40 executing program 1: mmap(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x0, 0x1b071, 0xffffffffffffffff, 0x0) mremap(&(0x7f000000d000/0x2000)=nil, 0xfffffffffffffe74, 0x1000, 0x3, &(0x7f0000007000/0x1000)=nil) munlock(&(0x7f000000a000/0x2000)=nil, 0x2000) remap_file_pages(&(0x7f0000003000/0x9000)=nil, 0x9000, 0x0, 0x0, 0x0) r0 = socket$inet6_dccp(0xa, 0x6, 0x0) recvmmsg(r0, &(0x7f0000001a40)=[{{&(0x7f0000000000)=@can, 0x80, &(0x7f0000000140)=[{&(0x7f0000000100)=""/27, 0x1b}], 0x1, &(0x7f0000000180)=""/234, 0xea, 0x20}, 0x800}, {{&(0x7f0000000280)=@in={0x0, 0x0, @remote}, 0x80, &(0x7f00000015c0)=[{&(0x7f0000000300)=""/226, 0xe2}, {&(0x7f0000000400)=""/4096, 0x1000}, {&(0x7f0000001400)=""/147, 0x93}, {&(0x7f00000014c0)=""/220, 0xdc}], 0x4, &(0x7f0000001600)=""/99, 0x63, 0x2}, 0x7}, {{&(0x7f0000001680)=@alg, 0x80, &(0x7f0000001900)=[{&(0x7f0000001700)=""/232, 0xe8}, {&(0x7f0000001800)=""/45, 0x2d}, {&(0x7f0000001840)=""/184, 0xb8}], 0x3, 0x0, 0x0, 0xb65d}, 0x5}, {{0x0, 0x0, &(0x7f00000019c0)=[{&(0x7f0000001940)=""/81, 0x51}], 0x1, &(0x7f0000001a00)=""/25, 0x19, 0x61}, 0x101}], 0x4, 0x1, 0x0) getsockopt(r0, 0x2000000000010d, 0x6, &(0x7f0000000080)=""/4, &(0x7f00000000c0)=0x4) 2018/03/26 13:05:40 executing program 0: r0 = socket$vsock_stream(0x28, 0x1, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dsp\x00', 0x400100, 0x0) getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000100)=@assoc_value={0x0, 0x8}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000180)={r2, 0x7}, 0x8) socket(0x1b, 0x80007, 0x400000) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffffffffffe, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$DRM_IOCTL_AGP_ACQUIRE(0xffffffffffffffff, 0x6430) setsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f00000000c0)=@sack_info={r2, 0x685b8023, 0x2}, 0xc) io_submit(0x0, 0x1, &(0x7f0000000680)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000040)="a8a3aa44854a508ef5052ff5998c9a99a9f7ba7d88eff893007108f3fbef", 0x1e, 0x0, 0x0, 0x3}]) setsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000200)={r2, 0x10000, 0x5, 0x1}, 0x10) 2018/03/26 13:05:40 executing program 2: getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000000c0), &(0x7f0000000100)=0xc) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc) r0 = getpgrp(0x0) r1 = syz_open_procfs(r0, &(0x7f0000000300)='net/psched\x00') sendfile(r1, r1, &(0x7f0000000280)=0x42402, 0x6) getsockopt$inet_udp_int(r1, 0x11, 0x66, &(0x7f0000000000), &(0x7f0000000040)=0x4) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:40 executing program 3: getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, &(0x7f000000f000)=""/30, &(0x7f000044e000)=0x1e) mremap(&(0x7f000053b000/0x1000)=nil, 0x1000, 0x4000, 0x3, &(0x7f00000cc000/0x4000)=nil) mremap(&(0x7f000053c000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00000cd000/0x3000)=nil) socketpair$inet_smc(0x2b, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000140)='highspeed\x00', 0xa) sigaltstack(&(0x7f00000cc000/0x4000)=nil, &(0x7f0000000100)) getrandom(&(0x7f0000000040)=""/160, 0xa0, 0x360fdfc2765793cb) 2018/03/26 13:05:40 executing program 5: perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000002ff4)='smaps\x00') preadv(r0, &(0x7f0000005000)=[{&(0x7f0000000fff)=""/1, 0x1}], 0x1, 0x10000000000000) ioctl$PIO_CMAP(r0, 0x4b71, &(0x7f00000000c0)={0x100000001, 0x5, 0x8, 0x1, 0x4, 0xb8}) setsockopt$inet_buf(r0, 0x0, 0x26, &(0x7f0000000100)="ae0c586a5d555aa0054b47ab379aa70ec1261f70b1599d4fa4b79b28ab2abd8391d18ba245801c2e57068f2141276912e49d1f8d318aa44c30ab301fbd08606f1752962c906460633162f7ff52ddcf13c3faae5aeaedb9d19e7027980c18a5d4bfd11eec4f9c6c1983a690745e8c48ca78faa6cf5b779b90c0710d30312af0fb47f92faad6bd4fed41be50f4e6e62914cd7fe92308a2978ac907e215127a77863a7b61dc3a1a7b598468b926019d2c2813f045006851b54359676cd02c45b98d0dc73fcaf3e607c444c9089f338d990e7a6ed0106a01b7d3f1ae87bb73cf95acac5965ef38276fecbfa0887583c21ecd", 0xf0) [ 1049.001280] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1049.012305] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1049.017486] CPU: 1 PID: 24780 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1049.024842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1049.034191] Call Trace: [ 1049.036777] dump_stack+0x194/0x24d [ 1049.040386] ? arch_local_irq_restore+0x53/0x53 [ 1049.045038] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1049.050213] dump_header+0x28c/0xe2b [ 1049.053911] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1049.059080] ? arch_local_irq_restore+0x53/0x53 [ 1049.063728] ? perf_trace_lock+0xd6/0x900 [ 1049.067852] ? __lock_acquire+0x664/0x3e00 [ 1049.072075] ? trace_event_raw_event_lock+0x340/0x340 [ 1049.077249] ? perf_trace_lock+0xd6/0x900 [ 1049.081379] ? trace_hardirqs_off+0x10/0x10 [ 1049.085673] ? perf_trace_lock+0xd6/0x900 [ 1049.089802] ? trace_event_raw_event_lock+0x340/0x340 [ 1049.094971] ? __lock_acquire+0x664/0x3e00 [ 1049.099179] ? task_will_free_mem+0x252/0xaa0 [ 1049.103656] ? print_irqtrace_events+0x270/0x270 [ 1049.108397] ? ___ratelimit+0x30d/0x630 [ 1049.112350] ? lock_downgrade+0x980/0x980 [ 1049.116481] ? lock_release+0xa40/0xa40 [ 1049.120439] ? mark_held_locks+0xaf/0x100 [ 1049.124562] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1049.129656] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1049.134649] ? trace_hardirqs_on+0xd/0x10 [ 1049.138774] ? ___ratelimit+0x95/0x630 [ 1049.142640] ? idr_get_free+0xfd0/0xfd0 [ 1049.146588] ? find_held_lock+0x35/0x1d0 [ 1049.150635] oom_kill_process+0x8b9/0x1640 [ 1049.154847] ? lock_downgrade+0x980/0x980 [ 1049.158980] ? __lock_is_held+0xb6/0x140 [ 1049.163029] ? oom_evaluate_task+0x480/0x480 [ 1049.167429] ? rcu_read_unlock+0x35/0x70 [ 1049.171465] ? mem_cgroup_iter+0x363/0xbd0 [ 1049.175674] ? lock_downgrade+0x980/0x980 [ 1049.179816] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1049.184556] ? mark_held_locks+0xaf/0x100 [ 1049.188683] ? _raw_spin_unlock_irq+0x27/0x70 [ 1049.193164] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1049.198155] ? trace_hardirqs_on+0xd/0x10 [ 1049.202275] ? _raw_spin_unlock_irq+0x27/0x70 [ 1049.206748] ? css_task_iter_end+0x280/0x430 [ 1049.211131] ? _raw_spin_unlock_irq+0x27/0x70 [ 1049.215601] ? cgroup_procs_next+0x70/0x70 [ 1049.219811] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1049.224805] ? trace_hardirqs_on+0xd/0x10 [ 1049.228926] ? _raw_spin_unlock_irq+0x27/0x70 [ 1049.233401] ? oom_badness+0x980/0x980 [ 1049.237263] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1049.241999] ? mem_cgroup_iter_break+0x30/0x30 [ 1049.246576] ? finish_wait+0x268/0x490 [ 1049.250440] ? lock_downgrade+0x980/0x980 [ 1049.254568] out_of_memory+0x86d/0x1220 [ 1049.258533] ? oom_killer_disable+0x310/0x310 [ 1049.263000] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1049.268089] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1049.273090] ? trace_hardirqs_on+0xd/0x10 [ 1049.277226] mem_cgroup_out_of_memory+0x159/0x200 [ 1049.282044] ? swap_max_write+0x110/0x110 [ 1049.286165] ? do_raw_spin_trylock+0x190/0x190 [ 1049.290733] ? _raw_spin_unlock+0x22/0x30 [ 1049.294862] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1049.299858] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1049.305285] ? find_held_lock+0x35/0x1d0 [ 1049.309333] ? memcg_event_wake+0x420/0x420 [ 1049.313641] ? __do_page_fault+0x5f7/0xc90 [ 1049.317862] ? lock_downgrade+0x980/0x980 [ 1049.321989] pagefault_out_of_memory+0xbd/0x152 [ 1049.326635] ? out_of_memory+0x1220/0x1220 [ 1049.330841] ? handle_mm_fault+0x465/0xb10 [ 1049.335055] ? __handle_mm_fault+0x38c0/0x38c0 [ 1049.339609] ? vmacache_find+0x5f/0x280 [ 1049.343557] ? vmacache_update+0xfe/0x130 [ 1049.347684] mm_fault_error+0xd6/0x2c0 [ 1049.351553] __do_page_fault+0xb4d/0xc90 [ 1049.355600] ? mm_fault_error+0x2c0/0x2c0 [ 1049.359724] ? kernel_write+0x120/0x120 [ 1049.363677] ? do_syscall_64+0xb7/0x940 [ 1049.367638] do_page_fault+0xee/0x730 [ 1049.371414] ? __do_page_fault+0xc90/0xc90 [ 1049.375625] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1049.380360] ? syscall_return_slowpath+0x550/0x550 [ 1049.385265] ? syscall_return_slowpath+0x2ac/0x550 [ 1049.390171] ? prepare_exit_to_usermode+0x350/0x350 [ 1049.395164] ? retint_user+0x18/0x18 [ 1049.398855] ? page_fault+0x2f/0x50 [ 1049.402458] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1049.407541] ? page_fault+0x2f/0x50 [ 1049.411143] page_fault+0x45/0x50 [ 1049.414568] RIP: 0033:0x409b83 [ 1049.417733] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1049.423073] RAX: 0000001b9bc20000 RBX: 0000000000001279 RCX: 000000000040e950 [ 1049.430317] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1049.437562] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1049.444809] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1049.452052] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1049.459609] Task in /syz1 killed as a result of limit of /syz1 [ 1049.465645] memory: usage 0kB, limit 0kB, failcnt 4076 [ 1049.470957] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1049.477736] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1049.483906] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1049.503354] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1049.512254] [24780] 0 24780 11408 2089 65536 0 0 syz-executor1 [ 1049.521139] Memory cgroup out of memory: Kill process 24780 (syz-executor1) score 2105000 or sacrifice child [ 1049.531191] Killed process 24780 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1049.545693] oom_reaper: reaped process 24780 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:41 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) socketpair$ipx(0x4, 0x2, 0x0, &(0x7f0000000000)) 2018/03/26 13:05:41 executing program 5: r0 = socket(0x0, 0x800, 0x0) write(r0, &(0x7f0000000100)="240000001a0025f0001b000400edfc0e1c0b0500000000001009ffeb0800010000080100", 0x24) 2018/03/26 13:05:41 executing program 4: mmap(&(0x7f0000000000/0xe62000)=nil, 0xe62000, 0x0, 0x32, 0xffffffffffffffff, 0x0) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000000)) utimensat(0xffffffffffffffff, &(0x7f0000000080)='./control\x00', &(0x7f00000000c0)={{}, {0x0, 0x2710}}, 0x0) 2018/03/26 13:05:41 executing program 3: r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x800, 0x0) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000040)) bpf$BPF_PROG_QUERY(0x10, &(0x7f00000000c0)={r0, 0x1, 0x1, 0x5, &(0x7f0000000080)=[0x0], 0x1}, 0x20) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000180)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(ccm(cipher_null-generic))\x00'}, 0x15) 2018/03/26 13:05:41 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') setsockopt$netrom_NETROM_IDLE(r0, 0x103, 0x7, &(0x7f0000000000)=0x3, 0x4) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:41 executing program 1: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x4000, 0x0) ioctl$VT_DISALLOCATE(r0, 0x5608) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000080), &(0x7f00000000c0)=0xb) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r0, 0xc0045516, &(0x7f0000000100)=0x7ff) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = memfd_create(&(0x7f0000000200)='/dev/sequencer2\x00', 0x1) ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, &(0x7f0000000180)="db6955b274c5a484d48e60d34b177f288fc1644f44322b34dc0d1fe5320f6abe2dd79d4d139ceb6ff6693ba5bdd5e7c5afaa7db0af9528e8524648ad2775de2c503749c977e5b43099ee5e869d611cad322a7928c1c0a5") getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000280)={{{@in, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@dev}}, &(0x7f0000000380)=0xe8) getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f00000003c0)={0x0, 0x0, 0x0}, &(0x7f0000000400)=0xc) chown(&(0x7f0000000140)='./file0\x00', r3, r4) sendmsg$nl_xfrm(r1, &(0x7f0000001000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000001ff0)={&(0x7f0000006e58)=ANY=[@ANYBLOB="c4000000130021040000000000000000ff0100000000000000000000000000010000000000000000000000000000000000000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200c0008000800080000000000"], 0xc4}, 0x1}, 0x0) ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000240)=[0x7d, 0xfffffffffffffff3]) 2018/03/26 13:05:41 executing program 0: nanosleep(&(0x7f0000d1e000)={0x0, 0x1c9c380}, &(0x7f0000000040)) mlock2(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) mremap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f0000904000/0x3000)=nil) syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x0, 0x0) 2018/03/26 13:05:41 executing program 6: r0 = socket$inet6_udp(0xa, 0x2, 0x0) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x4000, 0x0) ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0) ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000040)={&(0x7f0000ffe000/0x2000)=nil, 0x2000}) sendmmsg(r0, &(0x7f0000f56000)=[{{&(0x7f0000b46000)=@in6={0xa, 0x4e21}, 0x1c, &(0x7f00000f9000), 0x0, &(0x7f00004eafe8)=[{0x18, 0x29, 0x37, "f5"}], 0x18}}], 0x1, 0x0) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000080)={0x0, 0x8, 0x2, [0x1, 0x7]}, &(0x7f00000000c0)=0xc) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f0000000100)={r2, 0x2f9, 0x10}, 0xc) ioctl$sock_kcm_SIOCKCMUNATTACH(r1, 0x89e1, &(0x7f0000000140)={r0}) 2018/03/26 13:05:41 executing program 4: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x31, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000357000/0x3000)=nil, 0x3000, 0xc) 2018/03/26 13:05:41 executing program 3: r0 = dup(0xffffffffffffff9c) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={0xffffffffffffffff}) r2 = accept4$unix(r1, &(0x7f0000000600)=@abs, &(0x7f0000000680)=0x365, 0x80800) recvfrom$unix(r2, &(0x7f0000000240)=""/102, 0x66, 0x0, &(0x7f00000002c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e) getresgid(&(0x7f00000001c0), &(0x7f0000000340)=0x0, &(0x7f0000000380)) getresgid(&(0x7f00000003c0), &(0x7f0000000400), &(0x7f0000000440)=0x0) getgroups(0x2, &(0x7f0000000480)=[0xffffffffffffffff, 0x0]) getgroups(0x3, &(0x7f00000004c0)=[r3, r4, r5]) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = getpgrp(0xffffffffffffffff) ioctl$DRM_IOCTL_AGP_ENABLE(r6, 0x40086432, &(0x7f0000000540)=0x9) ptrace(0xffffffffffffffff, r7) setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000700)=ANY=[@ANYBLOB="66696c74657200000000000000000000000000000000000000000000000000000e0000000400000098030000ffffffff000000000000000020010000ffffffffffffffff000300000003000000030000ffffffff04000000", @ANYPTR=&(0x7f0000000500)=ANY=[@ANYBLOB="00000000001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], @ANYBLOB="ffffffffe0000001ff0000ffffffff00627269646765300000000000000000007465716c300000000000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000000001620000000000000000000000000000c0002001000000000000000000000000000000000000000000000000280069636d70000000000000000000000000000000000000000000000000000003000300000000006000434c5553544552495000000000000000000000000000000000000000000001000000000000000000ff0f0100120007000e0007003400180006003b001e002600340035003b00070030003100000001000000030000000400000000000000000000007f000001ffffffff0000000074756e6c30000000000000000000000062707130000000000000000000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006f0002340000000000000000000000000000c0002001000000000000000000000000000000000000000000000000280074746c00000000000000000000000000000000000000000000000000000003f70000000000006000484d41524b000000000000000000000000000000000000000000000000007f000001000000000000000000000000ffffffffffffffffff000000000000004e244e244e234e2200000000c800000005000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000009800c000000000000000000000000000000000000000000000000000280052454a45435400000000000000000000000000000000000000000000000009ef44d500000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007000980000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000"], 0x3f8) accept(r6, &(0x7f0000000040)=@rc, &(0x7f00000000c0)=0x80) ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000000)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route(r6, &(0x7f0000873000)={&(0x7f00007cfff4)={0x10}, 0xc, &(0x7f00000a6000)={&(0x7f0000000200)=@newneigh={0x30, 0x1c, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r8}, [@NDA_LLADDR={0xc, 0x2, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa]}}, @NDA_DST_IPV4={0x8, 0x1, @local={0xac, 0x14, 0x14, 0xaa}}]}, 0x30}, 0x1}, 0x0) getresgid(&(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)) [ 1049.644083] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1049.655137] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1049.660421] CPU: 0 PID: 24813 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1049.667779] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1049.677126] Call Trace: [ 1049.679713] dump_stack+0x194/0x24d [ 1049.683343] ? arch_local_irq_restore+0x53/0x53 [ 1049.688012] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1049.693210] dump_header+0x28c/0xe2b [ 1049.696930] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1049.702120] ? arch_local_irq_restore+0x53/0x53 [ 1049.706798] ? __lock_acquire+0x664/0x3e00 [ 1049.711037] ? print_irqtrace_events+0x270/0x270 [ 1049.715789] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1049.720905] ? trace_hardirqs_off+0x10/0x10 [ 1049.725221] ? __lock_acquire+0x664/0x3e00 [ 1049.729454] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1049.734648] ? __lock_acquire+0x664/0x3e00 [ 1049.738877] ? task_will_free_mem+0x252/0xaa0 2018/03/26 13:05:41 executing program 6: r0 = syz_open_dev$loop(&(0x7f0000000140)='/dev/loop#\x00', 0x0, 0x0) ioctl$LOOP_GET_STATUS(r0, 0x4c03, &(0x7f0000000180)) r1 = accept4(0xffffffffffffff9c, 0x0, &(0x7f0000000000), 0x800) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ppp\x00', 0x0, 0x0) ioctl$TIOCSCTTY(r2, 0x540e, 0x7) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e21, @multicast2=0xe0000002}, @in={0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}, @in={0x2, 0x4e20, @loopback=0x7f000001}, @in6={0xa, 0x4e23, 0x4, @mcast2={0xff, 0x2, [], 0x1}, 0x974}, @in6={0xa, 0x4e23, 0x5, @dev={0xfe, 0x80, [], 0xa}, 0xfffffffffffffffe}, @in6={0xa, 0x4e24, 0x7, @mcast2={0xff, 0x2, [], 0x1}, 0x1}, @in6={0xa, 0x4e23, 0x992, @empty, 0xfaf7}], 0xb0) 2018/03/26 13:05:41 executing program 4: r0 = socket$inet6_sctp(0xa, 0x1000002, 0x84) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000058000)={0x1, {{0xa, 0x4e20, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00002c2000)={0x1, {{0xa, 0x4e20, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, 0x0, 0x2, [{{0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}}]}, 0x190) setsockopt$inet6_group_source_req(r0, 0x29, 0x2b, &(0x7f0000e6e000)={0x0, {{0xa, 0x4e20, 0x0, @mcast1={0xff, 0x1, [], 0x1}}}, {{0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}}}, 0x108) 2018/03/26 13:05:41 executing program 3: perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x13fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$netlink_NETLINK_CAP_ACK(0xffffffffffffffff, 0x10e, 0xa, &(0x7f0000000040), 0xffffffffffffffe1) r0 = syz_open_dev$tun(&(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x5000}) [ 1049.743378] ? print_irqtrace_events+0x270/0x270 [ 1049.748145] ? ___ratelimit+0x30d/0x630 [ 1049.752117] ? lock_downgrade+0x980/0x980 [ 1049.756267] ? lock_release+0xa40/0xa40 [ 1049.760245] ? mark_held_locks+0xaf/0x100 [ 1049.764392] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1049.769493] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1049.774502] ? trace_hardirqs_on+0xd/0x10 [ 1049.778649] ? ___ratelimit+0x95/0x630 [ 1049.782533] ? idr_get_free+0xfd0/0xfd0 [ 1049.786498] ? find_held_lock+0x35/0x1d0 [ 1049.790565] oom_kill_process+0x8b9/0x1640 2018/03/26 13:05:41 executing program 6: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x100, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffff9c, 0x84, 0x1d, &(0x7f00000001c0)=ANY=[@ANYBLOB="03000000b9bbf2ffcf1cf5b5078c4227fd29d7f0cf5a172a1d2f7898456acdf78914dc20b0a2f3716c256be05ed368d05f77e9b079cab53ecdcc1f47df0627db2a9a21fcf53fe3b58e36c561e962dfed1b9491e77f9e2fda0eb41608c0916c86783565d39e02", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000100)=0x10) ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, &(0x7f00000002c0)) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000140)={r1, 0x40}, &(0x7f0000000180)=0x8) r3 = socket$inet6(0xa, 0x1, 0x0) getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000240)={r2, 0x3}, &(0x7f0000000280)=0x8) r5 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x100, 0x0) ioctl$KVM_XEN_HVM_CONFIG(r5, 0x4038ae7a, &(0x7f00000004c0)={0x200, 0x3b4, &(0x7f0000000300)="8402d30146b087831b6a767a4bb766dee8b218d6b85e8f994e18273a2eada3e1d9162df0acef93275d8637f7dbb84d4a94a67c7bd373191c79bdfb277966341216e3cd9c6aeb0d8b005fa383c3bcdc6f53df1d4361ba7b9b677444f510cd9de2785ceac7446443ef6544e15ea719db90d53eb262f80fa0a84fffc40b6f15f4445aba6816d3bc9ae749a5fc4f094b0502bb71c2203260a9b7dd589f940d6394b0c8a38688da0e7e215e6f4190215b6919cea57db3e84d9745edfab74950ace2ef6137ef823a8c640043d36269981eb24c8085144c4b23393c4e01808dac656d739d", &(0x7f0000000400)="b2ec4f6489d67e81918eaab8b9765b375668930bff9f7d0e454aa3d8973e3736119a7b4d3f78c84f6a7252dd3d54217a6d9e8da30cc87ee4f99bd88a0b8d419ecef825588b0780e9685e727087977905478b4e9a4c5c396c8bec96b636619afc108c2e9f8ba6d3cb7065c716d939e7723bcb6adf762090607ae4094ee72470b49ccd57e2a89eb9aabbc3a612f95d7b42a11c", 0xe1, 0x92}) setsockopt$inet6_udp_int(r3, 0x11, 0x1, &(0x7f0000000040)=0x46, 0x4) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r5, 0x84, 0x1f, &(0x7f0000000500)={r4, @in6={{0xa, 0x4e21, 0x7, @ipv4={[], [0xff, 0xff]}, 0xc3be}}, 0x7f, 0x4}, &(0x7f00000005c0)=0x90) setsockopt$inet6_udp_int(r3, 0x11, 0x65, &(0x7f0000000640)=0xfffffffffffffe01, 0x4) sendmmsg(r3, &(0x7f0000001d80)=[{{&(0x7f0000000000)=@in6={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c, &(0x7f0000000080), 0x0, &(0x7f0000000080)}}, {{&(0x7f0000000000)=@in={0x2, 0x4e22, @rand_addr}, 0x10, &(0x7f0000001bc0), 0x198, &(0x7f0000000040)}, 0x10}], 0x2, 0x0) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000600)={r4, 0x4373963f}, 0x8) 2018/03/26 13:05:41 executing program 4: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x62000)=nil, 0x62000, 0x0, 0x11, r0, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x0, 0x0) close(r1) ioctl$EVIOCGBITSND(r1, 0x80404532, &(0x7f0000000040)=""/220) fallocate(r1, 0xfffffffffffffffc, 0x6, 0x7) [ 1049.794796] ? lock_downgrade+0x980/0x980 [ 1049.798945] ? __lock_is_held+0xb6/0x140 [ 1049.803010] ? oom_evaluate_task+0x480/0x480 [ 1049.807431] ? rcu_read_unlock+0x35/0x70 [ 1049.811482] ? mem_cgroup_iter+0x363/0xbd0 [ 1049.815718] ? lock_downgrade+0x980/0x980 [ 1049.819878] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1049.824632] ? mark_held_locks+0xaf/0x100 [ 1049.828777] ? _raw_spin_unlock_irq+0x27/0x70 [ 1049.833265] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1049.838282] ? trace_hardirqs_on+0xd/0x10 [ 1049.842422] ? _raw_spin_unlock_irq+0x27/0x70 [ 1049.846910] ? css_task_iter_end+0x280/0x430 [ 1049.851312] ? _raw_spin_unlock_irq+0x27/0x70 [ 1049.855805] ? cgroup_procs_next+0x70/0x70 [ 1049.860037] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1049.865072] ? trace_hardirqs_on+0xd/0x10 [ 1049.869215] ? _raw_spin_unlock_irq+0x27/0x70 [ 1049.873709] ? oom_badness+0x980/0x980 [ 1049.877594] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1049.882348] ? mem_cgroup_iter_break+0x30/0x30 [ 1049.886944] ? finish_wait+0x268/0x490 [ 1049.890846] ? lock_downgrade+0x980/0x980 [ 1049.894986] out_of_memory+0x86d/0x1220 [ 1049.898958] ? oom_killer_disable+0x310/0x310 [ 1049.903429] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1049.908516] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1049.913512] ? trace_hardirqs_on+0xd/0x10 [ 1049.917660] mem_cgroup_out_of_memory+0x159/0x200 [ 1049.922480] ? swap_max_write+0x110/0x110 [ 1049.926603] ? do_raw_spin_trylock+0x190/0x190 [ 1049.931176] ? _raw_spin_unlock+0x22/0x30 [ 1049.935311] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1049.940308] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1049.945742] ? find_held_lock+0x35/0x1d0 [ 1049.949793] ? memcg_event_wake+0x420/0x420 [ 1049.954097] ? __do_page_fault+0x5f7/0xc90 [ 1049.958313] ? lock_downgrade+0x980/0x980 [ 1049.962446] pagefault_out_of_memory+0xbd/0x152 [ 1049.967093] ? out_of_memory+0x1220/0x1220 [ 1049.971303] ? handle_mm_fault+0x465/0xb10 [ 1049.975526] ? __handle_mm_fault+0x38c0/0x38c0 [ 1049.980084] ? vmacache_find+0x5f/0x280 [ 1049.984038] ? vmacache_update+0xfe/0x130 [ 1049.988170] mm_fault_error+0xd6/0x2c0 [ 1049.992045] __do_page_fault+0xb4d/0xc90 [ 1049.996103] ? mm_fault_error+0x2c0/0x2c0 [ 1050.000233] ? kernel_write+0x120/0x120 [ 1050.004192] ? do_syscall_64+0xb7/0x940 [ 1050.008151] do_page_fault+0xee/0x730 [ 1050.011948] ? __do_page_fault+0xc90/0xc90 [ 1050.016170] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1050.020908] ? syscall_return_slowpath+0x550/0x550 [ 1050.025834] ? syscall_return_slowpath+0x2ac/0x550 [ 1050.030743] ? prepare_exit_to_usermode+0x350/0x350 [ 1050.035741] ? retint_user+0x18/0x18 [ 1050.039436] ? page_fault+0x2f/0x50 [ 1050.043043] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1050.047870] ? page_fault+0x2f/0x50 [ 1050.051478] page_fault+0x45/0x50 [ 1050.054909] RIP: 0033:0x409b83 [ 1050.058077] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1050.063419] RAX: 0000001b9bc20000 RBX: 000000000000127a RCX: 000000000040e950 [ 1050.070667] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1050.077915] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1050.085162] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 2018/03/26 13:05:42 executing program 3: r0 = socket$inet(0x2, 0x6, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000280)={"6772653000000000000400", &(0x7f0000000180)=ANY=[@ANYBLOB="3300000000000000289777452ef09761b3595489dca186db91f4cb98c71258c2bd01aa4232687dd9a639d12c484ed39807b7c1b4fc8e4eac7ad2f6aba717cb00d3d58521eafebf3e3994b833f5487b18c3332cd88b68bf5612cfe56ae2cb31ab914ce727cefb79405d5203ef755d852a347c748f577723fd9070a5fcbedd00000000000000000000"]}) [ 1050.092411] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1050.099987] Task in /syz1 killed as a result of limit of /syz1 [ 1050.106071] memory: usage 0kB, limit 0kB, failcnt 4084 [ 1050.111405] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1050.118198] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1050.124402] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:05:42 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000040)={0x7fff, 0x7, 0x100, 'queue0\x00', 0x8}) r1 = syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0xffff, 0x4000) setsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000140)=@int=0x7, 0x4) setsockopt$inet_sctp_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000180)=0x8, 0x4) getuid() ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0) 2018/03/26 13:05:42 executing program 6: r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/enforce\x00', 0x4, 0x0) lseek(r0, 0x0, 0x3) getsockopt$inet_sctp_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000000), &(0x7f0000000040)=0x4) 2018/03/26 13:05:42 executing program 5: r0 = socket$packet(0x11, 0x10000000002, 0x300) r1 = socket$inet6(0xa, 0x80005, 0x0) setsockopt(r1, 0x84, 0x78, &(0x7f000068b000), 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6tnl0\x00', 0x0}) bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x0, 0x6}, 0x14) get_mempolicy(&(0x7f0000000000), &(0x7f0000000140), 0xe6, &(0x7f0000ffc000/0x2000)=nil, 0x2) sendmmsg(r0, &(0x7f0000003080)=[{{&(0x7f00000000c0)=@ll={0x11, 0x0, r2, 0x1, 0x0, 0x6, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x80, &(0x7f0000000480), 0x0, &(0x7f0000000500)}}, {{0x0, 0x0, &(0x7f0000002500)=[{&(0x7f0000001500)="44cdc2f1781d6093317ed28154a7dc6cb219ce9d9a46cdb86702b4dccf062ca1bba24f9474aaa301e217dad8e5f73b5d7c1787ed457dd50866ee16bf2bd960380e63e7c2506abb50ed2456e22b613e700731446bd3f9d36b705ddd1ebe471a3a8f2011d6b2ba3e0e45d33866673d975a58d92eaf384a0243e832448a866723be73372516be99bed6d9e68407f6a80c675c55c9c5c08251edd4b30efbdf26190e471f32c089d4f6997db8f0fa03d52d6d9cf9c1d55cde441da8d0cb5e6b8d1167a2acc7cf8294ee6456990b97f48874f9eb1401b293344b1f1feb1bff9b7f17b4158afa94849c74f1b68a696c3dea715957bcf385268fc1230bb13daa3f3e5fdfbe14a9c548b7f95b042685dd6611666cb70bdfba26babb8024fd0fa5c3bc01ea4899e1fbcf80f6a96e41c5e0a6b164cfb8e6eee075586d0297c092aee312590771f9c24f8bde2541b66a334dc1d11b7c03a40ec7fbef899b2e894bcd242e6e8d325d5966efd27ac140486ab65f907662634f507d55ba26a2f36f68ab06ce0b025d9d383730fd194db4a57248bd3ff22c8bc65b4f0d888a8505225081c4a9123d1b5f1a7ed81cc1b66d4bad6e9add5f4f40be070a5df85294cb1e575c1b2f1f1aa8e9aa1b755b7635d973795610fa8ba74390487386a772c10151e90f3729f1a40e0656d0f6f17378f65c95ebfe8e1186c71ef6560e0ca79a3c099bce96b565ac5ef3d085677bfea7bdf009a39ecc2b6065559e284bdbf10fd91f478d8d074be5fc21bb07329069ad4af6a91adb8d0c5238371d3d3f5dea438653c8a24e885d4b2c9339aba978ff442bfbd13ead54077bdca291770a5b7fec1f5f700f0848b36049c59587e55c82ba19000aa074009b20a601faf3acbd8be1c4f52539bd8c313204b3e3c527f8bc08b9cd474da2412c871ae58a7eb406067f3cca649d221d77018f7389acb9c8d977a95b047be3021a196f5fcbee77ab8831144b696bb5b517ee6f5195b9c59b0798680384be99b28a77f3d699e365789f5e671efe00bd34b8fede69a6070d447d4ba88658e0b844904dfad8cc175348de482c04577412189c59a5fade802b05a524522d049fa3c42301a520c92c64ab98a677884f7430b033ce0d2d2521bd3a4048a8e5b63c16010137f9fed44e3b7eaf889865f64599f24121dc33cba2dab44fa1cdf0bf058dc0e2b4071f195f3a6a9b0af569a5107d0d33c58f8567d92f03b68412a43dd7216fb46b6b2880bc41a0dca7b829a6ce5d75ebe3ba88fcca74a366f92389d6cbea215cea19f394581d95fb54c94b7c2a60fc499d81dc35155cda47bdea6f18266f3e997aa59d3a849b43640701f52829aa518f4c77c9c6bac0f26dc87a7e01c8fc2c177b3ebfcfea73ec3dfb07d0af8a8da5b5e8142b0dc9e07fc65303da67bb40b06044c539b8b48f97c9826df9081d89ca82abad1456a53314ff4c93d972f2527167dc17ac043b787e997042aa891fcfc2dfcbeb503b3f88dae1711af1de5f6fbb58765e56a1abc82ffc429992f4ee6507a60f3e4fcfcb3faff6a6e52e51f4d3ab78093fd389daae814e8bab69be56bbf26c41a8d7a480da391259fbfe0c44dca86e991b2eaeb3b5201390a35a32cade6c54b18c262fb34caa4d269d6244815b69c7231bd8c53b275fe6ed4ceb2b2454486c887d539f3dd11cd9274f9a8a297e6777253f12543f70dcc6671d5a7f216e239fe2403b251fe01efd7e080b969d294572364d72bd72784bd331bd9fb8be552e5e1c2e2184f6e22ff4f6c84e1e52ccb92dcfcd9faac2cfe7ff021e687789d9b7b1efb74ee6727d680f73de7274eb20a4e3f10b7803ce50bb461397fd4528a86a60d62eac65cad77f160274c76823d2593ad2a18433a1b72739489018f29c9427b936e0045daef0457aa4c8f272ad32f555a0e80a6722131ef822aa3da3630c6f041e031e53b4df53a5a1b9af08621bdef412617204082c73e08ae24b733df410767bc640506bedf568bb755a9648cbdfa34eaf61746b31fc33e68c93a8de749c8aa457e77a9fef7600b4dd0cf1b8e5", 0x5ad}], 0x1, &(0x7f0000002980)}}], 0x2, 0x0) 2018/03/26 13:05:42 executing program 3: r0 = semget$private(0x0, 0x1, 0x0) semctl$IPC_INFO(r0, 0x2, 0x3, &(0x7f0000000000)=""/165) semctl$IPC_STAT(r0, 0x0, 0x2, &(0x7f00000000c0)=""/154) [ 1050.143884] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1050.152678] [24813] 0 24813 11408 2089 65536 0 0 syz-executor1 [ 1050.161585] Memory cgroup out of memory: Kill process 24813 (syz-executor1) score 2105000 or sacrifice child [ 1050.171631] Killed process 24813 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:42 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x20}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000001c0)='io.stat\x00', 0x0, 0x0) getsockopt$IPT_SO_GET_ENTRIES(r0, 0x0, 0x41, &(0x7f0000000200)={'security\x00', 0xff, "54db9b0faf61fe8c885ebe8fa6bae67aec932b97b4f4ca6de02847396698fc2ba447d9b3462271408f48461a39caae6b6cb3dd604b46a67ddafe0ef70b62f7f43f6814ab7d45227eef9c0a97777ba577488c9b4030e9e61ef25c78127410721e830532759d312a0c5152669cd8a4d68c23ccb9818021d651acab2aac1188136ccaf33f08e8ae6b8cc0004386717aa5fd69a9466fc1fb41962aad25ecd7f33ff56d8de0b7f02737ea1abea3a7fb4f4a85c7e0f635687797a9a2d18f1286b8253aba5a564799d8d9948dab80e9350ac45b988954e754d7d60947f1ceae0b2ee80385fa34b599f097c3098bb6e35d394ec3498fe52c5225b10646430bca342e3f"}, &(0x7f0000000340)=0x123) r1 = syz_open_dev$sndpcmp(&(0x7f0000000140)='/dev/snd/pcmC#D#p\x00', 0x7fffffff, 0x2000) ioctl$EVIOCSREP(r1, 0x40084503, &(0x7f0000000180)=[0x6, 0x7]) r2 = syz_open_dev$admmidi(&(0x7f0000000600)='/dev/admmidi#\x00', 0x6, 0x200) r3 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x800, 0x0) read(r3, &(0x7f0000000080)=""/171, 0x6c) socketpair$ax25(0x3, 0x3, 0xce, &(0x7f0000000380)) accept4$unix(r3, 0x0, &(0x7f0000000680), 0x80800) recvmsg$kcm(r1, &(0x7f00000005c0)={&(0x7f00000003c0)=@l2, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000440)=""/79, 0x4f}], 0x1, &(0x7f0000000500)=""/165, 0xa5, 0x1ff}, 0x2000) setsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f0000000640)={0x3, 0x9}, 0x2) [ 1050.237611] oom_reaper: reaped process 24813 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1050.394194] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1050.405350] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1050.410515] CPU: 1 PID: 24864 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1050.417869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1050.427214] Call Trace: [ 1050.429800] dump_stack+0x194/0x24d [ 1050.433410] ? arch_local_irq_restore+0x53/0x53 [ 1050.438057] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1050.443234] dump_header+0x28c/0xe2b [ 1050.446935] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1050.452114] ? arch_local_irq_restore+0x53/0x53 [ 1050.456763] ? perf_trace_lock_acquire+0xe3/0x980 [ 1050.461579] ? __lock_acquire+0x664/0x3e00 [ 1050.465791] ? print_irqtrace_events+0x270/0x270 [ 1050.470528] ? perf_trace_lock+0x900/0x900 [ 1050.474742] ? perf_trace_lock_acquire+0xe3/0x980 [ 1050.479558] ? trace_hardirqs_off+0x10/0x10 [ 1050.483853] ? perf_trace_lock_acquire+0xe3/0x980 [ 1050.488667] ? perf_trace_lock_acquire+0xe3/0x980 [ 1050.493492] ? perf_trace_lock+0x900/0x900 [ 1050.497706] ? __lock_acquire+0x664/0x3e00 [ 1050.501919] ? task_will_free_mem+0x252/0xaa0 [ 1050.506399] ? print_irqtrace_events+0x270/0x270 [ 1050.511139] ? ___ratelimit+0x30d/0x630 [ 1050.515090] ? lock_downgrade+0x980/0x980 [ 1050.519221] ? lock_release+0xa40/0xa40 [ 1050.523181] ? mark_held_locks+0xaf/0x100 [ 1050.527310] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1050.532392] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1050.537386] ? trace_hardirqs_on+0xd/0x10 [ 1050.541515] ? ___ratelimit+0x95/0x630 [ 1050.545392] ? idr_get_free+0xfd0/0xfd0 [ 1050.549344] ? find_held_lock+0x35/0x1d0 [ 1050.553394] oom_kill_process+0x8b9/0x1640 [ 1050.557607] ? lock_downgrade+0x980/0x980 [ 1050.561739] ? __lock_is_held+0xb6/0x140 [ 1050.565783] ? oom_evaluate_task+0x480/0x480 [ 1050.570184] ? rcu_read_unlock+0x35/0x70 [ 1050.574220] ? mem_cgroup_iter+0x363/0xbd0 [ 1050.578430] ? lock_downgrade+0x980/0x980 [ 1050.582561] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1050.587299] ? mark_held_locks+0xaf/0x100 [ 1050.591426] ? _raw_spin_unlock_irq+0x27/0x70 [ 1050.595900] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1050.600893] ? trace_hardirqs_on+0xd/0x10 [ 1050.605019] ? _raw_spin_unlock_irq+0x27/0x70 [ 1050.609491] ? css_task_iter_end+0x280/0x430 [ 1050.613874] ? _raw_spin_unlock_irq+0x27/0x70 [ 1050.618347] ? cgroup_procs_next+0x70/0x70 [ 1050.622561] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1050.627554] ? trace_hardirqs_on+0xd/0x10 [ 1050.631675] ? _raw_spin_unlock_irq+0x27/0x70 [ 1050.636147] ? oom_badness+0x980/0x980 [ 1050.640013] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1050.644752] ? mem_cgroup_iter_break+0x30/0x30 [ 1050.649330] ? finish_wait+0x268/0x490 [ 1050.653194] ? lock_downgrade+0x980/0x980 [ 1050.657325] out_of_memory+0x86d/0x1220 [ 1050.661286] ? oom_killer_disable+0x310/0x310 [ 1050.665758] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1050.670839] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1050.675832] ? trace_hardirqs_on+0xd/0x10 [ 1050.679966] mem_cgroup_out_of_memory+0x159/0x200 [ 1050.684785] ? swap_max_write+0x110/0x110 [ 1050.688909] ? do_raw_spin_trylock+0x190/0x190 [ 1050.693473] ? _raw_spin_unlock+0x22/0x30 [ 1050.697605] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1050.702598] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1050.708031] ? find_held_lock+0x35/0x1d0 [ 1050.712074] ? memcg_event_wake+0x420/0x420 [ 1050.716373] ? __do_page_fault+0x5f7/0xc90 [ 1050.720587] ? lock_downgrade+0x980/0x980 [ 1050.724716] pagefault_out_of_memory+0xbd/0x152 [ 1050.729363] ? out_of_memory+0x1220/0x1220 [ 1050.733570] ? handle_mm_fault+0x465/0xb10 [ 1050.737786] ? __handle_mm_fault+0x38c0/0x38c0 [ 1050.742344] ? vmacache_find+0x5f/0x280 [ 1050.746295] ? vmacache_update+0xfe/0x130 [ 1050.750423] mm_fault_error+0xd6/0x2c0 [ 1050.754292] __do_page_fault+0xb4d/0xc90 [ 1050.758344] ? mm_fault_error+0x2c0/0x2c0 [ 1050.762469] ? kernel_write+0x120/0x120 [ 1050.766423] ? do_syscall_64+0xb7/0x940 [ 1050.770374] do_page_fault+0xee/0x730 [ 1050.774239] ? __do_page_fault+0xc90/0xc90 [ 1050.778449] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1050.783185] ? syscall_return_slowpath+0x550/0x550 [ 1050.788092] ? syscall_return_slowpath+0x2ac/0x550 [ 1050.792998] ? prepare_exit_to_usermode+0x350/0x350 [ 1050.797995] ? retint_user+0x18/0x18 [ 1050.801692] ? page_fault+0x2f/0x50 [ 1050.805300] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1050.810383] ? page_fault+0x2f/0x50 [ 1050.813987] page_fault+0x45/0x50 [ 1050.817417] RIP: 0033:0x409b83 [ 1050.820581] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1050.825920] RAX: 0000001b9bc20000 RBX: 000000000000127b RCX: 000000000040e950 [ 1050.833166] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1050.840408] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1050.847650] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1050.854896] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1050.862485] Task in /syz1 killed as a result of limit of /syz1 [ 1050.868526] memory: usage 0kB, limit 0kB, failcnt 4092 [ 1050.873847] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1050.880631] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1050.886830] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1050.906373] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1050.915168] [24864] 0 24864 11408 2089 65536 0 0 syz-executor1 [ 1050.924061] Memory cgroup out of memory: Kill process 24864 (syz-executor1) score 2105000 or sacrifice child [ 1050.934104] Killed process 24864 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:43 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x8}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:43 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000e5b000)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) connect$inet(r0, &(0x7f0000ccb000)={0x2, 0x4e20}, 0x10) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f00009ff000)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000e8ff0000"], &(0x7f00002bf000)='syzkaller\x00', 0x4, 0xb7, &(0x7f0000000640)=""/183}, 0x48) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x6000, 0x0) ioctl$VT_WAITACTIVE(r2, 0x5607) r3 = socket$kcm(0x29, 0x1000000000002, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r3, 0x89e0, &(0x7f0000000fc0)={r0, r1}) r4 = syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x7, 0x40) setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f0000000000), 0x4) ioctl$sock_SIOCGIFCONF(r4, 0x8910, &(0x7f00000000c0)=@buf={0x1000, &(0x7f0000001000)="d989a92fd002bd3fd93429118e5b58d52eb5977ece361dec7547644b54f9238aeb4729a5abd6a29b5868c5b57b4aee041dd2a478c531a6311104f465dee1c7c0f1c911245e95adeba393077e127ed400e0b20ebb97db5c5203e699eb3f2265c149f3ea45b8fc245e0586623bca783e9d9bc0f8047f4113eb059a30166d11a4266bfdf8bd21d36e32dce45efe0bd2e45fb78589e870c29be5d1c2716a2702db21161d22060154ab5d7fd15aa39b81937281a6628c7c1f3c83d370cef1f93df921710d229ee2d9d104e0e35a00fb3bcd941ef3958ef4ba2b3e7c1893b567c9c226cac637c8a2397a816b2eacb86caa6a387135aabec29ca58bc55547921ef359e9efd4a36076007a18f8d3e87b6b709a0ec70829175fb0528e81c5816ad9a7a5677918b1a8d1a1a0d5841ddbcd26efc8bfdfc976952a7b31a431d3385635c26eff52f2b284e0b02656bff71ea4657a57a62e249ad92f9e5a979dc925347cac35694d481409a8221225ae844b9e309406e3c47c48dd34faa39f17c86a3fd59a8091875b174c9cd80aa2d7ac6ed85869576b76ea8a9727007764c1d3b40e18aba0653481e91abd3a001bcacb8c17bfa650758189893641796e196f39fb314155c0c524504ea4a96ef1cb8590e655f9f109e29ffee94b6968ed53f6f18dcb361a8ff77097fe9ac4b82d25b8b619365b4ae2e38c5637cc2eac031fde029d262c1accc94c69418a2c540f5ccb7cee6bb87b002b4ebc356dad26dad4cbf0de0d24254ffe256ac2c686a2a4298d7dbc1d22288e087f0d85cce9c3d955fae1a7818c91a1ab07e52d82aefe1e87c7fa0aa96f80d68e4f593bf702bf24f17bd605ca67147c3030d7536adceddd33ccc6dbb490d481631fe4c7e240c50f876c12d0a097541ef22aee21f4b3d695fc08dd7de58ac49f9d632cd3dd7d42091ba7cc124cb91f2a4835880fe82cd4ec1bf8c851c78dedab8017433d81f6198d040163b7cc3a256799696bce423365d8749fd274c5a97ff25b851c54cde5bd5af765b6a753669d1775df98bc0b1fd89bca3854f0999d1a7a467cfa7f6f5d5f9efee829214139366bf901af5c3821d90982f138a539a7c08d4e6faef6bea968d7e2cd9a6de7a9b19c7239715b18477e2bbab726f1da48f1b96ef1baf8b681b2e02142213223e7e44f58ceb6d5280564454584a799142bf6c913e1b1a3f01f5389e4dd0f8d299dc86ac662f2b9b2f77dd81cc46451703b0123443959efb31b2e7c5ff84d31b45b353bfb7cd18c9884e09a94a447dff68f6014febca1844b6fe57bc6d04134b3a8f8c3f18f16b1b38da399c813c67077c711c6586dcf613f87866b89e41efdcd73c357f9c82b4ce6a4083f3b894d02e76041082c15b148033cd605ef3c0a124a5f2a117ab69d68f0a6f06032a3d48effbdbe098e5f692fe30c963d5c9dec6309443d80afc866153ca95e7b69ca7541e1e789abec828ae59eb190f379bbec69e68e6785b29ebe52a02d9b345d72b3ef67d9b2933c7123bcc58034d222ac44f128f4d8e82a05f055bd6faed798d75b578d6dc9c8dcaf058304d50884234722cdc62ff8c0157d223cd0442eb05560cc7a45a49ef4b983986066d9d151a40da37175968aff49aefb207555bf5709dcb56b53dde93eba09029d765b5e3695754cc96c87310b1be3e923324a8e6c43c1dbeaa4347f87124bcb0db473b195149f1890d88c4442f62fc13a3d2c64ba3750bfd28da2f52777de900e8dabb48fac4d59ed9a3c7f33321b37a6fcd9d2d30ecdbaf09c0efec775a68a7be633af0b07feb620481ee7073e166e525bb8f8b23625efb4f1f6f0bd98f206e70b5636627ccc81417b064f23145850cd18048904934c30b1136681c30bcff38c375d88929a131a065604f02773d42d2fdc9d1bff0b779cdd8e426e1f6525855fb31d0eadc0c2f99c90c3d9c2c98b0c3ea4dede8a755bed5b7486bc472fc374e0e6391c107df0ceb423f740102d2adeb0a7e5048c08cafe7dba674ff9f104a7b2a12736e09a2b0fd952382d420c71de2aa2daa1a3bb3c0e60f5635145eccd87d94386d4724a524e04876c9e45e905047d05314bce5a79f089cbdab0887b4f1e74566ba8c4b38582742ec3def1a3486a28926d464834f42d4f7dfa507defd39f8315e25598a34f026d9895d2f0578b583e088acd781fce6f2de859e43f740e78aed9e22482965422bd27b44de986c43eec8b149671eccacf69a2bc0e7c38c6a1530aef0979409d5f7a113d77fb7aa938e43228bdba366ea219c3150e7f87dc03113b73db789cf8daa522ccc31de7cb3ac208119877773503da84196fc6445471aaf034d1584661c5d3eadc0c6ee5ee16140e816e798331df358dd68b7c8251e7a431dcb827384dbb2671924f7affe25964214fffceb8f5829d461c0009f112f5e2ffab5fc4ebdd0ad58fee2367c20f09581e72372ad216cd94a8266157c982656b56d682efdbfdea661f56daf936767094ca15c3b2a169f1d652180199faa5e6e184f0a4dcbd80bd9ad7ae056c61d8f7d2cda34e985a7e39a6a1181ce43b22990cb1ba1fe217375e47ba2c9bda6f3548b5da3e9d5bd25627af5f1ddbc4c716d3cc973fa442bf45b769a521f04197706c9e2ddcc21747fa8efb891004eca204241e17e234c5b8ec8feb38ab1c4d95f62f5eca3425119d8caccc9c128a5c10eeb346193f741544f9767ee0d33c831f95218aae7a3964a57613d83a6ca0183dd87b4e719614088d9d38363a7efefe50af80c3424ddbc39ed52b4a69e0b1b59f85410c8230fdc090b292126120dfc995fe519ac0de35d420d9397e5c4c35532b36eff0913a83b51aa1caf18ce9378f82a8330d515b638abada7aa5cd6f50cbfddd2911bc00f65dddb042440e7f5a0d0ad9d089bc26945f18cce0b3fd28f4f239e9b23b58a21598eba883c113405e06ea40a09e3dfc89795b07c02a216ab4172a8eaa9e21830251e155cb55733e0e7f0d323f6539de88d836ec953564f69edf1437f38180837566674a6827905b015b78fa422da9e45a5393281a77441ceb915b0da40941eeb6bc65bf49d480e9fb10204fda3e5aafb060e01362183bef4f7549c0e92c7ab8f47a0204f12515b2671ac175bcad762f504b7730b7fb4b48fd85db54c1bc371dc578bc787b4d162dfe9980d9474a1e1ba774f5948c162cd0e6241d07a841cf92377c36e5ad245b68ba1b41414bfe7100b306e6fad657c71766b9e0694c65ea0a829bd87501ec381de94fae57424b61bccfaf535f4d89600e894c2000bccf341bea803d22a270a12090b6014341d0ad90cce8afb83d2be87498278850acf775c0ec6477456ddf81fb64eb8e9b2274b4e435a4bad22b1d6e74d70925f314c456deba4658f4876ce36a6200b80c09c125cf1ccfe4a1f0093fad403d7e1207f3e7c9c6718af26fd5a3e0f75ac7a4c37f47de4a89138d6fa9f15caec327f31b727efef16fa6977d08392b30e7e5b55f17083cd03c7591007a351a9e0a1fe594d48faaf50938061befa76896937b0ab38bf05d2e62046845175fa0890e87332061899231eb6d6c136dea685405ba3f9156bc08f7dcf349bde790fb80f8f3bc8fbd94860841a41e3011d5c616b768602d8eb2c5cd207103c06bcde9d289d5ef64c47b5e7c6061e572afa93fd71e4a719a7dad6aef0a5977a1febcd673bbedf133d30a3045e78a79a9c9151f031acfbc5efe53d84aa63ff1eb3b4ed2c761c8b7acde74ab421354fc17399cc882e2e3f57cd0eaeb3dd31339a78495d75c9be96a4762633b6807786763034a9db32a7d1fb045f0704222784b1d913f58f822e87142e4024a2f2bdedee3e2e700dcbbf66759555106d6285c3bcce1fed80b441ed937df9b7ea33786ddb891d53676170462123eb9eafd8832527e600c92faf1a12013f47aa71994214e3cc5015bb1aa5d62727a103af211ffd0844e5c3ade9dc6a46b0c0fb082fae1e46ed399f816416eb06a05ece5d180715c1a7c59d34cf10b2a1c64ab773e8a99ec50d699cb8352631c3a82e022d271f4eefc9e7f9064f525f2b3690fe4e625f0069bfd6677f1b5fc38efa5d3bd372be160d171e07bd8e4841b214808d674231c41de2358382275b90b020d9a435b9573a28577472515a3e29fc4b0ecd56c7bf6b5a948a4258e5edf2b3bf4f2302417bfb5934b78e2c43c7b2a172605dcd5ba68e62a9f8da44386bd0be6f7c938eee9fe09fb5157bf0a01af0a2bb0330b4d2f1ce3a8b04c60d9c451289a5dafb74d87d877e7f73e1573f4290c56fa07805b877ba227224103edc295649f5bd3c4302d2291f82e22b01fd99e78d5f17802a998a97cd9be7a8c22c35325bb7449dfedf78be15fa4ed380236270285faafe1ef09868c4bc1e5ef66c8fcbeb60dc1dada43f2de04b07722da0b86837dc414110e40dd075be707d3951e34b7496f7207c1d96fadee2bf9e770e5718cf5842bdcffdb4a1271a737f7324145b1a9d30dd6f6e526dcadab0d2ac1f7651dd07e6b16a3bd7be5522eb71f445f147c1c721bdbdfc6f297b3661e18e17c4f12fe45253717ae90687ea86a7cfc94f9d9286afe508315ab5322797155060c3e69e95aa20b4b43e61543981adaa1edf62bdb169c71df6068c3673e88a9fcc22f988afd9917bec5ef3b7b3194f240f114da51466a49a2d4d29934677a3926d533d849a1a602ef0f0b0574e02efe6c1540f7cd26f84f2a06d4755ed79786d1409c8b0557f2ec1673d5437234da6350079839413ee4ac6a215c05ec5753e0e107e810b230b4db6ffc912fa4060b29cd386df9fd8efe07220d116256b822e5715cc2a0c3581ff401a2bede8087230f29de96dc91e269fd5c7038648ecb7a83e83d6b6216554b4c6090d276b24677907d2414a09fb0a13e8897ab7784d1be1b146a52c7e62c570101cfcc8d941ade10cdddb43fb8d2035c63f80f61da5f23426081af1a21304073739f578a767bb293cbbf174077849efea1bfe66b8d8abe2f7d838cbbdcc7eb08ecd515120b0c641607dbee6a8d7d2ebe2e7d7b8286f313592fbb1b2b00562340030abbfd38c10bbec0e3e019cf12da95ecee190657cb9f38ff1b206ca80131457e46e97c26aa38704a226937e9b40e3f73efeabc3bb04a4e587913ef3448bf3f34e6c384272e5b40a2766c876b85f4e508918d8a5dc6b62b036bb142ea7690a7a0cb8aea21d04444a9c5817e140d380cec8c841d826ec0254650e11bd641c35907e3fc832574bbe14be5fc226fd830268f526fd6272a69529c04a89264b4c2af7f659f075f8ba5543949229c37583318db717dbbb98e014ef53e6aaac3e4ae0238ad0a810812565683a63259ee2f063758997b043683a5738b31dce7bee39a42bb1ca4389a45aa038f9200a92df7a3cbcede6dc9792a24459256eeecb0b2b5456cbee6fa2bf17010ed28944496ffa7a656af5edd77aa1712cafe4dca74721e26d8d2035c9f71a54026f647fb83447211a5e60a51bbae53343379bbf33482cbcd05632b65eecfa38b3f6d5364369e926214077ff7eba2678116d64fb5291288e4f51497016a8cc5224143637f69e3c6bbad7441e8c2b8561684465187d506f94f80c1d0f6525dd1102cdf8a225abbee2e7a63e8e9db79549ce834f5ae5224b39f22208213dc3354368a0afea52062bbe4bd91c7f5bf817117b0fceae5f5564d35bb994ffe43dd9d2a2d8b1afb8d2de10b727012994c83953f93ef0849af3a7b66c82b102e4aad1423989fd17c98602122da6793290a5860bf6de259e7d585f9a49b9b6c02e4573af1234796"}) [ 1050.946619] oom_reaper: reaped process 24864 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:43 executing program 0: syz_emit_ethernet(0x52, &(0x7f0000000000)={@random="ff3997ffcd00", @empty, [{[], {0x8100, 0x9, 0x0, 0x6}}], {@ipv6={0x86dd, {0x0, 0x6, "c8fba2", 0x18, 0x4000ffffff88, 0x0, @empty, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@mld={0x0, 0xd, 0x0, 0x4, 0x18, @mcast2={0xff, 0x2, [], 0x1}}}}}}}, 0x0) 2018/03/26 13:05:43 executing program 7: pipe2(&(0x7f0000000080)={0xffffffffffffffff}, 0x84800) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f00000000c0)={{0x2, 0x1}, 'port0\x00', 0x40, 0x0, 0x3, 0x0, 0x5, 0xffff, 0x3, 0x0, 0x0, 0x3}) r1 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0x0, 0x0, 0x0, 0x2000000000000}) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000000)={0x4, r1, 0x1}) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000000040)=""/50) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) ioctl$KVM_GET_VCPU_EVENTS(r2, 0x8040ae9f, &(0x7f0000000180)) 2018/03/26 13:05:43 executing program 5: r0 = socket$inet6(0x10, 0x3, 0x0) sendmsg(r0, &(0x7f000000bfc8)={&(0x7f0000000000)=@nl=@proc={0x10}, 0x80, &(0x7f0000000140)=[{&(0x7f0000001000)="5500000018007fafb72d1cb2a4a280930206000000a843096c26236925000800040008000000ca8a9848a3c728f1c46b7b31afdc1338d54400009b84136ef75afbb8d5884537d49b853ab8220000bf0cec6bab91d4", 0x55}], 0x1, &(0x7f0000004000)}, 0x0) socketpair$inet_udp(0x2, 0x2, 0x0, &(0x7f0000000080)) 2018/03/26 13:05:43 executing program 4: perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$dspn(&(0x7f00000000c0)='/dev/dsp#\x00', 0x4, 0x480) ioctl$KVM_DEASSIGN_PCI_DEVICE(r0, 0x4040ae72, &(0x7f0000000100)={0x7fffffff, 0x5, 0xfffffffffffffffd, 0x6}) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000384ff7)='/dev/ppp\x00', 0x101002, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(r1, 0x40086200, &(0x7f0000000140)) preadv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000280)=""/62, 0x3e}], 0x1, 0x0) ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f0000b94000)=""/246) ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f0000000180)=0x600210) pread64(r1, &(0x7f0000000040)=""/21, 0x15, 0x0) pwritev(r1, &(0x7f0000000040), 0x19d, 0x0) syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x9, 0x0) 2018/03/26 13:05:43 executing program 1: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x8000, 0x0) ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000080)={{0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, {0x306, @random="18a7327ed62a"}, 0x20, {0x2, 0x4e24}, 'tunl0\x00'}) r1 = socket$inet6_udp(0xa, 0x2, 0x0) r2 = socket$inet(0x2, 0x2, 0x0) r3 = dup3(r2, r1, 0x0) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x25, &(0x7f000001dffc)=0x1000007fd, 0x4) setsockopt$sock_int(r3, 0x1, 0x1d, &(0x7f0000aa5ffc)=0x6, 0x4) sendto$inet(r3, &(0x7f0000c14000), 0x0, 0x0, &(0x7f0000ef0000)={0x2, 0x4e20}, 0x10) socketpair$inet6_dccp(0xa, 0x6, 0x0, &(0x7f0000000000)) recvmsg(r3, &(0x7f0000ef6fc8)={0x0, 0x0, &(0x7f0000ef4fc0), 0x0, &(0x7f00006c0000)}, 0x8002022) 2018/03/26 13:05:43 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='ns/uts\x00') setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f0000000380)=[@in6={0xa, 0x4e20, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x6b8}, @in={0x2, 0x4e24, @loopback=0x7f000001}, @in={0x2, 0x4e22, @loopback=0x7f000001}, @in={0x2, 0x4e21, @multicast1=0xe0000001}, @in={0x2, 0x4e22, @rand_addr=0x100000001}, @in={0x2, 0x4e23, @multicast2=0xe0000002}], 0x6c) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000240)) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f00000001c0)=0x8) setsockopt$inet_sctp6_SCTP_AUTH_DELETE_KEY(r0, 0x84, 0x19, &(0x7f0000000200)={r1, 0xdd4}, 0x8) ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r0, 0xc008551c, &(0x7f0000000400)=ANY=[@ANYBLOB="00100000ff0300001b39eb3398567304000000039400003a510000ffffffff06000000021000000001000000e910bd356a6d3ac4bb3b58a1eaf5151b14a17c9c164cdda6efe683e638db458a68b6836ce397538016210ea052344aaba7497f27b915a81f74317e43482e98857b0fec822faff9545de1b07087"]) getsockopt$inet_mreqn(r0, 0x0, 0x0, &(0x7f0000000300)={@empty, @local}, &(0x7f0000000340)=0xc) ioctl$TUNSETSNDBUF(r0, 0x400454d4, &(0x7f00000002c0)=0x7) getresgid(&(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100)) 2018/03/26 13:05:43 executing program 6: r0 = socket$inet(0x2, 0x80001, 0x0) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={r0}) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000040)={0x0, 0x5}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f00000000c0)={r2, @in={{0x2, 0x4e20, @rand_addr}}, [0x8, 0xbd860000000, 0x3, 0x81, 0x2000000, 0x2, 0x6, 0x5d7e, 0x2, 0x531e, 0x8, 0x1, 0x21, 0x9, 0x8]}, &(0x7f00000001c0)=0x100) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000200)={r3, 0xffff}, &(0x7f0000000240)=0x8) 2018/03/26 13:05:43 executing program 3: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x99, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x200, 0x0) r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00003e0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r1, 0x40045431, &(0x7f00003b9fdc)) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000040)=0x0) get_robust_list(r2, &(0x7f0000000180)=&(0x7f0000000140)={&(0x7f0000000080), 0x0, &(0x7f0000000100)={&(0x7f00000000c0)}}, &(0x7f0000000200)=0x18) ioctl$TCSETSW(r1, 0x5402, &(0x7f00009dc000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}) r3 = syz_open_pts(r1, 0x0) readv(r3, &(0x7f00001aa000)=[{&(0x7f00006aaf01)=""/255, 0xff}], 0x1) ioctl$TCXONC(r1, 0x540a, 0x2) ioctl$TCSETAW(r1, 0x5407, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x7636}) close(r1) [ 1051.093184] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1051.104315] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1051.109490] CPU: 1 PID: 24880 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1051.116842] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1051.126176] Call Trace: [ 1051.128744] dump_stack+0x194/0x24d [ 1051.132351] ? arch_local_irq_restore+0x53/0x53 [ 1051.137003] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1051.142188] dump_header+0x28c/0xe2b [ 1051.145885] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1051.151054] ? arch_local_irq_restore+0x53/0x53 [ 1051.155713] ? __lock_acquire+0x664/0x3e00 [ 1051.159924] ? print_irqtrace_events+0x270/0x270 [ 1051.164655] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1051.169755] ? trace_hardirqs_off+0x10/0x10 [ 1051.174074] ? __lock_acquire+0x664/0x3e00 [ 1051.178290] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1051.183504] ? __lock_acquire+0x664/0x3e00 [ 1051.187725] ? task_will_free_mem+0x252/0xaa0 [ 1051.192205] ? print_irqtrace_events+0x270/0x270 [ 1051.196948] ? ___ratelimit+0x30d/0x630 [ 1051.200899] ? lock_downgrade+0x980/0x980 [ 1051.205036] ? lock_release+0xa40/0xa40 [ 1051.208992] ? mark_held_locks+0xaf/0x100 [ 1051.213122] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1051.218202] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1051.223195] ? trace_hardirqs_on+0xd/0x10 [ 1051.227320] ? ___ratelimit+0x95/0x630 [ 1051.231187] ? idr_get_free+0xfd0/0xfd0 [ 1051.235136] ? find_held_lock+0x35/0x1d0 [ 1051.239187] oom_kill_process+0x8b9/0x1640 [ 1051.243398] ? lock_downgrade+0x980/0x980 [ 1051.247530] ? __lock_is_held+0xb6/0x140 [ 1051.251574] ? oom_evaluate_task+0x480/0x480 [ 1051.255972] ? rcu_read_unlock+0x35/0x70 [ 1051.260008] ? mem_cgroup_iter+0x363/0xbd0 [ 1051.264227] ? lock_downgrade+0x980/0x980 [ 1051.268357] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1051.273096] ? mark_held_locks+0xaf/0x100 [ 1051.277222] ? _raw_spin_unlock_irq+0x27/0x70 [ 1051.281695] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1051.286688] ? trace_hardirqs_on+0xd/0x10 [ 1051.290820] ? _raw_spin_unlock_irq+0x27/0x70 [ 1051.295294] ? css_task_iter_end+0x280/0x430 [ 1051.299681] ? _raw_spin_unlock_irq+0x27/0x70 [ 1051.304154] ? cgroup_procs_next+0x70/0x70 [ 1051.308363] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1051.313356] ? trace_hardirqs_on+0xd/0x10 [ 1051.317479] ? _raw_spin_unlock_irq+0x27/0x70 [ 1051.321958] ? oom_badness+0x980/0x980 [ 1051.325821] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1051.330557] ? mem_cgroup_iter_break+0x30/0x30 [ 1051.335131] ? finish_wait+0x268/0x490 [ 1051.338994] ? lock_downgrade+0x980/0x980 [ 1051.343129] out_of_memory+0x86d/0x1220 [ 1051.347091] ? oom_killer_disable+0x310/0x310 [ 1051.351561] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1051.356643] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1051.361636] ? trace_hardirqs_on+0xd/0x10 [ 1051.365772] mem_cgroup_out_of_memory+0x159/0x200 [ 1051.370591] ? swap_max_write+0x110/0x110 [ 1051.374711] ? do_raw_spin_trylock+0x190/0x190 [ 1051.379286] ? _raw_spin_unlock+0x22/0x30 [ 1051.383414] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1051.388408] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1051.393837] ? find_held_lock+0x35/0x1d0 [ 1051.397880] ? memcg_event_wake+0x420/0x420 [ 1051.402179] ? __do_page_fault+0x5f7/0xc90 [ 1051.406399] ? lock_downgrade+0x980/0x980 [ 1051.410526] pagefault_out_of_memory+0xbd/0x152 [ 1051.415170] ? out_of_memory+0x1220/0x1220 [ 1051.419377] ? handle_mm_fault+0x465/0xb10 [ 1051.423594] ? __handle_mm_fault+0x38c0/0x38c0 [ 1051.428150] ? vmacache_find+0x5f/0x280 [ 1051.432098] ? vmacache_update+0xfe/0x130 [ 1051.436227] mm_fault_error+0xd6/0x2c0 [ 1051.440095] __do_page_fault+0xb4d/0xc90 [ 1051.444142] ? mm_fault_error+0x2c0/0x2c0 [ 1051.448267] ? kernel_write+0x120/0x120 [ 1051.452229] ? do_syscall_64+0xb7/0x940 [ 1051.456182] do_page_fault+0xee/0x730 [ 1051.459962] ? __do_page_fault+0xc90/0xc90 [ 1051.464174] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1051.469687] ? syscall_return_slowpath+0x550/0x550 [ 1051.474592] ? syscall_return_slowpath+0x2ac/0x550 [ 1051.479506] ? retint_user+0x18/0x18 [ 1051.483196] ? page_fault+0x2f/0x50 [ 1051.486803] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1051.491626] ? page_fault+0x2f/0x50 [ 1051.495229] page_fault+0x45/0x50 [ 1051.498659] RIP: 0033:0x409b83 [ 1051.501823] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1051.507162] RAX: 0000001b9bc20000 RBX: 000000000000127c RCX: 000000000040e950 [ 1051.514407] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1051.521650] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1051.528894] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1051.536138] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1051.543501] Task in /syz1 killed as a result of limit of /syz1 [ 1051.549538] memory: usage 0kB, limit 0kB, failcnt 4100 [ 1051.554891] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1051.561683] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1051.567888] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:05:43 executing program 6: r0 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={"d202b999256425875d39a8fcf301e710", 0x102}) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x200001, 0x0) r2 = open(&(0x7f0000000080)='./file0\x00', 0x40, 0x84) r3 = add_key$user(&(0x7f0000000100)='user\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000180)="4a05d0b80a5c8f66f6bbb00a66e3e7d856ec99e6d0c1ac06e2fdd3fe1ae016359fdc29e0a6f2d0760323bc1ae073a4d3eaa42d635490b4d4f832f617e800187308008548228e4ea6f3ce03bf27fef63e19b3c8cea25ccf0c35d535d862d67136bb8d191e587cfcbd557988468f5eb679c590a684bc567578380b3f9353e9f9b1aa2e524ad9ee206515d2f63d2bfcc36240ad87021b9d3a17f810bfff3267dcae4116e0eabb1af7c5053214d605414d4d73c37345f2e078238c82", 0xba, 0xfffffffffffffffb) r4 = request_key(&(0x7f0000000240)='syzkaller\x00', &(0x7f00000002c0)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000300)="d202b999256425875d39a8fcf301e710", 0x0) keyctl$negate(0xd, r3, 0x5, r4) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000000c0)={r1, r2}, 0x10) [ 1051.587405] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1051.596221] [24880] 0 24880 11408 2089 65536 0 0 syz-executor1 [ 1051.605115] Memory cgroup out of memory: Kill process 24880 (syz-executor1) score 2105000 or sacrifice child [ 1051.615169] Killed process 24880 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1051.630329] oom_reaper: reaped process 24880 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:43 executing program 0: ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={"6272696467651f982d5fa9e5161700"}) r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000000180)='bpq0\x00') openat$rtc(0xffffffffffffff9c, &(0x7f0000000080)='/dev/rtc\x00', 0x0, 0x0) 2018/03/26 13:05:43 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00003bcfd0)="d3ab2719", 0x4) sendmmsg$alg(r1, &(0x7f0000006e00)=[{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000180)="2a8df7335c302b583427b03118b40a88", 0x10}], 0x1, &(0x7f0000000280)}], 0x1, 0x0) recvmsg(r0, &(0x7f0000000200)={&(0x7f0000000040)=@nfc_llcp, 0x80, &(0x7f0000000000)=[{&(0x7f00000004c0)=""/4096, 0x1000}], 0x1, &(0x7f00000001c0), 0xfffffeaf, 0x1}, 0x0) 2018/03/26 13:05:43 executing program 1: times(&(0x7f0000000040)) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r0, &(0x7f00000000c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001880)={0xffffffff}, 0x106}}, 0x20) recvmsg(0xffffffffffffff9c, &(0x7f0000000280)={&(0x7f0000000140)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @loopback}}}, 0x80, &(0x7f0000000240)=[{&(0x7f00000001c0)=""/121, 0x79}], 0x1}, 0x40000020) lstat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f00000003c0)={0x0}, &(0x7f0000000400)=0xc) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000540)={0x3f, 0x8711, 0x3c, 0x100, 0x3b5}, 0x14) sendmsg$nl_generic(r2, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x11000}, 0xc, &(0x7f0000000440)={&(0x7f00000018c0)={0x21b4, 0x32, 0x300, 0x70bd2c, 0x25dfdbfc, {0xf}, [@typed={0x8, 0x66, @uid=r3}, @generic="150e5b3754c920349db059047373f44bd2137dfffa2c277993e6b6097438e79cd67ab12b7d83ac8e8c5c2d224e2e50ed95431e2f2a84cf518790f1addb7e86cf2e4024e66ceed9f1e758ff6b27bd87123a1dd6b8739de4260082439f595091667b1e0fa9aa12f86bb24fd326b8a3b173d3d2efb9c84a2b5cda08f445d5c6f763349e19ce8a0d709a5e07433d154da6f1986dae49596f583e3233e7bb6497148c45ad8ef15a10c5139567e8d853f8652bba9d90670a21bc58c631aa040d98614ed87b1379b0965956693aed904defc441e33e0231184e035f2849d54c3aa1050592f0bb4d5b39c311cf2cc5f0f5066b6b4941047cb615714a89b292c0e81464e4e4c24f0e258d15e5bd8268255f0e576bc2ad98b01fa8a0f73ee4a128b37ea1dc4e570eb1b4941cbe3d9c716decd171356020099657cfa85d94d2a039ec825c90146531fb3f44194363dcaf1514ab5e16429bf50e46942d25a959796d0ac6025cea5b4ee588c91232720800924f8bf606419d0e932e7c6c63e7e37ba3aa6fbeee84c4d58c73d3b7bb16bf1edd8595f4e2ac7ffb57457c68403c0aa05a09400dd73525499738b502fa598a53d0b4cde78e5415a559c75483859e740551bf1860cb6796058f4cc07dea4ffd10659978d8c0ff9259a3a4297571fe9cb8c4bb990fe963905741a0706245e96b9bf85053c8308e50d52ee243c2d9a740e3e5b14a33e52ff7caa517388af64964121899248014041e6afcb8106a8fd30a49e56ffbf42cc4ac5726b93d3bc02065336b39791a240abcfa574d8e782ec689eb7c890d95eb5ae6a1b6910aafb81ec5a82de4ac2c6485cc4325384b6d0d0008538962bb1173259ed249d767c8cbd5025dece0fe11d56f675b4912af42a518291275ca3627cd80f2c98c17db0bf9bf1506c9d1fb5c5332a2f3001142253e4b086cf95c0c642223d16568461f6d4f993b76c718915348f40bddbd351cdc037d9d29ad21453463ad63bf4f6bc0bf35d5719bbef4708b349d5650ceda781c57f34443e62c90db0c5f1861e3b015c3d37941d9ce11618ba85612d9b1b0f9ae9478d027ff9064df0ede1c42303fa85658408f1837de1676ed83c05fd4c6d3905128f46820b1fb73598f18971b921267d4c9c19a96d4333dd76bc6dd6f74bd9c630af6b16d0c3f7eac14c509569010a0485a8c7ae082f478de2d5f6258cc0254386ab085914148901126d4db69b34e312a90682db397b926d321be4ef2f2785e07b0772a116a82db602d7d180fdd2e6e7f418a96ff473c6b88ed8989215cc0389fcc604ef34c2e8c71b9639e32452b86891afa1d81a5ba23a6be19e0abfc744416a912a9808e1aed3da443f16687474f4f0c7e307838184c7501bcf7eeccd823a7195015462db35f0ff872e3c4a2913332171121c97b2173888b5b70a7601955ffde1a9ce30f1f39c1cea0aa1267b3f3081ecca1dccd78f3332483760984c22df4cd46e1d84f3ee1dd848950ac9444bedf4f3859029889bc72ece9bb3c440884657082855530e41ca168c3077edfd70286cfa5ef02c1d56f0dfde9f4ec9952e947883e712b2bb6daa8d5f704799057f99d9c7dc91fb5c15d953090d194791ddd0434d94e9caf8ce6eb8078e4082f2d397f6ce3e2648a85a6e51c27d4669e555d34092c071f0cdc28c66e8f401a2b0b785765758d339f7992123efc89d77eb23987916e83803cb72e48459162b813c540191906ff8a7e9ff05ca5ff8c0316c9ed68781ef4fbaf60e5cc68ca480ecad7d2e3bc201ae641890791b2eb73f406c7d07e3b840b7ed5e043975af1c4b7c6ce69ef3b54e1b47562672ecdab5de02f43b771a54879c32102dba097e4d2e1c944f803666804d648db727e33d5582b24b19cb123931e869274951b8b4dcc6c5108dcfea74a5096b7bc8c73b34275b8778e6c7b56f7a57f66a0e34d293f1a3394efaa2ad7a1755041a1a45e6834cccb4c21a92191059d7b1b281aedadc8ac63a6e1f2a7c5ce6f22d0ec6452b15de859c5cb9043751e51efa30932baab267e64763e9db8c0830d8a1484ba5525d0e70d1d8044e308ea06cf7c308bb8e619653c25afdcc9f0bf221b39638a50069383543071cdf09043176a0d59ff1dd9be0f693285492ef30f1d3b381be8d256f1eba4cf02779e430b136615cefbc0f5501eb8208d51eb795905b039f88702b03a9dc02c0ae51202e5d56fcf629f0c71be12e4277f93c3f0d5c1b2db6d78dd5c8ed29fbaedec11537bae3189a8ea6bf11799fabd57e4b3c2455c99a706fd2177fcf42d86a707bb18442e60b6f07d5a135e54dd6c6b978b47f8d372f859d407d09f499ff6c1e47871b979c58e237f29e8b8e0610f0b01f859eb083604d79b07d66904f06b2a4763294a24a007ed8dcc16b9dcc830c75160e8642012c4131630a49f1217b7608626f732af3940ef2c8f4d2a4a7765161ee161d20abb90d9c6bb49b8addf5a03b411a23e5cd1a7204e0bc8eb9cb28269f139d473a8a2efb33f1c45ad24aebe8fb9535bfa2f2a1760e15662970b17b0485adc14d03eb3dfa8e039bd7f289c6b5914e359fdd941676841cc9312f2b0866c24fe190170530fbfbf450cfdc129ae14e80be2e4d07012c03ae0a7a49d9c768dd0a9326e62efbb913a9d56650ba0c28dd61f37cdc4327aeb9d58123bb4bbfcef964310f9f9a3c21e1f4a06713e842023dc3cd3c1bcf575d4fa6beca38113e3eec44ae0758fc2a001a2b2fe40e40512abbc258b78719aab9af32654a3d556f84828eeae7ae1db5c9460410e8b7253569c42a8578ee486b3a7604070bed3a607618a5ec86d82f1dae44e95c41af597980e38b0e7ff4d26e3abc67383f51b53c14daa79e012612dbe0b730069b044617e13ac665725624cac226eea43c3129aed5c487ad7698444afd1b6072749a52997f42b62c61a9fbae46a61c75223bc4d4c472204a37b1813a4f2b8486017672322535cb442316b7dad0fdc98031b66f3aef843db1b001f098bfb9391d293496c9fed2b13b446d477beb6512fed751d2c2d137850783c7efd2b01ed4d93b0fce0c6e1029928e569c806622a910819556603b4e7cd1294739762edb156fabe423c00d00018c68ea7196a8b6c94ca983aa15df65f7f6be81218a0a9bb6b2349d05bfd00034033dcda97ccd9ee739f6368debeed2789a12a00dce087af30dfb95ec968ebd9fb1742321114590d364ea57b05a29906929bef3551fd7eb29ddc88e6877e08b0d4c404b3691a4bd889b945787428d07395cb7738265fc252138a55dac9fa74833fad86a2c533dc61043171c00a3fb5d68d34d1d53094aa26aa7f000316510159c543ff4dc033f3fd8133fccae98d138d3127ebd35b30ed2b214627ca2583674b9fd64a2a37696c52f529deaaf9b4f9c93fe4f2fab41f9ef00faf1611888541f6d24d517ee5656ccd81608661824ceae01b9a99387888c5a7368ec942047bebc0c9b1e30586589dcd59fb985bb9c9d1793386287e63aaa428c3f9d638fc2e3315964c2f1a8c043e01cea6d704cc4b9443133a2c809db5eb24f5e4dee789029a2afb4b5d1f75b1daf39bd461cc41b82d36ba71a704d313b60c0c7632aa8eb15ebf920a0d8ae1ebf1a50740b2dedecfa6f75e4fa6df0ffd7a8de6152b98cf116a79cb23affeebcebf02c2d15dfce12b85d24cac2f777da98171261e270859187865bd8c81f7b9dc5b1ea9a09b54c464fb7b39d8a52d0bcba7f36731775d48fd3a7ae4568a377f7d9fd86ee458c2b782cbe222095b8fd90920747a3fce0742eee05c905a83acde1e816643326b635ed0a746994d656423d71eb42d98c7a983d6a99f224d0616e688645eaa52f5bdf0fcbfc7dbc9d1ec9081ec2f9fec4505fba7f5e42d795ba03c19fcd4163816026510a6848ed3cb2d458df18b947fa2b8caae4d2d6cf8a3f487ffe07c2c0f3a44eb3ee9683d90bef582636231ed5a179dcd11b946fd4819c06f5e804ad6a4b1d3078410dd2a7a1c262b8aa75cc950110edcdfd2e72a3b293eabe9ecee2c4a7e0a56bd38f41af6248cdf737ef0e27b302764cd0581ea8edf418cd7b7b8bfcb9a2cabf31f0a01acc2d3f5388ff8fb318622d2cd14cf3f3d8b0e4756a431adacaaec861970d0455c8fb09642cfb262c4bf21bd2b060b8fa9ab20c2b66a25a5ebffd947f7c46e906230b44189452be5433682b45f2a6d8a999a259816d59fe82a62b1379763dac70e206147d3b386a4d11c1b4058485e9d26f40856fdd4e1597d973ebaf57035c81f730fc0db0a0b842c4a9f87a70678d1df51b093b25b72eb1ae02505b58e69c805301c7c4ca6170bf6513ebfd7feb2192195444d2030bb2d86b6d0679f8beccd25c77c6b14874443acdcae023b9aa62a5995a82a698c7503a155dd5a7023e62256bcc6f4970de1d20b32080cf1e8344078169a3dba661ac5434871df9204bff29193b25543e3c32ff27628de09b2b1140f37a4bee7dd9738ae1065f279c4731ee61d9a0bc1e38b46d8447afdf1923cf3f55b7a7f56459184c0c0a14d42fe52b8bf2129c944279144cdf459f2bf5d81fb125ae9909ca7eecc8097fae6b0da63452fc6a6f1400a3cd16087abae711148315145a0dee6ab226bfd94d49e0c3a6b68f8b5ce1177714e202885d92d9b51018f4ccc522e41414d3eef90a9702fee9fc636447588b167890bb2c463fbae54b1b6ce1c17a4e1aa506901b3423b7f9ed97ceb0e26c63950d0a8728bb1775c83b86628c6049667e99d7c5aae42bea9bf287af587db361cf421f5a559208ca89e90dec64b43c5d41439f10d501d46f55926c4fe6d99fda0ec5474dce1168399d802080b520211d58dba67e0c67eaceee7dd2c3035622e6644a6e749bcec45c561efae4824c984f7af10d5c5e29b3835e6ad3218813aedfd47270db4e7256e52c3e8e19700ad0081fde75ddefa9f4d11c95e2ebde54f212094a32053a36ac7fa801aa1d13e0dfc9571b7e97c4c0dc41f4156a5c002dce3ad980de62a1f5100a517ca14131978847c9c17392001ccd0f109e263bf000edb736d2690747245089a9c7939615cdd8c5e514fb36e64fbfb5f891cbfd72f63ea58684f22861df49a83dd3c0070f365249a1ba94e3fb145a7e8914cd8d93886dfa0736dcac7fa35eac5229007cba61a8d918fdf3bd5cb5ed61a1166960fe2c88f6ceb2030424c10f444a873475943bab92e5c19da2bac49b50e85a528cf88bd179819d167448fc8ba47941236c2d860cbbbdc47473d27165d68ab83456a0f186091d9821c07cdef8d2069262548b2bff554170c6b5625c7b87311b67a744a55f0e3442cd9d307d8a900c3dd6e6561a437ffb7cd5130b896e38c6e9f00be6c4acfe021b78f2df649ff565b354b003b8133283f1ccda7cb6c93fef7cf89353de3bdab0ee0e42e7af38b2e7304f5bea891aa836239a7286f58f5e3fde2a9ff074e1d969a22af3b19126c0ca7bb6d04780e49957ad34cb65bbb00d5ee4635b63f05dc96e83cd1d318dee1f8e92199a52b66c720eeb15d5a706b65d965e8c74c412eccf51a9a920039c70d2bcbc834b22687a93abd5522e384878f921e255e568009f40aff048c66dd24a639c7ecceeed31e240036962c15874d71796f0e07be9d0e7cc0dcd1eda15eb3bffbf8894991add5ed75caca906c2414e4e6462e2492e1b05fe1a88ce84d6da960907619c2cc775b2b7e9eac0da052b3c690ddf00da3c8900a7ba69f160e1dfd5b447b1ce82587f0427ff1f67d72c92e7fe5038d4dcd3b287f7a504dd0b5cc3abe57e6d9678ae33d64bb936bbf", @typed={0x8, 0x20, @pid=r4}, @typed={0x14, 0x60, @ipv6=@mcast1={0xff, 0x1, [], 0x1}}, @nested={0x1088, 0x75, [@generic="e15bbce1a361fd6c075b61179f03594e2fc38279ae225dd39fe9cfeadb4de09ab307da34477e26cf9f790501529e4a2429cd8d1d45ce08f7fb342697478aa0641510e01189e0dc3fd81f0a6dce1f9652bba4a30fb44e443dac840c3786a0c50675b2bf986e005d274b7213930a77daaed82ba00ba017a6b80034ced0618e992c593d41d995fb0ddc7c19598d5a8e88684d9bdfbbfb82b8959622b8e6369ee94a8a8ef4445005f09d680cfa5ba314b2e604934be6c2eddc3e257a6607c7c187f73ee8811b020dfe4b61564fe90b29d6008d307c9686bba4f67c85aed00d614db1e0d321a8e76d3fc6b677c8c831fb07247f45c9680c78b345e175c4c115fe5d2031dce50546ddb1944548348de3af4db6f11483fbfe7008c9d89b5958e729389731ec6f90599350d7c62b1842efd00c892b5e8a3c6eefa79627955c03e4fb9d52724763283ff50921096841ce52b58f18725fa55be5d69737fbd8f4f9b303d5d558973b8b4c85215d1c8d7df6581f45f16d3cd3ad49cb5bcd92b04b787cd2c31cdca521bba63318df800d5f9a999641bfb30377ff2eb7df91630bac78b2b8e4087141a5dec087e895b93c5c80d2058cbc68af8f2bda7d1b78ebd9856a6aaad250f5815428b7b08f3bf2e4765f91105234cc2b5d4ce69279235f463c961730bcb7b1ed1125236f09119fdc1624e9cf2ec50d0b52bf55f50d917a7d08a5b83f9fcfb589c06f082286d1433dba3fdefe23e410735bd7fcc3507bc3c42d381a317d88df708ed349ce25d50396f240324eb31cd496a802fc18711e9fcb7fa5e4b2ab1a53dd9db1bffa3a39cd7b0c5aa298e3aa5656d6b1acdef153ff3b16a41bce2571732e4148bce2429f925cf093fc0d520598da10e9ada958c147eb77584439b9f9f848711b2b709afb4698b29e16c6f6ede969c26689ae2a1314a6a5a72539fa57cf941501df0bf7b7b06e787a98480b9fad1551592c04c49419c574e220970c016f2747fd2c38a467eafe6c90e14459ab7c958cf43f5e688f70c0b5d8ee2a3cab720e04f347f36ef63cb9d397249f98095390a90ca7db04a03458c24dc2d21ab8530250a2c44592759d75d8abb96b25a3630170835de460ab4ca944810165f561cc918f5de5fa0eb2d112ae3961f1320ab95c07158feec4a25ab16700a280ff93f0f53f906f3bdf28956894b1a1ebd62a5f1d46a92a733f1caf923d2259ffb815873c5c1c8e5e73369b34c9fa5469851685f72a3fb9c5ab1b3aecb5d7bd35a484f1076b6a7cfe811fed5f2e672950c2e5588385df0ad307c291a39b979ab41869344d92025b93d0337c5575f75cb4526cb675effad77642f290a5682b7e6d1d6337e9a19ddf4e61e02197bccd0266897a3e43d491c8870637183676e863a46135509d503327583ee89dcf5a4e6e2fe9f0afea0d33ab2685d201e831854f09a8094bf96f69949071bddd91d895524f8f8367e22d2a1fe0be7d4f23df42568cbb1b24b7292834ec20528fc209d592539ac28d2ade76f05e1d6ef80ea9c5691da8e3f7ca812b849900647e70d650d0d0450d9e42b594857dcd59a69d0d4df040bb8cb4208c4eccb04583596ad11b207ce4c889e21358e0dfd936fbc96ce42cd1f1648714cb740edf9bafb22d2de7267051781a990a6883ee1c21eb6c051319d46a15c3f53544da450dd53e9dfe3d2f7e5f6fc00afe3ee04ce6d06f92fa91c58126c69bf8beacdd1a15d54f80396438d172b53e48d24f473810a9cc99f00006bb6082c2b05e000162834dcfcad58caf59924a9f1303dae1516b528f42777f886886b984c4ebec3ea2dd36417963c9ce5aa9561f9d539b6e58258b835173f82d5f50ffaaaedf5963c347a87bbcb4c087af3737b0b1ac69869d7c9013459af7ffcfff0cd0921d256a5e555a27cca5cd650227fb73a1d72907893934bd41bd9823ea88980feee47ada18f36ace7e49c7b816e41e8d24a4ea332c5c912d9decd38016deb15a1940f852ef91aa49a902ced55edcaac18f2a5b62d381f661192dcf672503426d59297aa46217b2897f1ea6fff0ffca32099e5fb81a61bc677bbf573de793e6ac1c278d9c54838204388d4ffa4b98abbdc5377871883550c20458f69adc5564bdaab24f4dc857fe08fb011950c9a1b805478f69d4092514f06a616f40c8c3c79832165f6db285e7a8053ad334dad53d2f74bec36381956edca9a5e237ebbee03fc03b32ead03947223f1f765fb6d98f427f3fa7e169fa5fdff2a51765e8e588d501e5d3c1c58619606d930926e9bfaef6dec5c84cf03156425952f5d70e0b73f4e20a6bba784716c695d610e7b36df07b3d19045a9896428eadc19f53743109d6b64dd8d7537fec5436737e261ad86cdc388f3057705e89b9f26f6cec7d41d47542baaef4623700663769fea0ac33a28423edaff771bcbd5097cd0fe6ba7db3eabf576a10fd9dba273997e0d422af1cc8bf74086c758a7f4b711cb920ecaf1fc0893946580d38e77defec7e66ec556ffec712363e69e9426a0d0f1beebbde64ad3b8c6aafe1de63b2eea890ed9f3783d29670f7ab5482f57aa29700545aa07035ee209bde7856e4ee150edeb3aaa1fc29120f826bfb7906e1123f2632bf389b3fa180410a64b6ca2ab47e5471f733859cd8dbc6252c17155cd7ed1c72ada34472e2cb046b2a2672d0a622205080642b10487e79c4df03ca683a8e046f38b2189e5b977dc8a14112fe426e484f8bace2bb8220d47553e49331ef2d734e2627a9fef95df98facca85565fc0d56e1479b4754d6cc1382e97f54224cf8de828454291699dc7c8eadb8a3c995e8525cad80ad88faa8b976d8eca58130c17f6b3d3093608b8c6f8fd20d4294e40f117fd9771afeae49b19da039900abbf53a46a2ec3c82841b699551c73c288b40e0ced85116d4c9b4584119e45de7246e6788185e39ff9240c4b2fd6872d08f1914bec065e366d66922413c818e8460ca8bb090f5fa6dc615c4ac2f98202e22b90efd3783ee3cf0b544a2f79a7348b24bf1c34becbb7b2374979ab14bf1b96aa22f647ead2b831a62e850098031c75885a0c0e61a3eb4b7a6949fe27260a88b0edba48c7f498de0378e6c3012004a359d431341381e3a056e199fb6d4400c5f8535c0dd51e88c4c2aae9c0030ddea95498e37a876e9780b9263a7f445d8a1934b7405619c17faa6df75f5e2c6a38fd39b2fa57d4aec1256781df1759e300cb923232cf1faf41c53910365687dac798ba2d6f59d20cb36999d9fe51da6ad06aa95f00d70db2e6b5d8392855136c0a8f979ac889a170d0c5b7ab4222ccc57e75521a08279e4ea313029082d6ae22f94ac2127efb0cc6e76fb4be9f5cfb4608d4c5729410780d26b9129fc63405649011fe1a4bce3825797039ba3529922b96dd1c125f54b7906127a9e39dfca08f62b297ff7d97b820c1d8cc84a7dce486182a543c04ad0a8ab5facee564c304083849aee2adf3e4079519200ddd9d8d2bd582f7cacc64baaf59bf677b0eb111ca1ceee16a010052480053c82dd41033d3b301c9a41847a598b616f97d063d49ad97191da4f0f26eb71c16273699a0702baca746883da63a8f31e1faddd5c3aa8bd22e3ee0595a791da99fbec8bd01dbde39886d2941e80e475a202bd10795461c8ea0f8928846199e1c837da02303e04f056915bd65a19379ff7a514f19d1ed24d88a8d49cddb31d4575cdafa8ea2aad7703a3cd910156cbcb0cc0bcd98a3f5fcf2c82869ddc3d34136686facf5e2a8c8ed441f0a07d1dfa67214b5beccd36e719ddcc39593e538568a8634f5137384cd985444e2ec83f5ee8e276af19870f5cccd24d20f45140db166175718a85e4507eb64da9eb52532c8d7a06d6b3d5644c2b6f94214fe8a2f71629108e02623712d61c610d8b2ecd30a79a6814e2d6c134f493c5cd6b37aeb90e4317f427c2d6353354707d8ecb8e707961f8f0ef99ac174ce057b77bd51271d2f87c393d94308ab50ca819bee2e7801e16b49a889c00fba878d2051a3c957a5c7134665504cf2d136c35738e8a10799488a7adcfe506e184d3e1b0f15394f559f67fc306773b4eef06abdc018ec8b7399906c1151167c72702b67ab33e222202649a5091f730dc6679c272840ea76b9f70ea29701084eb25785dee793a841b06b2ac0f8e19899ece7eff6cbbd3233dc6a8d16b6cbc1957d185a66c2ddf949dd5d42e60a4d93b6fda19397671fbe21336a79b71e4daec2d518e97e266cee4bac38105ba394d081db9fd30ba169b61b91990c75a5ddc6b2d3e0f8c68d706b0c94e3462b282a11f32b7a9d796084be05a08bb217e40681369c9de42ab4ccd1bf7d20b72c6cab86c596f7c6cf47db770181dd9602d145eb0d249a3235839c40767854aa991eb8bc94c3bc5132389849610dbbc1914da39afa8aea5368472b575923b070c0147d6f7b1ac093c658b64fc881369944d2f411fe871c2f4a161a910a3413585929122df4b5fade54a99441297c40511aad9e65909c665f2eb06e5a88923d74afc69be258541b6d4344882722402bbd79dacacebd71777538c4a7ee078b384488a558769906b7543376d849b5f9a969107fad4390a9c5c9fc752bf3ff589cda25ac00f576b01937f386f84c94bec1eecf277703421eb762689f86a10da617cd01891861944a2824dab21166599bbc4e37c3991fdec1504dadbf74916f6cb8e3cbbf424b8821007882e0dafe99961e8e236ac3f0487c8f39dbced20ae86313e57729f4b6186eebab0ae86f6f4bef1fd6f8c78acb0cdeff1827e6b383d9463e3b040d7a07ee2fd2f12c5500125ff0423f7fb9ae3fe44a1f3b0a84aadd6df808f92d1e15fcbd4f529eca38449392eca05d01e2e921e77b431a2ff872ebe7f18f87b76bf99136c660be98175275f4d11cb851ae1609fba592367d587ed87cc1a827ede14d7ebcaddb343551b13262a11ca455d9bbd5e80a311eff6659fa69db434f722ff2bb0af745edf13d5fa1adf6673e7227b54fa8ce35f81f872e39fcffe881e6b1c010ef290eae2d25d2ba7e77342e83cd4aaedeaca58ee7b8ab5a43b7dda25985574f1c7f54e8b4cc7d96c5d9e56f01186d0520a00b7f9fefce26aad2a77932b73a44cce8509bda4485ee9c8170898a54f0a78af866b1397a537b032e364aff22d97df7867b7979aba4b82465f8551f0a8eb0a38b14fca6f826bf8f7fa76fac2a4073d5dc10ef83e6fbab5f4a8f0bcb72092220578187216679ba0ce7963a7bb99f7ee4a4cd7653c741d4f8a3b320d45a05f31b2119c806c36fab99a442ddcccf1e9224bb39598f33a7475ab35bedf9e1f24b06d8dc264a50e2bb6775fa75ce6806b08be2e886c793a88376aa2d5dfc109582577156749e6098e834ea6a16040e090da3c43b783ca8ae507a27bd625bb07f7d82669f4773d414d945b6bcbcd3db43e4b49500d805bf016154ed20ed2106c9e7f9e248515de0c07cef61b40b1b020ee4b63ad8ff05973b62e46bc077a1a9ba7c63834ab83b61e69295b34f7212a3b584f2b21d41634ae0ad16c07c6d0e9841b73f48d32938ee3c1324dc48c315625517d2a40497dc81f6c056ae0ecbda6f1b89ef6515ebbe55f0e40f722f0634bf2922910b028c7090d6c4aa2bbd8f010585ab5ce4bdf45c064b1b1a37deb72e4f62f323ed13451d06d6cf9bdbe3c1977a0e02dd43f644dd3a10143f62ad890b0fddb09b5877a75f8ee475a708d2fb58b78aee2ccffc177f3a7f8f740631e4c8f6a1cc49b82fee8cf0d68cb951a2bcc51b1804b336fbb8d1bb812b1222", @typed={0x4, 0x2b}, @generic="7a615b12958fb12beee6b4003f5eb96b3c973c921d14c2d3de3ed03a8fbc816d7356a02633d152b6b2eb32f88634d03762cdeda72861baaaa6723278de0d1b640ac9e1d23f5d529331974104f90fa42465f462d5f365e85e37933088f6b58501ed0a4b4adb836876b8dd23a386aaa7a192fd27408214b4", @typed={0x8, 0x32, @str='em1\x00'}]}, @typed={0x4, 0x6e}, @generic="837d32d85e369f01be6f81128dfec1bdff057f38eab93e43c6664f434b90ecd7eee3deee337a2ad9e5705fce6d78fb1532fe071ce0980ed949f05d3e434eb4f7366f92f9454fdfc00e77322727053fcee9bded638036b2fb9c6f31fb2e6f8be3ae3cc0ed908aec7802dbde6e0f498c36f436150784e5257bdf6fec74d7297a9b403c0ed66d7c94e8e130156af539a3b2971a4434b26f9b27a4b657dd6da5343ddef57aee646fa035854b5f1f304958a8df3c1145b9a54df3e7601ac685b5ae82410729317046c4fb70f91185e284dcbc4ce14180e48d68b63274", @generic="674cea671eb091dc293ac10c8c0d5375c9ea3d91176b"]}, 0x21b4}, 0x1, 0x0, 0x0, 0x20000000}, 0x40000) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) r6 = openat$dsp(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/dsp\x00', 0x10000, 0x0) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r6, 0x84, 0x7, &(0x7f0000000580)={0x200}, 0x4) ioctl$KDGKBENT(r6, 0x4b46, &(0x7f0000000500)={0x8, 0x200, 0x11}) ioctl$sock_SIOCOUTQNSD(r5, 0x894b, &(0x7f0000000100)) write$rdma_cm(r0, &(0x7f0000000000)=@listen={0x7, 0x8, 0xfa00, {r1, 0xffff}}, 0x10) 2018/03/26 13:05:43 executing program 4: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000001480)={&(0x7f0000001280)={0x10, 0x0, 0x0, 0x8}, 0xfe28, &(0x7f0000001440)={&(0x7f00000028c0)=@newsa={0x140, 0x10, 0x111, 0x0, 0x0, {{@in6, @in6=@mcast2={0xff, 0x2, [], 0x1}}, {@in6=@loopback={0x0, 0x1}, 0x0, 0x32}, @in, {}, {}, {}, 0x0, 0x0, 0xa}, [@tfcpad={0x8, 0x16}, @algo_auth={0x48, 0x1, {{'crct10dif-generic\x00'}}}]}, 0x140}, 0x1}, 0x0) ioctl$sock_inet_SIOCGIFADDR(r0, 0x8915, &(0x7f0000000000)={'bcsh0\x00', {0x2, 0x4e21}}) 2018/03/26 13:05:43 executing program 7: ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x6}, 'port1\x00', 0x0, 0x0, 0x0, 0x2}) r0 = syz_open_dev$sndpcmc(&(0x7f0000000380)='/dev/snd/pcmC#D#c\x00', 0x4, 0x0) pipe2(&(0x7f00000003c0)={0xffffffffffffffff}, 0x4000) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000000)={0x6, r1, 0x1}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000180)={0x4, @tick=0x10001, 0x0, {0x8000, 0x2}, 0xfffffffffffffffc, 0x0, 0x101}) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f0000000200)={0x0, 0xa0, "57957ac8281ac71c23af86b30d6c2589178667bf22668ae8c60f06a350b7bd343ff0b3c5b9853824f5224333ecb61dcd64b2af21abd55ca35083b33c5826a8025dd21df0af52d6376fa56a62fda77f7973fbc68b3c9ef2b0383cb707973186e25f820ac9d0276c23678b323704a747cba1a9daf55f7f39438607b63ba303cdbade772b7bc1438fcdaf17cb27e31f8341986964271ed733616647792aa1c15790"}, &(0x7f00000002c0)=0xa8) getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r2, 0x84, 0x72, &(0x7f0000000300)={r3, 0x3, 0x30}, &(0x7f0000000340)=0xc) recvfrom$ax25(r2, &(0x7f0000000040)=""/98, 0x62, 0x40, &(0x7f00000000c0)={0x3, {"8b7198dcc7266e"}, 0x6}, 0x10) ioctl$KVM_SET_PIT2(r2, 0x4070aea0, &(0x7f0000000100)={[{0x80, 0x2, 0x19, 0x9eef, 0x8ce5, 0x5, 0x401, 0x1, 0x1, 0x1, 0x31bb, 0x8000, 0x8}, {0x75, 0x800, 0x5, 0x401, 0x100000000, 0x7, 0x80000001, 0x3b, 0x5, 0x10001, 0x9, 0x9, 0xfffffffffffff000}, {0x6, 0x1ff, 0x80, 0x6, 0x6, 0x95d2, 0x4, 0x5, 0x0, 0x8, 0xffffffff, 0x2, 0x394}], 0x2}) socket$bt_rfcomm(0x1f, 0x3, 0x3) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(0xffffffffffffffff, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:43 executing program 6: r0 = socket$inet6(0xa, 0x2000000802, 0x0) connect$inet6(r0, &(0x7f000000cfe4)={0xa}, 0x1c) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000), 0x4) sendmmsg(r0, &(0x7f0000005180)=[{}, {{&(0x7f00000016c0)=@in6={0xa, 0x0, 0x7fffffff}, 0x12, &(0x7f0000001b80), 0x0, &(0x7f0000000040)}}], 0x2, 0x0) 2018/03/26 13:05:43 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r0, 0xc0045520, &(0x7f0000000000)=0x8605) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:43 executing program 3: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x32, 0xffffffffffffffff, 0x0) r0 = socket(0x2, 0x7, 0xffffffff) getsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f0000000000)={@loopback, 0x0}, &(0x7f0000c3fffc)=0x14) setsockopt$inet_pktinfo(r0, 0x0, 0x8, &(0x7f0000b39ff4)={r1, @remote={0xac, 0x14, 0x0, 0xbb}, @broadcast=0xffffffff}, 0x0) r2 = memfd_create(&(0x7f0000352000)='\x00', 0x3) ioctl$TIOCLINUX7(r2, 0x541c, &(0x7f0000cd5ffe)={0x7, 0x401}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r3, &(0x7f00005d5ff3)={0x2, 0x4e20, @rand_addr}, 0x10) lstat(&(0x7f0000962000)='./file0\x00', &(0x7f0000e2b000)={0x0, 0x0, 0x0, 0x0, 0x0}) setuid(r4) syz_open_dev$mice(&(0x7f00000b6000)='/dev/input/mice\x00', 0x0, 0x10000) ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f000033f000)="f2b505cc5077a7648fb5e63cd5751d400c2c960bea932e08498ac6e04d86ef9921871d9a749b3d0a75e501d23f33697a34ad1ae1e4eba11665d19ea7f69220e098b4a5be1c24e724852eec6c547775971acbc982c3fdd2b07bcfa564788e3dd13844364c53e5d634ab0aa110943f122d50160fc115477f723fd210a4c631de0ba883599aa96c28c7f43b42654269e5dc3b7201d2610e68890214260516e34ee2834a76cfe9d9f27d05a0a9b2667240b80a77ba2eeb1bdededa92333d5630d9d7979de653ec00c00a74dcbe5100fdcf9309804ab789e23dd1e5c24d06d037f7299ca9f6f30e01c8d28b78550c6fb6695070f15ff95311") ioctl$TIOCLINUX5(r3, 0x541c, &(0x7f0000c51000)={0x5, 0x7, 0x0, 0x7, 0x10000}) setsockopt$inet_tcp_int(r3, 0x6, 0x200000000000a, &(0x7f0000000380)=0x2, 0x4) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000048ff8)={0x0}) getsockopt$netrom_NETROM_T2(r2, 0x103, 0x2, &(0x7f0000000040)=0x900000000000000, &(0x7f0000000080)=0x4) getsockname$ipx(r5, &(0x7f00000000c0), &(0x7f0000000100)=0x10) sendto$inet(r3, &(0x7f0000de1fff)='U', 0x1, 0x20008005, &(0x7f0000db4ff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f000081affa)={0x0, 0x1ff}, 0x6) bind$inet(r3, &(0x7f0000cf2000)={0x2, 0x4e22, @local={0xac, 0x14, 0x0, 0xaa}}, 0x84) mbind(&(0x7f0000d42000/0x2000)=nil, 0x2000, 0x0, &(0x7f0000b6a000)=0x1, 0x0, 0x0) ioctl$sock_ipx_SIOCAIPXPRISLT(r0, 0x89e1, &(0x7f0000000000)=0x1) ioctl$DRM_IOCTL_AGP_ENABLE(r2, 0x40086432, &(0x7f0000000000)=0xc6) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000defffc), 0xffffffffffffff19) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in6={{0xa, 0x4e20, 0x6, @ipv4={[], [0xff, 0xff]}, 0x3ff}}, 0x5ec2, 0x80000000, 0x34780fe0, 0x9, 0x10}, &(0x7f0000000200)=0xa0) setsockopt$inet_sctp6_SCTP_AUTH_KEY(r2, 0x84, 0x17, &(0x7f0000000240)=ANY=[@ANYRES32=r6, @ANYBLOB="0100fc000e3c179b8c04d1c2f534a65c3ab53bb43926ca97cd831ce46af87457443793bddd7bd080fadef9ff424d0a27a7cb134df6a192c8ea0342df8b44e3b1790a8df4823e6b8c4adb417333a056f334c17f04848f42ad0e1048a16777ba8ede7a3f006c8b9946e903ebd5cae7559c591aaabb7f50763d446f8c539d5cd1f64114bb3822ff44e2704df8d65f3bc6725e74a56aa7546e1267d3fa5e5fd6ab808a8d065e1bdd76414648ec143d0ef1792d388807f2a8edd1f90231dcb506d26f6c3c251c3d4d03e1e8ae154f8ac2b5858140441c8e821805af2d5c8b8f7d1f9773e8b8a9d936eaed51cfadf57c62a95bb1cb6c3a81d5be4cc1b58251c1e12906"], 0x104) umount2(&(0x7f000046e000)='./file0\x00', 0x0) r7 = semget(0x1, 0x3, 0x100) semctl$GETVAL(r7, 0x7, 0xc, &(0x7f0000000000)) sendto$inet(r3, &(0x7f0000b0c000)="11a58fde7649496403db92ed306004b3d3cbfc195485c3b895d864ab91a3aebde4f70a917a91ec9612d004000a7b43a35bb73249ede41bf5c05ab608fb7b74ffd57f6e8e43cf9cb723fc0d8d8cabbbbae3a5fde8ad6f52d667c512596f50b9962aa2193688d872a7eeca57801742d74d39c4b003a5e292e077ed102e7999329aab95a3d96363505f76c86a6d2352dd8025207ae531701f1ce353d6b017eb64000000bc2e9f8b66fe4a8e64f0fc7a0aa55d4103e1d7d5b0dd5750071e9b3a786021678a86fcbb0b9f9364ec0f0310306fef9c21b3b20d8b44423b495299cea2c6f40c377a72534453ad7f5af27b1efb2514ace1f9a68cf205a9ddb8fd954e34bde3612e6e05686cf3b968a14bd3a356f7b8d20214c0f7a388ef5ea8d063c65f2aabff685e69f86b4a0b3697f8bfbfe66796f0489ad2e49bdbc1742941c28c88cb93e1f8ccc3db4782cdf9cbd797ddc8d7b1364da50ad48e081a38622280169eba5c6a3bf9b5f15bdf8a8b6483340a3297c31154905db209195c28f15d10153204fbe0586516c714ddc939e0eb68c73969e81fc6f215b476ddf3fcf1a604603360089dadba2779cfed9027ac163067fc0d7592ac8a013b907372a42b242405241ac1f63f85a52fff2d78b30e87a156b5cfa133dabc259bb027bec5eb8c8eb623e9776a13d3ce972a6769de8a78153f498084a244b0146b77be3d1cba7b02fe8906ed8a88f105c763d1772825b986d52823bf38b6f95eca494fd9c64497874b9f450bec65311493cc108b27611eaa6819305a3730d29368f25f7e816d60884a1e0271c3c786ad36391366ac3b65f04c148974f6973005c5ff73d6f0b3f7e44c65da7c4115c4ee543991e4ad26938384cafffffffc8f7e79aaf1b8ef37f627e3c7168ecda2cf224a491bea6129fcd954b88dbb2d29464931bcd5378041db67ddc70ee856ae09c1b26b9ada008a7d52bf1a160606865a29794f36b2a3811c66e9fe27af8fc8356374e37f3eca244367fb535dde71fae4683710761b89f18820d4f06065450c3d1f76fa26ef28320edf6c36480af14f4444edb40ebb3f8ea264486ec31c40c7f0007a69c24da10db6f60da3e648f16b5fc6b5a5c6217e46c1f3ff354a8b49beb3b46a69dcb4c5d547a7b7ba8fe22da0173f9fe80f4bd47afbec4d2e0d3c91b1a326d8bb9fded873e87f847032af52bd6d129f3ce3f11ea9d0b4250af7eaa2649d9972b9b8dc773c869b3a431eac7f55d6bb92dc29f08d7d8959e2af7571efb7ec88eac4b62850e8f6b60d4a5d06d66875b4bd260a9014a2eb88621f4c6eb3f9ed2190b48acf0358d8b82fb4794535fcb8dd50ba86d23d230a94f07a768142ff3b4c8558dac21726b6279980c238041f26e86c8e3fa83028345999464e3e37d610ab7c15daaffb744a505a3dd9802b3721f29553ee23e1cf376f12cc3fe6b7ac76bd13da44356855be096155e355c9cad31fcdeedc6679c531bc1a2765dc8777108ec5e31d793005e718a9ced77d6505e44f649128a29f5264fecba132f9f5016eaf690751edd64d903b36ceb2b08042c60e9e97f8bc985476e6088a5ebd3743c2358171b30b16d730a5dd49c92fa19cc267e2c1927f200fc3d23a804f0a12b06a6a88a2685051ab28f1721209ada2c14b557a49423795b07040d510bb21ce5d15acedd18cb7cb7a93389ceb934206e4ffb220048a7a82fb3c251d0a31ba5af9eb0c16e29f33f9d0a78f5e6300cf04d17eb5f67711cafa0d4e99eeaf0f8fdbd34170318879a0d12c01891127ba7b677d204268524c5af1d7dc27176826302e34f9d35d2f2eefad5f22f68929d3456c11d5f00d4a8ce8b784bca8088805731eff2d47024c2da68abc2d2c0f7806d7d76cdf489f3bffa75cb826bc0809331d89a3255a498b8150d4ae31d03414ab244939455b6377c2917cb2d8a9f9ebf282657e417860e49ac94f4a838aefd34f28960a78da47933252d8cb2fdb27d413ee54502cd1bf75585468b77b8dca627cab29ef0a5297ee3dcb4c987520804e9a5f45e8241019281bab7e30f4b008bf0edf3b6fb5e8d1c2ab619b2eb84293d636a6a37d716cd8e102b7099676693cb7b01031b57ee93fd22cb18229893fd4d4ef87f1596879ac9f61b2f0c35be34cb6e6f75087ff963c188d43bcb464a95e956e75559eb1f6f2224fb2ca8f0bdc90ae5c2ce712498ee4026b13b8f3137000aa1545a75e5b48e80da30e6dac5529cac1099244e79ad542f45dcfbf16c62b5eb63daee8185c5e79ebfa1ca60880f9e2895f54ab95bbae38ae62200c1e439d73fa63d0bff75935a8ad2ae73b82132e8d4eb4bd55844b2f55c65d5ffa0c65aaf0cc5bc73925d05cf7c1c4383af074feb3a53919d2a3b5bef96115aab966821dbfc4577d19d85911a485c58a5b87cf44d230cfdc255486bb09d5c16f2164397f0fc5f652a171f0269bdcd98291410c010cc377d2690a6032fe5701117adbd0f6b847c9617a9b3d20529024d8d9749b9c49827694d346d3b1bbe434122331986b9f6e84430dfd75d123f3e307d6f5514f3da09b527408bfb6816da54beeefad160e4b095517f3292c2e17fb3bba47527671d0afe7c35d54d25ab307b15d069a05395a9cddd4b519224fe3c689d14827ede6d91ebace2a80afaad3dcd1f8ce20e92012b8934d7ff3ebdd285cc24202a86d70b96674a6af05a3c29065afa4e38b9c34006cb3eb9c87985cfc511a8c261cdeb0c7a3c7a682c40c5b9f1d7d5ef6f97e32d02fdd3f2ded413f4a36c4db899b96c8e40d91c2743cd1d435013e3c3431c82fc5b3345b66cce79fa49f10baa4ef28535eee8c5c1a4b38bace2fb14ec11d34d620b1cc2396dc1fa857ac6ac9f5689b5935f2f25184edd40f8f5c70714f941beae3e1bc9af757edd9d68fb24218e2a02aad4dc0b3c2e5ff94ce547f358f38e52673473fd0e57497978324aee16559e9cdbe5b3a0b96dd69fe5bc97e644487274b6158a0412bd60172bb66f774b8eae7bc1f52ed64d44c553bdc26823e35f18683554e7359802173d1fa86a66104abb1977c3e9fa6970ed7ee483b14b65673a81786fe0ed301f8edb0669fd25bfa0d565e3e93b19b8572c98dbacb103053527a95ee758be002e13df756bbc486def0db079124db72fadc26f0a26b42e21f260f902bb4cd881baae57eff1c3cc15063be17e48208b9a69622adfc03991d204fe0f5ae2528b22c7743f97e0669a1c3c0d0d90f39846fd954d681be0265d14b12285fb1b20bcbaa95915ad51ab8f84094674cbac0071021b261c39a46b0177b98f1662100ef31a3e981236d51e6c1429144a89d46b149301873ef99959f8ab15c12309620d5d548b62ff92233a3f200e0d0a9c2122be615dd91e6a6cd89290d24895540635fead9a56f481ee3fd7890852e271fa7c37b1836a3e1764574960e1ab9fda1d25693cfc33defea84f65c08cce479c66dc16b28d453a1b717fdd9f6ff46b1fa1b6866b4a8c1ad53439c5958403953b3a844b660b28b11d427b392a7c710edbf25725a65e6b94e4c64ae458a8c97c9f7a05a7d8ebf6c76e3afc0204ced97be84986da5403ef31eff1790c039fe00a89976ccab7638d2e217fc64609a41f3a008ed78b25d1a9420b782deef6ce2db0c6d427580087b69c75c1357ed2908c32cffee1c6ddd08510562ab015507a4eb4f54ae5c097cdca34f521f9fa8df7667645a696a472650c1ca9c035e95f34db54722897159c31dc6be5693a5f3871ccbb48a7ead233d03b76875590fa20bae4f37a2011622d0203a3e9d9e198cb075aba26f5e78a8f0b0cd27052527daf0f8e77858dbddec7038c198b868e93ae32f1745d166afed4129460e07af8cb6c3debb6503e87f3cb309e39ed3d682d24adec48ea22702c4d8d48386977a89b73e585f8c2c5fcb0a693cd5028a601b04b833a41ec705735c767c70d316b60aba2da24bd6523533f3180accade90f47e412b393ee1d2456cf8bb430289ddb824350764985c5e35f738f830a378bfa65fd167c7307c13acb912beefa69e499d4a750e820a7af08a7c204ffb64e09fcc921a4e79999757d608880bfd52255bbc16369af4f779edfd9439cfcd17fcc02d5aaa81bac66fa2e551cef55779bd90e8be587ee698575918fced59ec652af26718b3afd1471379132ba0b5143a78f84605b1ef51e49e820a8a8c1639f66bca5afd83602287e982eb125a3a032e4cc5b5be91ab4d8d958fd4dc4cbd310eddc91d89ada4d33fcc963d259e222520281d14e13577906e33665a31afa7cb501cc0c1198d1f755005e82f29bcda62bbf8680bc23d09cac6a8c89709b30c91d27ea148f01ba745346f1ba9ce89cd9b71ff18668a0254c07479762dbb78117c50450506e2a0a606309aa383ec55a49d2569c3a3fef8aad456aa81cb859519765de18a4b92194e8a6a43f1dade801f71eb56699bc021fa48f320f4128d6c153a2ec1fba1c5ca55c5058641692365d311c8902aaf1428d83281aa970af5d98591cd3af30fbb5ee4a1b697491ff6dd727a329feb17b782f254d691f949baf96afa195c62f2c3fd1855a79b25268cef9822e3c6a1b3aa226ec494b070a8774426a5f8877714fe206e569635805208ac7823c8546ec33e4482a85d6fddf86a37a1c60f0a19b5dfe88031b7541af0e93cac8a3bb1ff3e60190b96faedc3b6f63d38f3ee4286fbaa053e8e27ed13b77b2c576d824d777ca53df76d9572e71f74ff180778bf57458b37fe9dbaa6f9927b48b059e5c7fd908ac826aed8f68764285022f4b5cb6b73ef7222ecb0d701c782ed5c16a7c94235fe7c3e0bef9da7310c5f3cda407c5ae7ecfb6b392ad576610b48af17b3fc8a2fd6cd2eee1153cc48a21ba6768a88367a807be008bea547402da4c92c2006c83d74c9d0ef2ca711c54036c8e76ac26c7d22060c9bfc2e67f1d1c6f6bd2f751879295ee21fcf8588c9504cacb02fa3e3fc6e2bed352447a5c2677caba0538960357d6d1706adef5e7d4f6298ed4ecacb7776de15d9bbd672f9991f4bdc4f07401f67cf3a74c0495ea58d0f76a2e6060cecc1d04b93808dc8d61130305740b408359d5552cc23a7b1eff4285d563b4b6b011a4a11372a2bb01cbda724482f95c4487b02c85cc121012b3213041ff6a689072daa4d86a4c125b110f4e2eeed2dd73db0f94ce995896e0b8a9f8f3e9559024251a5b1726b0b3775bac9fabed968d2d4ea31bbdfb2910331d92cb4ff5cc9037cc08cd35f88c4d7b89e46a8cbd05e3c35732b5046b33060dce5372b171daa526a46c3444b331e71f0455fb8b43dc46e2c9f2c4effccf040e56de00000007b16de337f13e7a610feac2f336e75405a530815366e7edfbb429babfd0e68db56892b94621edd9df6ff454ab1dcdb8d39d282fa7932ec7ba5203df2f4196538a1fa040c8014d20ff57fdb8515325a6997b9b71f2094e053f126402a47e628eeb7d8f665fbabe8f1a409ca9c7c5c25baaa0e9945acf27e96f8241a445f7d3352494ba4210b348fa0ec11ea67dead4fc1e5e4f9202931386468882bee59f8d12174198142ef7764d6b930e937e20d018c0cc5a780490356f5521aac74d2c1736e20ae5e0cd8cf6676ac337e8a8976aac75a698e34e72bac561038f228c13b6e974bc21bb79618111db507f3ba314dd2d05fd050d684cf33d8da5f8e5f723a092098ac5b180a6579d543515c2e1d0eb502193aedab526d354b625990c7d5a9f90d86c4e374054f1d14270b603065293e7fa3840de575413b74bfbc4f8c139947ade9a6f48907053f1ae3a95c2", 0x1001, 0xc004, 0x0, 0x0) recvmsg(r3, &(0x7f0000df6fc8)={&(0x7f0000df6f80)=ANY=[@ANYBLOB="000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dd00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x1, &(0x7f0000df5000)=[{&(0x7f0000df5f18)=""/232, 0xe8}, {&(0x7f0000409fa2)=""/94, 0x5e}, {&(0x7f00007a7f19)=""/231, 0xe7}, {&(0x7f0000d76f57)=""/169, 0xa9}, {&(0x7f00009e3000)=""/230, 0xe6}, {&(0x7f00002befdb)=""/37, 0x25}, {&(0x7f0000554fcf)=""/49, 0x31}], 0x7, &(0x7f0000c27ff9)=""/7, 0x7}, 0x0) 2018/03/26 13:05:43 executing program 6: r0 = syz_open_dev$mice(&(0x7f0000117000)='/dev/input/mice\x00', 0x0, 0xa0000800000001) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000693ff4)) getpeername$ipx(r0, &(0x7f0000000000), &(0x7f0000000040)=0x10) ioctl$BINDER_SET_CONTEXT_MGR(r0, 0x40046207, 0x0) getpeername$ipx(r0, &(0x7f0000000080), &(0x7f00000000c0)=0x10) write(r0, &(0x7f0000000000), 0x27) 2018/03/26 13:05:43 executing program 0: ioctl$TIOCGSID(0xffffffffffffff9c, 0x5429, &(0x7f0000000000)=0x0) r1 = syz_open_dev$mouse(&(0x7f00000004c0)='/dev/input/mouse#\x00', 0x80000001, 0x220000) setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000680)=@filter={'filter\x00', 0xe, 0x1, 0x130, [0x0, 0x20000540, 0x20000610, 0x20000640], 0x0, &(0x7f0000000500), &(0x7f0000000540)=[{0x0, '\x00', 0x0, 0xffffffffffffffff, 0x1, [{{{0x9, 0x4, 0x8, 'eql\x00', 'ipddp0\x00', 'teql0\x00', 'ip6gretap0\x00', @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x11}, [0xff, 0x0, 0x0, 0x0, 0x0, 0xff], @empty, [0x0, 0xff, 0x0, 0xff, 0xff, 0xff], 0x70, 0x70, 0xa0}}, @common=@STANDARD={'\x00', 0x8, {0xffffffffffffffff}}}]}, {0x0, '\x00', 0x1, 0xfffffffffffffffc}, {0x0, '\x00', 0x1, 0xffffffffffffffff}]}, 0x1a8) get_robust_list(r0, &(0x7f0000000240)=&(0x7f0000000200)={&(0x7f0000000040), 0x0, &(0x7f00000001c0)={&(0x7f0000000180)}}, &(0x7f0000000300)=0x18) r2 = socket$inet(0x2, 0x2000000080002, 0x0) preadv(r2, &(0x7f0000000480)=[{&(0x7f0000000340)=""/169, 0xa9}, {&(0x7f0000000400)=""/82, 0x52}], 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000280)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x200000c0, 0x200000f0, 0x20000120], 0x0, &(0x7f0000000080), &(0x7f00000000c0)=[{0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108) [ 1051.785717] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1051.796873] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1051.802162] CPU: 1 PID: 24907 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1051.809514] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1051.818858] Call Trace: [ 1051.821435] dump_stack+0x194/0x24d [ 1051.825046] ? arch_local_irq_restore+0x53/0x53 [ 1051.829871] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1051.835046] dump_header+0x28c/0xe2b [ 1051.838742] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1051.843911] ? arch_local_irq_restore+0x53/0x53 [ 1051.848557] ? __lock_acquire+0x664/0x3e00 [ 1051.852770] ? print_irqtrace_events+0x270/0x270 [ 1051.857514] ? trace_hardirqs_off+0x10/0x10 [ 1051.861810] ? __lock_acquire+0x664/0x3e00 [ 1051.866025] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1051.871195] ? __lock_acquire+0x664/0x3e00 [ 1051.875403] ? task_will_free_mem+0x252/0xaa0 [ 1051.879896] ? print_irqtrace_events+0x270/0x270 [ 1051.884633] ? ___ratelimit+0x30d/0x630 [ 1051.888584] ? lock_downgrade+0x980/0x980 [ 1051.892714] ? lock_release+0xa40/0xa40 [ 1051.896670] ? mark_held_locks+0xaf/0x100 [ 1051.900793] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1051.905871] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1051.910864] ? trace_hardirqs_on+0xd/0x10 [ 1051.914988] ? ___ratelimit+0x95/0x630 [ 1051.918853] ? idr_get_free+0xfd0/0xfd0 [ 1051.922803] ? find_held_lock+0x35/0x1d0 [ 1051.926850] oom_kill_process+0x8b9/0x1640 [ 1051.931062] ? lock_downgrade+0x980/0x980 [ 1051.935188] ? __lock_is_held+0xb6/0x140 [ 1051.939227] ? oom_evaluate_task+0x480/0x480 [ 1051.943620] ? rcu_read_unlock+0x35/0x70 [ 1051.947653] ? mem_cgroup_iter+0x363/0xbd0 [ 1051.951863] ? lock_downgrade+0x980/0x980 [ 1051.955994] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1051.960732] ? mark_held_locks+0xaf/0x100 [ 1051.964857] ? _raw_spin_unlock_irq+0x27/0x70 [ 1051.969328] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1051.974337] ? trace_hardirqs_on+0xd/0x10 [ 1051.978458] ? _raw_spin_unlock_irq+0x27/0x70 [ 1051.982926] ? css_task_iter_end+0x280/0x430 [ 1051.987309] ? _raw_spin_unlock_irq+0x27/0x70 [ 1051.991779] ? cgroup_procs_next+0x70/0x70 [ 1051.995987] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1052.000982] ? trace_hardirqs_on+0xd/0x10 [ 1052.005103] ? _raw_spin_unlock_irq+0x27/0x70 [ 1052.009578] ? oom_badness+0x980/0x980 [ 1052.014285] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1052.019028] ? mem_cgroup_iter_break+0x30/0x30 [ 1052.023601] ? finish_wait+0x268/0x490 [ 1052.027468] ? lock_downgrade+0x980/0x980 [ 1052.031597] out_of_memory+0x86d/0x1220 [ 1052.035557] ? oom_killer_disable+0x310/0x310 [ 1052.040033] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1052.045115] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1052.050128] ? trace_hardirqs_on+0xd/0x10 [ 1052.054262] mem_cgroup_out_of_memory+0x159/0x200 [ 1052.059081] ? swap_max_write+0x110/0x110 [ 1052.063201] ? do_raw_spin_trylock+0x190/0x190 [ 1052.067768] ? _raw_spin_unlock+0x22/0x30 [ 1052.071896] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1052.076889] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1052.082316] ? find_held_lock+0x35/0x1d0 [ 1052.086356] ? memcg_event_wake+0x420/0x420 [ 1052.090654] ? __do_page_fault+0x5f7/0xc90 [ 1052.094862] ? lock_downgrade+0x980/0x980 [ 1052.098991] pagefault_out_of_memory+0xbd/0x152 [ 1052.103636] ? out_of_memory+0x1220/0x1220 [ 1052.107845] ? handle_mm_fault+0x465/0xb10 [ 1052.112058] ? __handle_mm_fault+0x38c0/0x38c0 [ 1052.116614] ? vmacache_find+0x5f/0x280 [ 1052.120562] ? vmacache_update+0xfe/0x130 [ 1052.124689] mm_fault_error+0xd6/0x2c0 [ 1052.128556] __do_page_fault+0xb4d/0xc90 [ 1052.132603] ? mm_fault_error+0x2c0/0x2c0 [ 1052.136729] ? kernel_write+0x120/0x120 [ 1052.140680] ? do_syscall_64+0xb7/0x940 [ 1052.144632] do_page_fault+0xee/0x730 [ 1052.148409] ? __do_page_fault+0xc90/0xc90 [ 1052.152620] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1052.158134] ? syscall_return_slowpath+0x550/0x550 [ 1052.163042] ? syscall_return_slowpath+0x2ac/0x550 [ 1052.167953] ? retint_user+0x18/0x18 [ 1052.171652] ? page_fault+0x2f/0x50 [ 1052.175257] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1052.180084] ? page_fault+0x2f/0x50 [ 1052.183689] page_fault+0x45/0x50 [ 1052.187116] RIP: 0033:0x409b83 [ 1052.190278] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1052.195614] RAX: 0000001b9bc20000 RBX: 000000000000127d RCX: 000000000040e950 [ 1052.202856] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1052.210100] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1052.217346] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1052.224591] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1052.231934] Task in /syz1 killed as a result of limit of /syz1 [ 1052.237958] memory: usage 0kB, limit 0kB, failcnt 4108 [ 1052.243268] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1052.250061] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1052.256233] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1052.275712] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 2018/03/26 13:05:44 executing program 5: r0 = socket$inet6_sctp(0xa, 0x8000000005, 0x84) bind$inet6(r0, &(0x7f0000fa8fe4)={0xa, 0x4e23}, 0x1c) connect$inet6(r0, &(0x7f0000966fe4)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000c9effc)=0x10000, 0x4) r1 = dup(r0) write$eventfd(r1, &(0x7f0000605ff8), 0xffbe) write$eventfd(r1, &(0x7f0000000040), 0xfdc8) write$eventfd(r1, &(0x7f0000000140), 0x8) [ 1052.284446] [24907] 0 24907 11408 2089 65536 0 0 syz-executor1 [ 1052.293341] Memory cgroup out of memory: Kill process 24907 (syz-executor1) score 2105000 or sacrifice child [ 1052.303359] Killed process 24907 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:44 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) getsockname(r0, &(0x7f0000000000)=@pppol2tp={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @rand_addr}}}, &(0x7f0000000080)=0x80) r2 = getpgid(0x0) sched_setscheduler(r2, 0x7, &(0x7f0000000100)=0x5) r3 = fcntl$dupfd(r1, 0x0, r0) write$selinux_context(r3, &(0x7f00000000c0)='system_u:object_r:xen_device_t:s0\x00', 0x22) 2018/03/26 13:05:44 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw(ecb-twofish-3way)\x00'}, 0xffffffffffffff50) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7295df0df8217ad4000000000000000e6", 0x20) r1 = openat$audio(0xffffffffffffff9c, &(0x7f00000012c0)='/dev/audio\x00', 0x410080, 0x0) ioctl$VT_RESIZEX(r1, 0x560a, &(0x7f0000001300)={0x3ff, 0x8, 0x7, 0x0, 0x1, 0x1000}) r2 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000002c00)=[{0x0, 0x0, &(0x7f0000001480), 0x0, &(0x7f0000001500)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0) r3 = open(&(0x7f0000000040)='./file0\x00', 0x2200, 0x0) ioctl$EVIOCGBITSND(r3, 0x80404532, &(0x7f0000000100)=""/225) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r3, 0x84, 0x10, &(0x7f0000001200)=@assoc_value={0x0, 0x7}, &(0x7f0000001240)=0x8) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000001280)={r4, 0x1d5d}, 0x8) recvmsg(r2, &(0x7f0000000000)={&(0x7f0000f7ffa8)=@alg, 0x80, &(0x7f00000c2fd0)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1, &(0x7f0000fb3fa9)=""/87, 0x57}, 0x0) 2018/03/26 13:05:44 executing program 5: perf_event_open(&(0x7f0000220000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00001b3000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000080)=0x8000000) 2018/03/26 13:05:44 executing program 1: r0 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x0, 0x0) r1 = socket$can_bcm(0x1d, 0x2, 0x2) ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f0000000100)) ioctl$LOOP_GET_STATUS64(r0, 0x4c05, &(0x7f0000000000)) 2018/03/26 13:05:44 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = dup(r0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000004000)=0x1000, 0x4) ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000003ff0)={&(0x7f0000011000/0x3000)=nil, 0x400000}) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) perf_event_open(&(0x7f0000b5a000)={0x4000000002, 0x78, 0x1e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$inet(0x2, 0x3, 0x3) setsockopt$inet_opts(r2, 0x0, 0x4, &(0x7f00006cdffb)="89", 0x1) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000040)={0x2, 0x401, &(0x7f00000000c0)=""/231, &(0x7f0000000000)=""/18, &(0x7f00000001c0)=""/248, 0x1000}) 2018/03/26 13:05:44 executing program 0: r0 = socket$kcm(0x29, 0x5, 0x0) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x40000000008, 0x12, r0, 0xfffffffffffffffe) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x119, 0x1, &(0x7f000095effc), 0x4) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x200, 0x0) getsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f0000000040)=0x70, &(0x7f0000000080)=0x4) 2018/03/26 13:05:44 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x7fffffff, 0x189100) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r1, 0x4008af23, &(0x7f00000000c0)={0x3, 0x772a}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) socketpair(0x0, 0x800, 0x80000001, &(0x7f0000000000)={0xffffffffffffffff}) ioctl$TIOCMBIS(r2, 0x5416, &(0x7f0000000040)=0x2046) 2018/03/26 13:05:44 executing program 2: r0 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x3f, 0x80000) setns(r0, 0x4000000) listen(r0, 0x5) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r1, r1, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) [ 1052.498892] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1052.509969] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1052.515386] CPU: 0 PID: 24934 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1052.522752] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1052.532103] Call Trace: [ 1052.534693] dump_stack+0x194/0x24d [ 1052.538329] ? arch_local_irq_restore+0x53/0x53 [ 1052.543000] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1052.548211] dump_header+0x28c/0xe2b [ 1052.551942] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1052.557135] ? arch_local_irq_restore+0x53/0x53 [ 1052.561790] ? perf_trace_lock_acquire+0xe3/0x980 [ 1052.566606] ? __lock_acquire+0x664/0x3e00 [ 1052.570918] ? print_irqtrace_events+0x270/0x270 [ 1052.575656] ? perf_trace_lock+0x900/0x900 [ 1052.579880] ? perf_trace_lock_acquire+0xe3/0x980 [ 1052.584700] ? trace_hardirqs_off+0x10/0x10 [ 1052.588998] ? perf_trace_lock_acquire+0xe3/0x980 [ 1052.593821] ? perf_trace_lock_acquire+0xe3/0x980 [ 1052.598646] ? perf_trace_lock+0x900/0x900 [ 1052.602855] ? __lock_acquire+0x664/0x3e00 [ 1052.607067] ? task_will_free_mem+0x252/0xaa0 [ 1052.611548] ? print_irqtrace_events+0x270/0x270 [ 1052.616290] ? ___ratelimit+0x30d/0x630 [ 1052.620241] ? lock_downgrade+0x980/0x980 [ 1052.624371] ? lock_release+0xa40/0xa40 [ 1052.628327] ? mark_held_locks+0xaf/0x100 [ 1052.632452] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1052.637534] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1052.642528] ? trace_hardirqs_on+0xd/0x10 [ 1052.646664] ? ___ratelimit+0x95/0x630 [ 1052.650531] ? idr_get_free+0xfd0/0xfd0 [ 1052.654480] ? find_held_lock+0x35/0x1d0 [ 1052.658541] oom_kill_process+0x8b9/0x1640 [ 1052.662755] ? lock_downgrade+0x980/0x980 [ 1052.666887] ? __lock_is_held+0xb6/0x140 [ 1052.670931] ? oom_evaluate_task+0x480/0x480 [ 1052.675330] ? rcu_read_unlock+0x35/0x70 [ 1052.679371] ? mem_cgroup_iter+0x363/0xbd0 [ 1052.683582] ? lock_downgrade+0x980/0x980 [ 1052.687716] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1052.692453] ? mark_held_locks+0xaf/0x100 [ 1052.696578] ? _raw_spin_unlock_irq+0x27/0x70 [ 1052.701054] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1052.706046] ? trace_hardirqs_on+0xd/0x10 [ 1052.710168] ? _raw_spin_unlock_irq+0x27/0x70 [ 1052.714649] ? css_task_iter_end+0x280/0x430 [ 1052.719036] ? _raw_spin_unlock_irq+0x27/0x70 [ 1052.723509] ? cgroup_procs_next+0x70/0x70 [ 1052.727721] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1052.732715] ? trace_hardirqs_on+0xd/0x10 [ 1052.736843] ? _raw_spin_unlock_irq+0x27/0x70 [ 1052.741318] ? oom_badness+0x980/0x980 [ 1052.745181] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1052.749916] ? mem_cgroup_iter_break+0x30/0x30 [ 1052.754491] ? finish_wait+0x268/0x490 [ 1052.758358] ? lock_downgrade+0x980/0x980 [ 1052.762488] out_of_memory+0x86d/0x1220 [ 1052.766454] ? oom_killer_disable+0x310/0x310 [ 1052.770924] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1052.776008] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1052.781008] ? trace_hardirqs_on+0xd/0x10 [ 1052.785152] mem_cgroup_out_of_memory+0x159/0x200 [ 1052.790065] ? swap_max_write+0x110/0x110 [ 1052.794187] ? do_raw_spin_trylock+0x190/0x190 [ 1052.798779] ? _raw_spin_unlock+0x22/0x30 [ 1052.802909] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1052.807903] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1052.813330] ? find_held_lock+0x35/0x1d0 [ 1052.817380] ? memcg_event_wake+0x420/0x420 [ 1052.821679] ? __do_page_fault+0x5f7/0xc90 [ 1052.825890] ? lock_downgrade+0x980/0x980 [ 1052.830027] pagefault_out_of_memory+0xbd/0x152 [ 1052.834673] ? out_of_memory+0x1220/0x1220 [ 1052.838882] ? handle_mm_fault+0x465/0xb10 [ 1052.843099] ? __handle_mm_fault+0x38c0/0x38c0 [ 1052.847654] ? vmacache_find+0x5f/0x280 [ 1052.851605] ? vmacache_update+0xfe/0x130 [ 1052.855740] mm_fault_error+0xd6/0x2c0 [ 1052.859612] __do_page_fault+0xb4d/0xc90 [ 1052.863662] ? mm_fault_error+0x2c0/0x2c0 [ 1052.867788] ? kernel_write+0x120/0x120 [ 1052.871745] ? do_syscall_64+0xb7/0x940 [ 1052.875700] do_page_fault+0xee/0x730 [ 1052.880001] ? __do_page_fault+0xc90/0xc90 [ 1052.884227] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1052.889745] ? syscall_return_slowpath+0x550/0x550 [ 1052.894651] ? syscall_return_slowpath+0x2ac/0x550 [ 1052.899561] ? retint_user+0x18/0x18 [ 1052.903251] ? page_fault+0x2f/0x50 [ 1052.906855] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1052.911680] ? page_fault+0x2f/0x50 [ 1052.915286] page_fault+0x45/0x50 [ 1052.918713] RIP: 0033:0x409b83 [ 1052.921881] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1052.927220] RAX: 0000001b9bc20000 RBX: 000000000000127e RCX: 000000000040e950 [ 1052.934465] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1052.941710] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1052.948955] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1052.956198] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1052.964042] Task in /syz1 killed as a result of limit of /syz1 [ 1052.970109] memory: usage 0kB, limit 0kB, failcnt 4116 [ 1052.975449] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1052.982239] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 2018/03/26 13:05:45 executing program 0: r0 = fcntl$getown(0xffffffffffffff9c, 0x9) capset(&(0x7f00002d0ff8)={0x19980130, r0}, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfff}) r1 = socket$netlink(0x10, 0x3, 0x0) writev(r1, &(0x7f00005e5ff0)=[{&(0x7f0000a5f000)="29000000200019fff63d0014000000060200001615f50005000000040d0010000000000200f9000008", 0x29}], 0x1) 2018/03/26 13:05:45 executing program 6: r0 = socket(0x10, 0x2, 0x0) getsockopt$llc_int(r0, 0x10c, 0x6, &(0x7f0000000000), &(0x7f0000000040)=0x4) sendmsg$nl_route(r0, &(0x7f0000504000)={&(0x7f0000ba2ff4)={0x10}, 0xc, &(0x7f0000434ff0)={&(0x7f0000b77fc8)=@newlink={0x28, 0x10, 0x9, 0xffffffffffffffff, 0xffffffffffffffff, {}, [@IFLA_GROUP={0x8, 0x1b, 0x4}]}, 0x28}, 0x1}, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x5, 0x8242) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000100)={{0x7, 0x7}, {0x4, 0x1193}, 0x100000000, 0x4, 0x80}) ioctl$SNDRV_TIMER_IOCTL_TREAD(r1, 0x40045402, &(0x7f00000000c0)=0x100000001) 2018/03/26 13:05:45 executing program 3: mknod(&(0x7f0000000ffa)='./bus\x00', 0x1000, 0x0) r0 = open(&(0x7f000054a000)='./bus\x00', 0x200000, 0x0) r1 = epoll_create(0x2) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00003d6ff4)) open(&(0x7f0000000040)='./bus\x00', 0x80000000000081, 0x0) 2018/03/26 13:05:45 executing program 1: syz_emit_ethernet(0x4a, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff86dd60d8652b00140600fe7e00060000000000000000000000aafe8000000000000000000000000000aa00000000", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090788d27"], &(0x7f0000000000)) 2018/03/26 13:05:45 executing program 5: r0 = syz_open_dev$sndtimer(&(0x7f0000000200)='/dev/snd/timer\x00', 0x0, 0x4) r1 = syz_open_dev$binder(&(0x7f0000e5b000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r1, 0x0) r2 = request_key(&(0x7f0000000480)='asymmetric\x00', &(0x7f0000000140)={0x73, 0x79, 0x7a, 0x0}, &(0x7f0000000180)='id1\x00', 0xfffffffffffffffe) keyctl$get_security(0x11, r2, &(0x7f0000000540)=""/5, 0xfffffffffffffeca) ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0xc0f85403, &(0x7f0000000040)={{}, 0x0, 0x0, 'id1\x00', 'timer1\x00'}) timer_create(0x7, &(0x7f00000003c0)={0x0, 0x8, 0x0, @thr={&(0x7f0000000240)="ddfca91d13f8cb8654afca906233eb754112edb279862a750280c1e146c2b0dac2271ab44710fde21ff746add3113e57555af3253792bd4aadf04b3b0d8e0b5d8b81297b6b29a132", &(0x7f00000002c0)="c45db5d2d1ac0c8087b3da5b1c264450af98b7f048406444c46fd9ed558d2884d41e636e3d10ecc8dcf1b4cef1ed7d6c3b2afcebfdf7e31aa343f4f438b858e1e05f443dd8eee2e4c1bee0adaaa4d101b728adcca454193ab6c246e9ecd5d77efc476d3f93b3c4fe79949c7c549f211c5e5c01865cfae924fb935fa787b207c25bdde7154fde5fcc770810f30caf25850318b67633217e50e78f5d2d7a370c57575c17c90c2f893a9ad937201dd69e60691f0f879155a1a9078668300123fdca0b25dc0b083d2ec426beeb93e1ef8ff646545a6a150087bb8974ecf5e706"}}, &(0x7f0000000400)=0x0) mq_open(&(0x7f0000000000)='/dev/binder#\x00', 0x800, 0x10, &(0x7f00000004c0)={0x80000001, 0x20, 0x1, 0x0, 0x8, 0x2, 0x9, 0x3}) timer_getoverrun(r3) r4 = fcntl$dupfd(r1, 0x406, r1) setsockopt$bt_BT_FLUSHABLE(r4, 0x112, 0x8, &(0x7f0000000440)=0x1, 0x4) [ 1052.988440] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1053.007937] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1053.016760] [24934] 0 24934 11408 2089 65536 0 0 syz-executor1 [ 1053.025666] Memory cgroup out of memory: Kill process 24934 (syz-executor1) score 2105000 or sacrifice child [ 1053.035728] Killed process 24934 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:45 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) [ 1053.098921] binder_alloc: binder_alloc_mmap_handler: 24951 20000000-20002000 already mapped failed -16 [ 1053.119211] netlink: 'syz-executor0': attribute type 16 has an invalid length. [ 1053.139828] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1053.150862] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1053.156044] CPU: 0 PID: 24954 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1053.163393] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1053.172740] Call Trace: [ 1053.175322] dump_stack+0x194/0x24d [ 1053.179594] ? arch_local_irq_restore+0x53/0x53 [ 1053.184260] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1053.189455] dump_header+0x28c/0xe2b [ 1053.193169] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1053.198357] ? arch_local_irq_restore+0x53/0x53 [ 1053.203028] ? __lock_acquire+0x664/0x3e00 [ 1053.207257] ? print_irqtrace_events+0x270/0x270 [ 1053.212000] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1053.217098] ? trace_hardirqs_off+0x10/0x10 [ 1053.221391] ? __lock_acquire+0x664/0x3e00 [ 1053.225600] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1053.230770] ? __lock_acquire+0x664/0x3e00 [ 1053.234978] ? task_will_free_mem+0x252/0xaa0 [ 1053.239454] ? print_irqtrace_events+0x270/0x270 [ 1053.244191] ? ___ratelimit+0x30d/0x630 [ 1053.248143] ? lock_downgrade+0x980/0x980 [ 1053.252272] ? lock_release+0xa40/0xa40 [ 1053.256226] ? mark_held_locks+0xaf/0x100 [ 1053.260349] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1053.265429] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1053.270419] ? trace_hardirqs_on+0xd/0x10 [ 1053.274543] ? ___ratelimit+0x95/0x630 [ 1053.278405] ? idr_get_free+0xfd0/0xfd0 [ 1053.282357] ? find_held_lock+0x35/0x1d0 [ 1053.286405] oom_kill_process+0x8b9/0x1640 [ 1053.290642] ? lock_downgrade+0x980/0x980 [ 1053.294769] ? __lock_is_held+0xb6/0x140 [ 1053.298811] ? oom_evaluate_task+0x480/0x480 [ 1053.303207] ? rcu_read_unlock+0x35/0x70 [ 1053.307243] ? mem_cgroup_iter+0x363/0xbd0 [ 1053.311454] ? lock_downgrade+0x980/0x980 [ 1053.315585] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1053.320319] ? mark_held_locks+0xaf/0x100 [ 1053.324443] ? _raw_spin_unlock_irq+0x27/0x70 [ 1053.328914] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1053.333907] ? trace_hardirqs_on+0xd/0x10 [ 1053.338032] ? _raw_spin_unlock_irq+0x27/0x70 [ 1053.342502] ? css_task_iter_end+0x280/0x430 [ 1053.346893] ? _raw_spin_unlock_irq+0x27/0x70 [ 1053.351363] ? cgroup_procs_next+0x70/0x70 [ 1053.355573] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1053.360561] ? trace_hardirqs_on+0xd/0x10 [ 1053.364685] ? _raw_spin_unlock_irq+0x27/0x70 [ 1053.369155] ? oom_badness+0x980/0x980 [ 1053.373021] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1053.377754] ? mem_cgroup_iter_break+0x30/0x30 [ 1053.382320] ? finish_wait+0x268/0x490 [ 1053.386268] ? lock_downgrade+0x980/0x980 [ 1053.390394] out_of_memory+0x86d/0x1220 [ 1053.394352] ? oom_killer_disable+0x310/0x310 [ 1053.398822] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1053.403901] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1053.408890] ? trace_hardirqs_on+0xd/0x10 [ 1053.413029] mem_cgroup_out_of_memory+0x159/0x200 [ 1053.417848] ? swap_max_write+0x110/0x110 [ 1053.421970] ? do_raw_spin_trylock+0x190/0x190 [ 1053.426533] ? _raw_spin_unlock+0x22/0x30 [ 1053.430666] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1053.435659] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1053.441086] ? find_held_lock+0x35/0x1d0 [ 1053.445123] ? memcg_event_wake+0x420/0x420 [ 1053.449420] ? __do_page_fault+0x5f7/0xc90 [ 1053.453629] ? lock_downgrade+0x980/0x980 [ 1053.457753] pagefault_out_of_memory+0xbd/0x152 [ 1053.462394] ? out_of_memory+0x1220/0x1220 [ 1053.466600] ? handle_mm_fault+0x465/0xb10 [ 1053.470811] ? __handle_mm_fault+0x38c0/0x38c0 [ 1053.475371] ? vmacache_find+0x5f/0x280 [ 1053.479321] ? vmacache_update+0xfe/0x130 [ 1053.483444] mm_fault_error+0xd6/0x2c0 [ 1053.487311] __do_page_fault+0xb4d/0xc90 [ 1053.491352] ? mm_fault_error+0x2c0/0x2c0 [ 1053.495474] ? kernel_write+0x120/0x120 [ 1053.499425] ? do_syscall_64+0xb7/0x940 [ 1053.503375] do_page_fault+0xee/0x730 [ 1053.507149] ? __do_page_fault+0xc90/0xc90 [ 1053.511356] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1053.516092] ? syscall_return_slowpath+0x550/0x550 [ 1053.520996] ? syscall_return_slowpath+0x2ac/0x550 [ 1053.525904] ? prepare_exit_to_usermode+0x350/0x350 [ 1053.530894] ? retint_user+0x18/0x18 [ 1053.534583] ? page_fault+0x2f/0x50 [ 1053.538183] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1053.543003] ? page_fault+0x2f/0x50 [ 1053.546608] page_fault+0x45/0x50 [ 1053.550034] RIP: 0033:0x409b83 [ 1053.553213] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1053.558551] RAX: 0000001b9bc20000 RBX: 000000000000127f RCX: 000000000040e950 [ 1053.565795] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1053.573036] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1053.580277] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1053.587519] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1053.594914] Task in /syz1 killed as a result of limit of /syz1 [ 1053.600944] memory: usage 0kB, limit 0kB, failcnt 4124 [ 1053.606264] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1053.613047] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1053.619230] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1053.638674] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 2018/03/26 13:05:45 executing program 4: r0 = socket(0x11, 0x100000802, 0x0) r1 = perf_event_open(&(0x7f0000000100)={0x5, 0x70, 0x3f, 0x9, 0x6, 0x7, 0x0, 0x36f2ac87, 0x1000, 0x1, 0x2, 0x6, 0x3f, 0x4, 0x10001, 0x6, 0x8001, 0x3, 0x10001, 0x5, 0x41, 0x7, 0x0, 0xfffffffffffffffa, 0x2f, 0x8, 0xfffffffffffff000, 0x6, 0x5, 0x1, 0x69, 0x80, 0x0, 0x3, 0xff, 0x8, 0x100000001, 0x2, 0x0, 0x4, 0x3, @perf_config_ext={0x4, 0x58}, 0x10000, 0x9, 0x9d4, 0x7, 0x6, 0x2, 0x4}, 0xffffffffffffffff, 0x2, 0xffffffffffffff9c, 0x1) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, r1, 0x0) r2 = syz_open_dev$tun(&(0x7f0000000240)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'ifb0\x00', 0x1001}) ioctl$TUNSETLINK(r2, 0x400454cd, 0x200000000000337) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'ifb0\x00', 0xa201}) getgid() clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8)) r3 = getpid() sched_setaffinity(r3, 0x2, &(0x7f00000001c0)=0x101) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0xfffbfffffffffffd) socket(0x11, 0x802, 0x7) r4 = shmget$private(0x0, 0x1000, 0x0, &(0x7f000000b000/0x1000)=nil) setsockopt(r0, 0x1f, 0x101, &(0x7f0000000080)="7de34ab43bf044f7121fec096df24ff7ed", 0x11) ioctl$sock_kcm_SIOCKCMUNATTACH(r0, 0x89e1, &(0x7f00000008c0)={r0}) shmat(r4, &(0x7f0000244000/0x3000)=nil, 0x6000) mlockall(0x0) r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000900)='/dev/vcs\x00', 0x8000, 0x0) ioctl$DMA_BUF_IOCTL_SYNC(r5, 0x40086200, &(0x7f0000000940)=0x2) recvmsg(r0, &(0x7f0000000880)={&(0x7f0000000280)=@generic, 0x80, &(0x7f0000000800)=[{&(0x7f0000000180)=""/10, 0xa}, {&(0x7f0000000200)=""/16, 0x10}, {&(0x7f0000000300)=""/215, 0xd7}, {&(0x7f0000000400)=""/215, 0xd7}, {&(0x7f0000000500)=""/134, 0x86}, {&(0x7f00000005c0)=""/197, 0xc5}, {&(0x7f00000006c0)=""/167, 0xa7}, {&(0x7f0000000780)=""/116, 0x74}], 0x8, 0x0, 0x0, 0x5}, 0xfaf15b00366fe78f) 2018/03/26 13:05:45 executing program 3: perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0x22, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = eventfd2(0x0, 0x0) r3 = eventfd2(0x0, 0x0) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000227000)={r2}) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffff9c, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x54, &(0x7f0000000040)=[@in6={0xa, 0x4e20, 0x6, @local={0xfe, 0x80, [], 0xaa}, 0x7fff}, @in6={0xa, 0x4e23, 0x6, @empty, 0x7f}, @in6={0xa, 0x4e20, 0x80000001, @loopback={0x0, 0x1}, 0xfffffffffffff990}]}, &(0x7f0000000140)=0x10) r5 = dup(r3) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f0000000280)={r4, 0x6, 0x10001}, &(0x7f00000002c0)=0x8) r6 = openat$rtc(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/rtc\x00', 0x1, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000000200)={r4, 0x2, 0x3}, &(0x7f0000000240)=0x8) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000180)={0x3, 0x0, 0xd, 0x2, 0x55, 0x10000, 0x800, 0x1, r4}, 0x20) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000a03fe0)={r2, 0x0, 0x100010100000002, r2}) 2018/03/26 13:05:45 executing program 6: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x1e, 0x5, 0x0) sendmsg(r0, &(0x7f0000316000)={&(0x7f0000373000)=@generic={0x10000000001e, "010000000000e30000000001af268c573c5bf86c483724d41e14dd6a739eff090000000000000000d79f00000000000000076c3f010039d8f986ff03000000000000e550d5fe32c419d67bcbc7e3ad316a1983000000fc341c1fc75624281e27800ece70b076cf979ac40000bd767e2e7821dfd300981a1565b3b16d7436"}, 0x80, &(0x7f000033c000), 0x0, &(0x7f00002d4000)}, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x80000, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffff9c, 0xc0206434, &(0x7f0000000080)={0x6, 0x0, 0x10003, 0x101}) ioctl$DRM_IOCTL_AGP_ALLOC(r1, 0xc0206434, &(0x7f00000000c0)={0x401, r2, 0x2, 0x8}) 2018/03/26 13:05:45 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/llc\x00') ioctl$DRM_IOCTL_ADD_CTX(0xffffffffffffffff, 0xc0086420, &(0x7f0000000040)={0x0}) ioctl$DRM_IOCTL_LOCK(r1, 0x4008642a, &(0x7f0000000080)={r2, 0x16}) 2018/03/26 13:05:45 executing program 4: pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f00000011c0)={0x0, 0x101}, &(0x7f0000001200)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f00000012c0)={0x0, 0x74, &(0x7f0000001240)=[@in={0x2, 0x4e21}, @in6={0xa, 0x4e22, 0x80000000, @loopback={0x0, 0x1}, 0x8}, @in6={0xa, 0x4e21, 0x7f, @remote={0xfe, 0x80, [], 0xbb}, 0x9}, @in6={0xa, 0x4e22, 0x879d, @mcast2={0xff, 0x2, [], 0x1}, 0x6}, @in={0x2, 0x4e24, @local={0xac, 0x14, 0x14, 0xaa}}]}, &(0x7f0000001300)=0x10) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000001340)={0x0, 0xc6, "332ac1d7b3b039386fb50cfdcfb59d52917f1a8659e6046ed9f255a8a1d4c53cd05051ec74060dea8fe3ae835bc2a5308b9693db52017ca4cec8f33c73211264ee420b06fe37ec88b86b7040f13817eb3cd020999ee49940b9f291860ec9315dd6bdb7a535ab33104f7b415afad8ca2b10c9ab5ef134dd6d3d502746ac73ffc4d7175322528f9c1f1aa3169467f275d5e6b1b8320431d7dd29ba764917c8ff24007d813f3dcc5e45b5a9c69403e1e37087aa9932e79ff3def222f38acdb76cf6f62fbaa06485"}, &(0x7f0000001440)=0xce) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffff9c, 0x84, 0x1, &(0x7f0000001480)={0x0, 0x9, 0x3, 0x100000001, 0x400, 0x2}, &(0x7f00000014c0)=0x14) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(0xffffffffffffff9c, 0x84, 0x77, &(0x7f0000001500)={0x0, 0x10000, 0x2, [0x4, 0x1000]}, &(0x7f0000001540)=0xc) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000001580)={0x0, @in={{0x2, 0x4e20, @broadcast=0xffffffff}}}, &(0x7f0000001640)=0x84) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000003ac0)={0x0, 0xed, "aa31a6a810b941c3047c589fa9cbd372626b4097dabd85d7f516010bd4a088c12b63e46b09a26d9a5f726e583ea27845f61dd743ec423acc440a07056ad5ed9118995d82b390bdcc6564b81d2f3a072bb474cc02174001a35756bbe7969dfca660eb1234c291bc12c9f67d45f8f6d9b635e06e1a3fbfddd93f99d2b27368d7912478973f817f3821ceb192e2655e1ad8180cf47e3c08544f798289b932c66018d8510bf10ee0ccab17c572062c0e45a68143306c08c528ec3fd904cd30e2f714df5aa41f3bec8e3a65829b4e0ba5857ea2887252f8416bb1b6b83d45e94ff766689f55d90ec1eb4109356bf50f"}, &(0x7f0000003bc0)=0xf5) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000003c00)={0x0, 0x98, "56d1d838321221a1ba0511b8d449b6b56ae99bd0b7d7a07c74a981c0c1ee2925ed0abd638b2900bdefb5db23314bb06ff4cb57894e491cc33c7972bda929b1104596fd8b1c76ad3bc4dded578a62fcfa546cc73fb64bd63e267023b5d35694c55d9ecacf8c47c9ff844bfa486528e5167554ef60c6ae2a77e6f4e48c306d695c5cd40008c56aac27b272dd6e5cc1f2b737dda23569a6dfff"}, &(0x7f0000003cc0)=0xa0) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000003d00)={0x0, @in={{0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}}, 0xffffffffffffffff, 0x20, 0xfffffffffffffffd, 0xd3ed, 0xae2f}, &(0x7f0000003dc0)=0x98) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000003e00)={0x0, 0x40, 0x8, 0x9}, &(0x7f0000003e40)=0x10) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffff9c, 0x84, 0xa, &(0x7f00000054c0)={0x101, 0x3, 0x0, 0x3, 0x1, 0x14582fe9, 0x8b, 0x2, 0x0}, &(0x7f0000005500)=0x20) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffff9c, 0x84, 0x1f, &(0x7f0000005540)={0x0, @in={{0x2, 0x4e20, @loopback=0x7f000001}}, 0x8, 0x10e}, &(0x7f0000005600)=0x90) getsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000005640)={0x0, 0x7, 0x7, 0x6}, &(0x7f0000005680)=0x10) getsockopt$inet_sctp_SCTP_GET_ASSOC_STATS(0xffffffffffffff9c, 0x84, 0x70, &(0x7f00000056c0)={0x0, @in={{0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}}, [0x7fffffff, 0x40, 0x1ff, 0x3ff, 0xfff, 0x3, 0x8, 0x71, 0x100000001, 0x52d6, 0x55ac, 0x100000001, 0x0, 0x1, 0x8]}, &(0x7f00000057c0)=0x100) getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffff9c, 0x84, 0x1a, &(0x7f0000005800)={0x0, 0x77, "ccadeec2389fec5a487919dade19b442eb9f1b37731666f15ce8b41ac62f071e9585f66719d32394437378ebb5639e3da42fc56d0f54c39b88944b67c62a3426371030666c90ebc8a9dbab7ab81b63b03d688dfdb86e5b8ffd022b2ac771d1f4ec9b94e2e0a2f83572b6f00f72a4c6c741c1d4aeea7997"}, &(0x7f0000005880)=0x7f) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000058c0)={0x0, 0x6, 0x4}, &(0x7f0000005900)=0x8) getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(0xffffffffffffff9c, 0x84, 0x76, &(0x7f0000005940)={0x0, 0x977}, &(0x7f0000005980)=0x8) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f00000059c0)={0x0, 0x5}, &(0x7f0000005a00)=0x8) sendmmsg$inet_sctp(r0, &(0x7f0000005c40)=[{&(0x7f0000000040)=@in6={0xa, 0x4e20, 0xfffffffffffffff8, @mcast1={0xff, 0x1, [], 0x1}, 0xfffffffffffffff8}, 0x1c, &(0x7f0000001180)=[{&(0x7f0000000080)="472d2bbf13dd98d4db887886586637824c86e07995fdfd470597bfd8f94ab1b3a62004a9b7788868dd25872f1950468b49857eaa07dfd137b0ba7443b124dcbf39206a732f3df98109218909e1a5664b98df8d66ebf786cff39737624a2e7e105b39ea1465a063c68c40578907576f4d438b624df470078889bad4a4e255a54308688af4d8883e7cc83809c09c207cddfc03a788420234c77ede500da73bc4fae07fea2d34ae705aa4e0f06e07088495ab004934fa836e3d222cfbfcbe2e7b4b185ae408dae6e40b1b21e010b7564984b5c74b86fc184b3932c21c45e0eaad530806a835638f95815dff1916c9468a258b8f4aef4fddfd09afee630a1364f995e0f3719440f989f808e42de561d528c119d88462ea6217d5a97b9d032cde309208c0e393ce5a91461868a9bcb2c5410b05b864c44c8e1916b5b204fd5472d100d7fca8a46a002fc8cb0315c4e9c24dde1c39ff9657e9b2e074d47243710f5c85445762496c8017aa55067c8dc88bd1186658ed450151c50bc1fd7ac61ab74f79b654c639c0ccaf8dc04e597c9d57d98abd389fb5ce6d88f2138221c28ee7e06112dd8163287de3f401700fd088380a4b44ba77a4536873ba435d7505e0e0d018afe15d0799ef21e474de7ea275ef48d7adb9a53dc2c9140fe09b2ed0ca14e8769f746efc929380e680da30ba9b5f83ca5c3df9d5644524feb5912913a8256f66fa4ef219e23e84a6769b3d8baeeb89f326662b6d6bdc99541444c36e2dd3deb51847d196ae5d33b4bd3d21b850e318c04d41f1c331ab23695a982295b25cb7aa3c0eb3c15db45a7f80cc2d1f062d3bee355f74cc91e98e3a0f6c5ac9a561dd950c47f81373efbd8d68ec5bcba9a892a90b24d0f84669c81c4114de76d8793f78386a02a4be8abaa331492c9416604398ff35fecd1991035f4734920ba1791612ab28accef3c7ee91149d8c0368f5337840a0446d5baf4dd68b39d35aff064866852fcfdc44b62ffffa9be67d5c502e13a3112e5277a078aa9e498260f81a33513f37ae7dc60146dd47ea5bcaf046f1e47a46fcb0ffc65affc4d0e7d8f66059634a466b2d84d49fc9dea600311b2dba1b674382ec9d517ca7d27197fcb92936a14e0a6f065450e8b476f4547ac57658947d64cdceaefa966676da8302a2fd3720c7f6775453c62c806974afebdc3c81423a86fd039f5bbe0a6de3d7408300c31be2a6f4b5c61be1971f3d51bb9ece22f76e91a9e3768bc5660906f087aada3a9b69efb79e53d8b0e185ebd1913c1a8545319d2f4f33d8a06f5536468106e8611b94a8d969ce485ace635df97bceee58334caabe03b7a5a7636686e0fd13c47b77d0a3eab0ee7259a2dc08c69ce6d01fafbf7274d12e0ac2f0fd75620034accae4686a4bef1e262e38f9f8c520b7d2a5f18adfec7cea4ef4596069adeab2d0a804c2fcaa252ee2ba5b70d4a16f1001ac9e1ec1ebbe96f78fe32654abe111eb456afcc44b1cdcbe36f08550130ceb0201e35af34831cf685fc94fa4c41f8eadedf708eb605f612fe11740a7941f6225c8935ec0cbdb9a77c4e212938758104ba37c902ca0e041230134a5ab6e852c0df4ea810e1460915f70f5dbe2ac7f8f7d843b3f3f285840a93f83a42abe406bc29a88dd5bb2e94a76410b7aa78183edf3c4c253e45f8c038e58203c82554caf41d7967b09746b525d836a3bbd269eddab83657a45be32f375331050c15289a6a56e879ca09b301ab68f9bb7bb7e9f1625495719c117335be9adf4392a0979617745c91a673764812286766c8b04669acee5511936addf43d9e008f7ed6c16dfe549e8a5066a05d47bb94695432ea076596731cdee9e2f74c5f68a7f0cd108313fffe87b2a17c2bc5469d53908b10c271f54401a09700e321646a7b4ab6fb5658092683e059c6026bb2ea5e8287f8b7fbc8912d9c9ee4fb03a41a38813c4a285cb660ac012183d32bdcad3a53ca728af62ae43f4f11469b07a14e6ea305d71f6e712019f0c0dd653d70fb65d272d603ea2e3617f54b006b076f7ab7f2a935dbf6f36fe4850e8fee8c298c50413c3d94d735cba3d6fbe3a8634f4a2a78c79c56dffa3f2f7242834bdb8db3c164149fc64e040d776543fee08cb981486884cbbb99b6a7af448114b0bfc59022a7fab0f61c293da71f3d005addcf0e9d36507d255f30131fcd83a6585eb3d468fd7ea7fda5a5d198c8fb659782e1d964f5ce01571950826a442bfcd3937b6f4ffe10c05b5fc246753c61a36e9eb8c62cdfe2868decc10de2007855b5c266fa610619521850d855465e82bca43e1179e7a8998908c2b5aa7d4c48884463f1d67f734f4d68ecb3562cf0b2ef5fc68ad5024b949932bb04509373c22e4d21043638baf4fec1ee4df1aed006c6e0634ee505ef2468f86063542214b304a7e7458093e0782a4a863ebc72be9312921e9f63e717399efe6415ddec852d0509af62ad085530c0842f13ae2311f7d69ddfd3c8067d482b4bffe691e32293d89644ad612bc070b3aae7e5dbd5f53d514d9631d958480cc5b5139590ee4e65f236230462ca7f904e47ed9587b77ba0a2ddab8fb8e08e161902549e1f9ba27c0d10f07c9d451cefbf63abbed22e8bb751bb6e72bef1e085a6d7dfbc53ece8a2b9b586f61f9eed265c337c31e2915cde7c9343d2f67937d777507cef62a5bd0ee0045fc27ace2a92a0eeaf45d279573f4fd4a3dc99d74c93d26168db4b18de6cdeb49653de758d5c670b27ff16012a74b55fa18b7f70ffa64b56cb14d1d208960922a34dad778de7dc64b0f190f0c0f9ae084bf18e11d02a908700e6eabda432663e7ecbd9c7a199b4852948452cfddbb80caaedc1501e2c503f054f3daef3ef5d040edb499a79435c056a35fe972e22fedff5bf5563c5064cba9e57da60e4752bdd7722921a9485919cfaef3977da321e55757d3eeb820be71e321cb4fa0a0eec8e6b5f511cf51dec5716620584ef916c89ca71c505c9d89b592a535e26bf90781180fe9566fca18bc3010d537329f8fd8784959345ff5a4bbb638f51a024f326cb47284be3e7efc52d064e882b91229662e63927708c3be9ca4f31b016955402e340031c97e81cff2223af50777a71db7d7d6c80be5813ea43dc25e11689803a87c6abec859a51ceac3f205b2064b54a37342d35461106e0af2a6b6eed49594e11fa2270f1612d837d3a5703db7093922cb953de156c4acc7f9989dbb8ff2c18d910e1267c451cee4e7cf6fe0db5badfc042f3e128bee24bbc78ce68134a22dae625865345dbff40d2e95aca88f3f7173a7cdb09b954238405b2d8cbce94ef3bbdb82275842c52901631e04fc6e1d09cbc622365ce551069ec4db8453818b827b1373bad95868d83834f0629436400ee1e535a46ed63b2569f68a1fba1e91c2f209be75002e64d922940fb46cd40d7d0c25af008ca0a00f229bb25ea2aa79e3396ef837e44504b9f957911503bddf71f61560f050d2d9ef4ceee879c491a243752638d0b6dd4b4575685bec73df4f6238e5abd15246d01b23b9b91d6082f44b9aa09befb6fe8b1f59fe4fcd4c61c992df1fe9409bd95338eec58857fd2485f48288097c95b61c345f46ebf8b063da48bca64905216129063b9534ed906a3beed830df06b6f009b570cbe19bf391ce82b26d7a3a833707c8641b9c4186ecb6a2586064692bb4308b8ad5e07f5c99a5cebe69b897283b07c8195656f9f33b64ed49b97abcddf11b125d4224c4f635b17982d709caf629bd33811db19671dc88fee5530e574db63055f518e9219c5d3f771a49ddad2e21ecd6bd445f5e540cc2d563c21ac0cfde7f668188bc0aac9bc1427fe18b489482ceba4b9e8d7380fdc4608906ffb6601aea961f5dc420ac63217bbbbe806d2fab8206fbae5d76eec212bc16aa696a10d14323eb88a13cd772ab5b79fd3312f879bc28c34c195137a1a2f7c6df51b2be1da8465b29ba8fcfa5413ccb5951146217f5c07222a4fd61486783c42765115ec67e13c92d9be7f4dbbfdf621a043367c75f13a71682cf708825b0a255958a5095103f9c0a8cdaf88f25d96eed9d45bfef61f88522739c0f4f5b3360cc7b1f5b7909ecafe9c637d44fe960f278f78c48cc15d7dae929a5f999635fdbdb3d3d28b51eca6217c95a26b04dfba5b304aaec90ef70b022a4a60aea50fa529c7135eff34aee39dc485ccd72158e9c86f976a621e41d2b5d0c0f8c381e3c56f29b65a0fc5a06ee3b0122a9c10ca645bfaa6d8c9c40548ca97c7e3e3e2614847a33809b9385a49a0a63ca4afb3f1fe2c6aaf50ab1e065bf9de643e75056e4ca72341758fd33b68055621d0f1612990d26d0a185980cf53543a37e2072e8b663042907f2ad5d6b28ce0e18ddb1aa9f6870f8b7582fe1a1cd834bfb69e9265980fe0aba32f3e7b912f7e3ce31391a04d08c953163a4cdff0424618afe7d84a861786a33fcdb24c03e701b23ffea9718d9a9d19c8185804481e4d756a2103ec191d17fae7d518186a2bb851c37c81c15cd5615c0752f7e82e6ff584f47dc53a65c091c305e1d1b794691a2013fafb90f630a349a70f6bb634490d53c98325f5f481642d668c13441604f2203453db1a11460bd918f5d30dc24a0d272fe31bff2fa5416f824bdf1356c76ca19db7db5415d612761a1876942e9fa69b8d60dd1a3e1fc877ad48a1762ed7ba893dfa893d5c656bac99926b77f540dc8e31bd4769c9f0ddd30bc702e2b53f96450e241eda474e37159b374b3591a8544fddbef6dc14ad1db09899b52cd296ec0226e1544a056b3100234ee1baa052b481b70d431e1e4213f544e0beb2928bfb3302f40b95002b28dcc4bf29c97e2e36e7c6b676d5c3f3ebb3063ff994a721ccbcb3161f0a0dc9605e675dd65299c248bf5a45d78bf6a62e16655856f1a8c72d950df6db5c294f94fdc20bf15a09cb92db1509be31adbde2a90147ae26b4d0ac8aa8c829352d83fa38ba37e980e2b89f51b9ca89c8d7c519ee547ad2892f3edfbf8234c2d64a5fffe0389142da257111cd5042c7808decf971654ec75a31e3257372aec9c6e2adb732e9cb8a743bff98a34ccfee5eac861bb5bc5f32da5ba563072a4287abc5b4a7b69cdfcc4bbd5cf77a28e0955721ea8640cec38194e647d508ff91b0e4f87f4c7e5ba6a00126b10b2a772c4fa0f128bcb69ff67a59cff68495731836d3e08b5c3c4ec5a00206dcc3ed3a218f71c542bba7f7aa85dc466f1fc4b2e1606d6cc38f6136045a166cebd1834b458bb709ee75037da5d96772080f3bd2ebf62494bff93440b2384733eeefdd8ce6315173afe2c4bb8457f5411b8dc2d9ce7b3bcc3ad7bab1594bf644f24606abaca44252357ee21dc25043bcab0a52ce3b9bd69e492121314c52f0e924b3d42d577f2896dc22f5d20a58d7433fa135b85be3bdc121269080d104fba33f46ff06a8a4ce4856cb1dbefd0fa0792e2fdd0727da0f94a85f34ab9f5d051468dc92ea4641a74117243a026be313131a0e95220444ab3d445090594567b0249cd36269ccbbef04c0f6f9c6fd2ccee8d13a49250069ac065cd546590b7e6faaac84b642ba71f0d4be5e67f341b865419d11c211590bc6cffc5846ef42e01774aaaeed73a9bd751a8a7417faeb313cad58edf874af9f91224afea8526f5079ca3689b64915fa1476a8b53e150f64cad33f11f2c1987b418cac8cb773d54dd6238803548940a44f2fa7ededfabafdf32811aef92ccab6b20bb293e64fe424ea16056a64a8a5c7928ccc5f9689883e0bc806c9c1caf", 0x1000}, {&(0x7f0000001080)="8683bc9f501c36452a2d61ac63f668d817bb3da27e83f07b9dc5fb9efb72fddc242428f8555a88df269088fd9a780e0b1d4be86a3bf7e188c33f", 0x3a}, {&(0x7f00000010c0)="ed7ad1c8c0730f75ccb4546189434d76ee7e994c29836b5b5ef10af99935a10560133939e8cbc03d0b5517158ce81848709135f1632121291a59bd5ca150da3af08ca6647a58c64fb37bf9d65c239074ab2a6b02da1463d271a60d7c65f49a3ae8f249eb5f45708dfce9afc57edb8835524b44080b9df018eaedcb920704edc0cce7ff9ea9fc", 0x86}], 0x3, &(0x7f0000001680)=[@sndrcv={0x30, 0x84, 0x1, {0x36a6, 0x20, 0x2, 0x3, 0x800, 0x5, 0x232, 0x147, r2}}, @init={0x18, 0x84, 0x0, {0xffffffffa423bd46, 0x3f, 0x6, 0x5651ae6c}}, @sndinfo={0x20, 0x84, 0x2, {0x8, 0x4, 0x2, 0x8, r3}}, @sndinfo={0x20, 0x84, 0x2, {0x1030, 0x3, 0x3, 0x400, r4}}, @sndinfo={0x20, 0x84, 0x2, {0x20, 0xf, 0x9, 0x321d, r5}}, @init={0x18, 0x84, 0x0, {0x8c, 0xf885, 0x4, 0x5}}, @sndrcv={0x30, 0x84, 0x1, {0x9d, 0xffffffff00000000, 0x8001, 0x5, 0x1, 0x0, 0x2, 0x3, r6}}, @sndinfo={0x20, 0x84, 0x2, {0xffff, 0x8204, 0xef46, 0x80, r7}}], 0x180, 0x24000000}, {&(0x7f0000001800)=@in={0x2, 0x4e23, @loopback=0x7f000001}, 0x10, &(0x7f0000003a40)=[{&(0x7f0000001840)="6f3656a3ba213be0ea89d238ded137217714528b2be29186a4bfad52b1fbff8eeecc151af88a14798efb798927580f4e008477054a8921976685967e3aaeb6a0b08f8765bb8fc7005532224d5479664ce6e54cd29841e9fed91fd3518ab4b4fbcb67116cf0", 0x65}, {&(0x7f00000018c0)}, {&(0x7f0000001900)="f2f8da5d946ab9c4fe6ea91ca39bdb8fb7e4ec9d36ee4aeafaa876352eacee8294da9db1348db16b5493ddddeb85323bfbe51dd776a1a53020e99586ad4e6d01185409d7a7391bd7a4943134662bfcaf720702bc5ab7ba32c1ffdeae892206e70543370f8e0948728ef87c52e315c92a867b7e5317dda0869c83ffa5b2bee313ed23163e51411eda31b0ddf2eb3a0be9e6c00969f42aa59504aa79e9aabc583281ecd373f868dc3590d0f4875361f4d27b10e1010f2e0edf2fb987365ff2e102e51aa72a7b270f58992b064ed5f851c9b64126fd261ce76553a7ca95e7a93b3a7d19fe71b0849c5269c28c96936df0bbcc7b3916549d67ca6825899ff7869fa8a0b4d7326e243ba6659af90be4eb450c257cc592c98a60e97e9fd32eeed338b9fbaf3ed67cc018788aff153eb971943c548a905a27e4be1deab65cd72c66a9858b5ea9b7c4c5855a38a39ab2ed3bd4cf6a3320de0e158e8ed306c26dd3096e782ccd79c378a01ff2be9610cb488e1ab3a866581c52147522613ab3c69c09a5cc3734e27cc92df4abc67b16d826186fc2aa17a0485d1b021d1cf0f732cf7c43ac24810af9f0fb2acdc002fa6380dcb49e9adbdd8929eadc4e58fcae9b778b92c7affb6281d14579a56acf5f5b8b8f3180bd62c6b9bdbfc5e5e48a9a9d8cf6ebd65fff23ecb479158ae00665fe35adbae71cb8fa7b1115f3d2a80c7cadd173577a8d04590a4d75157b1cf3506c307d2b5e55f265d232fd1308bb7f92841f5e7a4186afa41ea1178be56183ea5c4f853abd5079eaec8d1d70a8ffefbba506bac7c65ea2de0ac174cba46abc4e9ec12b40c959dde95d6bbf90ec6ca494a705d76cc6c84490b448c8d98dfd7c236608ae99265d186bafb2c38b199a35cb3e783710ae8d46178da9037fcab63f189f4cce45a0b1550c581d6f5e14955c01c327931a8717b4ef478178f2a7b24d245e5ecb2cb5b4263d65b0ab2eebcd9fb1838686c4b9e2d2eb6b93725d6b46d44f91b041b518432d4e7a5f72cb1628697412196ea21ea3d4a118fbdb9af696c27c85d798e0d29769681717590f1a3559ef10ba8ee03bd4ef2bf2e4ed4b83a29c94d00ec646d38a6e0568395b554535a42aaf5e127f1178fd1ce1f94255ad33c2ce677c71283182acacca3b897ddf8d2c19d1068bc0b7d74eeb9a702970d96a8b854e12f775934198b832a7283e33c9f35c452560d3e07d300f5882a765f68765b079934be491438dd75a3ea8b1582cd0ab1139406794d59befe86fca3b1518b07385b00c7365381ea03f726820698013174506f654d1ff5b0cd01da2c996b8300eeffefb6384bb3792fd5d0f06c5ad75baf767cc4459832de9b606cf9dec81dd6bf912a0396c203aee3d800894bfa6fa9bec9b560ded4d25a918a8541e92913e429a2a89314d35441cfe33fdf9b6e68ef44c021b440453a26259124227d01c2fbd6fed6f2d7b17b27955ddc03ba38050380c5ca18ef5cfedf0d7adb300bf149400b53f8f933d733fb6daa0be273a38cd5f5a5d68478730a699604450135de5f32a4f7ec073dd70d1c9fcb064fb18e6e73857c26a7102989ba306a8bda45b271a608dc351bf28d2e303425596af207519e9cfd70e8c6a40e7ab7871ca8e13dc162dfa9774feb80ec0887c06e0733a04d355793f77d3d207172861b33d0c8a26cfb1d97046c0adaee9b87890ae8f353b4cd813c76bc22bc94cebdac6379d0342d0dbc3a600f3a172eedd9c7a91e938214d1ce330224fc7b338c89840ffd24affbe99e8bae0f7be43597ec7870668b3ee93026a2e44114801258c9d7725a5ab030bec52172fd0f92a91071304402df46fceb343f6b1290f4d021e0dc73a2c8278d0e2e94d11bad1231d67504a79c9292988a61a24e1ae37111557b1b53ab5befcb55337f23d3bdef099bdb1ba546a49b7d503e4dd5ffc48cc9bc4aeeafbe89eb57bb8471e093efc719e04dd61fe03d90051c9be9f43623826efc4fd84aa43e3e244816640ff3f0f17edb2e701efa91b3ff5e83386572bd506f95bf9a676badec58a226871b40b146bc04ad08af271d57e8215d73944273eddbe413b1ff5a4169bebc66b5fabfc05b8a0a62a83778fcad4ede215040d94c93d62d74c67b5a602e994d2ccefa48788e653773a006069535d16049fdf0eb2f719502a9b69519d21e4fd82006691c9cc7f9322e9ad7deb5221be02541f5c88532713480de3a22dafd1dac7c5e4301e494a3c3f9e155bfad27c14bd7d3f5aff07f6cd360fa4680b5a686c23d1a3552fe47b2e138aafaff19c4cf001565237428e8053f3d0f3e12487787444f0540adb13fa46f1a26f269f68efed8714e8acfe0dea6275b29062bd176e0006094e3281d677dcc965bcabe47cb0429edfce888770b5b14ef637154d8f0f694467f3f9349ba7d0f50b5da28fa1c6fee1e5d2e3b7a4b00ec6f28d2e4d98efde10d828f96dfa22e00096d1cf16192f84bb9d79eb153ded641818f4128a6ce101e8798903c6a289c6dfdd2ddaf0aad63e0e1144c2768f9f0eb52b770deb90220fef75e6a0bb60e0d2c8ba4af887d86ebc11496b28bc92196a6ee8214a812e23fc82a85412fefa4204b0c29eccdb4efcedbdf8e733f7d18212d47f9ee8a6f99115fd775e361943617494be160d1bf9ed6ad65116b59d300907cc8ab0545bf4a73843188522316c208866f71121d593552cb83ba17d1a28151853b8dd9ba81839d2d6d526a27d222b52b2bf2b5a8ce6a0151b2aebfc6a92ebce8e7fa07169e1310479911d096678097363084ba25f0464124e22c6ef4101376b7edf074540441c7e45ffee11e02942b4eb28f091084ee9b99daf1c8b3193eae6dd844115b2f95db1eafc9cb9fb2d2a9f4b1a079e2dca61c9346ed1b4d8cc9be4bf8554e7b8b635f8a680c550d7e250e9df401de9e3691237e629b90dde991f220de8afee0f22c3342870f4682e7532bf94f260b115561b061287b6e9db3b5d1a51177845cfc4e3cfbaad9c6fbbdd25f94cd5e0083b030f95b4dd86102e33938b10fe0fb32e00f6706b3ce3df821cc42cf179089ca77cb3aa8d62750d75588069964a9a3ed0a76d1df19c6bbfc7646554b76914d76d242df64f163026aa74ef6262572836b5f453c4e6be801ae0e5c1ff593d2e910eb6d1325acbc95f98e7cbfc4356e96f2ad779a903a22da1023c48280ded06a7ae3032a4932eaced1fca8bb8667c8aaea8764ff0c3ebe29d61a970b44c99302691633bfc90b9842429b0de78968330552d3d33a63028680650809d91f01c27e3887eb417de78637df487f016dc6d6e6b82d34722100f222707007a20b9dfb7c6083ea67fd2a15c0aa61bda4bd88904eb1df65703809b8a7d8c64013cf87ef168efa502f2e0fe7013ff5becda25c4e3cb985e12ff0a9b7d42710e065b455af7968c9dbc07b9d7649f719b87331512c48acaca793553e1747308b85d302b3516758dcd942b15d9d0629149763ad45651bad0ff3a2b6eae4d49690be9842078644330a35f2916fd731d4aeaec8d8a0a918986b5ef144bdfedfacbb97032f45478bf037f0331e4a42047ca18559be1eb89aebfe802097ab9d1290f4a1c3e7891d61795498b6a1baee84c304c77fe33ed0b9a07c267b48eadc2eb9c33234181e1268f5a924f82c8f717aa0888ec1b71f7626828a5fdfa16cc8a43a6373cdc3fcdfe76b96c8de5d22c9a54baf1e758a5fbf469bf66ef907b6e5a5737d1bb2566e02832b57fbf8c72525063492849c1c14c66aa1f249ea872a64f48f54f44cb1b42adc635ab95f929c4a85cdb91311443f54906b950d1e478ad409215a45b1c2575c4dae0e5d18bbd09cb50af65d2af47a47ae53a709c4ed9b1498b40b643c310b45e8dbde095ef08f4bf7b7dfc97fa82302c92442613ca66f9dcf53a0f16de0793a639063a5f7c76c0ed63534b22067c8e934866719cf5ce4f64e7ab306c0c05f5c2f7d3eddf521faadf7b9effad7f95a0c78c0be80e72299bc8c932f14cd13b627f1950d9f4c17f570c5bd2672f67986b515067d33b5225f6981ae650b0f909779f11985a4a9028c3b9a90d32efa259ca7ca7ed085c50d1b5c9fbfd2aa534f2d52285ccfa638049ff928408164951a99635566fe926f0b4da58a0e3e7ba3adee92fef29d43b7c21d52343d0e666213989ae2f9a7ccea5084cebb05d56b1eaf3fbbb51455fcfa386d4b8e6aeefef33a62961e2d037e95126478658b5b0a1ca2d380d6a8b3c627c4d49c549e72d916887f380f6ebd0dfa08a8636308a8358dd5479c7b82f002ecca2ca984e91c2422bf1cc1d70037f6fb25eeb33f61cb07b4e3b93042016fb9cb2ce9eb2f631226a406257af92f60d184d006df448878783cdf7fae4f72f6a12246f9db813b41f7fd6dbcdec05cf40ed3fa06d51d714429a24bb102a54cf6b0520f7453d63333bec91e593265ef99b63c44afaecc9f42a71683330e111f0797377feba01f9487529d921fe70294834aef12d0cea2fb72c57cb33cf268fe8be6beee7cc856029cf032b314051579426ce5249ac18c97b0cc2a5ee3700679c2762a0d2a2a0a6a245ae56e5e7647bb735f04a12e12befb769155513ce5c166190c45ba376abd080fe72631793e32c8f29e5d5239c92ba992cf9acab35bab5a281c9086432e312c1bb979bd29e7f800801e5a67ae25dadf3ecde68a1b5a6fe56d50b2dbc293ce25cee5fc2f2b5793e90b24a7563182af3ac74e67af5c0e46d728bfc2141bfe872451e8105fe248d281e4235781d4c92f322cafd86698106f23f2ebc64008ed1a423364917b24f5991c56c61d46f5c2ce9939f48f287a78af94cd8ed836f29768ac8a1a90708fbbcecfafeeb9c12c68334eb9446653ca017c1033cf52e483967bd97e793f036841f8d63241190e580e76cb1d9c90ca2d052eab2dfb6f715025526fc6aaf1c706adeee70f87833569c9e9ed14879a12c076d31751ab53a49a565330501babeec4924cbff87807836fc178fb73b38504c46820c00caa607aa46e062a0ff4d3236596555327027d15550e3416973a58b978eefc4dfd8a56b7a32c80b9de2208492029776363f2631754382f193feb98dfb001f047af32f97bf296111203edd6d6e76b7d03d522b87a878f072f69dfbd67ec5ddbd284d0fd743b69b24b565f5ee5287f20a72afe11a503484ee559e8484aab66f6f8c621e2f7222535e0cfee0aa49373980076426edf06472fd124b6ea101ecf3eb570c235a39cbd938536a6b223228a6e601f17c969c99117c00310b4f0061d8eff9694409d622e31aa79e6baea0c82f4b8515a400f102cc49506dd2e34c517ccf67e36f76ed5896e613fa229b9f9c31b565230ce24733d41c5f5dccee8e12d80c8a6b766844bb5c415fba666a919d9e1732cf1defb3c3105b6e63a53c6937c1017c9411f973f6f7858618c98b72fb0aa7f9d022b84ca6227f75b2373353ee18f907fa9ac9a8201403f00561d021de2cae2d60c9523451e3fa3d1aeb88a3292b5951065b90b98b8bb22e8e39ce74fe45e6be0df489b9a0648e1094cd97a4f88548df7ddd9e448c17e0ddb561773a23f40021d6d882489d15ffd2f278d66b2ea4ac0c038667add9d6b81c94516cc58e14122e8d8440a7ccbffc0250f0d5a4391be615bd567c246d3e34b24949be9e5af29e5c5a3eb466020c77b9f090f3562ac27c247299132a688d94eafa74dbde093e77ce527f823d718c817b5a605e3cb75d35f15b52541caff16b04f34d0272aea03c319cfb5be82b270e1b29c7093be38851f6e9c633f109e90cc61d", 0x1000}, {&(0x7f0000002900)="a7482531faf5c867951194c8ce00b9f593e02d7fc2", 0x15}, {&(0x7f0000002940)="6b5db1d928803070237d", 0xa}, {&(0x7f0000002980)="18818872d1c5c0b0cc3e2856ad17a4ea2d79d368739815b384fa8b4c21e1087e5eca79d8b0e19dcdf425d419d05d64c225be64796ebc82ac0170301960993c6fbb8706af52e1c67eaade96425c7759276ff4506e97aba9af353eaf5fe64c23fee2fe388a2ee09e4ccc55186acf32a34b3d5f3d65c7f642f07562f83f435c96448e96f7d8a6b1a95b93d337cdf3750ec97f007b8ab1d6b96118759a9ad92a8fabc9e04a6089789d65a0e0599b75c7d2f49583f1adb94e17a9dfeb", 0xba}, {&(0x7f0000002a40)="9287e39d5f266ef1eeee2e2bf19d0f424e644a9e99a676a5d17ecb45cfac86d768d26b2f0d669be9b836be523a799900cc6723178c156a6bb6bf2bf8a8c3f09c5891c59593a3ce91519f32ce39854d1eff3655844483f8f0b78d22010f87a493e74bb6bc1dfc97c21b37a97022e8a0c7b658a30afbf2db734ba6d823540dee608ccc670bbcf5e01cc515df0122b3a8646c4eb13677b522d05873f6c96eb04067643ba40855d0bda2a3e98fa4ed4f29380310777d50e859c844ba6c507a5a8ee7dfcd77890a4b53c71e685bd101092f8fe43ce2de240c73951c33c889384834ae07176a0eeb56d8fdd24eebb9330aed700607ce3bb8cd67b20e634f55823431c66104dce42323083254850d13ac30dcbb21cca3c9b31c7ceb155b2c63dd3ae6cde1a856e9faf4e42a0bd48a43ffbf3d7a2d9294e7547f00af1420c4523d35ed74dfd5a59ae6df95eca8274bad7303234fd90feffa87eef522ae01909ed22dd35090add692b5e07f53d8e2b4311c384faecfcbd307b306c3cbb42521b5374068b56ffe7ed504f0bb42085d3ba1f154c6e4f36cf9e7cd6c004c7a77ef07825224cce1e308cab7ff28f4961823c2079707ed7e0826d1822938313bb89d149e789c4b1a0c8ed547c9c009a9e28761764e745f4543909d476fc4c284a0155c413122902820ab9d662abbc576e2b17368cf8b9125613fd9023bc470a97cfd21f7e36ad4bd2906b03af0589593acaf1caa9b9f01f8045019446088d02997758275a46f2018b7113160aaf5239cbfb7bf361407da42ef71d6e9767e9501c535a2b89a5a16a4bd3e5ec89ee08a27b186643396d0633cb2ca3a1ed78c4e3bbfd12b995a80b6d6bcad4e20f5dfe410dc2c823be27021b4db4b70392b8651d2a42884dea310b7803bfbe06e4ef07b0173775c2fd041351c92160bea6e5c71023456e365e2f11f76b8018d8a9cfe52ebac46288ccf70240337684d4dafefdf81b91a3249ac2aef3935c443ce19ec5468e529bffc3e4052a4bd1689c8233c0cb08205db6e65ae002bac4f4d93288b8ad763a23710ea968fdfda56225389fb13386dac1f24a836efcdca6995aac0de68593820ea71211b6de434a6569993b89d4ffffc297739827ecf6f8e5b659828a7398468768ca534545cfa96353ed33f11576449f0086bc30ff1adfe5c2cc27351e3ed7e69aca60a601e73f9f62b2f51eeed76070998655c32681896ed5e270ae1d448d37d5b7616a2837a85616b9de1f53f3c4009bc22b051c90bc446641d5692265ce728441b1d3e4915224f606efd049cc6c5b4911d45210bc22dfcea805b05984de2cae78931ca2e65b3887b80beac537c4a18565f2001d1d9ca1d2ecd03c7c236ea376a985afaba0c3c774991e4a179899b610065f4af5122921b798366456aeb24f6303549a26c25941db993740501c66a258935b77873e7a40e227c7d912c5b2fb3b62b96b5f8f39bebbee2f11a21f64cbf630d6c3579730aee205a9d627fd6617278eb98c7c2600dd5ca2a5aac484ee1aaa8af355d740898fd60f999b6f408d8b1c094fde97031860198f1331dcde10e754d177bc78a242433e684c5e49a9c92b1a437665436b832db4ee6f7337849cb4922cb962e5994abe50b60c07eb4f7fc761ec4fcf3413be1aebce3b357575cffa0c29e32c2fb8774ebed41f824b6232af94b628182d3d6fc4cd477cf96c56a797b2467400786dcb4d47e5a64cf897fff86fbc681d4dc1d4a0349b51ed56beabac9db7a4fdb35b5edabc5390de614f1e6ca32419b1142672e7d89d6f4687ac0cf89d82154bf5b6db21fb9b7e660b147eff7f4fa59baafdb35f2bd115bff4b478e795fe11acfebbd366905ab3759ff4ab649fda36011f390fcd3115d674de584b1cfd727ebc37411aea0fe55b43210ea86f1943f3e1437cb2bec875b0dd223a028fc5af684cab3dac631c177598c56eecc8097688460fc307bbdc69f2114e497c609eb27b636c4c4139873768d31b7e1c057ee571ff328f0c9eab94b7217e2fde805e2e1d3eea03f980d7130349744d6c5ac47cdfe5035f47d9f1b3f2fe69bbd2cc25ea894e99a6ac45a73de58a3df98e8d4f23a09c3810c3d1f716050a40cc989bba8ab184adfa164af21a04744315313fee4f8b899f058054e19c33eaaacdaa677e87763a7d3706418fde5db8db65d8ab6120aec83250ef62d9f786439ddfc60455614fb2a937af963bfc1d81e35367ef912badcd5dc273480fbea4cb0e39bacb6aff253b23385ab765777a3d239097be20521ca57e8092e6833725bb6f97a0f10264bb7b2fcdcd94d6805ed3a2e5354df27f1ac7cbe4ec58514b2927b83a3ad2f8e039efed3071f9c186402a1eb45093ff583ef7996d19adec2ce23d580998b690624b494fbc1ee2ae352026620bbafa899e0ca441f274031fea44e0278534c12c3c295887459286424e023ca822e6fd1fac5fccaa1cd4512416b11d1ecaae10ba0886963572df2498032de059c0940a77fa59f5986c1502193d4f79fa031f4d69d16bbb4216443f38f12e7f4cdd7d3f1d969f9367dd0bc388fcc7ba0f82fd9af1e5312735fd9e375880447eeb9dc835c0cd8e9d848de7d4319dd964409f0ff5a746295118bc9d3faba08d060a1c965def84a0395196203354c4cdf1e930993540459e025c59b28e81f19d30dfde971040a7f05678d32ce975ec4043881bcccb4c141c19739f4b8ca304b0b92c63aedabd3ee15928ed0db30f980b1e7259d15e166e047648b44719833760133c0068a1fa84539ec5f27ad7585f124260748b70a9f1dab7d1ee65801a85830a4f145d3e37b472392b9f017ee0345f5086149375af8b1fbc18fb565b989ce9cc9b2ad01d062c07b92542117ab95f249c102840f238953943f991fcec151c76b3c7566dd3ba39c66f0a99e045e32bef982b2f99a32996d5294a1412b2f16e86f5a38e004cbea2816947f9df954d5d8a853b742972c082423c97aad8e9ee36122c8981ceee3522dfb86699017ecbdf8b27d3a47414d565cf2d6057d7a001a27da967b1dbfa55ef0dc0634bcc8c7608453b0095e2fc81906aa99e187958d5837e2396e00b5de6e9d179dbf6e75b4b47cfcef2d72f09c9d26a04817394732a89d52ebf0a17f1a023038306dbaaca50b8f2cfaaecf16b16b60f735c83975167a732b52795b28defb4c9a69cce46b6db43ad3b4479e7461e71a45f79ad88c305205e6e04d6a882ddde72a92932a932887ada41c623d1608f417547753424bfbfd97596a7cb22da8035397b467da50cd65a0cae490c279a0fe3825db49d103293f55887cb121ca94f79638f462e6546c9b28b95c051aeba453538b6ec171e77a86b4de455df7ea17d1a77ea98acace2172da00c2f98cf28cfa0ee11cebad83a7ffa5ed80540e391bb74f936fa7c2b60acd96c7d2c554cdddf870633ce0173250cca7720d8d8cba3ba002dff3785fcaaf6bef7cec296e5a294004afa26792682fbc85dd9db99250e9e7a1bcbaaa1a6f947f87bbe5f483f58374e356fecb95a2ccbfdf9c2ae420d4213171c7856797d1d4db7eabac0f460fe920bce3d35e85ae9cb8c0cc99ee344a4850fcacd4c8750986b004ed0c7e634cef0d254cb6d705c3c79e89e06422ed5dbe4d2e03b49f01b8d1ec22bd60b333bcccc6aed1b69ac0dcf8259644bb2964a5f5e821cbdfcc61c0066f345deac5e87cc346f357c8a9c8a0de3b37f16c0907ea4d64cfe5e08fd91d7d6cd075e1ca6c1b736b65e717c8598c20e8de177629d6c7962861fe8bbbf00cb565f828a079ee40d28809e434b1d2f2cdf33df100b2c91fb7060f04e3d9da6c072974fb2a4f25b9c260c3cb5aa006fead108db714081852ad573c8a19327f7f26286f0318e5fae0a646d978c238251b8abc591e3603b429547450e98aba935d02511390a68913e8ed28dc0aa90cfd252a0bbdb81aacc4247e873759a342d3396318b4aff90bdfd1e76ff145c40e10a8b12302f0deadfd7e4e204655b97083aacf56cb838f34399ec91e4564ccee14173344187537bbdb12b71961179e9a062d9033f94a8c5a9dc68c0f2e1965b75891130b5515ab544e1659ab7185eaf23cf0278be05453a92010df64b9473823dbd51b14c53af193f7151ec6031a4ef11826f1c0b3c2a838a277c5cf4d3d485cbe194b0bee74d9c244833868c1fd471a063f8df5ac9af71a9d6e730a917dc655c154f3bb08ba5922393c8a6ade6d56246e277088114fb1a0fba44cbb385976c6b5267fcb16ef58261e1597f6d9491f84ef30e920842be38bd09222c5d78cc9a2ece429aac3201d33434f89f008cf8308d7ac901988a9e28807ee658337d9c036ab03f6e9f652698c5cc9b8882bacf0df7da42739dfe7e561a381f2327644204e12506aaef2f568af085ad03ae6cacc64bfe8f2b2f0c4847dcbc53274fd35762449a2e650009239c0a4e61689bc02e1dac1df4118f862930fa13d237ef7275cf0b6038fb06c44774107de5e0d686de73adbadc23dd226ee254fc4dccd98b9b50fcd114c87046feb0cde975fe79a2c09a91dc5888068d83ac23e07ca2bc08aa70fbae47bc5e719a3fe05ebd343ef720da0723ec1c331e984c53dada8f051f636afb18f104ea08779886891cdaeb9c31466d36a8c78f4b6694767f19ea1db0dfbf276bc23271285deadaa879832cabb66a40ef40e9ea6ee7042ec06af4dbb6270890684bc1dd19cb2fadab445a20e500c3fb6d12c66ed0e38636d020f9100ede515fb0761815716eb998bf7f6421b01feb3ac15a17d3e987f7b98f683ac458fd7c989e9f4b06a0b7149a24a4d6acda077495eadbb9bfff99e18918c5508ce8011f28373034308d610918df05d69d4b097e09a855a5a34fb79b0dfd0fda371355cfb510ff1dab30ae1c93707dd3de43753bb3c5e4545d290c989d26ba78e01ffe4623a30d1de95142d88d897b33bb1ab7de300e2705b193bc2c40ee5508c8b2895e9768d5387fe227c7bda5b74ab0aa0e74fd6a24fc31148c01bff2e601beb0220d3801f757aeccd78aecba05a609f2228013104b1d0c1099f7c1c1e9229b0911027f801b01658ff10aa7f76708dbb1287dfb0770dcd6d823dae9f276f7efb8417c166359d42564535567904f9e8da1f72d446e428e5ad3ba1bb2baebccdcfe5a3eb98d5bf659e5cccc3ca22e68b7cc898ae7619037c5a4d94783808cd84448ed7224d5596b2ed6886fae14a1480b5be5f8e96abace22bed38b3137f22d3aef4ffaa3005334c509caa820baf0ae46e3e991be444c1e29f3787ad8f6a7bda725a5b9c5e22ae45d80b516e6fe9f46390e3daa6427c48c9402823cfc6fc16aa620d9b33e78f93dca0917ccaa36cf3b9fa7262719638cb26adec47cc3fb6280c64bfafb560222a5333fc549fb35f15fb48f5ab3d98089fde53278fb7b695cc1bea4632e3e6acc999e96507a567ef61819bbd318266b9c5e1ffdcc44d572767c283f1c1386ec1c6ad55e60ba63f6dd5294210ebea2cf2ad91f9c08d9d4817a6d4f5d511e890690b3a6a8be84b43c3e186893589b2dfa67365530e9eb8c9796fa2eded529f333336d4190d476f2d7eaadcd450ce8df379bb84c026ccf3fdf1db156e9ad45a96f82c04f81787c4ab09c13ed5aca7abbfd28372e5cf1843788f5c4f7445072205d8f42cee10812af8dcd4497ae9a4b9491abdae3f7724e2fac4f1c3e3a1d55d1945c051a050bab0bf2366ea5af9ee36b841eac8d819425b9aa01064ee566eb48088127e308fb67fd41df40d43b87beb13a568fde4fd85260a5aed16fa2c58", 0x1000}], 0x7, &(0x7f0000003e80)=[@sndinfo={0x20, 0x84, 0x2, {0x8, 0x8000, 0x5, 0x3f, r8}}, @init={0x18, 0x84, 0x0, {0x8, 0x400, 0x2, 0x5}}, @sndinfo={0x20, 0x84, 0x2, {0x5, 0x4, 0x2, 0x7, r9}}, @sndinfo={0x20, 0x84, 0x2, {0x9, 0x200, 0x7, 0xae08, r10}}, @sndinfo={0x20, 0x84, 0x2, {0x3f, 0x0, 0x3, 0x2, r11}}], 0xf0}, {&(0x7f0000003f80)=@in={0x2, 0x4e22, @rand_addr=0x3c}, 0x10, &(0x7f0000005400)=[{&(0x7f0000003fc0)="c00f580096fd0fbd0ee65bdd74427157788ebd8884cbb65cc614f799afcf5b623a2870b901baf5f12c7d7d3d763901c95adb180860f75d0e87f949b5e26e8b6dd19bdd2ef2a29ab7e0e1940a822842afd268d6e3c1ec638ab542be173e526c2d4feb62e607f92330de08a3c14af0e98a", 0x70}, {&(0x7f0000004040)="64ffb57d926dc367b41634c517a88954348303217bdba19027dd2e844e29b166d0bf5994af71dd86410f09bbd5781217ad83454558c686e22ae12d259d612b72f8400d05b829e7807f3ce7dc4cf115fc83d671c45bfe677fc07787ef2a344574ffa844e5503b3bb2080e47ae7de5f8f291de2fc8d099d440e1e7878d5d05b7b6f21285e93f20b96330a511c9bbacb56cadb147bb46870c", 0x97}, {&(0x7f0000004100)="640b2c204e80c0cdd7fa6bd0a920c41a833b8b92e6bbdea2f014e667c71f20479f0d004627e5b89ae7180e5c33d2085d6ced", 0x32}, {&(0x7f0000004140)="9a1f2cb4503a7218fec88d0b01892c2441d8ba37ade5ca43172b896255cc7152679cdd26396febed217a6b1de2498a03dc221b43eb355015e76d587a616a73a1fad02f95f01c2b2acd31a1540ba097c112fdf61b74394ef7ba0211b3dcb0851814874f31a04ba05daff628808a7432a0ecee67060d49f370d0ad7bc7b6129a8ffabd", 0x82}, {&(0x7f0000004200)="000678b2e0dc5a5eed99a8ce0329f29eb94017a35b6932e44e496ba8992b4e98b3e99b83189f717c2a120d4c2cbbea135d9fb6cd338b939f55f2055371e21fabebd63094b74aa7d18a6849acf0cf73051f015414e57bd8675c1c3945860881826ff7c99ebc8a42cceefc5353a280852f101c8f", 0x73}, {&(0x7f0000004280)="1bcb425260c4ac5794799bfbb4e6cf7ef8c6626ee9548f9f4f690cd041e8704d46eb8f01b6e39de55031bbceabf58751fd8767d7973dc8cbf65966aa052547b4357105cdb1a5ec3d0492d445a62a424164ea95f09a6c3cfcd5e938f5e77939b2c67a56377a2c0592aeda240e16d406d89b961c3605f234eb7c5e33f28caf2a13f1b440bedde15ff0d8504d0d076d244ed8513c11a6fb25289222ff287d98e57547907193b2b15157585d75a1dabbf245ec900f12d297955afffc0d", 0xbb}, {&(0x7f0000004340)="990c619ee08085e5e7865f44686d58a3f87d5416b575cc7a8f667ee3da5fb9f18f5a7c38cae3b866b43ac1ed524a77e45d537b653c50ee4c466d8afb082ac6544804d96f9251149c", 0x48}, {&(0x7f00000043c0)="4b9511645fd9ed2853fcfcb3cae0bdca630e868b21e4f40689e2296b7437a501440bfd1b538b876f7c44784f9b2dd7311da51e08b6397b9f", 0x38}, {&(0x7f0000004400)="170aa2622a2383a998497b916ded66d47d1012cef8ccd2f69e7aed54025d154ac25683b41c065c298a3973670078023fd17be0649e6ddd4de5880ad859eb3261fdebe8a75759d0c8a297a3de7ad1a47f0f968a48e0bd810b1b3c825e1c5591a652b2a78548f5f55727121c53a76517169c9c122a74c34e4d74d1aff0d275f5569f6dbf97eaac1da9309c5992a648028a1e6bf4b886d474c64b76b74c13c92ad0dd6b87660a8a247e56db6531a36f36d696b87d6135b863b48b0b8a8e88b8bdae498b995af5e099d994bb1361d860a34bebbc6321e9a6f335a86f0416a721b3e79b52a6cf342eac82b972625279ab5130b4b3d3bde396d0b7111c1ca89f6deb55acd56cd5725e3a9f278e0080d83829eae30606f6b6cda409d9a9660a1028083216cf71d77a50614b92992ed4238156dbad3040d843bb55c5355a7b5bd84ebeeecfd332c30283be0f09b333ff60aae9b9c8d48225702250292e4d9dc9252f071684dd482f351ec114e061e2ada15eba7c3c434c13c244cbde901cfa958d5a2c916cd4163e2f0771297283e883f6aa118b73d673b2ccd5287bdd232908bdba3ab7cbdd48d61776acc413597d257162a17b0cef11838b321c477e7e58fd1718b7c7472a6b2eb28d10c1292de64581cda44ebd5c5d31ef4fe095e68604ad6e3aff84cb71a24ba749eb5ca30112fd93fb37685c68cd3536b31287e27363f1acf5e41c146d1987f8a5832302880179fc1bd228a59a21b343fd5942c9eee34984b2a7bc3cf7a3802e0262b56e38835332642505e6e0b02fa2de5ee7d6b37e22daad647f462167e5d988c753e088e503cb5592373e6b010af42029dd18bfedaf9f08c100c46b37ac49f4cce973a9de0ab78c03842797ab41fc0714608ecdb5e50bb7a87cd3bff869191e6d55180384fa0e9099fd0d4d39b5ac0d5557b27d5c416e290c0e775b7dca0c9c9ecb138102a3d96139494d552628939982c70195b89a7a0209f42eb3745979818a44599ad200632e2f53635a54e0f201db8593d91eb8bb772444bc7df448dd0df911313f19aaf671c41ef0c029281f1c0f36d35a4e25c6becb15d4e3cfd7c05b32686248a40661e3cc7bd491ce4f405c590e2f8c178932bac91cb33ef51693dcd6eefddd50bbaa28fd9379a0198d2722380b24734e2a74e64bc1588cb0e45e4f61185a3805f7ce2cdd19321adf4b7baa40d96ffd318570b7aa3e0caa4073682ebf516b1840c5e7c8f2a407cb61ee7aedfda593d9b4ef33c0bf1a54986f25915d52a7fabda2d967619356ac13973b256fe3a2b0945f5d48cc7f69d140103b396a1c5f0ae57dbcec58e2d5e3f980eeed5cc6cd18b04a28d3e078be2696855b4655ae6328e4425af9347f45387ac6369e44601a605330605a8fc09b277a9884e7642a4d087b5c1563cc02971a2f2fc01e0688d7355b48d665302890fb3896419ecce12290517fbf88683ad804e6665b0adca2b0e7bb45bb1f18aa14a540c081dc511d823c15d29956d70887781170e5667471bd74028bbff5a9adc8041becc1d6127fdb0c3670e126ac4fa72925c2e79870d6438bbd2ab2edb349f1864ca2d7f0fecd426271772ea043e050d92d5d8371c271893f4e61c4778f842f9caa4b90f0dca26cdd162de75358c6a5fb04c81103ef45295a78e07c86cce1d97714f971c4ecc2c42b95972ab2db03bdd5d24a055b6248341ff8941cc4ae58a6401aa6c9e2b9453976f7ba02b4d6659f55d2d781625bb53c30ddca4e11a2b1520530e4df540c9a781de54e3ef0f48dcde9612f45913dbbdccb64bdcb3e70db79f298fa3c5cbcd19b5837fe22379e7a76e522602ada2193e2b848ecfac2915d688c7940dfdc9420fb4ababba9ea4e6b0e6efa20b382b7d6b15c5ace8d117b1cc5056c5a4df25f86a3fd8dad8130bac79d892e430cdde54852365a5c379ff1c1248bf8fd8242cad9398b2fc38b95b92e1d83559ce233490dfcce7afaaae86a5f938fcf44f15f48b16e67900a0ced7522fecfb63872b228e7c6df2c40a2cd9e191e32ace9266064089f626070aea963e514f45660751b04c532c25d1a08e25d1a10681546b3331bb3b34d5fbd7ce4b7536071a20920b6e05fd8132be6edc274f1b938c4f769deb502affad2b731afa4f85e669c6c094f38af4a0c7c42960b705e5e0ef99c68b0ae9cc6c24821aa232045be737386e8982289ea4ba35fd202b05ca10c6b7da67f8984bcc7fba2e52f41d695e353afde243cae814f7a1a1639aaea9388067e0817ad05df2db96f325a131237f4352c78537a37bbfe456412b1594ac3d51f6fe2d8be08d8a4b619e49fd9cac60af253075fe47ac0f4d1ebe3a340cdd45e43d7783350cc4912a0145181f1f2d7a5ffb4ab66d1052571f24f00b59b3d2719bb770e843104f4fd500e664e1d464343f493819737a8935c8c125d62f2556c60962d5173e94728a3398cbb4bc2aef33dc699b776a4a4f302af24350b69e6ef0bbc32f9fd594c3def41123a468819ecbe00d6fb5824df5c28da4f3dfd907e70735f0e30f511fddae0a4a7f5710e2e333159fef7cbf8e3bbbe5764e5597cc685d91a3c69a2de5c00e106a514a8674fb273e4ede00135c6b59a9149b487e093dbc5c73303ebbfb5cc679db90b0bc678d3f4b84c1045d28ad043eb84ada2368d04cfef71883524158ff3fd689cb12bcf30e5364a4a036ba1c12190b1dc75fc42563f4ad2309b80dfc57bb07ad5310e4e3ccf7ef65a300a0229a4e02e25cc9db6f744ff4da60aec7403b31e7380ba7d39c6555dc755f4cd843a4f5a87ad581041d23b4177d54b707033c22017a7169110d8c1fd79619a81e615a29ee37425ab563dc382b8f90027130c840cbb11aa2e68b6a5432fe422e5202c692fe3e0d85fa64b99a726366060c341bc9889f9a1e2a573c6d3d42935bb43bf38fbac89538b1e9749770d32137eab311a7bd3499dacdc3827e23bf34901b7702bc8f468889a2187776a4dcb9603e5c08851c2f959803ffa7831d1823c9a0ac148aa34c47b692586cc9020fcbfe2994d186595a8cde7f4007856d709abbf0f613352cf6a4c0ecddc9b63ddc9d3872868bdc475e01d4c9225aaef29f76c4a022f4095c7b47f1ba2d6434d860e0735e92fe213138938dfd4ab2c7077a02141a77249183125d905410fe6c43f9f14fda628f1693f278722d74bc58f48d6b9c6316505ae03bbe7e4656e1c9975adb167cbf8b6b6f064661883fb3c772d1ecb064d85ffd40c70ade85581721d52b41626d91e7c779632fd1fa2ea402c29bd6d08f420cdcff5ebecf64e0609f42448137ce4e6f8c4b6f84c017f5c5de32f83d7b872ade03fb1dfb3839be8f55adc384d953ea6b13e023af1a287df874d66a6f075600d9ad78ec08ad7f0b2598662c7933975eb65f0a0a5d3aa9d56dfca88ecf4a29e57a47d4aee25946dce1bb4c079e808c0f068d96678d29bc040c08844deff993cc2fa0678fdc1b12858edddf314b7211669cdf9a0d37af8ee968f8f5ecce192062d1a66c0b5bfc6e4a49a9df9adc537d19a6fb1b4e251a9352745300f430bb6bfc7b8a245b524ca79179697bfe457998bac16808434ca362034ed13f3a6b8b4906fd9e5dbbd021c0fc7fa8a1e380b3f0901a37354c6eee6afabde397347819a6128780425ee433ff1de2cb701752ede3cb740e5770c7cfcce10038355bfc9f9928685db39dca3a23e42df16dc2fabebc4f6ba9b505b0e1b3a412b243efe1e6dc1a8d6951edb9a98ed2087ae83c607b3b61da623d130a32f4bb7852eb09782d6f8ade6127af331f141e6ceecfd9b6aa0d3b8d378c6e89a02cd95b056a8097a9f78ecb95c41ef12f42237ab0e54dae2e55ac414bc00d17e00aba089be5f2faec2e35f1401bd1c3ca07ebb27af8b1dae7adf1e93b00f8e9cb4c75cfb71a7a56dd49804ed3f1c00f11e85d18b22fae2ca331e7c8b2e826201b6ef2306bf8f2c2e59c8cb41dd3404506c0d63827321fbdba2e37382ec6e149cd7c83b37722a3f7ab2b25219d5992dcb30f5956f1ed9874428c35391b82bad111a8bb66d748ebb3b5f43416544a05ff0e26beba97930072794f2483d75409ff4269d7bba0c35a835f970c3cac60cfe43649dac5f7dd95425f88b3e1f6cc71bfa3d832e4cb06cf1cefbd384ec9b0ebd26f13554abaa76c31366bdf0729d0ac6f4b14e9ec9fd70d454dd4eb4f884587a6b36eac2ef8d8ff59eb9462a2abb97329199d3aa8511b4445043f3f49ca37d8aa96eb30527ec85f36824ad494fb4a790c6daf75e86b09b7fc04cd1849cdd9e34230a82e211bbea8fad2dc500dd54b7ee9bb25e465acf01fa7c07f61983042c4414290edd01f9d3464e45c395c5e2b0affc3e039cf2e040028de2d0fdda43a22edb807b62d93120f0764c4d2203cdb8ead601573bc67e61e53d04f07bf5d76d4f778b31214e2d59e554c60c59c1e9796b95111658fe9c1fe8bbb804cc2e193243bc04ed9805d84540e73efa14371f8dfae4f20f7ce5d2c45bef87200442455a0a5aec1cafe54d259acf0ab2146a63a88bbaf50238d7016940bca5ed43ccab79ae6833f32eb5a62c1cbf18d4084f48e06695a67815e72d8bad6360611cbf489632cb7fb95a5909d7bcf8066099186ed320baf4253833d78308c961d1935cc9a7d88207c0c54b834c061f9405a4fc62c63936f09f3339b9c4652f26197e5d1f43c9e2bee90a54afaae4dfd6cc0ad583d6aa45bfca989b6028820832a4d79782ffed507afa2b4c7efdef7d6d0063aee9d13fe2a2dc77d481d68dc50e503b611fcea9095cd3e25dc0612c195c807baa78396f0667af37e0de59873e1d924d37f6edc9d7a27599cc2098fb8a9f2b86b99d2dcf1a843f250b3017c0f39a9114e9d04d592ada887f9abf590983b2dab2bc6ef26c24e6a38a23730960fa134c17580bc2996d25e0acb2080890d5afee2ab90d4b6ed406aead3bea4e611530dc9fce5b4623ca3352d793c082b1a5ee9f8188876491704ead060ac6faa6b7cb8b4d35272bf911ef49d1e2aa9a966f8752443166909c8ad1a68ac3bc57a0e46d48fd2955dd317021b28ec0c8af631f7550433af452d463b6696f1b09f3fa27d2cb68ad530e7f18f8c5f184215391a6b67bf48c3e13c6c747d980dbe7fdbe3b4ef29c414c1ef5496584ed32be1183ba8a0f2e8f180e695b68a22db25fbbdd330f750480d6bc4d991444b031b425a8cd02b35730e8a5e908db3f67790d2326dd5a9d05ca5bcb094f96e719562b208d0c41bc94e2a1ba245a82154efefca5970d732ecf8a29bd69f75607f1b77c595d27066d0d01d17658aa847edf48d1f1c448d97b1d43ec500872c29fb486802a36a0104413be5b562b16daaf38aa581b7238c6f2e2c6e291bf7d8cfd93543061cab16ae0f6b0ddb2e5ee142821d34cea573c5ccb1ef0ab15f8cf7dff5b30efd817b9b876974609bb73d7e93799bc4c7613c48091108cd0271d531c10c278f3c5ec01876ce3d68073c9743e31f8c807291df27849d8be341795cd880d240328ee1d5241f3efff078655e5e899bea7f72440a9d4086c4ed3e2f1284572f7dc5c439bb4ff1a4b885680020d63ade0105a362eda71d94ada30d6f56402068be577fca094debd4bee9c9aaeab2c0ebb9a2db9e59c5c7c1eb4b04bc4802d64730f5f28bef38eefd847c398c3d1a68ee8d01104977aba54a503ee9a4efb1f1d4bffe1cc7b63736034ba71bb6b8db2e8abe49d401dd031252ee40bb581059f5949f704629f241279af50b94eb6a5201621075d905bdefd82380173761f0bcfc0da", 0x1000}], 0x9, &(0x7f0000005a40)=[@sndrcv={0x30, 0x84, 0x1, {0x1, 0x2, 0x8, 0xffffffffffff1e11, 0x27, 0xfffffffffffffffd, 0x34, 0x8, r12}}, @sndrcv={0x30, 0x84, 0x1, {0x4, 0x0, 0x20e, 0x101, 0x1200000000, 0xfffffffffffff3bd, 0xff, 0x929, r13}}, @init={0x18, 0x84, 0x0, {0x10000, 0x4, 0x80000001, 0x2f4}}, @sndinfo={0x20, 0x84, 0x2, {0x2, 0x2, 0x101, 0x100000000, r14}}, @sndinfo={0x20, 0x84, 0x2, {0x1, 0x200, 0x16, 0x10001, r15}}, @init={0x18, 0x84, 0x0, {0xfffffffffffff7ef, 0x0, 0x9, 0xfffffffffffffffd}}, @sndrcv={0x30, 0x84, 0x1, {0x8, 0x0, 0x0, 0xc6f, 0x4, 0x7, 0x6, 0x1, r16}}, @sndrcv={0x30, 0x84, 0x1, {0x2, 0x9, 0x2, 0x1, 0x9, 0x0, 0x6, 0x2, r17}}, @sndrcv={0x30, 0x84, 0x1, {0x10000, 0x14, 0x8, 0x3f, 0x2, 0x4, 0xfffffffffffffff7, 0x3f, r18}}, @sndinfo={0x20, 0x84, 0x2, {0x1, 0x8005, 0xbf, 0x3ff, r19}}], 0x1e0, 0x4000000}], 0x3, 0x40010) r20 = dup2(r1, r1) bind$inet(r20, &(0x7f0000005d00)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10) socket$inet_dccp(0x2, 0x6, 0x0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000005d40)=0x5, 0x4) r21 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000005dc0)={&(0x7f0000005d80)='./file0\x00', 0x0, 0x18}, 0x10) setsockopt$netlink_NETLINK_RX_RING(r20, 0x10e, 0x6, &(0x7f0000005e00)={0x8001, 0x0, 0x40f, 0x3}, 0x10) shutdown(r20, 0x1) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000005e40)=[@in={0x2, 0x4e23, @rand_addr=0x7ff}, @in={0x2, 0x4e24, @rand_addr=0x6}, @in6={0xa, 0x4e24, 0x5, @empty, 0x7}], 0x3c) ioctl$KDDELIO(r21, 0x4b35, 0x9) setsockopt$inet_tcp_int(r20, 0x6, 0x1f, &(0x7f0000005e80)=0x6, 0x4) [ 1053.647455] [24954] 0 24954 11408 2089 65536 0 0 syz-executor1 [ 1053.656427] Memory cgroup out of memory: Kill process 24954 (syz-executor1) score 2105000 or sacrifice child [ 1053.666474] Killed process 24954 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:45 executing program 5: socket$netlink(0x10, 0x3, 0x100000004) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x40040, 0x0) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f00000001c0)={&(0x7f0000000080)=[0xc000000000000000, 0x7, 0x3], 0x3, 0x5, 0xfffffffffffffe01, 0x0, 0x0, 0x5, {0xc9, 0x5, 0x1f, 0x9, 0x4, 0x8, 0xffff, 0x3f, 0x3, 0x20000000, 0x5, 0x6, 0x1, 0x5, "d04a9e814ca52d95257d53cf23aa4f9c0b50cf064d38cdf921c112b1ef44a9bc"}}) 2018/03/26 13:05:45 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$ION_IOC_HEAP_QUERY(r1, 0xc0184908, &(0x7f0000000100)={0xe419, 0x4, 0x1}) dup(r0) sendmsg$nl_netfilter(r0, &(0x7f0000aba000)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000e2a000)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c00000006060100000000001fe398b43952f24725cae6b832bfd3fceb730dccb4894dd1ff29d3b03d559dc2f5a1e31daf69f73278c19275742c503b7d3b3e17871bc6d600000000000010000000000000000000"], 0x1c}, 0x1}, 0x0) [ 1053.737877] oom_reaper: reaped process 24954 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1053.826231] netlink: 8 bytes leftover after parsing attributes in process `syz-executor0'. [ 1053.869997] netlink: 8 bytes leftover after parsing attributes in process `syz-executor0'. 2018/03/26 13:05:46 executing program 1: r0 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffb000/0x4000)=nil) r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vga_arbiter\x00', 0x8000, 0x0) getsockopt$bt_l2cap_L2CAP_OPTIONS(r1, 0x6, 0x1, &(0x7f0000000140), &(0x7f0000000180)=0xc) pipe(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) shmat(r0, &(0x7f0000ffd000/0x3000)=nil, 0x4000) shmget$private(0x0, 0x1000, 0x2, &(0x7f0000ffe000/0x1000)=nil) timer_create(0x0, &(0x7f0000000040)={0x0, 0x26, 0x1}, &(0x7f0000000080)=0x0) syz_open_dev$dspn(&(0x7f0000000240)='/dev/dsp#\x00', 0xffff, 0x200000) timer_gettime(r3, &(0x7f00000000c0)) recvfrom$ipx(r2, &(0x7f00000001c0)=""/102, 0x66, 0x40000000, 0x0, 0x0) 2018/03/26 13:05:46 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0a85352, &(0x7f0000000000)={{0x4, 0x8}, 'port1\x00', 0xb, 0x81431, 0x0, 0x40, 0x8, 0x7f, 0x7, 0x0, 0x3, 0x2}) 2018/03/26 13:05:46 executing program 4: socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f000039a000)=[{0x20, 0x0, 0x0, 0xfffffffffffff00c}, {0x6}]}, 0x10) write(r0, &(0x7f0000000140), 0x248) socket$alg(0x26, 0x5, 0x0) 2018/03/26 13:05:46 executing program 6: setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000640), 0x8) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000e84000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) perf_event_open(&(0x7f0000940000)={0x0, 0x78, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000c39fff)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = add_key$keyring(&(0x7f0000000180)='keyring\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffff8) keyctl$get_keyring_id(0x0, r2, 0x1) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) r3 = pkey_alloc(0x0, 0x2) pkey_free(r3) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f000074af90)={[{0x7}]}) getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000080)={{{@in=@multicast2, @in6=@dev}}, {{@in=@local}, 0x0, @in=@rand_addr}}, &(0x7f0000000000)=0xe8) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000001000)) pkey_mprotect(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1000009, r3) 2018/03/26 13:05:46 executing program 0: syz_emit_ethernet(0x3e, &(0x7f00000000c0)={@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x16}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv4={0x800, {{0x7, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @broadcast=0xffffffff, {[@ssrr={0x89, 0x3, 0xffff}, @ssrr={0x89, 0x3, 0x5}]}}, @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, &(0x7f00000001c0)={0x0, 0x0, [0x0, 0x0, 0x0, 0x66c]}) r0 = accept$inet(0xffffffffffffff9c, &(0x7f0000000000)={0x0, 0x0, @multicast1}, &(0x7f0000000040)=0x10) getsockopt$inet_sctp6_SCTP_CONTEXT(0xffffffffffffff9c, 0x84, 0x11, &(0x7f0000000080)={0x0, 0xffffffff}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000240)={r1, 0xb059, 0x7f, 0x7, 0x9, 0x6}, 0x14) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000180)={r1, 0x2c, &(0x7f0000000280)=[@in6={0xa, 0x4e22, 0x2e, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, 0x3}, @in={0x2, 0x4e22, @remote={0xac, 0x14, 0x14, 0xbb}}]}, &(0x7f0000000200)=0xfffffffffffffef2) 2018/03/26 13:05:46 executing program 5: r0 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000000)={0x0, 0x0, 0x0, @mcast2}, &(0x7f0000000040)=0x1c, 0x80800) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x200002, 0x0) dup2(r0, r1) r2 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x8002) write(r2, &(0x7f00006a5f8c)="dbef803e3d9f5de1e22055bb7c8a326fe46092b6682d9ad789c5d7acad0e771f13d8cb59029b011ded54a09c41c6cfcfbcd743cc665c32af223d42438b496a0304891c88697aff07d4a70f330e6fe3a1c9c76f314ffab329", 0x58) write$evdev(r2, &(0x7f0000a59000)=[{{0x0, 0x7530}}, {}], 0x30) writev(r2, &(0x7f0000d7dff0)=[{&(0x7f0000b70000)="8024904213615f1434a8b49210a885bee5b8d71f39c828a55b0a88d35a51010a31818833bfa2561ce5942dc549ad4e4d", 0x30}], 0x1) ioctl(r2, 0x2286, &(0x7f0000c95ffe)) 2018/03/26 13:05:46 executing program 3: r0 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x7, 0x20000) accept4$netrom(r0, &(0x7f0000000100)=@full, &(0x7f0000000180)=0x48, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f000065b000)={0x26, 'hash\x00', 0x0, 0x0, 'vmac(aes)\x00'}, 0x58) close(r1) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ppp\x00', 0x80209, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x41, &(0x7f0000000040)={'security\x00', 0x4, [{}, {}, {}, {}]}, 0x68) 2018/03/26 13:05:46 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x8001) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:46 executing program 7: r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x20000, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000080), &(0x7f00000000c0)=0x4) r1 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x400) ioctl$TIOCCONS(r2, 0x541d) [ 1054.528132] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1054.539167] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1054.544339] CPU: 1 PID: 24988 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1054.551694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1054.561038] Call Trace: [ 1054.563628] dump_stack+0x194/0x24d [ 1054.567259] ? arch_local_irq_restore+0x53/0x53 [ 1054.571927] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1054.577128] dump_header+0x28c/0xe2b [ 1054.580854] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1054.586059] ? arch_local_irq_restore+0x53/0x53 [ 1054.590738] ? __lock_acquire+0x664/0x3e00 [ 1054.594982] ? print_irqtrace_events+0x270/0x270 [ 1054.599737] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1054.604856] ? trace_hardirqs_off+0x10/0x10 [ 1054.609176] ? __lock_acquire+0x664/0x3e00 [ 1054.613406] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1054.618606] ? __lock_acquire+0x664/0x3e00 [ 1054.622835] ? task_will_free_mem+0x252/0xaa0 2018/03/26 13:05:46 executing program 3: socketpair$unix(0x1, 0x5, 0x0, &(0x7f000001a000)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f00000001c0)=[{0x20, 0x0, 0x0, 0xfffffffffffff008}, {0x6}]}, 0x10) gettid() [ 1054.627330] ? print_irqtrace_events+0x270/0x270 [ 1054.632089] ? ___ratelimit+0x30d/0x630 [ 1054.636060] ? lock_downgrade+0x980/0x980 [ 1054.640206] ? lock_release+0xa40/0xa40 [ 1054.644182] ? mark_held_locks+0xaf/0x100 [ 1054.648327] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1054.653512] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1054.658536] ? trace_hardirqs_on+0xd/0x10 [ 1054.662687] ? ___ratelimit+0x95/0x630 [ 1054.666571] ? idr_get_free+0xfd0/0xfd0 [ 1054.670537] ? find_held_lock+0x35/0x1d0 [ 1054.674605] oom_kill_process+0x8b9/0x1640 2018/03/26 13:05:46 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000cab000)={0x26, 'skcipher\x00', 0x0, 0x0, 'chacha20\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000dc1000)="71e67a15cdf0311cfc093a52a7d86bd10c9d68573b94531dc9cca9a4cd8c33cc", 0x20) r1 = accept4$alg(r0, 0x0, 0x0, 0x0) sendto(r1, &(0x7f00000002c0)="7162e65b3c1ebda7561b5202006d87b6e029eacd4ddfe3d037405c934f84d3b66004c5d0f52f229fd9ca67c29569f91dfea0878e143032955d6b18f0a09f9b3119e7c5578cd50c3d48d37cb7e6bbcd51b20d0db5505a1326a3b016d5c1f68a2285568abc34aea0044e765c48ce8bd94a78d38cbcb96bb021c67a143aaef4a787", 0x80, 0x0, &(0x7f0000000280)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}}}, 0x2e) recvmmsg(r1, &(0x7f0000817f60)=[{{&(0x7f00007f6000)=@alg, 0x58, &(0x7f0000685000)=[{&(0x7f000084bf75)=""/139, 0x8b}], 0x1, &(0x7f00000c6000)=""/161, 0xa1}}], 0x1, 0x0, &(0x7f00009fd000)) r2 = socket$inet6(0xa, 0xf, 0x8) setsockopt$inet6_MCAST_JOIN_GROUP(r2, 0x29, 0x2a, &(0x7f0000000000)={0x5, {{0xa, 0x4e23, 0x8000, @mcast1={0xff, 0x1, [], 0x1}, 0x8000}}}, 0x88) [ 1054.678832] ? lock_downgrade+0x980/0x980 [ 1054.682983] ? __lock_is_held+0xb6/0x140 [ 1054.687046] ? oom_evaluate_task+0x480/0x480 [ 1054.691468] ? rcu_read_unlock+0x35/0x70 [ 1054.695521] ? mem_cgroup_iter+0x363/0xbd0 [ 1054.699748] ? lock_downgrade+0x980/0x980 [ 1054.703900] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1054.708655] ? mark_held_locks+0xaf/0x100 [ 1054.712794] ? _raw_spin_unlock_irq+0x27/0x70 [ 1054.717281] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1054.722297] ? trace_hardirqs_on+0xd/0x10 2018/03/26 13:05:46 executing program 5: mmap(&(0x7f0000000000/0xfd5000)=nil, 0xfd5000, 0x0, 0x800000000032, 0xffffffffffffffff, 0x0) r0 = socket(0x100000001e, 0x1, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, [], 0xb}, 0xae8}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xc}}, @in={0x2, 0x4e22}], 0x3c) sendmsg$rds(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000040)=""/85, 0x55}, {&(0x7f0000000100)=""/90, 0x5a}, {&(0x7f0000000180)=""/175, 0xaf}, {&(0x7f0000000240)=""/122, 0x7a}, {&(0x7f00000002c0)=""/164, 0xa4}], 0x5, 0x0, 0x0, 0x10}, 0x4000000) ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89e0, &(0x7f00000000c0)) fcntl$setsig(r0, 0xa, 0x22) [ 1054.726439] ? _raw_spin_unlock_irq+0x27/0x70 [ 1054.730927] ? css_task_iter_end+0x280/0x430 [ 1054.735327] ? _raw_spin_unlock_irq+0x27/0x70 [ 1054.739822] ? cgroup_procs_next+0x70/0x70 [ 1054.744050] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1054.749060] ? trace_hardirqs_on+0xd/0x10 [ 1054.753194] ? _raw_spin_unlock_irq+0x27/0x70 [ 1054.757670] ? oom_badness+0x980/0x980 [ 1054.761535] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1054.766266] ? mem_cgroup_iter_break+0x30/0x30 [ 1054.770838] ? finish_wait+0x268/0x490 [ 1054.774703] ? lock_downgrade+0x980/0x980 [ 1054.778829] out_of_memory+0x86d/0x1220 [ 1054.782790] ? oom_killer_disable+0x310/0x310 [ 1054.787258] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1054.792337] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1054.797329] ? trace_hardirqs_on+0xd/0x10 [ 1054.801460] mem_cgroup_out_of_memory+0x159/0x200 [ 1054.806286] ? swap_max_write+0x110/0x110 [ 1054.810407] ? do_raw_spin_trylock+0x190/0x190 [ 1054.814969] ? _raw_spin_unlock+0x22/0x30 [ 1054.819098] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1054.824090] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1054.829517] ? find_held_lock+0x35/0x1d0 [ 1054.833555] ? memcg_event_wake+0x420/0x420 [ 1054.837853] ? __do_page_fault+0x5f7/0xc90 [ 1054.842062] ? lock_downgrade+0x980/0x980 [ 1054.846189] pagefault_out_of_memory+0xbd/0x152 [ 1054.850928] ? out_of_memory+0x1220/0x1220 [ 1054.855135] ? handle_mm_fault+0x465/0xb10 [ 1054.859347] ? __handle_mm_fault+0x38c0/0x38c0 [ 1054.863989] ? vmacache_find+0x5f/0x280 [ 1054.867938] ? vmacache_update+0xfe/0x130 [ 1054.872070] mm_fault_error+0xd6/0x2c0 [ 1054.875936] __do_page_fault+0xb4d/0xc90 [ 1054.879983] ? mm_fault_error+0x2c0/0x2c0 [ 1054.884109] ? kernel_write+0x120/0x120 [ 1054.888061] ? do_syscall_64+0xb7/0x940 [ 1054.892015] do_page_fault+0xee/0x730 [ 1054.895798] ? __do_page_fault+0xc90/0xc90 [ 1054.900010] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1054.904748] ? syscall_return_slowpath+0x550/0x550 [ 1054.909653] ? syscall_return_slowpath+0x2ac/0x550 [ 1054.914555] ? prepare_exit_to_usermode+0x350/0x350 [ 1054.919550] ? retint_user+0x18/0x18 [ 1054.923241] ? page_fault+0x2f/0x50 [ 1054.926840] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1054.931662] ? page_fault+0x2f/0x50 [ 1054.935272] page_fault+0x45/0x50 [ 1054.938700] RIP: 0033:0x409b83 [ 1054.941863] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1054.947200] RAX: 0000001b9bc20000 RBX: 0000000000001280 RCX: 000000000040e950 [ 1054.954441] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1054.961693] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1054.968943] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1054.976195] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1054.983791] Task in /syz1 killed as a result of limit of /syz1 [ 1054.989816] memory: usage 0kB, limit 0kB, failcnt 4132 [ 1054.995128] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1055.001900] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1055.008076] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1055.027520] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1055.036305] [24988] 0 24988 11408 2089 65536 0 0 syz-executor1 [ 1055.045211] Memory cgroup out of memory: Kill process 24988 (syz-executor1) score 2105000 or sacrifice child [ 1055.055261] Killed process 24988 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:47 executing program 5: r0 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x20000000000001, 0x105001) setsockopt$inet6_int(r0, 0x29, 0x0, &(0x7f0000000040)=0x39, 0x4) r1 = syz_open_dev$loop(&(0x7f0000b5bff5)='/dev/loop#\x00', 0x0, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) r3 = dup2(r2, r1) sendto$inet(r2, &(0x7f000045d000), 0x0, 0x208000, &(0x7f0000fa2000)={0x2, 0x4e20}, 0x10) sendmmsg$unix(r3, &(0x7f0000c8a000)=[{&(0x7f0000c79ff8)=@abs, 0x8, &(0x7f00007fafa0), 0x0, &(0x7f0000326000)}], 0x186, 0x0) 2018/03/26 13:05:47 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x92) setsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f00000000c0)=0x8, 0x2) bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'tgr128\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="71e67ad10c9d68173b94531dc9cca9a4cd8c33cc4e000000000000000000000000", 0x21) 2018/03/26 13:05:47 executing program 3: r0 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_MCAST_LEAVE_GROUP(r0, 0x0, 0x2d, &(0x7f0000000000)={0x8, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xd}}}}, 0x88) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000469ffc)=0x47fe, 0xfffffffffffffc48) sendto$inet(r0, &(0x7f0000edf000), 0x0, 0x0, &(0x7f0000011ffd)={0x2, 0x4e20}, 0x10) 2018/03/26 13:05:47 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) r1 = socket$nl_crypto(0x10, 0x3, 0x15) sendmmsg(r1, &(0x7f00000006c0)=[{{&(0x7f0000000200)=@l2={0x1f, 0xf4af, {0xffff, 0x4, 0x7, 0x7f, 0x8000, 0xbc2}, 0x8, 0x8}, 0x80, &(0x7f0000000540)=[{&(0x7f0000000280)="d4dce8e2a25b8883ebbb7eadc70ec98a96d9f5c0dd8c0a9a5161a47b96d7ff2aba8704b0868ccd7b9b2019856e16fdc121f7025ada660209f96bc0b6644ce1bd30ca7ea34279843e689a8be439104a5a9700ff84a1bf7fb75500e4a75a0a1d9ff4d21eec8da7b2d4aa37069a42c417d797878d720ef4b655e7d6923545083e1901112498132e5b73e4979408eeed47c463b9b045b4c5c4f5c6523a2f8ee06484dd", 0xa1}, {&(0x7f0000000340)="40c41b18e847e48b8b52df724bdfe8b6f260bb4e1facdd9468e927d433eb69136affcf4915d1de14aa7d0b268cd3c91e99f3cc79fb5b50431e6b1c88b5c85008cd9ee1102d47b2551fc6ce4c5fa12b235e4fc0559711950e18e8a2dd8b00210998bf452941b2ee6d5af281e8aa052cb40a95560be4021215f8c37ee7d3b535ebcf24bbf64f75f068baef3516ebcf9aea0da0a32fdfa3267554b984dd8e29262f7948", 0xa2}, {&(0x7f0000000400)="b3bc296a2fea7740e68a7663433a517b9ca505116956395fa7efbd283c107e968acc1105e9e168fcc803755e6f33c97d8db99fe10dc4cf21c616cbe856fb89b144ea9e13a030035721832fef70618e4b03d394297c9eb6bbf3a54c2dec918ecf6540979cfa2242c7a5190ea8110a6508e2a0bf302379cda31b1a914d1486445472d61f6af50b649db0e6", 0x8a}, {&(0x7f00000004c0)="a457558b557880a836131b64e32c47641e4b6c729940bf0e5dc69b617c4d66920e503117f09a102b3241d4394647b11e4a2c643cea7654c1f54acc877f22c1ef94641e4b0078856531cc43f53b86d7fc517ca77e381d16e9bdafa4c2d804cbae32", 0x61}], 0x4, &(0x7f0000000580)=[{0xc0, 0x0, 0xa8b, "aa3dda9b90d86e55cbf61479bd63d4a08b69fea8cf8c094da4824a311914c27359069ec2d5665824b3d8781fc3f581e47e05c81b18e7eb708c9bc0e192b64f0726e5fc004419add2245023c19043be1926c2bcfe93abb0ab5478ec12c088eb01d331e9e6cdb49d5e78638ce81153f4a5d0cfab11462565243ef7053fe1bb7737fa36b8bc3ab319a75a72e891a43aa3a7035c083c993c486855b0fe497e9ec10a4874d3b3c870ec0c8997245ae0c8"}, {0x30, 0x13f, 0x4, "3f96efa65629681a5ed5269c7d12b320182efea47f067a84e8c70bbcaa1c1e"}, {0x50, 0x117, 0x4518, "f3cfc804a470f01df6a2d989603554da375a8b280c994c14911ccb6a2d9ff4854d782548b30dfafe3033a16d7c6db399f105bd84de384aae27e9827b77"}], 0x140, 0x20000000}}], 0x1, 0x4000000) seccomp(0x1, 0x0, &(0x7f00000001c0)={0x3, &(0x7f0000000180)=[{0x6, 0x1000, 0x3, 0x8}, {0x3f, 0x0, 0x4, 0x6000000000}, {0x101, 0x3, 0x8, 0x4}]}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0x2}, 'port1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/self/net/pfkey\x00', 0x301c00, 0x0) ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000100)={[{0x2, 0x2, 0x9, 0x56e1, 0x1, 0x35, 0x4, 0x7ff, 0x1, 0x10001, 0x6, 0x6, 0xffffffffffffff4b}, {0x100, 0x7, 0x80000000, 0x7, 0x80000001, 0x2, 0x7, 0x7, 0x7ff, 0x7f, 0x8, 0x3, 0xa7}, {0x7f, 0x8, 0x3, 0x100000001, 0xfffffffffffffffa, 0x6, 0x8, 0x3ff, 0x7fffffff, 0x2, 0x1, 0x0, 0x3}], 0x5}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000000)={{0x1000, 0xfffffffffffffff9}, 'port0\x00', 0x24, 0x1, 0x5, 0x6, 0x1, 0x174cc4a9, 0xff, 0x0, 0x0, 0x4}) 2018/03/26 13:05:47 executing program 4: perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_procfs(0x0, &(0x7f000001a000)='mountinfo\x00') setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000040)={0x896, {{0xa, 0x4e23, 0x8, @remote={0xfe, 0x80, [], 0xbb}, 0x7}}, 0x1, 0x9, [{{0xa, 0x4e20, 0x2, @dev={0xfe, 0x80, [], 0x16}, 0x8000}}, {{0xa, 0x4e22, 0x401, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0xfff}}, {{0xa, 0x4e24, 0x1, @dev={0xfe, 0x80, [], 0x15}, 0xf}}, {{0xa, 0x4e24, 0x0, @ipv4={[], [0xff, 0xff], @multicast1=0xe0000001}, 0x4}}, {{0xa, 0x4e20, 0x1f, @mcast1={0xff, 0x1, [], 0x1}, 0xed39}}, {{0xa, 0x4e24, 0x1, @mcast1={0xff, 0x1, [], 0x1}, 0x4}}, {{0xa, 0x4e24, 0x3, @mcast2={0xff, 0x2, [], 0x1}, 0x1}}, {{0xa, 0x4e21, 0x2dc1, @mcast1={0xff, 0x1, [], 0x1}, 0x2}}, {{0xa, 0x4e20, 0xfffffffffffff061, @ipv4={[], [0xff, 0xff], @remote={0xac, 0x14, 0x14, 0xbb}}, 0x10001}}]}, 0x510) r1 = syz_open_procfs(0x0, &(0x7f0000865ff5)='projid_map\x00') sendfile(r1, r0, &(0x7f0000000000), 0x85) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f0000000580)={0x3, 0x3, 0x4d56, 'queue0\x00', 0x7}) 2018/03/26 13:05:47 executing program 1: socketpair$ax25(0x3, 0x5, 0x8, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = accept4$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000200)=0x14, 0x800) ppoll(&(0x7f0000000280)=[{r0, 0x13a}, {r1, 0x280}], 0x2, &(0x7f00000002c0)={0x0, 0x1c9c380}, &(0x7f0000000300)={0x3}, 0x8) timer_create(0xfffffffffffffffd, &(0x7f0000b2ffa0)={0x0, 0x0, 0x1, @thr={&(0x7f0000c28000), &(0x7f000085e000)}}, &(0x7f0000000180)) clock_gettime(0x0, &(0x7f0000000100)) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) timer_settime(0x0, 0x1000000000000, &(0x7f0000000240)={{0x77359400}, {r2, r3+30000000}}, &(0x7f00000001c0)) timer_settime(0x0, 0x0, &(0x7f0000000040)={{}, {0x77359400}}, &(0x7f0000000080)) 2018/03/26 13:05:47 executing program 6: r0 = timerfd_create(0x6, 0x80000) fcntl$addseals(r0, 0x409, 0x1) readlinkat(0xffffffffffffffff, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x0) 2018/03/26 13:05:47 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000b5dfa8)={0x26, 'hash\x00', 0x0, 0x0, 'sha1-avx\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) r2 = open(&(0x7f0000000000)='./file0\x00', 0x20100, 0x100) r3 = open(&(0x7f00004b8ff8)='./file0\x00', 0x28042, 0x0) r4 = socket$inet6(0xa, 0x4, 0x1c) fallocate(r2, 0x0, 0x2007, 0x7f) sendfile(r1, r4, &(0x7f0000000040), 0x8000010000005) socket$nl_netfilter(0x10, 0x3, 0xc) sendfile(r1, r3, &(0x7f0000e64ff8), 0x6) 2018/03/26 13:05:47 executing program 3: r0 = socket$inet(0x2, 0x4000000000000003, 0x1) sendto$inet(r0, &(0x7f0000000000)="f0fb1d6c223668e52a625dca0b2f936fb302303650ce07c5120fab3165150bd5b7a85569c97b7387a048a5cd470a3ee629d8f3d560d79ba4", 0x38, 0x200007ff, &(0x7f0000deaff0)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) 2018/03/26 13:05:47 executing program 5: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x10100, 0x0) ioctl$KVM_SET_GUEST_DEBUG(r0, 0x4048ae9b, &(0x7f0000000080)={0x0, 0x0, [0x1, 0x6, 0x7, 0x5, 0xb69, 0xfffffffffffffffa, 0x7, 0x7]}) r1 = socket$netlink(0x10, 0x3, 0x10) bind$netlink(r1, &(0x7f0000000000)={0x400000010, 0x0, 0x0, 0x70a1}, 0xc) r2 = dup(r1) getsockopt$netlink(r2, 0x10e, 0x2c, &(0x7f00005c6000)=""/6, &(0x7f00001bb000)=0x6) ioctl$KVM_S390_UCAS_UNMAP(r2, 0x4018ae51, &(0x7f0000000100)={0x1, 0x26, 0x4}) 2018/03/26 13:05:47 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0x40000000000}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000000)={0x6, r0}) ioctl$PERF_EVENT_IOC_RESET(r1, 0x2403, 0x9) 2018/03/26 13:05:47 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) restart_syscall() socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000000)) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f00000000c0)={{0x8001, 0x1f}, 'port0\x00', 0xd5, 0x1, 0x1, 0x0, 0x1000, 0xa7, 0xfffffffffffffffa, 0x0, 0x3, 0x3b3eae9a}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000180)={{0xffffffff, 0x3}, 'port0\x00', 0x10, 0x10000, 0x33, 0x0, 0x2, 0x9, 0x40, 0x0, 0x2, 0x3}) [ 1055.416418] oom_reaper: reaped process 24988 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1055.496876] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1055.507951] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1055.513168] CPU: 0 PID: 25055 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1055.520518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1055.529861] Call Trace: [ 1055.532435] dump_stack+0x194/0x24d [ 1055.536045] ? arch_local_irq_restore+0x53/0x53 [ 1055.540696] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1055.545873] dump_header+0x28c/0xe2b [ 1055.549570] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1055.554740] ? arch_local_irq_restore+0x53/0x53 [ 1055.559386] ? perf_trace_lock+0xd6/0x900 [ 1055.563511] ? __lock_acquire+0x664/0x3e00 [ 1055.567725] ? trace_event_raw_event_lock+0x340/0x340 [ 1055.572904] ? perf_trace_lock+0xd6/0x900 [ 1055.577033] ? trace_hardirqs_off+0x10/0x10 [ 1055.581334] ? perf_trace_lock+0xd6/0x900 [ 1055.585459] ? trace_event_raw_event_lock+0x340/0x340 [ 1055.590627] ? __lock_acquire+0x664/0x3e00 [ 1055.594843] ? task_will_free_mem+0x252/0xaa0 [ 1055.599321] ? print_irqtrace_events+0x270/0x270 [ 1055.604064] ? ___ratelimit+0x30d/0x630 [ 1055.608032] ? lock_downgrade+0x980/0x980 [ 1055.612164] ? lock_release+0xa40/0xa40 [ 1055.616119] ? mark_held_locks+0xaf/0x100 [ 1055.620245] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1055.625325] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1055.630315] ? trace_hardirqs_on+0xd/0x10 [ 1055.634442] ? ___ratelimit+0x95/0x630 [ 1055.638306] ? idr_get_free+0xfd0/0xfd0 [ 1055.642256] ? find_held_lock+0x35/0x1d0 [ 1055.646303] oom_kill_process+0x8b9/0x1640 [ 1055.650522] ? lock_downgrade+0x980/0x980 [ 1055.654653] ? __lock_is_held+0xb6/0x140 [ 1055.658696] ? oom_evaluate_task+0x480/0x480 [ 1055.663092] ? rcu_read_unlock+0x35/0x70 [ 1055.667126] ? mem_cgroup_iter+0x363/0xbd0 [ 1055.671335] ? lock_downgrade+0x980/0x980 [ 1055.675465] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1055.680214] ? mark_held_locks+0xaf/0x100 [ 1055.684337] ? _raw_spin_unlock_irq+0x27/0x70 [ 1055.688817] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1055.693808] ? trace_hardirqs_on+0xd/0x10 [ 1055.697929] ? _raw_spin_unlock_irq+0x27/0x70 [ 1055.702398] ? css_task_iter_end+0x280/0x430 [ 1055.706782] ? _raw_spin_unlock_irq+0x27/0x70 [ 1055.711251] ? cgroup_procs_next+0x70/0x70 [ 1055.715457] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1055.720449] ? trace_hardirqs_on+0xd/0x10 [ 1055.724569] ? _raw_spin_unlock_irq+0x27/0x70 [ 1055.729040] ? oom_badness+0x980/0x980 [ 1055.732902] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1055.737640] ? mem_cgroup_iter_break+0x30/0x30 [ 1055.742212] ? finish_wait+0x268/0x490 [ 1055.746074] ? lock_downgrade+0x980/0x980 [ 1055.750201] out_of_memory+0x86d/0x1220 [ 1055.754162] ? oom_killer_disable+0x310/0x310 [ 1055.758634] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1055.763714] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1055.768708] ? trace_hardirqs_on+0xd/0x10 [ 1055.772842] mem_cgroup_out_of_memory+0x159/0x200 [ 1055.777660] ? swap_max_write+0x110/0x110 [ 1055.781783] ? do_raw_spin_trylock+0x190/0x190 [ 1055.786347] ? _raw_spin_unlock+0x22/0x30 [ 1055.790475] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1055.795469] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1055.800898] ? find_held_lock+0x35/0x1d0 [ 1055.804940] ? memcg_event_wake+0x420/0x420 [ 1055.809238] ? __do_page_fault+0x5f7/0xc90 [ 1055.813448] ? lock_downgrade+0x980/0x980 [ 1055.817576] pagefault_out_of_memory+0xbd/0x152 [ 1055.822220] ? out_of_memory+0x1220/0x1220 [ 1055.826426] ? handle_mm_fault+0x465/0xb10 [ 1055.830641] ? __handle_mm_fault+0x38c0/0x38c0 [ 1055.835195] ? vmacache_find+0x5f/0x280 [ 1055.839142] ? vmacache_update+0xfe/0x130 [ 1055.843269] mm_fault_error+0xd6/0x2c0 [ 1055.847137] __do_page_fault+0xb4d/0xc90 [ 1055.851191] ? mm_fault_error+0x2c0/0x2c0 [ 1055.855314] ? kernel_write+0x120/0x120 [ 1055.859264] ? do_syscall_64+0xb7/0x940 [ 1055.863231] do_page_fault+0xee/0x730 [ 1055.867011] ? __do_page_fault+0xc90/0xc90 [ 1055.871225] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1055.876736] ? syscall_return_slowpath+0x550/0x550 [ 1055.881647] ? syscall_return_slowpath+0x2ac/0x550 [ 1055.886556] ? retint_user+0x18/0x18 [ 1055.890246] ? page_fault+0x2f/0x50 [ 1055.893847] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1055.898671] ? page_fault+0x2f/0x50 [ 1055.902274] page_fault+0x45/0x50 [ 1055.905700] RIP: 0033:0x409b83 [ 1055.908863] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1055.914202] RAX: 0000001b9bc20000 RBX: 0000000000001281 RCX: 000000000040e950 [ 1055.921445] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1055.928689] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1055.935930] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 2018/03/26 13:05:47 executing program 5: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x4e20, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) sendto$inet(r0, &(0x7f000026cfff)="c6", 0x1, 0x0, &(0x7f000052a000)={0x2, 0x4e20, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10) shutdown(r0, 0x1) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000040)={0x0}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000000c0)={r1, 0x2c, &(0x7f0000000000)=[@in6={0xa, 0x1, 0x4, @remote={0xfe, 0x80, [], 0xbb}, 0x500}, @in={0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}]}, &(0x7f0000000100)=0x10) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ppp\x00', 0x2, 0x0) setsockopt$llc_int(r2, 0x10c, 0x8, &(0x7f0000000200)=0x29, 0x4) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vga_arbiter\x00', 0x40002, 0x0) ioctl$sock_bt_cmtp_CMTPCONNDEL(r3, 0x400443c9, &(0x7f0000000180)={{0x4, 0xffffffffffffff06, 0xdf4, 0x7, 0xffffffffffff994a, 0x5}, 0x200}) 2018/03/26 13:05:48 executing program 6: r0 = socket$netlink(0x2, 0x5, 0x800f) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x84, 0x7d, &(0x7f0000001000), 0xa5) 2018/03/26 13:05:48 executing program 3: perf_event_open(&(0x7f0000d2af88)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = getpgid(0xffffffffffffffff) capget(&(0x7f0000000280)={0x20080522, r0}, &(0x7f00000002c0)={0x1f, 0x80000001, 0x1, 0x4, 0x800, 0xad81}) r1 = socket$netlink(0x10, 0x3, 0x0) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000440)='/dev/sequencer\x00', 0x4100, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffff9c, 0x8933, &(0x7f0000000080)={'ipddp0\x00', 0x0}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000180)={{{@in6=@loopback, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@broadcast}, 0x0, @in=@local}}, &(0x7f00000000c0)=0xe8) setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000340)={{{@in=@multicast2=0xe0000002, @in=@dev={0xac, 0x14, 0x14, 0x11}, 0x4e23, 0x0, 0x4e21, 0x7, 0x2, 0x20, 0x0, 0x3f, r3, r4}, {0x40, 0x3, 0x1000, 0x962, 0x3, 0x100000000, 0xfffffffffffffffe, 0x3}, {0xfffffffffffffffa, 0x7, 0x6, 0xfff}, 0x52, 0x6e6bc0, 0x0, 0x1, 0x2, 0x1}, {{@in6=@local={0xfe, 0x80, [], 0xaa}, 0x4d4, 0x32}, 0x0, @in=@rand_addr=0x81, 0x3506, 0x7, 0x0, 0x100000001, 0x4, 0x4, 0x6eb}}, 0xe8) sendmsg$nl_route(r1, &(0x7f00000013c0)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000}, 0x299, &(0x7f0000000300)={&(0x7f0000000480)=@ipv6_getaddr={0x84, 0x16, 0x602, 0x70bd2a, 0x25dfdbfe, {0xa, 0x10, 0x203, 0xfe, r3}, [@IFA_ADDRESS={0x14, 0x1, @mcast1={0xff, 0x1, [], 0x1}}, @IFA_ADDRESS={0x14, 0x1, @loopback={0x0, 0x1}}, @IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x1, [], 0x1}}, @IFA_ADDRESS={0x14, 0x1, @mcast2={0xff, 0x2, [], 0x1}}, @IFA_CACHEINFO={0x14, 0x6, {0x6c8, 0x1, 0x8, 0x57}}, @IFA_FLAGS={0x8, 0x8, 0x430}]}, 0x84}, 0x1}, 0x0) 2018/03/26 13:05:48 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0xfffffffffffffffd}, "0a4ceaa05dbd126e00de0002a1569b3fd4cec311d24b94b3505c3300000001f90d229db692542e4df8f8b29e0a27800feeff0094739243ba34fc4dc6899738a0", 0x0, 0x10000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x8}) [ 1055.943172] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1055.950842] Task in /syz1 killed as a result of limit of /syz1 [ 1055.956886] memory: usage 0kB, limit 0kB, failcnt 4140 [ 1055.962218] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1055.969068] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1055.975274] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:05:48 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000142ff0)={0x2, 0x4e22}, 0x10) sendto$inet(r0, &(0x7f0000243fca), 0x0, 0x40801, &(0x7f0000b56000)={0x2, 0x4e22}, 0x10) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x1ffa, 0x390) writev(r0, &(0x7f0000018cd2)=[{&(0x7f0000068000)="02", 0x1}], 0x1) [ 1055.994750] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1056.003533] [25055] 0 25055 11408 2089 65536 0 0 syz-executor1 [ 1056.012444] Memory cgroup out of memory: Kill process 25055 (syz-executor1) score 2105000 or sacrifice child [ 1056.022477] Killed process 25055 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1056.038829] oom_reaper: reaped process 25055 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:48 executing program 4: r0 = perf_event_open(&(0x7f0000220000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r0, 0x40042409, 0x1) ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f00007a3000)) 2018/03/26 13:05:48 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x24082, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=0x0) ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, &(0x7f0000000080)=0x0) r4 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='memory.swap.current\x00', 0x0, 0x0) kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, r0, &(0x7f0000000100)={r4, r1, 0xc80}) r5 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_MP_STATE(r5, 0x4004ae99, &(0x7f0000000000)=0x6) ioctl$KVM_SMI(r5, 0xaeb7) ioctl$KVM_TRANSLATE(r5, 0xc018ae85, &(0x7f0000000140)={0xd006, 0xd000, 0x401, 0x8, 0x43b88}) ioctl$KVM_RUN(r5, 0xae80, 0x0) 2018/03/26 13:05:48 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000000080)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:48 executing program 0: unshare(0x20000400) lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000040)) r0 = socket$pptp(0x18, 0x1, 0x2) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x101000, 0x0) clock_gettime(0x0, &(0x7f0000000200)={0x0, 0x0}) r4 = accept4$unix(r1, &(0x7f0000000300), &(0x7f0000000380)=0x6e, 0x80800) dup2(r1, r4) write$sndseq(r1, &(0x7f0000000240)=[{0x3, 0x2, 0x76a, 0xfffffffffffffffd, @tick=0x4, {0x0, 0x3ff}, {0x800, 0x401}, @quote={{0xffff, 0x1000}, 0xfffffffffffffffd, &(0x7f00000001c0)={0x40, 0x68, 0x101, 0x6, @tick=0x6, {0x80000001, 0x1}, {0x1e, 0x4}, @quote={{0x2, 0x81}, 0xc484, &(0x7f00000000c0)={0x2, 0x5, 0xff, 0x4, @tick=0x4a15, {0x400, 0x401}, {0x0, 0x80000000}, @ext={0x6a, &(0x7f0000000140)="e8525756dae244b4f83eb58bf054c470b7f5dced6ebc0661a9a514bccb4495158b5d7f05fcd8dd154f5f5df31cb30f340c37341cff750ab0e754517768093d2d183e89ba715166183405faab72efed54ae580f36e3756ff27c7d1ffd2109d645ea091eb5af85e27814e4"}}}}}}, {0x6a, 0x5, 0x1, 0x6, @time={r2, r3+10000000}, {0x1c1, 0x2}, {0x9, 0x7}, @control={0x8, 0x1ff, 0x6}}, {0x401, 0x5, 0x1, 0x8, @time, {0x7ef, 0x1}, {0x8, 0xbd7}, @note={0x1000, 0x20, 0x4, 0x3}}], 0x90) writev(r0, &(0x7f00000003c0), 0x0) [ 1056.136589] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1056.147649] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1056.152824] CPU: 0 PID: 25081 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1056.160175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1056.169509] Call Trace: [ 1056.172076] dump_stack+0x194/0x24d [ 1056.175687] ? arch_local_irq_restore+0x53/0x53 [ 1056.180338] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1056.185522] dump_header+0x28c/0xe2b [ 1056.189227] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1056.194402] ? arch_local_irq_restore+0x53/0x53 [ 1056.199051] ? perf_trace_lock+0xd6/0x900 [ 1056.203178] ? __lock_acquire+0x664/0x3e00 [ 1056.207397] ? trace_event_raw_event_lock+0x340/0x340 [ 1056.212579] ? perf_trace_lock+0xd6/0x900 [ 1056.216709] ? trace_hardirqs_off+0x10/0x10 [ 1056.221010] ? perf_trace_lock+0xd6/0x900 [ 1056.225145] ? trace_event_raw_event_lock+0x340/0x340 [ 1056.230320] ? __lock_acquire+0x664/0x3e00 [ 1056.234537] ? task_will_free_mem+0x252/0xaa0 [ 1056.239027] ? print_irqtrace_events+0x270/0x270 [ 1056.243776] ? ___ratelimit+0x30d/0x630 [ 1056.247740] ? lock_downgrade+0x980/0x980 [ 1056.251877] ? lock_release+0xa40/0xa40 [ 1056.255842] ? mark_held_locks+0xaf/0x100 [ 1056.259973] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1056.265058] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1056.270052] ? trace_hardirqs_on+0xd/0x10 [ 1056.274182] ? ___ratelimit+0x95/0x630 [ 1056.278051] ? idr_get_free+0xfd0/0xfd0 [ 1056.282009] ? find_held_lock+0x35/0x1d0 [ 1056.286070] oom_kill_process+0x8b9/0x1640 [ 1056.290284] ? lock_downgrade+0x980/0x980 [ 1056.294423] ? __lock_is_held+0xb6/0x140 [ 1056.298473] ? oom_evaluate_task+0x480/0x480 [ 1056.302881] ? rcu_read_unlock+0x35/0x70 [ 1056.306920] ? mem_cgroup_iter+0x363/0xbd0 [ 1056.311133] ? lock_downgrade+0x980/0x980 [ 1056.315272] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1056.320016] ? mark_held_locks+0xaf/0x100 [ 1056.324146] ? _raw_spin_unlock_irq+0x27/0x70 [ 1056.328628] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1056.333629] ? trace_hardirqs_on+0xd/0x10 [ 1056.337754] ? _raw_spin_unlock_irq+0x27/0x70 [ 1056.342228] ? css_task_iter_end+0x280/0x430 [ 1056.346628] ? _raw_spin_unlock_irq+0x27/0x70 [ 1056.351103] ? cgroup_procs_next+0x70/0x70 [ 1056.355314] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1056.360311] ? trace_hardirqs_on+0xd/0x10 [ 1056.364435] ? _raw_spin_unlock_irq+0x27/0x70 [ 1056.368911] ? oom_badness+0x980/0x980 [ 1056.372776] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1056.377513] ? mem_cgroup_iter_break+0x30/0x30 [ 1056.382098] ? finish_wait+0x268/0x490 [ 1056.385970] ? lock_downgrade+0x980/0x980 [ 1056.390102] out_of_memory+0x86d/0x1220 [ 1056.394074] ? oom_killer_disable+0x310/0x310 [ 1056.398546] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1056.403636] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1056.408640] ? trace_hardirqs_on+0xd/0x10 [ 1056.412784] mem_cgroup_out_of_memory+0x159/0x200 [ 1056.417612] ? swap_max_write+0x110/0x110 [ 1056.421734] ? do_raw_spin_trylock+0x190/0x190 [ 1056.426309] ? _raw_spin_unlock+0x22/0x30 [ 1056.430451] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1056.435448] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1056.440881] ? find_held_lock+0x35/0x1d0 [ 1056.444929] ? memcg_event_wake+0x420/0x420 [ 1056.449229] ? __do_page_fault+0x5f7/0xc90 [ 1056.453443] ? lock_downgrade+0x980/0x980 [ 1056.457578] pagefault_out_of_memory+0xbd/0x152 [ 1056.462225] ? out_of_memory+0x1220/0x1220 [ 1056.466435] ? handle_mm_fault+0x465/0xb10 [ 1056.470657] ? __handle_mm_fault+0x38c0/0x38c0 [ 1056.475214] ? vmacache_find+0x5f/0x280 [ 1056.479165] ? vmacache_update+0xfe/0x130 [ 1056.483305] mm_fault_error+0xd6/0x2c0 [ 1056.487179] __do_page_fault+0xb4d/0xc90 [ 1056.491237] ? mm_fault_error+0x2c0/0x2c0 [ 1056.495367] ? kernel_write+0x120/0x120 [ 1056.499323] ? do_syscall_64+0xb7/0x940 [ 1056.503280] do_page_fault+0xee/0x730 [ 1056.507060] ? __do_page_fault+0xc90/0xc90 [ 1056.511276] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1056.516022] ? syscall_return_slowpath+0x550/0x550 [ 1056.520932] ? syscall_return_slowpath+0x2ac/0x550 [ 1056.525840] ? prepare_exit_to_usermode+0x350/0x350 [ 1056.530835] ? retint_user+0x18/0x18 [ 1056.534530] ? page_fault+0x2f/0x50 [ 1056.538135] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1056.542962] ? page_fault+0x2f/0x50 [ 1056.546570] page_fault+0x45/0x50 [ 1056.549997] RIP: 0033:0x409b83 [ 1056.553168] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1056.558513] RAX: 0000001b9bc20000 RBX: 0000000000001282 RCX: 000000000040e950 [ 1056.565759] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1056.573005] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1056.580254] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1056.587499] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1056.595067] Task in /syz1 killed as a result of limit of /syz1 [ 1056.601102] memory: usage 0kB, limit 0kB, failcnt 4148 [ 1056.606412] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1056.613189] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1056.619363] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:05:48 executing program 6: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x200000000000002, &(0x7f0000000140)=0x77, 0x4) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00007f3ffb)='yeah\x00', 0x5) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) sendto$inet(r0, &(0x7f0000f53fff), 0xfffffffffffffd79, 0x20000000, &(0x7f000006d000)={0x2, 0x4e23}, 0x10) io_setup(0x805, &(0x7f0000000140)=0x0) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000100)={0x0}, &(0x7f0000000200)=0xc) r3 = syz_open_dev$usbmon(&(0x7f0000000240)='/dev/usbmon#\x00', 0xfffffffffffffff8, 0x2) perf_event_open(&(0x7f0000000180)={0x7, 0x70, 0xad0, 0x8, 0x995b, 0x9, 0x0, 0x7, 0x81000, 0xa, 0x80000000, 0x8, 0x400, 0xb61, 0x80, 0x800, 0x7, 0x9, 0x2, 0xd600000000, 0xa58, 0x100000001, 0x80000001, 0x7, 0x1ff, 0x7, 0x4, 0x5, 0x5, 0xfff, 0x1, 0x4, 0x3ff, 0x2, 0xdd0c, 0x2, 0x4, 0x80000000, 0x0, 0x3, 0x0, @perf_config_ext={0x6, 0x4}, 0x0, 0xfffffffffffffff8, 0x20000000000, 0x7, 0x7, 0x1, 0xfffffffffffff68d}, r2, 0x10, r3, 0xb) io_destroy(r1) io_setup(0x84b, &(0x7f00000000c0)) r4 = memfd_create(&(0x7f0000000000)='\x00', 0x3) getsockopt$inet_sctp_SCTP_INITMSG(r4, 0x84, 0x2, &(0x7f0000000040), &(0x7f0000000080)=0x8) io_destroy(r1) sendmmsg(r3, &(0x7f0000001f40)=[{{&(0x7f0000000280)=@ethernet={0x6, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff]}, 0x80, &(0x7f0000000400)=[{&(0x7f0000000300)="1c34e7bddd5a08082958fa82aad3abfaa01b0228f41c1e05f19a47f112906d38e0d8f376572ffca029e24541b99bd3ba1590c987bf9dcac71751d25b5dec69952db9a0eda9d561cf97361a0c2bf2d03b03aaec9fa39e5423d9726ee322358787e391c245428fb5dbab02961ffc9b79f1a385be7fbb3622e6975d79b842d856bafb6f99ae5578e3086bd3f204254413c8079098c84582aab4f9170bc7a3e9297cabb44b88997a3dea1d5c938534294428c3d6992cd4", 0xb5}, {&(0x7f00000003c0)="630d8290703e27f11ee58686ac0dca5f871412e923fc7eccf29f807890a6c62f324dc3182e7ae8f3ee1fa83ba7e809d54d0f7f50dc5168d099", 0x39}], 0x2, &(0x7f0000000440)=[{0x58, 0x0, 0xfffffffffffffff9, "31a25d3f8bc701f774925bb179ba7bcb2056e1a76cfb770a28e927f82a86709df3d203e2010cc333fd1b1c39da418200e4e80feb02b26ed7d9e7bec1b900553116"}, {0xf0, 0x10f, 0x3, "73d7cdae3967e40434ec83db3bad7a1aeb265acd7fb33624c5fa578e18039b2d7018c20df1316321bbebf205dce18656eb394b0acbea5db945751de2310b9685fe795137901d4f9e904cb26b0f0e1c8ef7571a3c9b47a05ab7d55f4fefe12db24b4dacd22340302a2aa678a339c560c30754e22f5b74b6274590d025c0eb5d0ac936821aa2477cb5e57212507a144f1e10ee8d1f84c6538d87954fa52c653fb1ccc65bd9e89f8fe792b5333722b511909ddf67ac6a85d862113dd55a31d20572241e2611f9f3044db342a22ee97ab7f1edecd1bb6c67d9f88871a6dc"}, {0x78, 0x3a, 0x3, "2148fd8b193e97a2f29e3b899862ed09040f847fd89204be80328b09794d1dc7a636acc03368da46ea5b99270eecdd7c361c00391ba9603544b5a473e5a904a02badd640c8234cab36098dc8b70ad59e5e6944f9af624a35d982b038307a05a59ea57249"}], 0x1c0, 0x40040}, 0x6}, {{&(0x7f0000000600)=@can={0x1d}, 0x80, &(0x7f0000001b80)=[{&(0x7f0000000680)="57303a5c4170ddb3c41164462e6b83a304a37503ed44050624ba30ce07aac713bbececbb33eea10bc69d74dfcad56659ad040f8c5be2d2f56742efc4f3f90278257e2167c95d1dbaf202f3b264988e5a1e205d9527d71a39c9d88dffc2111c3b9cde3eccb260a02eec30649cd5aead9c39ab6aaa926b3612f5b48e64", 0x7c}, {&(0x7f0000000700)="12e9d339eeaff84902cc04d60fce3a3859797801024da2a1b5180bae50f084571067a6c7c126a17840aebbda75b455d99eba1e3f0e03419ba23aa490bb7fbf25e5c173c12adc6ca29bd454a3d90c335edd89fcb025d1495c3ce02ae3839dd7a30eafe303fb2167c76fe3ce4ab7efbead496cf767863c31f39b3cb18d62915a772751c9e0f1b2c40dd94785a47f0e1708fee769db0b750abc8ac9da1fdee4f96590499d5b328e078971751fe7c721006acb83ffaef2c99dba448c4411a840ca278fabcfcae74197f268d06eb97a80e2429792c4d8ea3075e5eb15120c3e8efa04f246307e6f4c7755896586", 0xeb}, {&(0x7f0000000800)="b03ff33c47e1148177921224a783ce60c0108bd5f22c0ad12a95f075ff4977cf31acb6a0f75ce68968c4486712bb91f594948dc6e10ec7a62eb3e25282de67883890143ea21dd9fee3dcb208dd8d2386e0392e3cb0f8f4993fd5460ec759cba2b573c472980315f01456249388c0255f46740d5766faa38d965514a4d302a17fe7be1fa199c8219b9d130603f97c3138c0f4cd32c9458a6c45bc637fa4b6feab2a379024e88431ba389c", 0xaa}, {&(0x7f00000008c0)="00557181fc4433093802123c41b9bf60fdaf84247f0fa73bd011c1a7ddc41016392d2abc658069afc53261f927a21f6a7cbdbf164ddf6f9ad9bacca7673d6ba03ea243689e7a95bfefc2ff342ba05399b02677526dfa7da7f6eaa6815d907c5cae20b744b25b0706f833ced0b566331dea45f7ae2b9677e583f73c962d0d68e5dd41383cc22aae2ec6767d4d52c6e2035915af44592c23e8e5026b5dce05cd1b1c5b6c664a4aac", 0xa7}, {&(0x7f0000000980)="805ba6b0447ce0f40ef2bf5b8ee7ca755c629e2caa0c58037ce82fdba085ad46d2f1c5e95d58f1975fd0f3997ece86cf67fdf02f380b2cb0815291043fce86476189473c1653b5bed4f1e58e9a92875008538dade05f9e2435717e6b4f1c5197a9af0e27da38f4fba32f7eb45b22bd05e928e4859df6a08be13221fb231d561fd40ce20fa534f3e583e4197a13cad6a62db99d2a1b3e5c1c0a1f5070c506c063b9ac7f6c7417b225e221517fa7797c28cace743fe72a1c74cf055c4bd28bc645521c3488e602f27c95e7d9441c278a05a726976d6faac061fbed3878532523b54dde7e2e2075395496bcb91e05c240f39e60adc338b2f71666543d3e5e1e69186371b8d4248f33a191051ca53d87f431ef02d339c2682463c36eb3cfe764daf7802d8d341d200ba27b4b19db91417d0a2c5b5a8931c46bac295564872745b094970e2ba3128b8d0a17098b22187e71a420606d23ef1e3142e15ad11fbcd6437f45a29263f4ef26f7efd726f12fc2b554ac9ac3644c6ec1b4210375f2c2b288b7a876bf399942c9a22c601adf1ac4b71f4070aaf616a82d6f16bca50d4745941b3099fe598e9ae3121bb5498701e9ef459573e51c8c1b170796641e95b3b0b27f3b07102eff4728ccf8f4846cf30e5cd806fafaf899fc3b20a6524d59aeccecbc67a04e3a8dda277d21123b17e8edfedd81f545bc99c0b4db97ff5b34b3c4b203f2d38c4e17d2621e8db9c238bc051553bfe5ce4951803d5358d6b778ad447f27ffbfb8396de052695b71994947cde7d134165b9a9c03fd4ddab70d448ac007f4877aae206b351e815b6daf90ab102ab200f4dc31712da7e9767d54d5cf6759f2ffc710b1a0cf123f35a0b66007874c9fe1e4cf3c6f4cf2a2df1eb3c676dd088746718320bd3d062085149df4c04981f0b499a6f744c6f24bf5be6459aea10b19a988adc04acb670161fc4a40a0cf969c6ebe47dfb92cbf1883992098a4528099f4a39bbf548017bb37141979b870b69ba7208cad259fd209fe1aefa889492e30e4e90a9f2d8ce2bf05c0cd61238472197505cb6979e9f6319c7183001da851b78a0161bad34be597fde97f02ae30ed7dd26712737933473223e90495c4834b686ff36eb54b44fcd33b311ad49f384a274e972d27e42d424e5793eaec6e6a8235b0b2447b10d557940994d61207cab4a654353ee7d2634c84d699ac0daf14298e24b9c800c0a4cf39ee9323925cc39948f5d200d31ac433d6ade8709ec5e17ecccd6e18ec5d7bee6dedf9fa4407f3e735e3a0fbb5e529e92f75e99cc43970de19fee03cb882d2d00a5480e07dd720452c7917ac9cdf7b0e485c331c0716e44edc3f01223bcedf24aef0aa8a505a59a72d33b808e72e153538beac07db2b41285e11665a26f0ee41ff6a19fa0a6c41696fa08fdf20485afcf97baace15a7b8a0a3b3745f59045cfb12e7e6f984e90ceee72b6f1deed6ea537cfb1b7f33b360af2984e29512baa1ff4026a855f8a4205c52626aec07b28664a325898bc8a08cf4b1c79cd2ba020cab636092abd2da6d48042af66ede3bc5b0ef9464c88ad7b9cda779e18355ba3581d93d99d26913c567e874f2021a81fef7280fa60cd0d6dceb9908ad0c6db46c2e8f474731b76badb2b2e32909b5ef5ac8c925fb3e84040fe76fb092c167eb03ab449c247a47d56423de0dda12aee529bb4787a856afe4301345f38ac94c6bf2ba43e81294238e628330c00e3e9288c18104cda370012d63e1ed9fb6d8c6243435ba4d5ba1c824ad31ddf8b75d9eece33937bdcf73a9ac785b12f74d5029ebaf5c5df6c6ea6ee43e540e62fb531886c3757fab087e9ed76aa5e38bc72f726eeea68a91159537a46afb56491090bbb18daafe5a1650df41d250413b6c09199494456964f3eaaf4d13a66ab692064ba3f83d48d5e492c87b2c25d2058cb04129215dadd9146776bac436a00e8c54fc890167a4c3422e96ed5e2dd7dbe3a84d5e7ed133592a7bac082103393035d4f09bf6bb85233134a022eee2636428a41a8b47efd25efc0d454fb9b53ca4ee7994ca378881de4832295cfef34797d6dbd352b462aadbab3ab3727d790818f45de3119fc8682c59b159050d2f519fd9fa9b0d772f6ffdc7e878f51599c48e9b6cbdf00e63aba4e920da3802c62fbd356fe071bded8eb79e4c4ac9f2a4d429a4ea2fa4faf7b89113cd0152331a9310853622f7aa71652a3658d9f87e98d99b93ae5d87a426643798f1c178ccc90dbda33780a9f38c14185420bd21ab41f1d01a8d5274918ec11432089267edb75ade16ec0aa89f0b252ecf687cd569135142237a872c7d9d59c958471bd66aedba82a49f0e9d89418e4d193ad2b649b08f42c7eb5ad4c222f7bce5f31c38fdd3cbd503efd6fd46591c18ce030f0e6af30d59d306e0e03c3684372686e4fe1d602f1d274333c94b11c61bb0b145eec4e6683a9af05cd14adc7251e77c118f5d1782b5246211503f2f10b05d101d07b7bf127aa98feaf6d641546a3c4ced87dc8449564f0257c19b53ffd01e31f53f5be1d40ad0e355092d0575360e4d317bdc37985ef3f155215f3de0cb25375c64d664daa24e17bfe379ae3e099b38853dd96c3790735ad391bd5e73c0d860166eaaa9c1c41a422464e32a49e48bfdcc367cbd393f21437801d0ef8487ffa1ecd1bcfc1955322e72ce1d1fb72dad6d3fe67b4d9e187195e875d2072e6e5e90eb85d2c036cb125f509b48879ca49ef97ca4078aebfc4ce180ef1a2c86eaa7954030df688a5edb4e93cf3b8f2f00ab977f3b333df9990a1430013dea0f989e9d41a935bd6ebc7124cd3431f0d40949469ea31c9bc24be2e84edaa37d369ccc948532939747b78a15fe080cc55241e4fe320bea1b243b1fc31a31e6a89f5078819ca63d192838d0e3cc8e491d314802488df433a379aae5a3350a6cd8e12071c1c0aff5e44f8dbcd602f5eac8693a7c7f3c69932803b49de9253612e8ac06f1132d9ad69efbd2fc314ae1f569025de1b3991835d967f634fab4e25272e2e730d5c7bfdb51e7dd2950e873f98980985501f420eb500c9f8b54251d408349ed858766be7e55e832c7cf1d8d9c373fc65f1f09b84edf7dda03930944285d9ff0c45c1b27e6f85b06899e55117ddc40b8f339fc2ee73947a04ae6f632da60bdfe69276de84f847f1c139140ad9e96b368e0ba74ab96ef40135b80c25676bf3dee441bfce854acdd8a363cbc11fc9b391c8fe9cc82055e6c4ba76112446128de2045f30d9dfff774f741ffa357686ae0c6d75c80b9066c37507c03ad179f0f38e1fa473751da9bdd139b417480e6de29c99c83511ec6779a74f0ce274224fa78c74b9a87f429a6a2ac4387e0fc786753e953de9b0a1e20f44ad454f2e634f439218fd6f3f5fa09e337d98904e1e8c7a9f0356151a3f674afdbce7f7248b0da55a6cfb165cb84c6f25bb74b389fcc7f8ce4260bc43f2bb6e55c8c9a61daeb0ff81827758eb3620fa4981c27f8ed6e72412bee919298e51f387c49029f26000164405adf0bb82a018e79cebdb51452928d6b6ca90ee935ee9df1b2fc0713b5cd0412f8cc3f466ccdbb5272ac1c0bdd1263dce8c0c0037240a8296bb62bd73d8386e0b1d019aceb8fbc48993a314dd3912989b8c52f40daf8917e0c7200e04177037f631806b5777529a9754938de087419822799eb53ed9ce6bffbe91c18fd1d7bf65d21b5e4b50d2f2589eed63308763c5dc67ea5710f4ee2c16f5db8c6a518b8cb6bf084d9244758c42ea1e33c03663d3b691dca269873b3c8da0f9370bac9e81ab2f610468846016bb1d1755d101a14d2260b1bf9f3877a8f45dd824b8879867ef853a69add2689e28dd77c5644ee6dd9ccc08ec38cc906d893d00a4a5f50597200b5506de9cdfd62cd327599af8199b9414e00f60937a01acef3daf5979b7f13f2d2688d3e1e2064c0cf89a34af493633201858e26eaa8bee67cf045687d03283803e8a6fccd4632c8c1c8a8b37e3b791aadfe00e5322f072f906d0cae918f92b025ad7ec55a15a4104c1f9f76f5e0e339d8c49da5b788842a379faf9e46635d9e248140ffcb271dfbb8fb19b436390ae02aa4bb432258d6869c33385be6978251d31ba569844624c013b4203085de8f28ebaa8b465b98d5c8dcb9824c3c473883a16ea5c175874f0a4f8f7a4fe493859d0314d6bd23baf23ad813995789e25f6cadff44a09533bd1625d9fab2db62da5d935ec4bad2715d3680bdb14b7d10fcafbfb689cd6f01e06297b2f21208418fd3525947e199a8cbe13f7b26730527696ba61984bdfb9257650693a6752480a61eb6129343237aadff22aa75b3420cbbd9c0b4e79eca83c4e5df695eb7aaa9f1baca9ccec63449903468e7c8aa17be96592566290274acfec4e4a5c09e3bfdfc3cbe0ee36c634bc7a1185fd46c7b08d8b0791f306b600afb3146427dc102224b1e5e27f380a7f592d4278f389c3a17eadaf9d6904b006af211b7ea07c9856f4f478014f69dfa025296c1f4f698330442a82ea121006f040d1e00bbc1f765be6fd16ef45c42a834823827688c98cadaf1a753e8cae4ec4844e0100b1b1094e6a9dd121e0f928257a31bcfec7f126ba7cdcae16c820c1397a0ff19bcc11788b97a197ae54efc8038dceff6086cbcfb23f385e498e28de3055a9d569d8b4188d74d7486a00d0b388bd734e7511b1ffba278f9c451f0bacc0608847c78ee64201bd97c678441b1a5a31695f029c9af111caaa70b38859cc39616c3a901974944d0ffe4591c6f60a28e7bf29eda3c5b1e4eefcfa44b4c018dc70c962abcaac900de3ada3507451a131ef077218babfbc42b5a4f060524c1c7dabd539cd042b6d8b33298d9f9bcc37b0799837fc3989859171f75f5ffda50b39e139eb6606aeb78173e1a6ccb47d888f42e45beaf59075ac25d9352aff32869c6303b34401cc3d1d5ba1b4c0f2bec3dc3cfe113496702a816377df9b78793d8a618b7d0f01c04f1facfb9746db2dea4e9607cb89c08fe5fc03c1b8820a7c484d0432b7f7058505080c0f69aba560548d53f33b0f0f51424e844fa74cb40a33ff6a2fd0ee104f682d5ff0c58890cc32b2a3c88422dc36b741ccb9832f051b0b28505ae48e23cd1f1a0f0fc00521a1e458f78563ed0759c71ad3ca5feddd96bf3faf48285454f61dcc46da6e1378f707c3ac62e41a06fecd6bbb8fb8e1ca6109dd704cfe0804256a4b6e525ebd5cc590a570e253a657b59746e0d58ff02fc306f79cb7e293f61d3955653de83d86c3d9b7a402cfe8bcde5f451c7b73a9c36a7e2832575873c715b29a6e0bbbb462f9b1dfb9a58ca6cdc56dbbcb0b4f2dc5b2b5730d486cb1a12ec71f85eb792ef5581962b3dd9abc788500933a2fe5a956d22e3b208613779946ebdce92ab0fe4624ff907086a940c08222b412714de649f424e8db6503fcc0189fbcdc65619835ec2fae31171e98df46f9e4fa0e179da96205acc29564504454c24ee36467e81edd2e98e75fbb6b49f37f4e426d495e2e0fd249f2ccff3c911fe74be22c3450ce912f6ca2fdbd4a0654b0354be31f7d2f25b7685bf43a72f049008af371f80cfcd4bb4b46df4f9a93053734e5df15d71718ff0211ab827d2afbf2a745366746e629ebfeb6b6958659b80228525f82ad0daf905a8116ae8a854cdc42e2bfcbf80b74ac6d3fa46013337368784f6e7c1df08f675db4f37280c23b40a0d5489aeaea0d632f1b4534a63b36c04916d53b76c3f0820aac9f33a16b30168474e0ecaa16ef51611", 0x1000}, {&(0x7f0000001980)="119181ef301a61e55a030dcb1529423daab0d0daf8e65c74240a51dd061d6ec999a7cfa9a0324abf0ea0173769129be2610692e56a6d09144e2cb93a09bb48e1f24e02a40d6109be66254572a22cbaf46c0e05efb8b5dbc08febe828d363d3ddbfe8de35e6b8b9968f86af290898c83dbdd897e720036016bb04951d85b30e02706b9a78add3476a10d18080d0b962b5d7367b21f4634b5e437790b61f687858889c6e206d671952444eda5599b36df0afa8c67744902b072fb9415734ccd7520b58952a897c", 0xc6}, {&(0x7f0000001a80)="1965905522caa3dbc64489dcec6da9e1bc8d39134e84008a9da36698231765548baade0f50fe6fdd93ac3749c2586ff12c23aadb8361d6c87e07fca7532fff88ab014951793b877f0282edaa9511d61d2c8a9f2ac7b0820ca98707ab96a89a4e517f35a80ddaa439e4ac9440a1feeadcae6322ad62a7ec46a9ea579c190c6c64aabc4e9ced111c805a87bcbf729f0d19a3c8753e79ab974e0175313030e0caba252f2e37b58ab312aac072d903ac0ed21aed49a90c190ab1cab2", 0xba}, {&(0x7f0000001b40)="37c1e5daf15124f0eaaf095306b5b7bf67e319c6ebfea46a0e45b5196a766e70061b38e0412475b4564b386c229a9be2de902a5f5e", 0x35}], 0x8, &(0x7f0000001c00)=[{0xd8, 0x11, 0xfffffffffffffe00, "23d92114b8dcf40f7e820fe89dd9c19caa8ae6b045098fbe9d85f798fc2b4a5e07532d1d2934683c285c4c63900c767edac2ee489dfbbb68c8432e2c5acee85099c1071daf8495cbbf71d3d5c1d57f2cbe09624b0f25748288b23ab8742f8bf897fd3481150517e8aa19cd3c11b9eb3148fcf155689ac22eef9c971998d10e51a149ee6c43572c9a265d5cecbfe4671b360619b164ade4d82d11dc76ecdad485681cb0938b68bbe842ffd14f29178d54eec4770c345524534db9796a120b4d6b1c73"}, {0xc8, 0x102, 0x80, "a340d63406aa8c2dab3290fca1085ac52170a27fec31704797c93a22286f662625e2dbc7cb294c49182929f85500cf819a9727b9e60d566869e8054d1a28fb14ce2d187d276f3f9a6cebf680e91d889571212bad7b0b6681fe6c4596d300188c6076a8a17fe4e43d92acc1c5c5cb6cd1f726c8c2299c44e15168ac17700aa570eafaf08052035e527c5be8d71706fd5e3dff3945249ab86dd9c84f49cd3c16a5e1d96db5253647cf9906a1854e7f655f291f"}, {0xb0, 0x29, 0x9, "c29bd4e0dcf141ff7ec5f4caf0a42ef5192e59033fefe3f0c7384f6a2ba03564dbaffe870cfeb0f2b1f2bbdb5b3ceac892ca067ce6d1b1dba56efa1f1a0ff95d38fa4db90b10f62a1a8095df875aa8eea5560ff9b1bf0fa480f05446793fc7b3eb845ec8cd652e8945486170e9f22e173b9759a09606f09c01f7f96102d3cc3bd3b9c7dad22da96a42a62fb76382749ad0ff625e32d5b3070acf4b5f294a76"}, {0xc0, 0x119, 0x10000, "207575c7b485af0c41701ea79856e9c5f5983a88ca19e35f60ae4b61228627ef8a6d65aae0a93e2b64d57173ac1ec9a267bc3b468bd96ae6ffa4d71fdaaac42cd5dfc1fd9866d540653842f03fe0c1e2435f7c38d62efed1b11071d6a7fa02ab3b79fc61ced2e3f0c82eafc442dac185e2a34e8570ed66ec031ad9be1ca2f929835e8f9f23be17156872b698f648efe573d1e0722495e15f061836d203fad896c463badc3ee8facf13e68b"}], 0x310, 0x1}, 0x5}], 0x2, 0x4000080) 2018/03/26 13:05:48 executing program 7: r0 = dup3(0xffffffffffffff9c, 0xffffffffffffffff, 0x80000) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(r0, 0x404c534a, &(0x7f0000000000)={0x9, 0x4, 0x3}) r1 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) [ 1056.638954] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1056.647721] [25081] 0 25081 11408 2089 65536 0 0 syz-executor1 [ 1056.656629] Memory cgroup out of memory: Kill process 25081 (syz-executor1) score 2105000 or sacrifice child [ 1056.666676] Killed process 25081 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1056.718315] oom_reaper: reaped process 25081 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:49 executing program 2: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x2, 0x0) r1 = syz_genetlink_get_family_id$fou(&(0x7f00000000c0)='fou\x00') sendmsg$FOU_CMD_GET(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x88080000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x58, r1, 0x208, 0x70bd28, 0x25dfdbfd, {0x3}, [@FOU_ATTR_AF={0x8, 0x2, 0xa}, @FOU_ATTR_TYPE={0x8, 0x4}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0x3a}, @FOU_ATTR_AF={0x8, 0x2, 0xa}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_AF={0x8, 0x2}, @FOU_ATTR_TYPE={0x8, 0x4, 0x2}, @FOU_ATTR_REMCSUM_NOPARTIAL={0x4, 0x5}, @FOU_ATTR_TYPE={0x8, 0x4, 0x1}]}, 0x58}, 0x1, 0x0, 0x0, 0x4000000}, 0x11) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r2, r2, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:49 executing program 4: r0 = fcntl$dupfd(0xffffffffffffff9c, 0x406, 0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000000), &(0x7f0000000040)=0x4) r1 = epoll_create1(0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000653fee)='/dev/snd/midiC#D#\x00', 0x200, 0x2) ioctl$KVM_SET_DEBUGREGS(r0, 0x4080aea2, &(0x7f0000000080)={[0x2000, 0x2, 0x1000, 0x105000], 0x9, 0x8, 0x8}) setsockopt$inet6_dccp_buf(r2, 0x21, 0xf, &(0x7f0000000100)="ea066dca2739053b2b4246bcfa2aef8b6e2a8acae773071ade8742dfe146a86242218ef1d0def0bd9452d8d819b0de1dfebb2e1e2da0ccac91098a4c5b4fe94d5c0ad8bcf70359eb", 0x48) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000b0e000)) 2018/03/26 13:05:49 executing program 5: syz_emit_ethernet(0x2e, &(0x7f0000000080)=ANY=[@ANYBLOB="aaaaaaaaaaaa000000000000080045400020000000000002907800000000e00000011100907800000000b30000000bac35e64a547c03fe4f0b913a1bc73bd4dca255ed98f2149fae6bba9c5243aaa2ce436a490de5333485d95423d20245ee9f991c5e6be68d0cb6d3d467f094e0e860df8c479d6cff3e50848828b315b7b0699bcfa97468239c23f73fc99b568f7929f46acabf104bb31877d6bb7c44b3de29d323c805e5060dcfb0d97302f99c999ccaf866ebd160928d9f7b6f0e7cc7f7ce8d4cf00410c77b5ee28e40c7fec071839ce5a8efa47efb7fb878579c6f062b5793815d97bfebe778d8afb51cf998a689a7b489e85108729fabb8e1ac8700d89c1e247d73a26e5bc2fe43a48b6d37d02854"], &(0x7f0000000040)={0x0, 0x4, [0x10d, 0xf7fffffffffffffe, 0x0, 0xb69]}) 2018/03/26 13:05:49 executing program 3: r0 = perf_event_open(&(0x7f0000223000)={0x2, 0x70, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = semget$private(0x0, 0x7, 0x0) semctl$IPC_SET(r1, 0x0, 0x1, &(0x7f0000000140)) io_setup(0x8, &(0x7f0000000040)=0x0) r3 = fcntl$dupfd(r0, 0x0, r0) io_cancel(r2, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x8, 0xffffffff, r0, &(0x7f0000000080)="f799a7d6715debb446fb3b9ee41730d78f783b684cd3058878795c588706a7d0145f4468f09e12289db4270add1170ae2f753f36917651d8d772ee86f6fa8f0e642579d1acb43ac0eb05fcc1f24c398e733548435b7e2cb3da91b170363c7861dd3cb8d63ce25c", 0x67, 0x4, 0x0, 0x1, r3}, &(0x7f00000001c0)) 2018/03/26 13:05:49 executing program 1: capset(&(0x7f0000be6ff8)={0x19980330}, &(0x7f0000292000)) capset(&(0x7f00001b4ff8)={0x19980330}, &(0x7f000077ffe8)) r0 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) ioctl$TUNGETSNDBUF(r0, 0x800454d3, &(0x7f0000000000)) 2018/03/26 13:05:49 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x10000) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) getuid() 2018/03/26 13:05:49 executing program 0: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$nl_netfilter(r0, &(0x7f0000000100)={&(0x7f0000791000)={0x10}, 0x1, &(0x7f0000e2a000)={&(0x7f0000831000)={0x1c, 0x2, 0x8, 0x1, 0x0, 0x0, {0x3}, [@typed={0x8, 0x1, @u32}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000000}, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x1, 0x2) setsockopt$inet6_MCAST_LEAVE_GROUP(r1, 0x29, 0x2d, &(0x7f0000000040)={0x1, {{0xa, 0x4e23, 0x42a, @mcast1={0xff, 0x1, [], 0x1}, 0x1f}}}, 0x88) 2018/03/26 13:05:49 executing program 6: prctl$intptr(0x1c, 0x64) prctl$intptr(0x1c, 0x7f) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0) listen(r0, 0x800) 2018/03/26 13:05:49 executing program 5: socketpair$inet6_sctp(0xa, 0x5, 0x84, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffff9c, 0x0, 0x10, &(0x7f0000000080)={{{@in=@multicast2, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@broadcast}}, &(0x7f0000000180)=0xe8) setsockopt$inet6_mreq(r0, 0x29, 0x14, &(0x7f00000001c0)={@remote={0xfe, 0x80, [], 0xbb}, r2}, 0x14) r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000300)='/proc/self/net/pfkey\x00', 0x2, 0x0) ioctl$sock_inet_udp_SIOCOUTQ(r3, 0x5411, &(0x7f0000000340)) munmap(&(0x7f00009ff000/0x600000)=nil, 0x600000) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r5 = syz_open_procfs(0x0, &(0x7f000076c000)='pagemap\x00') sendfile(r4, r5, &(0x7f0000014000)=0x100400, 0xffff) fstat(r4, &(0x7f0000000280)) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000200)=0x0) fcntl$F_GET_RW_HINT(r3, 0x40b, &(0x7f0000000380)) sched_getattr(r6, &(0x7f0000000240), 0x30, 0x0) [ 1057.022744] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1057.033866] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1057.039066] CPU: 0 PID: 25103 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1057.046416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1057.055764] Call Trace: [ 1057.058354] dump_stack+0x194/0x24d [ 1057.061975] ? arch_local_irq_restore+0x53/0x53 [ 1057.066637] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1057.071813] dump_header+0x28c/0xe2b [ 1057.075514] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1057.080686] ? arch_local_irq_restore+0x53/0x53 [ 1057.085333] ? perf_trace_lock_acquire+0xe3/0x980 [ 1057.090147] ? __lock_acquire+0x664/0x3e00 [ 1057.094358] ? print_irqtrace_events+0x270/0x270 [ 1057.099096] ? perf_trace_lock+0x900/0x900 [ 1057.103311] ? perf_trace_lock_acquire+0xe3/0x980 [ 1057.108134] ? trace_hardirqs_off+0x10/0x10 [ 1057.112429] ? perf_trace_lock_acquire+0xe3/0x980 [ 1057.117243] ? perf_trace_lock_acquire+0xe3/0x980 [ 1057.122064] ? perf_trace_lock+0x900/0x900 [ 1057.126275] ? __lock_acquire+0x664/0x3e00 [ 1057.130484] ? task_will_free_mem+0x252/0xaa0 [ 1057.134961] ? print_irqtrace_events+0x270/0x270 [ 1057.139704] ? ___ratelimit+0x30d/0x630 [ 1057.143654] ? lock_downgrade+0x980/0x980 [ 1057.147783] ? lock_release+0xa40/0xa40 [ 1057.151740] ? mark_held_locks+0xaf/0x100 [ 1057.155867] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1057.160947] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1057.165938] ? trace_hardirqs_on+0xd/0x10 [ 1057.170064] ? ___ratelimit+0x95/0x630 [ 1057.173932] ? idr_get_free+0xfd0/0xfd0 [ 1057.177880] ? find_held_lock+0x35/0x1d0 [ 1057.182546] oom_kill_process+0x8b9/0x1640 [ 1057.186761] ? lock_downgrade+0x980/0x980 [ 1057.190889] ? __lock_is_held+0xb6/0x140 [ 1057.194933] ? oom_evaluate_task+0x480/0x480 [ 1057.199331] ? rcu_read_unlock+0x35/0x70 [ 1057.203366] ? mem_cgroup_iter+0x363/0xbd0 [ 1057.207578] ? lock_downgrade+0x980/0x980 [ 1057.211715] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1057.216451] ? mark_held_locks+0xaf/0x100 [ 1057.220576] ? _raw_spin_unlock_irq+0x27/0x70 [ 1057.225051] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1057.230042] ? trace_hardirqs_on+0xd/0x10 [ 1057.234165] ? _raw_spin_unlock_irq+0x27/0x70 [ 1057.238637] ? css_task_iter_end+0x280/0x430 [ 1057.243025] ? _raw_spin_unlock_irq+0x27/0x70 [ 1057.247499] ? cgroup_procs_next+0x70/0x70 [ 1057.251707] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1057.256699] ? trace_hardirqs_on+0xd/0x10 [ 1057.260820] ? _raw_spin_unlock_irq+0x27/0x70 [ 1057.265292] ? oom_badness+0x980/0x980 [ 1057.269159] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1057.273893] ? mem_cgroup_iter_break+0x30/0x30 [ 1057.278466] ? finish_wait+0x268/0x490 [ 1057.282328] ? lock_downgrade+0x980/0x980 [ 1057.286457] out_of_memory+0x86d/0x1220 [ 1057.290420] ? oom_killer_disable+0x310/0x310 [ 1057.294888] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1057.299968] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1057.304961] ? trace_hardirqs_on+0xd/0x10 [ 1057.309096] mem_cgroup_out_of_memory+0x159/0x200 [ 1057.313913] ? swap_max_write+0x110/0x110 [ 1057.318037] ? do_raw_spin_trylock+0x190/0x190 [ 1057.322613] ? _raw_spin_unlock+0x22/0x30 [ 1057.326740] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1057.331735] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1057.337160] ? find_held_lock+0x35/0x1d0 [ 1057.341200] ? memcg_event_wake+0x420/0x420 [ 1057.345496] ? __do_page_fault+0x5f7/0xc90 [ 1057.349705] ? lock_downgrade+0x980/0x980 [ 1057.353831] pagefault_out_of_memory+0xbd/0x152 [ 1057.358478] ? out_of_memory+0x1220/0x1220 [ 1057.362687] ? handle_mm_fault+0x465/0xb10 [ 1057.366903] ? __handle_mm_fault+0x38c0/0x38c0 [ 1057.371458] ? vmacache_find+0x5f/0x280 [ 1057.375407] ? vmacache_update+0xfe/0x130 [ 1057.379534] mm_fault_error+0xd6/0x2c0 [ 1057.383403] __do_page_fault+0xb4d/0xc90 [ 1057.387448] ? mm_fault_error+0x2c0/0x2c0 [ 1057.391578] ? kernel_write+0x120/0x120 [ 1057.395533] ? do_syscall_64+0xb7/0x940 [ 1057.399485] do_page_fault+0xee/0x730 [ 1057.403264] ? __do_page_fault+0xc90/0xc90 [ 1057.407473] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1057.412204] ? syscall_return_slowpath+0x550/0x550 [ 1057.417110] ? syscall_return_slowpath+0x2ac/0x550 [ 1057.422023] ? prepare_exit_to_usermode+0x350/0x350 [ 1057.427021] ? retint_user+0x18/0x18 [ 1057.430712] ? page_fault+0x2f/0x50 [ 1057.434313] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1057.439135] ? page_fault+0x2f/0x50 [ 1057.442737] page_fault+0x45/0x50 [ 1057.446165] RIP: 0033:0x409b83 [ 1057.449328] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1057.454667] RAX: 0000001b9bc20000 RBX: 0000000000001283 RCX: 000000000040e950 [ 1057.461916] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1057.469158] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1057.476402] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1057.483645] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1057.491161] Task in /syz1 killed as a result of limit of /syz1 [ 1057.497198] memory: usage 0kB, limit 0kB, failcnt 4156 [ 1057.502530] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1057.509317] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 2018/03/26 13:05:49 executing program 4: r0 = socket(0x11, 0x100000802, 0x0) r1 = syz_open_dev$tun(&(0x7f00000000c0)='/dev/net/tun\x00', 0x0, 0x3) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000240)={'ifb0\x00', 0x8002}) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) pread64(r1, &(0x7f0000000180)=""/179, 0xffffffd1, 0x0) 2018/03/26 13:05:49 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000000480)='/dev/snd/seq\x00', 0x0, 0x80fd) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) openat$pfkey(0xffffffffffffff9c, &(0x7f0000000340)='/proc/self/net/pfkey\x00', 0x2000, 0x0) r1 = syz_open_dev$audion(&(0x7f0000000240)='/dev/audio#\x00', 0x2, 0x80) ioctl$TCSETA(r1, 0x5406, &(0x7f0000000280)={0x8a, 0x9, 0x6, 0x40, 0xdf44, 0x9, 0x5, 0x9, 0x3, 0x9}) symlinkat(&(0x7f00000002c0)='./file0\x00', r1, &(0x7f0000000300)='./file0\x00') ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000100)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r2 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x200, 0x40200) getpeername$unix(r2, &(0x7f0000000040), &(0x7f00000000c0)=0x6e) ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r2, 0xc0105303, &(0x7f0000000200)={0x97ff, 0x8139c72}) setsockopt$netlink_NETLINK_PKTINFO(r2, 0x10e, 0x3, &(0x7f00000001c0)=0x8000, 0x4) [ 1057.515493] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1057.534976] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1057.543750] [25103] 0 25103 11408 2089 65536 0 0 syz-executor1 [ 1057.552675] Memory cgroup out of memory: Kill process 25103 (syz-executor1) score 2105000 or sacrifice child [ 1057.562691] Killed process 25103 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:49 executing program 1: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$netlink(0x10, 0x3, 0x0) r0 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x280) setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(r0, 0x10e, 0x1, &(0x7f0000000140)=0x11, 0x4) getsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000040), &(0x7f0000000100)=0x4) getsockopt$ARPT_SO_GET_ENTRIES(r0, 0x0, 0x61, &(0x7f0000000840)={'filter\x00', 0x1000, "66515acdadc68ba97e5d4c8e8c18016b4452abd53afbe1e65a356a25166e880280bc0093af2dfd3f057df955aae7befa121f9240cda9c457d79a9f53b7869bbc075b5bc69887ae7b178687bbb231b9d560d281569cefa07b8339a9fc8717941c086f532a98e256598e8a4453450ae2f97d434481ca31ce96a528d835b4acb7ce0b62ee002ea1231d5cfa8122fe361f944a3b83f7ad7f1f41a304ff619c8de83e1e8bf761177d6ee4ea8f0688cfcbcb5b8f168637210aece9d867eba6406ffa3e89f6e8cb978557580021172d72b29a7cdb6b49ab6ab8f8e52611e070b8e82651c5145bf51ce62004778abca4b1ffb6c5b953a4007704a04f7be54d3d17674f73f856bf4da25bb1166992ff615ecaa9c76c54f4b0f789ef3aba5db3a12f4e26ac6cedf0e85e05332cfb17fb54befdfa08b9b12bc6903c6e3bcbfc9952bf91774c86c204064abe303c1647ca805741f3a7c6f54812d910dee5c26644b60030128b4a8311e1c7504da8751d6c6948c9aac192afa57e4df97ac50858fe37dc2a157da597950dd63593910c7e431e9562dda5ac3e12937e954fb46c75fa1bc18f613fa605afcee2d024ea456a4e37003da7f321a8ef546d10ecc8dfe52c312db70355f9c3eed0a49de98f0b5f995657e449ece5c62a18f5a45c6f554663016bc57cf1726962955548bae67d3bc306394575d51fec6accd7f37c3a40151cf758a1d2d4109f5ed8141f27162dc41513ddf0b90b3a3d06d38261ec84a841121f39159f137af3e298c591e62b77cafec6f5d6906b4126d4d2eb4e1fafc3a0c1992d3bc274bbea0d7271fd297fe6d0efc9dd287f24bbab80c1c3440df6f7246bf197cb5e59f821c3f5d864ba5c420ef4d0cf029c56def5594cdda936a8dee04283d8d0cc2a7d934254ab4a387f4202ada91f9a24289d37d862b79a8c6a2babd1faa4311fe4010804ab1b2c10663bf331ac4c7b64c111285b4bbd824ba824ee67d54f9559af6275d38737c46a7b522339723c0fb080983d45b80272338fb7e3954d030eb2554ed3c658b919c1b869d76961378b59c62df6611015748a5dea7c9c609421849461164e824a46d767c9469debc223fc62eb96d67fe20108ff7e196a5582d82f430222089e59dabaeca6c06f84d1d4927a7ec39e4c50bd770d3d573ab6ae1b2855809c1cf1b80b52963a80457298e4017bc75feb8477114da564330d07302c9b787b7af9231d745a7689f786cabb4093cbaeecd1ba7fc89f75baf6af241ff5ae0843cfddb85111d532c0d9340180d2d986dca959d3911a86037cdb546d3a97e7abeaa13e2221e8d6a2b2f52b293c97d8e6d9491adebbf911d2cd7fa931dc5e07ae45230a239c0b2bc1c59158af9ff956ec5f08f32080b18973d3505b169d528c56172d4b1bed95043f0dfb022ab0e0b45f93616744ee08ce2d2d63f22bf098ca00cbdcc443e13a5fd0c839b49d9d3b15a63c506bbc92370eb64df678caa2c578f526d9677a1ccc90145f1770c139ccc415092c3bfe42b549103309c1db494dc605e4e159f4940aa4f448015d73fc24f14742eb69f3e4354692ac56779d146bb8111a263800a49e287b697a47ebf8e938d6b5814e7b8409f903b89b17c0e05b540ebe9084964c65f3163fb9bda5fab061f02f18a2c90671c199d38173613c42469471e91bcad0bb996dd46ca53296babca3566a6302672edecec71de7c3f59bf1d1079c3ff342765554e1c150793478b4e5a39e6fe8ccd3b309a2081430806b24d47fa15c9f6ab930cc7581f97ab0c27a298eef9002b579002febdff6a65bcfc4b567980c8271fe6f09215e0f3ea6555adc28272882c62de283bf2f0e0332f7eb771b0fd7a280fdb260da8769b4d9524611326b9269ed505b48f8f46574d0ec2112e9cf85f518046eb3e79d6bf867a314f3fc45f16e691f688f70e561f29580b8525e916db339bb9d10d949413ac010cea4a7f1a51b01ac9ea794d4cfcac3272c3af8be1fa7553ff6a0c4281fe89572d5d3d15cddd554c373306e79706cc02306e28c4b095bd55808fb1a18f40c453dbe0ef35c6e92dc1d60fea0e173d55f3233371d4f8d8077c1a567c54ee8a20489669fbed857bebbe1eb104a90e5706ee281f7b58156c1f9a20574e3d609950359f2007dd874eeb9f1bcada8caef3412986d64cbcc12b1ea8c1cb2251708323e34b59eff8276c87b83d13d89ca90ec9cad049fff334bc58df1eea81517dfadfd88e34a7f0f2f58540a7085b0359d060666a85e3e7e8680fff1906943fa1f1554844cb573501473fde6329c17d9c85c9131a3dfcfc188d2a8c8ef30c82583ff2daa27f5a2ca4d00ea4772ea065113e3003905f47e0f6bc2e791c1fdbf05960996883c366733bd625d9f4f29a9850469365b78bab42a5172e0f9b7bc32cced6d90b26a48cef63fed911bebb45191b50878fe4fd9342c5c12310498c978e8cd6cbf9708e8b86ccb128970c55d02dd0ec8fe58972430436fa424aef82ac90836e020d0d3b00f574b5d32ba3bd8f5563845d84aee63ea98a345a9535e91194dfc85efce3bc4cf2fce79dfc95ae4d00cdafecd2f05bc3b3e75b83ed1d7b2ffd944c4645093a83e6f1b189841fa91b02a485f19225c63ecdcae9a1185d6e506aab04ec88090374ecf813cfaff217b4939a07ae5193ab34d80d386726df053fb27186fb1ec0dcc07f8434eff8b4cae60d729b5f6192242057a6dcefd9da84c717006ed36464a38601078591343d9b9f2247966f6b79a2506ec29d566cc5236c7157e6b0d4a4e74ffa699ba91488828a293be82ed4904c9da3ba979a92e2bc5fd93cc761846a3f6cada475ebfcfac2d9d48b29193ecd201a7d81420528010898522c6a33bd32b68810d18c46798df67a33a74f70326b360fc19b220b53ab655f1ea637e839759e2bf582b7f630951ff728d235cb7220559135daf453b85302033b9afdf8733cfc39593fd309a2ae12243e449b3a7e6484829953015ba9eb5dd68babf4cb90b22d93b61ca678bce327eaff6dec2e636e55b0360806cc917b24793516bdfaf9bb73936c3494e0943aa791e8b13b41db68c0dff52bdd03fee3361c53f85263dda64a25134d3c1d86d2258820e770d54dfa489b6e791774ba3ad1cb3113aceeb426d0e761a5f26bc98686a1090710f9cb02a1d35887942838079514e2592ec2d143ea794283c94c11b1832161177ccb01e3b2106369d2fef80cd6b3333514819d0223935643a71c0a1a9ba0f8a8cfcffb48ee093d280f8bd1f54113390a704a96e6f81563c07433ca1ee07e7a7f3db7dd2708d0e1c6a5c84fcd3cae740f9e2f4c00bbdc5de6f39b601e233fd4181ad371e580006043722df9354ab2a79c569837a9758a074f262cff677ab34a1009896a76e0c72dfa674bbe95f4cccac7bce9021fab48ad1da603523fc83536e4f390fb457f378ac7c8820e1f6a95262507805b15eca7c1a6a55113a80e48c0e9f9e499a3d507e00cfe546af532902325c408ee416f35938238b776d1ff656548c1fe725f6ba8e49a1d194acec6391280023fcaa7c311678d679cdcf2ed92877da89055057442201f7393169688aa21dfead13fb579b327e90b073c939bf8fac9a4700b4f628265e3aa13d13d871d08df599474d288d872c8d11404648f6a5f213954eae3849bcffb5b0726866ec9ab31d0c2121c93a68567b2a2b3029701299d28dcfc6c1b396d9ffc1b9c68b6855c3e5bd816387da0e1ec99fbabffaf8e59e70c99036da93715395a89d854c6895971f832fef8a2e649d5e097d0de9d2d9ef0833f0967b0d113a1715e566442f3c034dd76ddf77ed8676dd16b202043a8e9c15f75e4df98760ac2f25f4c618e89e4b5a59aa6b7379b149675bb4792e031fe1f5437673401953d9a4eca32ab4b248c2333bba9f5f2c7ed898ab153f260aefa5dd1dd988b87c84d34916680131f419ad9e186469f2a978f5c3cfa754c2ea991a2a538cb8850d82c3f5db5420e6edd1ca7a858a6dc26d438684f63aa67de901429c9149716b5e15016e1092b997961b38de41aa8d55cc71f89477cc8a9b7dfd1180ce2a5c42cf7005856baaf89b5ca464e2eb5ef200f618d14bc06363819af2e1c0e5710f431bad8e1786be0ed12e888ca31a37ffb831cf7896d24a8c8d340f89729d569f7d984bcff9e30651d7d013d3d2fdf4fc5440ec8174cd17c8994271beb184f6c6df7ef2bd98bcaa07ae2fb354069972f5a59afc530fff1b6b724c899ee4f1001978e55958bd234413c5faaf9baf86657027cbeb2e3ad9109fad082098fb42f01292d7d8fa60b98c0be9796d3f1de2ce38533596ee295b50e8e5bd03b84ce7b2a1ba71a948db0a7ffb7ec41df65ab837a3abde45a54f6d4873173c415dea62ab802851b6e55819a326090f110165993cc6a381d7ec7b3ce0c093bf0ef6c1e49101d177cd6832c5e035153e9afcbf93c981f8754e00b6f934e4b82b093eace29f541b2654527288d33bd45127e77b08329a9dcb483a9f58cc070576209c22f1c8704874318529083ab07828e82d9594be20dae5eec6fa25142fc1ea69e561a1c4b5afea19ec432d94a230ee06577c33e87ea0ee9dbb5c537ca4ff94ce241d96d04d8917ed92fbac8568d407e3a92213e18a48dd83b7623b302ee69feab8cfa01ce07e39060243203f55ceea0b6e6f69216800194eb51113bb9145771582377c30c8c0b3e1c6141d2268d184095d11f652251b6cba11a38f83adfe9ea61339d02b78bdffb8ea92f297fd265fff7599a5020bada6294f906d58ca31f9b4ef1f3f21f44227542103e43d11b5ac6cac0e254e84aa4a6d9138da1aa21fae58c44f4c4c4f8f7a3843dc0a191bd189f684c4365062c15eacd949ac2f5024d693c479c57a9df8b3ccb64a3212649e21aeffdecc7e1d3cba6dc5fcf693d52e763a68fcc0f101ef4beb7431a51eb08c664e4cd0bf94c4abc7bb65aca691153c23d0c73ced432c994d7cb4411b614dd28820723f5595887e598f83644538129ce491564778b35f2394ad7c9b688c07fef973bdb5c39d70216bba7acf5ae8d8973fa9bdf3652f01e6f2d7e672bb1a69c1f9cc1b1ca972d662bd06f1c62f8994b55a23ee4f1210ca0b74c47834e8a349a8ae3955999f405343a82df2c3a292450547f8fbb789b895e385a08a081c7941439e38d2d1ee77742ad9167e7c54cc23cfb865b893c0c708f55492489bb8d598673da4b27d87eff72dd52088b1257d315813e6e0e76fb678b3784305f2edd3396036d7f95db68b1d1ed09f47f32bf2a523ac176fe470cd4f950a23a08bdd2ba813c873f9fcc642e9763d4ca16d6689d6db96a4fa2f7014afeb001a2eed80e26667640b4bcf6e87e0f7e1881c0c0e2367c3f324426307c5defdafdeb88c9ff6b03b841126eb05988e45125aa7a1af984ef168dfd45f7a784c5a3b58fda763fd19c79e9625f0dbe3d0ef83ae3439ee5f19fd8f1ee9b2ecf7fbed4f4f029d4b985d9b99044501309d58a88e2c27b3641689e8936709f6b67fbe8d49ab711203f8602f11b56764d9f1b8ae313bb19dc4aebfb95821704e02b638280ca02a9c9ebc9ea7d91677afe6e5e374b06535d81e65d3360d51de82a9ffacf7e6bfb27b4822a49157888085e97a631fddc8d4724bb704321425f7397fabce4573f1a22b303da8529058259532f4789a039b5c7aa5804b576b8dc3464915d264af8129ac87825b5fd21a68307fd2d60d98d963db1dd1073cfb298511490b8093c498d34e1f72c18872f2030fe22501986b75dbae2075242775ed0de7dc0788d930"}, &(0x7f00000000c0)=0x1024) 2018/03/26 13:05:49 executing program 0: r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={&(0x7f0000016000)={0x10}, 0xc, &(0x7f000000b000)={&(0x7f000000e000)=ANY=[@ANYBLOB="1c00000048005a170000000000000000a52bf1e1e0cdfc289083a14b"], 0x1c}, 0x1}, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x5, 0x10000) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x80, &(0x7f0000000080)=[@in6={0xa, 0x4e23, 0x5, @mcast2={0xff, 0x2, [], 0x1}, 0xf7}, @in6={0xa, 0x4e23, 0x4, @remote={0xfe, 0x80, [], 0xbb}, 0x7ff}, @in6={0xa, 0x4e23, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0xffff}, @in={0x2, 0x4e22, @local={0xac, 0x14, 0x14, 0xaa}}, @in6={0xa, 0x4e24, 0x7fffffff, @dev={0xfe, 0x80, [], 0xa}, 0x7}]}, &(0x7f0000000140)=0x10) getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000180)={r2, 0xe2}, &(0x7f00000001c0)=0x8) socket$nl_netfilter(0x10, 0x3, 0xc) [ 1057.576272] oom_reaper: reaped process 25103 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1057.646142] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1057.657171] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1057.662336] CPU: 1 PID: 25128 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1057.669689] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1057.679036] Call Trace: [ 1057.681634] dump_stack+0x194/0x24d [ 1057.685275] ? arch_local_irq_restore+0x53/0x53 [ 1057.689946] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1057.695150] dump_header+0x28c/0xe2b [ 1057.698871] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1057.704073] ? arch_local_irq_restore+0x53/0x53 [ 1057.708745] ? __lock_acquire+0x664/0x3e00 [ 1057.712977] ? print_irqtrace_events+0x270/0x270 [ 1057.717726] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1057.722838] ? trace_hardirqs_off+0x10/0x10 [ 1057.727149] ? __lock_acquire+0x664/0x3e00 [ 1057.731385] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1057.736577] ? __lock_acquire+0x664/0x3e00 [ 1057.740802] ? task_will_free_mem+0x252/0xaa0 [ 1057.745278] ? print_irqtrace_events+0x270/0x270 [ 1057.750021] ? ___ratelimit+0x30d/0x630 [ 1057.753978] ? lock_downgrade+0x980/0x980 [ 1057.758104] ? lock_release+0xa40/0xa40 [ 1057.762069] ? mark_held_locks+0xaf/0x100 [ 1057.766198] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1057.771277] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1057.776268] ? trace_hardirqs_on+0xd/0x10 [ 1057.780393] ? ___ratelimit+0x95/0x630 [ 1057.784256] ? idr_get_free+0xfd0/0xfd0 [ 1057.788213] ? find_held_lock+0x35/0x1d0 [ 1057.792258] oom_kill_process+0x8b9/0x1640 [ 1057.796468] ? lock_downgrade+0x980/0x980 [ 1057.800596] ? __lock_is_held+0xb6/0x140 [ 1057.804634] ? oom_evaluate_task+0x480/0x480 [ 1057.809043] ? rcu_read_unlock+0x35/0x70 [ 1057.813092] ? mem_cgroup_iter+0x363/0xbd0 [ 1057.817323] ? lock_downgrade+0x980/0x980 [ 1057.821450] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1057.826190] ? mark_held_locks+0xaf/0x100 [ 1057.830322] ? _raw_spin_unlock_irq+0x27/0x70 [ 1057.834796] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1057.839788] ? trace_hardirqs_on+0xd/0x10 [ 1057.843912] ? _raw_spin_unlock_irq+0x27/0x70 [ 1057.848379] ? css_task_iter_end+0x280/0x430 [ 1057.852760] ? _raw_spin_unlock_irq+0x27/0x70 [ 1057.857229] ? cgroup_procs_next+0x70/0x70 [ 1057.861438] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1057.866429] ? trace_hardirqs_on+0xd/0x10 [ 1057.870550] ? _raw_spin_unlock_irq+0x27/0x70 [ 1057.875030] ? oom_badness+0x980/0x980 [ 1057.878902] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1057.883634] ? mem_cgroup_iter_break+0x30/0x30 [ 1057.888219] ? finish_wait+0x268/0x490 [ 1057.892084] ? lock_downgrade+0x980/0x980 [ 1057.896214] out_of_memory+0x86d/0x1220 [ 1057.900172] ? oom_killer_disable+0x310/0x310 [ 1057.904637] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1057.909715] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1057.914713] ? trace_hardirqs_on+0xd/0x10 [ 1057.918851] mem_cgroup_out_of_memory+0x159/0x200 [ 1057.923667] ? swap_max_write+0x110/0x110 [ 1057.927792] ? do_raw_spin_trylock+0x190/0x190 [ 1057.932370] ? _raw_spin_unlock+0x22/0x30 [ 1057.936504] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1057.941504] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1057.946930] ? find_held_lock+0x35/0x1d0 [ 1057.950966] ? memcg_event_wake+0x420/0x420 [ 1057.955263] ? __do_page_fault+0x5f7/0xc90 [ 1057.959479] ? lock_downgrade+0x980/0x980 [ 1057.963612] pagefault_out_of_memory+0xbd/0x152 [ 1057.968258] ? out_of_memory+0x1220/0x1220 [ 1057.972464] ? handle_mm_fault+0x465/0xb10 [ 1057.976675] ? __handle_mm_fault+0x38c0/0x38c0 [ 1057.981229] ? vmacache_find+0x5f/0x280 [ 1057.985178] ? vmacache_update+0xfe/0x130 [ 1057.989304] mm_fault_error+0xd6/0x2c0 [ 1057.993168] __do_page_fault+0xb4d/0xc90 [ 1057.997208] ? mm_fault_error+0x2c0/0x2c0 [ 1058.001332] ? kernel_write+0x120/0x120 [ 1058.005284] ? do_syscall_64+0xb7/0x940 [ 1058.009233] do_page_fault+0xee/0x730 [ 1058.013011] ? __do_page_fault+0xc90/0xc90 [ 1058.017982] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1058.023493] ? syscall_return_slowpath+0x550/0x550 [ 1058.028396] ? syscall_return_slowpath+0x2ac/0x550 [ 1058.033305] ? retint_user+0x18/0x18 [ 1058.036993] ? page_fault+0x2f/0x50 [ 1058.040598] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1058.045414] ? page_fault+0x2f/0x50 [ 1058.049021] page_fault+0x45/0x50 [ 1058.052457] RIP: 0033:0x409b83 [ 1058.055616] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1058.060959] RAX: 0000001b9bc20000 RBX: 0000000000001284 RCX: 000000000040e950 [ 1058.068201] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1058.075444] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1058.082686] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1058.089934] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1058.097800] Task in /syz1 killed as a result of limit of /syz1 [ 1058.103858] memory: usage 0kB, limit 0kB, failcnt 4164 [ 1058.109159] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1058.115926] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1058.122092] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1058.141530] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1058.150266] [25128] 0 25128 11408 2089 65536 0 0 syz-executor1 [ 1058.159128] Memory cgroup out of memory: Kill process 25128 (syz-executor1) score 2105000 or sacrifice child [ 1058.169119] Killed process 25128 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:50 executing program 3: r0 = timerfd_create(0x0, 0x0) timer_create(0x0, &(0x7f0000cd0000)={0x0, 0x12}, &(0x7f0000044000)) readv(r0, &(0x7f0000000380)=[{&(0x7f00000002c0)=""/146, 0x92}], 0x1) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f0000000000)={0x0, 0xa8, "24fee063df414b547d453e0d31ae76f45f2b7f95aa7365d4a998df05e49d809e0c62d5b14f2c680cbb2b1a6aeba1bb0ed00ddeacd93e0a24a610a2bb83393f9441add97f3b2facd4432d4fa56856b0809141e34dd72364842dacae0132ad7bc93896b2846df3814831fb266cde8160ef588eeb504c1d4c6310d11bcb793e3ba6d33e7af57dbf8a44d626ec27cc2d65e336f31bc0b7ed01c1bf7a8b08ef89a4d6a4430efe7ef3443f"}, &(0x7f00000000c0)=0xb0) setsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000100)={r1, 0x5}, 0x8) r2 = gettid() tkill(r2, 0x16) timerfd_settime(r0, 0x0, &(0x7f0000714fe0)={{0x0, 0x989680}, {0x0, 0x6}}, &(0x7f0000000fe0)) 2018/03/26 13:05:50 executing program 6: r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x202240, 0x0) write$cgroup_pid(r0, &(0x7f0000000280)=ANY=[@ANYBLOB="3938342da7662678802d26c5594d56a696f99198a39e8c2a4538e20228273d0bc3876e9515f94b8825cf9356de2d422f3ad659f198b898e160a5c780f229f99cf3c93d8308989f69239fef1dcb640ee643ed963919aab4c22dc5e43520a96e47046dea6258d9f762c693e1f13858ef6c8b532c0e54615335b806593b563c6e07bf098f05ac6e252d436be714a9e360c56661d314660f9692f412c0ecb4976acac47c0084ceb0efd7cc19e05d68d3dc7d65aa0efda60681bec009a27efa04cd5929c3f3a4c34e064953949c8962d13729c36d6d3b1d89ce5569ff004d5c981e3d"], 0x3) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f00006ee000)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0) ioctl$KVM_GET_MSR_INDEX_LIST(r1, 0xc004ae02, &(0x7f0000000000)=ANY=[@ANYBLOB="03000000"]) getsockopt$ARPT_SO_GET_REVISION_TARGET(r0, 0x0, 0x63, &(0x7f0000000200)={'ah\x00'}, &(0x7f0000000240)=0x1e) getsockopt$IP6T_SO_GET_REVISION_TARGET(r0, 0x29, 0x45, &(0x7f00000000c0)={'ipvs\x00'}, &(0x7f0000000100)=0x1e) ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000080)={0x93, 0x8, 0x1, r0}) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f0000000140)={'filter\x00'}, &(0x7f00000001c0)=0x44) 2018/03/26 13:05:50 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f000035d000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256-ssse3\x00'}, 0x58) r1 = socket$inet6(0xa, 0x1, 0x8010000000000084) bind$inet6(r1, &(0x7f0000a21000)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) sendto$inet6(r1, &(0x7f00005a0fff)='8', 0x1, 0x0, &(0x7f00007bcfe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) shmget$private(0x0, 0x2000, 0x201, &(0x7f0000ffc000/0x2000)=nil) setsockopt$inet6_int(r1, 0x29, 0x43, &(0x7f0000b05000)=0x9, 0x4) setsockopt$inet_sctp6_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000140)=@assoc_value={0x0, 0x7fa5}, 0x8) writev(r1, &(0x7f0000f7ffe0)=[{&(0x7f0000357000), 0x1023c}], 0x1) accept$alg(r0, 0x0, 0x0) r2 = open(&(0x7f00004b8ff8)='./file0\x00', 0x28042, 0x0) fallocate(r2, 0x0, 0x0, 0x5) sendfile(r2, r2, &(0x7f0000000000), 0x5) 2018/03/26 13:05:50 executing program 2: r0 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x82000, 0x108) r1 = dup2(r0, r0) open_by_handle_at(r1, &(0x7f00000002c0)={0xfffffffffffffe44, 0x8470, "e7f59e83e8ace0380e19e20ec8ead95ee11b84e1bfbca6d416c59c46e1dbbc75f06cabae496c5e44bfcc6360e932c98c64176b98db3d812ad03b22d1974cdf6ed29ff73f9fd54ccba344b7d025b00098f7d8bcd9515acfcba351d00b012980cb7c43981b414cd605e7e30e126b9287417bc611fcf1a655c29783f0c5f954e6e759a94c5670b10caae81a147ede4ef3bce006b89442ea383ea31622c68cb8615d63c3da55ef3a5c26364754536f2316a5151b8b15e464ddfa5d500a6e045fac6c1c2e4a03575e7ab03fd061bf7a2e79163dc39e19b397f62ea61944d8288752d0b1"}, 0x640000) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r2, r2, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) getsockopt$inet_sctp_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000000), &(0x7f0000000040)=0x4) socket$inet_sctp(0x2, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000100)={0x1, [0x0]}, &(0x7f0000000140)=0x8) 2018/03/26 13:05:50 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000000)={{0x2, 0x6}, 'port0\x00', 0xa8, 0x44, 0x9, 0x100000000, 0x10, 0x7, 0x100000000, 0x0, 0x4, 0xfffffffffffffffa}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:50 executing program 5: r0 = memfd_create(&(0x7f0000000040)='!em1\x00', 0x3) pwrite64(r0, &(0x7f0000000080)='u', 0x1, 0x0) fcntl$addseals(r0, 0x409, 0x4) ioctl$KVM_REINJECT_CONTROL(r0, 0xae71, &(0x7f0000000000)={0x93}) write(r0, &(0x7f00001fd000)='~', 0x1) write(r0, &(0x7f00000000c0)="c00892aef43b4d3fa635c3feb1299be6ba5212f92bc0bc4b04801cc00560873b42530133f01d7864cd642be107274d2ffe0055c4ffc0df2e1de79bd551778a96a05acb17dc32053becc08471a69c241ded262a06b986b7e74be48881643770a165ba78", 0x63) 2018/03/26 13:05:50 executing program 4: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc\x00', 0x39d101, 0x0) socket$alg(0x26, 0x5, 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r0, 0x4008af23, &(0x7f00000000c0)={0x3}) ustat(0x6, &(0x7f0000000080)) 2018/03/26 13:05:50 executing program 1: ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dsp\x00', 0x200000, 0x0) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000000)={0x80000000, 0x0, 0x1, 0x2}) ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000040)={0x4, r1, 0x53ec0ac3bfacf975, 0x3}) close(r0) [ 1058.379451] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1058.390524] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1058.395724] CPU: 0 PID: 25143 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1058.403084] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1058.412417] Call Trace: [ 1058.414982] dump_stack+0x194/0x24d [ 1058.418587] ? arch_local_irq_restore+0x53/0x53 [ 1058.423233] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1058.428435] dump_header+0x28c/0xe2b [ 1058.432140] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1058.437311] ? arch_local_irq_restore+0x53/0x53 [ 1058.441962] ? __lock_acquire+0x664/0x3e00 [ 1058.446175] ? print_irqtrace_events+0x270/0x270 [ 1058.450906] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1058.456083] ? trace_hardirqs_off+0x10/0x10 [ 1058.460379] ? __lock_acquire+0x664/0x3e00 [ 1058.464589] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1058.469758] ? __lock_acquire+0x664/0x3e00 [ 1058.473969] ? task_will_free_mem+0x252/0xaa0 [ 1058.478447] ? print_irqtrace_events+0x270/0x270 [ 1058.483187] ? ___ratelimit+0x30d/0x630 [ 1058.487135] ? lock_downgrade+0x980/0x980 [ 1058.491265] ? lock_release+0xa40/0xa40 [ 1058.495218] ? mark_held_locks+0xaf/0x100 [ 1058.499351] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1058.504433] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1058.509426] ? trace_hardirqs_on+0xd/0x10 [ 1058.513557] ? ___ratelimit+0x95/0x630 [ 1058.517423] ? idr_get_free+0xfd0/0xfd0 [ 1058.521371] ? find_held_lock+0x35/0x1d0 [ 1058.525414] oom_kill_process+0x8b9/0x1640 [ 1058.529623] ? lock_downgrade+0x980/0x980 [ 1058.533749] ? __lock_is_held+0xb6/0x140 [ 1058.537787] ? oom_evaluate_task+0x480/0x480 [ 1058.542180] ? rcu_read_unlock+0x35/0x70 [ 1058.546211] ? mem_cgroup_iter+0x363/0xbd0 [ 1058.550422] ? lock_downgrade+0x980/0x980 [ 1058.554553] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1058.559288] ? mark_held_locks+0xaf/0x100 [ 1058.563413] ? _raw_spin_unlock_irq+0x27/0x70 [ 1058.567884] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1058.572876] ? trace_hardirqs_on+0xd/0x10 [ 1058.576998] ? _raw_spin_unlock_irq+0x27/0x70 [ 1058.581473] ? css_task_iter_end+0x280/0x430 [ 1058.585859] ? _raw_spin_unlock_irq+0x27/0x70 [ 1058.590330] ? cgroup_procs_next+0x70/0x70 [ 1058.594540] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1058.599539] ? trace_hardirqs_on+0xd/0x10 [ 1058.603661] ? _raw_spin_unlock_irq+0x27/0x70 [ 1058.608132] ? oom_badness+0x980/0x980 [ 1058.611994] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1058.616736] ? mem_cgroup_iter_break+0x30/0x30 [ 1058.621304] ? finish_wait+0x268/0x490 [ 1058.625168] ? lock_downgrade+0x980/0x980 [ 1058.629294] out_of_memory+0x86d/0x1220 [ 1058.633254] ? oom_killer_disable+0x310/0x310 [ 1058.637725] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1058.642804] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1058.647794] ? trace_hardirqs_on+0xd/0x10 [ 1058.651933] mem_cgroup_out_of_memory+0x159/0x200 [ 1058.656751] ? swap_max_write+0x110/0x110 [ 1058.660874] ? do_raw_spin_trylock+0x190/0x190 [ 1058.665435] ? _raw_spin_unlock+0x22/0x30 [ 1058.669580] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1058.674573] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1058.680008] ? find_held_lock+0x35/0x1d0 [ 1058.684052] ? memcg_event_wake+0x420/0x420 [ 1058.688348] ? __do_page_fault+0x5f7/0xc90 [ 1058.692564] ? lock_downgrade+0x980/0x980 [ 1058.696691] pagefault_out_of_memory+0xbd/0x152 [ 1058.701332] ? out_of_memory+0x1220/0x1220 [ 1058.705543] ? handle_mm_fault+0x465/0xb10 [ 1058.709754] ? __handle_mm_fault+0x38c0/0x38c0 [ 1058.714309] ? vmacache_find+0x5f/0x280 [ 1058.718258] ? vmacache_update+0xfe/0x130 [ 1058.722393] mm_fault_error+0xd6/0x2c0 [ 1058.726259] __do_page_fault+0xb4d/0xc90 [ 1058.730312] ? mm_fault_error+0x2c0/0x2c0 [ 1058.734434] ? kernel_write+0x120/0x120 [ 1058.738820] ? do_syscall_64+0xb7/0x940 [ 1058.742774] do_page_fault+0xee/0x730 [ 1058.746550] ? __do_page_fault+0xc90/0xc90 [ 1058.750758] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1058.755504] ? syscall_return_slowpath+0x550/0x550 [ 1058.760407] ? syscall_return_slowpath+0x2ac/0x550 [ 1058.765313] ? prepare_exit_to_usermode+0x350/0x350 [ 1058.770322] ? retint_user+0x18/0x18 [ 1058.774016] ? page_fault+0x2f/0x50 [ 1058.777620] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1058.782438] ? page_fault+0x2f/0x50 [ 1058.786043] page_fault+0x45/0x50 [ 1058.789470] RIP: 0033:0x409b83 [ 1058.793154] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1058.798489] RAX: 0000001b9bc20000 RBX: 0000000000001285 RCX: 000000000040e950 [ 1058.805733] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1058.812979] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1058.820224] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1058.827469] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1058.835102] Task in /syz1 killed as a result of limit of /syz1 [ 1058.841137] memory: usage 0kB, limit 0kB, failcnt 4172 [ 1058.846459] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1058.853250] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1058.859448] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:05:51 executing program 5: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000002000)=@ethernet, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000006000)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f0000000000)={&(0x7f0000004000)={0x1d, r1}, 0x10, &(0x7f0000002ff0)={&(0x7f0000000040)=ANY=[@ANYBLOB="04000000fcffffff0000000000000000", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x7530, @ANYBLOB="00000000010000009b9e95723a78ee60cf604bd6afc600000000f40000005925f75a699fa9c8f7bbf2a7123d72ba0ea206d213937de62d977e6fc768a581c7d0578023e55746b849844fc207b0865a0f028bd6f2ce30cd18966bb5a40c2e"], 0x80}, 0x1}, 0x0) 2018/03/26 13:05:51 executing program 7: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc\x00', 0x80, 0x0) ioctl$TIOCSBRK(r0, 0x5427) r1 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) r2 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x8001, 0x2441) ioctl$EVIOCGMASK(r2, 0x80104592, &(0x7f00000000c0)={0x4, 0x49, &(0x7f0000000040)="b3e4dea0e2d90d7f9a30e26868f402dbaf3fd7a5ce540991011d44cf0e2c8e1bec541fd8308cb703689a1d01afc93a4b096fc42191bfdca649af67ca12438d03c24c1602a060435d0c"}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080, 0x6}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x3, 0x9}) [ 1058.878934] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1058.887722] [25143] 0 25143 11408 2089 65536 0 0 syz-executor1 [ 1058.896621] Memory cgroup out of memory: Kill process 25143 (syz-executor1) score 2105000 or sacrifice child [ 1058.906683] Killed process 25143 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:51 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000001fee)='/dev/snd/pcmC#D#c\x00', 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000240)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[]}, 0x1}, 0x0) clock_adjtime(0x0, &(0x7f0000000080)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x2, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x7}) preadv(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000009f7c)=""/132, 0x84}, {&(0x7f0000012000)=""/252, 0xfc}, {&(0x7f0000012000)=""/155, 0x9b}, {&(0x7f00000001c0)=""/11, 0xb}, {&(0x7f0000000000)=""/102, 0x66}], 0x5, 0x0) syncfs(r0) ioctl(r0, 0xc2604110, &(0x7f0000000000)) close(r0) 2018/03/26 13:05:51 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) connect$inet6(r0, &(0x7f0000f09fe4)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, 0x9}, 0x1c) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000bef000)={0x1, 0x3, &(0x7f00009ff000)=@framed={{0x18}, [], {0x95}}, &(0x7f0000849000)='syzkaller\x00', 0x4, 0xb7, &(0x7f000079d000)=""/183}, 0x48) r2 = socket$kcm(0x29, 0x2, 0x0) ioctl$sock_kcm_SIOCKCMATTACH(r2, 0x89e0, &(0x7f0000954ff8)={r0, r1}) r3 = socket$vsock_stream(0x28, 0x1, 0x0) ioctl$void(r3, 0xc0045878) r4 = dup3(r2, r3, 0x0) write$selinux_access(r4, &(0x7f0000000000)={'system_u:object_r:sulogin_exec_t:s0', 0x20, '/sbin/dhclient', 0x20}, 0x36) 2018/03/26 13:05:51 executing program 0: add_key(&(0x7f0000000000)='syzkaller\x00', &(0x7f0000000040)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000080)="da5ef149b983aaca9f3891ad711aff7244f8feba850edf57110ff5d959fb84f7c8558a3cb2641a4cb456f5fc0f883c33", 0x30, 0xfffffffffffffffc) add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000100)={0x73, 0x79, 0x7a, 0x1}, 0x0, 0x0, 0x0) add_key$user(&(0x7f0000000140)='user\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000001c0)="73065fa78c66727cc2c46b41f74fac98d922e49fa5b5e3ac6678e911f7e93faecf337b94a4205a9ef329c4cc2b99ed4f953878913bf0a7efe531b8e571e2c5d68208177b5e6f76affd7b255e280aebced881867a6bd357cb9a759c896ccc4674a01e7e2d61c2e5c494f1455d46bbe00b90e1c64dfc9a", 0x76, 0x0) add_key$user(&(0x7f0000000240)='user\x00', &(0x7f0000000280)={0x73, 0x79, 0x7a, 0x1}, &(0x7f00000002c0)="4ef36a85583f251a9bd1268cf0cf37b6af7d2cd9b1f3fa4d2b7192170a6e0b4fffa40c80c165ccec4d5814ca43c2f6ed421be81850a1d64ad453bebe4d6c87be8f8ef43ff0a94e053b9e854e54e2202f1f7fba8f86635ed30d0fe57dcfddacde859212cbe57f8a97a24c115a03c07e2c61e8d2f90772fedd413ebe4407b14f32182dde84f84fd9d36faf552165341e8043154986af4b4b30e76e95cf5cc47fd28f7092499e9445b6ad0c67ea7826bb1adc35ed5252ccf3d6e6cb55562c78ad2a9c64c831dd115a37800572bc4c5ff236626cc7e0c757bf2cb9e4b9048043462168039405b31b31d52ce0a192a1a908d2a94453cdf8bdfb0b54", 0xf9, 0xfffffffffffffffd) add_key$keyring(&(0x7f00000003c0)='keyring\x00', &(0x7f0000000400)={0x73, 0x79, 0x7a, 0x3}, 0x0, 0x0, 0xfffffffffffffffb) r0 = add_key(&(0x7f0000000440)='blacklist\x00', &(0x7f0000000480)={0x73, 0x79, 0x7a, 0x0}, &(0x7f00000004c0)="f1899381ab46dc5b8a53b2764dae8e184a02eb905691c78847838f718369de078241222d0f4ef6e1e27ed7c9d0199a3d2eaf60afb5f9a3dadbf91cc3a8df785ac97ae4a1bf825a6c0252588f96e673df12b77883d88b78e8c1d0dcd1b7c672cd04775d383c4dfaba8d5033c62ae2d0f026fac2690fa6e9e1df8947def73c47d78ef5be3579764313599d11cd7d78a0d56c9ad2b01c101a74ce9ef8ce", 0x9c, 0xfffffffffffffff9) keyctl$update(0x2, r0, 0x0, 0x23b1614f7550b135) 2018/03/26 13:05:51 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0x5, 0x0, 0x0, 0x0, 0x1}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) [ 1058.945238] oom_reaper: reaped process 25143 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:51 executing program 1: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)="2e2f6367726f757000361a6f74a1b774b8642f3dfdd313d92946ff0167415d8dc22791dcd496520c1c99f4b07d3b2a11090000000229210b73abdcd2986fc290ac9b6ace278586d39949a54fb276eb1fd3964b0cad27e417b33abb8d3b00e64e75e4dff47de27536dccdde5fc746b04faafcec347560a31b3a35a5f20bc949d75cbb763987", 0x200002, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) sendfile(r1, r1, &(0x7f0000000040), 0x5) dup2(r0, r1) 2018/03/26 13:05:51 executing program 4: r0 = socket(0x11, 0x100000802, 0x0) r1 = syz_open_dev$tun(&(0x7f0000000040)='/dev/net/tun\x00', 0x0, 0x0) ioctl$sock_inet6_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000080)) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'ifb0\x00', 0x4012}) ioctl$TUNSETLINK(r1, 0x400454cd, 0x7) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00', 0xa201}) getsockopt$inet_sctp_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f0000000100), &(0x7f0000000140)=0x4) 2018/03/26 13:05:51 executing program 3: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00002c5fe8)={0xaa}) r1 = epoll_create1(0x0) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000e4cfe0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r2 = syz_open_dev$sndtimer(&(0x7f0000f85ff1)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r2, 0xc0145401, &(0x7f0000013000)) r3 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x5, 0x800) ioctl$PERF_EVENT_IOC_QUERY_BPF(r3, 0xc008240a, &(0x7f0000000040)={0x4, 0x0, [0x0, 0x0, 0x0, 0x0]}) ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0) readv(r2, &(0x7f00005f7000)=[{&(0x7f0000ba8ff9)=""/7, 0x7}], 0x1) ioctl$KVM_DEASSIGN_PCI_DEVICE(r2, 0x4040ae72, &(0x7f0000ff0000)) dup3(r1, r0, 0x0) 2018/03/26 13:05:51 executing program 2: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x4800, 0x0) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x1, 0x0, 0x0, "5405d89196053e4f477912cf883585b17ac0c4d6e7fe5ade5804fff4bd7c3c4aa60b2625df584613cd12b6b926a16865e1e2ce07bea2b846c1f249717b880325", "b97c97f49b9b0457460889b44f3f1a63980b739b45fb2c21c05fbce13e570f5cb1df21e7a34d81dc29f8616d4f903a4a4a8cf67707ab6e031472b58d0c62868b", "4ee9b48f9273012a7564472138375113f5926779b0c11b77320cbba699c3d62c", [0x1, 0x80000001]}) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r1, r1, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:05:51 executing program 5: pipe2(&(0x7f0000f14000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) io_setup(0x7, &(0x7f0000000040)=0x0) write$selinux_load(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="a6"], 0x1) r2 = getpgid(0x0) ptrace$peekuser(0x3, r2, 0xfffffffffffffffa) io_submit(r1, 0x1, &(0x7f0000b52fd8)=[&(0x7f0000587000)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f000096f000)="06000000000000009d", 0x9}]) 2018/03/26 13:05:51 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80, 0xffffffffffffffff}, 'port1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x5}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) socketpair(0x1f, 0x5, 0x9, &(0x7f0000000000)) 2018/03/26 13:05:51 executing program 6: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f000031f000)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x0, 0x1, &(0x7f0000001fe8)=ANY=[@ANYBLOB="b4e8ffffff00000095"], &(0x7f0000003ff6)='syzkaller\x00', 0x0, 0xc3, &(0x7f0000009f3d)=""/195}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x1, 0x5, &(0x7f0000001fd8)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0xf5, 0x25}, [@ldst={0x7}], {0x95}}, &(0x7f0000003ff6)='syzkaller\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195}, 0x48) socketpair$packet(0x11, 0x3, 0x300, &(0x7f0000000000)) r0 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x8, 0x30440) setsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f00000000c0)={0x8}, 0x4) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0xfffffffffbfffffe, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f00000001c0)={0x8, 0x10000, 0x203, 0x8001, 0xd4be, 0x80, 0x5, 0x100000000, 0x0}, &(0x7f0000000200)=0x20) getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={r2, 0x3}, &(0x7f0000000280)=0x8) 2018/03/26 13:05:51 executing program 0: ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000000)) socketpair(0x1d, 0x0, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$KVM_GET_REGS(0xffffffffffffffff, 0x8090ae81, &(0x7f0000002980)) socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000080)=0xfffffffffffffe01, 0x4) [ 1059.213498] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1059.224552] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1059.229721] CPU: 1 PID: 25184 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1059.237067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1059.246400] Call Trace: [ 1059.248970] dump_stack+0x194/0x24d [ 1059.252582] ? arch_local_irq_restore+0x53/0x53 [ 1059.257236] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1059.262423] dump_header+0x28c/0xe2b [ 1059.266130] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1059.271307] ? arch_local_irq_restore+0x53/0x53 [ 1059.275966] ? __lock_acquire+0x664/0x3e00 [ 1059.280181] ? print_irqtrace_events+0x270/0x270 [ 1059.284917] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1059.290034] ? trace_hardirqs_off+0x10/0x10 [ 1059.294331] ? __lock_acquire+0x664/0x3e00 [ 1059.298547] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1059.303725] ? __lock_acquire+0x664/0x3e00 [ 1059.307939] ? task_will_free_mem+0x252/0xaa0 [ 1059.312425] ? print_irqtrace_events+0x270/0x270 [ 1059.317173] ? ___ratelimit+0x30d/0x630 [ 1059.321133] ? lock_downgrade+0x980/0x980 [ 1059.325270] ? lock_release+0xa40/0xa40 [ 1059.329244] ? mark_held_locks+0xaf/0x100 [ 1059.333637] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1059.338724] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1059.343721] ? trace_hardirqs_on+0xd/0x10 [ 1059.347857] ? ___ratelimit+0x95/0x630 [ 1059.351727] ? idr_get_free+0xfd0/0xfd0 [ 1059.355679] ? find_held_lock+0x35/0x1d0 [ 1059.359738] oom_kill_process+0x8b9/0x1640 [ 1059.363954] ? lock_downgrade+0x980/0x980 [ 1059.368090] ? __lock_is_held+0xb6/0x140 [ 1059.372140] ? oom_evaluate_task+0x480/0x480 [ 1059.376566] ? rcu_read_unlock+0x35/0x70 [ 1059.380603] ? mem_cgroup_iter+0x363/0xbd0 [ 1059.384820] ? lock_downgrade+0x980/0x980 [ 1059.388957] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1059.393701] ? mark_held_locks+0xaf/0x100 [ 1059.397828] ? _raw_spin_unlock_irq+0x27/0x70 [ 1059.402307] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1059.407303] ? trace_hardirqs_on+0xd/0x10 [ 1059.411428] ? _raw_spin_unlock_irq+0x27/0x70 [ 1059.415903] ? css_task_iter_end+0x280/0x430 [ 1059.420289] ? _raw_spin_unlock_irq+0x27/0x70 [ 1059.424766] ? cgroup_procs_next+0x70/0x70 [ 1059.428979] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1059.433977] ? trace_hardirqs_on+0xd/0x10 [ 1059.438101] ? _raw_spin_unlock_irq+0x27/0x70 [ 1059.442582] ? oom_badness+0x980/0x980 [ 1059.446449] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1059.451188] ? mem_cgroup_iter_break+0x30/0x30 [ 1059.455773] ? finish_wait+0x268/0x490 [ 1059.459643] ? lock_downgrade+0x980/0x980 [ 1059.463778] out_of_memory+0x86d/0x1220 [ 1059.467750] ? oom_killer_disable+0x310/0x310 [ 1059.472220] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1059.477307] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1059.482305] ? trace_hardirqs_on+0xd/0x10 [ 1059.486451] mem_cgroup_out_of_memory+0x159/0x200 [ 1059.491274] ? swap_max_write+0x110/0x110 [ 1059.495398] ? do_raw_spin_trylock+0x190/0x190 [ 1059.499973] ? _raw_spin_unlock+0x22/0x30 [ 1059.504112] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1059.509114] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1059.514547] ? find_held_lock+0x35/0x1d0 [ 1059.518598] ? memcg_event_wake+0x420/0x420 [ 1059.522899] ? __do_page_fault+0x5f7/0xc90 [ 1059.527117] ? lock_downgrade+0x980/0x980 [ 1059.531251] pagefault_out_of_memory+0xbd/0x152 [ 1059.535898] ? out_of_memory+0x1220/0x1220 [ 1059.540107] ? handle_mm_fault+0x465/0xb10 [ 1059.544330] ? __handle_mm_fault+0x38c0/0x38c0 [ 1059.548889] ? vmacache_find+0x5f/0x280 [ 1059.552838] ? vmacache_update+0xfe/0x130 [ 1059.556969] mm_fault_error+0xd6/0x2c0 [ 1059.560844] __do_page_fault+0xb4d/0xc90 [ 1059.564902] ? mm_fault_error+0x2c0/0x2c0 [ 1059.569046] ? kernel_write+0x120/0x120 [ 1059.573008] ? do_syscall_64+0xb7/0x940 [ 1059.576974] do_page_fault+0xee/0x730 [ 1059.580758] ? __do_page_fault+0xc90/0xc90 [ 1059.584973] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1059.589710] ? syscall_return_slowpath+0x550/0x550 [ 1059.594624] ? syscall_return_slowpath+0x2ac/0x550 [ 1059.599537] ? prepare_exit_to_usermode+0x350/0x350 [ 1059.604534] ? retint_user+0x18/0x18 [ 1059.608229] ? page_fault+0x2f/0x50 [ 1059.611835] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1059.616664] ? page_fault+0x2f/0x50 [ 1059.620273] page_fault+0x45/0x50 [ 1059.623701] RIP: 0033:0x409b83 [ 1059.626866] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1059.632207] RAX: 0000001b9bc20000 RBX: 0000000000001286 RCX: 000000000040e950 [ 1059.639453] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1059.646699] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1059.653942] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1059.661189] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1059.668715] Task in /syz1 killed as a result of limit of /syz1 [ 1059.674760] memory: usage 0kB, limit 0kB, failcnt 4180 [ 1059.680105] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1059.686899] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1059.693074] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:05:51 executing program 7: r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x10980, 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0xffffffffffffffff, 0x0, 0xfffffffffffffffb, 0x1, 0x2f4b}}) r1 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:51 executing program 3: capget(&(0x7f0000000080)={0x399f1736}, &(0x7f00000000c0)={0xfffffffffffffff9, 0x2, 0x6, 0x3, 0x10000, 0x9}) r0 = creat(&(0x7f00003f1ff8)='./file0\x00', 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000fdef88)={0x2, 0x78, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r0, 0x0, 0x61, &(0x7f0000000100)={'filter\x00', 0x4}, 0x68) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r1, 0x29, 0x100000000000c8, &(0x7f00005b8ffc), 0x4) dup2(r0, r1) [ 1059.696582] can: request_module (can-proto-0) failed. [ 1059.712561] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1059.712714] [25184] 0 25184 11408 2089 65536 0 0 syz-executor1 [ 1059.735333] Memory cgroup out of memory: Kill process 25184 (syz-executor1) score 2105000 or sacrifice child [ 1059.745432] Killed process 25184 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:51 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x400000, 0x0) getsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f0000000040)=0x9, &(0x7f0000000080)=0x4) 2018/03/26 13:05:51 executing program 1: r0 = perf_event_open(&(0x7f0000223000)={0x2, 0x70, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x7, 0x40801) bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001100)={r1, &(0x7f00000010c0)="eb89523f093e7e5de9bf67d0f0eb8dfaa36be6f7e5b1f3d5a85cf16ef6f8540c61b849ebe55d3b"}, 0x10) sched_yield() r2 = syz_open_procfs(0x0, &(0x7f0000000080)='ns/ipc\x00') setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f00000000c0)="24557a2474f5d9daa0b44ae237296737", 0x10) read(r0, &(0x7f0000001340)=""/4096, 0xfffffffffffffffa) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f0000001140)=ANY=[@ANYRES32=0x0, @ANYBLOB="b8000000da6e46b202d8e7f8864f519dcc50ae56313e14f5863b9d672a51330c8bfe41c4966d9fe2d673dc32bb0cbc0b00b9dac989ec9a6fead429c67dc626d2f4f3d6963bbb593ae435409b14ff5ea68945fe7302ff26c661656405257225343660533e879ab95353da505644d4d347fcac77278f5d7c6231af9745e081dc81456bdec914a32e36febf84b164ca5c59ba519dccd12bffd770262911bdc76944319bb3f283ce0bfc10c9952719"], &(0x7f0000001200)=0xc0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000001240)={r3, @in={{0x2, 0x4e21, @multicast1=0xe0000001}}, 0x2, 0x8}, &(0x7f0000001300)=0x90) 2018/03/26 13:05:51 executing program 5: r0 = socket$netlink(0x10, 0x3, 0xe) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_opts(r1, 0x29, 0x39, &(0x7f0000000000)=@fragment={0x0, 0x0, 0x4, 0x4, 0x0, 0x7, 0x67}, 0x8) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000009c0)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x10}, 0xfffffffffffffcc3, &(0x7f00000000c0)={&(0x7f0000000080)=@ipv4_newaddr={0x34, 0x14, 0x101, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, r2}, [@IFA_LOCAL={0x8, 0x2, @rand_addr}, @IFA_CACHEINFO={0x14, 0x6, {0x1, 0x401}}]}, 0x34}, 0x1, 0x0, 0x0, 0x44}, 0x4044) 2018/03/26 13:05:51 executing program 4: clock_gettime(0x6, &(0x7f00000000c0)={0x0}) setitimer(0x0, &(0x7f0000599ff0)={{}, {r0}}, &(0x7f000002afe0)) socketpair(0x1, 0x3, 0x6, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$TIOCLINUX2(r1, 0x541c, &(0x7f0000000040)={0x2, 0x8, 0x2, 0x45b7, 0x81, 0x4f4}) alarm(0x0) 2018/03/26 13:05:51 executing program 0: ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000180)='/dev/snd/pcmC#D#p\x00', 0x5, 0x2082) perf_event_open(&(0x7f00000000c0)={0x5, 0x70, 0xfffffffffffff000, 0x40, 0x6, 0x0, 0x0, 0x8000, 0x44082, 0x2, 0x0, 0x1, 0x9, 0x401, 0x7ff, 0x0, 0x8001, 0x80, 0x0, 0x9, 0xffff, 0x1, 0x0, 0x7, 0x100, 0x9, 0x8, 0x7, 0x6, 0x9, 0x7fe000000000000, 0x4, 0x0, 0x81, 0x6, 0x10001, 0xce6e, 0x1ff, 0x0, 0x2000000000000, 0x2, @perf_config_ext={0x0, 0x6}, 0x8042, 0x7, 0x9, 0x3, 0x7, 0x40, 0x8}, r0, 0x4, r1, 0x2) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$key(0xf, 0x3, 0x2) syz_emit_ethernet(0x2a, &(0x7f0000ad9000)=ANY=[@ANYBLOB="0180c2000000aaaaaaaa000008004500001c000000000002907800000000e0000001160090780000"], &(0x7f0000000040)) getsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000080), 0x10) [ 1059.796324] can: request_module (can-proto-0) failed. [ 1059.804437] oom_reaper: reaped process 25184 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1059.993124] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1060.004266] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1060.009437] CPU: 0 PID: 25213 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1060.016784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1060.026127] Call Trace: [ 1060.028710] dump_stack+0x194/0x24d [ 1060.032338] ? arch_local_irq_restore+0x53/0x53 [ 1060.036999] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1060.042181] dump_header+0x28c/0xe2b [ 1060.045876] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1060.051045] ? arch_local_irq_restore+0x53/0x53 [ 1060.055693] ? __lock_acquire+0x664/0x3e00 [ 1060.059903] ? print_irqtrace_events+0x270/0x270 [ 1060.064650] ? trace_hardirqs_off+0x10/0x10 [ 1060.068943] ? __lock_acquire+0x664/0x3e00 [ 1060.073151] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1060.078319] ? __lock_acquire+0x664/0x3e00 [ 1060.082527] ? task_will_free_mem+0x252/0xaa0 [ 1060.087002] ? print_irqtrace_events+0x270/0x270 [ 1060.091746] ? ___ratelimit+0x30d/0x630 [ 1060.095694] ? lock_downgrade+0x980/0x980 [ 1060.099820] ? lock_release+0xa40/0xa40 [ 1060.103772] ? mark_held_locks+0xaf/0x100 [ 1060.107893] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1060.112974] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1060.117966] ? trace_hardirqs_on+0xd/0x10 [ 1060.122091] ? ___ratelimit+0x95/0x630 [ 1060.125954] ? idr_get_free+0xfd0/0xfd0 [ 1060.129904] ? find_held_lock+0x35/0x1d0 [ 1060.133950] oom_kill_process+0x8b9/0x1640 [ 1060.138158] ? lock_downgrade+0x980/0x980 [ 1060.142289] ? __lock_is_held+0xb6/0x140 [ 1060.146326] ? oom_evaluate_task+0x480/0x480 [ 1060.150719] ? rcu_read_unlock+0x35/0x70 [ 1060.154754] ? mem_cgroup_iter+0x363/0xbd0 [ 1060.158962] ? lock_downgrade+0x980/0x980 [ 1060.163090] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1060.167822] ? mark_held_locks+0xaf/0x100 [ 1060.171944] ? _raw_spin_unlock_irq+0x27/0x70 [ 1060.176415] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1060.181406] ? trace_hardirqs_on+0xd/0x10 [ 1060.185527] ? _raw_spin_unlock_irq+0x27/0x70 [ 1060.189996] ? css_task_iter_end+0x280/0x430 [ 1060.194384] ? _raw_spin_unlock_irq+0x27/0x70 [ 1060.198856] ? cgroup_procs_next+0x70/0x70 [ 1060.203062] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1060.208053] ? trace_hardirqs_on+0xd/0x10 [ 1060.212173] ? _raw_spin_unlock_irq+0x27/0x70 [ 1060.216642] ? oom_badness+0x980/0x980 [ 1060.220503] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1060.225240] ? mem_cgroup_iter_break+0x30/0x30 [ 1060.229807] ? finish_wait+0x268/0x490 [ 1060.233671] ? lock_downgrade+0x980/0x980 [ 1060.237794] out_of_memory+0x86d/0x1220 [ 1060.241753] ? oom_killer_disable+0x310/0x310 [ 1060.246220] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1060.251298] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1060.256289] ? trace_hardirqs_on+0xd/0x10 [ 1060.260420] mem_cgroup_out_of_memory+0x159/0x200 [ 1060.265240] ? swap_max_write+0x110/0x110 [ 1060.269359] ? do_raw_spin_trylock+0x190/0x190 [ 1060.273924] ? _raw_spin_unlock+0x22/0x30 [ 1060.278049] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1060.283041] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1060.288468] ? find_held_lock+0x35/0x1d0 [ 1060.292509] ? memcg_event_wake+0x420/0x420 [ 1060.296805] ? __do_page_fault+0x5f7/0xc90 [ 1060.301019] ? lock_downgrade+0x980/0x980 [ 1060.305147] pagefault_out_of_memory+0xbd/0x152 [ 1060.309790] ? out_of_memory+0x1220/0x1220 [ 1060.313996] ? handle_mm_fault+0x465/0xb10 [ 1060.318213] ? __handle_mm_fault+0x38c0/0x38c0 [ 1060.322769] ? vmacache_find+0x5f/0x280 [ 1060.326715] ? vmacache_update+0xfe/0x130 [ 1060.330837] mm_fault_error+0xd6/0x2c0 [ 1060.334703] __do_page_fault+0xb4d/0xc90 [ 1060.338745] ? mm_fault_error+0x2c0/0x2c0 [ 1060.342866] ? kernel_write+0x120/0x120 [ 1060.346815] ? do_syscall_64+0xb7/0x940 [ 1060.350766] do_page_fault+0xee/0x730 [ 1060.354539] ? __do_page_fault+0xc90/0xc90 [ 1060.358745] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1060.363493] ? syscall_return_slowpath+0x550/0x550 [ 1060.368397] ? syscall_return_slowpath+0x2ac/0x550 [ 1060.373299] ? prepare_exit_to_usermode+0x350/0x350 [ 1060.378289] ? retint_user+0x18/0x18 [ 1060.381979] ? page_fault+0x2f/0x50 [ 1060.385582] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1060.390412] ? page_fault+0x2f/0x50 [ 1060.394020] page_fault+0x45/0x50 [ 1060.397446] RIP: 0033:0x409b83 [ 1060.400612] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1060.405951] RAX: 0000001b9bc20000 RBX: 0000000000001287 RCX: 000000000040e950 [ 1060.413195] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1060.420438] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1060.427679] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1060.434924] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1060.442322] Task in /syz1 killed as a result of limit of /syz1 [ 1060.448354] memory: usage 0kB, limit 0kB, failcnt 4188 [ 1060.453686] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1060.460482] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1060.466669] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1060.486125] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1060.494889] [25213] 0 25213 11408 2089 65536 0 0 syz-executor1 [ 1060.503769] Memory cgroup out of memory: Kill process 25213 (syz-executor1) score 2105000 or sacrifice child [ 1060.514631] Killed process 25213 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:52 executing program 1: r0 = socket(0x1d, 0x3, 0x1) setsockopt$kcm_KCM_RECV_DISABLE(r0, 0x65, 0x5, &(0x7f0000000000)=0xaaae, 0x4) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000040)=0x54, 0x4) getsockopt$inet6_mreq(r0, 0x29, 0x15, &(0x7f0000000080)={@empty, 0x0}, &(0x7f00000000c0)=0x14) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000001c0)={'vcan0\x00', r1}) sendmsg$can_raw(r0, &(0x7f0000001000)={&(0x7f0000002ff0)={0x1d, r2}, 0x10, &(0x7f0000000000)={&(0x7f0000000200)=@canfd={{}, 0x0, 0x0, 0x0, 0x0, "e8282fc0575571f77ac8d4132539bc55d7906fe0fecb3d2f991075b83294d4a7b02ade8cba5f219fcf41fcb9d4d14c85b70cdfd0994acc2709e56f37a1afee32"}, 0x48}, 0x1}, 0x0) 2018/03/26 13:05:52 executing program 0: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000040)) r1 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x80000) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000400)='/dev/vcs\x00', 0x101201, 0x0) r3 = syz_open_dev$adsp(&(0x7f0000000440)='/dev/adsp#\x00', 0x0, 0x0) getsockopt$ARPT_SO_GET_REVISION_TARGET(r3, 0x0, 0x63, &(0x7f0000000680)={'icmp\x00'}, &(0x7f0000000840)=0x1e) ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000480)={r2, 0x7, 0xffffffffffffff80, r3}) pipe2(&(0x7f00000006c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000000c0)={0x0, @in={{0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}}, 0x1, 0x6, 0x400, 0x3, 0x4}, &(0x7f00000001c0)=0x98) getsockopt$inet_sctp_SCTP_RTOINFO(r5, 0x84, 0x0, &(0x7f0000000200)={r6, 0x3, 0x12000000000, 0x7fffffff}, &(0x7f0000000240)=0x10) connect$vsock_stream(r4, &(0x7f0000000740)={0x28, 0x0, 0xffffffff, @any=0xffffffff}, 0x10) r7 = shmget(0x1, 0x3000, 0x8, &(0x7f0000ffb000/0x3000)=nil) lstat(&(0x7f0000000900)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$KVM_SIGNAL_MSI(r4, 0x4020aea5, &(0x7f00000007c0)={0x7000, 0x103000, 0x100000000, 0x100000000, 0x2a}) getresgid(&(0x7f0000000800), &(0x7f0000000700), &(0x7f0000000780)=0x0) getsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000004c0)={{{@in6=@local, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6}}, &(0x7f00000005c0)=0xe8) r11 = getgid() r12 = getpgid(0x0) r13 = gettid() setsockopt$ARPT_SO_SET_ADD_COUNTERS(r2, 0x0, 0x61, &(0x7f0000000880)={'filter\x00', 0x4}, 0x68) shmctl$IPC_SET(r7, 0x1, &(0x7f0000000600)={{0x3, r8, r9, r10, r11, 0x2, 0x4}, 0x6, 0x20, 0x0, 0x4, r12, r13, 0xfffffffffffffff8}) clock_gettime(0x1, &(0x7f0000000180)) syz_open_dev$admmidi(&(0x7f0000000280)='/dev/admmidi#\x00', 0x200, 0x2882) accept4$bt_l2cap(r5, &(0x7f00000002c0), &(0x7f0000000300)=0xe, 0x800) 2018/03/26 13:05:52 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='comm\x00') r1 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendfile(r0, r0, &(0x7f000050dff8)=0xfffffffffffffffe, 0x4000000089) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r0) 2018/03/26 13:05:52 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r0, 0x4058534c, &(0x7f00000000c0)={0xffffffffffff6485, 0x5, 0xdff2, 0x1, 0x3ff, 0xcbe2}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r1 = dup2(r0, r0) setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000140)=0x5ed5, 0x4) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000000)={{0x32, 0x598}, 'port1\x00', 0x31, 0x80040, 0x0, 0x4, 0x91, 0x7, 0x1, 0x0, 0x0, 0x4}) 2018/03/26 13:05:52 executing program 5: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x80, 0x8040) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(r0, 0xc0a85352, &(0x7f0000000040)={{0x20, 0x7fff}, 'port0\x00', 0x80, 0x420, 0x8, 0x4, 0x1, 0x100000000, 0x46c, 0x0, 0x2, 0x4}) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000100)={0x0, 0x14, "5f692ce1623e88b5db2d43d91776c53ea99584f0"}, &(0x7f0000000140)=0x1c) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000000180)={r1, 0x49, "a56a7d9a665d91cef939e2c11932b454cab742104d2236dd82773b69dd29bcbe19ead59365800ffdc822b94fbc1417c60620360bf81232dceed63a85dd0897e220fc6bc57c5c484459"}, &(0x7f0000000200)=0x51) syz_emit_ethernet(0x2e, &(0x7f0000ae8f92)={@link_local={0x1, 0x80, 0xc2}, @dev={[0xaa, 0xaa, 0xaa, 0xaa]}, [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x2, 0x0, @rand_addr, @broadcast=0xffffffff}, @igmp={0x2000011, 0x0, 0x0, @multicast1=0xe0000001, '\b\a\x00\x00'}}}}}, &(0x7f00003b5000)) 2018/03/26 13:05:52 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = accept4$inet6(0xffffffffffffff9c, &(0x7f0000000180)={0x0, 0x0, 0x0, @loopback}, &(0x7f00000001c0)=0x1c, 0x800) getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000200)={0x3, [0x0, 0x0, 0x0]}, &(0x7f0000000240)=0x10) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000280)={r2, 0x54, "7da50d0c59e0c04f9cd97a12db47302f38c61057fe7cd5d76e83d5013a4836769c95cc1450c30cab3bc6aa438c402ed73abbf7c84fa36959cac6b4f58c05fb8dba7432b3d358580301fbccb22cbb87ecad991d36"}, &(0x7f0000000300)=0x5c) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_mems\x00', 0x0, 0x0) ioctl$KVM_CREATE_PIT2(r3, 0x4040ae77, &(0x7f0000000080)={0xfffffffffffffffd}) ioctl$sock_ifreq(r0, 0x8994, &(0x7f0000000000)={'bond0\x00', @ifru_ivalue}) connect$vsock_dgram(r3, &(0x7f00000000c0)={0x28, 0x0, 0xffffffff, @host=0x2}, 0x10) getsockopt$netrom_NETROM_T2(r3, 0x103, 0x2, &(0x7f0000000100)=0xf07, &(0x7f0000000140)=0x4) 2018/03/26 13:05:52 executing program 6: socket$inet_sctp(0x2, 0x1, 0x84) symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') 2018/03/26 13:05:52 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) ioctl$LOOP_SET_DIRECT_IO(r0, 0x4c08, 0x3) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) [ 1060.546297] oom_reaper: reaped process 25213 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:52 executing program 6: syz_emit_ethernet(0x1, &(0x7f0000000340)=ANY=[@ANYBLOB="0180c200000000001400000086dd6006215f0008210000000000000000000000ffffac1414aa3e6e8fc4818a5f8a00000000000000aa4e204e2009089078aa47b8b746609c9a26bbccbba98b21f151d13100f99b06e225269675d06c553277d375dd09dcb81878cfdc5373b45a45f9f8da7fda4d8786170a6807d5a04a752ccbd035567de56319b9373c2997aef392ed5ce9732d351b8a94a4ec09a9af409e99bef73caf92a77815b218508c2f7b8917777c1d4de016015e622cd227920fcaefb240e8ed2dfaeec46b52d6bdca477419f7c46a97ddf8d3c594544d192daf6c5418a2e78ad223e0e02ccab25b967987dac09baad6d8cef9826e5dfd9d91a3ba7aaf19629bd40d10d8e5251615462ac4"], 0x0) r0 = dup(0xffffffffffffffff) bpf$OBJ_PIN_PROG(0x6, &(0x7f00000002c0)={&(0x7f0000000280)='./file0\x00', r0}, 0x10) bind$alg(r0, &(0x7f0000000200)={0x26, 'hash\x00', 0x0, 0x0, 'tgr160\x00'}, 0x58) getsockopt$nfc_llcp(r0, 0x118, 0x4, &(0x7f0000000040)=""/71, 0x35) ioctl$SIOCGIFMTU(r0, 0x8921, &(0x7f0000000000)) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r0, 0xc10c5541, &(0x7f00000000c0)={0x100000001, 0x3, 0xad7, 0x0, 0x0, [], [], [], 0x81}) [ 1060.666171] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1060.677227] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1060.682421] CPU: 0 PID: 25237 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1060.689774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1060.699120] Call Trace: [ 1060.701690] dump_stack+0x194/0x24d [ 1060.705302] ? arch_local_irq_restore+0x53/0x53 [ 1060.709950] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1060.715135] dump_header+0x28c/0xe2b [ 1060.718837] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1060.724015] ? arch_local_irq_restore+0x53/0x53 [ 1060.728666] ? perf_trace_lock+0xd6/0x900 [ 1060.732791] ? perf_trace_lock_acquire+0xe3/0x980 [ 1060.737608] ? __lock_acquire+0x664/0x3e00 [ 1060.741827] ? trace_event_raw_event_lock+0x340/0x340 [ 1060.746998] ? perf_trace_lock+0x900/0x900 [ 1060.751226] ? perf_trace_lock+0xd6/0x900 [ 1060.755360] ? perf_trace_lock_acquire+0xe3/0x980 [ 1060.760180] ? trace_hardirqs_off+0x10/0x10 [ 1060.764490] ? trace_event_raw_event_lock+0x340/0x340 [ 1060.769662] ? __lock_acquire+0x664/0x3e00 [ 1060.773873] ? task_will_free_mem+0x252/0xaa0 [ 1060.778352] ? print_irqtrace_events+0x270/0x270 [ 1060.783095] ? ___ratelimit+0x30d/0x630 [ 1060.787047] ? lock_downgrade+0x980/0x980 [ 1060.791177] ? lock_release+0xa40/0xa40 [ 1060.795137] ? mark_held_locks+0xaf/0x100 [ 1060.799354] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1060.804435] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1060.809431] ? trace_hardirqs_on+0xd/0x10 [ 1060.813560] ? ___ratelimit+0x95/0x630 [ 1060.817427] ? idr_get_free+0xfd0/0xfd0 [ 1060.821378] ? find_held_lock+0x35/0x1d0 [ 1060.825431] oom_kill_process+0x8b9/0x1640 [ 1060.829647] ? lock_downgrade+0x980/0x980 [ 1060.833778] ? __lock_is_held+0xb6/0x140 [ 1060.837821] ? oom_evaluate_task+0x480/0x480 [ 1060.842224] ? rcu_read_unlock+0x35/0x70 [ 1060.846259] ? mem_cgroup_iter+0x363/0xbd0 [ 1060.850475] ? lock_downgrade+0x980/0x980 [ 1060.854610] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1060.859349] ? mark_held_locks+0xaf/0x100 [ 1060.863476] ? _raw_spin_unlock_irq+0x27/0x70 [ 1060.867953] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1060.872947] ? trace_hardirqs_on+0xd/0x10 [ 1060.877069] ? _raw_spin_unlock_irq+0x27/0x70 [ 1060.881541] ? css_task_iter_end+0x280/0x430 [ 1060.885925] ? _raw_spin_unlock_irq+0x27/0x70 [ 1060.890398] ? cgroup_procs_next+0x70/0x70 [ 1060.894605] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1060.899598] ? trace_hardirqs_on+0xd/0x10 [ 1060.903721] ? _raw_spin_unlock_irq+0x27/0x70 [ 1060.908193] ? oom_badness+0x980/0x980 [ 1060.912060] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1060.916793] ? mem_cgroup_iter_break+0x30/0x30 [ 1060.921369] ? finish_wait+0x268/0x490 [ 1060.925232] ? lock_downgrade+0x980/0x980 [ 1060.929363] out_of_memory+0x86d/0x1220 [ 1060.933327] ? oom_killer_disable+0x310/0x310 [ 1060.937796] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1060.942877] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1060.947870] ? trace_hardirqs_on+0xd/0x10 [ 1060.952015] mem_cgroup_out_of_memory+0x159/0x200 [ 1060.956838] ? swap_max_write+0x110/0x110 [ 1060.960959] ? do_raw_spin_trylock+0x190/0x190 [ 1060.965527] ? _raw_spin_unlock+0x22/0x30 [ 1060.969659] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1060.974654] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1060.980083] ? find_held_lock+0x35/0x1d0 [ 1060.984127] ? memcg_event_wake+0x420/0x420 [ 1060.988426] ? __do_page_fault+0x5f7/0xc90 [ 1060.992638] ? lock_downgrade+0x980/0x980 [ 1060.996770] pagefault_out_of_memory+0xbd/0x152 [ 1061.001415] ? out_of_memory+0x1220/0x1220 [ 1061.005622] ? handle_mm_fault+0x465/0xb10 [ 1061.009841] ? __handle_mm_fault+0x38c0/0x38c0 [ 1061.014399] ? vmacache_find+0x5f/0x280 [ 1061.018348] ? vmacache_update+0xfe/0x130 [ 1061.022477] mm_fault_error+0xd6/0x2c0 [ 1061.026347] __do_page_fault+0xb4d/0xc90 [ 1061.030397] ? mm_fault_error+0x2c0/0x2c0 [ 1061.034522] ? kernel_write+0x120/0x120 [ 1061.038475] ? do_syscall_64+0xb7/0x940 [ 1061.042429] do_page_fault+0xee/0x730 [ 1061.046213] ? __do_page_fault+0xc90/0xc90 [ 1061.050423] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1061.055937] ? syscall_return_slowpath+0x550/0x550 [ 1061.060843] ? syscall_return_slowpath+0x2ac/0x550 [ 1061.065754] ? retint_user+0x18/0x18 [ 1061.069445] ? page_fault+0x2f/0x50 [ 1061.073053] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1061.077883] ? page_fault+0x2f/0x50 [ 1061.081488] page_fault+0x45/0x50 [ 1061.084915] RIP: 0033:0x409b83 [ 1061.088078] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1061.093416] RAX: 0000001b9bc20000 RBX: 0000000000001288 RCX: 000000000040e950 [ 1061.100658] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1061.107909] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 2018/03/26 13:05:53 executing program 4: ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_REINJECT_CONTROL(0xffffffffffffffff, 0xae71, &(0x7f0000000080)) r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(r0, &(0x7f0000000340)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000300), 0x13f}}, 0x20) r1 = socket$vsock_stream(0x28, 0x1, 0x0) msgget(0x3, 0x0) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc\x00', 0x0, 0x0) getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000140)={{{@in6=@remote, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@dev}, 0x0, @in=@multicast1}}, &(0x7f0000000240)=0xe8) getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, &(0x7f00000002c0)=0x3, &(0x7f0000000380)=0x2) ioctl$sock_inet6_SIOCSIFDSTADDR(r3, 0x8918, &(0x7f0000000280)={@loopback={0x0, 0x1}, 0x0, r4}) ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000040)={0x800, 0x2f, 0x0, 0x2, 0x14, 0x80000000, 0x6, 0x80000001, 0x9, 0x5}) getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000005c0)={{{@in=@multicast1, @in6=@mcast2}}, {{@in6=@ipv4={[], [], @rand_addr}}, 0x0, @in=@multicast2}}, &(0x7f00000006c0)=0xe8) mq_timedsend(r3, &(0x7f0000000740), 0x0, 0x0, &(0x7f0000000480)={0x77359400}) write$rdma_cm(r2, &(0x7f00000000c0)=ANY=[], 0x243) r5 = getpgrp(0xffffffffffffffff) fcntl$lock(r1, 0x7, &(0x7f00000000c0)={0x0, 0x3, 0x9, 0x7f, r5}) ioctl$DRM_IOCTL_RES_CTX(r2, 0xc0106426, &(0x7f0000000440)={0x7, &(0x7f0000000400)=[{}, {}, {}, {}, {}, {}, {}]}) [ 1061.115154] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1061.122398] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1061.130232] Task in /syz1 killed as a result of limit of /syz1 [ 1061.136289] memory: usage 0kB, limit 0kB, failcnt 4196 [ 1061.141625] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1061.148418] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 2018/03/26 13:05:53 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) r1 = geteuid() ioprio_set$uid(0x3, r1, 0x800) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:53 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x4) bind$netlink(r0, &(0x7f0000dbc000)={0x10, 0x0, 0x0, 0xb68}, 0xc) bind$netlink(r0, &(0x7f0000000040)={0x10}, 0xc) bind$netlink(r0, &(0x7f0000000000)={0x10}, 0xc) openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/checkreqprot\x00', 0x1, 0x0) [ 1061.154611] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1061.174076] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1061.183700] [25237] 0 25237 11408 2089 65536 0 0 syz-executor1 [ 1061.192602] Memory cgroup out of memory: Kill process 25237 (syz-executor1) score 2105000 or sacrifice child [ 1061.202645] Killed process 25237 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:53 executing program 6: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_opts(r0, 0x0, 0x40000048c, &(0x7f0000000040)="020000000e3af800a3a90bfd", 0xc) 2018/03/26 13:05:53 executing program 3: r0 = socket$inet(0x2, 0x840000000003, 0x2) setsockopt$inet_int(r0, 0x0, 0xc8, &(0x7f00004fd000), 0x4) r1 = socket(0x11, 0x800, 0x8000) setsockopt$nfc_llcp_NFC_LLCP_MIUX(r1, 0x118, 0x1, &(0x7f0000000040)=0x16e1c32d, 0x4) r2 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x17}}, 0x10) sendto$inet(r2, &(0x7f0000e76000), 0x0, 0x0, &(0x7f0000bc8ff0)={0x2, 0x4e20, @multicast1=0xe0000001}, 0x10) syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x6cb3, 0x200) r3 = open(&(0x7f0000000080)='./file0\x00', 0x80800, 0x3) ioctl$KVM_SET_GSI_ROUTING(r3, 0x4008ae6a, &(0x7f00000000c0)={0x1, 0x0, [{0x8, 0x2, 0x0, 0x0, @irqchip={0x1, 0x9}}]}) 2018/03/26 13:05:53 executing program 1: r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000017c0)=@create_id={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000001780)}}, 0x20) syz_open_dev$adsp(&(0x7f00000004c0)='/dev/adsp#\x00', 0x0, 0x40) r1 = syz_open_dev$admmidi(&(0x7f0000000400)='/dev/admmidi#\x00', 0x4, 0x2041) getsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0x7, &(0x7f0000000440)=0x8, &(0x7f0000000480)=0x4) write$rdma_cm(r0, &(0x7f0000000000)=@disconnect={0xa, 0x4, 0xfa00}, 0x9) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x8000, 0x0) ioctl$KVM_GET_IRQCHIP(r2, 0xc208ae62, &(0x7f0000000140)=@ioapic) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000240)={0x0, 0x80, &(0x7f0000000080)=[@in6={0xa, 0x4e21, 0x3, @mcast2={0xff, 0x2, [], 0x1}, 0x6}, @in6={0xa, 0x4e24, 0x5, @remote={0xfe, 0x80, [], 0xbb}, 0x101}, @in6={0xa, 0x4e24, 0x1, @local={0xfe, 0x80, [], 0xaa}, 0x2}, @in={0x2, 0x4e24, @rand_addr=0x7f}, @in6={0xa, 0x4e21, 0xfffffffffffff800, @local={0xfe, 0x80, [], 0xaa}, 0x4}]}, &(0x7f0000000280)=0x10) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r2, 0x84, 0x1a, &(0x7f00000002c0)={r3, 0xc7, "9dabd2507b61e762dd0e960748bf4bf4d3a2b3a6d3debdc20f63cdc701f5f6d3b5de4bdeb0e1b33f268fc6adddb9b982bd98e9c4ca7fa0bd88a6e459c45762b18e375c02ea8cc10899b9d48436d07669b034d7cce716fba60256f32c5bf1e0f9bc14098fb1cd3010484ccf70b1abd4445221f80bde2dd7e321ae1d1385a8eb742ca4ae657a9da93450a03cc0d89a525c7ace0160cbe2ce0187ccf0d14e0992e6766ddccf8278192908a22b54ef3d4d7a45137ae99bc9bf4a524f497f9135647dd5a543d74ec81f"}, &(0x7f00000003c0)=0xcf) 2018/03/26 13:05:53 executing program 2: r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x400, 0x0) read(r0, &(0x7f00000000c0)=""/210, 0xd2) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r1, r1, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1, &(0x7f0000000000)=0x9, 0x4, 0x1) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f00000001c0)=0x2) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) [ 1061.217274] oom_reaper: reaped process 25237 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:53 executing program 4: syz_open_dev$mouse(&(0x7f0000000300)='/dev/input/mouse#\x00', 0xfffffffffffffff8, 0x2) perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$describe(0x6, r0, &(0x7f00000001c0)=""/170, 0xaa) [ 1061.329139] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1061.340155] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1061.345323] CPU: 1 PID: 25264 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1061.352679] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1061.362028] Call Trace: [ 1061.364615] dump_stack+0x194/0x24d [ 1061.368247] ? arch_local_irq_restore+0x53/0x53 [ 1061.372913] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1061.378102] dump_header+0x28c/0xe2b [ 1061.381807] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1061.386981] ? arch_local_irq_restore+0x53/0x53 [ 1061.391628] ? perf_trace_lock+0xd6/0x900 [ 1061.395756] ? __lock_acquire+0x664/0x3e00 [ 1061.399977] ? trace_event_raw_event_lock+0x340/0x340 [ 1061.405159] ? perf_trace_lock+0xd6/0x900 [ 1061.409289] ? trace_hardirqs_off+0x10/0x10 [ 1061.413587] ? perf_trace_lock+0xd6/0x900 [ 1061.417716] ? trace_event_raw_event_lock+0x340/0x340 [ 1061.422890] ? __lock_acquire+0x664/0x3e00 [ 1061.427103] ? task_will_free_mem+0x252/0xaa0 [ 1061.431589] ? print_irqtrace_events+0x270/0x270 [ 1061.436337] ? ___ratelimit+0x30d/0x630 [ 1061.440295] ? lock_downgrade+0x980/0x980 [ 1061.444429] ? lock_release+0xa40/0xa40 [ 1061.448394] ? mark_held_locks+0xaf/0x100 [ 1061.452525] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1061.457609] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1061.462604] ? trace_hardirqs_on+0xd/0x10 [ 1061.466735] ? ___ratelimit+0x95/0x630 [ 1061.470604] ? idr_get_free+0xfd0/0xfd0 [ 1061.474557] ? find_held_lock+0x35/0x1d0 [ 1061.478624] oom_kill_process+0x8b9/0x1640 [ 1061.482837] ? lock_downgrade+0x980/0x980 [ 1061.486973] ? __lock_is_held+0xb6/0x140 [ 1061.491028] ? oom_evaluate_task+0x480/0x480 [ 1061.495439] ? rcu_read_unlock+0x35/0x70 [ 1061.499476] ? mem_cgroup_iter+0x363/0xbd0 [ 1061.503687] ? lock_downgrade+0x980/0x980 [ 1061.507825] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1061.512564] ? mark_held_locks+0xaf/0x100 [ 1061.516692] ? _raw_spin_unlock_irq+0x27/0x70 [ 1061.521169] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1061.526163] ? trace_hardirqs_on+0xd/0x10 [ 1061.530288] ? _raw_spin_unlock_irq+0x27/0x70 [ 1061.534763] ? css_task_iter_end+0x280/0x430 [ 1061.539149] ? _raw_spin_unlock_irq+0x27/0x70 [ 1061.543624] ? cgroup_procs_next+0x70/0x70 [ 1061.547833] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1061.552829] ? trace_hardirqs_on+0xd/0x10 [ 1061.556953] ? _raw_spin_unlock_irq+0x27/0x70 [ 1061.561441] ? oom_badness+0x980/0x980 [ 1061.565317] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1061.570059] ? mem_cgroup_iter_break+0x30/0x30 [ 1061.574644] ? finish_wait+0x268/0x490 [ 1061.578514] ? lock_downgrade+0x980/0x980 [ 1061.582650] out_of_memory+0x86d/0x1220 [ 1061.586620] ? oom_killer_disable+0x310/0x310 [ 1061.591090] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1061.596178] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1061.601175] ? trace_hardirqs_on+0xd/0x10 [ 1061.605322] mem_cgroup_out_of_memory+0x159/0x200 [ 1061.610147] ? swap_max_write+0x110/0x110 [ 1061.614272] ? do_raw_spin_trylock+0x190/0x190 [ 1061.618845] ? _raw_spin_unlock+0x22/0x30 [ 1061.622979] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1061.627976] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1061.633408] ? find_held_lock+0x35/0x1d0 [ 1061.637457] ? memcg_event_wake+0x420/0x420 [ 1061.641758] ? __do_page_fault+0x5f7/0xc90 [ 1061.645972] ? lock_downgrade+0x980/0x980 [ 1061.650106] pagefault_out_of_memory+0xbd/0x152 [ 1061.654753] ? out_of_memory+0x1220/0x1220 [ 1061.658961] ? handle_mm_fault+0x465/0xb10 [ 1061.663181] ? __handle_mm_fault+0x38c0/0x38c0 [ 1061.667738] ? vmacache_find+0x5f/0x280 [ 1061.671688] ? vmacache_update+0xfe/0x130 [ 1061.675822] mm_fault_error+0xd6/0x2c0 [ 1061.679694] __do_page_fault+0xb4d/0xc90 [ 1061.683750] ? mm_fault_error+0x2c0/0x2c0 [ 1061.687877] ? kernel_write+0x120/0x120 [ 1061.691833] ? do_syscall_64+0xb7/0x940 [ 1061.695790] do_page_fault+0xee/0x730 [ 1061.699574] ? __do_page_fault+0xc90/0xc90 [ 1061.703791] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1061.709309] ? syscall_return_slowpath+0x550/0x550 [ 1061.714218] ? syscall_return_slowpath+0x2ac/0x550 [ 1061.719133] ? retint_user+0x18/0x18 [ 1061.722828] ? page_fault+0x2f/0x50 [ 1061.726434] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1061.731263] ? page_fault+0x2f/0x50 [ 1061.734881] page_fault+0x45/0x50 [ 1061.738309] RIP: 0033:0x409b83 [ 1061.741475] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1061.746814] RAX: 0000001b9bc20000 RBX: 0000000000001289 RCX: 000000000040e950 [ 1061.754059] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1061.761305] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1061.768549] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1061.775793] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1061.783302] Task in /syz1 killed as a result of limit of /syz1 [ 1061.789335] memory: usage 0kB, limit 0kB, failcnt 4204 [ 1061.794644] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1061.801424] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1061.807593] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:05:54 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r0, 0xc0bc5310, &(0x7f0000000000)) 2018/03/26 13:05:54 executing program 0: r0 = syz_open_dev$sndseq(&(0x7f0000832ff3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000b0bf74)={0x0, 0x0, 0x0, 'queue0\x00'}) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f0000000000)=[@in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in6={0xa, 0x4e24, 0x2d, @loopback={0x0, 0x1}, 0x1}, @in={0x2, 0x4e21, @multicast2=0xe0000002}, @in={0x2, 0x4e23, @multicast2=0xe0000002}, @in={0x2, 0x4e21}], 0x5c) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x0, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f00000003c0)=@create_id={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000380)={0xffffffff}, 0x2, 0x1}}, 0x20) write$rdma_cm(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="07000000080000fa", @ANYRES32=r2, @ANYBLOB="00000200"], 0x10) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_TEMPO(r0, 0xc02c5341, &(0x7f0000dc5f98)={0x0, 0x0, 0x0, {0x0}}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f000021af98)={0x0, 0xb6, 0x40, {r3}}) 2018/03/26 13:05:54 executing program 4: r0 = perf_event_open(&(0x7f0000220000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000040)=0x6) r2 = openat$cgroup_int(r1, &(0x7f0000000080)='rdma.max\x00', 0x2, 0x0) sysinfo(&(0x7f00000000c0)=""/163) r3 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x400, 0x0) ioctl$sock_inet_tcp_SIOCOUTQNSD(r3, 0x894b, &(0x7f0000000200)) write$cgroup_int(r2, &(0x7f0000000340)=ANY=[], 0x0) 2018/03/26 13:05:54 executing program 5: perf_event_open(&(0x7f0000220000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$sock_int(r0, 0x1, 0xa, &(0x7f0000c9effc), 0x4) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0) r2 = openat$cgroup_int(r1, &(0x7f0000000100)="72c26cb18378000002000000b47f12a5c822cd9e47d300000010000000", 0x2, 0x0) write$cgroup_int(r2, &(0x7f0000000340)=ANY=[], 0x0) r3 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x1857, 0x40) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r3, 0xc0045520, &(0x7f0000000080)=0x1) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f00000000c0)={0x0, 0x100000001}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r3, 0x84, 0x6c, &(0x7f00000001c0)={0x0, 0xd6, "06df0658de5a833dfaf89806bf5ee6aeac0a42e4353370aa439ae9ce779867b72b8a34027895666c0cbbbe8f6befd6e1a796822e07df02ea71128037639c6da1b7d615ef726eb8461bcb336bad019951dc48f71efde3e6d667bc0db4447a485d928d7b9a94f8ce1628d63ad0b5970caff7de2b627adeae916112d4db2903769a5945edaa3728ec1b3d983bdfd9dff58594438990003ccce365c82de7d6af93808d5105e21392a6aa08d28297db7436794147a3d4b4af767d6adb02939901d04086bc1a4899af936849eda656712dcd70d230b21b1e55"}, &(0x7f00000002c0)=0xde) getsockopt$inet_sctp_SCTP_STATUS(r2, 0x84, 0xe, &(0x7f0000000300)={r4, 0x5f, 0xffffffffffffff7f, 0x8, 0x2, 0x1, 0x9, 0x3, {r5, @in6={{0xa, 0x4e24, 0x0, @ipv4={[], [0xff, 0xff], @local={0xac, 0x14, 0x14, 0xaa}}, 0x7}}, 0x7, 0x91, 0x5, 0x800, 0x6}}, &(0x7f00000003c0)=0xb0) 2018/03/26 13:05:54 executing program 2: ioctl$TIOCGPGRP(0xffffffffffffff9c, 0x540f, &(0x7f0000000000)=0x0) r1 = syz_open_procfs(r0, &(0x7f00000001c0)="6e65742f6933d4e07c365f6d720776") sendfile(r1, r1, &(0x7f0000000280)=0x42402, 0x6) ioctl$KVM_SET_TSS_ADDR(r1, 0xae47, 0xcfff) r2 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x81, 0x0) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000140)={0x0, 0xffff}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000200)={r3, 0x6}, &(0x7f0000000240)=0x8) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x2) ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000100)={0x6000, &(0x7f00000000c0), 0x0, r1, 0x1}) ioctl$UFFDIO_ZEROPAGE(r1, 0xc020aa04, &(0x7f0000000040)={&(0x7f0000261000/0x2000)=nil, 0x2000}) 2018/03/26 13:05:54 executing program 1: perf_event_open(&(0x7f000001d000)={0x5, 0x78, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000040), 0x8}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff}) getsockopt$bt_hci(r0, 0x0, 0x0, &(0x7f0000000080)=""/4096, &(0x7f0000001080)=0x1000) 2018/03/26 13:05:54 executing program 3: r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x2) socketpair$inet_icmp(0x2, 0x2, 0x1, &(0x7f0000000100)) ioctl$VHOST_GET_VRING_ENDIAN(r0, 0x4008af14, &(0x7f0000000000)={0x0, 0x8e1b}) 2018/03/26 13:05:54 executing program 6: r0 = accept4(0xffffffffffffff9c, &(0x7f0000000080)=@llc={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast}, &(0x7f0000000100)=0x80, 0x80800) getsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000140), &(0x7f0000000180)=0x4) r1 = socket$inet_sctp(0x2, 0x1, 0x84) fcntl$F_GET_FILE_RW_HINT(r0, 0x40d, &(0x7f0000000240)) sendto$inet(r1, &(0x7f0000a34fff)='H', 0x1, 0x0, &(0x7f0000030ff0)={0x2, 0x4e20, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}}, 0x10) sendto$inet(r1, &(0x7f000026cfff)="b9", 0x1, 0x0, &(0x7f0000000000)={0x2, 0x4e20, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x10) shutdown(r1, 0x1) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00001afff8)={0x0, 0x1}, 0x8) setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000040)={0x0, 0x0, 0x3f}, 0x373) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r0, 0x84, 0x1c, &(0x7f00000001c0), &(0x7f0000000200)=0x4) write(r1, &(0x7f00005f1fe3)="c6", 0x1) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000112000)={0x0, 0x0, 0x7}, 0x8) [ 1061.827061] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1061.835828] [25264] 0 25264 11408 2089 65536 0 0 syz-executor1 [ 1061.844710] Memory cgroup out of memory: Kill process 25264 (syz-executor1) score 2105000 or sacrifice child [ 1061.854737] Killed process 25264 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1061.977602] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1061.988701] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1061.993876] CPU: 0 PID: 25299 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1062.001222] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1062.010554] Call Trace: [ 1062.013125] dump_stack+0x194/0x24d [ 1062.016737] ? arch_local_irq_restore+0x53/0x53 [ 1062.021385] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1062.026564] dump_header+0x28c/0xe2b [ 1062.030263] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1062.035457] ? arch_local_irq_restore+0x53/0x53 [ 1062.040107] ? perf_trace_lock_acquire+0xe3/0x980 [ 1062.044922] ? __lock_acquire+0x664/0x3e00 [ 1062.049133] ? print_irqtrace_events+0x270/0x270 [ 1062.053869] ? perf_trace_lock+0x900/0x900 [ 1062.058086] ? perf_trace_lock_acquire+0xe3/0x980 [ 1062.062904] ? trace_hardirqs_off+0x10/0x10 [ 1062.067203] ? perf_trace_lock_acquire+0xe3/0x980 [ 1062.072021] ? perf_trace_lock_acquire+0xe3/0x980 [ 1062.076846] ? perf_trace_lock+0x900/0x900 [ 1062.081058] ? __lock_acquire+0x664/0x3e00 [ 1062.085277] ? task_will_free_mem+0x252/0xaa0 [ 1062.089756] ? print_irqtrace_events+0x270/0x270 [ 1062.094497] ? ___ratelimit+0x30d/0x630 [ 1062.098447] ? lock_downgrade+0x980/0x980 [ 1062.102575] ? lock_release+0xa40/0xa40 [ 1062.106530] ? mark_held_locks+0xaf/0x100 [ 1062.110658] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1062.115738] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1062.120729] ? trace_hardirqs_on+0xd/0x10 [ 1062.124855] ? ___ratelimit+0x95/0x630 [ 1062.128721] ? idr_get_free+0xfd0/0xfd0 [ 1062.132670] ? find_held_lock+0x35/0x1d0 [ 1062.136717] oom_kill_process+0x8b9/0x1640 [ 1062.140925] ? lock_downgrade+0x980/0x980 [ 1062.145056] ? __lock_is_held+0xb6/0x140 [ 1062.149100] ? oom_evaluate_task+0x480/0x480 [ 1062.153499] ? rcu_read_unlock+0x35/0x70 [ 1062.157543] ? mem_cgroup_iter+0x363/0xbd0 [ 1062.161752] ? lock_downgrade+0x980/0x980 [ 1062.165883] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1062.170625] ? mark_held_locks+0xaf/0x100 [ 1062.174749] ? _raw_spin_unlock_irq+0x27/0x70 [ 1062.179228] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1062.184223] ? trace_hardirqs_on+0xd/0x10 [ 1062.188345] ? _raw_spin_unlock_irq+0x27/0x70 [ 1062.192822] ? css_task_iter_end+0x280/0x430 [ 1062.197209] ? _raw_spin_unlock_irq+0x27/0x70 [ 1062.201679] ? cgroup_procs_next+0x70/0x70 [ 1062.205888] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1062.210883] ? trace_hardirqs_on+0xd/0x10 [ 1062.215010] ? _raw_spin_unlock_irq+0x27/0x70 [ 1062.219490] ? oom_badness+0x980/0x980 [ 1062.223352] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1062.228088] ? mem_cgroup_iter_break+0x30/0x30 [ 1062.232661] ? finish_wait+0x268/0x490 [ 1062.236524] ? lock_downgrade+0x980/0x980 [ 1062.240738] out_of_memory+0x86d/0x1220 [ 1062.244700] ? oom_killer_disable+0x310/0x310 [ 1062.249173] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1062.254254] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1062.259247] ? trace_hardirqs_on+0xd/0x10 [ 1062.263382] mem_cgroup_out_of_memory+0x159/0x200 [ 1062.268201] ? swap_max_write+0x110/0x110 [ 1062.272322] ? do_raw_spin_trylock+0x190/0x190 [ 1062.276889] ? _raw_spin_unlock+0x22/0x30 [ 1062.281026] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1062.286026] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1062.291452] ? find_held_lock+0x35/0x1d0 [ 1062.295493] ? memcg_event_wake+0x420/0x420 [ 1062.299788] ? __do_page_fault+0x5f7/0xc90 [ 1062.304002] ? lock_downgrade+0x980/0x980 [ 1062.308134] pagefault_out_of_memory+0xbd/0x152 [ 1062.312777] ? out_of_memory+0x1220/0x1220 [ 1062.316985] ? handle_mm_fault+0x465/0xb10 [ 1062.321206] ? __handle_mm_fault+0x38c0/0x38c0 [ 1062.325759] ? vmacache_find+0x5f/0x280 [ 1062.329705] ? vmacache_update+0xfe/0x130 [ 1062.333831] mm_fault_error+0xd6/0x2c0 [ 1062.337697] __do_page_fault+0xb4d/0xc90 [ 1062.341743] ? mm_fault_error+0x2c0/0x2c0 [ 1062.345869] ? kernel_write+0x120/0x120 [ 1062.349822] ? do_syscall_64+0xb7/0x940 [ 1062.353774] do_page_fault+0xee/0x730 [ 1062.357552] ? __do_page_fault+0xc90/0xc90 [ 1062.361761] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1062.366492] ? syscall_return_slowpath+0x550/0x550 [ 1062.371396] ? syscall_return_slowpath+0x2ac/0x550 [ 1062.376305] ? prepare_exit_to_usermode+0x350/0x350 [ 1062.381301] ? retint_user+0x18/0x18 [ 1062.384991] ? page_fault+0x2f/0x50 [ 1062.388597] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1062.393423] ? page_fault+0x2f/0x50 [ 1062.397030] page_fault+0x45/0x50 [ 1062.400455] RIP: 0033:0x409b83 [ 1062.403619] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1062.408955] RAX: 0000001b9bc20000 RBX: 000000000000128a RCX: 000000000040e950 [ 1062.416201] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc 2018/03/26 13:05:54 executing program 3: sendmsg(0xffffffffffffffff, &(0x7f0000014000)={0x0, 0x0, &(0x7f000000d000)}, 0x0) r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000002000)=@ethernet, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f000000ffd8)={'vcan0\x00', 0x0}) r2 = socket$can_raw(0x1d, 0x3, 0x1) bind$can_raw(r2, &(0x7f0000010ff0)={0x1d}, 0x10) recvmmsg(r2, &(0x7f0000015000)=[{{&(0x7f000000e000)=@rc, 0xa, &(0x7f000000cfb0), 0x0, &(0x7f0000015000)=""/90, 0x5a}}, {{&(0x7f0000015000)=@can, 0x10, &(0x7f0000015000)=[{&(0x7f000000e000)=""/34, 0x22}, {&(0x7f0000013fe7)=""/25, 0x19}], 0x2, &(0x7f0000015f48)=""/184, 0xb8}}], 0x2, 0x0, &(0x7f0000013000)={0x77359400}) sendmsg$can_bcm(r0, &(0x7f0000000000)={&(0x7f0000007ff0)={0x1d, r1}, 0x10, &(0x7f0000002ff0)={&(0x7f0000000040)=ANY=[@ANYBLOB="010000000300000000000000000000209d0aa64a2fc8ce97cffa69b066eff87f7bf9275c87b0a96f995a3398fd2a9ec69ad282dae2f7b558e6ef96dbb4468c00679ce1d9f5638200a52f78c17042be843c593ab73feb76251ae216", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x7530, @ANYBLOB="000000000100000000000000000000008e15adecfc04aba1"], 0x48}, 0x1}, 0x0) 2018/03/26 13:05:54 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) r1 = syz_open_dev$admmidi(&(0x7f00000004c0)='/dev/admmidi#\x00', 0x7, 0x20001fff) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000000200)=0x6, 0x4) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f00000003c0)={0x3, 0xfffffffffffffff7, 0xffff, 0x1, 0x14}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r2 = getpid() ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000380)=0x0) setpgid(r2, r3) r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x2, 0x0) stat(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000140)={0x0, 0x0, 0x0}, &(0x7f0000000180)=0xc) bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000340)=0x3f, 0x4) fchownat(r4, &(0x7f0000000040)='./file0\x00', r5, r6, 0x100) ioctl(r0, 0x4, &(0x7f0000000240)="fd0bd1977036bf1db0037754e2a7d33b84fa7e0f151845271558e954060024597aed60b3b1de259eacc388842df5e680bb7ab0bcf6f1db368de069a31f4ff232e102611e2c44e12f3211244800273f4292661d8cb2e5ccca9c02c8c5a8194118e8bc6a9c5901746417122ae10ecb0f7adc798c9cb5d62c45652e975cff2c3e8a9b2bc3ccb9174162fbda66cb4376b45dd28572416eaf955fcab8909634f70ed5e6d9d6c0f4e56b69cc6d8e0b0805c979c23425b2555a894746281866030570f4202a87c831aadb034b6e49df4002848a4e78fcd9b78f11fe6af3e66b86") getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000400)={0x0, 0x4, 0x7}, &(0x7f0000000440)=0x8) setsockopt$inet_sctp_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000480)={r7, 0xa074, 0xa, [0x6, 0x7fff000000000000, 0x1, 0x1000, 0x5, 0x10000, 0x3, 0x3, 0x7ff, 0x7]}, 0x1c) 2018/03/26 13:05:54 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) r1 = socket$nl_generic(0x10, 0x3, 0x10) setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000651ff8)={0x0, 0x9}, 0x8) ioctl$sock_SIOCSIFBR(r1, 0x8941, &(0x7f00000000c0)=@add_del={0x2, &(0x7f0000000080)='vlan0\x00', 0x2}) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f00001a7fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}], 0x1c) sendto$inet6(r0, &(0x7f0000aaff09)="b8", 0x1, 0x0, &(0x7f0000ab0000)={0xa, 0x4e23, 0x0, @loopback={0x0, 0x1}}, 0x1c) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000100)='/dev/rtc\x00', 0x8200, 0x0) getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000140)=@assoc_value, &(0x7f0000000180)=0x8) r3 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x4, 0x2000) ioctl$KVM_SET_ONE_REG(r3, 0x4010aeac, &(0x7f0000000040)={0x100, 0x9}) [ 1062.423444] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1062.430685] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1062.437929] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1062.445472] Task in /syz1 killed as a result of limit of /syz1 [ 1062.451522] memory: usage 0kB, limit 0kB, failcnt 4212 [ 1062.456842] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1062.463639] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 2018/03/26 13:05:54 executing program 0: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3f9, 0x0, 0x1}, 0x10) r2 = socket(0x1e, 0x1, 0x0) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3f9, 0x0, 0x1}, 0x10) sendmsg(r2, &(0x7f0000030000)={&(0x7f00004aeb5c)=@generic={0x10000000001e, "02ed01000000000000000001e527cc573c5bf86c483700c71e14dd6a739effea1b48006be61ffe0000e103000000f8000004003f010039d8f9b1ff010003000024e7af50dd0700000000000000e3ad316a19830000000000000006cb24281e2780e503000076c3979ac40023bd07020078a1dfd300881a8365b186827436"}, 0x80, &(0x7f0000447ff0), 0x0, &(0x7f00008b2000)}, 0x0) bpf$MAP_DELETE_ELEM(0x3, &(0x7f00000000c0)={r0, &(0x7f0000000080)}, 0xffffffffffffffe3) [ 1062.469828] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1062.489303] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1062.498140] [25299] 0 25299 11408 2089 65536 0 0 syz-executor1 [ 1062.507067] Memory cgroup out of memory: Kill process 25299 (syz-executor1) score 2105000 or sacrifice child [ 1062.517124] Killed process 25299 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:54 executing program 6: r0 = socket(0x11, 0x4000000000080003, 0x0) r1 = syz_open_dev$sndpcmp(&(0x7f0000000100)='/dev/snd/pcmC#D#p\x00', 0x10000, 0x200) getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000180)={0x0, 0x46, "f62e1c30ea1cacec65f641dbcbd96fc02fa9eb902f365e953b4c7bfb108030515337e42f0ef5013c390aa42ef346e51dca15a14496340be30397139bf52751ee6be476d7a446"}, &(0x7f0000000200)=0x4e) setsockopt$inet_sctp_SCTP_CONTEXT(r1, 0x84, 0x11, &(0x7f0000000240)={r2, 0x113d1a7b}, 0x8) getsockopt$IPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x41, &(0x7f0000000140)=ANY=[@ANYBLOB="66696c7465720000002b00000000000000001a00000000c4021d7fe7a5000000000000000000000000000000000000000000000000"], &(0x7f0000000000)=0x39) sendmmsg(r0, &(0x7f0000003e80)=[{{&(0x7f0000000040)=@in6={0xa, 0x0, 0x3, @mcast1={0xff, 0x1, [], 0x1}}, 0x1c, &(0x7f0000000300), 0x3d9, &(0x7f0000000280)}}, {{&(0x7f0000000080)=@nfc_llcp={0x27, 0x1, 0x0, 0x0, 0x0, 0x0, "99066c9aa4c2fbbf0aecb573b9d1bdc8be397716e627f0d1865ea32e0822c1026f14d27d9eb2214e9b34beb87de5d3aab05c161c037b28907fcb4fa979f696"}, 0x60, &(0x7f0000000f80), 0x0, &(0x7f0000000000), 0x98}}], 0x2, 0x0) 2018/03/26 13:05:54 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000100)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc-aes-aesni\x00'}, 0x58) ioctl$TCSETSF(0xffffffffffffffff, 0x80247008, &(0x7f0000000140)) 2018/03/26 13:05:54 executing program 3: perf_event_open(&(0x7f0000348f88)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000003c0)={&(0x7f0000000100)={0x10}, 0xc, &(0x7f0000000380)={&(0x7f0000000140)=@getae={0x40, 0x1f, 0x421, 0x0, 0x0, {{@in=@remote={0xac, 0x14, 0x14, 0xbb}}, @in6=@mcast2={0xff, 0x2, [], 0x1}}}, 0x40}, 0x1}, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x101902, 0x0) ioctl$KDSETMODE(r1, 0x4b3a, 0x6) 2018/03/26 13:05:54 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f00000000c0)=0x6, 0x3, 0x0) getsockname$ax25(r0, &(0x7f0000000000), &(0x7f0000000040)=0x10) 2018/03/26 13:05:54 executing program 3: r0 = syz_open_dev$binder(&(0x7f0000001000)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x20011, r0, 0x0) r1 = syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x7fff, 0x0) ioctl(r1, 0xc0884123, &(0x7f0000000000)) ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000000)={0x81, 0x0, [0x653707f2, 0x4, 0xfffffffffffffff7, 0x1]}) mmap(&(0x7f0000ff9000/0x4000)=nil, 0x4000, 0x1, 0x4010, r1, 0x49) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000640)={0xa, 0x0, [{0x1000, 0xe5, &(0x7f00000000c0)=""/229}, {0x10000, 0x75, &(0x7f00000001c0)=""/117}, {0x0, 0x3f, &(0x7f0000000240)=""/63}, {0x0, 0x1000, &(0x7f0000001040)=""/4096}, {0x100004, 0xf4, &(0x7f0000000280)=""/244}, {0x6000, 0xae, &(0x7f0000000380)=""/174}, {0x6000, 0x75, &(0x7f0000000440)=""/117}, {0x100004, 0x85, &(0x7f00000004c0)=""/133}, {0x6003, 0x63, &(0x7f0000000580)=""/99}, {0x0, 0x2a, &(0x7f0000000600)=""/42}]}) 2018/03/26 13:05:54 executing program 5: mmap(&(0x7f0000000000/0xd99000)=nil, 0xd99000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = add_key(&(0x7f0000e5e000)='1yzkller\x00', &(0x7f00000a8ffb)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0x0) add_key(&(0x7f0000000080)='rxrpc_s\x00', &(0x7f00000000c0)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000000100)="2fbae98a69ba29b1c9933e0210ee243d022f0604b637e7b8793ce8cb0b7d67339819a7a541a0b52eda0e3a0816bf8cd1928dff760d837749740ebd5b1834de250862aa58add48eb9405d0e47d9be02ae79573fe03e98fb0acafbc38b9a995ada9035fa61e5c9af1bec764674dd6251efeaf953ed6cf7824dbe51b6131bb5", 0x7e, r0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x200, 0x0) ioctl$KVM_TRANSLATE(r1, 0xc018ae85, &(0x7f0000000040)={0x10d000, 0x10000, 0x4, 0x9, 0x280000}) 2018/03/26 13:05:54 executing program 6: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x3, 0x10, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$KDGETMODE(r1, 0x4b3b, &(0x7f0000000080)) getsockopt(r0, 0x8001, 0xc, &(0x7f000035ff6a)=""/150, &(0x7f0000000000)=0x96) 2018/03/26 13:05:54 executing program 0: r0 = gettid() r1 = syz_open_procfs(r0, &(0x7f0000000080)='\x00\x00\x00\x00\x00\x00\x00\x00') exit(0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x6, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) readv(r1, &(0x7f0000000040)=[{&(0x7f0000000200)=""/233, 0xfffffffffffffe92}], 0x1) 2018/03/26 13:05:54 executing program 4: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1}) mmap(&(0x7f0000000000/0x5000)=nil, 0x5000, 0x0, 0x32, 0xffffffffffffffff, 0x0) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000005000)={{&(0x7f0000001000/0x4000)=nil, 0x4000}, 0x1}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000281000)={{&(0x7f0000000000/0x1000)=nil, 0x1000}, 0x1}) ioctl$UFFDIO_UNREGISTER(r0, 0xc020aa04, &(0x7f0000005000)={&(0x7f0000000000/0x3000)=nil, 0x3000}) 2018/03/26 13:05:54 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r0, 0xc08c5336, &(0x7f00000000c0)={0x2, 0x6, 0xfffffffffffffffc, 'queue1\x00', 0x4}) 2018/03/26 13:05:54 executing program 1: r0 = gettid() r1 = accept$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000000)) setsockopt$inet6_group_source_req(r1, 0x29, 0x2e, &(0x7f0000000080)={0x0, {{0xa, 0x4e24, 0x9, @mcast1={0xff, 0x1, [], 0x1}, 0x1000}}, {{0xa, 0x4e23, 0x2, @dev={0xfe, 0x80, [], 0xd}, 0x3}}}, 0x108) exit(0x0) rt_tgsigqueueinfo(r0, r0, 0x0, &(0x7f0000000040)={0x0, 0x0, 0x80000001}) [ 1062.796991] binder: 25332:25338 ioctl c0884123 20000000 returned -22 [ 1062.822325] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1062.831334] binder: 25332:25338 ioctl 4068aea3 20000000 returned -22 [ 1062.833361] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1062.844999] CPU: 1 PID: 25337 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1062.852352] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1062.859521] binder: 25332:25338 ioctl 4008af03 20000640 returned -22 [ 1062.861690] Call Trace: [ 1062.861706] dump_stack+0x194/0x24d [ 1062.861722] ? arch_local_irq_restore+0x53/0x53 [ 1062.861738] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1062.861759] dump_header+0x28c/0xe2b [ 1062.887923] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1062.893117] ? arch_local_irq_restore+0x53/0x53 [ 1062.897789] ? __lock_acquire+0x664/0x3e00 [ 1062.902027] ? print_irqtrace_events+0x270/0x270 [ 1062.906779] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1062.910842] binder: 25332:25338 ioctl c0884123 20000000 returned -22 [ 1062.911897] ? trace_hardirqs_off+0x10/0x10 [ 1062.911906] ? __lock_acquire+0x664/0x3e00 [ 1062.911918] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1062.911934] ? __lock_acquire+0x664/0x3e00 [ 1062.936304] ? task_will_free_mem+0x252/0xaa0 [ 1062.936996] binder: 25332:25349 ioctl 4068aea3 20000000 returned -22 [ 1062.940799] ? print_irqtrace_events+0x270/0x270 [ 1062.940823] ? ___ratelimit+0x30d/0x630 [ 1062.940835] ? lock_downgrade+0x980/0x980 [ 1062.940852] ? lock_release+0xa40/0xa40 [ 1062.940867] ? mark_held_locks+0xaf/0x100 [ 1062.968243] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1062.973339] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1062.978335] ? trace_hardirqs_on+0xd/0x10 [ 1062.982464] ? ___ratelimit+0x95/0x630 [ 1062.986338] ? idr_get_free+0xfd0/0xfd0 [ 1062.990288] ? find_held_lock+0x35/0x1d0 [ 1062.994333] oom_kill_process+0x8b9/0x1640 [ 1062.998541] ? lock_downgrade+0x980/0x980 [ 1063.002670] ? __lock_is_held+0xb6/0x140 [ 1063.006713] ? oom_evaluate_task+0x480/0x480 [ 1063.011106] ? rcu_read_unlock+0x35/0x70 [ 1063.015143] ? mem_cgroup_iter+0x363/0xbd0 [ 1063.019352] ? lock_downgrade+0x980/0x980 [ 1063.023481] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1063.028214] ? mark_held_locks+0xaf/0x100 [ 1063.032351] ? _raw_spin_unlock_irq+0x27/0x70 [ 1063.036821] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1063.041811] ? trace_hardirqs_on+0xd/0x10 [ 1063.045932] ? _raw_spin_unlock_irq+0x27/0x70 [ 1063.050401] ? css_task_iter_end+0x280/0x430 [ 1063.054784] ? _raw_spin_unlock_irq+0x27/0x70 [ 1063.059256] ? cgroup_procs_next+0x70/0x70 [ 1063.063462] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1063.068453] ? trace_hardirqs_on+0xd/0x10 [ 1063.072573] ? _raw_spin_unlock_irq+0x27/0x70 [ 1063.077044] ? oom_badness+0x980/0x980 [ 1063.080906] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1063.085637] ? mem_cgroup_iter_break+0x30/0x30 [ 1063.090205] ? finish_wait+0x268/0x490 [ 1063.094067] ? lock_downgrade+0x980/0x980 [ 1063.098197] out_of_memory+0x86d/0x1220 [ 1063.102158] ? oom_killer_disable+0x310/0x310 [ 1063.106624] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1063.111705] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1063.116695] ? trace_hardirqs_on+0xd/0x10 [ 1063.120829] mem_cgroup_out_of_memory+0x159/0x200 [ 1063.125645] ? swap_max_write+0x110/0x110 [ 1063.129766] ? do_raw_spin_trylock+0x190/0x190 [ 1063.134329] ? _raw_spin_unlock+0x22/0x30 [ 1063.138458] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1063.143450] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1063.148879] ? find_held_lock+0x35/0x1d0 [ 1063.152918] ? memcg_event_wake+0x420/0x420 [ 1063.157217] ? __do_page_fault+0x5f7/0xc90 [ 1063.161436] ? lock_downgrade+0x980/0x980 [ 1063.165562] pagefault_out_of_memory+0xbd/0x152 [ 1063.170204] ? out_of_memory+0x1220/0x1220 [ 1063.174413] ? handle_mm_fault+0x465/0xb10 [ 1063.178635] ? __handle_mm_fault+0x38c0/0x38c0 [ 1063.183202] ? vmacache_find+0x5f/0x280 [ 1063.187150] ? vmacache_update+0xfe/0x130 [ 1063.191278] mm_fault_error+0xd6/0x2c0 [ 1063.195147] __do_page_fault+0xb4d/0xc90 [ 1063.199189] ? mm_fault_error+0x2c0/0x2c0 [ 1063.203315] ? kernel_write+0x120/0x120 [ 1063.207266] ? do_syscall_64+0xb7/0x940 [ 1063.211225] do_page_fault+0xee/0x730 [ 1063.215000] ? __do_page_fault+0xc90/0xc90 [ 1063.219216] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1063.224731] ? syscall_return_slowpath+0x550/0x550 [ 1063.229636] ? syscall_return_slowpath+0x2ac/0x550 [ 1063.234544] ? retint_user+0x18/0x18 [ 1063.238237] ? page_fault+0x2f/0x50 [ 1063.241837] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1063.246659] ? page_fault+0x2f/0x50 [ 1063.250263] page_fault+0x45/0x50 [ 1063.253690] RIP: 0033:0x409b83 [ 1063.256860] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1063.262202] RAX: 0000001b9bc20000 RBX: 000000000000128b RCX: 000000000040e950 [ 1063.269550] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1063.276792] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1063.284035] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1063.291278] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1063.298708] Task in /syz1 killed as a result of limit of /syz1 [ 1063.301184] binder: 25332:25352 ioctl 4008af03 20000640 returned -22 [ 1063.304730] memory: usage 0kB, limit 0kB, failcnt 4220 [ 1063.304737] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1063.304744] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1063.329488] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:05:55 executing program 4: r0 = perf_event_open(&(0x7f000001d000)={0x2, 0x70, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$dspn(&(0x7f000000bff6)='/dev/dsp#\x00', 0x1, 0x2) ioctl$int_in(r1, 0x800000c004500a, &(0x7f0000595ff8)) writev(r1, &(0x7f0000001140)=[{&(0x7f0000001040)='2', 0x1}], 0x1) close(r1) write$fuse(r0, &(0x7f0000000040)={0x28, 0x1, 0x0, @fuse_notify_inval_inode_out={0xd, 0x4, 0x6b}}, 0x28) 2018/03/26 13:05:55 executing program 6: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) r1 = dup2(r0, r0) ioctl$EVIOCGBITSND(r1, 0x80404532, &(0x7f00000003c0)=""/166) getsockopt$inet_sctp6_SCTP_GET_ASSOC_NUMBER(r1, 0x84, 0x1c, &(0x7f0000000180), &(0x7f00000001c0)=0x4) r2 = openat$cgroup_int(r0, &(0x7f00000002c0)='cgroup.max.depth\x00', 0x2, 0x0) write$cgroup_int(r2, &(0x7f0000000000)=ANY=[], 0x0) ioctl$SNDRV_TIMER_IOCTL_GSTATUS(r1, 0xc0505405, &(0x7f0000000000)={{0x0, 0x1, 0x6, 0x3, 0x101}, 0x2, 0x7fffffff, 0x8}) 2018/03/26 13:05:55 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$unix(0x1, 0x1, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000100)='/dev/midi#\x00', 0x3f, 0x40) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000140)=[@in={0x2, 0x4e22, @rand_addr=0x100000001}, @in={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, @in={0x2, 0x4e21, @remote={0xac, 0x14, 0x14, 0xbb}}, @in6={0xa, 0x4e23, 0x5, @remote={0xfe, 0x80, [], 0xbb}, 0x98fe}, @in={0x2, 0x4e23, @multicast2=0xe0000002}], 0x5c) ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000080)=@ethtool_ts_info={0x41}}) ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04) signalfd(r0, &(0x7f0000000040)={0x4}, 0x8) 2018/03/26 13:05:55 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) clock_settime(0x6, &(0x7f0000000080)={0x0, 0x1c9c380}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000000)={0x10000, 0x9, 0x1a7, {}, 0x4, 0x8}) 2018/03/26 13:05:55 executing program 0: r0 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x3, 0x1b071, 0xffffffffffffffff, 0x0) creat(&(0x7f0000000040)='./file0\x00', 0x0) write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="00000805010700009e3e00000100aaaaaaaaaa1000000000000091004f008100240086dd6937f4c3029802be0000000000000000000000000000000000000000000000000000000000000001000403060000000000000000000000000000ffffac14141000000000000000000000000000000000620400000000000007200000000006010700150200000000000022000000000000000100000000000000040101000000080203f90000000000000000000000000000ffffac14140f0420880b007a00010000ae25e2bb6788ef8209202039ef1ee189a521b00be77e204e817f92dbfdbec64e6d8b66741e7bd99601e29eeafed0afb05a7e53d4bd88184b2b0363a6488f30f5bc148813d35f6ca11a8d5ed70db81a4289a63b11ec3e60a7a699fb381956a1bb88e924861eeded629e3dc6cd719f1f3c9719352f315efd6766e508000800fffc0003263bc3085c27ba7df7c5dd1a12f19410ab1f898cb08e319b52d5fbb784bc7561b36b0c0086ddc35500df71f718b8d5b966f572fef6ab12aafa26b81b4bd7886c01b4a443b1bf358c41dfc247d5c7573715b87ef3f696ba945c9cd2b6230b492fabb8e581757f69ed79b947c9e26e8eb231db73ba6e3ef5e005d26986d66318f3b801bb1fcf74eb86c63b364812f4b338e3b2d16cd5b168b57c0ffe8f2bc4158637e60e9fcbcd5ef10c48cbf3e01f16372122b7043627bd94be07f8ecfddfd31f1665080088be0000000314050e0601000000fffffffa080022eb000000002104fe8102000000000000081000a00608006558000000020ed3d214dfe0b1217b3a056523b616e073e4c5f311bd9272179327a95deb007477ff0081f21753fea8446f547a43bc1243cf25c63d0f2b1e1fe7b9eeab29849f384bcec2c01a95f34b3bc1efdfd289ef6b2de018d1e6c6921e652eee4c4df0cd090691414eaa7dac3f9d909b38095b7fbcd7a79d575d27f4d4edd5fecd31c49cbf05e1e6ffbe624603b20a582934000000000000000000000000000000000000000000000000"], 0x2e4) mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0) 2018/03/26 13:05:55 executing program 3: r0 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000001c0)={'lo\x00', 0x0}) r2 = syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0xffffffff80000001, 0x20000) connect$bt_l2cap(r2, &(0x7f00000000c0)={0x1f, 0x9, {0x101, 0xffff, 0x7, 0x9, 0x7e000000000000, 0x2}, 0x5, 0x4aaa}, 0xe) sendmsg$nl_route(r0, &(0x7f0000000240)={&(0x7f0000000000)={0x10}, 0xc, &(0x7f0000000040)={&(0x7f0000000180)=@bridge_delneigh={0x28, 0x1c, 0xf07, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@NDA_LLADDR={0xc, 0x2, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}]}, 0x28}, 0x1}, 0x0) ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000100)={@dev={0xfe, 0x80, [], 0x1f}, @mcast1={0xff, 0x1, [], 0x1}, @ipv4={[], [0xff, 0xff], @dev={0xac, 0x14, 0x14, 0x1a}}, 0xffffffffffffffd2, 0x3, 0x4, 0x400, 0x3, 0x80000, r1}) 2018/03/26 13:05:55 executing program 1: r0 = socket$inet_sctp(0x2, 0x5, 0x84) sendto$inet(r0, &(0x7f0000000000)="a9", 0x1, 0x0, &(0x7f0000000040)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10) recvmmsg(r0, &(0x7f0000002700)=[{{&(0x7f00000001c0)=@llc, 0x80, &(0x7f0000001680), 0x0, &(0x7f0000001700)=""/4096, 0x1000}}], 0x1, 0x0, 0x0) listen(r0, 0x3) r1 = accept4(r0, 0x0, &(0x7f0000000140)=0x83, 0x0) setsockopt$inet6_MRT6_DEL_MFC(r1, 0x29, 0xcd, &(0x7f0000000080)={{0xa, 0x4e22, 0x50, @dev={0xfe, 0x80, [], 0xe}, 0x8}, {0xa, 0x4e21, 0xfa3a, @empty, 0x4}, 0x1, [0x6, 0x3ff, 0x58, 0x5, 0x1, 0x1, 0x4, 0xfffffffffffffff8]}, 0x5c) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000000240)={{{@in=@broadcast, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@multicast2}, 0x0, @in=@local}}, &(0x7f0000000100)=0xe8) getsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in=@dev, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}}}, &(0x7f0000000180)=0xe8) setsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000440)={{{@in6=@local={0xfe, 0x80, [], 0xaa}, @in=@multicast2=0xe0000002, 0x4e24, 0xf2d, 0x4e24, 0x0, 0xa, 0x0, 0x20, 0x21, r2, r3}, {0x6, 0x7, 0x5, 0x6, 0xfffffffffffffff8, 0x80, 0xffff, 0x800}, {0x4, 0x8, 0xf67, 0xbb49}, 0x10000, 0x6e6bbf, 0x1, 0x1, 0x1, 0x1}, {{@in=@local={0xac, 0x14, 0x14, 0xaa}, 0x4d3, 0x32}, 0x2, @in=@multicast2=0xe0000002, 0x3506, 0x2, 0x3, 0x800, 0x3, 0x2, 0x6}}, 0xe8) [ 1063.348952] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1063.357713] [25337] 0 25337 11408 2089 65536 0 0 syz-executor1 [ 1063.366612] Memory cgroup out of memory: Kill process 25337 (syz-executor1) score 2105000 or sacrifice child [ 1063.376673] Killed process 25337 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:55 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000340)={&(0x7f0000000040)={0x10}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)=@getlink={0x34, 0x12, 0x11, 0x0, 0x0, {}, [@IFLA_IFNAME={0x14, 0x3, 'lo\x00'}]}, 0xff8d}, 0x1}, 0x0) setsockopt$netlink_NETLINK_RX_RING(r0, 0x10e, 0x6, &(0x7f0000000000)={0xfffffffffffffff7, 0x600, 0x100000001, 0x10001}, 0x10) 2018/03/26 13:05:55 executing program 3: r0 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x80000) ioctl$TIOCSBRK(r0, 0x5427) syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x5, 0x200) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) capset(&(0x7f00000fc000)={0x19980330}, &(0x7f0000000040)) syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x802) setsockopt$inet6_int(r1, 0x29, 0xcb, &(0x7f0000114000), 0x4) [ 1063.663723] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1063.674749] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1063.679915] CPU: 0 PID: 25356 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1063.687269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1063.696618] Call Trace: [ 1063.699210] dump_stack+0x194/0x24d [ 1063.702838] ? arch_local_irq_restore+0x53/0x53 [ 1063.707503] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1063.712703] dump_header+0x28c/0xe2b [ 1063.716425] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1063.721611] ? arch_local_irq_restore+0x53/0x53 [ 1063.726375] ? perf_trace_lock+0xd6/0x900 [ 1063.730502] ? __lock_acquire+0x664/0x3e00 [ 1063.734720] ? trace_event_raw_event_lock+0x340/0x340 [ 1063.739895] ? perf_trace_lock+0xd6/0x900 [ 1063.744026] ? trace_hardirqs_off+0x10/0x10 [ 1063.748320] ? perf_trace_lock+0xd6/0x900 [ 1063.752445] ? trace_event_raw_event_lock+0x340/0x340 [ 1063.757613] ? __lock_acquire+0x664/0x3e00 [ 1063.761823] ? task_will_free_mem+0x252/0xaa0 [ 1063.766302] ? print_irqtrace_events+0x270/0x270 [ 1063.771048] ? ___ratelimit+0x30d/0x630 [ 1063.774999] ? lock_downgrade+0x980/0x980 [ 1063.779135] ? lock_release+0xa40/0xa40 [ 1063.783092] ? mark_held_locks+0xaf/0x100 [ 1063.787218] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1063.792299] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1063.797291] ? trace_hardirqs_on+0xd/0x10 [ 1063.801415] ? ___ratelimit+0x95/0x630 [ 1063.805284] ? idr_get_free+0xfd0/0xfd0 [ 1063.809236] ? find_held_lock+0x35/0x1d0 [ 1063.813284] oom_kill_process+0x8b9/0x1640 [ 1063.817495] ? lock_downgrade+0x980/0x980 [ 1063.821625] ? __lock_is_held+0xb6/0x140 [ 1063.825665] ? oom_evaluate_task+0x480/0x480 [ 1063.830062] ? rcu_read_unlock+0x35/0x70 [ 1063.834099] ? mem_cgroup_iter+0x363/0xbd0 [ 1063.838310] ? lock_downgrade+0x980/0x980 [ 1063.842443] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1063.847177] ? mark_held_locks+0xaf/0x100 [ 1063.851390] ? _raw_spin_unlock_irq+0x27/0x70 [ 1063.855864] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1063.860857] ? trace_hardirqs_on+0xd/0x10 [ 1063.864978] ? _raw_spin_unlock_irq+0x27/0x70 [ 1063.869450] ? css_task_iter_end+0x280/0x430 [ 1063.873833] ? _raw_spin_unlock_irq+0x27/0x70 [ 1063.878306] ? cgroup_procs_next+0x70/0x70 [ 1063.882515] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1063.887507] ? trace_hardirqs_on+0xd/0x10 [ 1063.891630] ? _raw_spin_unlock_irq+0x27/0x70 [ 1063.896104] ? oom_badness+0x980/0x980 [ 1063.899969] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1063.904703] ? mem_cgroup_iter_break+0x30/0x30 [ 1063.909287] ? finish_wait+0x268/0x490 [ 1063.913155] ? lock_downgrade+0x980/0x980 [ 1063.917284] out_of_memory+0x86d/0x1220 [ 1063.921245] ? oom_killer_disable+0x310/0x310 [ 1063.925716] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1063.930798] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1063.935790] ? trace_hardirqs_on+0xd/0x10 [ 1063.939923] mem_cgroup_out_of_memory+0x159/0x200 [ 1063.944742] ? swap_max_write+0x110/0x110 [ 1063.948861] ? do_raw_spin_trylock+0x190/0x190 [ 1063.953429] ? _raw_spin_unlock+0x22/0x30 [ 1063.957558] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1063.962551] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1063.967978] ? find_held_lock+0x35/0x1d0 [ 1063.972025] ? memcg_event_wake+0x420/0x420 [ 1063.976327] ? __do_page_fault+0x5f7/0xc90 [ 1063.980538] ? lock_downgrade+0x980/0x980 [ 1063.984668] pagefault_out_of_memory+0xbd/0x152 [ 1063.989311] ? out_of_memory+0x1220/0x1220 [ 1063.993519] ? handle_mm_fault+0x465/0xb10 [ 1063.997734] ? __handle_mm_fault+0x38c0/0x38c0 [ 1064.002288] ? vmacache_find+0x5f/0x280 [ 1064.006236] ? vmacache_update+0xfe/0x130 [ 1064.010365] mm_fault_error+0xd6/0x2c0 [ 1064.014243] __do_page_fault+0xb4d/0xc90 [ 1064.018296] ? mm_fault_error+0x2c0/0x2c0 [ 1064.022422] ? kernel_write+0x120/0x120 [ 1064.026375] ? do_syscall_64+0xb7/0x940 [ 1064.030328] do_page_fault+0xee/0x730 [ 1064.034119] ? __do_page_fault+0xc90/0xc90 [ 1064.038330] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1064.043067] ? syscall_return_slowpath+0x550/0x550 [ 1064.047981] ? syscall_return_slowpath+0x2ac/0x550 [ 1064.052886] ? prepare_exit_to_usermode+0x350/0x350 [ 1064.057884] ? retint_user+0x18/0x18 [ 1064.061574] ? page_fault+0x2f/0x50 [ 1064.065175] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1064.069997] ? page_fault+0x2f/0x50 [ 1064.073613] page_fault+0x45/0x50 [ 1064.077048] RIP: 0033:0x409b83 [ 1064.080211] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1064.085551] RAX: 0000001b9bc20000 RBX: 000000000000128c RCX: 000000000040e950 [ 1064.092795] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1064.100048] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1064.107291] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1064.114533] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1064.122178] Task in /syz1 killed as a result of limit of /syz1 [ 1064.128310] memory: usage 0kB, limit 0kB, failcnt 4228 [ 1064.133622] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1064.140412] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1064.146588] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1064.166053] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1064.174761] [25356] 0 25356 11408 2089 65536 0 0 syz-executor1 [ 1064.183643] Memory cgroup out of memory: Kill process 25356 (syz-executor1) score 2105000 or sacrifice child [ 1064.193683] Killed process 25356 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1064.216819] oom_reaper: reaped process 25356 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:56 executing program 5: setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x10) r0 = msgget$private(0x0, 0x80) msgrcv(r0, &(0x7f00000000c0)={0x0, ""/171}, 0xb3, 0x1, 0x2000) r1 = socket(0x11, 0x4000000000080003, 0x0) perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000200)) setsockopt(r1, 0x107, 0xd, &(0x7f0000001000), 0x47e) sendmmsg(r1, &(0x7f0000003e80)=[{{&(0x7f0000000040)=@in6={0xa, 0x0, 0x3, @mcast1={0xff, 0x1, [], 0x1}}, 0x1c, &(0x7f0000000300), 0x0, &(0x7f0000000340)}}, {{&(0x7f0000000e80)=@ipx={0x4, 0x0, 0x0, "85016dfe9b78"}, 0xc7, &(0x7f0000000f80), 0x0, &(0x7f0000002480), 0xdd}}], 0x2, 0x0) 2018/03/26 13:05:56 executing program 1: r0 = socket(0x10, 0x802, 0x0) write(r0, &(0x7f0000000100)="220000001a000704009433de0100040080010f0092ac001500fffe3b06000f00ff27", 0xfffffffffffffdbe) getsockopt$inet6_buf(r0, 0x29, 0x1b, &(0x7f0000000000)=""/98, &(0x7f0000000080)=0x62) 2018/03/26 13:05:56 executing program 3: r0 = syz_open_dev$sndmidi(&(0x7f0000000040)='/dev/snd/midiC#D#\x00', 0x5, 0x0) setsockopt$bt_BT_VOICE(r0, 0x112, 0xb, &(0x7f0000000080)=0x1, 0x2) r1 = openat$ion(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ion\x00', 0x0, 0x0) ioctl(r1, 0xc0184900, &(0x7f0000002000)) 2018/03/26 13:05:56 executing program 4: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f00001b3000)='/dev/vhost-vsock\x00', 0x2, 0x0) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x2200, 0x0) ioctl$DRM_IOCTL_AGP_ACQUIRE(r2, 0x6430) ioctl$VHOST_SET_LOG_BASE(r1, 0xaf01, &(0x7f0000307000)=&(0x7f0000989fff)) ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000336f58)=ANY=[@ANYBLOB="0000000200000000"]) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000df5fd8)={0x0, 0x0, &(0x7f00003acf97)=""/105, &(0x7f0000bf6000)=""/228, &(0x7f000017d000)=""/199}) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f00000000c0)) ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000cef000)={0x1, 0x0, &(0x7f000062a000)=""/167, &(0x7f0000aac000)=""/21, &(0x7f00002fdf52)=""/174}) signalfd4(r0, &(0x7f0000000040)={0x3}, 0x8, 0x800) ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000f82ffc)=0x1) 2018/03/26 13:05:56 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x0) r1 = getpgrp(0x0) ptrace$getsig(0x4202, r1, 0x8, &(0x7f0000000080)) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r0, 0xc04c5349, &(0x7f0000000200)) 2018/03/26 13:05:56 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') getsockname(r0, &(0x7f0000000000)=@ll={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @link_local}, &(0x7f00000000c0)=0x80) setsockopt$RDS_GET_MR_FOR_DEST(r0, 0x114, 0x7, &(0x7f0000000180)={@ll={0x11, 0x4, r1, 0x1, 0x3, 0x6, @dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xd}}, {&(0x7f0000000100)=""/1, 0x1}, &(0x7f0000000140), 0x50}, 0xa0) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) readahead(r0, 0xffffffffffffffff, 0x101) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) dup(r0) 2018/03/26 13:05:56 executing program 6: r0 = socket(0x1e, 0x2000000000000005, 0x0) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000380)={'bridge0\x00', &(0x7f0000000000)=ANY=[@ANYBLOB='\t']}) socket$kcm(0x29, 0x0, 0x0) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r0, 0x84, 0x1e, &(0x7f0000000040)=0x4, 0x4) 2018/03/26 13:05:56 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x5}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) timer_create(0x6, &(0x7f00000000c0)={0x0, 0x1e, 0x0, @thr={&(0x7f0000000000)="4b3c1c28de757b67684a3d8a417c819199975f1b6c830c9054e2268d5500b6d76ce4224835bebdf5f7ec8c62c8f9b4671240ca92fa93a53665bfe919b47926577adbd3961e06986314ebd5ca20ed2bdc05bf28c6ef3e0eda3e083a0c8a5d33e453126a701c568d3ccd25d4", &(0x7f0000000080)="6141379a63531ada104ce9fc46"}}, &(0x7f0000000100)) 2018/03/26 13:05:56 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x880) r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='ns/net\x00') rt_sigprocmask(0x3, &(0x7f00000000c0)={0x5}, &(0x7f00000001c0), 0x8) bind$alg(r1, &(0x7f0000000040)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(cast5)\x00'}, 0x58) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) modify_ldt$read(0x0, &(0x7f0000000140)=""/111, 0x6f) [ 1064.463147] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1064.474190] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1064.479454] CPU: 1 PID: 25383 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1064.486811] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1064.496179] Call Trace: [ 1064.498771] dump_stack+0x194/0x24d [ 1064.502409] ? arch_local_irq_restore+0x53/0x53 [ 1064.507082] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1064.512288] dump_header+0x28c/0xe2b [ 1064.516030] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1064.521224] ? arch_local_irq_restore+0x53/0x53 [ 1064.525877] ? perf_trace_lock+0xd6/0x900 [ 1064.530006] ? perf_trace_lock_acquire+0xe3/0x980 [ 1064.534838] ? __lock_acquire+0x664/0x3e00 [ 1064.539062] ? trace_event_raw_event_lock+0x340/0x340 [ 1064.544237] ? perf_trace_lock+0x900/0x900 [ 1064.548456] ? perf_trace_lock+0xd6/0x900 [ 1064.552582] ? perf_trace_lock_acquire+0xe3/0x980 [ 1064.557406] ? trace_hardirqs_off+0x10/0x10 [ 1064.561715] ? trace_event_raw_event_lock+0x340/0x340 [ 1064.566893] ? __lock_acquire+0x664/0x3e00 [ 1064.571109] ? task_will_free_mem+0x252/0xaa0 [ 1064.575598] ? print_irqtrace_events+0x270/0x270 [ 1064.580352] ? ___ratelimit+0x30d/0x630 [ 1064.584308] ? lock_downgrade+0x980/0x980 [ 1064.588446] ? lock_release+0xa40/0xa40 [ 1064.592415] ? mark_held_locks+0xaf/0x100 [ 1064.596546] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1064.601636] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1064.606637] ? trace_hardirqs_on+0xd/0x10 [ 1064.610772] ? ___ratelimit+0x95/0x630 [ 1064.614644] ? idr_get_free+0xfd0/0xfd0 [ 1064.618602] ? find_held_lock+0x35/0x1d0 [ 1064.622662] oom_kill_process+0x8b9/0x1640 [ 1064.626879] ? lock_downgrade+0x980/0x980 [ 1064.631028] ? __lock_is_held+0xb6/0x140 [ 1064.635083] ? oom_evaluate_task+0x480/0x480 [ 1064.639497] ? rcu_read_unlock+0x35/0x70 [ 1064.643535] ? mem_cgroup_iter+0x363/0xbd0 [ 1064.647749] ? lock_downgrade+0x980/0x980 [ 1064.651888] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1064.656631] ? mark_held_locks+0xaf/0x100 [ 1064.660762] ? _raw_spin_unlock_irq+0x27/0x70 [ 1064.665240] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1064.670239] ? trace_hardirqs_on+0xd/0x10 [ 1064.674364] ? _raw_spin_unlock_irq+0x27/0x70 [ 1064.678844] ? css_task_iter_end+0x280/0x430 [ 1064.683233] ? _raw_spin_unlock_irq+0x27/0x70 [ 1064.687708] ? cgroup_procs_next+0x70/0x70 [ 1064.691917] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1064.696917] ? trace_hardirqs_on+0xd/0x10 [ 1064.701044] ? _raw_spin_unlock_irq+0x27/0x70 [ 1064.705525] ? oom_badness+0x980/0x980 [ 1064.709396] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1064.714139] ? mem_cgroup_iter_break+0x30/0x30 [ 1064.718729] ? finish_wait+0x268/0x490 [ 1064.722599] ? lock_downgrade+0x980/0x980 [ 1064.726734] out_of_memory+0x86d/0x1220 [ 1064.730709] ? oom_killer_disable+0x310/0x310 [ 1064.735200] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1064.740287] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1064.745288] ? trace_hardirqs_on+0xd/0x10 [ 1064.749435] mem_cgroup_out_of_memory+0x159/0x200 [ 1064.754259] ? swap_max_write+0x110/0x110 [ 1064.758393] ? do_raw_spin_trylock+0x190/0x190 [ 1064.762973] ? _raw_spin_unlock+0x22/0x30 [ 1064.767110] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1064.772113] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1064.777547] ? find_held_lock+0x35/0x1d0 [ 1064.781596] ? memcg_event_wake+0x420/0x420 [ 1064.785902] ? __do_page_fault+0x5f7/0xc90 [ 1064.790122] ? lock_downgrade+0x980/0x980 [ 1064.794258] pagefault_out_of_memory+0xbd/0x152 [ 1064.798912] ? out_of_memory+0x1220/0x1220 [ 1064.803125] ? handle_mm_fault+0x465/0xb10 [ 1064.807349] ? __handle_mm_fault+0x38c0/0x38c0 [ 1064.811921] ? vmacache_find+0x5f/0x280 [ 1064.815876] ? vmacache_update+0xfe/0x130 [ 1064.820009] mm_fault_error+0xd6/0x2c0 [ 1064.823889] __do_page_fault+0xb4d/0xc90 [ 1064.827947] ? mm_fault_error+0x2c0/0x2c0 [ 1064.832082] ? kernel_write+0x120/0x120 [ 1064.836045] ? do_syscall_64+0xb7/0x940 [ 1064.840006] do_page_fault+0xee/0x730 [ 1064.843794] ? __do_page_fault+0xc90/0xc90 [ 1064.848010] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1064.852763] ? syscall_return_slowpath+0x550/0x550 [ 1064.857684] ? syscall_return_slowpath+0x2ac/0x550 [ 1064.862601] ? prepare_exit_to_usermode+0x350/0x350 [ 1064.867609] ? retint_user+0x18/0x18 [ 1064.871307] ? page_fault+0x2f/0x50 [ 1064.874914] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1064.879744] ? page_fault+0x2f/0x50 [ 1064.883353] page_fault+0x45/0x50 [ 1064.886782] RIP: 0033:0x409b83 [ 1064.889950] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1064.895302] RAX: 0000001b9bc20000 RBX: 000000000000128d RCX: 000000000040e950 [ 1064.902551] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1064.909798] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1064.917054] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1064.924301] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1064.932222] Task in /syz1 killed as a result of limit of /syz1 [ 1064.938257] memory: usage 0kB, limit 0kB, failcnt 4236 [ 1064.943588] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1064.950370] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 2018/03/26 13:05:57 executing program 3: symlink(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00') lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) setregid(r0, r0) pipe(&(0x7f00000000c0)={0xffffffffffffffff}) symlinkat(&(0x7f0000000080)='./file0\x00', r1, &(0x7f00000001c0)='./file0\x00') 2018/03/26 13:05:57 executing program 6: r0 = getpgrp(0x0) sched_setaffinity(r0, 0x8, &(0x7f0000a2f000)=0x9) clock_nanosleep(0x0, 0x0, &(0x7f00006ba000)={0x0, 0x1c9c380}, &(0x7f0000daaff8)) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x0, 0x0) ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x0}]}) ioctl$DRM_IOCTL_GET_CTX(r1, 0xc0086423, &(0x7f00000001c0)={r2, 0x3}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0) mlock2(&(0x7f00007b0000/0x3000)=nil, 0x3000, 0x0) wait4(0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000100)) [ 1064.956548] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1064.976007] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1064.984807] [25383] 0 25383 11408 2089 65536 0 0 syz-executor1 [ 1064.993732] Memory cgroup out of memory: Kill process 25383 (syz-executor1) score 2105000 or sacrifice child [ 1065.003745] Killed process 25383 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:57 executing program 3: r0 = socket$alg(0x26, 0x5, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x801, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000080)=0x14) ioctl$DRM_IOCTL_ADD_CTX(r1, 0xc0086420, &(0x7f0000000100)={0x0}) ioctl$DRM_IOCTL_RM_CTX(r1, 0xc0086421, &(0x7f0000000200)={r3, 0x3}) bind$packet(r1, &(0x7f00000000c0)={0x11, 0xff, r2, 0x1, 0x200, 0x6, @random="94e022428e6e"}, 0x14) bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw-serpent-avx2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000001c0)="d3ab271918602dff05000b00000000001b3a730c330f61acd6ab05d2a013b1ea17c94cf7f0803d5c4d069a05d2ad4f", 0x2f) 2018/03/26 13:05:57 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000000080)='/dev/snd/seq\x00', 0x0, 0x102fff) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:57 executing program 1: r0 = socket$unix(0x1, 0x5, 0x0) bind$unix(r0, &(0x7f000000dff8)=@file={0x1}, 0x2) r1 = add_key(&(0x7f0000bbaff8)='trusted\x00', &(0x7f0000c33ffb)={0x73, 0x79, 0x7a}, &(0x7f00000d6000), 0x0, 0xffffffffffffffff) listen(r0, 0x79e) add_key(&(0x7f0000efeffa)='logon\x00', &(0x7f0000a13000)={0x73, 0x79, 0x7a}, &(0x7f0000000000), 0xffffffffffffffcc, r1) ioctl$TUNSETIFINDEX(0xffffffffffffffff, 0x400454da, &(0x7f0000000200)) listen(r0, 0x0) 2018/03/26 13:05:57 executing program 0: r0 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000100)={"d202b999cf85000000000088f301e710", 0x200}) mmap(&(0x7f0000000000/0xfea000)=nil, 0xfea000, 0x0, 0x32, 0xffffffffffffffff, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = syz_open_procfs(0x0, &(0x7f0000000140)='statm\x00') getsockopt$inet_sctp_SCTP_INITMSG(r2, 0x84, 0x2, &(0x7f0000000200), &(0x7f0000000240)=0x8) socketpair$inet6_udp(0xa, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f00000003c0)={r2, r3, 0x7ff, 0x7, &(0x7f00000002c0)="2207b5ce1c7150b92544d8030599d3f94716721e411624386a646180219519f82f4d723e3157a9732f25c12151ec6200927f78a0daae5739c6aa15d3e900d000dc581ffa0ccf91180f2ee843ae0ab54a1628b0f4bd4aea53f7006cb018d69938a115187088bcc1dfb0cefa5cd77d6c9e3ce18cd567e065c04a6ee2f7c9ba715a2a3ecc7a7d726a39aebf0b821a53f257c556778d2a1aa23792476f8d24faf880c5b416fb0eba65658958be7407bf1e2bcd93b007a99a30a580fdeaa254a1f48bee0708c19b0344ecd531044582c113b4bfdb3d70351ad573e502e8cdb587f5fb8df743b4523e73572f915c7c5c89e18d7622f5ffe42ea9859f9181a8", 0x1000, 0x6, 0x3ff, 0x8001, 0x7ff, 0x1f, 0x7, "fd22c845b3a569c7a4d7acf96b1313654fefe91b8bc24d6a7f3decd778917ff992f20256e20b19694d2dbce344ac7ee6381bfaaf38f6e8aa8e3b501718f1b806e268736ef2304c3a73d9f02e2ced51d95f678e4ace1cfcda75a96433315b46bac4b42e568d547574391764ee066adc5d15b57cc6b96b97b21f71b1194c9a444d8cf74c666dfa4d"}) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000180)={0x0, &(0x7f0000000140)}) r4 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x18000, 0x0) ioctl$KVM_GET_DEVICE_ATTR(r4, 0x4018aee2, &(0x7f0000000080)={0x0, 0xfff, 0x6, &(0x7f0000000040)}) 2018/03/26 13:05:57 executing program 5: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$netlink(0xa, 0x5, 0x0) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x84, 0x6b, &(0x7f0000000040), 0x6227bfb0004c0920) bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfb, 0x80000}, 0xc) 2018/03/26 13:05:57 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) socket$inet_dccp(0x2, 0x6, 0x0) 2018/03/26 13:05:57 executing program 4: r0 = socket$inet(0x2b, 0x1, 0x0) bind$inet(r0, &(0x7f0000000600)={0x2, 0x4e23, @multicast2=0xe0000002}, 0x10) connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e23}, 0x10) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x0, 0x0) ioctl$VHOST_SET_VRING_BUSYLOOP_TIMEOUT(r1, 0x4008af23, &(0x7f0000000040)={0x0, 0x9}) getpeername(r0, &(0x7f0000000100)=@hci, &(0x7f0000000140)=0xc) 2018/03/26 13:05:57 executing program 6: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = syz_open_dev$dspn(&(0x7f0000000100)='/dev/dsp#\x00', 0x79ed62f1, 0x200880) ioctl$KDSETKEYCODE(r1, 0x4b4d, &(0x7f0000000180)={0x3, 0x6c}) ioctl$sock_ifreq(r0, 0x89f8, &(0x7f0000000140)={'sit0\x00', @ifru_data=&(0x7f0000000080)="48803d6b61439579b6d04dd4102d09b21f8e3ef66a49b9acdf65e7fc2c583929"}) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x4080, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r2, 0x84, 0x15, &(0x7f00000000c0)={0x3}, 0x1) 2018/03/26 13:05:57 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x101000) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r0, 0xc08c5335, &(0x7f0000000000)={0x58, 0x751, 0x8, 'queue0\x00', 0x3}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:05:57 executing program 0: r0 = perf_event_open(&(0x7f0000d2af88)={0x2, 0x70, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = geteuid() stat(&(0x7f0000000100)='./bus\x00', &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fchown(r0, r2, r3) r4 = socket$inet6(0xa, 0x400000000001, 0x0) setsockopt$inet6_tcp_int(r4, 0x6, 0x19, &(0x7f000074fffc)=0x3, 0xa9) r5 = shmget$private(0x0, 0x1000, 0x54000093, &(0x7f0000fff000/0x1000)=nil) r6 = getpgid(0xffffffffffffffff) r7 = getpid() shmctl$IPC_SET(r5, 0x1, &(0x7f00000004c0)={{0x9, r2, r3, r1, r3, 0x80, 0x18e}, 0x9, 0x8000, 0x9, 0x4, r6, r7, 0x7}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r4, 0xc05c5340, &(0x7f0000000200)={0x4, 0x8, 0x100000000, {0x77359400}, 0x1f, 0x100000000}) r8 = syz_open_dev$binder(&(0x7f0000000280)='/dev/binder#\x00', 0x0, 0x802) r9 = dup(r4) setsockopt$inet6_tcp_int(r4, 0x6, 0x20000000000000, &(0x7f0000000600)=0x81, 0x4) ioctl$int_in(r4, 0x5421, &(0x7f0000000000)=0xfc) bind$inet6(r4, &(0x7f0000fa0fe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) setsockopt$inet_sctp6_SCTP_MAX_BURST(r9, 0x84, 0x14, &(0x7f0000000440)=@int=0x7, 0x4) sendto$inet6(r4, &(0x7f0000e77fff), 0x2bd, 0x20000008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) ioctl$DRM_IOCTL_AGP_ENABLE(r9, 0x40086432, &(0x7f0000000140)=0x380) getsockopt$inet_sctp_SCTP_RESET_STREAMS(r9, 0x84, 0x77, &(0x7f0000000040)=ANY=[@ANYRES32=0x0, @ANYBLOB="7f0006005a4306000801000600"], &(0x7f0000000080)=0x2) ioctl$BINDER_GET_NODE_DEBUG_INFO(r8, 0xc018620b, &(0x7f00000003c0)={0x0}) ioctl$BINDER_GET_NODE_DEBUG_INFO(r9, 0xc018620b, &(0x7f0000000480)={r11}) setpriority(0x1, r6, 0x80000000) socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet_sctp6_SCTP_ASSOCINFO(r9, 0x84, 0x1, &(0x7f00000000c0)={r10, 0x5, 0x1, 0x100, 0x6, 0xac2}, 0x14) setsockopt$SO_TIMESTAMPING(r9, 0x1, 0x25, &(0x7f0000000580)=0x1, 0x4) ioctl$sock_bt_bnep_BNEPCONNADD(r9, 0x400442c8, &(0x7f0000000640)=ANY=[@ANYRES32=r9, @ANYBLOB="1f00000029c5469648eb991166927d76ffbfb48c0ba15fa9a2cef2f9e0f4f15604a0116cf961e568882455531bce4cd1e3f79d25442951da978e400ff7e04889faea079415a24d022264226d35b6de3bb3d5589ce80959b9747999d77e7004278f201d0219861a1c472acdd6355eb0fd7efa140ae075fdef1ffc2f73e4afef1662f7e7436543ba0734140e40b3414ee2096bd534ae9f5fd10f5e80597cdbafb16767631a9dc4da6f28af1740ecf17927431b8a58646158bbe503e1d19c2f04cbf0612aa9ea9f1a22c8f9f3fcff6b4f7963ba70046e99642ab1de8ca63182e438eb031b5673d2f657b99309d9778f0abddb1c0c178b1ea4ea05abc41476a34b04a5aea86f8dc1464e770f60f4d50f8dcfa0dfbeac0d0ef52f3d561b226c0511bea78229c2fdcc7278103db5e69493afe25d8163fe2b8ea7fbcf134fc9775d3246f62a2d50c348d2b3a2bca35634fd"]) r12 = open(&(0x7f0000000540)='./bus\x00', 0x141042, 0xa2) ftruncate(r12, 0x7fff) sendfile(r9, r12, &(0x7f0000000400), 0x8000fffffffe) 2018/03/26 13:05:57 executing program 3: r0 = syz_open_procfs(0x0, &(0x7f0000270ff2)='net/fib_trie\x00') bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-avx2\x00'}, 0x56) perf_event_open(&(0x7f000025c000)={0x2, 0x78}, 0x0, 0x0, 0xffffffffffffffff, 0x0) timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000001300)={{0x77359400}, {0x0, 0x1c9c380}}, &(0x7f0000001340)) accept4$alg(r0, 0x0, 0x0, 0x800) r1 = syz_open_dev$sg(&(0x7f0000000180)='/dev/sg#\x00', 0x0, 0x4) listxattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000240)=""/69, 0x45) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000140)) getsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000080)={0x6, [0x400, 0xff, 0x3, 0x1, 0xea80, 0x1f]}, &(0x7f00000000c0)=0x10) ioctl(r1, 0x2275, &(0x7f0000fe7000)="0080") userfaultfd(0x0) ioctl$TIOCNXCL(0xffffffffffffffff, 0x540d) times(&(0x7f0000000040)) socket$key(0xf, 0x3, 0x2) 2018/03/26 13:05:57 executing program 4: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000040)=0x200, 0x4) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [0x0]}, &(0x7f000095dffc)=0xff88) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000000c0)={0x0, 0x6, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x1000000000, 0x0, r1}, 0x20) 2018/03/26 13:05:57 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x200000000000) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000000)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r1 = dup3(r0, r0, 0x80000) ioctl$TIOCCBRK(r1, 0x5428) ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f00000000c0)={0x7fffffff, 0x7fff, 0xff, 0xffffffffffff0001}) 2018/03/26 13:05:57 executing program 6: r0 = socket$inet_sctp(0x2, 0x1, 0x84) sendto$inet(r0, &(0x7f000001d000)="a9", 0x1, 0x0, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10) listen(r0, 0x602) accept(r0, &(0x7f0000000280)=@nfc, &(0x7f0000000040)=0xffffffffffffff48) arch_prctl(0x1007, &(0x7f0000000080)="12b75f61733e3e96a5ae0e8a254d02a4ac240e3cd0b2b7a46307bf38afac9733d8c867a2319f8694d6d7dd7c84d051590f34853cb880eddce4155e9c8942cefb9f7d00e1f8d64e17c63fa836a11a9e1cc33500c8affc832829db42869817016ce83c866463f83e8ecc59c147310a3686233f1e193a4501467838cfeb52f4cfc832150466d115111faf0cf93071d9b9a6ab757ca87b26f0e048a422a002bc36ccb59c0d3fd60d4c5486c6afc3edfad8ecb11bd0b905db8a62b16e4d226737917c1183c54a32de7d158b955127261db13b8cf8a7dc7ceb4ee7a7f5f7814f4a5609160e6a174a418b213120820b497e6c568135a0ee68996c24264b26a3") 2018/03/26 13:05:57 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000d10ff0)={0x2, 0x4e20}, 0x10) listen(r0, 0x0) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x200000, 0x0) statx(r1, &(0x7f0000000080)='./file0\x00', 0x400, 0x0, &(0x7f00000000c0)) r2 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r1, 0xc0145401, &(0x7f00000001c0)={0x1, 0x3, 0x80, 0x0, 0xc0ed}) setsockopt$inet_tcp_int(r2, 0x6, 0x1000000000000c, &(0x7f00007d2e25), 0x4) connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e20, @loopback=0x7f000001}, 0x10) 2018/03/26 13:05:57 executing program 5: r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000002000)={0xaa}) r1 = perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) fcntl$getown(r0, 0x9) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = dup(r1) setsockopt$bt_BT_FLUSHABLE(0xffffffffffffffff, 0x112, 0x8, &(0x7f0000004000)=0x1000, 0x4) ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000003ff0)={&(0x7f0000011000/0x3000)=nil, 0x400000}) 2018/03/26 13:05:57 executing program 4: r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='coredump_filter\x00') writev(r1, &(0x7f000000a000)=[{&(0x7f0000000080)='+0', 0x2}], 0x1) fcntl$F_SET_FILE_RW_HINT(r0, 0x40e, &(0x7f00000000c0)) 2018/03/26 13:05:57 executing program 0: r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0) ioctl$ASHMEM_GET_PROT_MASK(r0, 0x7706, &(0x7f0000000040)) getsockopt$nfc_llcp(r0, 0x118, 0x1, &(0x7f00000000c0)=""/244, 0xf4) r1 = socket$inet6_sctp(0xa, 0x80000000005, 0x84) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000001000)={0x0, @in6={{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}}}, 0x98) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000240)={0x0, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}}, 0x88) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000001000)={{{@in=@rand_addr, @in6=@mcast1={0xff, 0x1, [], 0x1}, 0x0, 0x6}, {}, {0x2}}, {{@in=@multicast2=0xe0000002}, 0x0, @in6=@mcast1={0xff, 0x1, [], 0x1}}}, 0xe8) setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000080)=@req3={0x400, 0x7ff, 0x0, 0x6, 0x9, 0x60, 0x3}, 0x1c) getsockopt$inet6_buf(r1, 0x29, 0x40000030, &(0x7f0000001000)=""/144, &(0x7f0000001ffc)=0x90) [ 1065.895971] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1065.907079] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1065.912245] CPU: 0 PID: 25422 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1065.919598] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1065.928945] Call Trace: [ 1065.931528] dump_stack+0x194/0x24d [ 1065.935157] ? arch_local_irq_restore+0x53/0x53 [ 1065.939828] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1065.945034] dump_header+0x28c/0xe2b [ 1065.948772] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1065.948790] ? arch_local_irq_restore+0x53/0x53 [ 1065.948800] ? perf_trace_lock+0xd6/0x900 [ 1065.948813] ? __lock_acquire+0x664/0x3e00 [ 1065.948832] ? trace_event_raw_event_lock+0x340/0x340 [ 1065.948857] ? perf_trace_lock+0xd6/0x900 [ 1065.948872] ? trace_hardirqs_off+0x10/0x10 [ 1065.948880] ? perf_trace_lock+0xd6/0x900 [ 1065.948894] ? trace_event_raw_event_lock+0x340/0x340 [ 1065.948907] ? __lock_acquire+0x664/0x3e00 [ 1065.948918] ? task_will_free_mem+0x252/0xaa0 [ 1065.948940] ? print_irqtrace_events+0x270/0x270 [ 1065.948967] ? ___ratelimit+0x30d/0x630 [ 1065.948981] ? lock_downgrade+0x980/0x980 [ 1065.949001] ? lock_release+0xa40/0xa40 [ 1065.949021] ? mark_held_locks+0xaf/0x100 [ 1065.949035] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1065.949046] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1065.949058] ? trace_hardirqs_on+0xd/0x10 [ 1065.949074] ? ___ratelimit+0x95/0x630 [ 1065.949089] ? idr_get_free+0xfd0/0xfd0 [ 1065.949098] ? find_held_lock+0x35/0x1d0 [ 1065.949120] oom_kill_process+0x8b9/0x1640 [ 1065.949131] ? lock_downgrade+0x980/0x980 [ 1065.949153] ? __lock_is_held+0xb6/0x140 [ 1065.949173] ? oom_evaluate_task+0x480/0x480 [ 1065.949204] ? rcu_read_unlock+0x35/0x70 [ 1065.949214] ? mem_cgroup_iter+0x363/0xbd0 [ 1065.949223] ? lock_downgrade+0x980/0x980 [ 1065.949246] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1066.080123] ? mark_held_locks+0xaf/0x100 [ 1066.080140] ? _raw_spin_unlock_irq+0x27/0x70 [ 1066.088776] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1066.093788] ? trace_hardirqs_on+0xd/0x10 [ 1066.097929] ? _raw_spin_unlock_irq+0x27/0x70 [ 1066.102419] ? css_task_iter_end+0x280/0x430 [ 1066.106816] ? _raw_spin_unlock_irq+0x27/0x70 [ 1066.111308] ? cgroup_procs_next+0x70/0x70 [ 1066.115529] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1066.120537] ? trace_hardirqs_on+0xd/0x10 [ 1066.124670] ? _raw_spin_unlock_irq+0x27/0x70 [ 1066.129160] ? oom_badness+0x980/0x980 [ 1066.133039] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1066.137789] ? mem_cgroup_iter_break+0x30/0x30 [ 1066.142386] ? finish_wait+0x268/0x490 [ 1066.146267] ? lock_downgrade+0x980/0x980 [ 1066.150423] out_of_memory+0x86d/0x1220 [ 1066.154406] ? oom_killer_disable+0x310/0x310 [ 1066.158890] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1066.163990] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1066.168998] ? trace_hardirqs_on+0xd/0x10 [ 1066.173154] mem_cgroup_out_of_memory+0x159/0x200 [ 1066.177987] ? swap_max_write+0x110/0x110 [ 1066.182122] ? do_raw_spin_trylock+0x190/0x190 [ 1066.186709] ? _raw_spin_unlock+0x22/0x30 [ 1066.190857] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1066.195866] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1066.201310] ? find_held_lock+0x35/0x1d0 [ 1066.205369] ? memcg_event_wake+0x420/0x420 [ 1066.209679] ? __do_page_fault+0x5f7/0xc90 [ 1066.213907] ? lock_downgrade+0x980/0x980 [ 1066.218052] pagefault_out_of_memory+0xbd/0x152 [ 1066.222713] ? out_of_memory+0x1220/0x1220 [ 1066.226933] ? handle_mm_fault+0x465/0xb10 [ 1066.231167] ? __handle_mm_fault+0x38c0/0x38c0 [ 1066.235737] ? vmacache_find+0x5f/0x280 [ 1066.239701] ? vmacache_update+0xfe/0x130 [ 1066.243845] mm_fault_error+0xd6/0x2c0 [ 1066.247733] __do_page_fault+0xb4d/0xc90 [ 1066.251801] ? mm_fault_error+0x2c0/0x2c0 [ 1066.255937] ? kernel_write+0x120/0x120 [ 1066.259906] ? do_syscall_64+0xb7/0x940 [ 1066.263878] do_page_fault+0xee/0x730 [ 1066.267673] ? __do_page_fault+0xc90/0xc90 [ 1066.271922] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1066.276672] ? syscall_return_slowpath+0x550/0x550 [ 1066.281601] ? syscall_return_slowpath+0x2ac/0x550 [ 1066.286537] ? prepare_exit_to_usermode+0x350/0x350 [ 1066.291544] ? retint_user+0x18/0x18 [ 1066.295254] ? page_fault+0x2f/0x50 [ 1066.298878] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1066.303714] ? page_fault+0x2f/0x50 [ 1066.307331] page_fault+0x45/0x50 [ 1066.310768] RIP: 0033:0x409b83 [ 1066.313942] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1066.319296] RAX: 0000001b9bc20000 RBX: 000000000000128e RCX: 000000000040e950 [ 1066.326554] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1066.333811] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1066.341067] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1066.348321] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1066.355682] Task in /syz1 killed as a result of limit of /syz1 [ 1066.361737] memory: usage 0kB, limit 0kB, failcnt 4244 [ 1066.367061] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1066.373857] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1066.380036] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1066.399501] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1066.408256] [25422] 0 25422 11408 2089 65536 0 0 syz-executor1 [ 1066.417141] Memory cgroup out of memory: Kill process 25422 (syz-executor1) score 2105000 or sacrifice child [ 1066.427141] Killed process 25422 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1066.493449] oom_reaper: reaped process 25422 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:05:58 executing program 3: r0 = socket$inet_tcp(0x2, 0x1, 0x0) io_setup(0x2, &(0x7f0000000080)=0x0) r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x300, 0x80) ioctl$TUNDETACHFILTER(r2, 0x401054d6, 0x0) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffff9c, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)}, &(0x7f0000000100)=0x10) ioctl$sock_bt_cmtp_CMTPGETCONNINFO(0xffffffffffffffff, 0x800443d3, &(0x7f0000000040)={{}, 0x0, 0x7}) io_submit(r1, 0x1, &(0x7f00000000c0)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000001000), 0x0, 0x400000000000}]) ioctl$UFFDIO_UNREGISTER(r2, 0x8010aa01, &(0x7f0000000140)={&(0x7f0000ffa000/0x4000)=nil, 0x4000}) 2018/03/26 13:05:58 executing program 0: socket$nl_generic(0x10, 0x3, 0x10) r0 = socket$netlink(0xa, 0x5, 0x0) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer2\x00', 0x8000, 0x0) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f00000000c0)=[@in={0x2, 0x4e21, @broadcast=0xffffffff}, @in={0x2, 0x4e24, @multicast2=0xe0000002}, @in6={0xa, 0x4e20, 0x10000, @empty, 0x40}, @in6={0xa, 0x4e20, 0x8001, @empty, 0x5}, @in6={0xa, 0x4e24, 0x6f, @ipv4={[], [0xff, 0xff], @multicast2=0xe0000002}, 0x100}], 0x74) setsockopt$netlink_NETLINK_CAP_ACK(r0, 0x84, 0x6b, &(0x7f0000000040), 0x6227bfb0004c0920) syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x4, 0x200000) 2018/03/26 13:05:58 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x2000000000) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f00000000c0)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x160411, 0xffffffffffffffff, 0x7ffe, 0x1000000001000000, 0x20, 0x0, 0x0, 0x3, 0xfffffffffffffffc}) 2018/03/26 13:05:58 executing program 6: r0 = socket$inet6(0xa, 0x80001, 0x0) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f00007de000)={0x0, {{0xa, 0x0, 0x0, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @loopback={0x0, 0x1}}}}, 0x3bb) setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000e5bef8)={0x0, {{0xa, 0x0, 0x3f, @mcast2={0xff, 0x2, [], 0x1}}}, {{0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}}, 0x108) syz_emit_ethernet(0x4a, &(0x7f00003a7000)={@random="cd390b081bf2", @local={[0xaa, 0xaa, 0xaa, 0xaa], 0xffffffffffffffff}, [], {@ipv6={0x86dd, {0x0, 0x6, "540300", 0x14, 0x3a, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [], 0x1}, {[], @tcp={{0x0, 0x0, 0x42424242, 0x42424242, 0x0, 0x0, 0x5}}}}}}}, 0x0) 2018/03/26 13:05:58 executing program 4: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = semget$private(0x0, 0x7, 0x0) semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000000)) r1 = accept4$inet(0xffffffffffffff9c, &(0x7f0000000000)={0x0, 0x0, @dev}, &(0x7f0000000040)=0x10, 0x80800) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000080)={0x0, @in6={{0xa, 0x4e22, 0x12e, @dev={0xfe, 0x80, [], 0xe}, 0x1000}}}, &(0x7f0000000140)=0x84) r3 = syz_open_dev$vcsn(&(0x7f0000000200)='/dev/vcs#\x00', 0x7f, 0x1) ioctl$KVM_GET_NR_MMU_PAGES(r3, 0xae45, 0x5d6) getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000180)=@assoc_value={r2, 0x98f}, &(0x7f00000001c0)=0x8) 2018/03/26 13:05:58 executing program 5: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00009e3ff6)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000629000)) r1 = syz_open_pts(r0, 0x1) fcntl$setstatus(r1, 0x4, 0x2800) ioctl$TCXONC(r1, 0x540a, 0x0) write(r1, &(0x7f0000fd6000)='z', 0x1) r2 = syz_open_dev$sg(&(0x7f0000000000)='/dev/sg#\x00', 0x1f, 0x2) ioctl$KVM_SET_DEBUGREGS(r2, 0x4080aea2, &(0x7f0000000040)={[0x3000, 0x6001, 0x4, 0x102000], 0x800, 0x10, 0x101}) ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f00000000c0)=0xa) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000b3a000)=0x19) syz_open_pts(r1, 0xc0000) ioctl$sock_bt_bnep_BNEPCONNDEL(r2, 0x400442c9, &(0x7f0000000100)={0x3}) close(r0) 2018/03/26 13:05:58 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x80800, 0x0) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x4, 0x9, 0x51b, 0x9, 0x2, 0x2, 0xfffffffffffffffa}, 0xc) 2018/03/26 13:05:58 executing program 1: perf_event_open(&(0x7f000001d000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x13fe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}, 0x0, 0x1}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$netlink_NETLINK_CAP_ACK(0xffffffffffffffff, 0x10e, 0xa, &(0x7f0000000040), 0xffffffffffffffe1) getgid() syz_open_dev$tun(&(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) getgid() [ 1066.885138] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1066.896243] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1066.901402] CPU: 1 PID: 25490 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1066.908757] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1066.918102] Call Trace: [ 1066.920689] dump_stack+0x194/0x24d [ 1066.924320] ? arch_local_irq_restore+0x53/0x53 [ 1066.928989] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1066.934185] dump_header+0x28c/0xe2b [ 1066.937906] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1066.943094] ? arch_local_irq_restore+0x53/0x53 [ 1066.947771] ? __lock_acquire+0x664/0x3e00 [ 1066.951999] ? print_irqtrace_events+0x270/0x270 [ 1066.956793] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1066.961900] ? trace_hardirqs_off+0x10/0x10 [ 1066.966219] ? __lock_acquire+0x664/0x3e00 [ 1066.970447] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1066.975636] ? __lock_acquire+0x664/0x3e00 [ 1066.979863] ? task_will_free_mem+0x252/0xaa0 [ 1066.984358] ? print_irqtrace_events+0x270/0x270 [ 1066.989116] ? ___ratelimit+0x30d/0x630 [ 1066.993086] ? lock_downgrade+0x980/0x980 [ 1066.997230] ? lock_release+0xa40/0xa40 [ 1067.001201] ? mark_held_locks+0xaf/0x100 [ 1067.005342] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1067.010435] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1067.015431] ? trace_hardirqs_on+0xd/0x10 [ 1067.019559] ? ___ratelimit+0x95/0x630 [ 1067.023422] ? idr_get_free+0xfd0/0xfd0 [ 1067.027371] ? find_held_lock+0x35/0x1d0 [ 1067.031420] oom_kill_process+0x8b9/0x1640 [ 1067.035631] ? lock_downgrade+0x980/0x980 [ 1067.039763] ? __lock_is_held+0xb6/0x140 [ 1067.043804] ? oom_evaluate_task+0x480/0x480 [ 1067.048208] ? rcu_read_unlock+0x35/0x70 [ 1067.052241] ? mem_cgroup_iter+0x363/0xbd0 [ 1067.056452] ? lock_downgrade+0x980/0x980 [ 1067.060579] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1067.065311] ? mark_held_locks+0xaf/0x100 [ 1067.069437] ? _raw_spin_unlock_irq+0x27/0x70 [ 1067.073909] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1067.078898] ? trace_hardirqs_on+0xd/0x10 [ 1067.083023] ? _raw_spin_unlock_irq+0x27/0x70 [ 1067.087493] ? css_task_iter_end+0x280/0x430 [ 1067.091874] ? _raw_spin_unlock_irq+0x27/0x70 [ 1067.096342] ? cgroup_procs_next+0x70/0x70 [ 1067.100549] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1067.105540] ? trace_hardirqs_on+0xd/0x10 [ 1067.109659] ? _raw_spin_unlock_irq+0x27/0x70 [ 1067.114131] ? oom_badness+0x980/0x980 [ 1067.118006] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1067.122755] ? mem_cgroup_iter_break+0x30/0x30 [ 1067.127324] ? finish_wait+0x268/0x490 [ 1067.131186] ? lock_downgrade+0x980/0x980 [ 1067.135310] out_of_memory+0x86d/0x1220 [ 1067.139269] ? oom_killer_disable+0x310/0x310 [ 1067.143735] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1067.148817] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1067.153806] ? trace_hardirqs_on+0xd/0x10 [ 1067.157936] mem_cgroup_out_of_memory+0x159/0x200 [ 1067.162781] ? swap_max_write+0x110/0x110 [ 1067.166900] ? do_raw_spin_trylock+0x190/0x190 [ 1067.171462] ? _raw_spin_unlock+0x22/0x30 [ 1067.175591] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1067.180594] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1067.186028] ? find_held_lock+0x35/0x1d0 [ 1067.190069] ? memcg_event_wake+0x420/0x420 [ 1067.194368] ? __do_page_fault+0x5f7/0xc90 [ 1067.198578] ? lock_downgrade+0x980/0x980 [ 1067.202706] pagefault_out_of_memory+0xbd/0x152 [ 1067.207351] ? out_of_memory+0x1220/0x1220 [ 1067.211557] ? handle_mm_fault+0x465/0xb10 [ 1067.215769] ? __handle_mm_fault+0x38c0/0x38c0 [ 1067.220328] ? vmacache_find+0x5f/0x280 [ 1067.224276] ? vmacache_update+0xfe/0x130 [ 1067.228404] mm_fault_error+0xd6/0x2c0 [ 1067.232269] __do_page_fault+0xb4d/0xc90 [ 1067.236313] ? mm_fault_error+0x2c0/0x2c0 [ 1067.240438] ? kernel_write+0x120/0x120 [ 1067.244399] ? do_syscall_64+0xb7/0x940 [ 1067.248350] do_page_fault+0xee/0x730 [ 1067.252124] ? __do_page_fault+0xc90/0xc90 [ 1067.256334] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1067.261847] ? syscall_return_slowpath+0x550/0x550 [ 1067.266752] ? syscall_return_slowpath+0x2ac/0x550 [ 1067.271663] ? retint_user+0x18/0x18 [ 1067.275370] ? page_fault+0x2f/0x50 [ 1067.278970] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1067.283790] ? page_fault+0x2f/0x50 [ 1067.287395] page_fault+0x45/0x50 [ 1067.290822] RIP: 0033:0x409b83 [ 1067.293987] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1067.299327] RAX: 0000001b9bc20000 RBX: 000000000000128f RCX: 000000000040e950 [ 1067.306569] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1067.313812] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1067.321055] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1067.328297] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1067.335622] Task in /syz1 killed as a result of limit of /syz1 [ 1067.341639] memory: usage 0kB, limit 0kB, failcnt 4252 [ 1067.346952] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1067.353730] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1067.359914] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:05:59 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x4100}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000140)="2e2f6367726f75709d6e657400", 0x200002, 0x0) fchdir(r0) r1 = accept$inet6(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, @ipv4={[], [], @multicast1}}, &(0x7f0000000080)=0x1c) getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000000240)={0x0, 0x270, 0x5, 0x8001, 0x2, 0x100000001, 0x7fff, 0x569, {0x0, @in={{0x2, 0x4e21, @multicast2=0xe0000002}}, 0x100000001, 0x1ff, 0x20, 0x7, 0xeb}}, &(0x7f00000000c0)=0xb0) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r1, 0x84, 0x71, &(0x7f0000000100)={r2, 0x1ff}, 0x8) rmdir(&(0x7f0000000200)='./file0\x00') mkdir(&(0x7f0000000180)='./file0\x00', 0x0) 2018/03/26 13:05:59 executing program 6: r0 = syz_open_dev$sndseq(&(0x7f0000dcc000)='/dev/snd/seq\x00', 0x0, 0x0) perf_event_open(&(0x7f0000000000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000000)={{0x7e}, 'port0\x00', 0xa9824f69d1376633, 0x8010000a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer2\x00', 0x0, 0x0) 2018/03/26 13:05:59 executing program 4: socket$inet6(0xa, 0x0, 0x80) r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'sit0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={&(0x7f00000001c0)={0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000040)=@bridge_dellink={0x2c, 0x11, 0x319, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0xc, 0x1a, [{0x4, 0x1e}, {0x4, 0x7}]}]}, 0x2c}, 0x1}, 0x0) 2018/03/26 13:05:59 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @remote={0xfe, 0x80, [], 0xbb}, 0x7}, 0x1c) bind$inet6(r0, &(0x7f000044f000)={0xa, 0x4e20, 0x0, @ipv4={[], [0xff, 0xff]}}, 0x1c) listen(r0, 0x3) syz_emit_ethernet(0x230, &(0x7f0000007000)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @random="cf2bb43c40b8", [], {@ipv4={0x800, {{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @local={0xac, 0x14, 0xffffffffffffffff, 0xaa}, @multicast1=0xe0000001}, @tcp={{0x0, 0x4e20, 0x42424242, 0x42424242, 0x0, 0x0, 0x5}}}}}}, 0x0) 2018/03/26 13:05:59 executing program 3: r0 = socket$inet6(0xa, 0xf, 0x5) connect$inet6(r0, &(0x7f000000cfe4)={0xa}, 0x1c) r1 = getpid() capset(&(0x7f0000000080)={0x19980330, r1}, &(0x7f00000000c0)={0x70e7, 0x6, 0x0, 0x2, 0x0, 0x401}) r2 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x80, 0x900) ioctl$TCFLSH(r2, 0x540b, 0x100) sendmmsg(r0, &(0x7f0000007e00), 0x0, 0x4000000000000) recvmmsg(r0, &(0x7f0000003640)=[{{&(0x7f0000000300)=@in, 0x80, &(0x7f00000003c0), 0x0, &(0x7f0000000540)=""/4096, 0x1000}}], 0x1, 0x20, &(0x7f0000003800)) socketpair$inet(0x2, 0x5, 0xffff, &(0x7f0000000000)) 2018/03/26 13:05:59 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000000000)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) [ 1067.379363] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1067.388151] [25490] 0 25490 11408 2089 65536 0 0 syz-executor1 [ 1067.397054] Memory cgroup out of memory: Kill process 25490 (syz-executor1) score 2105000 or sacrifice child [ 1067.407114] Killed process 25490 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:05:59 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') ioctl$KVM_KVMCLOCK_CTRL(r0, 0xaead) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000000)=0x7, 0x4) fchdir(r0) 2018/03/26 13:05:59 executing program 6: mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0xa) r0 = socket$inet6(0xa, 0x4000002, 0x0) setsockopt$inet6_udp_int(r0, 0x11, 0x1, &(0x7f0000000040)=0x46, 0x4) socket$inet6(0xa, 0x4, 0x4) ioctl$sock_SIOCADDDLCI(r0, 0x8980, &(0x7f0000000080)={'irlan0\x00', 0x93c6}) sendmmsg(r0, &(0x7f0000001d80)=[{{&(0x7f0000000000)=@in6={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c, &(0x7f0000000080), 0x0, &(0x7f0000000080)}}, {{&(0x7f0000000000)=@in={0x2, 0x4e22, @rand_addr}, 0x10, &(0x7f0000001bc0), 0x198, &(0x7f0000000040)}, 0x10}], 0x2, 0x0) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f00000000c0)={0x0, 0xcd, "f722c865f553ea852be31deae4becb6d43c2719eec0f2098715b0853804c13980d7b62dc4d2da7ce657653e5bcb5cc0110a76738e9e3ea3a37e313ac98e263eae2f35ce6638884594383891652ffab26629a70c62629af09b2c8f9119d0377125a7786e198521b90b18d60ffa9dc812f221da01298f4666c1ffca8694416d9213085787486d571e5f122164c552f7ae9e71d5e4866cc547008f009abc05239a97db2c108aea7a616709cb16c9516d266fa7cc4b8c336b5926844129ccd2083a38d3f06f4039c2847a7fd03429c"}, &(0x7f00000001c0)=0xd5) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000200)={r1, @in={{0x2, 0x4e20}}}, &(0x7f00000002c0)=0x84) r2 = gettid() getpgid(r2) 2018/03/26 13:05:59 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x2, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x3}) recvmsg$kcm(0xffffffffffffff9c, &(0x7f0000000540)={&(0x7f0000000180)=@pppol2tpin6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000200)=""/61, 0x3d}, {&(0x7f0000000240)=""/62, 0x3e}, {&(0x7f0000000280)=""/56, 0x38}, {&(0x7f00000002c0)=""/88, 0x58}, {&(0x7f0000000340)=""/12, 0xc}, {&(0x7f0000000380)=""/43, 0x2b}, {&(0x7f00000003c0)=""/148, 0x94}], 0x7, &(0x7f0000000500)=""/61, 0x3d, 0x7}, 0x40000100) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000580)={0x0, 0x8000, 0x3d84}, &(0x7f00000005c0)=0x8) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000600)={r2, @in6={{0xa, 0x4e24, 0x2, @local={0xfe, 0x80, [], 0xaa}, 0x101}}}, &(0x7f00000006c0)=0x84) 2018/03/26 13:05:59 executing program 5: r0 = getpgid(0x0) socket$inet_icmp(0x2, 0x2, 0x1) getpriority(0x1, r0) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x40000, 0x0) write$rdma_cm(0xffffffffffffffff, &(0x7f0000001740)=@create_id={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000001700)={0xffffffff}, 0x13f}}, 0x20) write$rdma_cm(r1, &(0x7f0000001780)=@bind={0x14, 0x88, 0xfa00, {r2, 0x1c, 0x0, @ib={0x1b, 0x2135, 0x6, {"3599963f1498500f7ffda55852cf427a"}, 0x6, 0x401, 0x7}}}, 0x90) tkill(r0, 0x30) 2018/03/26 13:05:59 executing program 5: r0 = socket$inet_tcp(0x2, 0x1, 0x0) signalfd(r0, &(0x7f0000000040)={0x100000000}, 0xffffffffffffffe1) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x0, 0x0) unshare(0x20000400) pselect6(0x40, &(0x7f00000abfc0)={0x3ffffd}, &(0x7f0000000080), &(0x7f0000086000), &(0x7f0000349000)={0x0, 0x989680}, &(0x7f0000d0a000)={&(0x7f00001da000), 0x8}) 2018/03/26 13:05:59 executing program 0: r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00008f0000)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000000)) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x200, 0x0) ioctl$KVM_GET_IRQCHIP(r1, 0xc208ae62, &(0x7f0000000080)=@ioapic) 2018/03/26 13:05:59 executing program 4: clone(0x0, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080), &(0x7f00000000c0)="f0") mremap(&(0x7f000053b000/0x1000)=nil, 0x1000, 0x1000, 0x2, &(0x7f00000cd000/0x1000)=nil) 2018/03/26 13:05:59 executing program 6: r0 = syz_open_procfs(0x0, &(0x7f00008a5000)='coredump_filter\x00') sendfile(r0, r0, &(0x7f00005ed000), 0x400000fd) ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x30000000, 0x40, 0x3e}) 2018/03/26 13:05:59 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) munmap(&(0x7f0000ffc000/0x4000)=nil, 0x4000) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000000000)={0xffffffffffffff9c}) socketpair$ax25(0x3, 0x3, 0xf1, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_bt_cmtp_CMTPCONNADD(r1, 0x400443c8, &(0x7f0000000080)={r2, 0x1f1}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x2000000000007f}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x2, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x3}) 2018/03/26 13:05:59 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') r1 = socket$inet(0x2, 0x805, 0x9) sendfile(r1, r0, &(0x7f0000000280), 0x4) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) get_mempolicy(&(0x7f0000000000), &(0x7f0000000040), 0x8, &(0x7f000059c000/0x4000)=nil, 0x3) mbind(&(0x7f000025f000/0x3000)=nil, 0x3000, 0x1, &(0x7f00000000c0)=0x9, 0xffffffff80000001, 0x6) 2018/03/26 13:05:59 executing program 1: semget(0x3, 0x4000007, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000280)='/dev/snd/midiC#D#\x00', 0x7, 0x2000) accept4$ipx(r0, &(0x7f0000000180), &(0x7f00000001c0)=0x10, 0x800) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/mixer\x00', 0x40, 0x0) symlinkat(&(0x7f0000000080)='./file0\x00', r1, &(0x7f0000000100)='./file0\x00') r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x220000, 0x8) setsockopt$inet_mreq(r2, 0x0, 0x23, &(0x7f0000000040)={@broadcast=0xffffffff, @local={0xac, 0x14, 0x14, 0xaa}}, 0x8) 2018/03/26 13:05:59 executing program 3: getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000000), &(0x7f0000000040)=0xc) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='ns/cgroup\x00') ioctl$VT_RELDISP(r0, 0xb701) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000080)={{{@in, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@remote}, 0x0, @in6=@remote}}, &(0x7f0000000180)=0xe8) ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000200)=r1) 2018/03/26 13:05:59 executing program 3: mmap(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x2000004, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6(0xa, 0x80003, 0xef) read(r0, &(0x7f0000004f45)=""/187, 0xbb) getsockopt$inet_sctp6_SCTP_NODELAY(r0, 0x84, 0x3, &(0x7f0000000180), &(0x7f00000001c0)=0x4) setsockopt$inet6_int(r0, 0x29, 0x4, &(0x7f0000000140)=0xff, 0x4) setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000040)=@srh={0x0, 0x0, 0x4}, 0x8) pipe(&(0x7f0000000000)={0xffffffffffffffff}) getsockopt$inet_buf(r1, 0x0, 0x2d, &(0x7f0000000080)=""/70, &(0x7f0000000100)=0x46) sendto$inet6(r0, &(0x7f0000001ffe), 0x0, 0x0, &(0x7f0000003000)={0xa, 0x4e20, 0x0, @mcast2={0xff, 0x2, [], 0x1}}, 0x1c) 2018/03/26 13:05:59 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x10d080, 0x0) ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000140)) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x80, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) ioctl$sock_ipx_SIOCAIPXPRISLT(r2, 0x89e1, &(0x7f00000000c0)=0x2) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000080)={&(0x7f0000000040)='./file0\x00', r2}, 0x10) 2018/03/26 13:05:59 executing program 6: r0 = semget$private(0x0, 0xa, 0x0) pipe2(&(0x7f0000000000)={0xffffffffffffffff}, 0x84800) accept$unix(r1, &(0x7f0000000080), &(0x7f0000000100)=0x6e) semop(r0, &(0x7f000002efe2)=[{0x0, 0x4}], 0x1) semop(r0, &(0x7f000001a000)=[{0x7}, {}], 0x2) semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000040)=[0x7]) 2018/03/26 13:06:00 executing program 0: r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000ea3000)='/dev/sequencer\x00', 0x0, 0x0) ioctl$KVM_SET_SIGNAL_MASK(r0, 0xc08c5102, &(0x7f0000000080)={0x20, "9a9c0493093120c0cf294987c1851bb962950e4ccaaa0dd532a8c4a3f99afff9"}) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r0, 0x10e, 0x4, &(0x7f0000000700), 0x4) r1 = fcntl$getown(r0, 0x9) lstat(&(0x7f00000004c0)='./file0\x00', &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$EBT_SO_GET_INIT_ENTRIES(r0, 0x0, 0x83, &(0x7f0000000840)={'broute\x00', 0x0, 0x4, 0x51, [], 0x4, &(0x7f0000000780)=[{}, {}, {}, {}], &(0x7f00000007c0)=""/81}, &(0x7f00000008c0)=0x78) getgroups(0x3, &(0x7f0000000580)=[0xffffffffffffffff, 0x0, 0xffffffffffffffff]) ioctl$KVM_GET_DIRTY_LOG(r0, 0x4010ae42, &(0x7f0000000900)={0x10208, 0x0, &(0x7f0000ffb000/0x4000)=nil}) sendmsg$unix(r0, &(0x7f0000000640)={&(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000440)=[{&(0x7f00000000c0)="54b7cb01b90217ec763009d5b9fc84088ebeca60f3f189b0973b58c05d0c7582adeb2877569bf9c50b9337ed8e0f92a6fdac9300269a394811e54bc4d6b75f8fa7e5da061c6bb0d7bce75b7cb40f74756d5f718448ca082490224ad2cce1e8321e79d7a87bb2ccdb8bd38ec2e59cc4b204f0e8b904", 0x75}, {&(0x7f0000000140)="5be5464ab7c1a6cd47bc8213b60fd755675f6426d9474c167cca90a0b5a41a60c8f420790ceab8922620e4ac1037b8267345eaa23128cf74f93ffe002e501e9a576258b939c8cc69a09b88bfdde4a3fea414f69b4ece93d6bd997ae19846b05a5fa2cc2ad1d6215cc4a0", 0x6a}, {&(0x7f00000001c0)="8946af2ae360863653a039b89d12a308f1430c24b670a5a9fe8253ac45a525b2e826fb47d88eaec99ee875068edf210ddd3715e83e7abc841ef4a69c9411c1a24e41fd7a56b5a95a52538f4379952be46f5100d81f1391ca87329f71d845a347cc969c2fbc2b63a147f9fc91b39f389a6e84a4b62f0205f9267ed864473bb2fbee3b020b8ae947a7dfb743d1f83e8ab8e7", 0x91}, {&(0x7f0000000280)="d35a67b44d27b23f95ca975ba7f5310636d89648292b07c37e134205f27158f164ff6cc0f6c848abfbce6b26176df1563172d51106c6606df5ae7c6660334d6b482aeeb905c797a78d6fb6cbb2b050d9503de575c32c0ac8e7751727b8ac39d1670b41181df254507023fb1a87ce6dffaa5dd10dd8100f4bd56fe3df30cd118e72e37db6f195385c2aefc597fd74e29f4c1354bc7875c5fb8ebffa6a", 0x9c}, {&(0x7f0000000340)="c0652711cc0ff168d2f7c8c39bba9f", 0xf}, {&(0x7f0000000380)="08b51cf2004e3ea10de28e193eade199eb6e2577f2aaa0ad3dc6f149c86df65e2edad954d9ef5794fb96571c5cf3f3a6916018ad4eaa5a439a72e5", 0x3b}, {&(0x7f00000003c0)="3953709c912c5f0bdbb22202e1f3060513efdfc4b2a3c6420705ec2cc67fe366020e837b62dfee9ea2db3745e592772a5ccd906b4e48bee20cffe2665326f81d0c0fdc08c820e6c83caad7bc20692ddcaa5f38f97ac1951fe3d3a749a01327540fdbe61a46d3fe7d7bea", 0x6a}], 0x7, &(0x7f00000005c0)=[@rights={0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0]}, @cred={0x20, 0x1, 0x2, r1, r2, r3}, @rights={0x18, 0x1, 0x1, [r0, r0]}, @rights={0x10, 0x1, 0x1}], 0x78, 0x10}, 0x4040) signalfd(r0, &(0x7f0000000680)={0x9}, 0x8) socketpair$inet6(0xa, 0x3, 0x5, &(0x7f00000006c0)) 2018/03/26 13:06:00 executing program 4: r0 = socket$inet(0x2, 0x3, 0x2) syz_open_dev$sndpcmc(&(0x7f0000000100)='/dev/snd/pcmC#D#c\x00', 0x5, 0x101040) r1 = syz_open_dev$sndmidi(&(0x7f0000000000)='/dev/snd/midiC#D#\x00', 0x3, 0x200000) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f0000000040)={{0x4, 0x2}, 'port0\x00', 0x9a, 0x40000, 0x851c, 0x66, 0x4, 0x9, 0xd506, 0x0, 0x2, 0xfffffffeffffffff}) setsockopt$inet_int(r0, 0x0, 0xce, &(0x7f0000000ffc), 0x4) 2018/03/26 13:06:00 executing program 5: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @broadcast=0xffffffff}, 0x10) open_by_handle_at(r0, &(0x7f00000000c0)={0xa1, 0xffffffffffffff0c, "577ecbbcaa2304c9e62ed8115c0ca92307bd5ee910f9c8659cbc1afa6e5c33bb0c5d83c78d50f008af970c0a83d897a05051025afe9b4aaa3c08249686b4ec4c805775f012ac0a49ba34b45f231d68fb9a3ef0a73fdd3bc09c47dd4f1019a94f9214e7cf6822fe6f3292acf2291c8f6ec5d6d3d8cdb6ffb8a2b977ffb8e3059d6ba6cc64a2954b329c98dc08a18563c073aae6b0885a0cda3b"}, 0x480000) r1 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x9, 0x80) ioctl$KVM_DEASSIGN_PCI_DEVICE(r1, 0x4040ae72, &(0x7f0000000300)={0x3f, 0x67, 0x100000001, 0x3, 0x9}) r2 = syz_open_dev$mice(&(0x7f00000006c0)='/dev/input/mice\x00', 0x0, 0x40) ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000200)=0x8000) getsockopt$bt_BT_SECURITY(r2, 0x112, 0x4, &(0x7f0000000700), 0x2) syz_emit_ethernet(0x3c, &(0x7f0000000180)={@empty, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@llc_tr={0x11, {@llc={0xf0, 0xd4, "7e86", "cbfd94d9a5bee023464c8a037ed81353fcdf4ff45edf11c843cad564f2141067bfa7a12c77b14226f222"}}}}}, &(0x7f00000001c0)={0x1, 0x3, [0xb9b, 0xf1f, 0x503, 0x25]}) sendto$inet(r0, &(0x7f0000000000), 0x0, 0x20000802, &(0x7f0000000000)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10) setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000080)=0x3, 0x4) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000280)='tunl0\x00', 0x10) sendto$inet(r0, &(0x7f00000003c0), 0xfff, 0x0, &(0x7f00000002c0)={0x2, 0x0, @rand_addr}, 0x10) [ 1067.874771] QAT: Invalid ioctl [ 1067.894869] QAT: Invalid ioctl 2018/03/26 13:06:00 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000000180)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0x40a85323, &(0x7f0000000000)={{0xb7a, 0x8}, 'port0\x00', 0x4, 0x60000, 0x8, 0x6, 0x1, 0x121, 0x0, 0x0, 0x5, 0xfffffffffffffffb}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) prctl$setname(0xf, &(0x7f00000000c0)='\x00') 2018/03/26 13:06:00 executing program 3: r0 = socket$inet_sctp(0x2, 0x2000000000000001, 0x84) connect$inet(r0, &(0x7f000005eff0)={0x2, 0x4e20, @remote={0xac, 0x14, 0xffffffffffffffff, 0xbb}}, 0x236) listen(r0, 0x2) sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x6) r1 = accept(r0, &(0x7f0000f06000)=@rc, &(0x7f00008f4000)=0xa) r2 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x8, 0x400080) ioctl$KVM_GET_IRQCHIP(r2, 0xc208ae62, &(0x7f0000000080)) recvmsg(r1, &(0x7f00000001c0)={0x0, 0xfffffffffffffdf8, &(0x7f0000b8cfc0), 0x0, &(0x7f0000000180), 0x0, 0x4}, 0x1000000000000) setsockopt$inet_sctp_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000740ff5)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0xb) [ 1067.970177] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1067.981260] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1067.986430] CPU: 0 PID: 25552 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1067.993782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1068.003130] Call Trace: [ 1068.005717] dump_stack+0x194/0x24d [ 1068.009340] ? arch_local_irq_restore+0x53/0x53 [ 1068.014007] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1068.019205] dump_header+0x28c/0xe2b [ 1068.022927] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1068.028116] ? arch_local_irq_restore+0x53/0x53 [ 1068.032786] ? __lock_acquire+0x664/0x3e00 [ 1068.037011] ? print_irqtrace_events+0x270/0x270 [ 1068.041755] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1068.046847] ? trace_hardirqs_off+0x10/0x10 [ 1068.051139] ? __lock_acquire+0x664/0x3e00 [ 1068.055346] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1068.060514] ? __lock_acquire+0x664/0x3e00 [ 1068.064727] ? task_will_free_mem+0x252/0xaa0 [ 1068.069201] ? print_irqtrace_events+0x270/0x270 [ 1068.073944] ? ___ratelimit+0x30d/0x630 [ 1068.077895] ? lock_downgrade+0x980/0x980 [ 1068.082027] ? lock_release+0xa40/0xa40 [ 1068.085982] ? mark_held_locks+0xaf/0x100 [ 1068.090104] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1068.095182] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1068.100175] ? trace_hardirqs_on+0xd/0x10 [ 1068.104298] ? ___ratelimit+0x95/0x630 [ 1068.108172] ? idr_get_free+0xfd0/0xfd0 [ 1068.112128] ? find_held_lock+0x35/0x1d0 [ 1068.116174] oom_kill_process+0x8b9/0x1640 [ 1068.120383] ? lock_downgrade+0x980/0x980 [ 1068.124509] ? __lock_is_held+0xb6/0x140 [ 1068.128550] ? oom_evaluate_task+0x480/0x480 [ 1068.132944] ? rcu_read_unlock+0x35/0x70 [ 1068.136980] ? mem_cgroup_iter+0x363/0xbd0 [ 1068.141198] ? lock_downgrade+0x980/0x980 [ 1068.145333] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1068.150066] ? mark_held_locks+0xaf/0x100 [ 1068.154191] ? _raw_spin_unlock_irq+0x27/0x70 [ 1068.158673] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1068.163663] ? trace_hardirqs_on+0xd/0x10 [ 1068.167783] ? _raw_spin_unlock_irq+0x27/0x70 [ 1068.172255] ? css_task_iter_end+0x280/0x430 [ 1068.176638] ? _raw_spin_unlock_irq+0x27/0x70 [ 1068.181109] ? cgroup_procs_next+0x70/0x70 [ 1068.185316] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1068.190307] ? trace_hardirqs_on+0xd/0x10 [ 1068.194427] ? _raw_spin_unlock_irq+0x27/0x70 [ 1068.198899] ? oom_badness+0x980/0x980 [ 1068.202760] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1068.207493] ? mem_cgroup_iter_break+0x30/0x30 [ 1068.212064] ? finish_wait+0x268/0x490 [ 1068.215929] ? lock_downgrade+0x980/0x980 [ 1068.220055] out_of_memory+0x86d/0x1220 [ 1068.224019] ? oom_killer_disable+0x310/0x310 [ 1068.228487] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1068.233568] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1068.238558] ? trace_hardirqs_on+0xd/0x10 [ 1068.242692] mem_cgroup_out_of_memory+0x159/0x200 [ 1068.247509] ? swap_max_write+0x110/0x110 [ 1068.251631] ? do_raw_spin_trylock+0x190/0x190 [ 1068.256192] ? _raw_spin_unlock+0x22/0x30 [ 1068.260325] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1068.265317] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1068.270743] ? find_held_lock+0x35/0x1d0 [ 1068.274780] ? memcg_event_wake+0x420/0x420 [ 1068.279075] ? __do_page_fault+0x5f7/0xc90 [ 1068.283283] ? lock_downgrade+0x980/0x980 [ 1068.287409] pagefault_out_of_memory+0xbd/0x152 [ 1068.292051] ? out_of_memory+0x1220/0x1220 [ 1068.296258] ? handle_mm_fault+0x465/0xb10 [ 1068.300469] ? __handle_mm_fault+0x38c0/0x38c0 [ 1068.305026] ? vmacache_find+0x5f/0x280 [ 1068.308972] ? vmacache_update+0xfe/0x130 [ 1068.313096] mm_fault_error+0xd6/0x2c0 [ 1068.316960] __do_page_fault+0xb4d/0xc90 [ 1068.321002] ? mm_fault_error+0x2c0/0x2c0 [ 1068.325129] ? kernel_write+0x120/0x120 [ 1068.329083] ? do_syscall_64+0xb7/0x940 [ 1068.333037] do_page_fault+0xee/0x730 [ 1068.336812] ? __do_page_fault+0xc90/0xc90 [ 1068.341025] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1068.345755] ? syscall_return_slowpath+0x550/0x550 [ 1068.350659] ? syscall_return_slowpath+0x2ac/0x550 [ 1068.355563] ? prepare_exit_to_usermode+0x350/0x350 [ 1068.360552] ? retint_user+0x18/0x18 [ 1068.364239] ? page_fault+0x2f/0x50 [ 1068.367841] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1068.372661] ? page_fault+0x2f/0x50 [ 1068.376263] page_fault+0x45/0x50 [ 1068.379711] RIP: 0033:0x409b83 [ 1068.382874] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1068.388215] RAX: 0000001b9bc20000 RBX: 0000000000001290 RCX: 000000000040e950 [ 1068.395458] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1068.402700] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1068.409940] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1068.417183] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1068.424572] Task in /syz1 killed as a result of limit of /syz1 [ 1068.430641] memory: usage 0kB, limit 0kB, failcnt 4260 [ 1068.435956] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1068.442759] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1068.448929] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1068.468400] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1068.477173] [25552] 0 25552 11408 2089 65536 0 0 syz-executor1 [ 1068.486153] Memory cgroup out of memory: Kill process 25552 (syz-executor1) score 2105000 or sacrifice child [ 1068.496218] Killed process 25552 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1068.516551] oom_reaper: reaped process 25552 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:06:00 executing program 4: r0 = syz_open_dev$tun(&(0x7f0000000280)='/dev/net/tun\x00', 0x0, 0x0) syz_open_dev$mice(&(0x7f00000001c0)='/dev/input/mice\x00', 0x0, 0x4080) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={"d202b999cf85000000000088f301e710", 0x102}) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x101000, 0x0) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000080)={0x0, 0x3, 0x2}, &(0x7f0000000100)=0x8) setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000200)={r2, 0x7, 0x4, 0x10001}, 0x10) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000140)={r2, 0x8, 0x1ff}, &(0x7f0000000180)=0x8) ioctl$TUNATTACHFILTER(r0, 0x401054d5, &(0x7f0000000040)={0x0, &(0x7f0000000080)}) connect$netlink(r1, &(0x7f0000000240)=@unspec, 0xc) 2018/03/26 13:06:00 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGSKNS(r1, 0x894c, &(0x7f0000000000)=0xeec) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00', 0x0, 0x0, 0x0, 0xe5f2}) setsockopt$sock_int(r1, 0x1, 0x1f, &(0x7f00000011c0)=0x2412, 0x4) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/qat_adf_ctl\x00', 0x141800, 0x0) syz_open_dev$sndseq(&(0x7f0000001200)='/dev/snd/seq\x00', 0x0, 0x400) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000001180)={r2, &(0x7f0000000080)="18adf22d6390736b29d8660aaa2a8d9ecee9b513afc1a8a07311c18ca03c287ecb4e5a5ea84b5d2aed6f796584488b9666381ba7a476cd22516cf9aa90f8c7895dc17937ec8e73f540863c778e58755e05649457a6f4e91be69a5dbf8dc547cb82e292c0e7e911fe7f50d4fbbc797fec882fd8c590479840a9bc19868a8392ef0b3f08d7059201b69732dc47c7caa623f39467f6885e3397b956c442667cf575c305e99e576ad95e7c051a233afdd1e7624075f605cacf61c66d41ce2f489286386e48db91a02e9a27ef83ac48404f010ef5fec6bf7c1d43c1ec493dc9aa793ea3d523a170cf6daa29a7d48aec2d174a37537898587df598024598d3275cd26269f1016cf8a2578620854f17bb1e8c47874c8ed15e18e269b11f90da1628d977775eb426318685d890800cfda6beb15cd247da0227dd03c5630aa6260a529d7fdc5af1f7b0a626ae8262876d9dacfd82c8367576dbd8b0d2f619f1bf565f21f2d6e091a43ac677552e95e948889f236bbf4ff18a0af4955a1729040d658cc4378d89318c3d7164fa34d33d2c8f430104baf4b482182b87acee0d5307a0aa7aee48234ad9059467354561a18e57a3cf5b66176f42621edfe9c52702344ee0e2299de1b04f2a5dbc263f32823da4c3de399562885957c22cae0e6bb16a4254fb8aa5004a18f25c5a9ab5990c492c4c07d6cd42fbf6ec9e39f2d7a1be68aabcf82f7c38a08a3fac6d4bdf8fda567de30199dd4fd80eb94e7af6612633182ea027a6d2b77d7084e9c64cc7ec3797e0a7f270fdda734ba3836220fbef82a5b012b832b6effd5630723005fb17113c8699e1e6bca224e0238dec314372171a784f18162fba63d9074f44d9aa5d239ceae3fdefdc8cf44066e367ea67ef218a85b11deeba1aad9ad6681f82ca908e8855f1222a70a831d5020a94b6672e7ece2457cd5fc6342ba1108c20c8332b84e26016088053dc7af1ceeeb04ecfa2202e539e6f513ef9d7572c731d5f3a9923beadcecc6a5875a74196c29d66e359b90cc136b2e9799e398eeb5978c4e0ebb37934e877ef1e0df7d37726f314f17adc73c522c2cbdcb7e05261c6fcb6f7f1c4f8657ba35a70f12ea6550e0d33b8205e0a9f0f6a3a07262b6aafe7e8a1e5e5d27b587da2359bd07d3ceda12d8738112a00425ae59545217be31a112e8bc8cf7a6fd3c85cef852e8756d3250b334a94ea399858fc4bd7be0e1d837a130db79289d23904969f62be8cc2f1eab8f5f83b3739c5c35a754e90b325c7ecbbf86a74edc849370ef036941dd578da2d828c70b699dbf270fe8561a0e17c28b81619ef9b1c7b22d995953bab0779c05e17e124ebda428108df60e581b5b84544dfe3b9eaa9ce770a2fa03084e24cc1ce34883ea7894a71055af48902e4b2fbbdd13921854850c33b6dde2d2052ba730567d133f25323afd7c01269e7fc68de5b387592083316947e29e24cf9427140afc1def92513d947a4403c2040580311354d653a5e02cd7d49009c907f822cdc95f60d974f15cf53084736e6e96f99483ce321445a574d4a31b3d7411767815403052c8638242bccf7d82826b9c7024071eac325ea681d9af2d99ab0ccc86bfd717533eaaab77360ab6956df2f10acb73680e230d318e1b733584fc1db57a9290db7e7ed1a9eda0169c4df34ea4e48a8df299a9ead3d32bcd92da0a942c36f685afb883009136b9338094ff915b256bd9a097405c0d5be4071e56c5526e7981f2faccf0543705aeb65c5494eca5b4a6b4398c417c6fc7a6d9c7503265e04ef47b12500b8efaaa01d2201a209cf31deda3b3992561653692c2f2a9c8d5ab5eb182d2bda95c15cd285e6bc22baa325b68ea0e95a01b8d3e1a5b2fcb6e361d61ba07718a61e4720398067c29ed61f6adca5a075e2c11184fd474327552db960958d5c2e5dfeb720790f150d6ab894782d7d0afbf7f07f9da0cf2768ca56cc0ed61073290b212f8a7887d4faffc51a7baf539f575b0666023515954739d41b1db2da3f6e910c301572c74d797acba4f668d8b4d587615ced6636f1eff3678abe7453db2abd84d746962e07b1ecafc6c53e8276128e1202421802339ac7dcbc079d0fb39244ab3f859819b5bf751f7aedd354179a20bccd8ca768dc9c5a6723423577eed0097bb0a1efeb6c21d6a307da2da85eca149cd46acd79b2b83d4d1048f23cf11d5d7d3158d5720c8f0f1e4312fa2ff711e5c53f8fd3ddb486eca79cf0e684c32927028b0344e6ffa786b8c814d1d972b1392c6797e374ed45f0bf28d9dee20c72a9d5143533d50755903c29213ff1c6d1c16632cdb5f738f85963fa06b9dc3ee9f51c0458e5450f63880aafcf200b5dd9646923fc08c188708a7e484758454aadeeaa1b35563d5dcb2d2343b565efbd61b2ec637e60a37a25ba9132264a6cdee15cbf8688b95e0f1915ac2f8dfee53d9f4fa8edf4e08808a261b97732c3aff8a9fc39ca76a2c36c8a79f7ec69bed38f95c318c3203dcc71058051762416e00bfe873a5ba78e102cbcd045b56beb14a0886eb6b9e35ec8190dcb1867774388a4e6fb1db040fe068302b2520067068c4665221e52ef98465779e43505dc312adbc6162836997b39a2fed5b702e65b2a1c8740eefe0671e15c03cde4bdb75b83fe736a29d708b405758f4fbff107b41a1b9fc8bf287e6263ffa4e3eaf1143a6d1ca16783c204539bb45bb2fd89b1945ac699ebaeefe5fe9842c647eae1cb70972404f8ab8a5d7c6f842646aae925ecf8bb2c6eff2f197d9964b2f8e784d942c11d1a5f690cdd8d75b1e4dd4f0a60a35568d5d2db5c2657e1c6d970e1bb059e720e49c07e32657cb48208687c352785620653b0623bff8b370aa65e95149f43fe4121a2f42e36e78b45ebd02548dffccbb69260e428c2de7fff20245b0329bfc73e5d0d46fc4f12667a06bd92dea5fab99a32f9fd60c84331a04bde6e599d76ba1f8b1161a4eb094d05cd995f23d93049c4fc83e3b5dd0158d5fc65f9fa375e4afa2503f190eef2dd0232a6d5bfea5fb94d120f3e94a48166beb2dd6008e343a537791cfa17fdf16ef20fc227fdeb44327e0167a61295e10722a0024eed6f355883ed9b76b234ccfe3fc87e10ffb3a5e3495d3060426dd16ab574e66f83c808f96b6401833563ee84eff4ef2208c3ca0893df809237c1d4c56d0a48d855c43de23e5df2d634426c67444fe420b1db11fb4c73b3e47b3a2604250d87b1c38d6cd010f5fecb98923de90237c9a24a798f005ff40e06728ed962b0007d034c924bdaad1251e76ce221ed9814cc53e9020efd668d05fb3bddd81b08dbbf35c4a155f263976bc474028bafbb1a42cad71870064fe3a3d582e2b77b53861f108339ba3b484c36df8b44ed2e14a6411a65e54bfed369dcbcd5eeb60bebcd4b0d4c037203a04830bf7f92aa05687005ddc70f708a0b5a986fe9b04349e8d745c8032f1620f9942a9d408ecf8406f7580535499a51e0c4db9a7c231628010dad3bc85b36a356b3870768f77346fa0434d77637e3239834242a0297c6ee28d3dfe0364331e7a9fa6243968a5d88211f08d189ea1e037c2a0ce2bc32daae2d8c3ac5ec21733500451e3d41f8aaab2a6bb871d6b08527fd7ef52de5152ca29cfb1f4e7b8d3aac1bbf5e1be3ff038a478e4f8863f0e8b4af7fedae0ec4c3e8c709f6875987741d46270c3860b7915a247157f45c4a045c4614faa7c3003a96561ab0566a1a16b227f2d7d10b6a6dfc6623ac67ef7f0571cea9315fa169c4ed4e3902444324ad8a5ce1afd80ce7543111a86029b346bd0d369a469087c2c44b5046df5e7b3dc990151dbb3c5af2fe4916813768a13378da1c7c77e07a42e6a5806bf1523c93949477e3b56c886e01185ba7e26d26281484b665f21bacea5d31f9d8653cbbbadd1a9db52e3c27f306b8fdeafadccc7b75afe811a175d978927f29236ef541bf42a2f118a0be1788301977ac9d3a789105bc9330a661aa13635f1f11da3b3adea9f18cfe022a90d39a1b978b1d27124696ce8c9b5196ddb8c571958f67a44da0d22712a25621f07a2b0838ab29a7636b83c190f90b887287bbb768ab221b81c91a145144e0923a01e93dcd20bcfbd0f91b76a736f84960e4cc1efde426f8f93b5ab2831f909d41c2575c021b8ceb475221131762dcebb5e4035d0cd1dd24cb083920a4a15ebb92137280669211b776eb431873b8f23d1f116d51d03591baa25c6fc027535b03246870fb4cc2865637889267fe53a08b5a3f7aede6a7b52f70992bb5cde62571ad57efc6a2feb52c4b2c44e875352418ec6b3cee9043b3fd0ce29b6e4313aee103a8fc98778229a43fdb112266cdb21de22db1312624e86595af355c701a380e581e5a5e6454e851731d024225b12904c157c1c2ef766b546b432e3fc8eedee8203a40e6919e61f18e6ca34f511e841254ca295995727015c9d6a08307af364d811c32e622201df8cb07f117934672c5a866a38538ec6e38880ba636360551db49636f13ac4c6d89e9e2ef093171ce9e6105aa1e66f8a3e672bb6f683b249a3ca2473f27ce64c53a6ecf647f349e4922bbcca9c89a17e97cd28d9e6b0b4b8afda78c0ed4747d9d813aa7cd3d6a58b2fd6ce856bf344e06ca7ae412ee49ae2cac73af708c9546d169762da662501477ac3472a2400c825d316a15bc590530727e0beab4536fc7ac543184bdb8ebbbf32823ea4d7d0468d46638d37088051c393b8be4450cd909910e8daa33ebc26235e5f9b6505336c991a30b50389ff753ed50f8c710bfade95338cfe0f216516a63b761b3b96a0aff94a2b0d00e9467f2dd9b9a84e4a00532ade9a6ce9234b4ad11e161e47c52f7fd5c57d774f87e169571039842823b115514807f1ed932d2889b2e930fd505a314f0ba2abc0901ab8793be198d0de2c98f9f0651f57d006147ac0cc45efea8d3f17f470488e3b6c415318323a40976e85712b975ed0445a10394eae274ab0bb99b7597bc945a515dfaf6f4bfc44558dbc13a4e1c9cf82a502599e291760d7d5d736a9c71af4e4a04aecf09bfa6f209d31e39d41cad2d3011f86e9190793b858901824fb1a045e40b47be189194e5993f8abe0cefca3b6edca6a8937a06d12cb38f3902a7b96001d2e7d3e33ce97cf252ecf6ddcf4f39add51b6bdabb35b6a00360e7601a6b4f352aff4c66605d4b31ec34a4d37dc1f275611a0fc0c84bb60bc5ed974298db2a024eedbc69ffbb42e1a6e04fcf74dab61d2f3f9a325a5a0571b27ca980c3ad5ea221b071bc68d4f566a404057f26ce0b5a20309ae78942e6a2553aa468dcf27984af98942e29f74521c8f0ea4a4ef59f77fc36dadae9c72a4263568f9ac51c233b4bf3dfde4e5288585826255f79ac9e8bc22b9958f96ae2ab507ea7ac098c04334fea623b29d09ddce123add96bd62f83e94dd08ad6686f8c20bc9a0b61bb19397b9cf5161e9e4db0022682bdf77fddaf3dbd442b01e75419e8465539f101b9841c08531b43eb92667385f8af2f4e1bb01549930855de298974af1d60f28ca93fde479976c470882668afb518e4d7233bf01e286f50aedb5099c19adca7ee4af8929b559aa40e58901457fc25ecccc7ed6584d2b520500f78ab38835a20ad79ad711d9092fa6a19b35b06b47960b5c4af0c8468d26f223f006538a7b54f3463734cfdcb346b6de3ebd402234b376f262d31c07af512a6493c1f2548c1bf4773b60c6e3a731c6b033b9778d70fb99e4ef5c4e72172ed23572b6c48e04f1b82ae4a1355e9b3e5064dac3bf0", &(0x7f0000001080)=""/248}, 0x18) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:06:00 executing program 0: setsockopt$inet6_buf(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000002000)="24b38b20d0ef3254115223ef6cf758327575c041e002a8089496079b1b45009349041eca724fdec73fab9b04e4a4a5af1d03000000000000007faa62b9c0d263274f4a010c4f93ef85516b042511f32764171ba9bd278cbe360c22f184073fe215dee02fe37161246323ee9c82c790add905b90a64adab9fef855d72abb637d460fc6fb5a9eec5535b119c9dfbde3f76323a5af634e4235a33d57e226460104ca0dedf1f0e8365cd43d106c41d009976034d6557bf8917cad630598f6e58fd1770012d78aabb64ffffffed00002e", 0xce) setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000002000)={{0xa}, {0xa, 0x0, 0x0, @empty, 0x1}}, 0x5c) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000002000)={0x0, 0x0, 0x9}, 0x14) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000001740)={&(0x7f00000000c0)=@proc={0x10}, 0xc, &(0x7f0000001480)=[{&(0x7f0000002100)=ANY=[@ANYBLOB="0000b3f95380c73a5778ea2fd6bc14d4e80998486c52ba86fc0ff9bfedeae8ef0fb5daf7c197b79dfe"], 0x1}], 0x1, &(0x7f0000001680)=[@rights={0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}, @cred={0x20, 0x1, 0x2}, @rights={0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}, @cred={0x20, 0x1, 0x2}, @rights={0x28, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}], 0x98, 0x8000}, 0x4000010) socket$inet6(0xa, 0x80000, 0x100000000) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_int(r0, 0x29, 0x40, &(0x7f0000001fde), 0x4) r1 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x8, 0x200401) ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000040)) 2018/03/26 13:06:00 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) ioctl$RNDZAPENTCNT(r0, 0x5204, &(0x7f0000000240)=0x1ff) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) getsockopt$inet_dccp_buf(r0, 0x21, 0xd, &(0x7f0000000340)=""/44, &(0x7f0000000380)=0x2c) fchmodat(r0, &(0x7f0000000000)='./file0\x00', 0x42) getsockopt$bt_hci(r0, 0x0, 0x1, &(0x7f00000001c0)=""/20, &(0x7f0000000200)=0x14) getsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f00000003c0), &(0x7f0000000400)=0x4) fcntl$setstatus(r0, 0x4, 0x44000) recvfrom$llc(r0, &(0x7f00000000c0)=""/206, 0xce, 0x2141, 0x0, 0x0) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f00000002c0)={0x0, 0x80000, r0}) ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r0, 0xc00c642e, &(0x7f0000000300)={r1, 0x80000, r0}) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@host=0x2}) 2018/03/26 13:06:00 executing program 1: r0 = socket$inet6(0xa, 0x80002, 0x0) fallocate(r0, 0x3, 0x8, 0x7ff) mmap(&(0x7f0000000000/0xfd5000)=nil, 0xfd5000, 0x300000c, 0x32, 0xffffffffffffffff, 0x0) socket$alg(0x26, 0x5, 0x0) r1 = fcntl$dupfd(r0, 0x406, r0) sendfile(r1, r0, &(0x7f0000000000), 0x1) setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f0000c08000)=ANY=[@ANYBLOB="000000000000000002004e20000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e2cf00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"], 0x98) 2018/03/26 13:06:00 executing program 5: r0 = socket$netlink(0x10, 0x3, 0x2) bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x25dfdbfe}, 0xc) sendmsg(r0, &(0x7f0000000940)={&(0x7f0000000140)=@nl=@proc={0x10, 0x0, 0x25dfdbfe}, 0xc, &(0x7f0000000740)=[{&(0x7f0000000500)="15f0d9ab8bbd26d1f092dc5c1f67c28b", 0x10}], 0x1, &(0x7f0000000780), 0x3bf}, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000000)=0x48, 0x4) 2018/03/26 13:06:00 executing program 3: r0 = socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f000025c000)={0x4000000002, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(r0, &(0x7f0000cf3000)={&(0x7f0000000100)={0x10, 0x34000}, 0xc, &(0x7f0000000140)={&(0x7f0000e42000)={0x14, 0x23, 0x301, 0x0, 0x0, {0x8}}, 0x14}, 0x1}, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000040)='/dev/midi#\x00', 0x4, 0x800) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000080)={0x0, 0x2b, "00d9f80e54215a03411b56f13566f0fe448fe567eedea3fa817cdf4eb41565a0d0dfa59070beddf21028b2"}, &(0x7f00000000c0)=0x33) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000180)={r2, 0x3f, 0x10, 0x89b2, 0x40}, &(0x7f00000001c0)=0x18) 2018/03/26 13:06:00 executing program 6: mmap(&(0x7f0000000000/0xfff000)=nil, 0xfff000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f00000000c0)='./file0\x00', 0x42) getresuid(&(0x7f0000000140), &(0x7f0000000180), &(0x7f00000001c0)=0x0) fstat(0xffffffffffffff9c, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) r3 = getuid() r4 = gettid() sendmsg$nl_netfilter(r0, &(0x7f0000001580)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x820}, 0xc, &(0x7f0000001540)={&(0x7f0000000280)={0x12b0, 0x4, 0x7, 0xa00, 0x70bd26, 0x25dfdbff, {0xf, 0x0, 0x8}, [@nested={0xc, 0x10, [@generic="f6d2e18e0c70e0"]}, @nested={0x1c8, 0x92, [@typed={0x14, 0x58, @ipv6=@mcast2={0xff, 0x2, [], 0x1}}, @generic="44057f394485651707e069afcc86970e3ae19e7434115305b1bc24dbb4fbae213804877c870d37308d36c709327a363a45aaefb3e26d8f2fef6f4aeeeb7ce5e15228a0e950583359d47e30b8aa1d07e02d67fa05b0af061db6bbe9724778036319d9622ff9a48b58f2544a13cd0e20e155d772f161efac6e030c3312c925bdab83391952a98fa861bb02fff480804e35a35e87397862a02ee93f40ebd99a3d0722595d04599d989e66b5e3f0ebdd6697e024e9326c0f93f0cd289f8854b310386820feec16d503c4b87b9a8c32ce1af7d163", @typed={0x4, 0x81}, @generic="26f13b195a65b7469d844880a489ebd8f841ae5d0aca72f7ab17fb9b9b4d90a8b95b7eec630b6730719406f2cdbf48d7f9a7a0ef006bae1520baa962c16a890e2195582456cc636e96624a", @typed={0x8, 0x13, @uid=r1}, @typed={0x8, 0x88, @uid=r2}, @generic="e191613b40ab5fcb3a45ff31b72487c9dd6e3a63", @generic="89aa1abc0e5f56ad3327589adfdc8ed6c9145527e7bddb40ea5b995cb09b2fa485e21679e5648bd5b5aa0a375465e01e46ca08fe2676a1fa2e6816d659137a1d", @typed={0x8, 0x46, @uid=r3}, @generic="47fcb7440fd168214637d9078966aa289de3b790d781e7acaf6b6c4fd458b1634b77be"]}, @typed={0x8, 0x62, @u32=0x1000}, @nested={0x1098, 0x20, [@generic="d2f636899b413c144db451d6a770233782832f7152139cf74deadc05266df8e98de7b984dd0d5d9c3e3fb8e7dfdcf04df92368312d026cd1a04a7e709fea1ad6f9f86dced81370adf49a8240c32118bbe7540836472c02b69c90e2b4259ce71eb7460a9aebf2d847d38193847d98fea96713f0654b738a8497ce2c68328c3bc0fa79aa21281f4fcd6164076958020c968efec6da5090dc351eed6876b265cbd7e6d5744f7496f9e675937b440099f5b339473247e6b458575ad075785f20c0f360f4a7854ac6a5b5f371858e37e0a852dd56e13f8577f65bcf67c4bd6b5905e7286bbb819a8f44a63d4584f3e0c135920c7fdcea7d9d204de71f54554db028e0f129a54e10b7c77958e22d5be5308b767cda1990e69f9bd9adeb1b06ba985c019d1a64545b857fac8a3db704a5aec2abfac64fda83c92432a002f834816c0ebf68f1f4cb4ed2fc24c361c2be27276c0c98451f5f09f26dd5653a37078844c5a1a7c04c4ae5a537cc28933cfab0c13835ae5fff6518d856e4af03f3288b7066bef23e0d97053a74f533adefe611944ea549099a3f7a4d751b30d0fa6ab4dddd6a6dbd4f21fb7820fc37bc8a15a922d74369f631e97fdbbd632976a85dd561d4365f99136d8de5e50f7be29a52e799842b63a17e519f06d5040ca0a5ace6d2c085e1b31ff595ad5fb33710521f57c80aa016ccf09d981475a93212fb2ffd17169a722bc6a6f37bc497eee24ebd6c23093b5a0f78664317a41b482b309abdbf0a7e3ee3fd618c9de4aaaa160d613e939fe567474201371216572d72e9677011fd9604ab2a9a514108e2ccf251b3dce10e02c1587b721a658ab167df06077003673f02cfcebaa14506ba89b611df78ac7b4725d7329f5d829c84b705996267a8abc61c67e4dc727674942367ead2047cbe60e15b6f3a9a710c1440b21e8fd02b6b489eb7d77252eafb69b6b310be8bcc99c4bf76f4964efe2ebc8d1a71afb190408f8973901ddc572291e5bcfb26f5d40b3b4a4ffe5ee1176a7ddea84acddf23597fa40ec3a670eed33769130afdaff3684e83a78e6f8672e27da09f86048423a0f0758a1b653392fbea3dae56fbc8f3ca50e2a572ac5a4cd31f67645badde2c17692f0194c22de9cd978dceb9687b6612e8d41f2383d883f9b4126ed478bb437bc75122c9dd917cb9539cb265ca29a5a40a16e096a738718ff00221489f6405c1002b67a68b2ae1dee393953beb38fb79e4191c5fb55a3c1fb4a6a5bdcc77d4ad1862892b8d25dd2e27c16e0a3e112954a58d6c4167a696a815971b9b6c3e123b2651d526be0c9796cf76027045b63d37048dbe16e064c0c060a4eebb9902516d41850bc1d93b85cb574fca142171eac5efef88d8a9f5323bd194d8e586965c92fe7957e70499550d9e2bce8e5b622ec8a3883e4d3df3e50a0407647ebedb8c5dd60bd3c889e8a66f1a3a2ab530275c6609e7a7749b40f1f62461e50b2c5d9d2a2ae9f5120092405c4e0101b7424663587a0bad5234c903eed938327ba03b3bebf39cf415b831383630c4658e2b41c5e4919442c062f10626ec6598e263e140401636dc868a23fd087ed250deb4c36d401c0fa4cdeaa3cefd270ec42ff9ab427ab7c7167deb533ee7c9cab306fc6017ba1460a48b63a03b345c99abd67a500ec05851b70692a9ae787507e9cf784e4d14fd7ecc4840239748fdaf7c09e1481d7c3ad35c79b7266b7a4a16b6ce33457e999318b7ab1e5bd80a825ce82c7cc91cb0e257d3654b1f6ac75e397eabe90254bc7459e9928275a5694d50495e5f86cd76665a60b1a028ee4fc1b81822098b74511d4d006917881663fc35abda66c168ecef7c78c450f26382dbe15c0b010168d97579e753f317fcbe3bf74bce9765a0e2fc88ce54c3229c3a57ed422f2a93a3896f9b2a649b2a13b6d7d04b6a134ee1b65a1cb0a7f4f5ecf1639abb93ab57ac9022bba989e1d6f61c70e32dfebde1dad7701da467fbd470668af5c82caa5fbe2b4fd7eb9a566f4df3fa389e2cc140dbdf0b372a811ce0598ed10eff75001ff419d638e85f3f04389f7a965088337d104d406425587222027adc92ea6842ddc10296563212d3f4451f21efd4824607f396fb1c4444d1fc8affcbf167273da61dc13d4e983b0be1c87f5f7ad4ebeafc3e7a0d4980a79f190c75e050c18e149dbed2042570401560e84ef4af73b1255bf9b6d6290ed9a59c536db3c649cc4c518757db785521ba832e3517b3c6e3a25e936653cd61ebec48259be90986a731c52e436b3bd60b47a92da141bb6c010ab7f17a954264b44c42992ef002857b9170b4ea9d01904be8e5eb115248a6e7f04882d67917cea91c2232451d719a7045203955e21e70d830fec34a9ebc716867e64bb2c743eca3cb8ea57eb75fc7c96d86246c734df78d73220646f369f1635740600b4fb3be72833c0cb772cb75054ba0be2c5de53210fb401f2989a0c2e313845879c9add41e6612db0fe9d4f5d0e25dc207f79fa7a8e50c30e69977c8e2774c667513f5552be4ba5a3d8748494d3937113bf9da92c1cb366209245c5aa3d7321af8a5609e286781db3265aa7ea6f7a3f48ccf8ed42d357da6d6ca9cf3c696680169aeafdea040244b8d6e955fb0e5f61a08c03c5fe46192b273ec3268e52efe3b959dcbed773436f9ee595ade758c7f080ec795ac7b3c62a696639bdcec3cf95ca46615c6e03e4b68c7f2af54a8e85922f750616bc1c119e06d3c694031d6e50236deb07333fbcd381a38e1ec9bfc0b6fba4df1a788cedf447c4e03c9da184e3c7f8823f5eb82601469e1affd9cbb03d082c7f83da04879597c9aa0c932e625782f49024c2de46ca7a91f52cd6d43d2b0a750b4472a8db305d5488800b610bd3dce3f2221c4893e9b01f598edc8026c653cadfb5495301d59d5d4d7d07cca498552a01e3204e3cdb13e9c0fc49c809935b04fd773711caca0fc213a2dc5aeea3af0a914d3a529bf7c72c732c3306cb32a3fb847eae98209a3aa07438149ad2470285240e4fffd6e0892c3adc17c83ecd13fba0e0c02d81c85ed9ecd0b04d18635df37d56f511890d0595dad68293dc351371cbc3780646d817f7bb892f6077cc075c4b14d5809e6b4ca77c21172f604296e72b4bcbadd286e7ad6a4e2f753ed8505fdb2a5f4cb680e357fd47e5b4bcc39da80186fddd16e7166b28797eee53dd94a9995a159c27abf77ee34100e53207b5a4ebada7c2ca8b7456690ba35538e8477ea3d5813b93331bd350f526e3d352ab01b36af95e790848f6be6fc44096277b4f06c6dd8d23cd4cca049dc1c1d8975e337d32f2e4502f63bdf5ff3d821d812fe5d23f6d984f7bc8ad1160a102371f2329051bcb8b259a616ea8f143b7cd2293d340d73cea4dd462bf35190ba80be606a02e401af3560772cee1e5098af9de576a058367383b34eeb981c7403a8c612046e0c03a4cebf669bf55073fe913f2dffe6fa5c78a4affbef15da6877ed218480b12495afebbc5aa0fcdfa83f70319ac6395f2bf0f1d616c8d4b51a6f765cfc4c9aaa2de25671ff71d05cc0bb55a7719ff047f9ae293a36631507307f47073529ac05576272a3e7fce12f66e6f45657590bc1eed64a64c2f026522cb640c349d26992c527f3fdb080c0ffea6abc79b4b3d4112232f5fbfa653e6882b748dae43ead2d0db6522bb96e6c6a7cc34295b8bfe58300149becac158daccc36abd17f63b3a54e848c8acd0413d2cd1bce603f3154b11546f74e5b9baed85816a7e20fd73989a3a3ecfeb21a03c4ce5b030610008835e8e47ce79f143cb3bad132e44e344e13ca531f24b07025c5e123ede2b6bb1841b12c644b322ecdb981e0b2bb7ee547d1e4de81485a03339623159c5d4ad6c19623931df34e1e4ebe5c2c2c417154d54562040d77c3b496e0b9ecf5ac3c33220afb467227cb5c1f3885fe7fa6df8e5c27c75e1baabab11ba7fe37fc087cfadbfa5d6049266d5fbff2a15ceb1dc4ca0dc87ccbfeb9df999409497fa4c6c847840f86918f01322f543f5a3537f55335cc43eef4a16662acedd65668f521257ed44f86cf3011a3a8a37c79cfe3bdf00779c0002dbc523112a647e220c52f496aa00cb907b7bd47021365400a51f8105b680347fcd67bddc681ab1d61781f970044a76175e0c0ca5364e0e0ebe578e948d3b8632ee773227e742f8cdbaa45e3ac5844ec4e4adcae818630d50494df15460cd5f964860a621cbde2f4feb2dbf9b3f3baa088bbc7744d54c450a4d4fcc84cbbc34559f4951f3d3c9e570cca11b811ac0cb8e6b75c625bd10ae361b208b1aa3f25afca05d9c3c0ad9337163daca6c688b89f6c0e169ad08c841feb5981892e1e70a9481ca3c76a3e6831128e85e4fd2939b96da11582b34faf78c0dca01363f1b1f1dd038f73038b15fbb0dda895447cc5f2182fd7ca77b41e559e6f2a4bd1832bb2f873180e84d809636e253b16fbc868964a927f425865d2fe22e40e01b2fc6634ac05673e0801fed0fc8405ace56c8a363cf8d0e11c2f0462653b5c5e442d515db3a0992f36bde0a323819e38cfcbd4ccff1a9489af2b406637ad2aa89751a6c979d818e0c153544ca364d41069f8221cf0b3e1a611f516f89be0c2b2323d965d8c876ee27711222054aae5fc5182a4a7c24093aa5cf0f67089f018460625775fd80a68cc8821b32ed04468c3caebf15213163807917a2f73e9d2bc92ed976d9721b56819cd66af9abb49a3584ac44204c73c6bc215289a945e54ffdaba438c3dc6e465ca1894099b6e6c18d4356decf86404ceec923c10137a56bc36f16b44240dc3e989e61fb25652a6ec2426cbe18cfb1fe078cd767a664f8bea0524c3443395047118d761af52a2e8ac5585c282f8c3ad389692475c3407f2d83b78295b7fd7a35a7dcff2856c588760da3294b4218ec54442d2b337b087e071a5b28fcc0188514ca72ff70d612b67f69448a40aad8037201af427945e9d9c752f796d3f1ef26c90a828bc127770ba77c2f7d99e0b3e4c51c14658f20d05cd942dd009e5d28f3663121e8b7dd21bced4c49f4b12c5aab4b9ea53b8f7b7c2b05aafd09fe456d81e7855c5736e2d25c4cb6f85a737f653e929b66e92b7536fb711f0130d0a9bf85d5ba8feb47fa65e6f0d1186c6fb72f52347c19c23776b4d761dc2145b1cb7fe3dc78f992673265127fd83bfaa0bb032245db9156a3f9eb0d3301b4397752aa99fe64bb635a88cf4d570e72f5e7db1d5aa86256887da6f2f43fc104637b35ffb53203b22a7430c11b0881cb73e1b73aeaf6dd232ee4823dc82d2325e5e46ad94a6d3c81adb17a5d5c2f76d6d1a2517930894a50d02f530453968a991afd8b6b2e875281cf2f790e2a3485a9b03a37b17c34eadd72d1f78b3cd19bcef483652acd77b887f27fb158fa40563f9a5d5e5ed24bf123e5ff1b57f45766c1645148b9ec2957a3ea7049a1c96c1c4a7f2bcd509b9c5894adb6b0a0de877fdac1c05c47dc1cba1c890b20cfe54b46272b7b5cddc8c07b799f424099776b61436fe26d47c5eefcfe24f5148afb63ae7ad06ae30cd36445809c8995cf90db9ea1a2d412c659a3e2b20c505fbe7532c7ae0859b3d661461fb7351ca06e1f4af2a2abb9c43963a759eb9712249db4717327d332f1764ca3fb37832babd63cee77987fc622937983853f1e4459bcac8a7f9fe3fea42cc751ea13f94426731bfc81c31b14dba1b05216c07bc559819f28eee6b13a79c64ea7e07707826ff83bbdec083f7837b1f71401ea05c9a770014a74b50a4", @typed={0x4, 0x5f}, @typed={0x10, 0x86, @binary="4cc11c1c75dabf1021"}, @typed={0x8, 0x36, @pid=r4}, @typed={0x8, 0x5c, @ipv4=@rand_addr=0x4}, @generic="d74b284310ce8212f9ba9eb8d99382856b588945033f9e254316c73fd86c3b556049c3d18835484287d90714f80a650a87925c864f468b09cb78f5be21c47d3f92522394158f51acbdd81974b3f9433f88ea21949ac2bc60b0f3f72876ee0536f0262d9266ddfb11c230dc70bff9"]}, @typed={0xc, 0x13, @u64=0x100000000}, @typed={0x14, 0x79, @str='.:#GPL[selinux\x00'}, @typed={0x8, 0x62, @u32=0xffff}]}, 0x12b0}, 0x1, 0x0, 0x0, 0x4000}, 0x0) ppoll(&(0x7f00000015c0)=[{r0, 0x200}, {r0, 0x400}], 0x2, &(0x7f0000001600)={0x77359400}, &(0x7f0000001640)={0x9}, 0x8) get_robust_list(0x0, &(0x7f0000000040), &(0x7f0000000080)=0x18) [ 1068.786160] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1068.797209] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1068.802373] CPU: 1 PID: 25606 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1068.809726] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1068.819070] Call Trace: [ 1068.821640] dump_stack+0x194/0x24d [ 1068.825249] ? arch_local_irq_restore+0x53/0x53 [ 1068.829898] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1068.835075] dump_header+0x28c/0xe2b [ 1068.838776] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1068.843949] ? arch_local_irq_restore+0x53/0x53 [ 1068.848602] ? __lock_acquire+0x664/0x3e00 [ 1068.852812] ? print_irqtrace_events+0x270/0x270 [ 1068.857545] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1068.862638] ? trace_hardirqs_off+0x10/0x10 [ 1068.866932] ? __lock_acquire+0x664/0x3e00 [ 1068.871143] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1068.876313] ? __lock_acquire+0x664/0x3e00 [ 1068.880523] ? task_will_free_mem+0x252/0xaa0 [ 1068.885002] ? print_irqtrace_events+0x270/0x270 [ 1068.889749] ? ___ratelimit+0x30d/0x630 [ 1068.893702] ? lock_downgrade+0x980/0x980 [ 1068.897833] ? lock_release+0xa40/0xa40 [ 1068.901789] ? mark_held_locks+0xaf/0x100 [ 1068.905916] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1068.910998] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1068.915996] ? trace_hardirqs_on+0xd/0x10 [ 1068.920137] ? ___ratelimit+0x95/0x630 [ 1068.924006] ? idr_get_free+0xfd0/0xfd0 [ 1068.927961] ? find_held_lock+0x35/0x1d0 [ 1068.932012] oom_kill_process+0x8b9/0x1640 [ 1068.936227] ? lock_downgrade+0x980/0x980 [ 1068.940357] ? __lock_is_held+0xb6/0x140 [ 1068.944398] ? oom_evaluate_task+0x480/0x480 [ 1068.948795] ? rcu_read_unlock+0x35/0x70 [ 1068.952831] ? mem_cgroup_iter+0x363/0xbd0 [ 1068.957040] ? lock_downgrade+0x980/0x980 [ 1068.961174] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1068.965909] ? mark_held_locks+0xaf/0x100 [ 1068.970038] ? _raw_spin_unlock_irq+0x27/0x70 [ 1068.974510] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1068.979507] ? trace_hardirqs_on+0xd/0x10 [ 1068.983632] ? _raw_spin_unlock_irq+0x27/0x70 [ 1068.988198] ? css_task_iter_end+0x280/0x430 [ 1068.992580] ? _raw_spin_unlock_irq+0x27/0x70 [ 1068.997062] ? cgroup_procs_next+0x70/0x70 [ 1069.001273] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1069.006266] ? trace_hardirqs_on+0xd/0x10 [ 1069.010389] ? _raw_spin_unlock_irq+0x27/0x70 [ 1069.014864] ? oom_badness+0x980/0x980 [ 1069.018731] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1069.023477] ? mem_cgroup_iter_break+0x30/0x30 [ 1069.028053] ? finish_wait+0x268/0x490 [ 1069.031922] ? lock_downgrade+0x980/0x980 [ 1069.036057] out_of_memory+0x86d/0x1220 [ 1069.040028] ? oom_killer_disable+0x310/0x310 [ 1069.044497] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1069.049580] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1069.054572] ? trace_hardirqs_on+0xd/0x10 [ 1069.058710] mem_cgroup_out_of_memory+0x159/0x200 [ 1069.063528] ? swap_max_write+0x110/0x110 [ 1069.067651] ? do_raw_spin_trylock+0x190/0x190 [ 1069.072218] ? _raw_spin_unlock+0x22/0x30 [ 1069.076351] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1069.081344] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1069.086772] ? find_held_lock+0x35/0x1d0 [ 1069.090814] ? memcg_event_wake+0x420/0x420 [ 1069.095112] ? __do_page_fault+0x5f7/0xc90 [ 1069.099325] ? lock_downgrade+0x980/0x980 [ 1069.103454] pagefault_out_of_memory+0xbd/0x152 [ 1069.108275] ? out_of_memory+0x1220/0x1220 [ 1069.112484] ? handle_mm_fault+0x465/0xb10 [ 1069.116706] ? __handle_mm_fault+0x38c0/0x38c0 [ 1069.121263] ? vmacache_find+0x5f/0x280 [ 1069.125210] ? vmacache_update+0xfe/0x130 [ 1069.129343] mm_fault_error+0xd6/0x2c0 [ 1069.133214] __do_page_fault+0xb4d/0xc90 [ 1069.137260] ? mm_fault_error+0x2c0/0x2c0 [ 1069.141383] ? kernel_write+0x120/0x120 [ 1069.145336] ? do_syscall_64+0xb7/0x940 [ 1069.149293] do_page_fault+0xee/0x730 [ 1069.153070] ? __do_page_fault+0xc90/0xc90 [ 1069.157292] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1069.162806] ? syscall_return_slowpath+0x550/0x550 [ 1069.167711] ? syscall_return_slowpath+0x2ac/0x550 [ 1069.172623] ? retint_user+0x18/0x18 [ 1069.176314] ? page_fault+0x2f/0x50 [ 1069.179931] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1069.184760] ? page_fault+0x2f/0x50 [ 1069.188366] page_fault+0x45/0x50 [ 1069.191793] RIP: 0033:0x409b83 [ 1069.194957] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1069.200297] RAX: 0000001b9bc20000 RBX: 0000000000001291 RCX: 000000000040e950 [ 1069.207541] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1069.214785] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1069.222029] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1069.229272] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1069.236736] Task in /syz1 killed as a result of limit of /syz1 [ 1069.242784] memory: usage 0kB, limit 0kB, failcnt 4268 [ 1069.248119] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1069.254917] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1069.261119] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:06:01 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x40, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:06:01 executing program 5: ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)=0x0) capget(&(0x7f0000000040)={0x399f1336, r0}, &(0x7f0000000080)={0x7, 0x4, 0x1e5, 0x8, 0xffffffff, 0x7}) r1 = socket$inet6(0xa, 0x3, 0x1) setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000f68000)={@loopback={0x0, 0x1}, 0x800, 0x0, 0xff, 0x1}, 0x20) setsockopt$inet6_int(r1, 0x29, 0x21, &(0x7f000089b000)=0x7fff, 0x4) connect$inet6(r1, &(0x7f000000cfe4)={0xa, 0x0, 0x807}, 0x1c) sendmmsg(r1, &(0x7f0000008a00)=[{{0x0, 0x0, &(0x7f0000000480), 0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="60000000000000002900000003200000e10984fa3279d7a9e03a22b169d736c06ab11a96f7d25adf9166e34ba01ef80187324006ab9013268169230973698dc95dde627650790df783841dcbb38ed04b54d5375b9d6a00000000000000"], 0x60}}], 0x1, 0x0) 2018/03/26 13:06:01 executing program 6: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)={&(0x7f0000000040)='./file0\x00', 0x0, 0x10}, 0x10) r0 = socket$inet(0x10, 0x3, 0x10) sendmsg(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000ff0)=[{&(0x7f0000000180)="2300000024009115460700000009e001010000c2001000000600000000000000323853", 0x23}], 0x1}, 0x0) 2018/03/26 13:06:01 executing program 7: ioctl$KVM_CREATE_DEVICE(0xffffffffffffff9c, 0xc00caee0, &(0x7f0000000000)={0x7, 0xffffffffffffffff}) getsockopt$packet_buf(r0, 0x107, 0xd, &(0x7f0000000040)=""/4096, &(0x7f0000001040)=0x1000) r1 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) io_submit(0x0, 0x7, &(0x7f0000001780)=[&(0x7f0000001180)={0x0, 0x0, 0x0, 0x6, 0x6, r0, &(0x7f00000010c0)="753a0c1f4e59a4de4cce99d439680e9e9c426165a11553aa595a4fc9ddf74bc7b00b1d134366cfe4b0ebeeaf58ebc930bb532c340a0b247642aac48d5cbd94802278a8d96c45bc276272751bed2a7ab15587f01d6ef4bc9b7665a3f5a7a095cd22ddb5b841f89abd184070a635a38a47e389fb3071c8071d26ddce7bad3c72f6cba9a2e6e05962ea1c0c3cfe0f2a211edf4a4161b7abb9a701c6892a73f5bbbc", 0xa0, 0x6, 0x0, 0x1, r0}, &(0x7f0000001240)={0x0, 0x0, 0x0, 0x3, 0x1, r0, &(0x7f00000011c0)="d2f291ae82cf9efedb1d7bf50df214b52f2c491287b78d408f01826d2f702abc1dd408b942b9e6f5275938572c63f7c83db1f839aaa8f6e697dafaecc7da37a1585030612f91be8b6067792ff25571ba33dcae9117fd89f2f9fde4e36841beedc826b711820107df539838966353bc", 0x6f, 0x1, 0x0, 0x1, r0}, &(0x7f0000001380)={0x0, 0x0, 0x0, 0x7, 0x3ff, r1, &(0x7f0000001280)="f662a2d8b28dffd5913289ef4fd7faeda34acac0ce3228a1c9146a1524d6c085399bffe7d539bb6dbb594f81c84df40f0813ac86e4ef34d727183c809a2acc46e2a8dfd9b77ea50a2b90d1114a3efd79053dc7671c6a66a9796b001bb7d3f765e61227bf95bbbc858387d97b126633cf8edcf7813f8e4b0fc0f2b99a3bf1e750f871b1bc7e2e81347b71268b419877ec348c3d2da0faaa7d3919ddcd83999d3f239f0a9b75b83b2f53b34cf6e39548dd04efc17345fc70f6e9fa47b6d2852e9eccca7ee2882b52f6a168a8b76a12301ad7e7c22222b68cb2815d078b195bc936bbf0", 0xe2, 0x2, 0x0, 0x1, r0}, &(0x7f00000017c0)={0x0, 0x0, 0x0, 0x1, 0xc693, r1, &(0x7f00000013c0)="72bf26e645ba588d966fe7da778eb297d7dde4d1db597a707e5889241162fb42e70d2233d33df4736ec464edb3b7d1014c0a05e97c213c9f093b7077a6e0d938cf00b319f93ffc9e5ae64527868ada62ca588190eaeac753f34486652c28f3b6924e5839d95b6615e266beac7a98fab43404744efcb520409f1aebb99bd75ad5bf807d6f001316dd199769b69f24c2ee3c5b5f650eda96658e32c840a7a20d526b886f02b15536e01aa357ad0d93fadff92edf242c086b7fd0ee4291b136b12e02e475736d472dd5ea254939", 0xcc, 0xffffffff, 0x0, 0x1, r0}, &(0x7f0000001580)={0x0, 0x0, 0x0, 0x7, 0x3, r1, &(0x7f0000001500)="0edbde7e111f7bb13880d465fde96756816eaa9ba806c217ad505d2335667b3325c3f08815d779e3edfde916cccd006dcab48b75e9d9e26c6a7c3c6c8c5321e80b0ec433b5d544d4c707fdfb5107738d52237ed1b2d86ce3a8f5177d4e6e1d5144daeda0e8dff30f5f9624a50a7dec7d3b7de580667c1c", 0x77, 0x7, 0x0, 0x1, r0}, &(0x7f0000001600)={0x0, 0x0, 0x0, 0x2, 0xfff, r1, &(0x7f00000015c0)="70c16868e0c9a3ea065ca36fb14628", 0xf, 0x71, 0x0, 0x1, r0}, &(0x7f0000001740)={0x0, 0x0, 0x0, 0x1, 0x6, r1, &(0x7f0000001640)="b987f2d6ab2ac137fcd2774e13f3a5219f8fe99baaaf9045fbe25476613f12a9b04173c0822d3ae77026163189c22bfcf71b9ff46b2893ba2c845eab4c53ae6cbab8e916b2785c1d906fa3acc6aed96b13839419ae65d2c8a81b151c4201d829c9c66b1b9292010ace7fd58bc20131fa15aeee437eb73f229b57101930a3b5c390ed6b17286b36eaf883d706a3484328bed0dd2ac972e56c71d5d7836bde4b3040b421dd9de3eee146de62a2c1e03b90106bc0325b406c897f47709b34bd15c45a1f4ec0d9e0ec9ba9cb672de34e125aca989454be", 0xd5, 0x4, 0x0, 0x0, r0}]) [ 1069.280602] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1069.289390] [25606] 0 25606 11408 2089 65536 0 0 syz-executor1 [ 1069.298315] Memory cgroup out of memory: Kill process 25606 (syz-executor1) score 2105000 or sacrifice child [ 1069.308433] Killed process 25606 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:06:01 executing program 3: r0 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x2717, 0x8000) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f00000000c0)={'syzkaller0\x00', {0x2, 0x4e22, @rand_addr=0xad7}}) syz_emit_ethernet(0x6a, &(0x7f0000000000)={@dev={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0x10}, @random="1c4ac44a37af", [{[], {0x8100, 0x27c, 0x100, 0x1}}], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x30, 0x3a, 0xffffffffffffffff, @remote={0xfe, 0x80, [], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000], 0x1}, {[], @icmpv6=@dest_unreach={0xffffff86, 0x0, 0x0, 0x0, [0x14, 0x5], {0x0, 0x6, "c5961e", 0x0, 0x0, 0x0, @mcast1={0xff, 0x1, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x3, 0x0, 0x0, 0x4], 0x1}, @mcast2={0xff, 0x2, [], 0x1}}}}}}}}, 0x0) 2018/03/26 13:06:01 executing program 0: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'bond0\x00\x00\x00\x00\x00\x00\x00\x00\b\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000500)={&(0x7f00000003c0)={0x10}, 0xc, &(0x7f0000000400)={&(0x7f0000000480)=@setlink={0x2c, 0x13, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_ADDRESS={0xc, 0x1, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}]}, 0x2c}, 0x1}, 0x0) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x101000, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(0xffffffffffffff9c, 0x84, 0x22, &(0x7f0000000040)={0x1ab, 0x2, 0xe4f, 0x7362, 0x0}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000000c0)={r3, 0x1}, &(0x7f0000000100)=0x8) 2018/03/26 13:06:01 executing program 0: r0 = socket$inet_tcp(0x2, 0x1, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000180)='/dev/snd/midiC#D#\x00', 0x3, 0x141200) ioctl$EVIOCGSW(r1, 0x8040451b, &(0x7f00000001c0)=""/85) setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(0xffffffffffffffff, 0x84, 0x6e, &(0x7f0000000100)=[@in6={0xa, 0x0, 0xffff, @dev={0xfe, 0x80}}], 0x1c) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80}}, @in={0x2, 0x0, @remote={0xac, 0x14, 0x14, 0xbb}}], 0x2c) fcntl$getownex(r1, 0x10, &(0x7f0000000240)={0x0, 0x0}) timer_create(0x0, &(0x7f0000000080)={0x0, 0x37, 0x1, @tid=r2}, &(0x7f0000000140)) sched_getaffinity(r2, 0x8, &(0x7f0000000040)) setsockopt$inet_buf(r0, 0x0, 0x60, &(0x7f00000000c0), 0x0) 2018/03/26 13:06:01 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000000)=0x1) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:06:01 executing program 4: perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) socket$inet(0x2, 0x6, 0x0) setsockopt$EBT_SO_SET_COUNTERS(0xffffffffffffffff, 0x0, 0x81, &(0x7f0000000100)={'mangle\x00', 0x2, [{}, {}]}, 0x48) socket$nl_xfrm(0x10, 0x3, 0x6) openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x0, 0x0) mremap(&(0x7f0000ad9000/0x200000)=nil, 0x200000, 0xe000, 0x0, &(0x7f0000bf8000/0xe000)=nil) mincore(&(0x7f00009b4000/0x2000)=nil, 0x2000, &(0x7f0000000080)=""/4096) 2018/03/26 13:06:01 executing program 5: r0 = syz_open_dev$binder(&(0x7f0000000080)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f000001bfd0)={0xffffffffffffff2d, 0x0, &(0x7f0000000040), 0x579, 0x0, &(0x7f00000000c0)="6d7a89dd9a5138112feb36a1d2bc292aac227d2f3e7a2bf963a9d70f2fbd1a48414952377722084df7a1a19329a6befe986ce01334e710fc585ac3e7b591c94af18d66811663f61820557503f01e53e9c58e25cbe43e214b8f530e001d7eb0f908dc1a7f2f0ea2d9c611a0163fcbc2e36b85b042e448e0c687e703209387ee8215413de087b5325e0c3552a8c45a5d0dcea7319cb5afc29b30353643e4ef5c673cb0c1ad6ebce45114a5e29364e80e1b85b41f6e1826ace6f1503e328af3bbdd9f90b1f29c0e576487a1cc01b9dc9e62367bc84a800114b970ee50bca9339660a3f634ec5843f33b9816991fc7c121f77c942762e0d61650fbd62e2efe2efed5503a1afd1f760488fc7a4ed00dd7280d0bedcb3de8b15136ea544a51796baaa3f6668f88c2d86c92b67110083b7e210801fcef901007240000000000006bdf193abf476ea3b12513b27edd79fef225a32f433086676ff8b062759174015972b85abfcb9384ae08828f957f4ccb796e4279f47f5d6471fafc4ba8b39f6534244a8049b8fb1acdae46d062d297627cd4ce26087b0a6a6cae7b3ee9ac36fcc7f5fad2e27d254f040716eeac81ea35ea4bcf8e309bd0f673338621ca6c787f9976af480e612d45f1be177b582e20e03a5ebde5f3d1b3e1fe8826e43cebe4964ff17784e943beefd71b078f95f5e91325a032bfbf5ffc47d2ea26b7ba7ecf5a76e041fc425d1cc1e473d1a3a1d14a54349618ba14440e9666af6e45b649b22e03e6"}) r1 = inotify_init() r2 = inotify_add_watch(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4) inotify_rm_watch(r1, r2) 2018/03/26 13:06:01 executing program 3: r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = memfd_create(&(0x7f0000000040)=',vmnet0\x00', 0x3) ioctl$TIOCLINUX2(r1, 0x541c, &(0x7f0000000080)={0x2, 0x0, 0xdd, 0x3, 0x1, 0x6}) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) syz_emit_ethernet(0x1ae, &(0x7f0000000080)={@link_local={0x1, 0x80, 0xc2}, @random="ae75aee01a85", [], {@ipv6={0x86dd, {0x0, 0x6, "e30600", 0x18, 0x40000000003a, 0x43ff, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}, @mcast2={0xff, 0x2, [], 0x1}, {[], @icmpv6=@mld={0x87, 0x0, 0x0, 0x0, 0x0, @local={0xfe, 0x80, [], 0xffffffffffffffff}}}}}}}, 0x0) getsockopt$bt_rfcomm_RFCOMM_LM(0xffffffffffffffff, 0x12, 0x3, &(0x7f0000000500), &(0x7f0000000540)=0x4) ioctl$void(0xffffffffffffffff, 0x0) openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x0, 0x0) mkdir(&(0x7f0000cb3ff8)='./file0\x00', 0x0) chroot(&(0x7f000009a000)='./file0\x00') mount(&(0x7f00005b9ff8)='..', &(0x7f0000edaff8)='./file0\x00', &(0x7f0000000040)="716e783400113be25132ad0088eb4a963fdabd6f66d1304d5f820000d8e838add5f742f12cb2ccfeaaa0db34ac0055c29bada7fbc8f7b8f8bdc3b72886554bcb97cf0f6e846e3d9f37d4d182318ca78a82b0c7aa386c193b29780000000000000000f5f4d7aac812a8230400000000000000631127fa4b483c75688df3fa5731c27e50d302b21dba47b47d995dedb9fd6b92c1ab1e646bd058f0001a81", 0x500c, 0x0) chdir(&(0x7f0000cd2ff8)='./file0\x00') umount2(&(0x7f0000e28000)='..', 0x2) sendmsg$nl_netfilter(r0, &(0x7f0000000000)={&(0x7f0000791000)={0x10}, 0xc, &(0x7f0000dd0ff0)={&(0x7f0000001240)=ANY=[@ANYBLOB="0811000010000000000000000000000000000003b4f696dc10740078790486f29a6124d891c35caf4263a3fc89ca03da42cb6c3c020b28cf8fb00eed13472cd0364a202d856b46b96e1a08535dfde4f062740bd46813d8d7174930a847d53c13ca73f50d0b6b15e66cd6e8fd0675100a5fbbecfb6d7571ef213a58d8312a24f52e891002eff3b87fa90873e73a11c03a91b1a6ab46f09d4c0c4dd74b64ae4bb302147c858d10b1dd08b4773c77c7861c2e1d67050b351ff9a9ecb775c7334bd851f03b6760fcc6f158bc27904fd15e79ce3ce208ae43177103fce191623b50d32997818ce632a5b45a9d6b929663368d16ef220b9c0ac4c3ea84e9613aaa0102681b8ec573b1837f8c50aaefac927cb1327962187be1e2cb58b37f8d6310bf2210b1aee1ee6d2c331613658ebc04071cdf3df0706b1e07c363ede9a5bcdf1424f749db1c9e0a85767b63bd5063c22a4671c5a287944dd91c6fd58ebbb70ec5bff0346bee59849c6fca4d7286f9b16ccf7ea67be79514c1ac56f30371d57d1afe05009ec0ce2b61a1f78a000346de7d5ce5db64d9f3ca570a3a08302343418fe2659fefa2f49afd95f2d0a8cf5b563a17cc8792a94248961aa4ade3f6c83a2d1c1010f6d65b6aed6626a42876e327947ade9fa0a1e39567df7f1611fefd1aa384b858290810569bbebed9616a14e320354efc40c1581e9d8a83c6199678dfa4a9266ba67ac690d3a81b0d56517f5b57956c408e2702e5645f6cbde237559212616bbbbc0bac7d30e71a2379a4a6f9d2118faec9df8fe7ef26c6419d6276878c69735852ca41c1c759b1c3d286d2b3cfc7f72a61aa1fd03eb323d3a50b8f5670574dcd070fc73bf1731195249170aea432442f52f6d1a7cff37519c5ec8a80a40730a28b54b5298cc0a5ab70fdd4d87f0dabf1c30310faef8c3bd8585cca713ca1cbf6faf1520577144b72afb3a60508e9443984c525435b8e202732f257707457b5cc7114de2379f0a4976a058bc1959d14572e03f08cabea6bd9448cd8fc0b644bcc590ea07e7d5aa1071cc303efa290949c1411e7f3fe4c10be5434355f036ff8ada2a80c9524c5185f96234acb82ced10afca63ffa02905efefbd2c68e71b1b0e6897d94d3821d84cb34a885a8a7ee23c8d7bd1c944e3209b40ce19e4dc46b4ec3ef33e4fbb4dce0f7ccfca8103ab011349b49c332d334c6ad15a2599663eed50584b2dd9a250c30d3b537e386f0d55ca24fca04cdc2519e0c07a3d0b0e683f1aa064a26912387a230d1b5e4f2104063fddae607daa782f1919d84442112ea2bb3b527f1faa0ac6b4ffc4fa6a68edbab516c76540f56dbd675b92079498d9d371d56f39bb3ff139ce6e62226c25fcddc523c3c6251a972a21067e8ab07a92ab2d50485f7f4fd806885d84a8c77bcda8fad6e5099a182c3391e63029e68c8955aeba64e191816418da0a0bad42501f709f6429579b565801c537763aadc74c5176824a05322f1cbcb8b1b0be2bd65cc1b9d4cb022bd4965451945124825498a838ba856d42d924b4cac38c539c856d4c2e982ad0d452d1af8e9d292ceafbf1f0fddc84c136a563c0e00112a7fa9aea0bf33eca4688868227871adf2bbc101bb87e70518e4b06e725e8dbb92002191216ea035ca8074416063aed19f285224a027a43d1e0a7efb10dc96ec53abf30c66eac480725f3b17f47a0851adabea049049fa1be63146cc06ed815954d829906889bf446fc141192b5178b83075ac46b256273d34f34618988a2a14541b76d91580e6803958c0e2a2bcc91988d08a9ec05610b5cd35e8d20a07a7520dcfdeb1cb9275a63769bf92f72b497cb7c47b0b20b9f2a6091787580225407a891d456b152dfe0c5ca40f17f408ee21b09975aced2e9f17ea6d62dc4802ebb6de26979c904ad379a209a1e16e253d374e8165918f43310b7e28562477e57bb8a39cca55fe1a126d264a0e3d1dcb7fb1c11009264273425170709c31eecb1f60d1ba927f1d4fd5190eccf1920cbf22f90a56f055751d237c16c24d70ea719d5fe3d4c39be8d3fbd903cc1f2055a74085c15930a6e90110d1b1461573fa7b6bddae4ffab4095e0c4cbaf238ea9db7d3044affdf74b7f9ad46e79f92f6fe1e62b91b2e4f924d8dfeaa2fc691ca5cba9d154007d19dcb0f2192ec89551089494aa4c4da3d00f3cfadec8c42ee084b5495448a2a25d24c7e9188431d4fe2b9b98a16590a01b86d726365481a7f6f0409ce6a2c5e21cb62092b7e74e27c5aa46bc5c8b15e07c5458fb0625109d0647ab1ca8010cacde6b5a860140743aa5bb59327344145c4fb0a45a8b227d29fb9cf535a40cf0bc16ba9210bdd38b1661a20da304bcd5f5cb948ffbca89689b5af791415aae35c63e9534be22166bb05b7cbd415f7bcf3d99d62bb83ec3c17ef6869d443302d9294e3abc59b47ec6e225b2f55b96a046a07d0661dedb43939ae38eb6c295d986f51b63cf06324306a60ab482b7266056c9101e2582f77c75be0f359acef02e16d53f0baf1ca1cb4adc2a2a7f2a6f0c1341337878f9093f228a04a8b919af84faedfce49edeb931dd30ff5f6ccadea1db3bb8d5b0bc3004984367a343172ba8b0550b30e95af97588e3217fa2e1e2386a238374c498964d735c51f176d844e993bfcc81c56447e9839dbdb6c2103d84fee7b98792a4f977ec6d5a186ff10def9bc50e5b4fcebb2c9ae2aa2df0fcde35d1577d699a72d678148c95b220ffce1e5420c4ae8e817a715f865feb164caf4d17bf9f33326c4852a079c74dc080c6478218568e194c60214933c674ee58ce7cdf8e793fdbd33c292fbac3f26ae077a7a0d914a43a86f5e24d66b9c040bccfa182bef6e05120972f122fd6d6b6b247cbcf5c1061e06d5453a15cccb64f70bd3d6a5093bc3b6cbcee9d4ce1849e778684af1dafd39976042d9089b9bc5f66f48474a63e82c5639a58656bdacaccad1f8e9fd2773860852aaa0db7b349896eb8de9db989d410c3fdf5ee9598ed197445e2a573f03466ddc76ee2d454e6962124928d73bef97c943d0c18742272f01668d0275c1f8078cb3beb35972d73a11c7160ab293b5cda98e5b11156ae9fb74bd57176133cd491e2eabad7afa427fe1dadfc426a24afea36dc7e7d8ad3fed0852d9994a68b0e65de0af7ce5dabe9e62ae9c943bccc8d4635208033d4daa3d1d90ae8946eed4b44d0cbba8255bf38f6490b4089a6b73f915cc1a56fad5dad7c6d94a005105e7da86e4b019b5b0577b1442b9e8336f2df7d9c8428162e070959324c2a1f2125d2a7d369fa82839656b88b4015ffdb73d0b30fd6d02517cd252c2401b264c9a7c88408708ef5307b89900a0d8907a6a10e70105d81f31d6647afe0accb5801a0680cfd4e18898cdfb3ccb538f0c29f48c208b0081788806933e8fc792d701cf9e8e77d0df035a62f807a585dd835d60a3d17c38f4ddec8440be021cd2da0bfc17eb48ddc0cecba16f39ae835207afbac2ff60185dcad0019c7ab62d246929fed80f1ebadb4c3571e93cb525a91e17e3a18cc2c902b25435c93a37dbd9ec2cba929d76ea5119e23709fa22d28c993c109dfe562c1c888b83716a65fd38e2701cb43d5437db1737df18e621afc161a767fe4dd837497b0e872c506f48697e6d5e77ca6cb5d14ee5db02f5fe74b888a306a59a91cb1b2c90f6324dfe8671342190b2e94b56ab757dcc8a639c05e98a847170e7254492d4e96b32a70706b2e2036c8c0d546c71fc9bedcc25811c10a1fbbb2fd24c33cced5c6f7304778f095ada12c85a38d5e7fae0d2f86d3cc85ef319dbd7392a3dc64e4ca2ac5cefd2db1628e4b6617d2903c5d5d581683289252584abd89220e173ab5bb47d08d7f09092e60ea41c8e32b0a228fb58db7dfd9a00df172b1d5d871cee955e49242b4defecefd86ae4b3f1cb683f57aa8a014de68c7fe1883c2bd2fb6783cb327eb879eaeecd0959bb2d01d99682ce03524545c15f85bb1a57ab1b1fb3c577cd2038fb480cca584d5c2d88b42f55cc258fff0cdca54a3533db1c74b90f9b90181f85acfeff7777baf2a64c734187838596ddb28f0ba09489c7b665ada54a58a3513de6053a906c4cf6ccd55e488541e747eac1eee652306466d697edd3dd0b835f4a43be03b358e5ac09ebdcf526c1dafcb978ee0712181ef958a6d83977b325baae58eeab8d966317c1322c1a56043bacfcc863568039cbb8665648349c39507f73fe3fa63f8a2ca767016a0b7957f0495c66fcba86722f301d10aa38a8bc3ae7a20fd59ccf7ea6a3ee3d8b76508e65efa909d04d4c93a9e61ca7cfb7ec8016aca7d427f18897cdd019eca0c709f305e1020a8099a99009bad48bcbaa971f48b97f69afea5d5dca391187675425aeb38246e1195fef6ce51025303a08641f075c6bd9f8095fddd2aac56e8e9b46a58a3af112463a0f1476101ec3d5ffc5f9eeea931694ff2755d2ddff917de585623ec500ff48ada18fb9252e15516ccfb292578f54405b45cafad01ca7e5d3afdf0182d402cc610959f3777725176ceb580ed8822aad1098c402694f031c56050117c1c097e3731cfd7d885c5307168589ac43b2afaa66c30d462024d852e422695fd19b84a03a616e5d78db34eec67aec5b68d865c1d7cd4fcd6806050a8b0ba02976b00102ee77a6b7d1e1b48cd718fcea55c1851ff93103f42710206da48d6de94836ccfaac9c6129edb28c98fc7c86fcdcd1939c66a74eac97ec852df4a5f0fac5b71a698e02897a28c02e75fdb26ed3dfcf35cd083859509901f1987a600eaa09aa516578eae719fe7cc1d51167782442b4db01144468d0a412f85958cdc84b3330547519ba42ac7df91e45425c528377c0480c1206efebe7ade244a639f54191636cfa8b9078a51745d6b68163c7ff872fd30143d9c44c9ac4eb669ff070efec8b11364ea5218cb8cffda966aea95354a8c6d274df68f4495eba9c8d586dd09604a096fd9627741cb712ab30f0a5c8a91559875393471a6664b729158855e815e1c76dd3efeb48250ede3e813e305ad7ce9fad9085dabe79030ecee2dc53a9e61d25dba032fdbb5b7e585409dedded5c4775733936c90891ef1d9811536dcf5843cd4d23d9d67fcaa897bdd5b0dfd89dd58cb6390ca92d68654ca4c58b185d7de8a0821a9be2406d40d1a885fb76bb51ddd243ee0fb8b833ea1d88de056c59264d3475aba44d22a42fdea2f1771681cb9ddf3fd376857bbe0460736af110d5c959daa8fb7eebff1117e8eba8c64051ac6a5c755a6963226b85d371fc26ee02f19a760d115850d56a5d99ea2c99de5b820220115da377ff8b494ce22fc9ed6f5454f1737403998d235faf276b3feac460eb45fcdbc791f890c49de55b10f1289dace2bb91ad86be928b7c24146e962e6b3f8ed70698f15598292a34448355f21a6fb112c98e02631acc0b25546c89975b96c88b9eae781de033d03c76723daf89e1e7afd5a79441e4c5dde412feafd5a7be04a41b73a73e85cfb322c875da56889fd87b2ee0c47a0e1df224bdc2756d1f02089ab31e900a508dae7536f3e4bff11ed87ee04f38a56bbf8219056401482abaea9b1df951e50f2a5dd348e172db39e6076e425df1ad3cec795e25d9c4efa4fe27e3e055ce840102b0624cb77049fcfed0d4604183629f2d5ae5d9754b31b7cd9b8a527928f4e863b6f2b8f4e4128cd67839cc9f4ff4f8a98f8f3f824c64309c60037963ef813b05a3566061817b28cce5d08c546ca83e667a1e49230f795770ad259556f920837df21b14855d82b97d75dc7c2724a92595d391e3eed7aa9ae14126f232824b", @ANYBLOB="431cc2faa59beef36c67e7c4b76f2cd89307bccd4d640d3560f8d0b22527050000009e3d7e1decd401116b5c8b44dda8ccb1daeb88a9e10efd000014006a00000000000000000000000000006c040000000000000000f81b8da6e7328428b910b1c59c407beb8a5a1388913fe93e3741d74581427fc3963bc5d2ab355ec372c227ce41bee318fab64dbcb539ea450d3d7feb42472f9f9ccd24c706a869ce76afaf6b164cb0521b010001000000000016be0a455c816563d72e11d877453726000c007200010000000000000008005e007f00000100"], 0x1104}, 0x1}, 0x0) 2018/03/26 13:06:01 executing program 2: r0 = dup2(0xffffffffffffffff, 0xffffffffffffff9c) ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000000)) r1 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r1, r1, &(0x7f0000000280)=0x42402, 0x6) readahead(r1, 0x2, 0x3) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) ioctl$TCSETSF(r0, 0x5404, &(0x7f0000000040)={0x40, 0xfffffffffffff801, 0x63f, 0x9, 0x8, 0x5, 0x7ff, 0x9, 0x3f, 0x100000000, 0x9, 0x4}) ioctl(r1, 0x75, &(0x7f00000000c0)="5d8f0528d6fc24ee1780418e348a70bb70b01a0a1d334b8f6769bab50de06075729dcd0928395360790ad5ffe7e86199b5c6f837b562aec283496fc69fcac4ccfa127f53dba6c064a9b56b9df0b3cd1de6565ebae7168ed794f111696c5a8da6f25235b564873bbb96d44f7677b0ed022622bbdfef6faea987e4c2e9fa749f6dc0e74f9e2de0c613199edb235068a8fed32b4d80e3e6dc37c7e2f423f9acaa12b440a8c01beacb445b26d30dee1c384b2491da332e0b16a0692a7d9868df863876f277a745b5557e682523a180c6340ade92b4840164b7a41cdd06770af97aa038f31dcef95d5ba9e8") 2018/03/26 13:06:01 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0xd, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) getsockopt$netlink(r0, 0x10e, 0x8000000000000005, &(0x7f0000000fa3)=""/4, &(0x7f0000000fff)=0x4) 2018/03/26 13:06:01 executing program 6: r0 = socket$inet6(0xa, 0x2, 0x0) epoll_wait(r0, &(0x7f0000000000)=[{}, {}, {}, {}, {}], 0x5, 0x8000) setsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@ipv4={[], [0xff, 0xff], @rand_addr}, @in6=@loopback={0x0, 0x1}, 0x4e20, 0x0, 0x4e20, 0x0, 0xa, 0x0, 0x83}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@loopback={0x0, 0x1}, 0x0, 0x2b}, 0x0, @in6}}, 0xe8) connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback={0x0, 0x1}}, 0x1c) 2018/03/26 13:06:01 executing program 0: r0 = socket(0x20000000000000a, 0xffffffffffffffff, 0x0) connect(r0, &(0x7f0000622f80)=@generic={0x3, "dc9ce0fa7349447a5180e20d42dd0930e26e1709aa7aaa0f5a7e8ab61bd27c891495e60100db0d2772febfd6a9657a04a2cf779b09770089adc94bb9baca63a49ddb220f8732eb22d74ca029005b9932dd12aa0deb7be64e411cdc7b22deafaa78e25ce6f6ea0689bc4ae551aa2a8ad8508ae3bc4917e596b85af88e0ef5"}, 0x80) 2018/03/26 13:06:01 executing program 4: r0 = socket$pppoe(0x18, 0x1, 0x0) connect$pppoe(r0, &(0x7f00000001c0)={0x18, 0x0, {0x3, @empty, 'syz_tun\x00'}}, 0x1e) mmap(&(0x7f0000000000/0xaa1000)=nil, 0xaa1000, 0x4, 0x8000000000000032, 0xffffffffffffffff, 0x0) ioctl$PPPIOCSMRU(r0, 0x40047452, &(0x7f0000000080)) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, &(0x7f0000000040)={0x2, r0, 0x1}) r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x20000, 0x0) perf_event_open$cgroup(&(0x7f00000000c0)={0x3, 0x70, 0x3ff, 0xa829, 0x6, 0x1, 0x0, 0x3f, 0x0, 0xd, 0xffffffffffff9a6b, 0x2097, 0x1, 0x3, 0x200, 0x6, 0x2, 0x0, 0x364, 0x8, 0x6, 0x3, 0x4, 0x6, 0x9, 0x400, 0x3f, 0x1, 0x1, 0xffff, 0x200, 0x6, 0x0, 0x0, 0x5, 0x5, 0x4, 0x5, 0x0, 0x8001, 0x0, @perf_bp={&(0x7f0000000000), 0x2}, 0x1420, 0x4, 0x3, 0x0, 0x3f, 0xe15, 0x1ff}, r1, 0x10, r2, 0xa) 2018/03/26 13:06:01 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) r1 = semget$private(0x0, 0x5, 0x0) semtimedop(r1, &(0x7f00000000c0)=[{}, {0x0, 0xffffffff}], 0x2, &(0x7f0000000100)={0x77359400}) semctl$IPC_RMID(r1, 0x2, 0x10) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000200)={{0x1}, "0e4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x100040, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x3}) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='net/sockstat6\x00') ioctl$KVM_GET_SREGS(r2, 0x8138ae83, &(0x7f00000000c0)) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000080)={0x39dbfd22, 0x4, 0x80, 0x1f, 0x7fffffff}, 0x14) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f00000002c0)={0x0, @in6={{0xa, 0x4e20, 0xd8d, @dev={0xfe, 0x80, [], 0xb}}}, 0x5, 0x2}, &(0x7f0000000380)=0x90) getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f00000003c0)={r3, 0x3, 0x4, [0x9, 0x2d5, 0x2, 0x100]}, &(0x7f0000000400)=0x10) setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r2, 0x6, 0x1d, &(0x7f0000000040)={0x20, 0x2, 0x6, 0x4, 0x8}, 0x14) 2018/03/26 13:06:01 executing program 5: socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000012ff8)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f00000000c0)={0x2, &(0x7f0000000100)=[{0x15}, {0x200000006}]}, 0x10) sendto$unix(r1, &(0x7f000000d000), 0x0, 0x0, &(0x7f000000dff8)=@abs, 0x8) sendto(r0, &(0x7f0000000000)="6ea1c1f1b584d4e53bbdd5608ef8fea4f7bb807003f0dc2d264273e2bc7c84499dde82c2ac712bfe8737bb1287bcbfc937f762192447a15ff916bc41206242300dec25645bc6fb53714fb871911be81c6451bc68a05d5075547f2388d967e1db54def17cc8", 0x65, 0x8000, 0x0, 0x0) [ 1069.715331] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1069.726430] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1069.731706] CPU: 0 PID: 25656 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1069.739064] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1069.748417] Call Trace: [ 1069.751016] dump_stack+0x194/0x24d [ 1069.754649] ? arch_local_irq_restore+0x53/0x53 [ 1069.759323] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1069.764529] dump_header+0x28c/0xe2b [ 1069.768255] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1069.773448] ? arch_local_irq_restore+0x53/0x53 [ 1069.778124] ? perf_trace_lock_acquire+0xe3/0x980 [ 1069.782966] ? __lock_acquire+0x664/0x3e00 [ 1069.787210] ? print_irqtrace_events+0x270/0x270 [ 1069.791974] ? perf_trace_lock+0x900/0x900 [ 1069.796214] ? perf_trace_lock_acquire+0xe3/0x980 [ 1069.801055] ? trace_hardirqs_off+0x10/0x10 [ 1069.805374] ? perf_trace_lock_acquire+0xe3/0x980 [ 1069.810203] ? perf_trace_lock_acquire+0xe3/0x980 [ 1069.815043] ? perf_trace_lock+0x900/0x900 [ 1069.819272] ? __lock_acquire+0x664/0x3e00 [ 1069.823496] ? task_will_free_mem+0x252/0xaa0 [ 1069.827980] ? print_irqtrace_events+0x270/0x270 [ 1069.832726] ? ___ratelimit+0x30d/0x630 [ 1069.836676] ? lock_downgrade+0x980/0x980 [ 1069.840806] ? lock_release+0xa40/0xa40 [ 1069.844764] ? mark_held_locks+0xaf/0x100 [ 1069.848890] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1069.853972] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1069.858965] ? trace_hardirqs_on+0xd/0x10 [ 1069.863095] ? ___ratelimit+0x95/0x630 [ 1069.866960] ? idr_get_free+0xfd0/0xfd0 [ 1069.870909] ? find_held_lock+0x35/0x1d0 [ 1069.874969] oom_kill_process+0x8b9/0x1640 [ 1069.879183] ? lock_downgrade+0x980/0x980 [ 1069.883313] ? __lock_is_held+0xb6/0x140 [ 1069.887358] ? oom_evaluate_task+0x480/0x480 [ 1069.891760] ? rcu_read_unlock+0x35/0x70 [ 1069.895796] ? mem_cgroup_iter+0x363/0xbd0 [ 1069.900011] ? lock_downgrade+0x980/0x980 [ 1069.904151] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1069.908885] ? mark_held_locks+0xaf/0x100 [ 1069.913017] ? _raw_spin_unlock_irq+0x27/0x70 [ 1069.917503] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1069.922495] ? trace_hardirqs_on+0xd/0x10 [ 1069.926619] ? _raw_spin_unlock_irq+0x27/0x70 [ 1069.931101] ? css_task_iter_end+0x280/0x430 [ 1069.935484] ? _raw_spin_unlock_irq+0x27/0x70 [ 1069.939955] ? cgroup_procs_next+0x70/0x70 [ 1069.944167] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1069.949190] ? trace_hardirqs_on+0xd/0x10 [ 1069.953325] ? _raw_spin_unlock_irq+0x27/0x70 [ 1069.957800] ? oom_badness+0x980/0x980 [ 1069.961663] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1069.966399] ? mem_cgroup_iter_break+0x30/0x30 [ 1069.970972] ? finish_wait+0x268/0x490 [ 1069.974835] ? lock_downgrade+0x980/0x980 [ 1069.978962] out_of_memory+0x86d/0x1220 [ 1069.982944] ? oom_killer_disable+0x310/0x310 [ 1069.987422] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1069.992502] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1069.997496] ? trace_hardirqs_on+0xd/0x10 [ 1070.001633] mem_cgroup_out_of_memory+0x159/0x200 [ 1070.006455] ? swap_max_write+0x110/0x110 [ 1070.010666] ? do_raw_spin_trylock+0x190/0x190 [ 1070.015245] ? _raw_spin_unlock+0x22/0x30 [ 1070.019377] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1070.024371] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1070.029799] ? find_held_lock+0x35/0x1d0 [ 1070.033843] ? memcg_event_wake+0x420/0x420 [ 1070.038145] ? __do_page_fault+0x5f7/0xc90 [ 1070.042356] ? lock_downgrade+0x980/0x980 [ 1070.046487] pagefault_out_of_memory+0xbd/0x152 [ 1070.051132] ? out_of_memory+0x1220/0x1220 [ 1070.055343] ? handle_mm_fault+0x465/0xb10 [ 1070.059558] ? __handle_mm_fault+0x38c0/0x38c0 [ 1070.064122] ? vmacache_find+0x5f/0x280 [ 1070.068076] ? vmacache_update+0xfe/0x130 [ 1070.072202] mm_fault_error+0xd6/0x2c0 [ 1070.076069] __do_page_fault+0xb4d/0xc90 [ 1070.080116] ? mm_fault_error+0x2c0/0x2c0 [ 1070.084251] ? kernel_write+0x120/0x120 [ 1070.088204] ? do_syscall_64+0xb7/0x940 [ 1070.092161] do_page_fault+0xee/0x730 [ 1070.095939] ? __do_page_fault+0xc90/0xc90 [ 1070.100152] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1070.105668] ? syscall_return_slowpath+0x550/0x550 [ 1070.110584] ? syscall_return_slowpath+0x2ac/0x550 [ 1070.115498] ? retint_user+0x18/0x18 [ 1070.119189] ? page_fault+0x2f/0x50 [ 1070.122791] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1070.127613] ? page_fault+0x2f/0x50 [ 1070.131306] page_fault+0x45/0x50 [ 1070.134733] RIP: 0033:0x409b83 [ 1070.137897] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1070.143237] RAX: 0000001b9bc20000 RBX: 0000000000001292 RCX: 000000000040e950 [ 1070.150482] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1070.157726] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1070.164971] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1070.172213] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1070.179711] Task in /syz1 killed as a result of limit of /syz1 [ 1070.185813] memory: usage 0kB, limit 0kB, failcnt 4276 [ 1070.191125] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1070.197899] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 2018/03/26 13:06:01 executing program 6: r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000003000)='/dev/sequencer2\x00', 0x0, 0x0) openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0) ioctl$KDGKBLED(r0, 0xc0045103, &(0x7f00000001c0)) 2018/03/26 13:06:01 executing program 4: io_setup(0x9, &(0x7f0000f6c000)=0x0) socket$l2tp(0x18, 0x1, 0x1) perf_event_open(&(0x7f0000220000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$KDSIGACCEPT(0xffffffffffffffff, 0x4b4e, 0x0) io_destroy(r0) [ 1070.204072] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1070.223545] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1070.232320] [25656] 0 25656 11408 2089 65536 0 0 syz-executor1 [ 1070.241220] Memory cgroup out of memory: Kill process 25656 (syz-executor1) score 2105000 or sacrifice child [ 1070.251268] Killed process 25656 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1070.592449] oom_reaper: reaped process 25656 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 2018/03/26 13:06:03 executing program 6: socketpair$unix(0x1, 0x3, 0x0, &(0x7f00007e5000)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r0, &(0x7f00000bc000)=@abs, 0x8) fcntl$setstatus(r1, 0x4, 0x800042c05) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) bind(r0, &(0x7f0000f70000)=@un=@file={0x1, './file0\x00'}, 0xa) connect$unix(r0, &(0x7f0000c8e000)=@file={0x1, './file0\x00'}, 0xa) r2 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x7fff, 0x18000) statx(r2, &(0x7f0000000040)='./file0\x00', 0x1000, 0x200, &(0x7f0000000080)) dup2(r1, r0) 2018/03/26 13:06:03 executing program 3: r0 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={0x73, 0x79, 0x7a}, 0x0, 0x0, 0xffffffffffffffff) r1 = add_key$keyring(&(0x7f00000000c0)='keyring\x00', &(0x7f0000000000)={0x73, 0x79, 0x7a}, 0x0, 0x0, r0) r2 = add_key$user(&(0x7f00003bd000)='user\x00', &(0x7f0000a00000)={0x73, 0x79, 0x7a}, &(0x7f0000facfff)="01", 0x1, r1) r3 = add_key$user(&(0x7f0000fc0ffb)='user\x00', &(0x7f0000752ffb)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00003eb000)="b3", 0x1, r1) keyctl$update(0x2, r3, &(0x7f0000000240)="df02754677212dfc3e2acc26fdc3ffa64813da494137e175e9f2780ac5e2a09f43a1fcebf272a5a135de92bf4a9033933824f6e6aa023895113293535d1c0066d20e0f275188b4b4c187e18774fc2227cbb60fc6697f5337726164c8fbe1181e6d50986cd98a5c44ac0ec375deb27eafcf7d06438f252510d87bd91d03e7dc2faed85adcd88ca30e75b1e143a72d94defa187e48b89efbbbcc9b9a9a307353df7a21affce4e9149eb122cbc356cb681365afd979e97b57b596e901864a68679f", 0xc0) add_key$keyring(&(0x7f0000000200)='keyring\x00', &(0x7f0000000300)={0x73, 0x79, 0x7a, 0x2}, 0x0, 0x0, r0) keyctl$dh_compute(0x17, &(0x7f0000000100)={r2, r3, r3}, &(0x7f0000000140)=""/5, 0x3, &(0x7f00000001c0)={&(0x7f0000000180)={'rmd160\x00'}, 0x0, 0x25f}) 2018/03/26 13:06:03 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000040)={0x6, [0x5892, 0xf662, 0x1, 0x5, 0xff, 0x7]}, &(0x7f0000000080)=0x10) 2018/03/26 13:06:03 executing program 0: r0 = syz_open_dev$binder(&(0x7f0000000000)='/dev/binder#\x00', 0xffffffffffffffff, 0x800) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f000000ffd0)={0x4c, 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="1163483f000000000000000000000000ee00000000bd9458b9c4d1d278436b90aa00000000000000000000000000000000000000000000000000000000000000", @ANYPTR=&(0x7f0000000200)=ANY=[], @ANYPTR=&(0x7f0000000240)=ANY=[], @ANYBLOB="326d10009b0511a2"], 0x1, 0x0, &(0x7f0000000380)='\x00'}) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f00000005c0)) socketpair$inet6_icmp_raw(0xa, 0x3, 0x3a, &(0x7f0000000580)) ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)=ANY=[], 0x0, 0x0, &(0x7f0000011f9d)}) socketpair(0x19, 0x1006, 0x801, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f00000003c0)={0x0, @in6={{0xa, 0x4e23, 0x10000, @dev={0xfe, 0x80, [], 0x16}, 0x3}}, 0x8, 0x4}, &(0x7f0000000080)=0x90) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f0000000280)={0x4, [0x0, 0x0, 0x0, 0x0]}, &(0x7f00000002c0)=0x14) getsockopt$inet_sctp6_SCTP_CONTEXT(r2, 0x84, 0x11, &(0x7f00000000c0)={r3, 0x10000}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000140)={r4, @in={{0x2, 0x4e23, @multicast2=0xe0000002}}, 0x3, 0x10000, 0x200, 0xffffffff00000001, 0x4}, &(0x7f0000000200)=0x98) listxattr(&(0x7f0000000480)='./file0\x00', &(0x7f00000004c0)=""/139, 0x8b) 2018/03/26 13:06:03 executing program 5: r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00002ac000)='/dev/vhost-net\x00', 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, &(0x7f0000000040)) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180)='/dev/audio\x00', 0x0, 0x0) close(r1) socket$packet(0x11, 0x3, 0x300) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000080)=""/142, &(0x7f00000003c0)=""/69, &(0x7f0000000140)=""/14}) ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000640)=0x200000000) write$vnet(r0, &(0x7f0000000480)={0x1, {&(0x7f00000001c0)=""/219, 0xdb, &(0x7f0000000500)=""/98, 0x0, 0x2}}, 0xfffffffffffffecb) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000d7c000)={0x0, r1}) 2018/03/26 13:06:03 executing program 4: r0 = socket$inet(0x2, 0x2, 0x2000000088) bind$inet(r0, &(0x7f0000b9aff0)={0x2, 0x4e20}, 0x10) sendto$inet(r0, &(0x7f0000e7c000), 0x0, 0x8084, &(0x7f0000319ff0)={0x2, 0x4e20}, 0x10) sendto$inet(r0, &(0x7f0000000000)="dde20f100fc1c79a93edf7e95ad2a3ceb954bf7b28df4f7b25", 0x19, 0x0, &(0x7f000082dff0)={0x2, 0x0, @local={0xac, 0x14, 0x14, 0xaa}}, 0x10) r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mixer\x00', 0x40000, 0x0) sendmsg$nfc_llcp(r1, &(0x7f0000000280)={&(0x7f0000000080)={0x27, 0x1, 0x1, 0x3, 0x4, 0xfffffffffffffffa, "da7d451a0031ab22f5e16af9af582f1b552e42efb96d121f20d5be83d758e93875fa93f371e3fd4376874bc002afca6f885fe5c6c7d3e72725c346bd029b01", 0x8}, 0x60, &(0x7f0000000200)=[{&(0x7f0000000100)="bb01322420686b7dae09b4bb65b02d3d50342b0e99", 0x15}, {&(0x7f0000000140)="bc8d5139fbdb5531f9de66f67a11a39720246d3425e5b723271d86c910ef1dc6331a44921d3bcd0e91fe8236ccf3b33c726218c82262252f27d8868fd71e50dbc85547db1456c02b88cfac831d37e8b5cfddb74b808e7f9632080c47331ce11298949552e448ac6b92ce4107f9a0c4dd3c730ce743431c70ad63bc6581710f9fbff657723f1e046f24aee071dce0c3064c8351ad027e69b483e1209a5ee44695802d49e9ea77fee8a1", 0xa9}], 0x2, &(0x7f0000000240)=ANY=[@ANYBLOB="2000000000000000040100000100000046be67f23ed152a8e2414b0000800000"], 0x20, 0xc001}, 0x0) 2018/03/26 13:06:03 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r0, 0x0, 0xf2, 0x1000, &(0x7f00000000c0)="b53ba7d219f5573bc6d27dbfc5a8761e7547155da136f50e71d92812ed5543a56c283e76740d5334b565734e2d29b34c19e50eb86c9d375bc6deea3d9cf0fa15c7b4f28ef9175e200858c5c39946c0f5dcd65ae7cd03bde850b940e9412cade21ffb70c087b1cde720f2ebda9436cd73f58ade604c23cbf561112bae96e52de0219e00d342caf284207ab1f39f5305fbb600f83a92bda365eceac65cd97bc398e4adae3d94dbaf6847d1c4f296f1fc5bfde3a95030bd170631bb9d45347df951788dc5191608c4c302ee571954c9f1f730e06ad2978516f1e94a0609d1bdf3dbe6b54fcea2bd7bffe108feafc9e54676d137", &(0x7f00000002c0)=""/4096, 0x9, 0x100}, 0x28) 2018/03/26 13:06:03 executing program 1: pipe2(&(0x7f0000000c00)={0xffffffffffffffff, 0xffffffffffffffff}, 0x4000) io_setup(0x7, &(0x7f0000000040)=0x0) recvmsg$netrom(r0, &(0x7f0000000400)={&(0x7f0000000100)=@ax25={0x3, {"bee8d4e1e64306"}, 0x1e}, 0x10, &(0x7f0000000840)=[{&(0x7f0000000140)="3a3664111889a4b977c940c7de978a3408f14c1c3b054721542f9ecb6241ee0ec457bd0c87b91d315f0e11b20cbd53c3c77e9f931fa9572c04b6c82da448651097337412bd98e6bbad68cf2474c4f2ecfb07ae595ce8abd018580e4ba88603962a705c02c66f22beb28af9c758", 0x6d}, {&(0x7f00000001c0)="5ec449c05c94ca05b891d8330d64dfcfb07f2321904a48995e0a83e68f161b54092effe92f2db757d7b002e6155afbbe755c6b31816c0e42d5e7f0bf1fdf3850004eb91cff460bfef60d3c83694d962d10a36483dc82e7327a187f41d3992378be6902343b4d7827e99bc4494f8b1caa181063329d2fad7b067ece66e91eacc4c9ae35df25970a4f604758bc8758ee91ddfeb95182c507211c720627170040ebf5a13b65b87c114bbd5235fd70375304475a3000c9ee16cac912", 0xba}, {&(0x7f0000000280)="95046512fac6a2f4912bb38d622a6b56dbbcd01f1fa1bdefe69c2d813cd557cb622387ba313ae91a0289bcf31856d21a741f9b602fe5426efc63216337ea5b76af296c642d2ca7b951163db1140b0c6d7372bb582a8b856bc25ceef31ac89b7647c396c4e54ac0f089d4c885b5de190d287cfbbd6545ae5e29a8abc8e1108b7dce47a47b6093f2a7b2cdadc640e2cefc20c6a158374173ffebb5effdbc8e79", 0x9f}, {&(0x7f0000000340)="75be05b871ed89a7e257976610875e10234ceb107697315ea0ee4773d51b49a2500954bdb2c8195512f4adb455f57f920492dd76cafc1428cee7785da1467de9e59bb91240bad2d04b4fe487ad569585e59ad2893fcae02f72d87003d48e37a5966aa767b984bac2750d", 0x6a}, {&(0x7f00000003c0)="99a951682b705ea84bf565db104e1770160fd268338d74de07759fd52aa24586f6239e79c7f2f4f4679ffb328c2d", 0x2e}, {&(0x7f0000000480)="e2969af90ba9d06921325eaa01ab42b8668827d9f0177b2984eab3410b346f11221cbf7931c67f1fa92b188a6bb41bf8d090c91b8f28a75c19bfd3ad22ba83321dae3d82ec6ee7b86cf408ba12537ce0391ed625544b3ba6d1f0f46e22f06b78cbdb96552d81ff1c8101", 0x6a}, {&(0x7f0000000500)="b5bba88f94c286c849446e84db937ed4ef7bb6a2eaf617742c78551a0f5fc65e15f7c6f876bc31a49d0e7eb028e349856355ca95a514155fcb55932c30e7fb5a34ccde869a25b0cb8013ac5d77c49755b77dc9fd07ee2a2fa95e583b8b74062ea899c10cc71eddc3c14183b8caeb21e96ff013b0fcff927014ef3a0ddd2b1bfde65fae5ec9d3972b57c46a739858f764dd4bbe", 0xfeac}, {&(0x7f00000005c0)="1d3a9fbab3e8962fcd577844d7ebc79fdf07d14d0ff12b9a22fb4cc0cb7554ae061d2b3f031141cb797bdef59997997c78f87b4951e520dd9811b5b8edf1f14f9bf3eda34a59e24633c25d6915d3da0538225c1e4d9ecdfadbf06cdc758a663cb0ce0092b879684d8a420babd3047785384f091085ac8ba2ecc32c81a9d5702a0b094a5f0e2ab945cc1d529c74", 0x8d}, {&(0x7f0000000680)="bbf81f9370e9dd9ac96d886e09ded8d683f38a7949196f12a2d09617332a95ad63a134dc01248cd49f2fd2b04a31886c00fe8f258985cb1e4a016b7aad4fe4da8565fe4e7b946eced3bcd2a61df00d972811c02dcd15fe3580e44134de1da569a67c929602f2660509f154e9e55ebc50a546bd7cc611d6aa2e6a2843b3c1d36b0e23a220398d3c276110fdca50b4dac056d7859d", 0x94}, {&(0x7f0000000740)="76abaf55e47159f3fa0efd006f499b9eab5d3731558b2c0c09ada94fe12b09be2fed967c6e3c57fd73e714ee15badf983fc18141664f8adf7fb5719f322e06eeb7c0ff5985f2171f2ef1ef6389bf170ee2fd5200cb4d3f1ae5279344b180cf90a555b6bb772fe19da2a501f4279973076b447919793f0c1fa74e43f97b0c0158a2498ed1289bc185be12f55a19dec485bf4002973eb8079fa26088faf6625d00410ed56fc2886bf3c01d2e86c7d96af809a6b2c8d55bf663f2cfd19cda2bc6d0af7e2e991ae79ee3e9835359b65e3c4bc62619ca69a589a9b24a7dbbdc5deb961e96ec044c88b5c4e5577555123d8f736e4e6fc5", 0xf4}], 0xa, 0x0, 0x0, 0x4000}, 0x40000000) write$selinux_load(r0, &(0x7f0000000440)=ANY=[@ANYBLOB="95"], 0x1) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/autofs\x00', 0x210201, 0x0) getsockopt$inet_sctp_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000a40)={0x0, 0xffff}, &(0x7f0000000a80)=0x8) setsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r2, 0x84, 0x1f, &(0x7f0000000ac0)={r3, @in={{0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}}, 0x8000, 0x8}, 0x90) r4 = getpgrp(0x0) sched_setaffinity(r4, 0x8, &(0x7f0000d81ff8)=0x101) prctl$intptr(0x0, 0x0) r5 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x200, 0x2101) close(r5) syz_open_dev$midi(&(0x7f0000000300)='/dev/midi#\x00', 0xc78, 0x0) io_submit(r1, 0x1, &(0x7f0000b52fd8)=[&(0x7f0000587000)={0x0, 0x0, 0x0, 0x8, 0x0, r0, &(0x7f000096f000)="06000000000000009d", 0x9}]) getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000000080)=0x8) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000900)={0x6, 0x0, [{0xc000000f, 0x7ff, 0x5, 0x1000, 0x0, 0x0, 0x9}, {0x40000000, 0x3, 0x2, 0xd9a8, 0x0, 0xfff, 0x1}, {0xa, 0x2, 0x2, 0xea6, 0xfffffffffffffffe, 0x9, 0x3}, {0x8000001f, 0x1ff, 0x0, 0x7fffffff, 0x100000000000000, 0x6, 0xfffffffffffffffa}, {0xb, 0x0, 0x7, 0x3, 0x400, 0x1bd, 0x81}, {0x7, 0x200, 0x7, 0x100000001, 0x7c, 0x1, 0x80}]}) [ 1071.125784] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1071.136874] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1071.142072] CPU: 0 PID: 25699 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1071.149170] binder: 25696:25703 unknown command 1061708561 [ 1071.149439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1071.149444] Call Trace: [ 1071.149459] dump_stack+0x194/0x24d [ 1071.149473] ? arch_local_irq_restore+0x53/0x53 [ 1071.175213] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1071.181094] dump_header+0x28c/0xe2b [ 1071.184802] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1071.189970] ? arch_local_irq_restore+0x53/0x53 [ 1071.194634] ? __lock_acquire+0x664/0x3e00 [ 1071.198843] ? print_irqtrace_events+0x270/0x270 [ 1071.203576] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1071.208664] ? trace_hardirqs_off+0x10/0x10 [ 1071.212958] ? __lock_acquire+0x664/0x3e00 [ 1071.217169] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1071.222340] ? __lock_acquire+0x664/0x3e00 [ 1071.226551] ? task_will_free_mem+0x252/0xaa0 [ 1071.231032] ? print_irqtrace_events+0x270/0x270 [ 1071.235778] ? ___ratelimit+0x30d/0x630 [ 1071.239730] ? lock_downgrade+0x980/0x980 [ 1071.243863] ? lock_release+0xa40/0xa40 [ 1071.247818] ? mark_held_locks+0xaf/0x100 [ 1071.251957] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1071.257039] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1071.262035] ? trace_hardirqs_on+0xd/0x10 [ 1071.266164] ? ___ratelimit+0x95/0x630 [ 1071.270031] ? idr_get_free+0xfd0/0xfd0 [ 1071.273980] ? find_held_lock+0x35/0x1d0 [ 1071.278033] oom_kill_process+0x8b9/0x1640 [ 1071.282248] ? lock_downgrade+0x980/0x980 [ 1071.286377] ? __lock_is_held+0xb6/0x140 [ 1071.290433] ? oom_evaluate_task+0x480/0x480 [ 1071.294831] ? rcu_read_unlock+0x35/0x70 [ 1071.298866] ? mem_cgroup_iter+0x363/0xbd0 [ 1071.303077] ? lock_downgrade+0x980/0x980 [ 1071.307208] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1071.311943] ? mark_held_locks+0xaf/0x100 [ 1071.316069] ? _raw_spin_unlock_irq+0x27/0x70 [ 1071.320540] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1071.325532] ? trace_hardirqs_on+0xd/0x10 [ 1071.329651] ? _raw_spin_unlock_irq+0x27/0x70 [ 1071.334121] ? css_task_iter_end+0x280/0x430 [ 1071.338503] ? _raw_spin_unlock_irq+0x27/0x70 [ 1071.342974] ? cgroup_procs_next+0x70/0x70 [ 1071.347180] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1071.352170] ? trace_hardirqs_on+0xd/0x10 [ 1071.356290] ? _raw_spin_unlock_irq+0x27/0x70 [ 1071.360760] ? oom_badness+0x980/0x980 [ 1071.364623] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1071.369356] ? mem_cgroup_iter_break+0x30/0x30 [ 1071.373925] ? finish_wait+0x268/0x490 [ 1071.377790] ? lock_downgrade+0x980/0x980 [ 1071.381916] out_of_memory+0x86d/0x1220 [ 1071.385874] ? oom_killer_disable+0x310/0x310 [ 1071.390343] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1071.395431] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1071.400424] ? trace_hardirqs_on+0xd/0x10 [ 1071.404563] mem_cgroup_out_of_memory+0x159/0x200 [ 1071.409382] ? swap_max_write+0x110/0x110 [ 1071.413501] ? do_raw_spin_trylock+0x190/0x190 [ 1071.418065] ? _raw_spin_unlock+0x22/0x30 [ 1071.422193] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1071.427184] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1071.432611] ? find_held_lock+0x35/0x1d0 [ 1071.436660] ? memcg_event_wake+0x420/0x420 [ 1071.440956] ? __do_page_fault+0x5f7/0xc90 [ 1071.445167] ? lock_downgrade+0x980/0x980 [ 1071.449292] pagefault_out_of_memory+0xbd/0x152 [ 1071.453933] ? out_of_memory+0x1220/0x1220 [ 1071.458141] ? handle_mm_fault+0x465/0xb10 [ 1071.462353] ? __handle_mm_fault+0x38c0/0x38c0 [ 1071.466924] ? vmacache_find+0x5f/0x280 [ 1071.470871] ? vmacache_update+0xfe/0x130 [ 1071.474995] mm_fault_error+0xd6/0x2c0 [ 1071.478873] __do_page_fault+0xb4d/0xc90 [ 1071.482919] ? mm_fault_error+0x2c0/0x2c0 [ 1071.487043] ? kernel_write+0x120/0x120 [ 1071.490995] ? do_syscall_64+0xb7/0x940 [ 1071.494949] do_page_fault+0xee/0x730 [ 1071.498724] ? __do_page_fault+0xc90/0xc90 [ 1071.502935] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1071.507668] ? syscall_return_slowpath+0x550/0x550 [ 1071.512572] ? syscall_return_slowpath+0x2ac/0x550 [ 1071.517477] ? prepare_exit_to_usermode+0x350/0x350 [ 1071.522472] ? retint_user+0x18/0x18 [ 1071.526160] ? page_fault+0x2f/0x50 [ 1071.529759] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1071.534580] ? page_fault+0x2f/0x50 [ 1071.538185] page_fault+0x45/0x50 [ 1071.541613] RIP: 0033:0x409b83 [ 1071.544775] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1071.550113] RAX: 0000001b9bc20000 RBX: 0000000000001293 RCX: 000000000040e950 [ 1071.557357] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1071.564600] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1071.571931] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1071.579265] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1071.586819] Task in /syz1 killed as a result of limit of /syz1 [ 1071.592849] memory: usage 0kB, limit 0kB, failcnt 4284 [ 1071.595057] binder: 25696:25703 ioctl c0306201 2000ffd0 returned -22 [ 1071.598169] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1071.598176] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1071.617669] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1071.637152] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1071.644341] binder: 25696:25703 unknown command 1061708561 [ 1071.645902] [25699] 0 25699 11408 2089 65536 0 0 syz-executor1 [ 1071.655365] binder: 25696:25703 ioctl c0306201 2000ffd0 returned -22 [ 1071.660268] Memory cgroup out of memory: Kill process 25699 (syz-executor1) score 2105000 or sacrifice child 2018/03/26 13:06:03 executing program 4: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) clone(0x84ddd699cdd89508, &(0x7f0000000480)="a3aba0dfb8338cd8748590e89a9daa76fc9664a5ae8f7297e503d10e4a4720e53904ae10283875276c25a66dbcf10479bf9a937bd2844bd969e9833a41584c", &(0x7f00000004c0), &(0x7f0000000500), &(0x7f0000000540)="d327d66d38555d68f15c0ea36f5905089ec07464a7e3b7db00de43953c12c109e536e872543026ae3dd260e792b73b3f453ada9c8624d98eab89b9ad319e139a8fa93ebccbd061a951dfda11f407f3ac5bc4c8890d38bf647af67b90abf6fd684355f7ee985156bae8a6cd741f7cfe62703bd095a7b946100fe10db6f81411bda09526e548b760765037ba8ce3cf3f838ad949304400441084bfee057ee047d4249edb4f434ff0ac97776b03c87cfa2011708df046702481af5f88c0c7f5a7f265") r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000001fe8)={0xaa}) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000340)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) r1 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0) timer_create(0x0, &(0x7f0000000240)={0x0, 0x33, 0x0, @tid=0xffffffffffffffff}, &(0x7f00000002c0)=0x0) r3 = syz_open_dev$random(&(0x7f0000000640)='/dev/random\x00', 0x0, 0x1) ioctl$RNDADDTOENTCNT(r3, 0x40045201, &(0x7f0000000680)) timer_settime(r2, 0x0, &(0x7f0000000300)={{0x77359400}, {0x77359400}}, 0x0) ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f00000006c0)) r4 = openat(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x80, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f0000000380)=ANY=[@ANYBLOB="f8552cad7b2d986b8555932ae7f70000000034d694bd151b124b885af182d6ff794c17f3ad8e55fa89671c027356655026f4b2c55b1dba8e3cb6a40cf4bc28a538229be3cb8d1254624e114cdfc155b5d0b76b0ead3ba3b9096d922b781bcfee114a913b0f9a03578f6afce43aa34b0f1556b09124fe41a1e96bf6b87d11aa2778ec18fce64c0bcfed0d52e87e87547c25f47b480a4818d445758b59a4950096261238b578821e94ae9f1d9e6aee4c43fab6c8a75b5e2b965db62caf5f00659c5e", @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000280)=0xc) fcntl$getownex(r4, 0x10, &(0x7f0000000100)) getgid() pread64(r0, &(0x7f00000001c0)=""/92, 0x5c, 0x0) getsockopt$bt_BT_SECURITY(r4, 0x112, 0x4, &(0x7f00000000c0), 0x3af) execve(&(0x7f0000000040)='./file0\x00', &(0x7f0000000240), &(0x7f00000002c0)) ioctl$EVIOCGMTSLOTS(r1, 0x8040450a, &(0x7f0000000140)=""/101) close(r0) 2018/03/26 13:06:03 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) openat$ashmem(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ashmem\x00', 0x10000, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:06:03 executing program 0: futex(&(0x7f000000cffc)=0x4, 0x9, 0x4, &(0x7f0000000000)={0x77359400}, &(0x7f0000048000), 0x101) clock_getres(0x0, &(0x7f0000000040)) futex(&(0x7f000000cffc), 0xa, 0x0, &(0x7f00006f7000)={0xfffffffffffffffc, 0x100000000000000}, &(0x7f0000000080), 0x20) 2018/03/26 13:06:03 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x40000000000007, 0x0) r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x8000, 0x0) bind$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710, @host=0x2}, 0xe1) ioctl$sock_ipx_SIOCAIPXPRISLT(r1, 0x89e1, &(0x7f0000000180)=0x100000001) getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f00000001c0), &(0x7f0000000200)=0x4) ioctl$BINDER_SET_CONTEXT_MGR(r1, 0x40046207, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) socketpair$ax25(0x3, 0x2, 0xcf, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xda6000)=nil, 0xda6000, 0x1, 0x71, 0xffffffffffffffff, 0x0) setsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000140), 0x2) ioctl$KVM_GET_CPUID2(0xffffffffffffffff, 0xc008ae91, &(0x7f0000000040)=ANY=[@ANYBLOB="deffffff1061b38ebb6477811af26f"]) [ 1071.660292] Killed process 25699 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:06:03 executing program 6: perf_event_open(&(0x7f0000348f88)={0x0, 0x70, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x407, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x1000000000000, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x8040}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000384ff7)='/dev/ppp\x00', 0x101002, 0x0) preadv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000280)=""/62, 0x3e}], 0x1, 0x0) ioctl$EVIOCGPROP(r0, 0xc004743e, &(0x7f0000000180)=""/246) ioctl$PPPIOCSFLAGS(r0, 0x40047459, &(0x7f0000e9f000)=0x600210) ioctl$EVIOCGREP(r0, 0x80084503, &(0x7f0000000040)=""/43) pwritev(r0, &(0x7f0000000040), 0x19d, 0x0) 2018/03/26 13:06:03 executing program 1: socketpair$unix(0x1, 0x800000001, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = accept(r1, &(0x7f0000000180)=@l2, &(0x7f0000000040)=0x80) socket$inet6(0xa, 0x80f, 0x40) ioctl$sock_ifreq(r0, 0x8943, &(0x7f00000004c0)={'ip6gretap0\x00', @ifru_ivalue=0x1}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffffff, 0x84, 0x6c, &(0x7f0000000200)={0x0, 0x86, "87dfcc5a0ccdf0845db282b6c9b901a247ff5d04c72c90baa2e056afc163238e6af2de8a00c3d4956a4db9945b88116025f7aa7156243f3ddb5e4c8372b9793b3f0d9792e2047233aa6c4a58d3978d5f429e72c87de1d4e665df50d2442e53d92a68ec0f289178753ba643fd31a2b7ecfa4a1452c9aa8489afc790bc988437ec60013569e83c"}, &(0x7f00000002c0)=0x8e) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000400)={r3, 0xd8, &(0x7f0000000300)=[@in6={0xa, 0x4e20, 0x3, @remote={0xfe, 0x80, [], 0xbb}, 0x6}, @in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x100}, @in6={0xa, 0x4e23, 0xffffffffffffffc0, @dev={0xfe, 0x80, [], 0x16}, 0x2}, @in6={0xa, 0x4e22, 0xee01, @dev={0xfe, 0x80, [], 0xf}, 0x2}, @in={0x2, 0x4e21, @multicast1=0xe0000001}, @in6={0xa, 0x4e21, 0xffffffff7fffffff, @ipv4={[], [0xff, 0xff], @broadcast=0xffffffff}, 0x800}, @in={0x2, 0x4e21, @local={0xac, 0x14, 0x14, 0xaa}}, @in6={0xa, 0x4e24, 0x3, @local={0xfe, 0x80, [], 0xaa}, 0x6}, @in={0x2, 0x4e20, @multicast1=0xe0000001}]}, &(0x7f0000000440)=0xfffffffffffffebc) r4 = dup(r1) sendto(r1, &(0x7f0000000980)="e9", 0x1, 0x0, 0x0, 0x0) recvfrom$llc(r4, &(0x7f0000000080)=""/244, 0xf4, 0x40000100, 0x0, 0x0) sendmsg(r0, &(0x7f000003c000)={0x0, 0x0, &(0x7f000005dfe0)=[{&(0x7f000002ff67)='}', 0x1}], 0x1, &(0x7f000003ae30)}, 0x0) close(r0) ioctl$TIOCLINUX3(r4, 0x541c, &(0x7f0000000480)=0x3) geteuid() [ 1071.726155] oom_reaper: reaped process 25699 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1071.741444] QAT: Invalid ioctl [ 1071.745502] QAT: Invalid ioctl 2018/03/26 13:06:03 executing program 5: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_open_dev$sndseq(&(0x7f0000868ff3)='/dev/snd/seq\x00', 0x0, 0x8000040000105) clock_gettime(0x0, &(0x7f00000000c0)={0x0, 0x0}) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) write$sndseq(r0, &(0x7f0000001180)=[{0x7f, 0x6, 0x2, 0xffffffffffffff01, @time={r1, r2+30000000}, {0x2, 0x7fffffff}, {0x3, 0x7}, @time=@time}, {0x7, 0x3, 0x9, 0x16, @time, {0x200, 0x20}, {0x115f, 0xff}, @raw32={[0xffffffff, 0xe000000000000000, 0x4]}}, {0xfffffffffffffe01, 0xffff, 0x9, 0x9fc, @time={r3, r4+30000000}, {0x2}, {0x4, 0xb7a1}, @result={0x9, 0x7}}, {0x8, 0xffffffff, 0xb67, 0x0, @time={0x77359400}, {0x8, 0x9}, {0x100000001, 0x7}, @ext={0x1000, &(0x7f0000000180)="f210b8f30b3a0ec298df21faf3121fd8a208517c97c8ec890fa46be6b582eb17dc2e5c5e441cf2d05682af24ea56fadba7e36e6da339c59c8e33db7bebe931c453a19083c485b07cc0653640c399d1055c477a0942d63be773046ae767a7b2be478028997c9f03a0e7f7550c77a4c6975abd4e3e00af86858002675cbc1a88200c120e6e7958c56a6b6d32074784240c8c0272e5ebf3360cb622ac26f0aeb798abf94c5c1ce4a5abe6b0af47c781bf5966ab015ab436cc0c83e8a21e1f57a89b837286c8d8e494e056c0a06ac7afd2e7891ded5c2d94cfdb7046eaaf394da92098893412d6ae1ffc28435e7cbbeaa88fb29a3faae204d0e9407c165ecb2645ee367407739ddf606667ee502b1dfbeea691fffdde5767010a16092fd96b852e07f5075a0de438263cfe63248e6e8feacdf3310c4dda0c1d5115abb13e570cea564dc66a62e82ae547104f3fb9987b796ee5e430f6c46016149250ec99e45c522d20dc174dfbf803632d0ab5e5bc90d75f2f70daf9bcbec6ea7f156e798030803d8e47c61154552f5833b5fb92760415fa90af9d3561102559edca3142b167a580a1fff557aa4f7df7b7adb238d11f6042d830504c2dfc0c3d052c5468e6a721fdd74a36d09f3c7371561ec049d59cc2e9609eb74875883bbd04c7a175218e858ba84106fbc8c23fb93fde4380f12c92132f45bc6eb350b20cc8e67a3bd3c49bc8efc79c880cbeea015caca6ff3ff160808b7aaa9fcb260128e46d2614998f1f9df22c3bdc295ff10c36f0e2ed8a8e79bf80866d053c04334358063c51ba79f8e72e1b5164ad994e1230b86451c7877926665d4b257aad32da817f2b1a45fbdc6c7f9dd83c30d223aef4b34bdfac0335f5367158af16e781130898f06b68a7a7b48d8ccf1e16ae8e1c6d2e3959cf7b0c2720fdb4694b1af2bd8b0f30e67ca7c9689c203362ba128ce6be230af4dc826c01c81b08372ee637f1fc229519e084dda7c301caccec319cf3355b38cc0cad3e7cba2688368026c1f373be7b7c635dbdcefc6f0c30a13bf3a72a36cfe8fa459a118d1a27f2efffcff5dbeb04332fa8c53d0d7ca1d85258fb99bc772e41bc921d0174f02151bed8ca6ee9fecbc657e88ce4f212428383600758e884d8eec46b77a8bbe0896870f83a6252209f1c3a33ae1149b59943b35c015b86b683f73b6308ab826dc533697d838e8e471630780c76b09b6dd0e904da1399c8d1ab491534a26d6c7c7c30a332dd39b8238db764da0b2afc907f3ce73c247f772c275efa53749be59adaaa2b3300a4c71f6c9165b9d259ee8b5f9c943161020dcbc8c862f616ae4dcd16f7c2d0271f37aabdee512eaf8ddee069032f324a64fbb10751a9b8e40d189dfa868bb21c1c08a4d4b9fc8deacdc38137dd8caf7ef4a86f50f28178574d7e9aa46e41c694e0715c7881509fc63b108272d1416df786a38e24d6528fea9d6e5dc8cfd55e9601c511df15e8de90f54baac0c08d324a218caa47a06219d1ed82a95ab70cbe1d0b2089faf97c49f61feac1dc522bafb27a4095a09148cc47de5605234c936568c94200f256bcd72bf8721ff6d2f1537fdf3b35465621d98d012a460c9c100603f807efe544d934d2959aa758a58f953e132a9b111745dd998cb16995bc411a7f7c86b37ee1d8f33ba2b636ff87447a45305c2b703419dee038b73ab0d94ac60be38238e50ec43e62964b250a47cae67f1bd3828a69f28724e6fe368f7febb14552fcec1d70f8516c7199e8bc11351ace8a4a42fda33509b50bca78eb83f77e6d0a03d956cd994ae0f46eb1fc5f80cead52047c515404bca18e5719b9a1b8785ef3a939a7045a3037ad9f382ab4017151cb5cfeddecc2275b4b1bd4e141e74f26bddf0727abfd20e8ce5c8fdafbf2ff664741ef72f43e165a833a11b3cc51fba58e6645c9d0390e0a555af8de76a58fff24407141aee9dad89fe89370b5aabcc268de07fb9e3eaebd7f136cc990fc175fec7cdfdda9af50dd8e752310c99ecaf79034c9b74c4af3efe3414aad48184276053309abba44e19ebd107b6a6805c708d478735ce9418f8e7ca68823b5b45d60d4b42d81fb4366abce12c855ad79a820383f6039ef43fdb120767e7376bb1031bc7f234b18c36dec520c7492e84435be95a9b7d3635d0763a39629157fb459817ad6cca1b8c3b0f92ec185a9bf30a8eee4fdc16aa383b44a7f6ec11de9d302dc5aa5b18a51bd3e3d504b9abfb6661d8d597030b8da79acf41fcd53b16df06644ce2d30f9a923556d666801fe1bc286dfd7a4ba71c29305526b05ade3f5394881491c8a1b1c5f24ac78b223c8b3d53b90c4362086298d7ad02449a954fee7f5dd4e1326a75eb7109b40286e24d54f19237f7676d959f3a670c74f52753c7851443826d55a001992d246e9659740ae800bb8052560679170d910dd074d5bbc84a7440abec97dc2ce90b9c2b32533bbb85667c39a725b2f16fb46766b6de443b8bc4ad451777ecddd8963890b3bb4903b8cb870fd05230bfe10a2880bfbd6628a661bc119ebec413e401add46035f46c03c04b2bcdb65f626464553cbcc73a5b0c3c167872b5d2aa79a49b6fe40099a1955d946c22183a329b0d73808abf4d034a7d89c6dd4ede32eb8bf97b8d7a9eb5d7148a883fe93f40449db1864607fea70d9e453f50f757f3593aa85bf4e9b6d983b2b82c48f764c97d14bb1ddd7c9252607ecc3130c4851e8c5ecf82aea3b4d0eb3bd563ad1a57fa0def7d0036a16d5b561656fe86b18704e29abd9031ec7371edfaa7df0a5940e24e72d3ec7dc3cd0ada54c2a47d44a416910c1a44dbcf8187eed864b065c072c7f4da3258c43214b1aa4d247a14421ab0da4716987340caf3b49f0138b9ec272bcc0cbae365453f70740c0c21bb74a04a9bc211ef274019e6b5fde8e1d022d7bd0bae6a301fbb8bda694f13234b71fcca2f5590da979461bc5e90322a0776f5bdcc810c72974fc19cbd6d4fc92dae4f18f7bbd4bcbf0f0298eca50906fd031f446d24ee8ad378c036dd74714493cc144ed320b60c1249127d854d7a6be989329c9b4026ba2a8229e4af2e1dc0c154cb58ae81de570933ee6b380771d7bee86f54607923faa98daa192dde0ee50e4f5faec0647f8ce1f2d9db58d061fe0abff1dc3ba2f59bdf8570fb967fc35990c05b8ba9c9a50067bb1786172db6cb07162c4118e5a6af84ca4edf5cd00acf3651418c7c076124962923b6e9a1a4921fa37c71cd5f4c3dfc4ad5df3746fc66e8cb8554403aa31457702d402c046e6228348bbddba99286c4e318546af699d579bc4fb0c8a7d9ac834b770130e588ca490e735c7e86cc57a8ebdffd810bd559a1f444de53f511c03de0537a68346d102b5e6e3013204c947a2527a90a98b6a7c5c126f3561b094ec0d7e4c40718a04f0af32e88b3286d72d35c941eb9abc5fd11cc33bc3126a00acab423bf32339a3fd90b87665612025906463728d8b1ce5f169d1b5ad059f4b1753843812da8563ece4d8fa44c81eac594d099d7799e0fb2f562a34b06d3feea75966ef4be4e9c0c50f599d8a064d7727d0a0d77f4e35ef79f9c24b8afd8785543499b2a1b2233b7e98e4b4f7bf90797c6037479dd30902b4396b85f1c7aef7e1a6fccc3d9ef2606b039adc3c7242710d8148af7a4eea8dbb6cc5b2cb9e5ee7e46466af73ccfa70fa5fc74449b0af09ddea7fd214e656f9d0c63bf4da3852f3fa863df948c82349f45d91010eb1ed887057d50c78674662894cba909f2251f73d4840bdda6e37a96da9d8e32a1b05b190a4ca25e031a3bfbb0f7bd5dde43f2f5174518f2aefbc5cd641779f03d3da9475a9c50e12c820cb7ee28148f223adec15808ef23dde1b8cb5235d1888fced4d83a357f1105aeecea0ae28c52d5029e0d0ea75e1f24e3f9f94c27ff4e8b3d9e297caf7b0e22cc1f6d611c5e385a8ebbd0b66b65358f76bb1dd00ee08531d3d311d2fd52b8f81a174207492d1bb3eb85e99a9feedd4a3f3eaaeb4572e4021206bf039b6b53339d48b6c71bc5579d7c249edbefaa92255bb9aff1d31d6402509573389525c7d7379edd50e778f04bfc2f96c7026ee6c2e3077f3088e58c9cefc32b8a8e4306eb88e92d5acb2d604b8e23300722bd8cdbe4d68e5d207974a394bbd456fce876c440b8f4532a4e56da7b6cde64714de3438bd474fa24542be49a9babd0f73299fe745577b1a8e5cdf55efdd737ae16b92589a228165c6837bf6ecf48e68fb1e9cc94897e9c893937a3991d95a01f097639b5edf7dd396b3f8b32856159a2b607caead11bb57fd420753b3868eda06ebd31bd0be878e882a45a6cd7c226ed944df75dc5d1aafb59c0df2685585a167e80614e58d58f86ed799daea12aca2477586b59f2240d8e8079c7f10c8c45729029a1dfa999bc50f475bc64eea198e967af758453494c169bbd4c8aa5d8bcd3bf30fa0aff786bac36e4f94393f59a4b8c3c17631e5b15f8e7f1f77c6ddd9b47421cf6018fa967089ef48462af0b44822a527b74c09d5aa84d336a9203022ac1e415367b406ee0c76ed951db194b8651a29c58a318e0e8b971f7b113da441fb09bbf2c33039b40d1c9c0dcddd5f34498759d2d8bb236f3bf566a5cced2a3cce25d68dd473b640c2abbdaf7fea217e2526d0c8065a19eef8a8739837e379ca672a5650380b835233f70016e1e8282f53e818b3f4e74fa108d67a4ef292e3fcb1611623fb02928078c83e98fb40ebf9dc937742f4e2853b81be9b27c2babafc218439c3c65533e5c0cdd1bb7562a793bc070b2f5b13d0ab60a994ef47845a50cfe2ef716209223483cabcd812f9c88c60f9cb75b015cf6b188b7fac07f3d2e957918d67b461df99088dcea140e3b7178f6aa75aa3ec846c52c502c60a9017aeaff244fbe2524b270681c5f93f0054b975089cb5cc558a15669c7bad57161d04de538658f50225969ce460ed7743f54c252b7773815606e667e32055f000ded2602154182041a1f677d2409ff18a33990a56921a9963b8e8e5a71965654dd06993045a09864eaabc343b67bd42f2a1893e90c93e9590869ee190d65506be5ca310be7a714d1668b4678b51703ae6214cf8d0fddf6c92eb5a130c427729d59aece973f612a1d46058d235b64f4f19d054288200e871d8118be203d4256efbf08199a8db26ff1a9a5e338bee3bbdc3a7c92914c1644ec024d1ea1fd8ae40687e6af449ffdf5a3e6dc8daef245997199f7530cd184307d7a2b88110294eb109a80e409204c5553d874a7b9921c915f5a9a54529e99c4016e60d90c2568da39d8b21f469183d64c4db44d8d4eb10e79670c1bda215fd8adab385241c03d8b4551da9c046fbd78c7bec766f562c677fe0b527f406490b6429164c7b4a09e9c021ace0b84ba9facf9f52c55fd33c3616f9053683bcc9e53b145c365353b678fae6339c92f9828d6ece4494ba7e9ea33366f3a52b6a90532d7185a3a9cd311e5e6423f072ce5dd15222d3ad06d0bbc2624b53c013ba3cfd6dbbc2590146cdee33c9e4377e7fd339f3f42a4583e319b50e972b436ab25bcf0e4ebba335add9e1cea1c0582a3f37bc66e0409d9928b8d4ef2b615afd6b8cf4c2e079ef867617e7135216c1f96a90de983bbc628553cb9fb0599c65164cc160d825e8e8f41088684d6f457987349a4ca6634b69d84c9a69876c2aec1ac0dec8523430f4cf5781f303ba80c7534a0aca5e6a74bc13f3bd44bc6b6cac1368a19fc311e83f3c721d37f7968f641939022b5db0511dce404349e914"}}, {0x7fffffff, 0x3, 0x4, 0x8, @time={0x0, 0x1c9c380}, {0x4f9, 0x7f}, {0x7, 0x3}, @queue={0x1, {0x5, 0x4}}}, {0x7, 0x1, 0x7, 0x7ff, @tick=0xfffffffffffff1db, {0x0, 0x80000001}, {0x8, 0x4}, @raw8={"d5593920746a3b3c01e523a9"}}, {0x4, 0x8, 0x8, 0x80, @time={0x77359400}, {0x3, 0x81}, {0x3ff, 0xda}, @connect={{0x7fff, 0xff}, {0x400, 0x2}}}], 0x150) r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x101400, 0x0) setsockopt$packet_tx_ring(r5, 0x107, 0xd, &(0x7f0000000080)=@req3={0x4, 0x2, 0x1, 0xfffffffffffffffc, 0x80, 0x100, 0x1}, 0x1c) ioctl$KVM_SET_MSRS(r5, 0x4008ae89, &(0x7f0000001300)=ANY=[@ANYBLOB="02000000000000006c0a0000000000000100000000000000ff0b0000000000000800000000000000e90ccb343588b0fbdbd105d61e360f9f3906c0f50ae4f4b1190da32fb0956b8d11a10022f5cc3c416f4d6479ad3f182df6dc4b5b64d95d3b322ca13cd48d02d5424143bde1df24cee7e67536cf8b0191663a2c9e8d8d4ceb682bbcf6bb869f079f999be6d0151e05499181a6c4653de1f97f"]) write$sndseq(r0, &(0x7f0000e6ffd0)=[{0x0, 0x0, 0x0, 0xfffffffffffffffe, @time={0x77359400}}], 0x30) ioctl$EVIOCGSND(r5, 0x8040451a, &(0x7f00000013c0)=""/138) [ 1071.789710] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1071.800784] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1071.805997] CPU: 1 PID: 25726 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1071.813354] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1071.822699] Call Trace: [ 1071.825283] dump_stack+0x194/0x24d [ 1071.828910] ? arch_local_irq_restore+0x53/0x53 [ 1071.833585] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1071.838783] dump_header+0x28c/0xe2b [ 1071.842495] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1071.847673] ? arch_local_irq_restore+0x53/0x53 [ 1071.852330] ? __lock_acquire+0x664/0x3e00 [ 1071.856546] ? print_irqtrace_events+0x270/0x270 [ 1071.861280] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1071.866382] ? trace_hardirqs_off+0x10/0x10 [ 1071.870680] ? __lock_acquire+0x664/0x3e00 [ 1071.874893] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1071.880074] ? __lock_acquire+0x664/0x3e00 [ 1071.884291] ? task_will_free_mem+0x252/0xaa0 [ 1071.888776] ? print_irqtrace_events+0x270/0x270 [ 1071.893528] ? ___ratelimit+0x30d/0x630 [ 1071.897482] ? lock_downgrade+0x980/0x980 [ 1071.901616] ? lock_release+0xa40/0xa40 [ 1071.905584] ? mark_held_locks+0xaf/0x100 [ 1071.909711] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1071.914798] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1071.919883] ? trace_hardirqs_on+0xd/0x10 [ 1071.924018] ? ___ratelimit+0x95/0x630 [ 1071.927893] ? idr_get_free+0xfd0/0xfd0 [ 1071.931849] ? find_held_lock+0x35/0x1d0 [ 1071.935906] oom_kill_process+0x8b9/0x1640 [ 1071.940121] ? lock_downgrade+0x980/0x980 [ 1071.944258] ? __lock_is_held+0xb6/0x140 [ 1071.948307] ? oom_evaluate_task+0x480/0x480 [ 1071.952716] ? rcu_read_unlock+0x35/0x70 [ 1071.956752] ? mem_cgroup_iter+0x363/0xbd0 [ 1071.960968] ? lock_downgrade+0x980/0x980 [ 1071.965105] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1071.969851] ? mark_held_locks+0xaf/0x100 [ 1071.973979] ? _raw_spin_unlock_irq+0x27/0x70 [ 1071.978456] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1071.983472] ? trace_hardirqs_on+0xd/0x10 [ 1071.987599] ? _raw_spin_unlock_irq+0x27/0x70 [ 1071.992077] ? css_task_iter_end+0x280/0x430 [ 1071.996465] ? _raw_spin_unlock_irq+0x27/0x70 [ 1072.000940] ? cgroup_procs_next+0x70/0x70 [ 1072.005151] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1072.010147] ? trace_hardirqs_on+0xd/0x10 [ 1072.015148] ? _raw_spin_unlock_irq+0x27/0x70 [ 1072.019627] ? oom_badness+0x980/0x980 [ 1072.023672] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1072.028411] ? mem_cgroup_iter_break+0x30/0x30 [ 1072.032997] ? finish_wait+0x268/0x490 [ 1072.036875] ? lock_downgrade+0x980/0x980 [ 1072.041009] out_of_memory+0x86d/0x1220 [ 1072.045000] ? oom_killer_disable+0x310/0x310 [ 1072.049477] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1072.054564] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1072.059561] ? trace_hardirqs_on+0xd/0x10 [ 1072.063710] mem_cgroup_out_of_memory+0x159/0x200 [ 1072.068530] ? swap_max_write+0x110/0x110 [ 1072.072651] ? do_raw_spin_trylock+0x190/0x190 [ 1072.077228] ? _raw_spin_unlock+0x22/0x30 [ 1072.081364] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1072.086363] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1072.091795] ? find_held_lock+0x35/0x1d0 [ 1072.095844] ? memcg_event_wake+0x420/0x420 [ 1072.100144] ? __do_page_fault+0x5f7/0xc90 [ 1072.105141] ? lock_downgrade+0x980/0x980 [ 1072.109275] pagefault_out_of_memory+0xbd/0x152 [ 1072.113922] ? out_of_memory+0x1220/0x1220 [ 1072.118133] ? handle_mm_fault+0x465/0xb10 [ 1072.122353] ? __handle_mm_fault+0x38c0/0x38c0 [ 1072.126909] ? vmacache_find+0x5f/0x280 [ 1072.130862] ? vmacache_update+0xfe/0x130 [ 1072.134994] mm_fault_error+0xd6/0x2c0 [ 1072.138873] __do_page_fault+0xb4d/0xc90 [ 1072.142931] ? mm_fault_error+0x2c0/0x2c0 [ 1072.147062] ? kernel_write+0x120/0x120 [ 1072.151025] ? do_syscall_64+0xb7/0x940 [ 1072.154988] do_page_fault+0xee/0x730 [ 1072.158772] ? __do_page_fault+0xc90/0xc90 [ 1072.162985] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1072.167723] ? syscall_return_slowpath+0x550/0x550 [ 1072.172642] ? syscall_return_slowpath+0x2ac/0x550 [ 1072.177554] ? prepare_exit_to_usermode+0x350/0x350 [ 1072.182554] ? retint_user+0x18/0x18 [ 1072.186261] ? page_fault+0x2f/0x50 [ 1072.189867] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1072.194698] ? page_fault+0x2f/0x50 [ 1072.198318] page_fault+0x45/0x50 [ 1072.201747] RIP: 0033:0x409b83 [ 1072.204915] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1072.210259] RAX: 0000001b9bc20000 RBX: 0000000000001294 RCX: 000000000040e950 [ 1072.217508] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1072.224753] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1072.232001] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 2018/03/26 13:06:04 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) [ 1072.239337] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1072.246831] Task in /syz1 killed as a result of limit of /syz1 [ 1072.252886] memory: usage 0kB, limit 0kB, failcnt 4292 [ 1072.258201] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1072.265007] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1072.271222] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:06:04 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000000)={0x8, @tick=0xfffffffffffffff8, 0xcd, {0x0, 0x80000001}, 0x4, 0x2, 0xfffffffffffffffa}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:06:04 executing program 6: perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = memfd_create(&(0x7f0000000140)="6679379bf56eb2d78b461d8a4da98d08fe8eaa88afc65c58a28c0995803b60665c214bd124581e384a7b21", 0x0) r1 = syz_open_dev$sndseq(&(0x7f000011c000)='/dev/snd/seq\x00', 0x0, 0x0) dup2(r1, r0) ioctl$SNDRV_SEQ_IOCTL_QUERY_SUBS(r1, 0xc058534f, &(0x7f00000000c0)) 2018/03/26 13:06:04 executing program 0: r0 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000040)) r1 = syz_open_dev$mouse(&(0x7f00000001c0)='/dev/input/mouse#\x00', 0x6, 0x200000) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x380, 0x6}) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000080)={0x0, 0xfffffffffffffffe}, &(0x7f00000000c0)=0x8) setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f0000000100)={r2, @in6={{0xa, 0x4e21, 0x3, @loopback={0x0, 0x1}, 0x80}}}, 0x84) r3 = perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7fffffffffff, 0x0, 0x0, 0x0, 0x81}, 0x0, 0x0, 0xffffffffffffffff, 0x0) close(r3) 2018/03/26 13:06:04 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x200000, 0x0) ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r1, 0xc0045516, &(0x7f0000000080)=0x6) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) [ 1072.290734] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1072.295705] QAT: Invalid ioctl [ 1072.299502] [25726] 0 25726 11408 2089 65536 0 0 syz-executor1 [ 1072.311469] Memory cgroup out of memory: Kill process 25726 (syz-executor1) score 2105000 or sacrifice child [ 1072.321511] Killed process 25726 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1072.333288] QAT: Invalid ioctl [ 1073.015343] IPVS: ftp: loaded support on port[0] = 21 2018/03/26 13:06:06 executing program 5: r0 = socket$inet_dccp(0x2, 0x6, 0x0) poll(&(0x7f0000000000)=[{r0, 0x200}], 0x1, 0x5) io_setup(0x5, &(0x7f0000000100)=0x0) io_cancel(r1, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2, 0x3, r0, &(0x7f0000000140)="c408284f7ba58cad952e7a8e55541161518f69cae39a6b206de5", 0x1a, 0x10001, 0x0, 0x1, r0}, &(0x7f00000001c0)) signalfd(r0, &(0x7f0000000040)={0x9}, 0x8) socket$packet(0x11, 0x2, 0x300) setsockopt(r0, 0x800000010d, 0x0, &(0x7f0000d14ffc)="02000000", 0x4) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x0, 0x0) ioctl$TCSETS(r2, 0x5402, &(0x7f00000000c0)={0x8000000000000000, 0x0, 0x8, 0x3f, 0x4, 0xf3, 0xee9, 0x5, 0x5, 0xffffffff, 0x8, 0x4}) 2018/03/26 13:06:06 executing program 3: r0 = socket$inet6(0xa, 0x2, 0x0) r1 = dup2(r0, r0) setsockopt$inet_int(r1, 0x0, 0x12, &(0x7f0000000040)=0x7c7c353a, 0x4) bind$inet6(r0, &(0x7f00002f3fe4)={0xa, 0x8000000000004e20, 0x0, @empty, 0x9}, 0xffffffffffffff6c) ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000080)) sendmsg(r0, &(0x7f0000f30fc8)={&(0x7f0000a86000)=@in={0x2, 0x4e20}, 0x10, &(0x7f0000f6bfc0), 0x0, &(0x7f0000f57000)}, 0x0) rt_sigpending(&(0x7f0000000000), 0x8) readv(r0, &(0x7f0000f77ff0)=[{&(0x7f0000f77fa1)=""/95, 0x5f}], 0x1) 2018/03/26 13:06:06 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) r1 = socket$inet(0x2, 0x6, 0x9) getsockopt$inet_sctp6_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000000)={0x0, 0xc4, "993a38280f4144718e49f7c0b197828ee11ff7bbcde4fdbea3d1a645daefecdb3bc42df4ed46b995bc0f6f15b2bd15f62443dbd1bdc4601189819f21df7065710eb86e048b55270ce6b56ed16d8cf97da2da70af4063a1a2cb2ca8329b08f663de7ebc357367f8516b848277fa9ecb70b55d9b0ce6d81e9491f679e6e477d688096ff1c9823303d03a6285250de188cfb11bb8e9bfe1f44b28759a170338f9a92b179e527163b3327905d1bd10c92b1d3e4cc009413f69df1d60e2bfc621fbaec81b38c7"}, &(0x7f0000000100)=0xcc) setsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000140)={r2, 0x120000000000000}, 0x8) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:06:06 executing program 0: r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rtc\x00', 0x20002, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f0000001180)={0x0, @in={{0x2, 0x4e23, @multicast1=0xe0000001}}, 0x0, 0x8001, 0x9, 0x0, 0x82}, &(0x7f0000001240)=0x98) getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffff9c, 0x84, 0xe, &(0x7f0000001280)={0x0, 0x2, 0x9, 0x100000001, 0xb60, 0x20, 0x8001, 0x7ff, {0x0, @in={{0x2, 0x4e22, @multicast2=0xe0000002}}, 0x1c0, 0x10000, 0x3, 0x2, 0xae}}, &(0x7f0000001340)=0xb0) getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f0000001380)={0x0, 0x101, 0x3, 0x3, 0x1000, 0xfffffffffffff18f}, &(0x7f00000013c0)=0x14) sendmmsg$inet_sctp(r0, &(0x7f0000002900)=[{&(0x7f0000000040)=@in6={0xa, 0x4e20, 0x401, @remote={0xfe, 0x80, [], 0xbb}, 0x773}, 0x1c, &(0x7f0000001140)=[{&(0x7f0000000080)="b070587efd", 0x5}, {&(0x7f00000000c0)="ccc829ae121be845010d7084417014f7672696ec6786fd5ec36b7488796682d29f5c699ee4839bd45916094c550c724ece4a28f896fab5b5d3d187770a8e15cc76752d4755ec799a490ca3e4df4c083bd423223283fd41dd70bdb4495c6f72ab8dd5a82df8", 0x65}, {&(0x7f0000000140)="4935ef76108e2070fa0f1adc2118becbb8386420cdd4d4d91e585eb0c8841fea9ffe15a349077b19104ea23baa63c540f5fc4ef3c4e6d0c3b88824b8592b747322c48fcc07f42a826ecdd65edf9eccad291e048a463da3c7618458d72c2d7d05323c5e5dbcab5077e64f99a1692d2dcfb384cbc3ed0daec10abe1d4da56e4433180c3bed6e5ef972f5c90f2330e86f3cf87507efefab8b9da16d8906f553a8f84c2a2af611473d0be4fe2f1553d5ee8ef8d29e28b95a6692209abad42199a52299d6a7db2883f1a605db15cb2dafed7bcc77c12c167797c76e2aa307bd514fbe86874c14f208b5e6306dd8e21a05a1c7951dc5b85e3b7b1f6353132f74e791d65aa90d9be4124781298dc689f0b8922d66f1b63bc200c2ae1d72829f5ca60f41aee3faaa720fd3e75ddacdcc1d7f2d4be90e427dd92a6095600e51eb39e218914a574544e1b877944d0b90c214d108ddb21c0fd22b92174564e52dc13c3a21975be71460849d5854d98baf99776ec8267a65f29f3c856c08df1a0288c83be829e20002d48f31ae38afc55e68038ff8fbfed86d3a9378ae4f7a47728c2300d54090505abba575b091631ea2f542612ac36786ce1712054458b436074b885376731f3495fa3af69a4bdba5e96dacb24357d729ac1ed76e32fc1e520a6a28ac4332785937530d09041d06ce0fb5c4edc081c437f7a593f0111ab2f99686f536ede7c8a38e4aface5073878ae90096fbe5f099c61e95154a95192086f6656e745466867cfb0390cf72117c679b7b35565bc4157f6b71b400249f5dd308152109f9c894f5b1265d26339b6a8431836f3723f601070c8ea1512a232123b4bdbb235a5112a2931f604b0312557ec24edafb06d9cfbf08e235587677ad383b771e975967248f083ca7b89f7d568155aceb8d7bde2530f3c6bb60f566c1d37db79477021ac08da4742ebdfb1d1d50a5512af0aeff5e95daa0f9493d1115bcf6ce23c0675d00c5e48ac3627d2aa74dd77179b5232af8ebf88207e9b7a509f8f38fdcf1e65c6313161b7cd0e028c52e753a5397e83ba8804927fe99a6a68b90d504096de50dacef2d09ecd1fbf618e20eea5ce4c5e6ba67cc48a46061700d415f0a993b1d7fc640a2471807f19af5365223145bf020de48a9117a2797e13b206f58cd8415e24b62945e7a6ae7550c36b6231ac2d18ee65aae1062d94597ef7db4a56b000d7ea00ea3f0a1e8d254b0e8ada5764d51c042c9dd562023fa2084d71e1ff4e93db5bdca697af1083fd4527a0458f74ce24375670de167074d008ba76c8e8e041ec5356b74d57e32f54272519692889c55b537cf60d00746035f024a11e28c4c8709e673f55f3e529e169dc4556e3debe6e1c2f3652010306a5c44a9d69fac62df052afabf88b4b622666a6761f61ed4ece434d14da9932b205a7037ba993b29d8788c023cee9daf2a09c52d86186634314c947a07400f3129af2c202d973dd257e41b4f61073e3fab3c16f7af0bbddd92f5a8725f79b54b030fed00a07bd0578e697a169bb61b7f449db04ad533458d06d9194307274e8b85994ea3bdab5908a9993274a5a8deb24ccc22d97d4aa051f0a644bea3b83b3702f3dba74e1b19cab4d83c3ecc6d26933476871f53537550ae5235283c1e7b16a79da75a902562f0147638278d6b079aa3b884bd2bdbc5b2fa20cd41fa1527a9551766260f51b6e3ee6757cbefc11c0a5858ddc599ebdd932656c8ef552bb8b4c94b4ed93c740596520b70cb2f0cd9afadc0de9a56c22d284005351ec07ae9a91ce33ae81ef56e21efad72d9467c678e483daa1589e489e928360e67a33537dac040c5bbfba9d8cd9131127805caa28c5bd1fd0391a74d60fc4fd014d269f0f6e4b4340a868bfca439f608be8ddc4a9573c83d623bf413b89336eac33d9a50c125cf2e854fdea12a9bb2c8474cf4f949829e7b5d8d198f1eef6401febc49083f22590e81e41786bdd0b7e7e706bcbf2cd2f72a2eca62770aeb9220e6504794bd747096f67820d88b32fab5c986b688626bb4d35d7dabe8337ffad1e737ef444d319335386297dcd2319b2e70329bfefafe05ff13cc869f08a3303134220fe4162bdc30fce48ed51a48e32132694633f7881cc6523234c1e7d9c8727ead971426b039684b28e5c74cee7670aaf33eacdeeb8f35d17aa792c3d6277cd2aa4ec26aed4b88bcf8153111f30faa04c6e187d5f15e041b293994beaf5424779815fa0de8a07bd4a33e092c65274a8f9c871f125c4f1c9501a560e9886ec8566821076befe400f7fb771deb31203926b2da497bcbeafdb49db612d2772f2dcf875b2522f9aebea9f5cbece7030bb46305fb89b47c3951be8da2f419b3792a4660bb07c23bbff8cba99bba067366a8bc9d6bc6d95b24bb6c2abdaedf644b3ebcf0d5410dfcba579008d7b392cdb16f768f16a2911a536cb38303e8cd797659d2296dd300eed9ad4d2fe55154e0e06efda248a3198cb3fc83505ade846d7d0c5d50e55cdb95307756789425d55e12ef00e9b531b8de34f69427ee98c16dbbb76ac01be802f652b64523308a802b2ef36c93c6591ac3cb1121a7d5a85767bbfeff2f7e965121403741902ecfe7ca201f548472c5a8cec73ad196d16749319a450a0986303cf697373b8b6fc64f96fa480ed2cfaf50a99afa89dc856146213f87dc5ce9b50abb91a6f95e7684a40489a732992ae881f4f6b25050422ce937d31f87ccf5f16d68b043d74989462e10bb38b722ab517b8b782133bfbc534e3d5d29e656ed2deca989aa0b4acbe84a912c938ab1e91ec4ac7818e5a998f5a3f6ceaf2bc09856c5eb29d551cb0ac1b984605d608ee899a5f8180778b0a7f03ce600c6bf443706178a23a974a428e5107e22469213d948c88f688df40160c8a4d030f927f02e03634b146d592b03c1c95c9b2cea06be15e608f66682cbc2382eb15c63157c78dc84f7f3c7f6b07deff03a89ee684662761e6ee7936a755216a9af3d9ecdeb999875e2361263b75d1e55bfa1453949b6641ccc2c68b1e31e339d7713ccf25d953a9d9c3256f29f0d965455cc434ebde3bfa768c0adcf32f23533f8290040489437d0216fcb568f596e91108162bb0eec084ebd8546447caa73ce9cd811a0d82a17415f8c701daadda7856e7684dbc19f69f8d7a73e48c15d9e5f79bffc1be6d60c18736a220db19680f8aeaa31b527494cd2fe3ce762f3c0237433aea7be1b96abd564f0e3b0136bae63a28fbd632a0b10613c458fd43153074a5cbcdf376755e74482e6f996ccb5f296563fa6893d92c01db7b8c8f15c13d13b3fb66e5557d9be04bfb54495681c16190e205a055e1f926937f47718508e015d6d47e63e4da23d0b4fe53e0bff9a2775bc9f3d88821d5177aad8cb39524f1f8b11770c055431b95b6e82728be26e9f5fcb6a7f60b8b6b0fd69ad53fec74764fe1054cb72cd5335e1e7a0013efe02daff53187d85b20d3d05985c416227f6a3a02c558b6c423e28ffe5f4c0d2b443f90ac9e4e7e470887ac0db59164ca30b23c9c4f552e0c577a9258a7da09cbe4502a2e821f19645ce57010f25bb724fdd7fb7cbce31feaa18b7b583411430ec3aee332f6b66c96a6d12374d8623a26d66b9ebc0cc75135157f7baebe650daa01a9d9976f0479021861993bd9acca32fc159e965066b67219457ab468c0993fb1ecd559c9d17fd3ef17eb71cc72df43d5859fd1ad4df9f3d64361c8ce1681c40369f807fb4daf918966acd74dcda406cc73ff8a5b6c62db786809c8c1832f63d13187c273d6112c36a17c151d4043e4e1b9c50bb2e80fbd8953ba8f131a3047bb7389f87febd11d54372a3c87b0a769014ac8a3cf2e5681e4b821f3caac0f8c0464c6241718ed523a65af42b4ea5a3f1e7e0711d96d74479ab2616f2324bb5593a607995084410c4851e12e5384cd38ff379facbe9623a2a7d9f7971da7c4bccbd6f8f392e8a3feab367743aca8590da5f088b0c410c3ff481ae72c4bea4ce8014ec276245a837b2ba50ce61292e11383e791759730b2e672e9e8cfedfa77d39b0ba079396bb92b06d6656e72deffc531e920004435b3393eac6e2a7ff784060ebbbfc8dd7380aaa4ec672611cb69a6f4880fc3d5feb414effdaedb46e73a6f55f5d95374c3f04c077a4385455098f0a0e4e58339592b9eb826ed777956a6d5a6534ab711634de1b6afe729c6849f3927c14a6e66e3d0bb4134fc18807870a10b88a69297a7a68866fc32cf807e41248dfd15dda4e77e306dd02c8779dda88129046abdb9df68ffb2aa98fc3463013fdbd3970ce607b1163f96606b3e6764bd569f2cd12496e1447688237d6b33ca441705d9ce5c59bcc7d13b24d68fb9d3ad3d469d270f3257dc86e428accda0a48d9a4ddb01db4256eae5cdfda4c02c6ec573ae162384b0951fcbf2fadb2ba51f75bb86886d6c49566ab6822ea97fb5edb364252c26b6b0dc5a0a5211469cba2e5a719d77cc803ea8961a208b259b1f756b40de2f7ec84f00dc8679397888012a2674f48c29ca3b360981822eac55de805add764ebf64a92d1aa69398a9ea58aa8c5b4624e7f50b5714351878b5405858a2a31fd945ac06755a11fe0c49e6347f3d150b02f1ff0a832ee070c50442afe2126605cf99a3b603a4d1d9f539d7cdb29a3aee102d95b99cf2436d29ac0674aabca355cc16f8b715055d69d2f81be5d076082f42fbff7b28d60ca87bfe296abfcea8ed29f0e749abf73d808dd9b0e9f8e21b446876847389f28ee8434bc178f6382391d72b961c4e9f3cc6fc51398d555e0d134ad4b9a8534ce9c39a0882e051eb5ca48a1b560047f1912dd5cb51d8c393b3fcd5e0378aa01474e18e5d20d9922f9934139c1713a9d44b1716adb87c32f952e243b6af8b2573b67f4917630fe4b522257db59583564cdff6e0a18b45a3c233fd8682e517d26bb704ce18a17e5ea9481b0ef26b85b60bf0ac4e8a70aa0f4d3ab2d3af34602b6557b0c943311093d532fe5e77b5ef568a9923f61a54eba082f75b9908e2df44bbdbbf416e807e9368ed75952180e3ab43923a86e03095bdd28dfdb432fac962664a598263608c86dbfeaeb1daa3a6038fc24f680c6c6a8f4dcbcebacee8557a09c75a07f7b7696b11f685f21245ed733c9d17d487bec2b8d20bbaaecd3347228e35ad323ab89e4abbfd29e47f6baafcc9c51d30f53c4d2468e13662d66502c8293cc5f45585257600ea4123e5228f5726f89d8e4c0dc5573c6d7445eeee7dfe8fa248cbd6ca1741b6977905d867349af166a15a64bc8275904baa82da0efbfe1ccf0ea0606778f917f760143d33b171eccdc84b6ad2dfd8d036bfe79f21041bc02c7bc1d9a9e615501b5a21abee453ca1ee813941545b4718d9bf2828a2fbe8e81cc7d04be8e5367e09360afdb21fe9eb5f74693bb72b0afebf126d9a3ce7f7d06c1aefd748893850f2573360396023745446936897efc9abd6f1a0a0e526c4e3f09743babc5e7ce5439b586e84ec0a4be3bc83efb579f3a60006b397dbe2dfc699b6b3dafc698f6c27d7c19774585c8ff818954e10890442eb3025d3ea84710962410b5a5ffc1bcd561b374a1010f9f5a9baafb54f7e07914542c7a858ac81d60f4be94fc503fd8ade44afdc0b3d0d3b569e99f5642f754ec9e24dbf80ca8184b4f0b9dd450e7dc234c5c5d8da46fd9f3aa4d9f2392b1cbd14cd505bc7e3d5e6ce4c256c44750f72145a5c0eb2dad866e743297a55ecef78326f10d12713b8f32127a8ac413900793e4774cdac0", 0x1000}], 0x3, &(0x7f0000001400)=[@sndrcv={0x30, 0x84, 0x1, {0x2242, 0x76c, 0x0, 0x8, 0xfffffffffffffff8, 0x0, 0x10001, 0x100, r1}}, @sndinfo={0x20, 0x84, 0x2, {0x401, 0x8200, 0x1, 0x3, r3}}, @sndinfo={0x20, 0x84, 0x2, {0x3ff, 0x8204, 0x7ff, 0x101, r4}}, @init={0x18, 0x84, 0x0, {0x1, 0x26624b0d, 0xfffffffffffffff8}}], 0xc0}, {&(0x7f00000014c0)=@in={0x2, 0x4e21, @multicast2=0xe0000002}, 0x10, &(0x7f0000002680)=[{&(0x7f0000001500)="2f61af2f15d35dd3bb300644e844f5696a7f1cd3571e4bd0d06a40c7e6eee1fc0449ebbc26e2c527923ce25e8329a8ddccaeaaa4bda565b37c5075a7470d24f694791f3893f752c6357828cd0f7ff7db90b3e649d4c342c746b02ed6cd313f5a4434bf4824dfff04ed204ea9c94f9c631d48d72e47f7efba9e60e7dc39167d112508014dadf30f0658272c5b1bec00191d9fdd10714862b7fbda35b8dd6e9eba7f1c6a29e924c3de", 0xa8}, {&(0x7f00000015c0)="687ad5045e23636cd8a2fe1bc4be58819e4f4f449cd2f407149c5d10b1f6cf52a1a6d9c4d272f268fb18636446789ecb11949b88e1316d67d693ef7b8429746ca205e58d163bc891e21f9a9ebcaa73950aca17196fbe137c97c2aeb84f0778e4f859ea7dcd4ea050a655f000000b5a", 0x6f}, {&(0x7f0000001640)="38dc8da3c361eda50ee0698f8760027dba52aa027204982d620801a259b4202cb8f43b4273547366a732bffead6c8b534e78f2af813ac515008525f68005bd43d22418937542c0f045b151c98e1ff901077315c4fca90ed816de8de3ba1ace9fb8c353b56a7a6156a173fbd48a38fe13398e7ffb0b3f37c255d2f4ab816e773937ca63f7a4d9f33d9ebc3756cda16872dd793a18150aad363bd681c3a423edfd0c52515351c1dc2de643f815666a6c7cb975c12f44d2d77b8aed366c6f87bf30dee05aecafd386c0cc369597222dcd539e29c5c3d0e794f2bbae86235d6dde8c01644734aeb1b71b5ce24858e3ad18e9fa700994627e836022eadc6a40b46029c0dc1d9788656eb64ae898cb16b30425d7d816a61dfbcf01288762c5b0d95a4a3680a5966f08c7d43f79449b44b9329922950284eebe421c6378fdd875c0031f0cd5769bdee2eaf52ad4e2f9b2b10c022b171981fef45f944764fd229af95fc1e7f65512c84694cafef9a3b576f7fc2d22e16c31811825051446d8ae50daada55a47b27690845f6f564c24bbe1fa964549b6c23e8757bf3c1262feff9c7ed03f3f0eb9955c49c9f65b1bd585b0c57196c75cefb5709a980b75dd33b3b3c65249b6d0f3d3554dd424297efc3dc596b41a4ccbe174094fb1973114994d92fd6385310cc77f42ec52bedbdf7264dbcdd6596106c26a981b895a1a78a607b0644b68393f0cdb896a9320bd329bd33a9256060385ae908af0618719af2f116ae2c498c15fb9471484d162f1a40c8b3a1d7b5f2fc497e05e00eae66ede36ef0edac4fcb03b04c1986a5505cb1cc7045059b85c0a8aa3c43b2e8940e62bd5ed53dc5645deb9badde2eb9a6e74b1f384829c761a1392f8c8176074f7d3009cfc6a9723b5225e24e086f57fcd37d444861bdc2efc1e4df634b155995ff57b43a5c19f3d696a614a3781484705ed632c8d1e967fd7b255d2b53e6b22e0d5e9ff90a07f64295a1b115a2fd1f03a7e70b1bdebb1d98cd836ccfe138c0f29f71d2a7dab3dd0ece4afc3854dfd8d4f53686b67effb6f40fe6c24dc89f0238d955ca31788c9cbe3abb259142c7549709e138d0c711de105defa6f51ae60e61d0df49f0b5af9c234e75e715e6311b02dbeaf46523f373662c28623892fa9768d1178c76af918a97dc376f84692161b46c8b736199d27c4be6dbad067401ccb78efa88608b9b183793828222b2aaae4d3287ef6eba058022e1df45fd8d9b2edc2f5d777a45edce7ad9ab92867d0de35b370189be1b69c30464a24e2129ec812e24535acba461ffb3ad294e9d4179c4bc433d775f557cda1698183e3482ce0dc8f69ea86c6877d5867cd07689bfbd33621d9789e75879cad860bc74c937355d60580571f0298995734d38bac5c8372fc66751bd90b7742831aa2a6ee4adc0d399fb1526707e5bf3aaf4fb701812653e67ea96be253dcf96092409b68caaec581be4dd1c640d2c46797d5d1cec49f82850f9c093165a20f130e00c8d27bae14a8e24257fcd950a2bc676e890565768167526d83dda337cf710b8385e191611c7035bf6ebee67ee98ffdfe7a9659d1d33c88aa8b7bc09a0fb886fee7b9ac1c8b32fe83589061ce65f0c38ed73b745caa15df660162b1c2d93c1671329a8767bac4a391a608aabb7a99e1824ee67b7df4cddeff0d39fd14ff7b06c475592503a0dc31ef08c5c8d2ae1380223b61c634c64e51405d6f0963fe976bfac6cf7ffc6fcb0a217675090cab52cfe530a7d289f2230ed9c5dd3bdec6967582cabf5db21dd2f1e1b9c19baab5abed7cedde6f9324132703dde0869e6596ec04216d40ec4834bb67a8fb82d34123baad51f5979c9fff002eff8fb1f2ac503fcda2d0e251afab7c2dc687dca273fbf8bec34d1f783b64fc4aadbeebd5bfe2bbd393668f569a0ffdaf109a656c03b31dbedd990d07aa8c0e494c7b300460ee6ef86dcb44bab8f14a7d4a96d6b95d449fe470461dbdcdb9f0adc9aacf9804c7b34ab1616b1dd33826572e6b5cc96c57ff8d69782c9d83008c5bc8c0a5d18039069b52b62698496cbc868515f3ae9779b42ee6a184d0e87405afe6f46520d5dc307482143a7821894428b702cde54aab3225222da05d31233b22bd572ca53df19cf4c843469a9bd56843867f245ada01680a6c9fd6f9fde206c957af18694c1e2d715f350a506fb37d1289a46704f6cd64f46cbd6913226a0e34061d831f80c82f82fae568ed72a47f574e02274b4ae123ca7afe54554d15219807d1ff1e258d9e9fac0e2a2db2db164fb2b5a3aa0f6f3273d4148ce23d18b8689164775fcc96f3b826a748d28869dae00f8d4df56bf7c43fc7316bc73fc88d53aeaf39e6cd6c4568b6ebf53266affc48a9a3fa72556b363c5017d7ec8425a6aa34d1a32c3b77da856efbda480eb9bffb1aaf3f8e617d378031ac88fad5d117480246b003661e779ce793be1002e6f75d4047c3ca11986a08b0f670e58e00f0458b69c5a722611c65bfaa945a22d5b5e22b6712a73f1e73ebda43c13b687ad4767d839424d6e0c6de6391a277d62ed20e8e1f81c67ccc4168d22669d19ec1f3da829207659c62c72ac4ebb9d9de2c8b84aa0f2a2e7150ad5f29cc6e5b10817e443589e0eee1bf64ed8ad8b071273ff7db59a27cb4ca13098b7d1ca14e40dadef42f38540941fc7354e01400d517f98060631438b983874445aebe43e7d18897da6fc17ffa45abc5660fa9821a73bbf554db8b52ace1c52a09b6d664309663faaa079579ba55103fc9a3df6d71fb81d4b644993da6df5836b71f7c0385d41d020c764ab39f7dcf76a54c766640eb1f4f62ded8000d470602e8e304518bc9f393c10810e0c792c4e31c691b13431db4581eb1e73231fe21ee86ddeb48185bae307da3d13993e146bac6a101db0aa825005a8c70312c9d8b0fad80e7628aebdbdeb803f44056a2ad40c37c0c9f8b5ae2e9abdd4f785110ce87ea586449eafc1a4f49dbd7b567200e4475a370670a3179c404c45ae3baef4acad08d60d1ae532d084e8a710bc8d3f78469c1886c1102bdec6898963d4ad6a6f0e0114928233f252d877ee734b981b2093e2a17abb68c51e0e6dc960cc9db69753f6463fed02f9554fc26daaa78398064d717e004160cacb2ac60ab40882a878413de30c2aa8ab4ea661bbcf8093cd2115c5f674e8beeaffd1199c43f1f97410f3dd6b73da5087973fe1217bfcd798d6eb9d3d836b83bc63c3d6503823533c901333340089869c35e8cef55146ea9d9a75d81b83456d11baa4a2ce2609b1119c6eb7229fbb0dcc06d02a03c74984a1527f6403ff76571e3381e00c6bf51ef0db5f1b9edf12d8c4b287414a2f69ab22c344794edbe6bbfb1fd7bb1ee7ef58693fa1fb964acd08405f04287597fba9bb5292d622fd8a8dc253c976e0c3888941460568f2a590bd2f6986efb9ffcd9ad9dd1b5ccca220750cba9d897a915a6092f12330b9972bc370a961670bd84ed894057ff1715d5260f2670ad9fa28f758b430ce2f4b92f44f0eaa1e1e5b4b481849ddb6428df05d9a30b144d7a53757c918017bf1aa34f201486896cd218bf85ca5ca71fe759d1b161fecd4e8a65c4a193a496248f3809cd1b357043d3debed8467293a412a1b2031a3e7aa3262dfcf3c6df90c6d9843e0974d3272195df81dd6b87be1362d86ae6d02b234cdba04abb9e4dfe0afb92cac15805a5412fe18e5116d2291e0dcd310fe1e469da5c47d4f5bca1b21232dc051a1af02ea04cea815f3b40599b20956e54f585607cb3b9851d45aa63a915c4bac483bade408bae62da35d5d8dd632eb6b4eebca176be74f10ca83587291916b51f22a01585b04c1035b44da4b5a372a3a336fc0e5a71547874375310e460e9c329541875fb1fab6b636d10adcd6a60cb3202dd53397822ff8a28757eecae510345ffd1939334af0cf72e9abf42d6c659db71f56d6503dee29bee409c0c83e6290146b5faf32934ddfe21f87cad05934e157acee2d1ee1366e85fca8671d4d54c3db804a4965f1e3738c6d83cf02e28102db871e5c1e5d5fe181e7ac595cb9f7e7260432935649a6ec4490c06d1e3324a058895420a44b216c11b17065c5f15659ad34070592f70b57ece63fe34ca6733d635c53a5b82ac869278022bcbc51b464a15638800b92752d0326ca1a3e80d292ca7bbd9df074a0052e7eac792cb555b42ff1631b618b50fa438dc7c1b16d88275d11f1bc6732e4296c9ae6d5d1a504228a9263e96b3f00e132a618173143891a04f91afe30757330078ce673cf8c46c9e289b4c4ed974fcac28f92a4ab7d1585311a9aa2a3c4a55162641cdcadb498391e6070cdd2388cc6bdb4640b422580d3928b7639a96b8aa69412dda706734d83f001bafc785a295eb863a2faf51daaef049cd521fe9d59bc8b9de9857947d4825b341deb7d9a55ac975c699adee9d51e0702d91b39a283b0269df319609ecff663bf9d816e9028a5d34aebc18fe121980d94ee396862b647c5e5f2ad8b80970a7a95ce6d03a048af11a37158da43002167638af64a103e3f01d30779c36b3cf82314cfd09c0959c16241109d45ffc643d2769f08efeedaacb46ebeeaef81bf39c6500c068b1f58e7dd6224a8df389a438ad09a3f150390d53be8d0b9637cefd145b2ed23b92693268d650abca6bae785a5aca110ac3cb80a4e1af2244616df07af3262e5a774d800964caf7713c7eecb98ef5627d319bfc04beeb2aa09ee68262529db28345021c177aeefa45d13267db1d535528ea842dbd610427de005420aec2dc6087cff6ccca6279206e1eed59ba1a21a7e196bc40490911d31c93189e97966b21bae878265dfae58c362958017a341dcac72950ebe928ba2091ee4b4fd1847ee443b5be642a559a4f5800c93628188f1dcca5391da86bdfcce02d23a26259a06d14fe10c82cfd24025acf81b95718735741bbd757b72e2a6e68e9c597387d98c220feb36b782f441fb9152bf12862a05b43143788077f02ee10a839d3b99b36095c19a20940c05f31f3a461faa4d0340dd98692bb1a539de37720c6f178718c802abfd26fb9805dcb381de3e2c19a0feda289b9e349b8d12812c17fa795e0cc8c166d3faf27653f5e3ed93087d1f30281b9db780394e5e12bf20a3dd08f7769a22f9ce63155b78c4fdfaf58a732576c069cd1240df30b3043fcb8a17f3fc227feca6a63271b8f49c6f675a052c74ff906b87392e2688ad456f46b02980295e4e44f6abf3b71245869716b9d3b999ed79ece1950861e09edf1e3d648eeea69f746f7710003926f058dbb7e7e041390eb53083c3a12310b2eba0c47cfe7f450f089404446358b66ea436c7a02467086612e494b6330cad85a1dd8c285d29b85487096479e29a23e95909340ab4f4af24b9aab60fc93277138fb67a773e42cf1cd3dcd6f22a9e02b5c714373840418e1611a7e186a9eb5a56f0cc354108048c15a779e971736ba6b035e1b9b66b7559f83bedc507b936db470d6960dd645e2ffc63d13230de1d9e591ac96a182982b59897465fa1d8b1205d9d1b04ca0d39b5985c77dea512e71bd03a2807ba45b0d3525a42f666767e606baea64dcf702a465017d4bba8faa5c57851a2727d2deb655eb0ccfd4987d9c754c366ac58c4bfd75fe5e6dc5e61ae8972a5c0fd12f03090b11d9ddb4b1490da4432220d31c169a7fb1a53c8163970c169864e46549491b111ab8b3902f2f5d46867b31b7cad3cbef6aa4e407af8e856428b21da2f9aeeb2aa21516d0654794820b76", 0x1000}, {&(0x7f0000002640)}], 0x4, 0x0, 0x0, 0x800}, {&(0x7f00000026c0)=@in6={0xa, 0x4e24, 0x1, @dev={0xfe, 0x80, [], 0xc}, 0x17}, 0x1c, &(0x7f00000028c0)=[{&(0x7f0000002700)="81b1a481193284e3cefac52822ee4639e2e91d9d8cd61f1eb6bd5a1307556f20538ba9e0d77f59bb53cce5647af8087b15160ca0c3a6df283476c808cc5d93fb09b7dab3343869d70c70d012ee942f626dab46275036cd9be742e61563ff223a3bdac13b126f158ecd2665f8c49464c9f6a6e6bb58c3bd238f3e82782465f7615520f81aa8b505ed3429c52be5c26dbea26a7c9b3091d2d92619da2614b1516fc53009dc4341dbccd9566b3997c126e36594856a19cf64cb22e16c8cd0", 0xbd}, {&(0x7f00000027c0)="4bdf00f66a2273cca054b5aff7e7cff36372a28d38be358ecd9773560c886690e317e2719a8616d3f8b79a0fc6f43dbbf69e943e689cd3cd5933bf0580da9ad0551bed2989533fd95240c14f07405d4f7b43e2dfeecd7c634ebb28179deba8c1e2be2a59b3e52bffc25d4b4eed53b3a4b9129f255440d312812c8bc84c0ceedc346de354da0fe64fc05491e80b7b5161acdc6bd158cc9fd61f7c7b7c9467ff147724c822e4bf686d8806eaa102b0cab777dabf999d8b8d0283423efcfc069bd946c9bce3fadf66a5970821ea191aa7fd23bbde945e15c64018f30efa7677869608172832fa8582bf43972abb5aa1b90c5fa4ead53942aaa9c2d39341cf16", 0xfe}], 0x2, 0x0, 0x0, 0x40000}], 0x3, 0x4000) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r0, 0x84, 0x65, &(0x7f00000029c0)=[@in6={0xa, 0x4e22, 0xc000000000000, @remote={0xfe, 0x80, [], 0xbb}, 0x9}, @in6={0xa, 0x4e20, 0xff, @mcast2={0xff, 0x2, [], 0x1}, 0x100000000}, @in={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x19}}, @in={0x2, 0x4e20, @remote={0xac, 0x14, 0x14, 0xbb}}, @in6={0xa, 0x4e21, 0x1f, @remote={0xfe, 0x80, [], 0xbb}, 0x6}, @in6={0xa, 0x4e24, 0x0, @ipv4={[], [0xff, 0xff]}, 0x2}], 0x90) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000002a80)={r4, 0x4}, &(0x7f0000002ac0)=0xc) r5 = request_key(&(0x7f0000002b00)='.dead\x00', &(0x7f0000002b40)={0x73, 0x79, 0x7a, 0x3}, &(0x7f0000002b80)="e32c00", 0xfffffffffffffffe) keyctl$update(0x2, r5, &(0x7f0000002bc0)="38f6614165aebadf87234661fda9571feb0b0283a0711de549564f27a277f40f16ef5dd55ca7a0be8ed90ed129b776ada207da9592c9967e9d4c88c321e80aa7e804b35d4f8331531da6867d3f1f5ac4f4483a6526e8a8583876e8398b05647a58bb702f226a95e2cc09ffa62020faab041ad499e5b57b44a82592dcccd2dc2a32bc5c560c318ccf7d77903fe8e3172f272fcbf805fe902a053937073453f2c0f4b9eafcba524a4ecb8dbbdc58", 0xad) setsockopt$inet_sctp_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000002c80)={r3, 0xfffffffffffffff9}, 0x8) setsockopt$SO_VM_SOCKETS_BUFFER_MAX_SIZE(r0, 0x28, 0x2, &(0x7f0000002cc0)=0x9, 0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000002d40)={r3, 0x20, &(0x7f0000002d00)=[@in={0x2, 0x4e23, @local={0xac, 0x14, 0x14, 0xaa}}, @in={0x2, 0x4e20, @local={0xac, 0x14, 0x14, 0xaa}}]}, &(0x7f0000002d80)=0x10) ioctl$void(r0, 0xc0045c77) getsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000002dc0), &(0x7f0000002e00)=0x4) getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000002e40), &(0x7f0000002e80)=0x4) ioctl$ASHMEM_GET_PIN_STATUS(r0, 0x7709, 0x0) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000002ec0)={r2, 0x81}, &(0x7f0000002f00)=0x8) ioctl$sock_SIOCBRDELBR(r0, 0x89a1, &(0x7f0000002f40)) setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r0, 0x84, 0x15, &(0x7f0000002f80)={0x61}, 0x1) r6 = syz_open_dev$evdev(&(0x7f0000002fc0)='/dev/input/event#\x00', 0x2, 0x80400) ioctl$sock_netrom_SIOCGSTAMP(r0, 0x8906, &(0x7f0000003000)) ioctl$sock_bt_hidp_HIDPCONNADD(r0, 0x400448c8, &(0x7f0000003100)={r6, r0, 0x8, 0x3, &(0x7f0000003040)="dc24912880efe9123bce08d303b275abdb7ab5e53592a13dc02178542902d03a7ad52aeabf3ac7f8cebff869f7fa7bbc5c9b338c524458733249e48e5092b44c1314a14b9a8a9c248ecb19a03148a939ecd9cc79d74ae3b68a3d20fccddffbc30fee36b6710c9694990f8df823df8241503b64d9627b986aa34814bef2e3ea4afbaf642b6fcd1b056bb6974ace4affe637df24ea85c9c69eb6a4b01b5dc59a", 0x800, 0x1, 0x9, 0x7f, 0x3, 0x0, 0x63, "9df19c58612b78954c4de64d30a2f4881d4a7d70a9e5e84841d3331601aba91c1eab1839c6ff30434e174bd2c23af12c18bbb600609779aeea11b75c6da3db352114804d3285fdee72c222858fd1d70fd51d3d51a8452098be012ba2585c2aa1b72d1df7d5fcc9c15f1488a653a136e86affa955"}) getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000031c0)={r4, 0xfffffffffffffff9, 0x20, 0x5, 0xfffffffffffffff9}, &(0x7f0000003200)=0x18) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000003280)={r4, 0x3c, &(0x7f0000003240)=[@in6={0xa, 0x4e23, 0x0, @mcast2={0xff, 0x2, [], 0x1}, 0x3}, @in={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xd}}, @in={0x2, 0x4e24, @loopback=0x7f000001}]}, &(0x7f00000032c0)=0x10) getsockopt$ARPT_SO_GET_INFO(r0, 0x0, 0x60, &(0x7f0000003300)={'filter\x00'}, &(0x7f0000003380)=0x44) setsockopt$inet_group_source_req(r0, 0x0, 0x2f, &(0x7f00000033c0)={0x5, {{0x2, 0x4e22, @rand_addr=0x2}}, {{0x2, 0x4e22, @multicast1=0xe0000001}}}, 0x108) getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f0000003500)={r4, 0x2, 0x0, 0xe6a5, 0x9}, &(0x7f0000003540)=0x18) accept4$ipx(r0, &(0x7f0000003580), &(0x7f00000035c0)=0x10, 0x80800) ioctl$KIOCSOUND(r0, 0x4b2f, 0x5) lremovexattr(&(0x7f0000003600)='./file0\x00', &(0x7f0000003640)=@random={'system.'}) 2018/03/26 13:06:06 executing program 1: r0 = signalfd4(0xffffffffffffffff, &(0x7f0000fe9000), 0x8, 0x0) msgget$private(0x0, 0x18) semget(0x3, 0x3, 0x212) readv(r0, &(0x7f00000003c0)=[{&(0x7f0000000180)=""/233, 0xe9}], 0x1) unshare(0x400) signalfd4(r0, &(0x7f0000a9bff8), 0x8, 0x0) 2018/03/26 13:06:06 executing program 4: r0 = socket$inet6(0xa, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000bf6000)=0x177, 0x4) sendto$inet6(r0, &(0x7f0000e13f4e), 0x0, 0x0, &(0x7f000020d000)={0xa, 0x4e20}, 0x1c) r1 = open(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) perf_event_open(&(0x7f0000348f88)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) setsockopt$l2tp_PPPOL2TP_SO_LNSMODE(r1, 0x111, 0x4, 0x0, 0x4) recvmmsg(r0, &(0x7f0000002ac0)=[{{&(0x7f0000001780)=@pppol2tpv3={0x0, 0x0, {0x0, 0xffffffffffffffff, {0x0, 0x0, @multicast1}}}, 0x80, &(0x7f00000029c0), 0x0, &(0x7f0000002a00)=""/138, 0x8a}}], 0x1, 0x2041, 0x0) ioctl$UFFDIO_UNREGISTER(r1, 0x8010aa01, &(0x7f0000000080)={&(0x7f0000ffd000/0x1000)=nil, 0x1000}) 2018/03/26 13:06:06 executing program 6: r0 = socket(0x40000000015, 0x5, 0x0) setsockopt(r0, 0x114, 0x3, &(0x7f0000000080), 0x0) setsockopt$ipx_IPX_TYPE(r0, 0x100, 0x1, &(0x7f0000000000)=0x4, 0x4) 2018/03/26 13:06:06 executing program 2: syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x305a, 0x80) r0 = syz_open_procfs(0x0, &(0x7f0000000080)="6e6574126970365f6d725f76696600") setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r0, 0x111, 0x3, 0x0, 0x4) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x8000, &(0x7f0000a1a000), 0x0, 0x0) [ 1074.098294] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1074.109537] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1074.114726] CPU: 1 PID: 25764 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1074.122078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1074.131411] Call Trace: [ 1074.133977] dump_stack+0x194/0x24d [ 1074.137585] ? arch_local_irq_restore+0x53/0x53 [ 1074.142236] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1074.147411] dump_header+0x28c/0xe2b [ 1074.151109] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1074.156278] ? arch_local_irq_restore+0x53/0x53 [ 1074.160929] ? __lock_acquire+0x664/0x3e00 [ 1074.165139] ? print_irqtrace_events+0x270/0x270 [ 1074.169870] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1074.174963] ? trace_hardirqs_off+0x10/0x10 [ 1074.179257] ? __lock_acquire+0x664/0x3e00 [ 1074.183468] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1074.188639] ? __lock_acquire+0x664/0x3e00 [ 1074.192849] ? task_will_free_mem+0x252/0xaa0 [ 1074.197325] ? print_irqtrace_events+0x270/0x270 [ 1074.202066] ? ___ratelimit+0x30d/0x630 [ 1074.206023] ? lock_downgrade+0x980/0x980 [ 1074.210152] ? lock_release+0xa40/0xa40 [ 1074.214108] ? mark_held_locks+0xaf/0x100 [ 1074.218232] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1074.223312] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1074.228312] ? trace_hardirqs_on+0xd/0x10 [ 1074.232439] ? ___ratelimit+0x95/0x630 [ 1074.236306] ? idr_get_free+0xfd0/0xfd0 [ 1074.240258] ? find_held_lock+0x35/0x1d0 [ 1074.244308] oom_kill_process+0x8b9/0x1640 [ 1074.248521] ? lock_downgrade+0x980/0x980 [ 1074.252650] ? __lock_is_held+0xb6/0x140 [ 1074.256691] ? oom_evaluate_task+0x480/0x480 [ 1074.261090] ? rcu_read_unlock+0x35/0x70 [ 1074.265128] ? mem_cgroup_iter+0x363/0xbd0 [ 1074.269338] ? lock_downgrade+0x980/0x980 [ 1074.273467] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1074.278202] ? mark_held_locks+0xaf/0x100 [ 1074.282327] ? _raw_spin_unlock_irq+0x27/0x70 [ 1074.286805] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1074.291797] ? trace_hardirqs_on+0xd/0x10 [ 1074.295919] ? _raw_spin_unlock_irq+0x27/0x70 [ 1074.300388] ? css_task_iter_end+0x280/0x430 [ 1074.304772] ? _raw_spin_unlock_irq+0x27/0x70 [ 1074.309242] ? cgroup_procs_next+0x70/0x70 [ 1074.313453] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1074.318446] ? trace_hardirqs_on+0xd/0x10 [ 1074.322569] ? _raw_spin_unlock_irq+0x27/0x70 [ 1074.327041] ? oom_badness+0x980/0x980 [ 1074.330903] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1074.335637] ? mem_cgroup_iter_break+0x30/0x30 [ 1074.340210] ? finish_wait+0x268/0x490 [ 1074.344075] ? lock_downgrade+0x980/0x980 [ 1074.348204] out_of_memory+0x86d/0x1220 [ 1074.352170] ? oom_killer_disable+0x310/0x310 [ 1074.356637] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1074.361719] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1074.366718] ? trace_hardirqs_on+0xd/0x10 [ 1074.370854] mem_cgroup_out_of_memory+0x159/0x200 [ 1074.375673] ? swap_max_write+0x110/0x110 [ 1074.379796] ? do_raw_spin_trylock+0x190/0x190 [ 1074.384363] ? _raw_spin_unlock+0x22/0x30 [ 1074.388492] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1074.393488] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1074.398922] ? find_held_lock+0x35/0x1d0 [ 1074.402964] ? memcg_event_wake+0x420/0x420 [ 1074.407263] ? __do_page_fault+0x5f7/0xc90 [ 1074.411475] ? lock_downgrade+0x980/0x980 [ 1074.415605] pagefault_out_of_memory+0xbd/0x152 [ 1074.420250] ? out_of_memory+0x1220/0x1220 [ 1074.424458] ? handle_mm_fault+0x465/0xb10 [ 1074.428676] ? __handle_mm_fault+0x38c0/0x38c0 [ 1074.433232] ? vmacache_find+0x5f/0x280 [ 1074.437179] ? vmacache_update+0xfe/0x130 [ 1074.441307] mm_fault_error+0xd6/0x2c0 [ 1074.445173] __do_page_fault+0xb4d/0xc90 [ 1074.449221] ? mm_fault_error+0x2c0/0x2c0 [ 1074.453349] ? kernel_write+0x120/0x120 [ 1074.457301] ? do_syscall_64+0xb7/0x940 [ 1074.461256] do_page_fault+0xee/0x730 [ 1074.465037] ? __do_page_fault+0xc90/0xc90 [ 1074.469247] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1074.473981] ? syscall_return_slowpath+0x550/0x550 [ 1074.478895] ? syscall_return_slowpath+0x2ac/0x550 [ 1074.483803] ? prepare_exit_to_usermode+0x350/0x350 [ 1074.488794] ? retint_user+0x18/0x18 [ 1074.492485] ? page_fault+0x2f/0x50 [ 1074.496093] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1074.500913] ? page_fault+0x2f/0x50 [ 1074.504516] page_fault+0x45/0x50 [ 1074.507941] RIP: 0033:0x409b83 [ 1074.511104] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1074.516440] RAX: 0000001b9bc20000 RBX: 0000000000001295 RCX: 000000000040e950 [ 1074.523684] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1074.530928] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1074.538172] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1074.545416] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1074.552960] Task in /syz1 killed as a result of limit of /syz1 [ 1074.559044] memory: usage 0kB, limit 0kB, failcnt 4300 [ 1074.565528] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1074.572336] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1074.578553] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:06:06 executing program 6: perf_event_open(&(0x7f000001d000)={0x2, 0x78, 0xe2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = creat(&(0x7f0000000040)='./file0\x00', 0x26) r1 = syz_open_procfs(0x0, &(0x7f0000973fee)='net/igmp6\x00') syz_open_dev$urandom(&(0x7f0000000080)='/dev/urandom\x00', 0x0, 0x200080) setsockopt$inet_dccp_int(r1, 0x21, 0x10, &(0x7f00000000c0)=0xe7, 0x4) sendfile(r0, r1, &(0x7f0000023000)=0x800, 0x26a950b) 2018/03/26 13:06:06 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r0, 0x40505331, &(0x7f0000000000)={{0x8, 0x38}, {0x6, 0x100000001}, 0x7, 0x6, 0xbc28}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) 2018/03/26 13:06:06 executing program 0: perf_event_open(&(0x7f000025c000)={0x2, 0x78, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000001000)='/dev/autofs\x00', 0x0, 0x0) ioctl(r0, 0x8000000000009371, &(0x7f0000006f80)="010000000000000018") ioctl$KVM_UNREGISTER_COALESCED_MMIO(r0, 0x4010ae68, &(0x7f0000000040)={0x6000, 0x10000}) [ 1074.598044] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1074.606847] [25764] 0 25764 11408 2089 65536 0 0 syz-executor1 [ 1074.615849] Memory cgroup out of memory: Kill process 25764 (syz-executor1) score 2105000 or sacrifice child [ 1074.626044] Killed process 25764 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB 2018/03/26 13:06:06 executing program 3: r0 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000080)=[@in6={0xa, 0x0, 0x0, @dev={0xfe, 0x80}, 0x5}], 0x1c) perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f000095cffe)={r1}, &(0x7f0000000000)=0x8) r2 = memfd_create(&(0x7f0000000040)="63707573657473656c662d022b657468315e211400", 0x0) ioctl$KVM_SET_FPU(r2, 0x41a0ae8d, &(0x7f0000000100)={[], 0x8, 0x8, 0x10000000000, 0x0, 0xffffffffffffff80, 0x1000, 0x2, [], 0xfff}) r3 = syz_open_dev$random(&(0x7f00000000c0)='/dev/random\x00', 0x0, 0xa00) fchmod(r3, 0x41) 2018/03/26 13:06:06 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'bond0\x00', 0x0}) r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x101200, 0x0) faccessat(r2, &(0x7f0000000140)='./file0\x00', 0x0, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={&(0x7f00000000c0)={0x10}, 0xc, &(0x7f0000000040)={&(0x7f0000000080)=@setlink={0x2c, 0x13, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_ADDRESS={0xc, 0x1}]}, 0x2c}, 0x1}, 0x0) r3 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x7, 0x101081) ioctl$ASHMEM_PURGE_ALL_CACHES(r3, 0x770a, 0x0) 2018/03/26 13:06:06 executing program 1: r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x2, 0x80000) ioctl$EVIOCGABS20(r0, 0x80184560, &(0x7f0000000040)=""/3) getsockopt$EBT_SO_GET_ENTRIES(r0, 0x0, 0x81, &(0x7f00000001c0)={'broute\x00', 0x0, 0x4, 0x44, [], 0x3, &(0x7f0000000100)=[{}, {}, {}], &(0x7f0000000140)=""/68}, &(0x7f0000000240)=0x78) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000f56000)={0x0, 0x0, &(0x7f0000f84ff0)={&(0x7f0000000080)=ANY=[@ANYBLOB="020504070a00000003000000ffffffff030006000000000002004e20e00000010000000000000000020001000000000000000000000000000000120003000200000000000700000000006c00080100000004000000000000fe800000000000000000000000000013fe80000000000000000000000800000a"], 0xfffffffffffffe3c}, 0x1}, 0x0) 2018/03/26 13:06:06 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'syzkaller0\x00', 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0xb, 0x6, &(0x7f0000000000)=@raw=[@ldst={0x0, 0x1, 0x2, 0xb, 0xf, 0xfffffff0}, @ldst={0x3, 0x0, 0xd5021594cd450b, 0x5, 0xa, 0x0, 0xfffffffffffffff1}, @exit={0x95}], &(0x7f0000000040)='syzkaller\x00', 0x1, 0xd1, &(0x7f0000000080)=""/209, 0x41000, 0x1, [], r1}, 0x48) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) clock_gettime(0x0, &(0x7f0000000240)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000280)={0x4, @time={r2, r3+10000000}, 0xffffffff, {0xff, 0xfffffffffffff0de}, 0x5, 0x1, 0x1}) 2018/03/26 13:06:06 executing program 4: r0 = socket$inet_tcp(0x2, 0x1, 0x0) bind$inet(r0, &(0x7f0000b9bff0)={0x2, 0x4e21, @multicast1=0xe0000001}, 0x10) sendto$inet(r0, &(0x7f0000fa0fff), 0xffffffffffffffbb, 0x20020003, &(0x7f0000385ff0)={0x2, 0x4e21, @loopback=0x7f000001}, 0x10) setsockopt$sock_int(r0, 0x1, 0x2000000000000008, &(0x7f0000367000), 0x4) sendto$inet(r0, &(0x7f0000000000)="e9", 0x1, 0x8805, &(0x7f00000002c0)={0x2, 0x4e20, @multicast2=0xe0000002}, 0x10) writev(r0, &(0x7f0000fdbfe0)=[{&(0x7f0000000100)="89", 0x1}], 0x1) r1 = syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x81, 0x0) ioctl$PERF_EVENT_IOC_REFRESH(r1, 0x2402, 0x1000) lstat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0}) stat(&(0x7f0000000400)='./file0\x00', &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_mount(&(0x7f0000000300)='./file0\x00', 0xa002, r2, r3, 0xfffffffffffffe01, 0x0) syz_open_dev$sndseq(&(0x7f0000000280)='/dev/snd/seq\x00', 0x0, 0x8202) getsockopt$packet_buf(r1, 0x107, 0x16, &(0x7f00000004c0)=""/221, &(0x7f00000005c0)=0xdd) r4 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x6, 0x101080) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffff9c, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x4}, &(0x7f0000000140)=0x8) getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r4, 0x84, 0x6, &(0x7f0000000180)={r5, @in={{0x2, 0x4e20, @multicast1=0xe0000001}}}, &(0x7f0000000240)=0x84) 2018/03/26 13:06:07 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') mincore(&(0x7f000085a000/0x2000)=nil, 0x2000, &(0x7f00000000c0)=""/217) sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) 2018/03/26 13:06:07 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x48000, 0x0) ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000140)={0x9, 0x0, 0x4b2, 0x2, 0xff, 0x7ff, 0x2f11, 0x7fff, 0x8, 0x3ff}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) r2 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x2200, 0x0) setsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000180)=0x2, 0x2) ioctl$TIOCMSET(r2, 0x5418, &(0x7f0000000080)=0x1) syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x1) write$cgroup_subtree(r1, &(0x7f00000001c0)={[{0x2d, 'pids', 0x20}, {0x2b, 'io', 0x20}, {0x0, 'cpu', 0x20}]}, 0xf) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) ioctl$sock_SIOCGPGRP(r2, 0x8904, &(0x7f00000000c0)=0x0) prctl$setptracer(0x59616d61, r3) [ 1074.962861] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1074.973883] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1074.979063] CPU: 0 PID: 25784 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1074.986413] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1074.995763] Call Trace: [ 1074.998351] dump_stack+0x194/0x24d [ 1075.001986] ? arch_local_irq_restore+0x53/0x53 [ 1075.006650] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1075.011830] dump_header+0x28c/0xe2b [ 1075.015530] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1075.020700] ? arch_local_irq_restore+0x53/0x53 [ 1075.025358] ? perf_trace_lock+0xd6/0x900 [ 1075.029484] ? __lock_acquire+0x664/0x3e00 [ 1075.033698] ? trace_event_raw_event_lock+0x340/0x340 [ 1075.038873] ? perf_trace_lock+0xd6/0x900 [ 1075.043002] ? trace_hardirqs_off+0x10/0x10 [ 1075.047301] ? perf_trace_lock+0xd6/0x900 [ 1075.051428] ? trace_event_raw_event_lock+0x340/0x340 [ 1075.056601] ? __lock_acquire+0x664/0x3e00 [ 1075.060811] ? task_will_free_mem+0x252/0xaa0 [ 1075.065290] ? print_irqtrace_events+0x270/0x270 [ 1075.070038] ? ___ratelimit+0x30d/0x630 [ 1075.073999] ? lock_downgrade+0x980/0x980 [ 1075.078133] ? lock_release+0xa40/0xa40 [ 1075.082091] ? mark_held_locks+0xaf/0x100 [ 1075.086216] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1075.091295] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1075.096287] ? trace_hardirqs_on+0xd/0x10 [ 1075.100415] ? ___ratelimit+0x95/0x630 [ 1075.104279] ? idr_get_free+0xfd0/0xfd0 [ 1075.108228] ? find_held_lock+0x35/0x1d0 [ 1075.112286] oom_kill_process+0x8b9/0x1640 [ 1075.116495] ? lock_downgrade+0x980/0x980 [ 1075.120623] ? __lock_is_held+0xb6/0x140 [ 1075.124666] ? oom_evaluate_task+0x480/0x480 [ 1075.129063] ? rcu_read_unlock+0x35/0x70 [ 1075.133101] ? mem_cgroup_iter+0x363/0xbd0 [ 1075.137313] ? lock_downgrade+0x980/0x980 [ 1075.141444] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1075.146182] ? mark_held_locks+0xaf/0x100 [ 1075.150306] ? _raw_spin_unlock_irq+0x27/0x70 [ 1075.154951] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1075.159947] ? trace_hardirqs_on+0xd/0x10 [ 1075.164073] ? _raw_spin_unlock_irq+0x27/0x70 [ 1075.168547] ? css_task_iter_end+0x280/0x430 [ 1075.172938] ? _raw_spin_unlock_irq+0x27/0x70 [ 1075.177408] ? cgroup_procs_next+0x70/0x70 [ 1075.182210] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1075.187204] ? trace_hardirqs_on+0xd/0x10 [ 1075.191327] ? _raw_spin_unlock_irq+0x27/0x70 [ 1075.195798] ? oom_badness+0x980/0x980 [ 1075.199661] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1075.204394] ? mem_cgroup_iter_break+0x30/0x30 [ 1075.208970] ? finish_wait+0x268/0x490 [ 1075.212834] ? lock_downgrade+0x980/0x980 [ 1075.216963] out_of_memory+0x86d/0x1220 [ 1075.220929] ? oom_killer_disable+0x310/0x310 [ 1075.225397] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1075.230488] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1075.235485] ? trace_hardirqs_on+0xd/0x10 [ 1075.239624] mem_cgroup_out_of_memory+0x159/0x200 [ 1075.244440] ? swap_max_write+0x110/0x110 [ 1075.248561] ? do_raw_spin_trylock+0x190/0x190 [ 1075.253127] ? _raw_spin_unlock+0x22/0x30 [ 1075.257255] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1075.262256] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1075.267683] ? find_held_lock+0x35/0x1d0 [ 1075.271728] ? memcg_event_wake+0x420/0x420 [ 1075.276031] ? __do_page_fault+0x5f7/0xc90 [ 1075.280246] ? lock_downgrade+0x980/0x980 [ 1075.284373] pagefault_out_of_memory+0xbd/0x152 [ 1075.289026] ? out_of_memory+0x1220/0x1220 [ 1075.293235] ? handle_mm_fault+0x465/0xb10 [ 1075.297450] ? __handle_mm_fault+0x38c0/0x38c0 [ 1075.302010] ? vmacache_find+0x5f/0x280 [ 1075.305966] ? vmacache_update+0xfe/0x130 [ 1075.310094] mm_fault_error+0xd6/0x2c0 [ 1075.313965] __do_page_fault+0xb4d/0xc90 [ 1075.318017] ? mm_fault_error+0x2c0/0x2c0 [ 1075.322143] ? kernel_write+0x120/0x120 [ 1075.326096] ? do_syscall_64+0xb7/0x940 [ 1075.330049] do_page_fault+0xee/0x730 [ 1075.333826] ? __do_page_fault+0xc90/0xc90 [ 1075.338038] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1075.342770] ? syscall_return_slowpath+0x550/0x550 [ 1075.347680] ? syscall_return_slowpath+0x2ac/0x550 [ 1075.352587] ? prepare_exit_to_usermode+0x350/0x350 [ 1075.357578] ? retint_user+0x18/0x18 [ 1075.361269] ? page_fault+0x2f/0x50 [ 1075.364873] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1075.369697] ? page_fault+0x2f/0x50 [ 1075.373299] page_fault+0x45/0x50 [ 1075.376729] RIP: 0033:0x409b83 [ 1075.379891] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1075.385230] RAX: 0000001b9bc20000 RBX: 0000000000001296 RCX: 000000000040e950 [ 1075.392475] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1075.399729] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1075.406973] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1075.414217] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1075.421808] Task in /syz1 killed as a result of limit of /syz1 [ 1075.427860] memory: usage 0kB, limit 0kB, failcnt 4308 [ 1075.433176] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1075.433181] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1075.433185] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 1075.433247] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1075.433391] [25784] 0 25784 11408 2089 65536 0 0 syz-executor1 [ 1075.433414] Memory cgroup out of memory: Kill process 25784 (syz-executor1) score 2105000 or sacrifice child 2018/03/26 13:06:07 executing program 0: r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup\x00', 0x200002, 0x0) pipe2(&(0x7f00000001c0)={0xffffffffffffffff}, 0x4000) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffff9c, 0x84, 0x9, &(0x7f0000000200)={0x0, @in6={{0xa, 0x4e22, 0x80000000, @mcast1={0xff, 0x1, [], 0x1}, 0x7}}, 0x9, 0x9, 0x4, 0x6, 0x22}, &(0x7f00000002c0)=0x98) getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000300)={r2, 0x62, "dfece8bea3212e13f9789d6f49696a2353c129805f1020859a62d6ab8cb66e912a26576c03e3570b588bf858c97f45e630795fcade26095cf3a3cbe99e289907b79b66c046ac8b0a5b2d47bc10df747d3b6cbcc03e17eaa008ffddf3d4d88a1a2d18"}, &(0x7f0000000380)=0x6a) r3 = syz_open_dev$sndmidi(&(0x7f0000000100)='/dev/snd/midiC#D#\x00', 0x4, 0x521000) ioctl$TIOCMBIC(r3, 0x5417, &(0x7f0000000180)=0x80) write$cgroup_subtree(r3, &(0x7f0000000140)={[{0x2d, 'pids', 0x20}, {0x2b, 'rdma', 0x20}, {0x2d, 'memory', 0x20}]}, 0x14) r4 = openat$cgroup_subtree(r0, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0) semget(0x1, 0x1, 0x1) fcntl$setpipe(r4, 0x407, 0x6) write$cgroup_subtree(r4, &(0x7f00000000c0)={[{0x2b, 'pids', 0x20}]}, 0x6) write$cgroup_subtree(r4, &(0x7f0000000000)={[{0x2d, 'pids', 0x20}]}, 0x6) 2018/03/26 13:06:07 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000008000)={&(0x7f000000eff4)={0x10, 0x34000}, 0x3, &(0x7f00000b4ff0)={&(0x7f00008d5fec)={0x14, 0x22, 0x829, 0x0, 0x0, {0x17}}, 0x14}, 0x1}, 0x0) recvmsg(r0, &(0x7f0000000300)={&(0x7f0000000000)=@pppol2tpv3in6={0x0, 0x0, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000080)=""/142, 0x8e}, {&(0x7f0000000140)=""/151, 0x97}], 0x2, &(0x7f0000000240)=""/167, 0xa7, 0xce1c}, 0x2) ioctl$sock_kcm_SIOCKCMCLONE(r1, 0x89e2, &(0x7f0000000340)={r0}) 2018/03/26 13:06:07 executing program 3: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000d92000)='/dev/kvm\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0xfd0000)=nil, 0xfd0000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x4, 0x80000) accept4$nfc_llcp(r1, &(0x7f0000000080), &(0x7f0000000100)=0x60, 0x800) r2 = gettid() ioctl$sock_SIOCSPGRP(r1, 0x8902, &(0x7f0000000040)=r2) ioctl$KVM_GET_SUPPORTED_CPUID(r0, 0xc008ae05, &(0x7f0000000140)=""/221) 2018/03/26 13:06:07 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000c03000)={{0x20000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}) r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x6, 0x300) ioctl$sock_inet_tcp_SIOCOUTQ(r1, 0x5411, &(0x7f0000000040)) 2018/03/26 13:06:07 executing program 4: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r0, &(0x7f0000002ff0)={0x1d}, 0x10) r1 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x20000) setsockopt$inet6_int(r1, 0x29, 0x33, &(0x7f0000000080)=0xc033, 0x4) sendmsg$key(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000005ff0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="0500000007c60000000000000000000090c0d055077248ef22d7f620a51ae6a78c2367499e725f26c420870c5e705e310a1bbdd9749f7b1ea46a3901c7351324f7110bf395878c0053e5baaa328733774657aa0ac31f81bd5f4d1cbf9fdd4557c8885b9bd987697e24653d6f001a51a5f22a9e2dc1bc1ca7604176c6fe72629de36ed6e6d7497aab4fbeeec86e5442117c0f4c"], 0x38}, 0x1}, 0x0) 2018/03/26 13:06:07 executing program 5: r0 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x0, 0x0) timer_create(0x7, &(0x7f00000003c0)={0x0, 0x3a, 0x4, @thr={&(0x7f0000000280)="7e3075505f76d280924858e5d64653b7880c81fc77861c0bfdd182ce8c8c11bd2b6caf71fbb8ec16e871101d783966b110698cc7a3832a9315642b13b74e3a68e5b7a79fc39e19889cecc8a5e4522ccc5b8494f8213e69222f45a7b80bced87838a12826ec0173a878635d2e1511be4aa6e865d976e9342dfc85412e775248c5774901512cbe4b8339b8f3d961018c5fc6ee4093bfc53721c257b41ee3bf5d80481249a53c75e9074144edd029915baaf4f7da8fdfcc3d8f6d12a2dba9afa92077cb145c93bcfeb95a7890bc51", &(0x7f0000000380)="f7013d5b9371f87b763fffb8ee69c9d54cbd12f60c9a776a97c53d90"}}, &(0x7f0000000400)=0x0) timer_delete(r1) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2, 0x0) mmap(&(0x7f0000003000/0xffc000)=nil, 0xffc000, 0x8, 0x32, 0xffffffffffffffff, 0xfffffffffffffffd) r3 = socket$inet6_tcp(0xa, 0x1, 0x0) fcntl$F_SET_FILE_RW_HINT(r3, 0x40e, &(0x7f0000000040)=0x3) sendmsg$nl_crypto(r0, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x20400}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)=@delrng={0x10, 0x14, 0x600, 0x70bd25, 0x25dfdbfc, "", ["", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x10}, 0x4008840) getsockopt$inet6_buf(r3, 0x29, 0xde, &(0x7f0000ab2fe2)=""/30, &(0x7f0000000200)=0xffffffffffffffea) r4 = creat(&(0x7f00000001c0)='./file0\x00', 0x2) ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(r4, 0x40042409, 0x1) getsockopt$nfc_llcp(r2, 0x118, 0x0, &(0x7f0000000240)=""/8, 0x8) 2018/03/26 13:06:07 executing program 2: r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip6_mr_vif\x00') sendfile(r0, r0, &(0x7f0000000280)=0x42402, 0x6) mbind(&(0x7f0000024000/0xc00000)=nil, 0xc00000, 0x0, &(0x7f0000a1a000), 0x0, 0x0) mincore(&(0x7f0000747000/0x3000)=nil, 0x3000, &(0x7f00000000c0)=""/232) 2018/03/26 13:06:07 executing program 1: r0 = timerfd_create(0x7, 0x0) readv(r0, &(0x7f0000000380)=[{&(0x7f00000002c0)=""/146, 0x92}], 0x1) timerfd_settime(r0, 0x0, &(0x7f0000714fe0)={{0x0, 0x989680}, {0x0, 0x6}}, &(0x7f0000000fe0)) r1 = fcntl$dupfd(r0, 0x406, r0) epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000100)={0x10000005}) ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffff9c, 0x89e2, &(0x7f0000000000)={0xffffffffffffff9c}) getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(0xffffffffffffff9c, 0x84, 0x6c, &(0x7f0000000040)={0x0, 0x2b, "e77f0af99b3f167db22191077f68f825693d168657ecf6ff2a2a8f0fab0fd6ce750b12a67f09827ed9a081"}, &(0x7f0000000080)=0x33) dup(r1) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r2, 0x84, 0x78, &(0x7f00000000c0)=r3, 0x1b7) [ 1075.433437] Killed process 25784 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1075.550256] oom_reaper: reaped process 25784 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1075.629840] syz-executor1 invoked oom-killer: gfp_mask=0x14000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 1075.640894] syz-executor1 cpuset=syz1 mems_allowed=0 [ 1075.646065] CPU: 0 PID: 25820 Comm: syz-executor1 Not tainted 4.16.0-rc7+ #367 [ 1075.653422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1075.662774] Call Trace: [ 1075.665360] dump_stack+0x194/0x24d [ 1075.668987] ? arch_local_irq_restore+0x53/0x53 [ 1075.673654] ? debug_check_no_locks_freed+0x3c0/0x3c0 2018/03/26 13:06:07 executing program 5: r0 = socket(0x40000000015, 0x5, 0x0) bind$inet(r0, &(0x7f0000fc4ff0)={0x2, 0x0, @loopback=0x7f000001}, 0x10) setsockopt(r0, 0x20000100000114, 0xa, &(0x7f00003cbffc)="02000000", 0x4) connect$inet(r0, &(0x7f0000adf000)={0x2, 0x0, @loopback=0x7f000001}, 0x10) read(r0, &(0x7f000083b000)=""/1, 0x1) sendmsg$alg(r0, &(0x7f0000159fc8)={0x0, 0x0, &(0x7f0000fc8000), 0x0, &(0x7f0000000e8e)}, 0x0) r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x2, 0x0) ioctl$EVIOCSABS2F(r1, 0x401845ef, &(0x7f0000000040)={0x33, 0x10000, 0x6, 0x1, 0x2, 0x6}) 2018/03/26 13:06:07 executing program 6: r0 = socket$netlink(0x10, 0x3, 0x20000017) getresgid(&(0x7f0000000140), &(0x7f0000000240), &(0x7f0000000280)=0x0) setgid(r1) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000080)={'bridge0\x00', 0xa102}) r2 = syz_open_dev$dmmidi(&(0x7f0000000200)='/dev/dmmidi#\x00', 0x2, 0x82000) r3 = socket$netlink(0x10, 0x3, 0x0) bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000180)={&(0x7f0000000040)='./file0\x00', r2}, 0x10) connect$netlink(r3, &(0x7f00000001c0)=@kern={0x10, 0x0, 0x0, 0x408000}, 0xc) sendmsg$nl_generic(r0, &(0x7f0000000000)={&(0x7f0000000800)={0x10}, 0xc, &(0x7f000000d379)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000000032fe040000e0aa59d759ed0214d686ea00d61fd51bf3838c04c807138a2c75554a573ea8f23ef515371c070066db47f345238b5db8af28bbd0335f64e05af6b4c6db2c1ea509eba2f75a839415f488b68e996a112cc8c0cd74abfdba99a9f2ba74c1"], 0x14}, 0x1}, 0x0) [ 1075.678853] dump_header+0x28c/0xe2b [ 1075.682579] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1075.687771] ? arch_local_irq_restore+0x53/0x53 [ 1075.692443] ? __lock_acquire+0x664/0x3e00 [ 1075.696680] ? print_irqtrace_events+0x270/0x270 [ 1075.701432] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1075.706547] ? trace_hardirqs_off+0x10/0x10 [ 1075.710861] ? __lock_acquire+0x664/0x3e00 [ 1075.715092] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1075.720286] ? __lock_acquire+0x664/0x3e00 [ 1075.724519] ? task_will_free_mem+0x252/0xaa0 2018/03/26 13:06:07 executing program 7: r0 = syz_open_dev$sndseq(&(0x7f0000cab5b3)='/dev/snd/seq\x00', 0x0, 0x0) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000000)={{0x9, 0xe2}, {0x5, 0x8}, 0x7b, 0x5, 0x51}) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f0000000080)={{0x1}, {0x8, 0xcc8}, 0x0, 0x6, 0x7f}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000068f50)={{0x80}, 'port1\x00'}) ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r0, 0xc0a85320, &(0x7f0000000280)={{0x22000000000080}, "0a4ceaa05dad126e00000002a1569b3fd4cec307e8ef3d13eb790ec9c65abaf90d229db692542e5b78f8b29e0a27800f0000000000000009fb42d576589701a4", 0x79, 0x120001, 0x0, 0x0, 0x3, 0x0, 0x4, 0x0, 0x3}) syz_open_dev$sndseq(&(0x7f0000000100)='/dev/snd/seq\x00', 0x0, 0x0) r1 = socket$inet_sctp(0x2, 0x1, 0x84) ioctl$sock_inet_SIOCGARP(r1, 0x8954, &(0x7f0000000140)={{0x2, 0x4e21, @multicast1=0xe0000001}, {0x1, @local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}}, 0x24, {0x2, 0x4e21, @broadcast=0xffffffff}, 'gre0\x00'}) 2018/03/26 13:06:07 executing program 3: r0 = socket$inet6(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local={0xfe, 0x80, [], 0xaa}, 0x6}, 0x1c) bind$inet6(r0, &(0x7f000044f000)={0xa, 0x4e20}, 0x1c) listen(r0, 0xfffffffffffffffd) signalfd4(r0, &(0x7f0000000000)={0x80000000}, 0x8, 0x80000) syz_emit_ethernet(0x4a, &(0x7f0000000100)={@local={[0xaa, 0xaa, 0xaa, 0xaa, 0xaa], 0xaa}, @broadcast=[0xff, 0xff, 0xff, 0xff, 0xff, 0xff], [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x6, 0x0, @local={0xfe, 0x80, [], 0xaa}, @local={0xfe, 0x80, [], 0xaa}, {[], @tcp={{0x0, 0x4e20, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, &(0x7f00000002c0)) r1 = accept(r0, 0x0, &(0x7f0000000180)) accept4$nfc_llcp(r1, &(0x7f00000001c0), &(0x7f0000000240)=0x60, 0x800) r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x10800, 0x0) ioctl$sock_inet_tcp_SIOCATMARK(r2, 0x8905, &(0x7f0000000080)) [ 1075.729023] ? print_irqtrace_events+0x270/0x270 [ 1075.733789] ? ___ratelimit+0x30d/0x630 [ 1075.737848] ? lock_downgrade+0x980/0x980 [ 1075.742003] ? lock_release+0xa40/0xa40 [ 1075.745986] ? mark_held_locks+0xaf/0x100 [ 1075.750132] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1075.755237] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1075.760258] ? trace_hardirqs_on+0xd/0x10 [ 1075.764405] ? ___ratelimit+0x95/0x630 [ 1075.768288] ? idr_get_free+0xfd0/0xfd0 [ 1075.772262] ? find_held_lock+0x35/0x1d0 [ 1075.776334] oom_kill_process+0x8b9/0x1640 [ 1075.780567] ? lock_downgrade+0x980/0x980 [ 1075.784729] ? __lock_is_held+0xb6/0x140 [ 1075.788799] ? oom_evaluate_task+0x480/0x480 [ 1075.793226] ? rcu_read_unlock+0x35/0x70 [ 1075.797291] ? mem_cgroup_iter+0x363/0xbd0 [ 1075.801539] ? lock_downgrade+0x980/0x980 [ 1075.805708] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 1075.810473] ? mark_held_locks+0xaf/0x100 [ 1075.814631] ? _raw_spin_unlock_irq+0x27/0x70 [ 1075.819110] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1075.824107] ? trace_hardirqs_on+0xd/0x10 [ 1075.828230] ? _raw_spin_unlock_irq+0x27/0x70 [ 1075.832705] ? css_task_iter_end+0x280/0x430 [ 1075.837097] ? _raw_spin_unlock_irq+0x27/0x70 [ 1075.841566] ? cgroup_procs_next+0x70/0x70 [ 1075.845778] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1075.850771] ? trace_hardirqs_on+0xd/0x10 [ 1075.854891] ? _raw_spin_unlock_irq+0x27/0x70 [ 1075.859365] ? oom_badness+0x980/0x980 [ 1075.863227] ? mem_cgroup_scan_tasks+0x1a2/0x1d0 [ 1075.867962] ? mem_cgroup_iter_break+0x30/0x30 [ 1075.872533] ? finish_wait+0x268/0x490 [ 1075.876398] ? lock_downgrade+0x980/0x980 [ 1075.880524] out_of_memory+0x86d/0x1220 [ 1075.884485] ? oom_killer_disable+0x310/0x310 [ 1075.888957] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1075.894042] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1075.899037] ? trace_hardirqs_on+0xd/0x10 [ 1075.903170] mem_cgroup_out_of_memory+0x159/0x200 [ 1075.907990] ? swap_max_write+0x110/0x110 [ 1075.912113] ? do_raw_spin_trylock+0x190/0x190 [ 1075.916679] ? _raw_spin_unlock+0x22/0x30 [ 1075.920809] mem_cgroup_oom_synchronize+0x7af/0x900 [ 1075.925803] ? mem_cgroup_select_victim_node+0x430/0x430 [ 1075.931231] ? find_held_lock+0x35/0x1d0 [ 1075.935278] ? memcg_event_wake+0x420/0x420 [ 1075.939574] ? __do_page_fault+0x5f7/0xc90 [ 1075.943792] ? lock_downgrade+0x980/0x980 [ 1075.947920] pagefault_out_of_memory+0xbd/0x152 [ 1075.952566] ? out_of_memory+0x1220/0x1220 [ 1075.956783] ? handle_mm_fault+0x465/0xb10 [ 1075.960998] ? __handle_mm_fault+0x38c0/0x38c0 [ 1075.965557] ? vmacache_find+0x5f/0x280 [ 1075.969507] ? vmacache_update+0xfe/0x130 [ 1075.973631] mm_fault_error+0xd6/0x2c0 [ 1075.977500] __do_page_fault+0xb4d/0xc90 [ 1075.981543] ? mm_fault_error+0x2c0/0x2c0 [ 1075.985668] ? kernel_write+0x120/0x120 [ 1075.989621] ? do_syscall_64+0xb7/0x940 [ 1075.993573] do_page_fault+0xee/0x730 [ 1075.997349] ? __do_page_fault+0xc90/0xc90 [ 1076.001562] ? trace_event_raw_event_sys_exit+0x260/0x260 [ 1076.007075] ? syscall_return_slowpath+0x550/0x550 [ 1076.011993] ? syscall_return_slowpath+0x2ac/0x550 [ 1076.016912] ? retint_user+0x18/0x18 [ 1076.020601] ? page_fault+0x2f/0x50 [ 1076.024204] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 1076.029030] ? page_fault+0x2f/0x50 [ 1076.032635] page_fault+0x45/0x50 [ 1076.036064] RIP: 0033:0x409b83 [ 1076.039227] RSP: 002b:0000000000a3eb80 EFLAGS: 00010257 [ 1076.044573] RAX: 0000001b9bc20000 RBX: 0000000000001297 RCX: 000000000040e950 [ 1076.051817] RDX: 00000000000003e8 RSI: 0000000000a3f930 RDI: 00000000000000fc [ 1076.059060] RBP: 0000000000a3f220 R08: 0000000000000000 R09: 0000000000000004 [ 1076.066314] R10: 0000000000000064 R11: 0000000000000246 R12: 0000000000000000 [ 1076.073564] R13: 0000000000000013 R14: 0000000000000000 R15: 0000000000001380 [ 1076.081611] Task in /syz1 killed as a result of limit of /syz1 [ 1076.087667] memory: usage 0kB, limit 0kB, failcnt 4316 [ 1076.093028] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1076.099811] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 1076.106000] Memory cgroup stats for /syz1: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 2018/03/26 13:06:08 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f000059b000)={0x26, 'skcipher\x00', 0x0, 0x0, 'lrw-twofish-3way\x00'}, 0x58) r1 = accept$alg(r0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c8afd0)="d3ab27191a01002356ba602dff05000bfef9b9d2a4b20079fffffffffffffe000225070097c11ed4c2c4dc42ffa86eb9", 0x30) sendmsg$alg(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f000032bf18)="130f5fc5b51c5daa986e733494021ff9bac42d2043fd4a270923e98e7b923a0f703f1eae0f7eea7285c343e294ea90187797d8a0642441750803e2283ec0d517", 0x40}], 0x1, &(0x7f0000000000)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}, 0x0) recvmsg(r1, &(0x7f0000750fc8)={&(0x7f000092eff8)=@sco, 0x8, &(0x7f0000c2dfd0)=[{&(0x7f0000bacfab)=""/85, 0x55}], 0x1, &(0x7f000050afbb)=""/69, 0x45}, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f00000000c0)='/dev/snd/midiC#D#\x00', 0x3b, 0x101000) getsockopt$bt_BT_CHANNEL_POLICY(r2, 0x112, 0xa, &(0x7f0000000100)=0x4, &(0x7f0000000140)=0x4) [ 1076.125463] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 1076.134270] [25820] 0 25820 11408 2089 65536 0 0 syz-executor1 [ 1076.143175] Memory cgroup out of memory: Kill process 25820 (syz-executor1) score 2105000 or sacrifice child [ 1076.153208] Killed process 25820 (syz-executor1) total-vm:45632kB, anon-rss:132kB, file-rss:8224kB, shmem-rss:0kB [ 1076.172644] oom_reaper: reaped process 25820 (syz-executor1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1106.911223] INFO: task kworker/1:0:17 blocked for more than 120 seconds. [ 1106.918144] Not tainted 4.16.0-rc7+ #367 [ 1106.922773] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1106.930764] kworker/1:0 D20112 17 2 0x80000000 [ 1106.936703] Workqueue: events cgwb_release_workfn [ 1106.941562] Call Trace: [ 1106.944173] __schedule+0x8fb/0x1ec0 [ 1106.947918] ? __sched_text_start+0x8/0x8 [ 1106.952121] ? prepare_to_wait+0x192/0x4d0 [ 1106.956388] ? lock_downgrade+0x980/0x980 [ 1106.960584] ? lock_release+0xa40/0xa40 [ 1106.964583] ? mark_held_locks+0xaf/0x100 [ 1106.968768] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1106.973916] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1106.978961] ? atomic_t_wait+0x90/0x90 [ 1106.983105] schedule+0xf5/0x430 [ 1106.986511] ? prepare_to_wait+0x192/0x4d0 [ 1106.990763] ? __schedule+0x1ec0/0x1ec0 [ 1106.994773] ? finish_wait+0x490/0x490 [ 1106.998682] ? trace_hardirqs_off+0x10/0x10 [ 1107.003078] ? __lock_acquire+0x664/0x3e00 [ 1107.007333] ? print_irqtrace_events+0x270/0x270 [ 1107.012140] ? atomic_t_wait+0x90/0x90 [ 1107.016048] bit_wait+0x18/0x90 [ 1107.019360] __wait_on_bit+0x88/0x130 [ 1107.023193] out_of_line_wait_on_bit+0x204/0x3a0 [ 1107.027986] ? check_same_owner+0x320/0x320 [ 1107.032574] ? __wait_on_bit+0x130/0x130 [ 1107.036669] ? bit_waitqueue+0x30/0x30 [ 1107.040616] ? __might_sleep+0x95/0x190 [ 1107.044631] wb_shutdown+0x335/0x430 [ 1107.048359] ? set_wb_congested+0x40/0x40 [ 1107.052539] ? find_held_lock+0x35/0x1d0 [ 1107.056625] ? trace_hardirqs_off+0x10/0x10 [ 1107.060986] ? lock_acquire+0x1d5/0x580 [ 1107.064977] ? lock_acquire+0x1d5/0x580 [ 1107.068986] ? process_one_work+0xb89/0x1bb0 [ 1107.073423] cgwb_release_workfn+0x8b/0x61d [ 1107.078000] ? wb_get_create+0x1670/0x1670 [ 1107.082270] ? __lock_is_held+0xb6/0x140 [ 1107.086384] process_one_work+0xc47/0x1bb0 [ 1107.090636] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1107.095861] ? trace_hardirqs_on+0xd/0x10 [ 1107.100059] ? pwq_dec_nr_in_flight+0x450/0x450 [ 1107.104784] ? __schedule+0x903/0x1ec0 [ 1107.108703] ? _raw_spin_unlock_irqrestore+0xa6/0xc0 [ 1107.113857] ? retint_kernel+0x10/0x10 [ 1107.117772] ? trace_hardirqs_off+0x10/0x10 [ 1107.122122] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1107.127158] ? lock_acquire+0x1d5/0x580 [ 1107.131169] ? lock_acquire+0x1d5/0x580 [ 1107.135160] ? worker_thread+0x4a3/0x1990 [ 1107.139335] ? lock_downgrade+0x980/0x980 [ 1107.143501] ? lock_release+0xa40/0xa40 [ 1107.147507] ? retint_kernel+0x10/0x10 [ 1107.151411] ? do_raw_spin_trylock+0x190/0x190 [ 1107.156056] worker_thread+0x223/0x1990 [ 1107.160049] ? finish_task_switch+0x1c1/0x7e0 [ 1107.164831] ? process_one_work+0x1bb0/0x1bb0 [ 1107.169359] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1107.174410] ? trace_hardirqs_on+0xd/0x10 [ 1107.179418] ? _raw_spin_unlock_irq+0x27/0x70 [ 1107.183954] ? finish_task_switch+0x1c1/0x7e0 [ 1107.188464] ? finish_task_switch+0x182/0x7e0 [ 1107.192994] ? copy_overflow+0x20/0x20 [ 1107.196935] ? __schedule+0x903/0x1ec0 [ 1107.200879] ? trace_hardirqs_off+0x10/0x10 [ 1107.205226] ? find_held_lock+0x35/0x1d0 [ 1107.209330] ? find_held_lock+0x35/0x1d0 [ 1107.213645] ? complete+0x62/0x80 [ 1107.217141] ? __schedule+0x1ec0/0x1ec0 [ 1107.221133] ? do_wait_intr_irq+0x3e0/0x3e0 [ 1107.225484] ? __lockdep_init_map+0xe4/0x650 [ 1107.229935] ? do_raw_spin_trylock+0x190/0x190 [ 1107.234572] ? lockdep_init_map+0x9/0x10 [ 1107.238651] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1107.243790] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1107.248826] ? trace_hardirqs_on+0xd/0x10 [ 1107.253011] ? __kthread_parkme+0x176/0x240 [ 1107.257585] kthread+0x33c/0x400 [ 1107.260975] ? process_one_work+0x1bb0/0x1bb0 [ 1107.265502] ? kthread_stop+0x7a0/0x7a0 [ 1107.269502] ret_from_fork+0x3a/0x50 [ 1107.273262] [ 1107.273262] Showing all locks held in the system: [ 1107.279604] 2 locks held by kworker/1:0/17: [ 1107.284400] #0: ((wq_completion)"events"){+.+.}, at: [<00000000c3fa7a23>] process_one_work+0xb12/0x1bb0 [ 1107.294150] #1: ((work_completion)(&wb->release_work)){+.+.}, at: [<00000000a8fcf19f>] process_one_work+0xb89/0x1bb0 [ 1107.305323] 2 locks held by khungtaskd/801: [ 1107.309670] #0: (rcu_read_lock){....}, at: [<00000000a922705f>] watchdog+0x1c5/0xd60 [ 1107.317784] #1: (tasklist_lock){.+.+}, at: [<00000000986e96b3>] debug_show_all_locks+0xd3/0x3d0 [ 1107.326860] 3 locks held by kworker/0:3/1893: [ 1107.331393] #0: ((wq_completion)"events"){+.+.}, at: [<00000000c3fa7a23>] process_one_work+0xb12/0x1bb0 [ 1107.341147] #1: (slab_caches_to_rcu_destroy_work){+.+.}, at: [<00000000a8fcf19f>] process_one_work+0xb89/0x1bb0 [ 1107.351618] #2: (slab_mutex){+.+.}, at: [<00000000e3528f80>] slab_caches_to_rcu_destroy_workfn+0x25/0xc0 [ 1107.361777] 1 lock held by rsyslogd/4067: [ 1107.365965] #0: (&f->f_pos_lock){+.+.}, at: [<000000007acc971f>] __fdget_pos+0x12b/0x190 [ 1107.374419] 2 locks held by getty/4158: [ 1107.378424] #0: (&tty->ldisc_sem){++++}, at: [<00000000d0ba872d>] ldsem_down_read+0x37/0x40 [ 1107.387130] #1: (&ldata->atomic_read_lock){+.+.}, at: [<00000000809d200b>] n_tty_read+0x2ef/0x1a40 [ 1107.396465] 2 locks held by getty/4159: [ 1107.400677] #0: (&tty->ldisc_sem){++++}, at: [<00000000d0ba872d>] ldsem_down_read+0x37/0x40 [ 1107.409395] #1: (&ldata->atomic_read_lock){+.+.}, at: [<00000000809d200b>] n_tty_read+0x2ef/0x1a40 [ 1107.418712] 2 locks held by getty/4160: [ 1107.422718] #0: (&tty->ldisc_sem){++++}, at: [<00000000d0ba872d>] ldsem_down_read+0x37/0x40 [ 1107.431424] #1: (&ldata->atomic_read_lock){+.+.}, at: [<00000000809d200b>] n_tty_read+0x2ef/0x1a40 [ 1107.440771] 2 locks held by getty/4161: [ 1107.444763] #0: (&tty->ldisc_sem){++++}, at: [<00000000d0ba872d>] ldsem_down_read+0x37/0x40 [ 1107.453741] #1: (&ldata->atomic_read_lock){+.+.}, at: [<00000000809d200b>] n_tty_read+0x2ef/0x1a40 [ 1107.463075] 2 locks held by getty/4162: [ 1107.467066] #0: (&tty->ldisc_sem){++++}, at: [<00000000d0ba872d>] ldsem_down_read+0x37/0x40 [ 1107.476269] #1: (&ldata->atomic_read_lock){+.+.}, at: [<00000000809d200b>] n_tty_read+0x2ef/0x1a40 [ 1107.485598] 2 locks held by getty/4163: [ 1107.489896] #0: (&tty->ldisc_sem){++++}, at: [<00000000d0ba872d>] ldsem_down_read+0x37/0x40 [ 1107.498605] #1: (&ldata->atomic_read_lock){+.+.}, at: [<00000000809d200b>] n_tty_read+0x2ef/0x1a40 [ 1107.507956] 4 locks held by kworker/1:2/4869: [ 1107.512486] #0: ((wq_completion)"memcg_kmem_cache"){+.+.}, at: [<00000000c3fa7a23>] process_one_work+0xb12/0x1bb0 [ 1107.523122] #1: ((work_completion)(&cw->work)){+.+.}, at: [<00000000a8fcf19f>] process_one_work+0xb89/0x1bb0 [ 1107.533317] #2: (cpu_hotplug_lock.rw_sem){++++}, at: [<0000000045e781c5>] memcg_create_kmem_cache+0x16/0x170 [ 1107.543745] #3: (slab_mutex){+.+.}, at: [<0000000018b9c301>] memcg_create_kmem_cache+0x24/0x170 [ 1107.552826] 4 locks held by kworker/0:6/7912: [ 1107.557337] #0: ((wq_completion)"cgroup_destroy"){+.+.}, at: [<00000000c3fa7a23>] process_one_work+0xb12/0x1bb0 [ 1107.567801] #1: ((work_completion)(&css->destroy_work)#3){+.+.}, at: [<00000000a8fcf19f>] process_one_work+0xb89/0x1bb0 [ 1107.579220] #2: (cpu_hotplug_lock.rw_sem){++++}, at: [<000000001405d0fd>] memcg_destroy_kmem_caches+0xf/0x80 [ 1107.589420] #3: (slab_mutex){+.+.}, at: [<000000007f1d5898>] memcg_destroy_kmem_caches+0x24/0x80 [ 1107.598584] 2 locks held by getty/22269: [ 1107.602679] #0: (&tty->ldisc_sem){++++}, at: [<00000000d0ba872d>] ldsem_down_read+0x37/0x40 [ 1107.611386] #1: (&ldata->atomic_read_lock){+.+.}, at: [<00000000809d200b>] n_tty_read+0x2ef/0x1a40 [ 1107.620718] 3 locks held by syz-executor0/25844: [ 1107.625701] #0: (&f->f_pos_lock){+.+.}, at: [<000000007acc971f>] __fdget_pos+0x12b/0x190 [ 1107.634136] #1: (sb_writers#10){.+.+}, at: [<000000004146322f>] vfs_write+0x407/0x510 [ 1107.642337] #2: (&of->mutex){+.+.}, at: [<00000000b8205951>] kernfs_fop_write+0x208/0x440 [ 1107.650891] [ 1107.652544] ============================================= [ 1107.652544] [ 1107.659567] NMI backtrace for cpu 0 [ 1107.663232] CPU: 0 PID: 801 Comm: khungtaskd Not tainted 4.16.0-rc7+ #367 [ 1107.670137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1107.679466] Call Trace: [ 1107.682036] dump_stack+0x194/0x24d [ 1107.685640] ? arch_local_irq_restore+0x53/0x53 [ 1107.690284] ? debug_show_all_locks+0x2f3/0x3d0 [ 1107.694933] ? nmi_cpu_backtrace+0x1be/0x210 [ 1107.699322] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 1107.703789] nmi_cpu_backtrace+0x1d2/0x210 [ 1107.708003] ? lapic_can_unplug_cpu+0xa0/0xa0 [ 1107.712483] nmi_trigger_cpumask_backtrace+0x123/0x180 [ 1107.717737] arch_trigger_cpumask_backtrace+0x14/0x20 [ 1107.722900] watchdog+0x90c/0xd60 [ 1107.726341] ? reset_hung_task_detector+0xa0/0xa0 [ 1107.731160] ? complete+0x62/0x80 [ 1107.734600] ? __schedule+0x1ec0/0x1ec0 [ 1107.738547] ? do_wait_intr_irq+0x3e0/0x3e0 [ 1107.742844] ? __lockdep_init_map+0xe4/0x650 [ 1107.747235] ? do_raw_spin_trylock+0x190/0x190 [ 1107.751792] ? lockdep_init_map+0x9/0x10 [ 1107.755826] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1107.760905] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1107.765897] ? trace_hardirqs_on+0xd/0x10 [ 1107.770026] ? __kthread_parkme+0x176/0x240 [ 1107.774328] kthread+0x33c/0x400 [ 1107.777670] ? reset_hung_task_detector+0xa0/0xa0 [ 1107.782483] ? kthread_stop+0x7a0/0x7a0 [ 1107.786432] ret_from_fork+0x3a/0x50 [ 1107.790190] Sending NMI from CPU 0 to CPUs 1: [ 1107.794930] NMI backtrace for cpu 1 [ 1107.794936] CPU: 1 PID: 11686 Comm: kworker/1:8 Not tainted 4.16.0-rc7+ #367 [ 1107.794939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1107.794949] Workqueue: cgroup_destroy css_free_work_fn [ 1107.794957] RIP: 0010:qlist_move_cache+0x73/0xf0 [ 1107.794959] RSP: 0018:ffff8801b9eaf070 EFLAGS: 00000082 [ 1107.794964] RAX: ffff880192ca2580 RBX: 000077ff80000000 RCX: ffff880192ca2580 [ 1107.794967] RDX: ffff88018ef0c940 RSI: ffff8801b9eaf090 RDI: ffff8801db328f80 [ 1107.794970] RBP: ffff8801b9eaf080 R08: ffff8801897c64c0 R09: 0000000080000000 [ 1107.794973] R10: ffff880199529600 R11: ffffea0000000000 R12: ffffea00066c06df [ 1107.794975] R13: ffff88018ef0c940 R14: ffffffff885ef2a0 R15: ffff88018ef0c940 [ 1107.794980] FS: 0000000000000000(0000) GS:ffff8801db300000(0000) knlGS:0000000000000000 [ 1107.794982] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1107.794985] CR2: 000000000079bc4e CR3: 0000000006e22004 CR4: 00000000001606e0 [ 1107.794990] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1107.794993] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1107.794994] Call Trace: [ 1107.795000] ? qlist_free_all+0x160/0x160 [ 1107.795009] per_cpu_remove_cache+0x3f/0x60 [ 1107.795018] on_each_cpu+0xca/0x1b0 [ 1107.795024] quarantine_remove_cache+0x55/0xf0 [ 1107.795030] kasan_cache_shutdown+0x9/0x10 [ 1107.795036] shutdown_cache+0x15/0x1b0 [ 1107.795042] memcg_destroy_kmem_caches+0x62/0x80 [ 1107.795047] mem_cgroup_css_free+0x2a4/0x3f0 [ 1107.795053] ? memcg_offline_kmem.part.56+0x340/0x340 [ 1107.795057] ? __kasan_slab_free+0x11a/0x170 [ 1107.795064] css_free_work_fn+0x1c8/0x1420 [ 1107.795070] ? cgroup_type_write+0x530/0x530 [ 1107.795077] ? find_held_lock+0x35/0x1d0 [ 1107.795083] ? trace_hardirqs_off+0x10/0x10 [ 1107.795090] ? debug_object_deactivate+0x364/0x560 [ 1107.795095] ? lock_downgrade+0x980/0x980 [ 1107.795101] ? lock_release+0xa40/0xa40 [ 1107.795107] ? find_held_lock+0x35/0x1d0 [ 1107.795113] ? trace_hardirqs_off+0x10/0x10 [ 1107.795119] ? lock_acquire+0x1d5/0x580 [ 1107.795123] ? lock_acquire+0x1d5/0x580 [ 1107.795130] ? process_one_work+0xb89/0x1bb0 [ 1107.795139] ? __lock_is_held+0xb6/0x140 [ 1107.795148] process_one_work+0xc47/0x1bb0 [ 1107.795153] ? debug_check_no_locks_freed+0x3c0/0x3c0 [ 1107.795158] ? trace_hardirqs_on+0xd/0x10 [ 1107.795166] ? pwq_dec_nr_in_flight+0x450/0x450 [ 1107.795176] ? __schedule+0x903/0x1ec0 [ 1107.795181] ? _raw_spin_unlock_irqrestore+0xa6/0xc0 [ 1107.795189] ? retint_kernel+0x10/0x10 [ 1107.795195] ? trace_hardirqs_off+0x10/0x10 [ 1107.795202] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1107.795213] ? lock_acquire+0x1d5/0x580 [ 1107.795218] ? lock_acquire+0x1d5/0x580 [ 1107.795223] ? worker_thread+0x4a3/0x1990 [ 1107.795228] ? lock_downgrade+0x980/0x980 [ 1107.795234] ? lock_release+0xa40/0xa40 [ 1107.795238] ? retint_kernel+0x10/0x10 [ 1107.795243] ? do_raw_spin_trylock+0x190/0x190 [ 1107.795252] worker_thread+0x223/0x1990 [ 1107.795257] ? finish_task_switch+0x1c1/0x7e0 [ 1107.795268] ? process_one_work+0x1bb0/0x1bb0 [ 1107.795274] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1107.795279] ? trace_hardirqs_on+0xd/0x10 [ 1107.795283] ? _raw_spin_unlock_irq+0x27/0x70 [ 1107.795288] ? finish_task_switch+0x1c1/0x7e0 [ 1107.795292] ? finish_task_switch+0x182/0x7e0 [ 1107.795297] ? copy_overflow+0x20/0x20 [ 1107.795307] ? __schedule+0x903/0x1ec0 [ 1107.795315] ? trace_hardirqs_off+0x10/0x10 [ 1107.795322] ? find_held_lock+0x35/0x1d0 [ 1107.795329] ? find_held_lock+0x35/0x1d0 [ 1107.795336] ? complete+0x62/0x80 [ 1107.795344] ? __schedule+0x1ec0/0x1ec0 [ 1107.795348] ? do_wait_intr_irq+0x3e0/0x3e0 [ 1107.795357] ? __lockdep_init_map+0xe4/0x650 [ 1107.795362] ? do_raw_spin_trylock+0x190/0x190 [ 1107.795367] ? lockdep_init_map+0x9/0x10 [ 1107.795372] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1107.795377] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1107.795383] ? trace_hardirqs_on+0xd/0x10 [ 1107.795387] ? __kthread_parkme+0x176/0x240 [ 1107.795392] kthread+0x33c/0x400 [ 1107.795397] ? process_one_work+0x1bb0/0x1bb0 [ 1107.795401] ? kthread_stop+0x7a0/0x7a0 [ 1107.795406] ret_from_fork+0x3a/0x50 [ 1107.795412] Code: 3f 00 8b 40 14 74 7f 4c 8b 47 08 49 89 08 48 89 4f 08 48 c7 01 00 00 00 00 4c 89 d1 48 01 47 10 4d 85 d2 74 5c 48 89 c8 4c 8b 11 <4c> 01 c8 72 62 49 89 d8 4c 01 c0 48 c1 e8 0c 48 c1 e0 06 4c 01 [ 1107.795933] Kernel panic - not syncing: hung_task: blocked tasks [ 1108.210756] CPU: 0 PID: 801 Comm: khungtaskd Not tainted 4.16.0-rc7+ #367 [ 1108.217652] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1108.226979] Call Trace: [ 1108.229549] dump_stack+0x194/0x24d [ 1108.233152] ? arch_local_irq_restore+0x53/0x53 [ 1108.237798] ? vsnprintf+0x1ed/0x1900 [ 1108.241578] panic+0x1e4/0x41c [ 1108.244746] ? refcount_error_report+0x214/0x214 [ 1108.249514] ? nmi_trigger_cpumask_backtrace+0xf0/0x180 [ 1108.254862] watchdog+0x91d/0xd60 [ 1108.258299] ? reset_hung_task_detector+0xa0/0xa0 [ 1108.263116] ? complete+0x62/0x80 [ 1108.266553] ? __schedule+0x1ec0/0x1ec0 [ 1108.270496] ? do_wait_intr_irq+0x3e0/0x3e0 [ 1108.274794] ? __lockdep_init_map+0xe4/0x650 [ 1108.279175] ? do_raw_spin_trylock+0x190/0x190 [ 1108.283730] ? lockdep_init_map+0x9/0x10 [ 1108.287766] ? _raw_spin_unlock_irqrestore+0x31/0xc0 [ 1108.292849] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 1108.297846] ? trace_hardirqs_on+0xd/0x10 [ 1108.301970] ? __kthread_parkme+0x176/0x240 [ 1108.306268] kthread+0x33c/0x400 [ 1108.309609] ? reset_hung_task_detector+0xa0/0xa0 [ 1108.314422] ? kthread_stop+0x7a0/0x7a0 [ 1108.318371] ret_from_fork+0x3a/0x50 [ 1108.322755] Dumping ftrace buffer: [ 1108.326379] (ftrace buffer empty) [ 1108.330061] Kernel Offset: disabled [ 1108.333664] Rebooting in 86400 seconds..