[26127] 0 26127 17585 8731 131072 0 0 syz-executor6 [ 2197.404698] Memory cgroup out of memory: Kill process 26091 (syz-executor0) score 1752600 or sacrifice child [ 2197.414746] Killed process 26091 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2197.438167] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 07:52:41 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x10000, 0x410000) ioctl$EVIOCGKEYCODE_V2(r0, 0x80284504, &(0x7f0000000280)=""/173) ioctl$sock_ifreq(r0, 0x891c, &(0x7f0000000140)={'eql\x00', @ifru_mtu=0x5}) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:52:41 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000600"}, 0x2c) 07:52:41 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x197, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:41 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0xbb, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:41 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x100000000000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:52:41 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8]}}, 0x1c) [ 2197.449176] syz-executor6 cpuset=/ mems_allowed=0 [ 2197.454100] CPU: 0 PID: 26127 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2197.461470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2197.470832] Call Trace: [ 2197.473437] dump_stack+0x1c9/0x2b4 [ 2197.477084] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2197.482294] ? trace_hardirqs_on+0x10/0x10 [ 2197.486550] dump_header+0x27b/0xf64 [ 2197.490288] ? pagefault_out_of_memory+0x197/0x197 [ 2197.495233] ? __lock_acquire+0x7fc/0x5020 [ 2197.499491] ? print_usage_bug+0xc0/0xc0 [ 2197.503578] ? graph_lock+0x170/0x170 [ 2197.507392] ? print_usage_bug+0xc0/0xc0 [ 2197.511469] ? trace_hardirqs_on+0x10/0x10 [ 2197.515726] ? print_usage_bug+0xc0/0xc0 [ 2197.519819] ? lock_downgrade+0x8f0/0x8f0 [ 2197.523987] ? mark_held_locks+0xc9/0x160 [ 2197.528138] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2197.532723] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2197.537837] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2197.542861] ? trace_hardirqs_on+0xd/0x10 [ 2197.547020] ? ___ratelimit+0xaa/0x655 07:52:41 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00l\x00'}, 0x2c) [ 2197.550920] ? idr_get_free+0x10c0/0x10c0 [ 2197.555081] ? kasan_check_write+0x14/0x20 [ 2197.559322] ? do_raw_spin_lock+0xc1/0x200 [ 2197.563569] oom_kill_process.cold.25+0x10/0x10bc [ 2197.568427] ? oom_evaluate_task+0x540/0x540 [ 2197.572845] ? find_held_lock+0x36/0x1c0 [ 2197.576926] ? lock_downgrade+0x8f0/0x8f0 [ 2197.581092] ? kasan_check_read+0x11/0x20 [ 2197.585241] ? rcu_is_watching+0x8c/0x150 [ 2197.589393] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2197.593816] ? oom_badness+0xb00/0xb00 07:52:41 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x2b, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2197.597717] ? rcu_read_unlock+0x35/0x70 [ 2197.601785] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2197.606053] ? css_task_iter_end+0x2ce/0x490 [ 2197.610472] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2197.615246] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2197.620288] ? trace_hardirqs_on+0xd/0x10 [ 2197.624447] ? _raw_spin_unlock_irq+0x27/0x70 [ 2197.628951] ? oom_badness+0xb00/0xb00 [ 2197.632851] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2197.637616] ? mem_cgroup_iter_break+0x30/0x30 [ 2197.642235] out_of_memory+0xa8a/0x14d0 [ 2197.646224] ? oom_killer_disable+0x3a0/0x3a0 07:52:41 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x179, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:41 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00c\x00'}, 0x2c) [ 2197.650725] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2197.655744] ? trace_hardirqs_on+0xd/0x10 [ 2197.659908] mem_cgroup_out_of_memory+0x15e/0x210 [ 2197.664764] ? memcg_memory_event+0x40/0x40 [ 2197.669099] ? _raw_spin_unlock+0x22/0x30 [ 2197.673261] mem_cgroup_oom_synchronize+0x713/0x940 [ 2197.678313] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2197.683774] ? memcg_event_wake+0x450/0x450 [ 2197.688117] pagefault_out_of_memory+0xc8/0x197 [ 2197.692796] ? out_of_memory+0x14d0/0x14d0 [ 2197.697048] ? __handle_mm_fault+0x4460/0x4460 [ 2197.701645] mm_fault_error+0x1de/0x380 [ 2197.705630] __do_page_fault+0xd25/0xe50 [ 2197.709709] ? mm_fault_error+0x380/0x380 [ 2197.713865] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2197.719411] ? __x64_sys_clock_gettime+0x170/0x250 [ 2197.724351] ? __ia32_sys_clock_settime+0x290/0x290 [ 2197.729381] do_page_fault+0xf6/0x8c0 [ 2197.733194] ? vmalloc_sync_all+0x30/0x30 [ 2197.737356] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2197.742921] ? do_syscall_64+0x497/0x820 [ 2197.746996] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2197.751945] ? syscall_return_slowpath+0x31d/0x5e0 [ 2197.756893] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2197.762445] ? retint_user+0x18/0x18 [ 2197.766178] ? page_fault+0x8/0x30 [ 2197.769730] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2197.774587] ? page_fault+0x8/0x30 [ 2197.778139] page_fault+0x1e/0x30 [ 2197.781597] RIP: 0033:0x46f8fd [ 2197.784784] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2197.804142] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2197.809521] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2197.816803] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2197.824083] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2197.831366] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2197.838670] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2197.846173] Task in /ile0 killed as a result of limit of /ile0 [ 2197.852233] memory: usage 24kB, limit 20kB, failcnt 7464 [ 2197.857715] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2197.864490] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2197.870652] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2197.890924] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 07:52:42 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000280)=ANY=[@ANYBLOB="b5f5057b3b8e67a7148562ebdfd1e7f3ff000000000000013cf924e200b8fd7ca70000000600000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x40020200) 07:52:42 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00`\x00'}, 0x2c) 07:52:42 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x204, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:42 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x102, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2197.899700] [26127] 0 26127 17585 8731 131072 0 0 syz-executor6 [ 2197.908589] [26132] 0 26132 17585 8732 131072 0 0 syz-executor5 [ 2197.917468] Memory cgroup out of memory: Kill process 26127 (syz-executor6) score 1752600 or sacrifice child [ 2197.927526] Killed process 26127 (syz-executor6) total-vm:70340kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB 07:52:42 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xf0ffffffffffff}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2197.990629] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2198.001620] syz-executor5 cpuset=/ mems_allowed=0 [ 2198.006599] CPU: 1 PID: 26132 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2198.014051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2198.023410] Call Trace: [ 2198.026021] dump_stack+0x1c9/0x2b4 [ 2198.029674] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2198.034894] ? trace_hardirqs_on+0x10/0x10 [ 2198.039152] dump_header+0x27b/0xf64 [ 2198.042893] ? pagefault_out_of_memory+0x197/0x197 [ 2198.047839] ? __lock_acquire+0x7fc/0x5020 [ 2198.052091] ? print_usage_bug+0xc0/0xc0 [ 2198.056169] ? graph_lock+0x170/0x170 [ 2198.059983] ? print_usage_bug+0xc0/0xc0 [ 2198.064054] ? trace_hardirqs_on+0x10/0x10 [ 2198.068303] ? print_usage_bug+0xc0/0xc0 [ 2198.072390] ? lock_downgrade+0x8f0/0x8f0 [ 2198.076575] ? mark_held_locks+0xc9/0x160 [ 2198.080727] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2198.085337] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2198.090450] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2198.095474] ? trace_hardirqs_on+0xd/0x10 [ 2198.099633] ? ___ratelimit+0xaa/0x655 [ 2198.103531] ? idr_get_free+0x10c0/0x10c0 [ 2198.107686] ? kasan_check_write+0x14/0x20 [ 2198.111929] ? do_raw_spin_lock+0xc1/0x200 [ 2198.116183] oom_kill_process.cold.25+0x10/0x10bc [ 2198.121041] ? oom_evaluate_task+0x540/0x540 [ 2198.125461] ? find_held_lock+0x36/0x1c0 [ 2198.129547] ? lock_downgrade+0x8f0/0x8f0 [ 2198.133710] ? kasan_check_read+0x11/0x20 [ 2198.137868] ? rcu_is_watching+0x8c/0x150 [ 2198.142026] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2198.146460] ? oom_badness+0xb00/0xb00 [ 2198.150364] ? rcu_read_unlock+0x35/0x70 [ 2198.154430] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2198.158671] ? css_task_iter_end+0x2ce/0x490 [ 2198.163088] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2198.168630] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2198.173658] ? trace_hardirqs_on+0xd/0x10 [ 2198.177818] ? _raw_spin_unlock_irq+0x27/0x70 [ 2198.182329] ? oom_badness+0xb00/0xb00 [ 2198.186231] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2198.191001] ? mem_cgroup_iter_break+0x30/0x30 [ 2198.195611] out_of_memory+0xa8a/0x14d0 [ 2198.199607] ? oom_killer_disable+0x3a0/0x3a0 [ 2198.204122] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2198.209152] ? trace_hardirqs_on+0xd/0x10 [ 2198.213307] mem_cgroup_out_of_memory+0x15e/0x210 [ 2198.218152] ? memcg_memory_event+0x40/0x40 [ 2198.222477] ? _raw_spin_unlock+0x22/0x30 [ 2198.226617] mem_cgroup_oom_synchronize+0x713/0x940 [ 2198.231637] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2198.237087] ? memcg_event_wake+0x450/0x450 [ 2198.241429] pagefault_out_of_memory+0xc8/0x197 [ 2198.246108] ? out_of_memory+0x14d0/0x14d0 [ 2198.250361] ? __handle_mm_fault+0x4460/0x4460 [ 2198.254959] mm_fault_error+0x1de/0x380 [ 2198.258988] __do_page_fault+0xd25/0xe50 [ 2198.263063] ? mm_fault_error+0x380/0x380 [ 2198.267223] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2198.272794] ? __x64_sys_clock_gettime+0x170/0x250 [ 2198.277735] ? __ia32_sys_clock_settime+0x290/0x290 [ 2198.282760] do_page_fault+0xf6/0x8c0 [ 2198.286564] ? vmalloc_sync_all+0x30/0x30 [ 2198.290704] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2198.296229] ? do_syscall_64+0x497/0x820 [ 2198.300286] ? syscall_slow_exit_work+0x500/0x500 [ 2198.305118] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2198.310041] ? syscall_return_slowpath+0x31d/0x5e0 [ 2198.314967] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2198.320490] ? retint_user+0x18/0x18 [ 2198.324202] ? page_fault+0x8/0x30 [ 2198.327727] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2198.332567] ? page_fault+0x8/0x30 [ 2198.336113] page_fault+0x1e/0x30 [ 2198.339551] RIP: 0033:0x46f8fd [ 2198.342724] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2198.361909] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2198.367266] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2198.374522] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2198.381781] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2198.389044] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2198.396575] R13: 0000000000a3fc20 R14: 0000000000000006 R15: 0000000000000001 [ 2198.404074] Task in /ile0 killed as a result of limit of /ile0 [ 2198.410131] memory: usage 24kB, limit 20kB, failcnt 7516 [ 2198.415635] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2198.422424] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2198.428610] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2198.448101] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2198.456895] [26132] 0 26132 17585 8732 131072 0 0 syz-executor5 [ 2198.465817] [26169] 0 26169 17585 8732 126976 0 0 syz-executor0 [ 2198.474743] [26174] 0 26174 17585 8731 131072 0 0 syz-executor6 07:52:42 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000140)="63402c1527702e70726f637300", 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) [ 2198.483650] Memory cgroup out of memory: Kill process 26132 (syz-executor5) score 1752800 or sacrifice child [ 2198.496759] Killed process 26132 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2198.509649] oom_reaper: reaped process 26132 (syz-executor5), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB [ 2198.523359] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2198.534781] syz-executor0 cpuset=/ mems_allowed=0 [ 2198.539914] CPU: 1 PID: 26169 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2198.547287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2198.556648] Call Trace: [ 2198.559250] dump_stack+0x1c9/0x2b4 [ 2198.562934] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2198.568144] ? trace_hardirqs_on+0x10/0x10 [ 2198.572404] dump_header+0x27b/0xf64 [ 2198.579029] ? pagefault_out_of_memory+0x197/0x197 [ 2198.583985] ? __lock_acquire+0x7fc/0x5020 [ 2198.588245] ? print_usage_bug+0xc0/0xc0 [ 2198.592303] ? graph_lock+0x170/0x170 [ 2198.596103] ? print_usage_bug+0xc0/0xc0 [ 2198.600172] ? trace_hardirqs_on+0x10/0x10 [ 2198.604413] ? print_usage_bug+0xc0/0xc0 [ 2198.608468] ? lock_downgrade+0x8f0/0x8f0 [ 2198.612609] ? mark_held_locks+0xc9/0x160 [ 2198.616746] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2198.621329] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2198.626438] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2198.631446] ? trace_hardirqs_on+0xd/0x10 [ 2198.635606] ? ___ratelimit+0xaa/0x655 [ 2198.639509] ? idr_get_free+0x10c0/0x10c0 [ 2198.643648] ? kasan_check_write+0x14/0x20 [ 2198.647871] ? do_raw_spin_lock+0xc1/0x200 [ 2198.652104] oom_kill_process.cold.25+0x10/0x10bc [ 2198.656957] ? oom_evaluate_task+0x540/0x540 [ 2198.661352] ? find_held_lock+0x36/0x1c0 [ 2198.665413] ? lock_downgrade+0x8f0/0x8f0 [ 2198.669555] ? kasan_check_read+0x11/0x20 [ 2198.673691] ? rcu_is_watching+0x8c/0x150 [ 2198.677823] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2198.682222] ? oom_badness+0xb00/0xb00 [ 2198.686097] ? rcu_read_unlock+0x35/0x70 [ 2198.690149] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2198.694372] ? css_task_iter_end+0x2ce/0x490 [ 2198.698767] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2198.703509] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2198.708526] ? trace_hardirqs_on+0xd/0x10 [ 2198.712662] ? _raw_spin_unlock_irq+0x27/0x70 [ 2198.717158] ? oom_badness+0xb00/0xb00 [ 2198.721041] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2198.725816] ? mem_cgroup_iter_break+0x30/0x30 [ 2198.730398] out_of_memory+0xa8a/0x14d0 [ 2198.734363] ? oom_killer_disable+0x3a0/0x3a0 [ 2198.738875] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2198.743898] ? trace_hardirqs_on+0xd/0x10 [ 2198.748065] mem_cgroup_out_of_memory+0x15e/0x210 [ 2198.752910] ? memcg_memory_event+0x40/0x40 [ 2198.757242] ? _raw_spin_unlock+0x22/0x30 [ 2198.761385] mem_cgroup_oom_synchronize+0x713/0x940 [ 2198.766392] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2198.771842] ? memcg_event_wake+0x450/0x450 [ 2198.776172] pagefault_out_of_memory+0xc8/0x197 [ 2198.780850] ? out_of_memory+0x14d0/0x14d0 [ 2198.785078] ? __handle_mm_fault+0x4460/0x4460 [ 2198.789648] mm_fault_error+0x1de/0x380 [ 2198.793621] __do_page_fault+0xd25/0xe50 [ 2198.797682] ? mm_fault_error+0x380/0x380 [ 2198.801819] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2198.807345] ? __x64_sys_clock_gettime+0x170/0x250 [ 2198.812267] ? __ia32_sys_clock_settime+0x290/0x290 [ 2198.817286] do_page_fault+0xf6/0x8c0 [ 2198.821081] ? vmalloc_sync_all+0x30/0x30 [ 2198.825227] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2198.830753] ? do_syscall_64+0x497/0x820 [ 2198.834801] ? syscall_slow_exit_work+0x500/0x500 [ 2198.839643] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2198.844581] ? syscall_return_slowpath+0x31d/0x5e0 [ 2198.849506] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2198.855046] ? retint_user+0x18/0x18 [ 2198.858762] ? page_fault+0x8/0x30 [ 2198.862308] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2198.867159] ? page_fault+0x8/0x30 [ 2198.870691] page_fault+0x1e/0x30 [ 2198.874131] RIP: 0033:0x46f8fd [ 2198.877304] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2198.896493] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2198.901853] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2198.909116] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2198.916373] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2198.923633] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2198.930892] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2198.938237] Task in /ile0 killed as a result of limit of /ile0 [ 2198.944313] memory: usage 24kB, limit 20kB, failcnt 7532 [ 2198.949850] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2198.956624] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2198.962786] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2198.982272] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2198.991126] [26169] 0 26169 17585 8732 126976 0 0 syz-executor0 [ 2198.999990] [26174] 0 26174 17618 8731 131072 0 0 syz-executor6 [ 2199.008886] Memory cgroup out of memory: Kill process 26174 (syz-executor6) score 1752600 or sacrifice child [ 2199.018945] Killed process 26174 (syz-executor6) total-vm:70472kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB [ 2199.032349] oom_reaper: reaped process 26174 (syz-executor6), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2199.053427] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2199.064366] syz-executor0 cpuset=/ mems_allowed=0 [ 2199.069295] CPU: 1 PID: 26169 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2199.076660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2199.086020] Call Trace: [ 2199.088611] dump_stack+0x1c9/0x2b4 [ 2199.092235] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2199.097418] ? trace_hardirqs_on+0x10/0x10 [ 2199.101645] dump_header+0x27b/0xf64 [ 2199.105357] ? pagefault_out_of_memory+0x197/0x197 [ 2199.110277] ? __lock_acquire+0x7fc/0x5020 [ 2199.114510] ? print_usage_bug+0xc0/0xc0 [ 2199.118573] ? graph_lock+0x170/0x170 [ 2199.122381] ? print_usage_bug+0xc0/0xc0 [ 2199.126438] ? trace_hardirqs_on+0x10/0x10 [ 2199.130669] ? print_usage_bug+0xc0/0xc0 [ 2199.134736] ? lock_downgrade+0x8f0/0x8f0 [ 2199.138890] ? mark_held_locks+0xc9/0x160 [ 2199.143036] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2199.147612] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2199.152707] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2199.157731] ? trace_hardirqs_on+0xd/0x10 [ 2199.161896] ? ___ratelimit+0xaa/0x655 [ 2199.165814] ? idr_get_free+0x10c0/0x10c0 [ 2199.170069] ? kasan_check_write+0x14/0x20 [ 2199.174315] ? do_raw_spin_lock+0xc1/0x200 [ 2199.178569] oom_kill_process.cold.25+0x10/0x10bc [ 2199.183414] ? oom_evaluate_task+0x540/0x540 [ 2199.187820] ? find_held_lock+0x36/0x1c0 [ 2199.191885] ? lock_downgrade+0x8f0/0x8f0 [ 2199.196035] ? kasan_check_read+0x11/0x20 [ 2199.200187] ? rcu_is_watching+0x8c/0x150 [ 2199.204325] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2199.208727] ? oom_badness+0xb00/0xb00 [ 2199.212615] ? rcu_read_unlock+0x35/0x70 [ 2199.216671] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2199.220910] ? css_task_iter_end+0x2ce/0x490 [ 2199.225312] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2199.230066] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2199.235074] ? trace_hardirqs_on+0xd/0x10 [ 2199.239227] ? _raw_spin_unlock_irq+0x27/0x70 [ 2199.243714] ? oom_badness+0xb00/0xb00 [ 2199.247593] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2199.252338] ? mem_cgroup_iter_break+0x30/0x30 [ 2199.256922] out_of_memory+0xa8a/0x14d0 [ 2199.260894] ? oom_killer_disable+0x3a0/0x3a0 [ 2199.265386] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2199.270393] ? trace_hardirqs_on+0xd/0x10 [ 2199.274545] mem_cgroup_out_of_memory+0x15e/0x210 [ 2199.279384] ? memcg_memory_event+0x40/0x40 [ 2199.283701] ? _raw_spin_unlock+0x22/0x30 [ 2199.287868] mem_cgroup_oom_synchronize+0x713/0x940 [ 2199.292878] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2199.298320] ? memcg_event_wake+0x450/0x450 [ 2199.302643] pagefault_out_of_memory+0xc8/0x197 [ 2199.307304] ? out_of_memory+0x14d0/0x14d0 [ 2199.311550] ? __handle_mm_fault+0x4460/0x4460 [ 2199.316122] mm_fault_error+0x1de/0x380 [ 2199.320094] __do_page_fault+0xd25/0xe50 [ 2199.324150] ? mm_fault_error+0x380/0x380 [ 2199.328293] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2199.333822] ? __x64_sys_clock_gettime+0x170/0x250 [ 2199.338759] ? __ia32_sys_clock_settime+0x290/0x290 [ 2199.343782] do_page_fault+0xf6/0x8c0 [ 2199.347588] ? vmalloc_sync_all+0x30/0x30 [ 2199.351729] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2199.357260] ? do_syscall_64+0x497/0x820 [ 2199.361311] ? syscall_slow_exit_work+0x500/0x500 [ 2199.366163] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2199.371104] ? syscall_return_slowpath+0x31d/0x5e0 [ 2199.376052] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2199.381587] ? retint_user+0x18/0x18 [ 2199.385292] ? page_fault+0x8/0x30 [ 2199.388846] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2199.393682] ? page_fault+0x8/0x30 [ 2199.397216] page_fault+0x1e/0x30 [ 2199.400665] RIP: 0033:0x46f8fd [ 2199.403841] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2199.423101] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2199.428457] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2199.435715] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2199.442984] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2199.450248] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2199.457507] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2199.464860] Task in /ile0 killed as a result of limit of /ile0 [ 2199.470928] memory: usage 24kB, limit 20kB, failcnt 7548 [ 2199.476416] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2199.483199] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2199.489367] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2199.508884] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2199.517687] [26169] 0 26169 17585 8732 126976 0 0 syz-executor0 [ 2199.526608] Memory cgroup out of memory: Kill process 26169 (syz-executor0) score 1752600 or sacrifice child [ 2199.536637] Killed process 26169 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:52:43 executing program 0: mkdir(&(0x7f0000000240)='./file0//ile0\x00', 0xfffffffffffffffd) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000180)='/dev/vsock\x00', 0x4, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000280)='cgroup.procs\x00', 0x2, 0x0) mincore(&(0x7f0000ffd000/0x3000)=nil, 0x3000, &(0x7f0000000000)=""/12) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:52:43 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6488]}}, 0x1c) 07:52:43 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x38, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:43 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x200013c0, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:43 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00`\x00'}, 0x2c) 07:52:43 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xfeffffff00000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:52:43 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) sendto$inet(r0, &(0x7f0000000280)="4c77d90479919e0c34048eff42c742370cf87ebf615eb049967c436f3c854cca4d1ce2f21b9a2d48dcee4268548c161116b3460b7803f405da406f2e3d0881995c2e83dc801497ccbbe1b7ddf24194e8afed17dfe926344e800339b1189d297b38995ea0e5fc4c4654aff657361dcd8deb713d614435fe3c6d7e280be8a4bd74168b227ad162a5f97dfba6856d93db8e178ef96fd10f95ae238236cb9021cf4c62417c43d14a52e9b0ae6c4b49123a586faedcc83c171a980571c03ec2bf75543a15fc7d6eeb16c310fce8c1c53d72a9a8f792ad22f2a5b182df352535fecca5cd86c208be2b8761073e6ae4be8e674431c87c", 0xf3, 0x20000804, 0x0, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) 07:52:43 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000280)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1e70200000000000000010000000000000006000000000000000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x40020200) [ 2199.548849] oom_reaper: reaped process 26169 (syz-executor0), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2199.630904] net_ratelimit: 5 callbacks suppressed [ 2199.630912] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2199.660394] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2199.671380] syz-executor5 cpuset=/ mems_allowed=0 [ 2199.673684] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2199.676402] CPU: 1 PID: 26199 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2199.676410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2199.676414] Call Trace: [ 2199.676437] dump_stack+0x1c9/0x2b4 [ 2199.676456] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2199.676476] ? trace_hardirqs_on+0x10/0x10 [ 2199.676493] dump_header+0x27b/0xf64 [ 2199.676515] ? pagefault_out_of_memory+0x197/0x197 [ 2199.676531] ? __lock_acquire+0x7fc/0x5020 [ 2199.676549] ? print_usage_bug+0xc0/0xc0 [ 2199.676572] ? graph_lock+0x170/0x170 [ 2199.676586] ? print_usage_bug+0xc0/0xc0 [ 2199.676605] ? trace_hardirqs_on+0x10/0x10 [ 2199.676628] ? print_usage_bug+0xc0/0xc0 [ 2199.676652] ? lock_downgrade+0x8f0/0x8f0 [ 2199.676676] ? mark_held_locks+0xc9/0x160 [ 2199.676689] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2199.676705] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2199.676723] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2199.676738] ? trace_hardirqs_on+0xd/0x10 [ 2199.676755] ? ___ratelimit+0xaa/0x655 [ 2199.676771] ? idr_get_free+0x10c0/0x10c0 [ 2199.676786] ? kasan_check_write+0x14/0x20 [ 2199.676812] ? do_raw_spin_lock+0xc1/0x200 [ 2199.676831] oom_kill_process.cold.25+0x10/0x10bc [ 2199.676860] ? oom_evaluate_task+0x540/0x540 [ 2199.702566] IPVS: ftp: loaded support on port[0] = 21 [ 2199.708226] ? find_held_lock+0x36/0x1c0 [ 2199.708253] ? lock_downgrade+0x8f0/0x8f0 [ 2199.708276] ? kasan_check_read+0x11/0x20 [ 2199.708288] ? rcu_is_watching+0x8c/0x150 [ 2199.708300] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2199.708317] ? oom_badness+0xb00/0xb00 [ 2199.708335] ? rcu_read_unlock+0x35/0x70 [ 2199.708345] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2199.708365] ? css_task_iter_end+0x2ce/0x490 [ 2199.764720] IPVS: ftp: loaded support on port[0] = 21 [ 2199.765467] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2199.765482] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2199.765495] ? trace_hardirqs_on+0xd/0x10 [ 2199.765508] ? _raw_spin_unlock_irq+0x27/0x70 [ 2199.765524] ? oom_badness+0xb00/0xb00 07:52:43 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)="6367726f83702e70736f637300", 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) ioctl$SG_GET_LOW_DMA(r0, 0x227a, &(0x7f0000000000)) unshare(0x4000000) 07:52:43 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00z\x00'}, 0x2c) 07:52:44 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000007fffffff00"}, 0x2c) [ 2199.880144] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2199.884912] ? mem_cgroup_iter_break+0x30/0x30 [ 2199.889517] out_of_memory+0xa8a/0x14d0 [ 2199.893509] ? oom_killer_disable+0x3a0/0x3a0 [ 2199.898021] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2199.903052] ? trace_hardirqs_on+0xd/0x10 [ 2199.907216] mem_cgroup_out_of_memory+0x15e/0x210 [ 2199.912070] ? memcg_memory_event+0x40/0x40 [ 2199.916403] ? _raw_spin_unlock+0x22/0x30 [ 2199.920564] mem_cgroup_oom_synchronize+0x713/0x940 [ 2199.925596] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 07:52:44 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000300"}, 0x2c) 07:52:44 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) ioctl$ASHMEM_GET_SIZE(r0, 0x7704, 0x0) unshare(0x4000000) [ 2199.931077] ? memcg_event_wake+0x450/0x450 [ 2199.935425] pagefault_out_of_memory+0xc8/0x197 [ 2199.940105] ? out_of_memory+0x14d0/0x14d0 [ 2199.944357] ? __handle_mm_fault+0x4460/0x4460 [ 2199.949041] mm_fault_error+0x1de/0x380 [ 2199.953030] __do_page_fault+0xd25/0xe50 [ 2199.957135] ? mm_fault_error+0x380/0x380 [ 2199.961648] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2199.967197] ? __x64_sys_clock_gettime+0x170/0x250 [ 2199.972135] ? __ia32_sys_clock_settime+0x290/0x290 [ 2199.977163] do_page_fault+0xf6/0x8c0 07:52:44 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71001100"}, 0x2c) 07:52:44 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00L\x00'}, 0x2c) [ 2199.980974] ? vmalloc_sync_all+0x30/0x30 [ 2199.985131] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2199.990677] ? do_syscall_64+0x497/0x820 [ 2199.994751] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2199.999700] ? syscall_return_slowpath+0x31d/0x5e0 [ 2200.004645] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2200.010021] ? page_fault+0x8/0x30 [ 2200.013573] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2200.018423] ? page_fault+0x8/0x30 [ 2200.021967] page_fault+0x1e/0x30 [ 2200.025420] RIP: 0033:0x46f8fd 07:52:44 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100001100"}, 0x2c) 07:52:44 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x4a, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2200.028607] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2200.048355] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2200.053735] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2200.061017] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2200.068297] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2200.075581] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2200.082865] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2200.090320] Task in /ile0 killed as a result of limit of /ile0 [ 2200.096394] memory: usage 24kB, limit 20kB, failcnt 7580 [ 2200.101913] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2200.108707] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2200.114911] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2200.134439] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2200.143287] [26199] 0 26199 17585 8732 131072 0 0 syz-executor5 [ 2200.152192] Memory cgroup out of memory: Kill process 26199 (syz-executor5) score 1752800 or sacrifice child [ 2200.162264] Killed process 26199 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:52:44 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34000]}}, 0x1c) 07:52:44 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x111, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:44 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r0, 0x84, 0x1b, &(0x7f0000000140)={0x0, 0x48, "fe41890d08c12a187fc97f25246fb7ee21ffbd433fda037644e226137cfef76af151758c901a96f4c8b510bcfe80db0ecb61ff5e522f05087c6625e342f90862338e60e4aae1ea84"}, &(0x7f0000000000)=0x50) setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000280)={r2, 0x5f, 0x7, 0x2}, 0x10) 07:52:44 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\a\x00'}, 0x2c) 07:52:44 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) write$cgroup_pid(r0, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:52:44 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000280)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1e70200000000000000010000000000000006000000000000000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) rmdir(&(0x7f0000000140)='./file0\x00') unshare(0x40020200) 07:52:44 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x157, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:44 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xffffffc3}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2200.322697] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2200.336174] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2200.349046] syz-executor5 cpuset=/ mems_allowed=0 [ 2200.353973] CPU: 1 PID: 26259 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2200.361339] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 07:52:44 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x13a, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2200.370704] Call Trace: [ 2200.373323] dump_stack+0x1c9/0x2b4 [ 2200.376968] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2200.382170] ? trace_hardirqs_on+0x10/0x10 [ 2200.386422] dump_header+0x27b/0xf64 [ 2200.390151] ? pagefault_out_of_memory+0x197/0x197 [ 2200.395098] ? __lock_acquire+0x7fc/0x5020 [ 2200.399350] ? print_usage_bug+0xc0/0xc0 [ 2200.403427] ? graph_lock+0x170/0x170 [ 2200.407239] ? print_usage_bug+0xc0/0xc0 [ 2200.411315] ? trace_hardirqs_on+0x10/0x10 [ 2200.415569] ? print_usage_bug+0xc0/0xc0 07:52:44 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00h\x00'}, 0x2c) [ 2200.419653] ? lock_downgrade+0x8f0/0x8f0 [ 2200.423825] ? mark_held_locks+0xc9/0x160 [ 2200.427977] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2200.432572] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2200.437692] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2200.442718] ? trace_hardirqs_on+0xd/0x10 [ 2200.446884] ? ___ratelimit+0xaa/0x655 [ 2200.450784] ? idr_get_free+0x10c0/0x10c0 [ 2200.454940] ? kasan_check_write+0x14/0x20 [ 2200.459184] ? do_raw_spin_lock+0xc1/0x200 [ 2200.463479] oom_kill_process.cold.25+0x10/0x10bc [ 2200.468366] ? oom_evaluate_task+0x540/0x540 07:52:44 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = add_key(&(0x7f0000000140)='id_resolver\x00', &(0x7f0000000180)={0x73, 0x79, 0x7a, 0x2}, &(0x7f0000000280)="bbcf83b3920051c541a93d68da938462eceb8a83a46ff72186936facad57a8cc467809db22d624f31313b8892b75d51ca662df64ea6f3ff84af568c5f98fef7f8546b6c44688ea9e276fe41dff6b69be2d2f179bcf758ac522f5c62cb25f483a59e8e52e4360180d9800b406f7ebebc289bebfe289109ff79ebde461df792b765acf25fb149968dbe60641ba9b29d742659bf802be90b21f06f270960657f05cad485667ff19fce22c49fb3f3e3cbbbfe95805e294c0c44d874a460f23ace2ddb64fc540afaf53eab9c3ce8104e3030a06322d0e1b7f2cd7c447d61171cfdc6fb2fd7147bf8369b2a68f14b2", 0xec, 0xffffffffffffffff) keyctl$get_security(0x11, r0, &(0x7f0000000380)=""/208, 0xd0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000480)="6367626f75706e70726fff7300", 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x4000000) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r1, 0x10e, 0x8, &(0x7f0000000000)=0x3, 0x4) 07:52:44 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00L\x00'}, 0x2c) [ 2200.472777] ? find_held_lock+0x36/0x1c0 [ 2200.476856] ? lock_downgrade+0x8f0/0x8f0 [ 2200.481018] ? kasan_check_read+0x11/0x20 [ 2200.485172] ? rcu_is_watching+0x8c/0x150 [ 2200.489324] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2200.493752] ? oom_badness+0xb00/0xb00 [ 2200.497652] ? rcu_read_unlock+0x35/0x70 [ 2200.501720] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2200.505970] ? css_task_iter_end+0x2ce/0x490 [ 2200.510394] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2200.515160] ? trace_hardirqs_on_caller+0x421/0x5c0 07:52:44 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000000001100"}, 0x2c) 07:52:44 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00L\x00'}, 0x2c) [ 2200.520187] ? trace_hardirqs_on+0xd/0x10 [ 2200.524342] ? _raw_spin_unlock_irq+0x27/0x70 [ 2200.528846] ? oom_badness+0xb00/0xb00 [ 2200.532751] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2200.537514] ? mem_cgroup_iter_break+0x30/0x30 [ 2200.542381] out_of_memory+0xa8a/0x14d0 [ 2200.546369] ? oom_killer_disable+0x3a0/0x3a0 [ 2200.550875] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2200.555896] ? trace_hardirqs_on+0xd/0x10 [ 2200.560060] mem_cgroup_out_of_memory+0x15e/0x210 [ 2200.564913] ? memcg_memory_event+0x40/0x40 [ 2200.569248] ? _raw_spin_unlock+0x22/0x30 07:52:44 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000100"}, 0x2c) [ 2200.573409] mem_cgroup_oom_synchronize+0x713/0x940 [ 2200.578433] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2200.583886] ? memcg_event_wake+0x450/0x450 [ 2200.588225] pagefault_out_of_memory+0xc8/0x197 [ 2200.592897] ? out_of_memory+0x14d0/0x14d0 [ 2200.597148] ? __handle_mm_fault+0x4460/0x4460 [ 2200.601744] mm_fault_error+0x1de/0x380 [ 2200.605769] __do_page_fault+0xd25/0xe50 [ 2200.609842] ? mm_fault_error+0x380/0x380 [ 2200.613997] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 07:52:44 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00h\x00'}, 0x2c) [ 2200.619544] ? __x64_sys_clock_gettime+0x170/0x250 [ 2200.624476] ? __ia32_sys_clock_settime+0x290/0x290 [ 2200.629504] do_page_fault+0xf6/0x8c0 [ 2200.633321] ? vmalloc_sync_all+0x30/0x30 [ 2200.637742] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2200.643291] ? do_syscall_64+0x497/0x820 [ 2200.647382] ? syscall_slow_exit_work+0x500/0x500 [ 2200.652237] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2200.657179] ? syscall_return_slowpath+0x31d/0x5e0 [ 2200.662241] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2200.667614] ? page_fault+0x8/0x30 [ 2200.671162] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2200.676015] ? page_fault+0x8/0x30 [ 2200.679563] page_fault+0x1e/0x30 [ 2200.683023] RIP: 0033:0x40e33f [ 2200.686213] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2200.705556] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2200.710932] RAX: 00007f1884d92000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2200.718206] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2200.725461] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2200.732724] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2200.739989] R13: 00007f1884db2700 R14: 0000000000000003 R15: 0000000000000001 [ 2200.747328] Task in /ile0 killed as a result of limit of /ile0 [ 2200.753403] memory: usage 24kB, limit 20kB, failcnt 7612 [ 2200.758890] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2200.765662] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2200.771826] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2200.791338] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2200.800188] [26259] 0 26259 17618 8732 131072 0 0 syz-executor5 [ 2200.809072] [26262] 0 26262 17585 8731 131072 0 0 syz-executor6 [ 2200.817950] Memory cgroup out of memory: Kill process 26259 (syz-executor5) score 1752800 or sacrifice child [ 2200.827990] Killed process 26259 (syz-executor5) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2200.857650] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2200.906466] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2200.917714] syz-executor6 cpuset=/ mems_allowed=0 [ 2200.922648] CPU: 1 PID: 26262 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2200.930012] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2200.939369] Call Trace: [ 2200.941966] dump_stack+0x1c9/0x2b4 [ 2200.945605] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2200.950809] ? trace_hardirqs_on+0x10/0x10 07:52:45 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000]}}, 0x1c) 07:52:45 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100008400"}, 0x2c) 07:52:45 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x9c, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:45 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1ac, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:45 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x10000000000) ioctl$VHOST_SET_VRING_NUM(r0, 0x4008af10, &(0x7f0000000000)={0x3, 0x4}) 07:52:45 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) setsockopt$inet6_mtu(r0, 0x29, 0x17, &(0x7f0000000000)=0x3, 0x4) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) [ 2200.955057] dump_header+0x27b/0xf64 [ 2200.958785] ? pagefault_out_of_memory+0x197/0x197 [ 2200.963720] ? __lock_acquire+0x7fc/0x5020 [ 2200.967962] ? print_usage_bug+0xc0/0xc0 [ 2200.972034] ? graph_lock+0x170/0x170 [ 2200.975846] ? print_usage_bug+0xc0/0xc0 [ 2200.979911] ? trace_hardirqs_on+0x10/0x10 [ 2200.984154] ? print_usage_bug+0xc0/0xc0 [ 2200.988229] ? lock_downgrade+0x8f0/0x8f0 [ 2200.992387] ? mark_held_locks+0xc9/0x160 [ 2200.996544] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2201.001138] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2201.006261] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2201.011296] ? trace_hardirqs_on+0xd/0x10 [ 2201.015461] ? ___ratelimit+0xaa/0x655 [ 2201.019360] ? idr_get_free+0x10c0/0x10c0 [ 2201.023519] ? kasan_check_write+0x14/0x20 [ 2201.027764] ? do_raw_spin_lock+0xc1/0x200 [ 2201.032013] oom_kill_process.cold.25+0x10/0x10bc [ 2201.036880] ? oom_evaluate_task+0x540/0x540 [ 2201.041307] ? find_held_lock+0x36/0x1c0 [ 2201.045400] ? lock_downgrade+0x8f0/0x8f0 [ 2201.049574] ? kasan_check_read+0x11/0x20 [ 2201.053728] ? rcu_is_watching+0x8c/0x150 [ 2201.057880] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2201.062304] ? oom_badness+0xb00/0xb00 [ 2201.066203] ? rcu_read_unlock+0x35/0x70 [ 2201.070268] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2201.074511] ? css_task_iter_end+0x2ce/0x490 [ 2201.078929] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2201.083696] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2201.088722] ? trace_hardirqs_on+0xd/0x10 [ 2201.092870] ? _raw_spin_unlock_irq+0x27/0x70 [ 2201.097366] ? oom_badness+0xb00/0xb00 [ 2201.101258] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2201.106020] ? mem_cgroup_iter_break+0x30/0x30 [ 2201.110626] out_of_memory+0xa8a/0x14d0 [ 2201.114611] ? oom_killer_disable+0x3a0/0x3a0 [ 2201.119141] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2201.124428] ? trace_hardirqs_on+0xd/0x10 [ 2201.128595] mem_cgroup_out_of_memory+0x15e/0x210 [ 2201.133449] ? memcg_memory_event+0x40/0x40 [ 2201.137787] ? _raw_spin_unlock+0x22/0x30 [ 2201.141949] mem_cgroup_oom_synchronize+0x713/0x940 [ 2201.146983] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2201.152444] ? memcg_event_wake+0x450/0x450 [ 2201.156791] pagefault_out_of_memory+0xc8/0x197 [ 2201.161464] ? out_of_memory+0x14d0/0x14d0 [ 2201.165712] ? __handle_mm_fault+0x4460/0x4460 [ 2201.170300] mm_fault_error+0x1de/0x380 [ 2201.174286] __do_page_fault+0xd25/0xe50 [ 2201.178361] ? mm_fault_error+0x380/0x380 [ 2201.182512] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2201.188051] ? __x64_sys_clock_gettime+0x170/0x250 [ 2201.192989] ? __ia32_sys_clock_settime+0x290/0x290 [ 2201.198012] do_page_fault+0xf6/0x8c0 [ 2201.201819] ? vmalloc_sync_all+0x30/0x30 [ 2201.205972] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2201.211510] ? do_syscall_64+0x497/0x820 [ 2201.215576] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2201.220510] ? syscall_return_slowpath+0x31d/0x5e0 [ 2201.225464] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2201.230836] ? page_fault+0x8/0x30 [ 2201.234383] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2201.239231] ? page_fault+0x8/0x30 [ 2201.242778] page_fault+0x1e/0x30 [ 2201.246230] RIP: 0033:0x40e33f [ 2201.249412] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2201.268783] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2201.274150] RAX: 00007f6dcd123000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2201.281446] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2201.288716] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2201.296005] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2201.303280] R13: 00007f6dcd143700 R14: 0000000000000003 R15: 0000000000000001 [ 2201.310815] Task in /ile0 killed as a result of limit of /ile0 [ 2201.316881] memory: usage 24kB, limit 20kB, failcnt 7640 [ 2201.322394] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2201.329179] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2201.335380] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2201.354887] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2201.363741] [26262] 0 26262 17618 8731 131072 0 0 syz-executor6 [ 2201.372637] [26311] 0 26311 17618 8732 131072 0 0 syz-executor5 [ 2201.381536] Memory cgroup out of memory: Kill process 26262 (syz-executor6) score 1752600 or sacrifice child [ 2201.391582] Killed process 26262 (syz-executor6) total-vm:70472kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB 07:52:45 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000280)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1e70200000000000000010000000000000006000000000000000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r0, 0x84, 0x18, &(0x7f0000000140)={0x0, 0x6}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f00000002c0)=ANY=[@ANYRES32=r3, @ANYBLOB="660000000a1b6a82ec1c207c431f56595fc42227f443ddbcad2bc09dbec4548a5dc4d6b52fa99a1b391a3daa476b2e2649c2fcd970eb4ba2c12e719452823cec0e31d44bd444cfa35ec4fd7c0b4b709b3bc9793fa4e78c6c38386d89938358e10af10000000000000000"], &(0x7f0000000340)=0x6e) unshare(0x40020200) 07:52:45 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00L\x00'}, 0x2c) 07:52:45 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x60}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2201.493605] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2201.505046] syz-executor5 cpuset=/ mems_allowed=0 [ 2201.509982] CPU: 0 PID: 26311 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2201.517346] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2201.526700] Call Trace: [ 2201.529292] dump_stack+0x1c9/0x2b4 [ 2201.532926] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2201.538127] ? trace_hardirqs_on+0x10/0x10 [ 2201.542380] dump_header+0x27b/0xf64 [ 2201.546104] ? pagefault_out_of_memory+0x197/0x197 [ 2201.551090] ? __lock_acquire+0x7fc/0x5020 [ 2201.555336] ? print_usage_bug+0xc0/0xc0 [ 2201.559410] ? graph_lock+0x170/0x170 [ 2201.563213] ? print_usage_bug+0xc0/0xc0 [ 2201.567281] ? trace_hardirqs_on+0x10/0x10 [ 2201.571524] ? print_usage_bug+0xc0/0xc0 [ 2201.575600] ? lock_downgrade+0x8f0/0x8f0 [ 2201.579755] ? mark_held_locks+0xc9/0x160 [ 2201.583903] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2201.588492] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2201.593612] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2201.598633] ? trace_hardirqs_on+0xd/0x10 [ 2201.602784] ? ___ratelimit+0xaa/0x655 [ 2201.606676] ? idr_get_free+0x10c0/0x10c0 [ 2201.610827] ? kasan_check_write+0x14/0x20 [ 2201.615061] ? do_raw_spin_lock+0xc1/0x200 [ 2201.619340] oom_kill_process.cold.25+0x10/0x10bc [ 2201.624200] ? oom_evaluate_task+0x540/0x540 [ 2201.628609] ? find_held_lock+0x36/0x1c0 [ 2201.632682] ? lock_downgrade+0x8f0/0x8f0 [ 2201.636838] ? kasan_check_read+0x11/0x20 [ 2201.640989] ? rcu_is_watching+0x8c/0x150 [ 2201.645144] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2201.649559] ? oom_badness+0xb00/0xb00 [ 2201.653454] ? rcu_read_unlock+0x35/0x70 [ 2201.657516] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2201.661752] ? css_task_iter_end+0x2ce/0x490 [ 2201.666178] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2201.670934] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2201.675952] ? trace_hardirqs_on+0xd/0x10 [ 2201.680102] ? _raw_spin_unlock_irq+0x27/0x70 [ 2201.684625] ? oom_badness+0xb00/0xb00 [ 2201.688518] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2201.693277] ? mem_cgroup_iter_break+0x30/0x30 [ 2201.697879] out_of_memory+0xa8a/0x14d0 [ 2201.701864] ? oom_killer_disable+0x3a0/0x3a0 [ 2201.706363] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2201.711385] ? trace_hardirqs_on+0xd/0x10 [ 2201.715546] mem_cgroup_out_of_memory+0x15e/0x210 [ 2201.720398] ? memcg_memory_event+0x40/0x40 [ 2201.724742] ? _raw_spin_unlock+0x22/0x30 [ 2201.728900] mem_cgroup_oom_synchronize+0x713/0x940 [ 2201.733924] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2201.739377] ? memcg_event_wake+0x450/0x450 [ 2201.743710] pagefault_out_of_memory+0xc8/0x197 [ 2201.748382] ? out_of_memory+0x14d0/0x14d0 [ 2201.752623] ? __handle_mm_fault+0x4460/0x4460 [ 2201.757207] mm_fault_error+0x1de/0x380 [ 2201.761187] __do_page_fault+0xd25/0xe50 [ 2201.765257] ? mm_fault_error+0x380/0x380 [ 2201.769409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2201.774956] ? __x64_sys_clock_gettime+0x170/0x250 [ 2201.779885] ? __ia32_sys_clock_settime+0x290/0x290 [ 2201.784910] do_page_fault+0xf6/0x8c0 [ 2201.788712] ? vmalloc_sync_all+0x30/0x30 [ 2201.792862] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2201.798400] ? do_syscall_64+0x497/0x820 [ 2201.802470] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2201.807407] ? syscall_return_slowpath+0x31d/0x5e0 [ 2201.812344] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2201.817889] ? retint_user+0x18/0x18 [ 2201.821609] ? page_fault+0x8/0x30 [ 2201.825161] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2201.830011] ? page_fault+0x8/0x30 [ 2201.833580] page_fault+0x1e/0x30 [ 2201.837051] RIP: 0033:0x40e33f [ 2201.840249] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2201.859608] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2201.864973] RAX: 00007f1884d92000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2201.872240] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2201.879507] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2201.886792] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2201.894060] R13: 00007f1884db2700 R14: 0000000000000003 R15: 0000000000000001 [ 2201.901436] Task in /ile0 killed as a result of limit of /ile0 [ 2201.907664] memory: usage 24kB, limit 20kB, failcnt 7648 [ 2201.913180] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2201.919975] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2201.926166] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2201.945699] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2201.954552] [26311] 0 26311 17618 8732 131072 0 0 syz-executor5 [ 2201.963484] [26323] 0 26323 17585 8732 126976 0 0 syz-executor0 [ 2201.968598] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:52:46 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100), 0x12) syz_genetlink_get_family_id$team(&(0x7f0000000000)='team\x00') unshare(0x400) [ 2201.972395] Memory cgroup out of memory: Kill process 26311 (syz-executor5) score 1752800 or sacrifice child [ 2201.972443] Killed process 26311 (syz-executor5) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2202.037410] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2202.060291] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2202.071270] syz-executor0 cpuset=/ mems_allowed=0 [ 2202.076223] CPU: 0 PID: 26323 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2202.083587] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2202.093121] Call Trace: [ 2202.095725] dump_stack+0x1c9/0x2b4 [ 2202.099372] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2202.104601] ? trace_hardirqs_on+0x10/0x10 [ 2202.108851] dump_header+0x27b/0xf64 [ 2202.112581] ? pagefault_out_of_memory+0x197/0x197 [ 2202.117529] ? __lock_acquire+0x7fc/0x5020 [ 2202.121781] ? print_usage_bug+0xc0/0xc0 [ 2202.125870] ? graph_lock+0x170/0x170 [ 2202.129684] ? print_usage_bug+0xc0/0xc0 [ 2202.133758] ? trace_hardirqs_on+0x10/0x10 [ 2202.138035] ? print_usage_bug+0xc0/0xc0 [ 2202.142125] ? lock_downgrade+0x8f0/0x8f0 [ 2202.146301] ? mark_held_locks+0xc9/0x160 [ 2202.150461] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2202.155053] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2202.160175] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2202.165207] ? trace_hardirqs_on+0xd/0x10 [ 2202.169369] ? ___ratelimit+0xaa/0x655 [ 2202.173263] ? idr_get_free+0x10c0/0x10c0 [ 2202.177419] ? kasan_check_write+0x14/0x20 [ 2202.181655] ? do_raw_spin_lock+0xc1/0x200 [ 2202.185912] oom_kill_process.cold.25+0x10/0x10bc [ 2202.190783] ? oom_evaluate_task+0x540/0x540 [ 2202.195198] ? find_held_lock+0x36/0x1c0 [ 2202.199280] ? lock_downgrade+0x8f0/0x8f0 [ 2202.203437] ? kasan_check_read+0x11/0x20 [ 2202.207587] ? rcu_is_watching+0x8c/0x150 [ 2202.211746] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2202.216165] ? oom_badness+0xb00/0xb00 [ 2202.220057] ? rcu_read_unlock+0x35/0x70 [ 2202.224122] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2202.228363] ? css_task_iter_end+0x2ce/0x490 [ 2202.232777] ? mem_cgroup_nr_lru_pages+0x80/0x80 07:52:46 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00H\x00'}, 0x2c) 07:52:46 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x8c, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:46 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x189, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:46 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) socketpair$inet_udplite(0x2, 0x2, 0x88, &(0x7f0000000000)) socket$nl_xfrm(0x10, 0x3, 0x6) [ 2202.237542] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2202.242562] ? trace_hardirqs_on+0xd/0x10 [ 2202.246710] ? _raw_spin_unlock_irq+0x27/0x70 [ 2202.251209] ? oom_badness+0xb00/0xb00 [ 2202.255101] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2202.259861] ? mem_cgroup_iter_break+0x30/0x30 [ 2202.264461] out_of_memory+0xa8a/0x14d0 [ 2202.268444] ? oom_killer_disable+0x3a0/0x3a0 [ 2202.273466] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2202.278498] ? trace_hardirqs_on+0xd/0x10 [ 2202.282668] mem_cgroup_out_of_memory+0x15e/0x210 07:52:46 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\t\x00'}, 0x2c) [ 2202.287529] ? memcg_memory_event+0x40/0x40 [ 2202.291872] ? _raw_spin_unlock+0x22/0x30 [ 2202.296040] mem_cgroup_oom_synchronize+0x713/0x940 [ 2202.301078] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2202.306539] ? memcg_event_wake+0x450/0x450 [ 2202.310889] pagefault_out_of_memory+0xc8/0x197 [ 2202.315571] ? out_of_memory+0x14d0/0x14d0 [ 2202.319824] ? __handle_mm_fault+0x4460/0x4460 [ 2202.324416] mm_fault_error+0x1de/0x380 [ 2202.328405] __do_page_fault+0xd25/0xe50 [ 2202.332487] ? mm_fault_error+0x380/0x380 07:52:46 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00`\x00'}, 0x2c) [ 2202.337154] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2202.342701] ? __x64_sys_clock_gettime+0x170/0x250 [ 2202.347645] ? __ia32_sys_clock_settime+0x290/0x290 [ 2202.352679] do_page_fault+0xf6/0x8c0 [ 2202.356489] ? vmalloc_sync_all+0x30/0x30 [ 2202.360669] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2202.366217] ? do_syscall_64+0x497/0x820 [ 2202.370287] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2202.375226] ? syscall_return_slowpath+0x31d/0x5e0 [ 2202.380167] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2202.385548] ? page_fault+0x8/0x30 [ 2202.389108] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2202.393969] ? page_fault+0x8/0x30 [ 2202.397517] page_fault+0x1e/0x30 [ 2202.400971] RIP: 0033:0x46f8fd [ 2202.404156] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2202.423510] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2202.428894] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2202.436177] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2202.443462] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2202.450744] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2202.458025] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2202.465552] Task in /ile0 killed as a result of limit of /ile0 [ 2202.471633] memory: usage 24kB, limit 20kB, failcnt 7692 [ 2202.477127] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2202.483938] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2202.490120] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2202.509623] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2202.518443] [26323] 0 26323 17585 8732 126976 0 0 syz-executor0 [ 2202.527360] [26338] 0 26338 17585 8731 131072 0 0 syz-executor6 [ 2202.536256] Memory cgroup out of memory: Kill process 26323 (syz-executor0) score 1752600 or sacrifice child [ 2202.546315] Killed process 26323 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2202.558215] oom_reaper: reaped process 26323 (syz-executor0), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2202.683803] socket: no more sockets [ 2202.689526] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2202.700473] syz-executor6 cpuset=/ mems_allowed=0 [ 2202.705419] CPU: 1 PID: 26338 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2202.712781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2202.722142] Call Trace: [ 2202.724746] dump_stack+0x1c9/0x2b4 [ 2202.728390] ? dump_stack_print_info.cold.2+0x52/0x52 07:52:46 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86ddffff]}}, 0x1c) 07:52:46 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00 \x00'}, 0x2c) 07:52:46 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1db, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:46 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x5e, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:46 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x2, 0x0) getpeername(r0, &(0x7f0000000280)=@ethernet={0x0, @remote}, &(0x7f0000000300)=0x80) r1 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0xffff, 0x400) bind$bt_rfcomm(r1, &(0x7f0000000140)={0x1f, {0x2, 0x0, 0x6, 0x1, 0x9, 0x1}, 0x81}, 0xa) r2 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:52:46 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x9}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2202.733591] ? trace_hardirqs_on+0x10/0x10 [ 2202.737835] dump_header+0x27b/0xf64 [ 2202.741567] ? pagefault_out_of_memory+0x197/0x197 [ 2202.746507] ? __lock_acquire+0x7fc/0x5020 [ 2202.750753] ? print_usage_bug+0xc0/0xc0 [ 2202.754831] ? graph_lock+0x170/0x170 [ 2202.758673] ? print_usage_bug+0xc0/0xc0 [ 2202.762745] ? trace_hardirqs_on+0x10/0x10 [ 2202.766995] ? print_usage_bug+0xc0/0xc0 [ 2202.771075] ? lock_downgrade+0x8f0/0x8f0 [ 2202.775245] ? mark_held_locks+0xc9/0x160 [ 2202.779400] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2202.783999] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2202.789119] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2202.794153] ? trace_hardirqs_on+0xd/0x10 [ 2202.798346] ? ___ratelimit+0xaa/0x655 [ 2202.802255] ? idr_get_free+0x10c0/0x10c0 [ 2202.806417] ? kasan_check_write+0x14/0x20 [ 2202.806836] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2202.810674] ? do_raw_spin_lock+0xc1/0x200 [ 2202.810696] oom_kill_process.cold.25+0x10/0x10bc [ 2202.810722] ? oom_evaluate_task+0x540/0x540 [ 2202.810736] ? find_held_lock+0x36/0x1c0 [ 2202.810761] ? lock_downgrade+0x8f0/0x8f0 [ 2202.810781] ? kasan_check_read+0x11/0x20 [ 2202.810793] ? rcu_is_watching+0x8c/0x150 [ 2202.810805] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2202.810821] ? oom_badness+0xb00/0xb00 [ 2202.810838] ? rcu_read_unlock+0x35/0x70 [ 2202.810850] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2202.810864] ? css_task_iter_end+0x2ce/0x490 [ 2202.810881] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2202.810895] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2202.810911] ? trace_hardirqs_on+0xd/0x10 [ 2202.810926] ? _raw_spin_unlock_irq+0x27/0x70 [ 2202.810940] ? oom_badness+0xb00/0xb00 [ 2202.810956] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2202.810969] ? mem_cgroup_iter_break+0x30/0x30 [ 2202.810994] out_of_memory+0xa8a/0x14d0 [ 2202.869946] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2202.872129] ? oom_killer_disable+0x3a0/0x3a0 [ 2202.872151] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2202.872167] ? trace_hardirqs_on+0xd/0x10 [ 2202.872192] mem_cgroup_out_of_memory+0x15e/0x210 [ 2202.872208] ? memcg_memory_event+0x40/0x40 [ 2202.872228] ? _raw_spin_unlock+0x22/0x30 [ 2202.872246] mem_cgroup_oom_synchronize+0x713/0x940 [ 2202.872261] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2202.872275] ? memcg_event_wake+0x450/0x450 [ 2202.872301] pagefault_out_of_memory+0xc8/0x197 [ 2202.872315] ? out_of_memory+0x14d0/0x14d0 [ 2202.872337] ? __handle_mm_fault+0x4460/0x4460 [ 2202.872354] mm_fault_error+0x1de/0x380 [ 2202.872373] __do_page_fault+0xd25/0xe50 [ 2202.872393] ? mm_fault_error+0x380/0x380 [ 2202.872411] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2202.872425] ? __x64_sys_clock_gettime+0x170/0x250 [ 2202.872440] ? __ia32_sys_clock_settime+0x290/0x290 [ 2202.872457] do_page_fault+0xf6/0x8c0 [ 2202.872472] ? vmalloc_sync_all+0x30/0x30 [ 2202.872487] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2202.872502] ? do_syscall_64+0x497/0x820 [ 2202.872521] ? syscall_slow_exit_work+0x500/0x500 [ 2202.872538] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2202.872554] ? syscall_return_slowpath+0x31d/0x5e0 [ 2202.872572] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2202.872590] ? page_fault+0x8/0x30 [ 2202.879856] IPVS: set_ctl: invalid protocol: 0 172.20.20.0:0 [ 2202.881746] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2202.881765] ? page_fault+0x8/0x30 [ 2202.881781] page_fault+0x1e/0x30 [ 2202.881792] RIP: 0033:0x46f8fd [ 2202.881796] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2203.090947] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2203.096303] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2203.103561] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2203.110822] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2203.118084] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2203.125361] R13: 0000000000a3fc20 R14: 0000000000000002 R15: 0000000000000001 [ 2203.133166] Task in /ile0 killed as a result of limit of /ile0 [ 2203.139245] memory: usage 24kB, limit 20kB, failcnt 7800 [ 2203.144751] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2203.151543] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2203.157716] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2203.177180] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2203.185953] [26338] 0 26338 17585 8731 131072 0 0 syz-executor6 [ 2203.194849] [26366] 0 26366 17585 8732 131072 0 0 syz-executor5 [ 2203.203732] [26368] 0 26368 17585 8732 126976 0 0 syz-executor0 [ 2203.212631] Memory cgroup out of memory: Kill process 26366 (syz-executor5) score 1752800 or sacrifice child [ 2203.222668] Killed process 26366 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2203.241114] oom_reaper: reaped process 26366 (syz-executor5), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2203.252372] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2203.263351] syz-executor6 cpuset=/ mems_allowed=0 [ 2203.268269] CPU: 1 PID: 26338 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2203.275631] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2203.284988] Call Trace: [ 2203.287590] dump_stack+0x1c9/0x2b4 [ 2203.291241] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2203.296445] ? trace_hardirqs_on+0x10/0x10 [ 2203.300692] dump_header+0x27b/0xf64 [ 2203.304446] ? pagefault_out_of_memory+0x197/0x197 [ 2203.309388] ? __lock_acquire+0x7fc/0x5020 [ 2203.313625] ? __lock_acquire+0x7fc/0x5020 [ 2203.317919] ? print_usage_bug+0xc0/0xc0 [ 2203.321981] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2203.326571] ? graph_lock+0x170/0x170 [ 2203.330372] ? print_usage_bug+0xc0/0xc0 [ 2203.334437] ? trace_hardirqs_on+0x10/0x10 [ 2203.338673] ? finish_task_switch+0x2ca/0x870 [ 2203.343177] ? print_usage_bug+0xc0/0xc0 [ 2203.347236] ? lock_downgrade+0x8f0/0x8f0 [ 2203.351377] ? mark_held_locks+0xc9/0x160 [ 2203.355512] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2203.360084] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2203.365178] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2203.370183] ? trace_hardirqs_on+0xd/0x10 [ 2203.374364] ? ___ratelimit+0xaa/0x655 [ 2203.378242] ? idr_get_free+0x10c0/0x10c0 [ 2203.382384] ? kasan_check_write+0x14/0x20 [ 2203.386606] ? do_raw_spin_lock+0xc1/0x200 [ 2203.390841] oom_kill_process.cold.25+0x10/0x10bc [ 2203.395693] ? oom_evaluate_task+0x540/0x540 [ 2203.400103] ? find_held_lock+0x36/0x1c0 [ 2203.404177] ? lock_downgrade+0x8f0/0x8f0 [ 2203.408326] ? kasan_check_read+0x11/0x20 [ 2203.412480] ? rcu_is_watching+0x8c/0x150 [ 2203.416627] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2203.421042] ? oom_badness+0xb00/0xb00 [ 2203.424924] ? rcu_read_unlock+0x35/0x70 [ 2203.428994] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2203.433224] ? css_task_iter_end+0x2ce/0x490 [ 2203.437623] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2203.442369] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2203.447372] ? trace_hardirqs_on+0xd/0x10 [ 2203.451507] ? _raw_spin_unlock_irq+0x27/0x70 [ 2203.455990] ? oom_badness+0xb00/0xb00 [ 2203.459877] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2203.464620] ? mem_cgroup_iter_break+0x30/0x30 [ 2203.469203] out_of_memory+0xa8a/0x14d0 [ 2203.473170] ? oom_killer_disable+0x3a0/0x3a0 [ 2203.477657] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2203.482763] ? trace_hardirqs_on+0xd/0x10 [ 2203.486903] mem_cgroup_out_of_memory+0x15e/0x210 [ 2203.491733] ? memcg_memory_event+0x40/0x40 [ 2203.496047] ? _raw_spin_unlock+0x22/0x30 [ 2203.500185] mem_cgroup_oom_synchronize+0x713/0x940 [ 2203.505192] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2203.510631] ? memcg_event_wake+0x450/0x450 [ 2203.514950] pagefault_out_of_memory+0xc8/0x197 [ 2203.519607] ? out_of_memory+0x14d0/0x14d0 [ 2203.523835] ? __handle_mm_fault+0x4460/0x4460 [ 2203.528403] mm_fault_error+0x1de/0x380 [ 2203.532370] __do_page_fault+0xd25/0xe50 [ 2203.536425] ? mm_fault_error+0x380/0x380 [ 2203.540564] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2203.546100] ? __x64_sys_clock_gettime+0x170/0x250 [ 2203.551025] ? __ia32_sys_clock_settime+0x290/0x290 [ 2203.556046] do_page_fault+0xf6/0x8c0 [ 2203.559836] ? vmalloc_sync_all+0x30/0x30 [ 2203.563971] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2203.569514] ? do_syscall_64+0x497/0x820 [ 2203.573563] ? syscall_slow_exit_work+0x500/0x500 [ 2203.578402] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2203.583322] ? syscall_return_slowpath+0x31d/0x5e0 [ 2203.588244] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2203.593787] ? retint_user+0x18/0x18 [ 2203.597504] ? page_fault+0x8/0x30 [ 2203.601037] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2203.605869] ? page_fault+0x8/0x30 [ 2203.609408] page_fault+0x1e/0x30 [ 2203.612851] RIP: 0033:0x46f8fd [ 2203.616028] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2203.635263] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2203.640622] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2203.647880] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2203.655138] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2203.662407] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2203.669663] R13: 0000000000a3fc20 R14: 0000000000000002 R15: 0000000000000001 [ 2203.677058] Task in /ile0 killed as a result of limit of /ile0 [ 2203.683098] memory: usage 24kB, limit 20kB, failcnt 7816 [ 2203.688600] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2203.695393] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2203.701559] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2203.721059] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2203.729855] [26338] 0 26338 17585 8731 131072 0 0 syz-executor6 07:52:47 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000280)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1e70200000000000000010000000000000006000000000000000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000140), &(0x7f0000000180)=0x4) unshare(0x40020200) 07:52:47 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}, 0x2c) 07:52:47 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x207, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:47 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x22e, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:47 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000140)='./file0//ile0\x00', &(0x7f0000000200)='cgroup2\x00', 0x1008000, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r0, 0x84, 0x10, &(0x7f0000000000)=@assoc_value={0x0, 0x9a}, &(0x7f0000000080)=0x8) setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000180)={0x6, 0x200, 0x8, 0x71, r2}, 0x10) [ 2203.738782] [26368] 0 26368 17585 8732 126976 0 0 syz-executor0 [ 2203.747676] Memory cgroup out of memory: Kill process 26338 (syz-executor6) score 1752600 or sacrifice child [ 2203.757716] Killed process 26338 (syz-executor6) total-vm:70340kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB 07:52:47 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x200000000000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:52:47 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) ioctl$TUNSETLINK(r0, 0x400454cd, 0x30f) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) [ 2203.833869] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2203.844859] syz-executor0 cpuset=/ mems_allowed=0 [ 2203.849820] CPU: 1 PID: 26368 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2203.857192] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2203.866555] Call Trace: [ 2203.869164] dump_stack+0x1c9/0x2b4 [ 2203.872810] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2203.878117] ? trace_hardirqs_on+0x10/0x10 07:52:48 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00c\x00'}, 0x2c) [ 2203.882368] dump_header+0x27b/0xf64 [ 2203.886127] ? pagefault_out_of_memory+0x197/0x197 [ 2203.891077] ? __lock_acquire+0x7fc/0x5020 [ 2203.895330] ? print_usage_bug+0xc0/0xc0 [ 2203.899444] ? graph_lock+0x170/0x170 [ 2203.903261] ? print_usage_bug+0xc0/0xc0 [ 2203.907341] ? trace_hardirqs_on+0x10/0x10 [ 2203.911601] ? print_usage_bug+0xc0/0xc0 [ 2203.915685] ? lock_downgrade+0x8f0/0x8f0 [ 2203.919877] ? mark_held_locks+0xc9/0x160 [ 2203.924035] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2203.928634] ? _raw_spin_unlock_irqrestore+0x74/0xc0 07:52:48 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00H\x00'}, 0x2c) [ 2203.933770] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2203.938816] ? trace_hardirqs_on+0xd/0x10 [ 2203.942980] ? ___ratelimit+0xaa/0x655 [ 2203.946880] ? idr_get_free+0x10c0/0x10c0 [ 2203.951038] ? kasan_check_write+0x14/0x20 [ 2203.955284] ? do_raw_spin_lock+0xc1/0x200 [ 2203.959557] oom_kill_process.cold.25+0x10/0x10bc [ 2203.964459] ? oom_evaluate_task+0x540/0x540 [ 2203.968883] ? find_held_lock+0x36/0x1c0 [ 2203.972962] ? lock_downgrade+0x8f0/0x8f0 [ 2203.977145] ? kasan_check_read+0x11/0x20 07:52:48 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00 \x00'}, 0x2c) [ 2203.981299] ? rcu_is_watching+0x8c/0x150 [ 2203.985459] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2203.989887] ? oom_badness+0xb00/0xb00 [ 2203.993789] ? rcu_read_unlock+0x35/0x70 [ 2203.997863] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2204.002108] ? css_task_iter_end+0x2ce/0x490 [ 2204.006529] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2204.011291] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2204.016317] ? trace_hardirqs_on+0xd/0x10 [ 2204.023344] ? _raw_spin_unlock_irq+0x27/0x70 [ 2204.027853] ? oom_badness+0xb00/0xb00 [ 2204.031755] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2204.036527] ? mem_cgroup_iter_break+0x30/0x30 [ 2204.041142] out_of_memory+0xa8a/0x14d0 [ 2204.045139] ? oom_killer_disable+0x3a0/0x3a0 [ 2204.049658] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2204.054689] ? trace_hardirqs_on+0xd/0x10 [ 2204.058855] mem_cgroup_out_of_memory+0x15e/0x210 [ 2204.063717] ? memcg_memory_event+0x40/0x40 [ 2204.068058] ? _raw_spin_unlock+0x22/0x30 [ 2204.072225] mem_cgroup_oom_synchronize+0x713/0x940 [ 2204.077256] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 07:52:48 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x806]}}, 0x1c) 07:52:48 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00l\x00'}, 0x2c) [ 2204.082721] ? memcg_event_wake+0x450/0x450 [ 2204.087065] pagefault_out_of_memory+0xc8/0x197 [ 2204.091744] ? out_of_memory+0x14d0/0x14d0 [ 2204.096001] ? __handle_mm_fault+0x4460/0x4460 [ 2204.100600] mm_fault_error+0x1de/0x380 [ 2204.104613] __do_page_fault+0xd25/0xe50 [ 2204.108695] ? mm_fault_error+0x380/0x380 [ 2204.112859] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2204.119019] ? __x64_sys_clock_gettime+0x170/0x250 [ 2204.123962] ? __ia32_sys_clock_settime+0x290/0x290 [ 2204.128993] do_page_fault+0xf6/0x8c0 07:52:48 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000400"}, 0x2c) 07:52:48 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\n\x00'}, 0x2c) [ 2204.132820] ? vmalloc_sync_all+0x30/0x30 [ 2204.136984] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2204.142539] ? do_syscall_64+0x497/0x820 [ 2204.146615] ? syscall_slow_exit_work+0x500/0x500 [ 2204.151476] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2204.156469] ? syscall_return_slowpath+0x31d/0x5e0 [ 2204.161424] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2204.167597] ? retint_user+0x18/0x18 [ 2204.171329] ? page_fault+0x8/0x30 [ 2204.174884] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2204.179753] ? page_fault+0x8/0x30 [ 2204.183302] page_fault+0x1e/0x30 [ 2204.186780] RIP: 0033:0x46f8fd [ 2204.189967] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2204.209333] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2204.214714] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2204.221996] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2204.229277] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2204.236556] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2204.243831] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2204.251269] Task in /ile0 killed as a result of limit of /ile0 [ 2204.257343] memory: usage 24kB, limit 20kB, failcnt 7868 [ 2204.262855] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2204.269651] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2204.275869] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2204.295361] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2204.304188] [26368] 0 26368 17585 8732 126976 0 0 syz-executor0 [ 2204.313079] [26397] 0 26397 17585 8731 131072 0 0 syz-executor6 [ 2204.321973] [26399] 0 26399 17585 8732 131072 0 0 syz-executor5 07:52:48 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x3f, @multicast2, 0x4e22, 0x2, 'dh\x00', 0x10, 0x5, 0x16}, 0x2c) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) alarm(0x1) 07:52:48 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x115, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2204.330854] Memory cgroup out of memory: Kill process 26368 (syz-executor0) score 1752600 or sacrifice child [ 2204.340908] Killed process 26368 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2204.393375] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2204.412861] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2204.423936] syz-executor6 cpuset=/ mems_allowed=0 [ 2204.428875] CPU: 1 PID: 26397 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2204.436244] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2204.445605] Call Trace: [ 2204.448206] dump_stack+0x1c9/0x2b4 [ 2204.451853] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2204.457064] ? trace_hardirqs_on+0x10/0x10 [ 2204.461322] dump_header+0x27b/0xf64 [ 2204.465076] ? pagefault_out_of_memory+0x197/0x197 [ 2204.470014] ? __lock_acquire+0x7fc/0x5020 [ 2204.474265] ? print_usage_bug+0xc0/0xc0 [ 2204.478346] ? graph_lock+0x170/0x170 [ 2204.482156] ? print_usage_bug+0xc0/0xc0 [ 2204.486228] ? trace_hardirqs_on+0x10/0x10 [ 2204.490477] ? print_usage_bug+0xc0/0xc0 [ 2204.494552] ? lock_downgrade+0x8f0/0x8f0 [ 2204.498717] ? mark_held_locks+0xc9/0x160 [ 2204.502872] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2204.507482] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2204.512601] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2204.517634] ? trace_hardirqs_on+0xd/0x10 [ 2204.521823] ? ___ratelimit+0xaa/0x655 [ 2204.525721] ? idr_get_free+0x10c0/0x10c0 [ 2204.529908] ? kasan_check_write+0x14/0x20 [ 2204.534151] ? do_raw_spin_lock+0xc1/0x200 [ 2204.538399] oom_kill_process.cold.25+0x10/0x10bc [ 2204.543236] ? oom_evaluate_task+0x540/0x540 [ 2204.547635] ? find_held_lock+0x36/0x1c0 [ 2204.551689] ? lock_downgrade+0x8f0/0x8f0 [ 2204.555828] ? kasan_check_read+0x11/0x20 [ 2204.559959] ? rcu_is_watching+0x8c/0x150 [ 2204.564089] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2204.568488] ? oom_badness+0xb00/0xb00 [ 2204.572409] ? rcu_read_unlock+0x35/0x70 [ 2204.576477] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2204.580700] ? css_task_iter_end+0x2ce/0x490 [ 2204.585100] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2204.589848] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2204.594872] ? trace_hardirqs_on+0xd/0x10 [ 2204.599018] ? _raw_spin_unlock_irq+0x27/0x70 [ 2204.603511] ? oom_badness+0xb00/0xb00 [ 2204.607396] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2204.612142] ? mem_cgroup_iter_break+0x30/0x30 [ 2204.616727] out_of_memory+0xa8a/0x14d0 [ 2204.620710] ? oom_killer_disable+0x3a0/0x3a0 [ 2204.625216] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2204.630225] ? trace_hardirqs_on+0xd/0x10 [ 2204.634395] mem_cgroup_out_of_memory+0x15e/0x210 [ 2204.639249] ? memcg_memory_event+0x40/0x40 [ 2204.643574] ? _raw_spin_unlock+0x22/0x30 [ 2204.647723] mem_cgroup_oom_synchronize+0x713/0x940 [ 2204.652736] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2204.658174] ? memcg_event_wake+0x450/0x450 [ 2204.662490] pagefault_out_of_memory+0xc8/0x197 [ 2204.667146] ? out_of_memory+0x14d0/0x14d0 [ 2204.671375] ? __handle_mm_fault+0x4460/0x4460 [ 2204.675949] mm_fault_error+0x1de/0x380 [ 2204.679933] __do_page_fault+0xd25/0xe50 [ 2204.683994] ? mm_fault_error+0x380/0x380 [ 2204.688139] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2204.693670] ? __x64_sys_clock_gettime+0x170/0x250 [ 2204.698590] ? __ia32_sys_clock_settime+0x290/0x290 [ 2204.703607] do_page_fault+0xf6/0x8c0 [ 2204.707404] ? vmalloc_sync_all+0x30/0x30 [ 2204.711552] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2204.717077] ? do_syscall_64+0x497/0x820 [ 2204.721137] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2204.726063] ? syscall_return_slowpath+0x31d/0x5e0 [ 2204.731000] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2204.736362] ? page_fault+0x8/0x30 [ 2204.739889] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2204.744733] ? page_fault+0x8/0x30 [ 2204.748258] page_fault+0x1e/0x30 [ 2204.751707] RIP: 0033:0x46f8fd [ 2204.754877] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2204.774100] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2204.779470] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2204.786734] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2204.793994] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2204.801271] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2204.808532] R13: 0000000000a3fc20 R14: 0000000000000002 R15: 0000000000000001 [ 2204.815863] Task in /ile0 killed as a result of limit of /ile0 [ 2204.821929] memory: usage 24kB, limit 20kB, failcnt 7928 [ 2204.827414] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2204.834202] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2204.840376] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2204.859878] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2204.868696] [26397] 0 26397 17585 8731 131072 0 0 syz-executor6 [ 2204.877579] [26399] 0 26399 17585 8732 131072 0 0 syz-executor5 [ 2204.886483] [26434] 0 26434 17618 8732 126976 0 0 syz-executor0 [ 2204.895380] Memory cgroup out of memory: Kill process 26399 (syz-executor5) score 1752800 or sacrifice child [ 2204.905461] Killed process 26399 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2204.920317] oom_reaper: reaped process 26399 (syz-executor5), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2204.930638] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2204.937620] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2204.941612] syz-executor6 cpuset=/ mems_allowed=0 [ 2204.941645] CPU: 1 PID: 26397 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2204.941654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2204.941659] Call Trace: [ 2204.941682] dump_stack+0x1c9/0x2b4 [ 2204.941702] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2204.941720] ? trace_hardirqs_on+0x10/0x10 [ 2204.941738] dump_header+0x27b/0xf64 [ 2204.941762] ? pagefault_out_of_memory+0x197/0x197 [ 2204.941780] ? __lock_acquire+0x7fc/0x5020 [ 2204.941799] ? print_usage_bug+0xc0/0xc0 [ 2204.941822] ? graph_lock+0x170/0x170 [ 2204.941836] ? print_usage_bug+0xc0/0xc0 [ 2204.941854] ? trace_hardirqs_on+0x10/0x10 [ 2204.941878] ? print_usage_bug+0xc0/0xc0 [ 2204.941903] ? lock_downgrade+0x8f0/0x8f0 [ 2204.941926] ? mark_held_locks+0xc9/0x160 [ 2205.034852] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2205.039441] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2205.044540] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2205.049569] ? trace_hardirqs_on+0xd/0x10 [ 2205.053717] ? ___ratelimit+0xaa/0x655 [ 2205.057617] ? idr_get_free+0x10c0/0x10c0 [ 2205.061773] ? kasan_check_write+0x14/0x20 [ 2205.066014] ? do_raw_spin_lock+0xc1/0x200 [ 2205.070263] oom_kill_process.cold.25+0x10/0x10bc [ 2205.075106] ? oom_evaluate_task+0x540/0x540 [ 2205.079505] ? find_held_lock+0x36/0x1c0 [ 2205.083563] ? lock_downgrade+0x8f0/0x8f0 [ 2205.087707] ? kasan_check_read+0x11/0x20 [ 2205.091863] ? rcu_is_watching+0x8c/0x150 [ 2205.095999] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2205.100406] ? oom_badness+0xb00/0xb00 [ 2205.104290] ? rcu_read_unlock+0x35/0x70 [ 2205.108352] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2205.112579] ? css_task_iter_end+0x2ce/0x490 [ 2205.116981] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2205.121728] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2205.126736] ? trace_hardirqs_on+0xd/0x10 [ 2205.130875] ? _raw_spin_unlock_irq+0x27/0x70 [ 2205.135389] ? oom_badness+0xb00/0xb00 [ 2205.139285] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2205.144045] ? mem_cgroup_iter_break+0x30/0x30 [ 2205.148628] out_of_memory+0xa8a/0x14d0 [ 2205.152596] ? oom_killer_disable+0x3a0/0x3a0 [ 2205.157085] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2205.162111] ? trace_hardirqs_on+0xd/0x10 [ 2205.166257] mem_cgroup_out_of_memory+0x15e/0x210 [ 2205.171094] ? memcg_memory_event+0x40/0x40 [ 2205.175413] ? _raw_spin_unlock+0x22/0x30 [ 2205.179560] mem_cgroup_oom_synchronize+0x713/0x940 [ 2205.184571] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2205.190010] ? memcg_event_wake+0x450/0x450 [ 2205.194341] pagefault_out_of_memory+0xc8/0x197 [ 2205.199000] ? out_of_memory+0x14d0/0x14d0 [ 2205.203252] ? __handle_mm_fault+0x4460/0x4460 [ 2205.207827] mm_fault_error+0x1de/0x380 [ 2205.211798] __do_page_fault+0xd25/0xe50 [ 2205.215854] ? mm_fault_error+0x380/0x380 [ 2205.219993] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2205.225527] ? __x64_sys_clock_gettime+0x170/0x250 [ 2205.230450] ? __ia32_sys_clock_settime+0x290/0x290 [ 2205.235465] do_page_fault+0xf6/0x8c0 [ 2205.239258] ? vmalloc_sync_all+0x30/0x30 [ 2205.243397] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2205.248936] ? do_syscall_64+0x497/0x820 [ 2205.252991] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2205.257920] ? syscall_return_slowpath+0x31d/0x5e0 [ 2205.262848] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2205.268377] ? retint_user+0x18/0x18 [ 2205.272088] ? page_fault+0x8/0x30 [ 2205.275633] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2205.280468] ? page_fault+0x8/0x30 [ 2205.283997] page_fault+0x1e/0x30 [ 2205.287471] RIP: 0033:0x46f8fd [ 2205.290661] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2205.309927] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2205.315285] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2205.322553] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2205.329812] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2205.337073] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2205.344335] R13: 0000000000a3fc20 R14: 0000000000000002 R15: 0000000000000001 [ 2205.351786] Task in /ile0 killed as a result of limit of /ile0 [ 2205.357873] memory: usage 24kB, limit 20kB, failcnt 7944 [ 2205.363362] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2205.370142] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2205.376321] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2205.395818] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2205.404646] [26397] 0 26397 17585 8731 131072 0 0 syz-executor6 [ 2205.413605] [26434] 0 26434 17618 8732 126976 0 0 syz-executor0 [ 2205.422482] Memory cgroup out of memory: Kill process 26397 (syz-executor6) score 1752600 or sacrifice child [ 2205.432532] Killed process 26397 (syz-executor6) total-vm:70340kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB 07:52:49 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000480)=ANY=[@ANYBLOB="b5f5057b3b746757148562ebdfd1e7020000000000000001000040000000000600000000000000000000000017e13911a97c69899f6af903f301d4843ecb70b304672cf58efcaf14cd2a56b198dc156e418759ba33dea8483c84ca8fe498a8b272217104620bd44a1292e9948d1111ce7aa115701917c5420e88d5abb6a544a1b6bda81de59212bc8f60eab2e11f355ea8ad3028d50121b5ff2fabe2f30f5aa900000000000000d766113530eddedab16f83ce0b86a469a6a4"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000140)={0x0, 0x108}, &(0x7f0000000180)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f00000002c0)={r3, @in={{0x2, 0x4e24, @rand_addr=0x10001}}, 0x2, 0x6}, &(0x7f0000000380)=0x90) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x40020200) 07:52:49 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x1df, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:49 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100048f00"}, 0x2c) 07:52:49 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x9c, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:49 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100000000000000]}}, 0x1c) 07:52:49 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xfffff000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:52:49 executing program 5: r0 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x200501) getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f00000002c0)={@mcast1, 0x0}, &(0x7f0000000300)=0x14) setsockopt$packet_drop_memb(r0, 0x107, 0x2, &(0x7f0000000340)={r1, 0x1, 0x6, @local}, 0x10) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0x12) getsockopt$bt_BT_RCVMTU(r2, 0x112, 0xd, &(0x7f0000000140)=0xfffffffffffffff9, &(0x7f0000000180)=0x2) unshare(0x400) ioctl$VT_ACTIVATE(r0, 0x5606, 0x9) ioctl$KVM_SET_CPUID2(r0, 0x4008ae90, &(0x7f0000000380)={0x5, 0x0, [{0xc000000f, 0x3, 0x4, 0x1f, 0x9, 0x4, 0x8000}, {0x0, 0x100000001, 0x2, 0xfffffffffffff0a5, 0x0, 0x2, 0x1}, {0x0, 0x1, 0x3, 0x8000, 0xffffffff, 0x1, 0x8e}, {0x6, 0x7f, 0x1, 0x5, 0x9, 0x6, 0x7}, {0xc000000b, 0x80000000, 0x6, 0xfc, 0x85}]}) [ 2205.446777] oom_reaper: reaped process 26397 (syz-executor6), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB 07:52:49 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) write$RDMA_USER_CM_CMD_JOIN_MCAST(r0, &(0x7f0000000280)={0x16, 0x98, 0xfa00, {&(0x7f0000000140)={0xffffffffffffffff}, 0x3, 0xffffffffffffffff, 0x10, 0x1, @in6={0xa, 0x4e20, 0x3, @empty, 0x1}}}, 0xa0) write$RDMA_USER_CM_CMD_LEAVE_MCAST(r0, &(0x7f0000000180)={0x11, 0x10, 0xfa00, {&(0x7f0000000000), r2}}, 0x18) [ 2205.571707] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2205.620598] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2205.648186] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2205.659154] syz-executor5 cpuset=/ mems_allowed=0 [ 2205.664075] CPU: 1 PID: 26443 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2205.671467] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2205.680828] Call Trace: [ 2205.683427] dump_stack+0x1c9/0x2b4 [ 2205.687151] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2205.692351] ? trace_hardirqs_on+0x10/0x10 [ 2205.696599] dump_header+0x27b/0xf64 [ 2205.700330] ? pagefault_out_of_memory+0x197/0x197 [ 2205.705278] ? __lock_acquire+0x7fc/0x5020 [ 2205.709530] ? print_usage_bug+0xc0/0xc0 [ 2205.713604] ? graph_lock+0x170/0x170 [ 2205.717409] ? print_usage_bug+0xc0/0xc0 [ 2205.721479] ? trace_hardirqs_on+0x10/0x10 [ 2205.725726] ? print_usage_bug+0xc0/0xc0 [ 2205.729803] ? lock_downgrade+0x8f0/0x8f0 [ 2205.733964] ? mark_held_locks+0xc9/0x160 [ 2205.738135] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2205.742734] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2205.747848] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2205.753141] ? trace_hardirqs_on+0xd/0x10 [ 2205.757307] ? ___ratelimit+0xaa/0x655 [ 2205.761219] ? idr_get_free+0x10c0/0x10c0 [ 2205.765407] ? kasan_check_write+0x14/0x20 07:52:49 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00c\x00'}, 0x2c) [ 2205.769645] ? do_raw_spin_lock+0xc1/0x200 [ 2205.773887] oom_kill_process.cold.25+0x10/0x10bc [ 2205.778746] ? oom_evaluate_task+0x540/0x540 [ 2205.783162] ? find_held_lock+0x36/0x1c0 [ 2205.787263] ? lock_downgrade+0x8f0/0x8f0 [ 2205.791437] ? kasan_check_read+0x11/0x20 [ 2205.795587] ? rcu_is_watching+0x8c/0x150 [ 2205.799743] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2205.804161] ? oom_badness+0xb00/0xb00 [ 2205.808058] ? rcu_read_unlock+0x35/0x70 [ 2205.812124] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2205.816364] ? css_task_iter_end+0x2ce/0x490 [ 2205.820787] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2205.825595] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2205.830650] ? trace_hardirqs_on+0xd/0x10 [ 2205.834822] ? _raw_spin_unlock_irq+0x27/0x70 [ 2205.839324] ? oom_badness+0xb00/0xb00 [ 2205.843221] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2205.848109] ? mem_cgroup_iter_break+0x30/0x30 [ 2205.852712] out_of_memory+0xa8a/0x14d0 [ 2205.856695] ? oom_killer_disable+0x3a0/0x3a0 [ 2205.861199] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2205.866253] ? trace_hardirqs_on+0xd/0x10 [ 2205.870442] mem_cgroup_out_of_memory+0x15e/0x210 [ 2205.875293] ? memcg_memory_event+0x40/0x40 [ 2205.879626] ? _raw_spin_unlock+0x22/0x30 [ 2205.883784] mem_cgroup_oom_synchronize+0x713/0x940 [ 2205.888813] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2205.894272] ? memcg_event_wake+0x450/0x450 [ 2205.898614] pagefault_out_of_memory+0xc8/0x197 [ 2205.903290] ? out_of_memory+0x14d0/0x14d0 [ 2205.907539] ? __handle_mm_fault+0x4460/0x4460 [ 2205.912128] mm_fault_error+0x1de/0x380 [ 2205.916111] __do_page_fault+0xd25/0xe50 07:52:50 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00c\x00'}, 0x2c) [ 2205.920181] ? mm_fault_error+0x380/0x380 [ 2205.924334] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2205.929872] ? __x64_sys_clock_gettime+0x170/0x250 [ 2205.934802] ? __ia32_sys_clock_settime+0x290/0x290 [ 2205.939858] do_page_fault+0xf6/0x8c0 [ 2205.943668] ? vmalloc_sync_all+0x30/0x30 [ 2205.947827] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2205.953386] ? do_syscall_64+0x497/0x820 [ 2205.957455] ? syscall_slow_exit_work+0x500/0x500 [ 2205.962304] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2205.967270] ? syscall_return_slowpath+0x31d/0x5e0 [ 2205.972226] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2205.977603] ? page_fault+0x8/0x30 [ 2205.981148] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2205.985996] ? page_fault+0x8/0x30 [ 2205.989545] page_fault+0x1e/0x30 [ 2205.992997] RIP: 0033:0x46f8fd [ 2205.996179] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2206.015561] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2206.020931] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2206.028202] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2206.035501] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2206.042781] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2206.050057] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2206.057517] Task in /ile0 killed as a result of limit of /ile0 [ 2206.063580] memory: usage 24kB, limit 20kB, failcnt 8025 [ 2206.069078] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2206.075867] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2206.082152] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2206.101657] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2206.110505] [26443] 0 26443 17585 8732 131072 0 0 syz-executor5 [ 2206.119420] [26451] 0 26451 17585 8732 126976 0 0 syz-executor0 [ 2206.128329] [26455] 0 26455 17585 8731 131072 0 0 syz-executor6 [ 2206.137238] Memory cgroup out of memory: Kill process 26443 (syz-executor5) score 1752800 or sacrifice child [ 2206.147286] Killed process 26443 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2206.160984] oom_reaper: reaped process 26443 (syz-executor5), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB 07:52:50 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8100}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2206.187018] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2206.198049] syz-executor0 cpuset=/ mems_allowed=0 [ 2206.202963] CPU: 1 PID: 26451 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2206.210326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2206.219705] Call Trace: [ 2206.222307] dump_stack+0x1c9/0x2b4 [ 2206.225945] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2206.231146] ? trace_hardirqs_on+0x10/0x10 [ 2206.235393] dump_header+0x27b/0xf64 [ 2206.239113] ? pagefault_out_of_memory+0x197/0x197 [ 2206.244053] ? __lock_acquire+0x7fc/0x5020 [ 2206.248301] ? print_usage_bug+0xc0/0xc0 [ 2206.252391] ? graph_lock+0x170/0x170 [ 2206.256194] ? print_usage_bug+0xc0/0xc0 [ 2206.260266] ? trace_hardirqs_on+0x10/0x10 [ 2206.264529] ? print_usage_bug+0xc0/0xc0 [ 2206.268605] ? lock_downgrade+0x8f0/0x8f0 [ 2206.272766] ? mark_held_locks+0xc9/0x160 [ 2206.276916] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2206.281505] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2206.286633] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2206.291656] ? trace_hardirqs_on+0xd/0x10 [ 2206.295818] ? ___ratelimit+0xaa/0x655 [ 2206.299729] ? idr_get_free+0x10c0/0x10c0 [ 2206.303882] ? kasan_check_write+0x14/0x20 [ 2206.308126] ? do_raw_spin_lock+0xc1/0x200 [ 2206.312380] oom_kill_process.cold.25+0x10/0x10bc [ 2206.317251] ? oom_evaluate_task+0x540/0x540 [ 2206.321702] ? find_held_lock+0x36/0x1c0 [ 2206.325778] ? lock_downgrade+0x8f0/0x8f0 [ 2206.329935] ? kasan_check_read+0x11/0x20 [ 2206.334086] ? rcu_is_watching+0x8c/0x150 [ 2206.338241] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2206.342667] ? oom_badness+0xb00/0xb00 [ 2206.346559] ? rcu_read_unlock+0x35/0x70 [ 2206.350623] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2206.354860] ? css_task_iter_end+0x2ce/0x490 [ 2206.359307] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2206.364083] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2206.369107] ? trace_hardirqs_on+0xd/0x10 [ 2206.373256] ? _raw_spin_unlock_irq+0x27/0x70 [ 2206.377761] ? oom_badness+0xb00/0xb00 [ 2206.381659] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 07:52:50 executing program 5: ioctl$sock_SIOCGPGRP(0xffffffffffffff9c, 0x8904, &(0x7f00000002c0)=0x0) getpriority(0x0, r0) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = syz_open_dev$admmidi(&(0x7f0000000300)='/dev/admmidi#\x00', 0x1, 0x303000) ioctl$BLKTRACETEARDOWN(r1, 0x1276, 0x0) r2 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) getsockopt$IPT_SO_GET_REVISION_TARGET(r2, 0x0, 0x43, &(0x7f0000000000)={'icmp\x00'}, &(0x7f0000000280)=0x1e) r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0x12) connect(r2, &(0x7f0000000140)=@nl=@proc={0x10, 0x0, 0x25dfdbfe, 0x10}, 0x80) unshare(0x400) [ 2206.386427] ? mem_cgroup_iter_break+0x30/0x30 [ 2206.391044] out_of_memory+0xa8a/0x14d0 [ 2206.395034] ? oom_killer_disable+0x3a0/0x3a0 [ 2206.399543] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2206.404575] ? trace_hardirqs_on+0xd/0x10 [ 2206.404881] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2206.408740] mem_cgroup_out_of_memory+0x15e/0x210 [ 2206.408757] ? memcg_memory_event+0x40/0x40 [ 2206.408778] ? _raw_spin_unlock+0x22/0x30 07:52:50 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000007fffffff00"}, 0x2c) [ 2206.408797] mem_cgroup_oom_synchronize+0x713/0x940 [ 2206.408811] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2206.408825] ? memcg_event_wake+0x450/0x450 [ 2206.408853] pagefault_out_of_memory+0xc8/0x197 [ 2206.408866] ? out_of_memory+0x14d0/0x14d0 [ 2206.408887] ? __handle_mm_fault+0x4460/0x4460 [ 2206.408904] mm_fault_error+0x1de/0x380 [ 2206.408921] __do_page_fault+0xd25/0xe50 [ 2206.408940] ? mm_fault_error+0x380/0x380 [ 2206.408961] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2206.482916] ? __x64_sys_clock_gettime+0x170/0x250 [ 2206.487852] ? __ia32_sys_clock_settime+0x290/0x290 [ 2206.492876] do_page_fault+0xf6/0x8c0 [ 2206.496681] ? vmalloc_sync_all+0x30/0x30 [ 2206.500832] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2206.506375] ? do_syscall_64+0x497/0x820 [ 2206.510438] ? syscall_slow_exit_work+0x500/0x500 [ 2206.515289] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2206.520225] ? syscall_return_slowpath+0x31d/0x5e0 [ 2206.525165] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2206.530718] ? retint_user+0x18/0x18 [ 2206.534452] ? page_fault+0x8/0x30 07:52:50 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000500"}, 0x2c) [ 2206.537995] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2206.542840] ? page_fault+0x8/0x30 [ 2206.546384] page_fault+0x1e/0x30 [ 2206.549841] RIP: 0033:0x46f8fd [ 2206.553030] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2206.572405] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2206.577783] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2206.585083] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2206.592361] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2206.599658] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2206.606944] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2206.614315] Task in /ile0 killed as a result of limit of /ile0 [ 2206.620427] memory: usage 24kB, limit 20kB, failcnt 8053 [ 2206.625923] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2206.632700] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2206.638881] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2206.658403] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2206.667290] [26451] 0 26451 17585 8732 126976 0 0 syz-executor0 [ 2206.676199] [26455] 0 26455 17585 8731 131072 0 0 syz-executor6 07:52:50 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00c\x00'}, 0x2c) [ 2206.685091] Memory cgroup out of memory: Kill process 26451 (syz-executor0) score 1752600 or sacrifice child [ 2206.695126] Killed process 26451 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:52:50 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xffffff9e}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2206.823795] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2206.839962] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2206.851426] syz-executor6 cpuset=/ mems_allowed=0 [ 2206.856366] CPU: 0 PID: 26455 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2206.863724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2206.873077] Call Trace: [ 2206.875676] dump_stack+0x1c9/0x2b4 [ 2206.879307] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2206.884513] ? trace_hardirqs_on+0x10/0x10 [ 2206.888754] dump_header+0x27b/0xf64 [ 2206.892478] ? pagefault_out_of_memory+0x197/0x197 [ 2206.897413] ? __lock_acquire+0x7fc/0x5020 [ 2206.901662] ? print_usage_bug+0xc0/0xc0 [ 2206.905735] ? graph_lock+0x170/0x170 [ 2206.909536] ? print_usage_bug+0xc0/0xc0 [ 2206.913601] ? trace_hardirqs_on+0x10/0x10 [ 2206.917847] ? print_usage_bug+0xc0/0xc0 [ 2206.921933] ? lock_downgrade+0x8f0/0x8f0 [ 2206.926089] ? mark_held_locks+0xc9/0x160 [ 2206.930238] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2206.934824] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2206.939936] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2206.944958] ? trace_hardirqs_on+0xd/0x10 [ 2206.949119] ? ___ratelimit+0xaa/0x655 [ 2206.953270] ? idr_get_free+0x10c0/0x10c0 [ 2206.957511] ? kasan_check_write+0x14/0x20 [ 2206.961750] ? do_raw_spin_lock+0xc1/0x200 [ 2206.965992] oom_kill_process.cold.25+0x10/0x10bc [ 2206.970864] ? oom_evaluate_task+0x540/0x540 [ 2206.975275] ? find_held_lock+0x36/0x1c0 [ 2206.979351] ? lock_downgrade+0x8f0/0x8f0 [ 2206.983512] ? kasan_check_read+0x11/0x20 [ 2206.987665] ? rcu_is_watching+0x8c/0x150 [ 2206.991813] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2206.996232] ? oom_badness+0xb00/0xb00 [ 2207.000127] ? rcu_read_unlock+0x35/0x70 [ 2207.004186] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2207.008423] ? css_task_iter_end+0x2ce/0x490 [ 2207.012833] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2207.017592] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2207.022608] ? trace_hardirqs_on+0xd/0x10 [ 2207.026760] ? _raw_spin_unlock_irq+0x27/0x70 [ 2207.031254] ? oom_badness+0xb00/0xb00 [ 2207.035145] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2207.039924] ? mem_cgroup_iter_break+0x30/0x30 [ 2207.044525] out_of_memory+0xa8a/0x14d0 [ 2207.048507] ? oom_killer_disable+0x3a0/0x3a0 [ 2207.053013] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2207.058066] ? trace_hardirqs_on+0xd/0x10 [ 2207.062243] mem_cgroup_out_of_memory+0x15e/0x210 [ 2207.067126] ? memcg_memory_event+0x40/0x40 [ 2207.071467] ? _raw_spin_unlock+0x22/0x30 [ 2207.075629] mem_cgroup_oom_synchronize+0x713/0x940 [ 2207.080664] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2207.086124] ? memcg_event_wake+0x450/0x450 [ 2207.090478] pagefault_out_of_memory+0xc8/0x197 [ 2207.095254] ? out_of_memory+0x14d0/0x14d0 [ 2207.099505] ? __handle_mm_fault+0x4460/0x4460 [ 2207.104099] mm_fault_error+0x1de/0x380 [ 2207.108091] __do_page_fault+0xd25/0xe50 [ 2207.112169] ? mm_fault_error+0x380/0x380 [ 2207.116353] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2207.119610] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2207.121911] ? __x64_sys_clock_gettime+0x170/0x250 [ 2207.121927] ? __ia32_sys_clock_settime+0x290/0x290 [ 2207.121947] do_page_fault+0xf6/0x8c0 [ 2207.121961] ? vmalloc_sync_all+0x30/0x30 [ 2207.121980] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2207.160020] ? do_syscall_64+0x497/0x820 [ 2207.164099] ? syscall_slow_exit_work+0x500/0x500 [ 2207.168963] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2207.173912] ? syscall_return_slowpath+0x31d/0x5e0 [ 2207.178860] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2207.184414] ? retint_user+0x18/0x18 [ 2207.188133] ? page_fault+0x8/0x30 [ 2207.191661] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2207.196490] ? page_fault+0x8/0x30 [ 2207.200023] page_fault+0x1e/0x30 [ 2207.203472] RIP: 0033:0x46f8fd [ 2207.206643] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2207.225822] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2207.231183] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2207.238448] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2207.245716] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2207.252987] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2207.260247] R13: 0000000000a3fc20 R14: 0000000000000002 R15: 0000000000000001 [ 2207.267581] Task in /ile0 killed as a result of limit of /ile0 [ 2207.273688] memory: usage 24kB, limit 20kB, failcnt 8093 [ 2207.279166] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2207.285948] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2207.292120] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2207.311618] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2207.320493] [26455] 0 26455 17585 8731 131072 0 0 syz-executor6 [ 2207.329393] [26485] 0 26485 17585 8732 131072 0 0 syz-executor5 [ 2207.338267] Memory cgroup out of memory: Kill process 26485 (syz-executor5) score 1752800 or sacrifice child [ 2207.348328] Killed process 26485 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2207.406268] oom_reaper: reaped process 26485 (syz-executor5), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2207.460018] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2207.471057] syz-executor6 cpuset=/ mems_allowed=0 [ 2207.475959] CPU: 0 PID: 26455 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2207.483319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2207.492667] Call Trace: [ 2207.495248] dump_stack+0x1c9/0x2b4 [ 2207.498867] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2207.504059] ? trace_hardirqs_on+0x10/0x10 [ 2207.508301] dump_header+0x27b/0xf64 [ 2207.512011] ? pagefault_out_of_memory+0x197/0x197 [ 2207.516937] ? __lock_acquire+0x7fc/0x5020 [ 2207.521162] ? print_usage_bug+0xc0/0xc0 [ 2207.525227] ? graph_lock+0x170/0x170 [ 2207.529020] ? print_usage_bug+0xc0/0xc0 [ 2207.533085] ? trace_hardirqs_on+0x10/0x10 [ 2207.537311] ? print_usage_bug+0xc0/0xc0 [ 2207.541363] ? lock_downgrade+0x8f0/0x8f0 [ 2207.545518] ? mark_held_locks+0xc9/0x160 [ 2207.549649] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2207.554227] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2207.559317] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2207.564328] ? trace_hardirqs_on+0xd/0x10 [ 2207.568462] ? ___ratelimit+0xaa/0x655 [ 2207.572339] ? idr_get_free+0x10c0/0x10c0 [ 2207.576491] ? kasan_check_write+0x14/0x20 [ 2207.580722] ? do_raw_spin_lock+0xc1/0x200 [ 2207.584951] oom_kill_process.cold.25+0x10/0x10bc [ 2207.589786] ? oom_evaluate_task+0x540/0x540 [ 2207.594192] ? find_held_lock+0x36/0x1c0 [ 2207.598243] ? lock_downgrade+0x8f0/0x8f0 [ 2207.602391] ? kasan_check_read+0x11/0x20 [ 2207.606533] ? rcu_is_watching+0x8c/0x150 [ 2207.610679] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2207.615087] ? oom_badness+0xb00/0xb00 [ 2207.618961] ? rcu_read_unlock+0x35/0x70 [ 2207.623007] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2207.627237] ? css_task_iter_end+0x2ce/0x490 [ 2207.631632] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2207.636379] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2207.641378] ? trace_hardirqs_on+0xd/0x10 [ 2207.645507] ? _raw_spin_unlock_irq+0x27/0x70 [ 2207.649990] ? oom_badness+0xb00/0xb00 [ 2207.653870] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2207.658629] ? mem_cgroup_iter_break+0x30/0x30 [ 2207.663204] out_of_memory+0xa8a/0x14d0 [ 2207.667167] ? oom_killer_disable+0x3a0/0x3a0 [ 2207.671656] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2207.676662] ? trace_hardirqs_on+0xd/0x10 [ 2207.680809] mem_cgroup_out_of_memory+0x15e/0x210 [ 2207.685637] ? memcg_memory_event+0x40/0x40 [ 2207.689948] ? _raw_spin_unlock+0x22/0x30 [ 2207.694095] mem_cgroup_oom_synchronize+0x713/0x940 [ 2207.699106] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2207.704540] ? memcg_event_wake+0x450/0x450 [ 2207.708854] pagefault_out_of_memory+0xc8/0x197 [ 2207.713510] ? out_of_memory+0x14d0/0x14d0 [ 2207.717743] ? __handle_mm_fault+0x4460/0x4460 [ 2207.722322] mm_fault_error+0x1de/0x380 [ 2207.726284] __do_page_fault+0xd25/0xe50 [ 2207.730341] ? mm_fault_error+0x380/0x380 [ 2207.734488] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2207.740028] ? __x64_sys_clock_gettime+0x170/0x250 [ 2207.744951] ? __ia32_sys_clock_settime+0x290/0x290 [ 2207.749956] do_page_fault+0xf6/0x8c0 [ 2207.753753] ? vmalloc_sync_all+0x30/0x30 [ 2207.757887] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2207.763409] ? do_syscall_64+0x497/0x820 [ 2207.767544] ? syscall_slow_exit_work+0x500/0x500 [ 2207.772384] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2207.777304] ? syscall_return_slowpath+0x31d/0x5e0 [ 2207.782237] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2207.787768] ? retint_user+0x18/0x18 [ 2207.791472] ? page_fault+0x8/0x30 [ 2207.795003] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2207.799842] ? page_fault+0x8/0x30 [ 2207.803366] page_fault+0x1e/0x30 [ 2207.806803] RIP: 0033:0x46f8fd [ 2207.809976] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2207.829542] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2207.834905] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2207.842168] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2207.849427] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2207.856700] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2207.863961] R13: 0000000000a3fc20 R14: 0000000000000002 R15: 0000000000000001 [ 2207.871290] Task in /ile0 killed as a result of limit of /ile0 [ 2207.877373] memory: usage 24kB, limit 20kB, failcnt 8101 [ 2207.882855] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2207.889633] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 07:52:52 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000140)=0x8000) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000280)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1e70200000000000000010000000000000006000000000000000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x40020200) 07:52:52 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:52:52 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\n\x00'}, 0x2c) 07:52:52 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x1dd, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:52 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x154, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:52 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8035000000000000]}}, 0x1c) 07:52:52 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xa00000000000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:52:52 executing program 5: r0 = memfd_create(&(0x7f0000000000)='\x00', 0x1) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000140)={0x0, 0xfffffffffffffff9}, &(0x7f0000000180)=0x8) setsockopt$inet_sctp_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000280)={r1, 0xfe, 0x73168058}, 0x10) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0x12) unshare(0x400) [ 2207.895815] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2207.915319] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2207.924143] [26455] 0 26455 17585 8731 131072 0 0 syz-executor6 [ 2207.933010] Memory cgroup out of memory: Kill process 26455 (syz-executor6) score 1752600 or sacrifice child [ 2207.943107] Killed process 26455 (syz-executor6) total-vm:70340kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB [ 2208.006258] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2208.056224] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2208.087480] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2208.098475] syz-executor5 cpuset=/ mems_allowed=0 [ 2208.103419] CPU: 0 PID: 26503 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2208.110788] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2208.120151] Call Trace: [ 2208.122758] dump_stack+0x1c9/0x2b4 [ 2208.126404] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2208.131614] ? trace_hardirqs_on+0x10/0x10 [ 2208.136003] dump_header+0x27b/0xf64 [ 2208.139741] ? pagefault_out_of_memory+0x197/0x197 [ 2208.144690] ? __lock_acquire+0x7fc/0x5020 [ 2208.148946] ? print_usage_bug+0xc0/0xc0 [ 2208.153032] ? graph_lock+0x170/0x170 [ 2208.156844] ? print_usage_bug+0xc0/0xc0 [ 2208.160918] ? trace_hardirqs_on+0x10/0x10 [ 2208.165178] ? print_usage_bug+0xc0/0xc0 [ 2208.169269] ? lock_downgrade+0x8f0/0x8f0 [ 2208.173441] ? mark_held_locks+0xc9/0x160 [ 2208.177604] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2208.182204] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2208.187337] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2208.192374] ? trace_hardirqs_on+0xd/0x10 [ 2208.196546] ? ___ratelimit+0xaa/0x655 [ 2208.200454] ? idr_get_free+0x10c0/0x10c0 [ 2208.204622] ? kasan_check_write+0x14/0x20 [ 2208.208872] ? do_raw_spin_lock+0xc1/0x200 [ 2208.213125] oom_kill_process.cold.25+0x10/0x10bc [ 2208.217993] ? oom_evaluate_task+0x540/0x540 [ 2208.222418] ? find_held_lock+0x36/0x1c0 [ 2208.226499] ? lock_downgrade+0x8f0/0x8f0 [ 2208.230665] ? kasan_check_read+0x11/0x20 [ 2208.234819] ? rcu_is_watching+0x8c/0x150 [ 2208.239148] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2208.243577] ? oom_badness+0xb00/0xb00 [ 2208.247476] ? rcu_read_unlock+0x35/0x70 [ 2208.251553] ? mem_cgroup_iter+0x4bf/0x9e0 07:52:52 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00t\x00'}, 0x2c) 07:52:52 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000600"}, 0x2c) 07:52:52 executing program 0: syz_open_dev$vcsa(&(0x7f00000004c0)='/dev/vcsa#\x00', 0x5, 0x101000) r0 = syz_open_dev$mice(&(0x7f0000000500)='/dev/input/mice\x00', 0x0, 0x800) r1 = dup2(r0, 0xffffffffffffffff) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000340)={0x0, @in6={{0xa, 0x4e24, 0x5, @local, 0x3}}, 0x800, 0x1, 0x7f, 0x0, 0x6}, &(0x7f0000000180)=0x98) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000400)={r2, 0x43}, &(0x7f0000000440)=0x8) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f00000005c0)='cgroup.threads\x00', 0x2, 0x0) write$cgroup_pid(r4, &(0x7f0000000100), 0x12) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000280)={0x0, @in6={{0xa, 0x4e22, 0x1, @empty, 0x100000000}}, 0x9, 0x7}, &(0x7f0000000000)=0x90) setsockopt$inet_sctp6_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f0000000140)={r5, 0x4}, 0x8) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000480)=0x20000, 0x4) unshare(0x4000000) 07:52:52 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000048f00"}, 0x2c) 07:52:52 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000600"}, 0x2c) 07:52:52 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\t\x00'}, 0x2c) [ 2208.255794] ? css_task_iter_end+0x2ce/0x490 [ 2208.260216] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2208.264980] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2208.270004] ? trace_hardirqs_on+0xd/0x10 [ 2208.274157] ? _raw_spin_unlock_irq+0x27/0x70 [ 2208.278658] ? oom_badness+0xb00/0xb00 [ 2208.282573] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2208.287342] ? mem_cgroup_iter_break+0x30/0x30 [ 2208.291949] out_of_memory+0xa8a/0x14d0 [ 2208.295937] ? oom_killer_disable+0x3a0/0x3a0 [ 2208.300446] ? trace_hardirqs_on_caller+0x421/0x5c0 07:52:52 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'}, 0x2c) 07:52:52 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00l\x00'}, 0x2c) [ 2208.305561] ? trace_hardirqs_on+0xd/0x10 [ 2208.309726] mem_cgroup_out_of_memory+0x15e/0x210 [ 2208.314585] ? memcg_memory_event+0x40/0x40 [ 2208.318925] ? _raw_spin_unlock+0x22/0x30 [ 2208.323091] mem_cgroup_oom_synchronize+0x713/0x940 [ 2208.328124] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2208.334171] ? memcg_event_wake+0x450/0x450 [ 2208.338547] pagefault_out_of_memory+0xc8/0x197 [ 2208.343222] ? out_of_memory+0x14d0/0x14d0 [ 2208.347476] ? __handle_mm_fault+0x4460/0x4460 [ 2208.352072] mm_fault_error+0x1de/0x380 [ 2208.356061] __do_page_fault+0xd25/0xe50 [ 2208.360139] ? mm_fault_error+0x380/0x380 [ 2208.364294] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2208.369870] ? __x64_sys_clock_gettime+0x170/0x250 [ 2208.374817] ? __ia32_sys_clock_settime+0x290/0x290 [ 2208.379853] do_page_fault+0xf6/0x8c0 [ 2208.383667] ? vmalloc_sync_all+0x30/0x30 [ 2208.387828] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2208.393382] ? do_syscall_64+0x497/0x820 [ 2208.397465] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2208.402409] ? syscall_return_slowpath+0x31d/0x5e0 [ 2208.407355] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2208.412728] ? page_fault+0x8/0x30 [ 2208.416286] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2208.421140] ? page_fault+0x8/0x30 [ 2208.424708] page_fault+0x1e/0x30 [ 2208.428156] RIP: 0033:0x46f8fd [ 2208.431330] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2208.450516] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2208.455888] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2208.468187] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2208.475466] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2208.482733] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2208.490006] R13: 0000000000a3fc20 R14: 0000000000000001 R15: 0000000000000001 [ 2208.497449] Task in /ile0 killed as a result of limit of /ile0 [ 2208.503532] memory: usage 24kB, limit 20kB, failcnt 8145 [ 2208.509047] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2208.515851] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2208.522037] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2208.541515] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2208.550366] [26503] 0 26503 17585 8732 131072 0 0 syz-executor5 [ 2208.559269] [26514] 0 26514 17618 8731 131072 0 0 syz-executor6 [ 2208.568179] Memory cgroup out of memory: Kill process 26503 (syz-executor5) score 1752800 or sacrifice child [ 2208.578235] Killed process 26503 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2208.590080] oom_reaper: reaped process 26503 (syz-executor5), now anon-rss:0kB, file-rss:32776kB, shmem-rss:0kB [ 2208.685570] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2208.696571] syz-executor6 cpuset=/ mems_allowed=0 [ 2208.701502] CPU: 0 PID: 26514 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2208.708869] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2208.718225] Call Trace: [ 2208.720829] dump_stack+0x1c9/0x2b4 [ 2208.724466] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2208.729672] ? trace_hardirqs_on+0x10/0x10 [ 2208.733925] dump_header+0x27b/0xf64 [ 2208.737640] ? pagefault_out_of_memory+0x197/0x197 [ 2208.742579] ? __lock_acquire+0x7fc/0x5020 [ 2208.746818] ? print_usage_bug+0xc0/0xc0 [ 2208.750902] ? graph_lock+0x170/0x170 [ 2208.754698] ? print_usage_bug+0xc0/0xc0 [ 2208.758753] ? trace_hardirqs_on+0x10/0x10 [ 2208.762998] ? print_usage_bug+0xc0/0xc0 [ 2208.767085] ? lock_downgrade+0x8f0/0x8f0 [ 2208.771241] ? mark_held_locks+0xc9/0x160 [ 2208.775377] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2208.779949] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2208.785066] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2208.790077] ? trace_hardirqs_on+0xd/0x10 [ 2208.794223] ? ___ratelimit+0xaa/0x655 [ 2208.798118] ? idr_get_free+0x10c0/0x10c0 [ 2208.802272] ? kasan_check_write+0x14/0x20 [ 2208.806511] ? do_raw_spin_lock+0xc1/0x200 [ 2208.810738] oom_kill_process.cold.25+0x10/0x10bc [ 2208.815574] ? oom_evaluate_task+0x540/0x540 [ 2208.819970] ? find_held_lock+0x36/0x1c0 [ 2208.824040] ? lock_downgrade+0x8f0/0x8f0 [ 2208.828189] ? kasan_check_read+0x11/0x20 [ 2208.832324] ? rcu_is_watching+0x8c/0x150 [ 2208.836471] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2208.840877] ? oom_badness+0xb00/0xb00 [ 2208.844753] ? rcu_read_unlock+0x35/0x70 [ 2208.848799] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2208.853027] ? css_task_iter_end+0x2ce/0x490 [ 2208.857435] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2208.862180] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2208.867183] ? trace_hardirqs_on+0xd/0x10 [ 2208.871327] ? _raw_spin_unlock_irq+0x27/0x70 [ 2208.875833] ? oom_badness+0xb00/0xb00 [ 2208.879710] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2208.884459] ? mem_cgroup_iter_break+0x30/0x30 [ 2208.889062] out_of_memory+0xa8a/0x14d0 [ 2208.893043] ? oom_killer_disable+0x3a0/0x3a0 [ 2208.897533] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2208.902546] ? trace_hardirqs_on+0xd/0x10 [ 2208.906687] mem_cgroup_out_of_memory+0x15e/0x210 [ 2208.911518] ? memcg_memory_event+0x40/0x40 [ 2208.915829] ? _raw_spin_unlock+0x22/0x30 [ 2208.919974] mem_cgroup_oom_synchronize+0x713/0x940 [ 2208.924989] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2208.930432] ? memcg_event_wake+0x450/0x450 [ 2208.934766] pagefault_out_of_memory+0xc8/0x197 [ 2208.939433] ? out_of_memory+0x14d0/0x14d0 [ 2208.943666] ? __handle_mm_fault+0x4460/0x4460 [ 2208.948238] mm_fault_error+0x1de/0x380 [ 2208.952201] __do_page_fault+0xd25/0xe50 [ 2208.956264] ? mm_fault_error+0x380/0x380 [ 2208.960409] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2208.966046] ? __x64_sys_clock_gettime+0x170/0x250 [ 2208.970972] ? __ia32_sys_clock_settime+0x290/0x290 [ 2208.975978] do_page_fault+0xf6/0x8c0 [ 2208.979770] ? vmalloc_sync_all+0x30/0x30 [ 2208.983905] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2208.989447] ? do_syscall_64+0x497/0x820 [ 2208.993514] ? syscall_slow_exit_work+0x500/0x500 [ 2208.998363] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2209.003280] ? syscall_return_slowpath+0x31d/0x5e0 [ 2209.008207] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2209.013560] ? page_fault+0x8/0x30 [ 2209.017092] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2209.021929] ? page_fault+0x8/0x30 [ 2209.025469] page_fault+0x1e/0x30 [ 2209.028933] RIP: 0033:0x46f8fd [ 2209.032110] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2209.051295] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2209.056651] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2209.063910] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2209.071168] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2209.078428] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2209.085695] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000002 [ 2209.093280] Task in /ile0 killed as a result of limit of /ile0 [ 2209.099317] memory: usage 24kB, limit 20kB, failcnt 8177 [ 2209.104792] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2209.111582] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2209.117763] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 07:52:53 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000280)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1e70200000000000000010000000000000006000000000000000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x40020200) 07:52:53 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x61, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:53 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\n\x00'}, 0x2c) 07:52:53 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x119, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:53 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xffffff7f}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:52:53 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100), 0x12) ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000180)=0x0) getsockopt$packet_int(r0, 0x107, 0x1f, &(0x7f0000001280), &(0x7f00000012c0)=0x4) ptrace$PTRACE_SECCOMP_GET_FILTER(0x420c, r1, 0x100, &(0x7f0000000280)=""/4096) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r0, 0x84, 0x8, &(0x7f0000000000), &(0x7f0000000140)=0x4) unshare(0x400) 07:52:53 executing program 0: r0 = dup2(0xffffffffffffffff, 0xffffffffffffff9c) ioctl$BLKIOOPT(r0, 0x1279, &(0x7f0000000180)) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000140)='./file0//ile0\x00', 0x0, 0x7) ioctl$KVM_S390_INTERRUPT_CPU(r1, 0x4010ae94, &(0x7f0000000040)={0x4, 0x40, 0x5}) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x1, 0x0) unshare(0x4000000) 07:52:53 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906000000000000]}}, 0x1c) [ 2209.137334] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2209.146287] [26514] 0 26514 17618 8731 131072 0 0 syz-executor6 [ 2209.155178] Memory cgroup out of memory: Kill process 26514 (syz-executor6) score 1752600 or sacrifice child [ 2209.165221] Killed process 26514 (syz-executor6) total-vm:70472kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB 07:52:53 executing program 5: mkdir(&(0x7f00000001c0)='./file1\x00', 0x0) restart_syscall() mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000000)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x10000, 0x0) ioctl$KDSETLED(r0, 0x4b32, 0x7fff) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x403) sched_yield() 07:52:53 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00c\x00'}, 0x2c) [ 2209.259905] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2209.273163] IPVS: ftp: loaded support on port[0] = 21 [ 2209.302940] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2209.346359] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2209.357406] syz-executor0 cpuset=/ mems_allowed=0 [ 2209.362355] CPU: 1 PID: 26561 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2209.369723] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2209.379084] Call Trace: [ 2209.381680] dump_stack+0x1c9/0x2b4 [ 2209.385319] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2209.390541] ? trace_hardirqs_on+0x10/0x10 07:52:53 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000000)='./file0//ile0\x00', 0x800, 0x0) openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r0, &(0x7f0000000180), 0x3e9) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000140)=0x0) prctl$setptracer(0x59616d61, r1) ioctl$sock_inet_udp_SIOCOUTQ(r0, 0x5411, &(0x7f0000000100)) unshare(0x400) 07:52:53 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\t\x00'}, 0x2c) 07:52:53 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x151, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:53 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x108, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2209.394784] dump_header+0x27b/0xf64 [ 2209.398511] ? pagefault_out_of_memory+0x197/0x197 [ 2209.403448] ? __lock_acquire+0x7fc/0x5020 [ 2209.407694] ? print_usage_bug+0xc0/0xc0 [ 2209.411778] ? graph_lock+0x170/0x170 [ 2209.415588] ? print_usage_bug+0xc0/0xc0 [ 2209.419662] ? trace_hardirqs_on+0x10/0x10 [ 2209.423914] ? print_usage_bug+0xc0/0xc0 [ 2209.427996] ? lock_downgrade+0x8f0/0x8f0 [ 2209.432152] ? mark_held_locks+0xc9/0x160 [ 2209.436318] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2209.440962] ? _raw_spin_unlock_irqrestore+0x74/0xc0 07:52:53 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x500000000000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2209.446099] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2209.451128] ? trace_hardirqs_on+0xd/0x10 [ 2209.455290] ? ___ratelimit+0xaa/0x655 [ 2209.459188] ? idr_get_free+0x10c0/0x10c0 [ 2209.463346] ? kasan_check_write+0x14/0x20 [ 2209.467612] ? do_raw_spin_lock+0xc1/0x200 [ 2209.471871] oom_kill_process.cold.25+0x10/0x10bc [ 2209.476731] ? oom_evaluate_task+0x540/0x540 [ 2209.481146] ? find_held_lock+0x36/0x1c0 [ 2209.485353] ? lock_downgrade+0x8f0/0x8f0 [ 2209.489536] ? kasan_check_read+0x11/0x20 07:52:53 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140)='/dev/audio\x00', 0x410080, 0x0) write$FUSE_OPEN(r0, &(0x7f0000000180)={0x20, 0x0, 0x1, {0x0, 0x5}}, 0x20) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) write$FUSE_BMAP(r1, &(0x7f0000000000)={0x18, 0xfffffffffffffffe, 0x2, {0x3}}, 0x18) unshare(0x400) [ 2209.493712] ? rcu_is_watching+0x8c/0x150 [ 2209.497868] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2209.502288] ? oom_badness+0xb00/0xb00 [ 2209.506184] ? rcu_read_unlock+0x35/0x70 [ 2209.510253] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2209.514499] ? css_task_iter_end+0x2ce/0x490 [ 2209.518928] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2209.523692] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2209.528718] ? trace_hardirqs_on+0xd/0x10 [ 2209.532900] ? _raw_spin_unlock_irq+0x27/0x70 [ 2209.537417] ? oom_badness+0xb00/0xb00 [ 2209.541313] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2209.546084] ? mem_cgroup_iter_break+0x30/0x30 [ 2209.550695] out_of_memory+0xa8a/0x14d0 [ 2209.554691] ? oom_killer_disable+0x3a0/0x3a0 [ 2209.559210] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2209.564242] ? trace_hardirqs_on+0xd/0x10 [ 2209.568440] mem_cgroup_out_of_memory+0x15e/0x210 [ 2209.573297] ? memcg_memory_event+0x40/0x40 [ 2209.577633] ? _raw_spin_unlock+0x22/0x30 [ 2209.582317] mem_cgroup_oom_synchronize+0x713/0x940 [ 2209.587344] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2209.592807] ? memcg_event_wake+0x450/0x450 [ 2209.597156] pagefault_out_of_memory+0xc8/0x197 [ 2209.601856] ? out_of_memory+0x14d0/0x14d0 [ 2209.606109] ? __handle_mm_fault+0x4460/0x4460 [ 2209.610698] mm_fault_error+0x1de/0x380 [ 2209.614686] __do_page_fault+0xd25/0xe50 [ 2209.618757] ? mm_fault_error+0x380/0x380 [ 2209.622921] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2209.628489] ? __x64_sys_clock_gettime+0x170/0x250 [ 2209.633425] ? __ia32_sys_clock_settime+0x290/0x290 [ 2209.638451] do_page_fault+0xf6/0x8c0 [ 2209.642266] ? vmalloc_sync_all+0x30/0x30 [ 2209.646427] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2209.651977] ? do_syscall_64+0x497/0x820 [ 2209.656050] ? syscall_slow_exit_work+0x500/0x500 [ 2209.660913] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2209.665857] ? syscall_return_slowpath+0x31d/0x5e0 [ 2209.670793] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2209.676145] ? page_fault+0x8/0x30 [ 2209.679673] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2209.684516] ? page_fault+0x8/0x30 [ 2209.688056] page_fault+0x1e/0x30 [ 2209.691496] RIP: 0033:0x40e33f [ 2209.694663] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2209.713841] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2209.719194] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2209.726449] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2209.733705] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2209.740961] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2209.748236] R13: 00007ff4a0756700 R14: 0000000000000002 R15: 0000000000000001 [ 2209.755656] Task in /ile0 killed as a result of limit of /ile0 [ 2209.761739] memory: usage 24kB, limit 20kB, failcnt 8209 [ 2209.767231] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2209.774050] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 07:52:53 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000400)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562eb2e9f16dfd1e70200000000000000010000000000000006000000000000000000000000e0581e7678a4fc2cb94c8088e11f9c4e050ebc638bad54d2e09effffffff66dd479c18e209d3b453c331f820f1f3cfd9b081bde13e9fa66468aa3d6d42765136d00143e6280376517f066641a1d2785a89b6bb9c4ffbd84c6ee9eb29c38384c2bfbeaa00c4522569b2dbcab41aa872489b8c44c39e7f15ff04f5e8ebe1beddcf3bc03fc063a30c37102dcb6244a1e24710a2e6667daa8da05b0766bc9adf664a80ecb330512afae9d826f12755c2c4f96f129cb8e66fa202aed009f574c04d654807085a766d9c26648514ab2f3ef0ad68caea6d24406ab1c0121d35fde79ee46d07f8a86c8f09be43e6335ad1fcb2805e2f365f748efcbc1f0f8d50e59473f438246cc557aee62d8fb0112e8b79ad441705a2058e81bb67bb3f020e4b1fab4bf695ad49"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x800) r3 = getpid() write$cgroup_pid(r1, &(0x7f0000000140)=r3, 0x12) 07:52:53 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00l\x00'}, 0x2c) 07:52:53 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x78, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:53 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x95, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:53 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000001) [ 2209.780230] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2209.799697] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2209.808468] [26561] 0 26561 17618 8732 126976 0 0 syz-executor0 [ 2209.817368] Memory cgroup out of memory: Kill process 26561 (syz-executor0) score 1752600 or sacrifice child [ 2209.829591] Killed process 26561 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:52:54 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xc00000000000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2209.967647] net_ratelimit: 2 callbacks suppressed [ 2209.967656] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2209.976824] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2209.998895] syz-executor5 cpuset=/ mems_allowed=0 [ 2210.003814] CPU: 1 PID: 26613 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 07:52:54 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00H\x00'}, 0x2c) [ 2210.011184] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2210.020540] Call Trace: [ 2210.023141] dump_stack+0x1c9/0x2b4 [ 2210.026780] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2210.031982] ? trace_hardirqs_on+0x10/0x10 [ 2210.036232] dump_header+0x27b/0xf64 [ 2210.039967] ? pagefault_out_of_memory+0x197/0x197 [ 2210.044911] ? __lock_acquire+0x7fc/0x5020 [ 2210.049166] ? print_usage_bug+0xc0/0xc0 [ 2210.053247] ? graph_lock+0x170/0x170 [ 2210.057062] ? print_usage_bug+0xc0/0xc0 [ 2210.061142] ? trace_hardirqs_on+0x10/0x10 07:52:54 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88caffff00000000]}}, 0x1c) [ 2210.065393] ? print_usage_bug+0xc0/0xc0 [ 2210.069467] ? lock_downgrade+0x8f0/0x8f0 [ 2210.073634] ? mark_held_locks+0xc9/0x160 [ 2210.077786] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2210.082375] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2210.087491] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2210.092518] ? trace_hardirqs_on+0xd/0x10 [ 2210.096682] ? ___ratelimit+0xaa/0x655 [ 2210.098616] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:52:54 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000000000300"}, 0x2c) [ 2210.100574] ? idr_get_free+0x10c0/0x10c0 [ 2210.100594] ? kasan_check_write+0x14/0x20 [ 2210.100608] ? do_raw_spin_lock+0xc1/0x200 [ 2210.100629] oom_kill_process.cold.25+0x10/0x10bc [ 2210.100654] ? oom_evaluate_task+0x540/0x540 [ 2210.100669] ? find_held_lock+0x36/0x1c0 [ 2210.100694] ? lock_downgrade+0x8f0/0x8f0 [ 2210.100715] ? kasan_check_read+0x11/0x20 [ 2210.100728] ? rcu_is_watching+0x8c/0x150 [ 2210.100741] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2210.100759] ? oom_badness+0xb00/0xb00 [ 2210.100777] ? rcu_read_unlock+0x35/0x70 07:52:54 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00z\x00'}, 0x2c) 07:52:54 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00c\x00'}, 0x2c) [ 2210.100789] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2210.100805] ? css_task_iter_end+0x2ce/0x490 [ 2210.100822] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2210.100836] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2210.100852] ? trace_hardirqs_on+0xd/0x10 [ 2210.100871] ? _raw_spin_unlock_irq+0x27/0x70 [ 2210.100885] ? oom_badness+0xb00/0xb00 [ 2210.100901] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2210.100917] ? mem_cgroup_iter_break+0x30/0x30 [ 2210.100947] out_of_memory+0xa8a/0x14d0 [ 2210.211036] ? oom_killer_disable+0x3a0/0x3a0 07:52:54 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00L\x00'}, 0x2c) [ 2210.215546] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2210.220585] ? trace_hardirqs_on+0xd/0x10 [ 2210.224752] mem_cgroup_out_of_memory+0x15e/0x210 [ 2210.229605] ? memcg_memory_event+0x40/0x40 [ 2210.233939] ? _raw_spin_unlock+0x22/0x30 [ 2210.238096] mem_cgroup_oom_synchronize+0x713/0x940 [ 2210.243141] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2210.248618] ? memcg_event_wake+0x450/0x450 [ 2210.252963] pagefault_out_of_memory+0xc8/0x197 [ 2210.257643] ? out_of_memory+0x14d0/0x14d0 [ 2210.261892] ? __handle_mm_fault+0x4460/0x4460 07:52:54 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0xa4, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:54 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000500"}, 0x2c) 07:52:54 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x156, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2210.266480] mm_fault_error+0x1de/0x380 [ 2210.270467] __do_page_fault+0xd25/0xe50 [ 2210.274537] ? mm_fault_error+0x380/0x380 [ 2210.278688] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2210.284230] ? __x64_sys_clock_gettime+0x170/0x250 [ 2210.289169] ? __ia32_sys_clock_settime+0x290/0x290 [ 2210.294217] do_page_fault+0xf6/0x8c0 [ 2210.298029] ? vmalloc_sync_all+0x30/0x30 [ 2210.302181] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2210.307727] ? do_syscall_64+0x497/0x820 [ 2210.311795] ? syscall_slow_exit_work+0x500/0x500 [ 2210.316676] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2210.321614] ? syscall_return_slowpath+0x31d/0x5e0 [ 2210.326558] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2210.331930] ? page_fault+0x8/0x30 [ 2210.335479] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2210.340329] ? page_fault+0x8/0x30 [ 2210.343875] page_fault+0x1e/0x30 [ 2210.347332] RIP: 0033:0x40e33f [ 2210.350513] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2210.369885] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2210.375264] RAX: 00007f1884d92000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2210.382541] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2210.389820] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2210.397100] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2210.404374] R13: 00007f1884db2700 R14: 0000000000000003 R15: 0000000000000001 [ 2210.411788] Task in /ile0 killed as a result of limit of /ile0 [ 2210.417844] memory: usage 24kB, limit 20kB, failcnt 8281 [ 2210.423345] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2210.430131] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2210.436327] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2210.455836] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 07:52:54 executing program 5: mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) [ 2210.464626] [26612] 0 26612 17585 8732 126976 0 0 syz-executor0 [ 2210.473519] [26613] 0 26613 17618 8732 131072 0 0 syz-executor5 [ 2210.482405] [26621] 0 26621 17585 8731 131072 0 0 syz-executor6 [ 2210.491295] Memory cgroup out of memory: Kill process 26613 (syz-executor5) score 1752800 or sacrifice child [ 2210.501344] Killed process 26613 (syz-executor5) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2210.530552] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2210.541520] syz-executor0 cpuset=/ mems_allowed=0 [ 2210.546455] CPU: 1 PID: 26612 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2210.553824] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2210.563185] Call Trace: [ 2210.565786] dump_stack+0x1c9/0x2b4 [ 2210.569433] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2210.574643] ? trace_hardirqs_on+0x10/0x10 [ 2210.578914] dump_header+0x27b/0xf64 [ 2210.582644] ? pagefault_out_of_memory+0x197/0x197 [ 2210.587586] ? __lock_acquire+0x7fc/0x5020 [ 2210.591828] ? print_usage_bug+0xc0/0xc0 [ 2210.595894] ? graph_lock+0x170/0x170 [ 2210.599683] ? print_usage_bug+0xc0/0xc0 [ 2210.603731] ? trace_hardirqs_on+0x10/0x10 [ 2210.607970] ? print_usage_bug+0xc0/0xc0 [ 2210.612042] ? lock_downgrade+0x8f0/0x8f0 [ 2210.616217] ? mark_held_locks+0xc9/0x160 [ 2210.620348] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2210.624916] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2210.630015] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2210.635038] ? trace_hardirqs_on+0xd/0x10 [ 2210.639180] ? ___ratelimit+0xaa/0x655 [ 2210.643073] ? idr_get_free+0x10c0/0x10c0 [ 2210.647209] ? kasan_check_write+0x14/0x20 [ 2210.651428] ? do_raw_spin_lock+0xc1/0x200 [ 2210.655654] oom_kill_process.cold.25+0x10/0x10bc [ 2210.660489] ? oom_evaluate_task+0x540/0x540 [ 2210.664892] ? find_held_lock+0x36/0x1c0 [ 2210.668941] ? lock_downgrade+0x8f0/0x8f0 [ 2210.673089] ? kasan_check_read+0x11/0x20 [ 2210.677221] ? rcu_is_watching+0x8c/0x150 [ 2210.681355] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2210.685765] ? oom_badness+0xb00/0xb00 [ 2210.689649] ? rcu_read_unlock+0x35/0x70 [ 2210.693694] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2210.697914] ? css_task_iter_end+0x2ce/0x490 [ 2210.702325] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2210.707075] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2210.712084] ? trace_hardirqs_on+0xd/0x10 [ 2210.716233] ? _raw_spin_unlock_irq+0x27/0x70 [ 2210.720725] ? oom_badness+0xb00/0xb00 [ 2210.724608] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2210.729347] ? mem_cgroup_iter_break+0x30/0x30 [ 2210.733937] out_of_memory+0xa8a/0x14d0 [ 2210.737907] ? oom_killer_disable+0x3a0/0x3a0 [ 2210.742402] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2210.747405] ? trace_hardirqs_on+0xd/0x10 [ 2210.751551] mem_cgroup_out_of_memory+0x15e/0x210 [ 2210.756382] ? memcg_memory_event+0x40/0x40 [ 2210.760695] ? _raw_spin_unlock+0x22/0x30 [ 2210.764843] mem_cgroup_oom_synchronize+0x713/0x940 [ 2210.769847] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2210.775287] ? memcg_event_wake+0x450/0x450 [ 2210.779619] pagefault_out_of_memory+0xc8/0x197 [ 2210.784278] ? out_of_memory+0x14d0/0x14d0 [ 2210.788505] ? __handle_mm_fault+0x4460/0x4460 [ 2210.793075] mm_fault_error+0x1de/0x380 [ 2210.797051] __do_page_fault+0xd25/0xe50 [ 2210.801109] ? mm_fault_error+0x380/0x380 [ 2210.805251] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2210.810785] ? __x64_sys_clock_gettime+0x170/0x250 [ 2210.815715] ? __ia32_sys_clock_settime+0x290/0x290 [ 2210.820719] do_page_fault+0xf6/0x8c0 [ 2210.824508] ? vmalloc_sync_all+0x30/0x30 [ 2210.828644] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2210.834181] ? do_syscall_64+0x497/0x820 [ 2210.838225] ? syscall_slow_exit_work+0x500/0x500 [ 2210.843061] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2210.847981] ? syscall_return_slowpath+0x31d/0x5e0 [ 2210.852901] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2210.858425] ? retint_user+0x18/0x18 [ 2210.862131] ? page_fault+0x8/0x30 [ 2210.865657] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2210.870489] ? page_fault+0x8/0x30 [ 2210.874024] page_fault+0x1e/0x30 [ 2210.877471] RIP: 0033:0x46f8fd [ 2210.880646] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2210.899888] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2210.905255] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2210.912535] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2210.919823] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2210.927089] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2210.934352] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2210.941775] Task in /ile0 killed as a result of limit of /ile0 [ 2210.947870] memory: usage 24kB, limit 20kB, failcnt 8297 [ 2210.953357] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2210.960146] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2210.966319] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2210.985828] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2210.994631] [26612] 0 26612 17585 8732 126976 0 0 syz-executor0 [ 2211.003541] [26621] 0 26621 17585 8731 131072 0 0 syz-executor6 [ 2211.012431] Memory cgroup out of memory: Kill process 26612 (syz-executor0) score 1752600 or sacrifice child [ 2211.022521] Killed process 26612 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2211.048207] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2211.059217] syz-executor6 cpuset=/ mems_allowed=0 [ 2211.064141] CPU: 1 PID: 26621 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2211.071784] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2211.081147] Call Trace: [ 2211.083743] dump_stack+0x1c9/0x2b4 [ 2211.087482] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2211.092681] ? trace_hardirqs_on+0x10/0x10 [ 2211.096921] dump_header+0x27b/0xf64 [ 2211.100654] ? pagefault_out_of_memory+0x197/0x197 [ 2211.105599] ? __lock_acquire+0x7fc/0x5020 [ 2211.109856] ? print_usage_bug+0xc0/0xc0 [ 2211.113929] ? graph_lock+0x170/0x170 [ 2211.117756] ? print_usage_bug+0xc0/0xc0 [ 2211.121832] ? trace_hardirqs_on+0x10/0x10 [ 2211.126083] ? print_usage_bug+0xc0/0xc0 [ 2211.130157] ? lock_downgrade+0x8f0/0x8f0 [ 2211.134316] ? mark_held_locks+0xc9/0x160 [ 2211.138471] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2211.143058] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2211.148168] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2211.153191] ? trace_hardirqs_on+0xd/0x10 [ 2211.157346] ? ___ratelimit+0xaa/0x655 [ 2211.161259] ? idr_get_free+0x10c0/0x10c0 [ 2211.165417] ? kasan_check_write+0x14/0x20 [ 2211.169661] ? do_raw_spin_lock+0xc1/0x200 [ 2211.173913] oom_kill_process.cold.25+0x10/0x10bc [ 2211.178809] ? oom_evaluate_task+0x540/0x540 [ 2211.183223] ? find_held_lock+0x36/0x1c0 [ 2211.187296] ? lock_downgrade+0x8f0/0x8f0 [ 2211.191451] ? kasan_check_read+0x11/0x20 [ 2211.195601] ? rcu_is_watching+0x8c/0x150 [ 2211.199782] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2211.204244] ? oom_badness+0xb00/0xb00 [ 2211.208135] ? rcu_read_unlock+0x35/0x70 [ 2211.212195] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2211.216429] ? css_task_iter_end+0x2ce/0x490 [ 2211.220845] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2211.225601] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2211.230618] ? trace_hardirqs_on+0xd/0x10 [ 2211.234779] ? _raw_spin_unlock_irq+0x27/0x70 [ 2211.239277] ? oom_badness+0xb00/0xb00 [ 2211.243164] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2211.247918] ? mem_cgroup_iter_break+0x30/0x30 [ 2211.252514] out_of_memory+0xa8a/0x14d0 [ 2211.256493] ? oom_killer_disable+0x3a0/0x3a0 [ 2211.260993] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2211.266014] ? trace_hardirqs_on+0xd/0x10 [ 2211.270175] mem_cgroup_out_of_memory+0x15e/0x210 [ 2211.275025] ? memcg_memory_event+0x40/0x40 [ 2211.279352] ? _raw_spin_unlock+0x22/0x30 [ 2211.283502] mem_cgroup_oom_synchronize+0x713/0x940 [ 2211.288541] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2211.293991] ? memcg_event_wake+0x450/0x450 [ 2211.298328] pagefault_out_of_memory+0xc8/0x197 [ 2211.303001] ? out_of_memory+0x14d0/0x14d0 [ 2211.307243] ? __handle_mm_fault+0x4460/0x4460 [ 2211.311830] mm_fault_error+0x1de/0x380 [ 2211.315819] __do_page_fault+0xd25/0xe50 [ 2211.319891] ? mm_fault_error+0x380/0x380 [ 2211.324040] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2211.329578] ? __x64_sys_clock_gettime+0x170/0x250 [ 2211.334508] ? __ia32_sys_clock_settime+0x290/0x290 [ 2211.339528] do_page_fault+0xf6/0x8c0 [ 2211.343330] ? vmalloc_sync_all+0x30/0x30 [ 2211.347476] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2211.353014] ? do_syscall_64+0x497/0x820 [ 2211.357080] ? syscall_slow_exit_work+0x500/0x500 [ 2211.361927] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2211.366860] ? syscall_return_slowpath+0x31d/0x5e0 [ 2211.371797] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2211.377334] ? retint_user+0x18/0x18 [ 2211.381047] ? page_fault+0x8/0x30 [ 2211.384590] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2211.389433] ? page_fault+0x8/0x30 [ 2211.392976] page_fault+0x1e/0x30 [ 2211.396425] RIP: 0033:0x46f8fd [ 2211.399607] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2211.418998] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2211.424366] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2211.431638] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2211.438910] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2211.446176] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2211.453444] R13: 0000000000a3fc20 R14: 0000000000000002 R15: 0000000000000001 [ 2211.460879] Task in /ile0 killed as a result of limit of /ile0 [ 2211.466952] memory: usage 24kB, limit 20kB, failcnt 8305 [ 2211.472441] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2211.479225] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2211.485416] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2211.504917] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2211.513758] [26621] 0 26621 17585 8731 131072 0 0 syz-executor6 [ 2211.522660] Memory cgroup out of memory: Kill process 26621 (syz-executor6) score 1752600 or sacrifice child [ 2211.532714] Killed process 26621 (syz-executor6) total-vm:70340kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB 07:52:55 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) sendto$inet6(r0, &(0x7f0000000580)="3c0a8194ddd7039777eb5e56336fa8c423973622f739232db1b8be42734376d73c0a9838c047a056e165edb890b754a06400fcde8e26472e20507153e8c5e256bb405cfbb4cc62e685475f82203588e406f1de04766c5da5c4daeed33c9a6af9", 0x60, 0x20000000, &(0x7f0000000600)={0xa, 0x4e22, 0x4, @dev={0xfe, 0x80, [], 0x1d}, 0x7ff}, 0x1c) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000140)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1924b310e782a872800010000000000000006000000000000000000000000bba940bcaf081dd4cda81c7df78666fdf7c705ab0a8e00a5fdd8f161a9f77aef390c4065c21ec066260cbf8bcf"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) sendmsg(r1, &(0x7f0000000540)={&(0x7f0000000280)=@l2={0x1f, 0x1, {0x0, 0x3, 0xfff, 0x514c, 0x80, 0x100}, 0x3, 0x9}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000300)="f66b4cdf5b07a7967128853a14dadb21e3bcc27472e01bb126a40edcf49c0e1cced24ce29618f05e1445e84fd9fe4f28a5c6bcb6e0df4f4988e858d621312d5654344625b4a1e054a7eeb0828b4883b2cf936983", 0x54}, {&(0x7f0000000380)="95fa6256caf327b0551cc7e5fd410de08f9fd110d452e23354435fc871d254443f3fccfb316927f721e59c0d84d7a8ba21", 0x31}], 0x2, &(0x7f0000000840)=ANY=[@ANYBLOB="d80000000000000006000000010000009f77a1a5fc087349be2bb7a0e13e14f183018f5d9480e0013dc5c177f52d7843483b975b7dae9bcb6ee7732a2832aa3b61183d8292c5c8850108f88519148560989bba827e8042d87ac96b6eaba668c677f4cc35fdd40a37ce4fdfad3d73f0db7594beeeffa99566755aea0bca7fb9cdef12534e4436a1acd5a25efa145a0f59176ca83a2b9ef4e77fb5bd233186a329f11d6ebc0c2e0bca77d402599cbb857c33c112d9363a3610a59cc24898b863749d4f8251f759f14e4ae27e929f5b3da09c2200000000000050000000000000000a01000002000000311a997dd7a8079bb18fea47ba7574fff00e4e3a8acfcba6ae9ce94ee3b7442e24dee5d5a18ffed047e240fb5fdc88814ebb6b151ec07a4a2f57a04e00000000000000b2c9dabe346d7bbb0dc1b779b5a6c8eeb807a4289addbcbce4a9d735c65e59ec053675feec3b99a843b8af2f3d6717368deb1deedc0e52689bff2b1d0cd6b162be9efafe93cb071e2d73078a9b5e46deb0962cc9e4b8b2aab37c12bf4a64e62eec0fab483d6bfe6ce061cf9250a987bfeee71b955f2a2f3131eafa9ee894b8f83fe6d341b898767969773a99eb9e840d0381b30f7209a6318f5a"], 0x128, 0x20000000}, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) openat$vsock(0xffffffffffffff9c, &(0x7f0000000500)='/dev/vsock\x00', 0x200080, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) write$P9_RREADLINK(r1, &(0x7f0000000400)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) unshare(0x40020200) getgroups(0x6, &(0x7f0000000440)=[0xee00, 0xee00, 0xee01, 0xee00, 0x0, 0x0]) r4 = getgid() getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000000480)={0x0, 0x0, 0x0}, &(0x7f00000004c0)=0xc) setresgid(r3, r4, r5) 07:52:55 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}, 0x2c) 07:52:55 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x221, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:55 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x216, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:55 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x101200, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000140)={0x0, 0xa4, &(0x7f0000000280)=[@in={0x2, 0x4e22, @broadcast}, @in={0x2, 0x4e22, @multicast1}, @in={0x2, 0x4e20, @multicast1}, @in={0x2, 0x4e22, @local}, @in6={0xa, 0x4e22, 0x7, @local, 0xfffffffffffffffc}, @in6={0xa, 0x4e21, 0x3f, @ipv4={[], [], @local}, 0x4}, @in={0x2, 0x4e23, @rand_addr=0x122b}, @in6={0xa, 0x4e24, 0x6177, @mcast2}]}, &(0x7f0000000180)=0x10) setsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000340)=@assoc_value={r1, 0x4}, 0x8) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0x12) unshare(0x400) 07:52:55 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x20800, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000180)=0x0) write$cgroup_pid(r0, &(0x7f0000000280)=r1, 0x12) r2 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0xa) r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) fcntl$getownex(r3, 0x10, &(0x7f0000000300)) write$P9_RCLUNK(r2, &(0x7f0000000400)={0x7, 0x79, 0x2}, 0x7) r4 = getpgid(0x0) getsockopt$inet_sctp_SCTP_ADAPTATION_LAYER(r2, 0x84, 0x7, &(0x7f0000000380), &(0x7f00000003c0)=0x4) write$cgroup_pid(r0, &(0x7f00000002c0)=r4, 0x12) getsockopt$inet_sctp_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000100), &(0x7f0000000340)=0x4) unshare(0x4000000) ioctl$RTC_ALM_READ(r0, 0x80247008, &(0x7f0000000000)) 07:52:55 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xa000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:52:55 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88640000]}}, 0x1c) [ 2211.545827] oom_reaper: reaped process 26621 (syz-executor6), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB [ 2211.618589] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:52:55 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) r2 = msgget$private(0x0, 0x20) msgctl$IPC_STAT(r2, 0x2, &(0x7f0000000580)=""/4) unshare(0x4000000) sendmsg$unix(r0, &(0x7f0000000540)={&(0x7f0000000140)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000000000)=[{&(0x7f0000000280)="dbcef28989b19d4b20f520a499f4ccd99859dfd80ab2141ad32ef3b901058cf70d66e0052f737ac90e7fbd6255f5531299fb90b9d65df3c1e239413b225cdaad6f3639a1d88cf171db2dd37bac9753d0c3d437208675", 0x56}, {&(0x7f0000000300)="81098a26e1c6b426bfce83a41c5eb1277bb7c20eeb7c83bb46eb43038525c630467252e20de929dd587e4364d12893f853b7dd1705871efaf8bfe8b7e817f9356bbb3ea713504648ff1df29099ba6575d95c510b5fc759a09a2d5669fcc521a14c2caa354830d0c78ecf2b06d0fcbe837b532498dff79e15a7c8a0090494a5d7e0d97d5ecc078e04e044e122b91eb12a753407a3b1a4b64d6b064cddbd9b29abc0f528d0ee80d90d4193b7bf51f92feb6fe9efe75abce57b3717e47ecb1dd327bc7a6e", 0xc3}, {&(0x7f0000000400)="4cf6c27cd6accc807e56e8eb31a355695c563e669dd271698c9477956d0df8b32bc118ca58476cdd153ecef8da86303a829aba839a48c7211d129ad775ae96c76db77bb8bb98f7c019251d3d71df82618250467615a8cc0e05d12b674c1a76aee34dd12cc0e5a0943c870e51a82f86754c08338dbccce6d7b3aba3a57ba312d29f723564e849b4042205dc11ad6379e4e79c67cc35901c043c23a3dc4e3191016ee0d2d2530c3e95ed888d10613a2305c80fba2a4f3fd46c1f33905d04cddc1f9dd79779e9", 0xc5}], 0x3, &(0x7f0000000500)=[@rights={0x20, 0x1, 0x1, [r0, r1, r1]}, @rights={0x18, 0x1, 0x1, [r0, r1]}], 0x38, 0x4000040}, 0x1) [ 2211.714822] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2211.746224] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2211.757405] syz-executor5 cpuset=/ mems_allowed=0 [ 2211.762345] CPU: 0 PID: 26668 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2211.769707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2211.779168] Call Trace: [ 2211.781768] dump_stack+0x1c9/0x2b4 [ 2211.785403] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2211.790607] ? trace_hardirqs_on+0x10/0x10 [ 2211.794847] dump_header+0x27b/0xf64 [ 2211.798570] ? pagefault_out_of_memory+0x197/0x197 [ 2211.803507] ? __lock_acquire+0x7fc/0x5020 [ 2211.807752] ? print_usage_bug+0xc0/0xc0 [ 2211.811825] ? graph_lock+0x170/0x170 [ 2211.815627] ? print_usage_bug+0xc0/0xc0 [ 2211.819724] ? trace_hardirqs_on+0x10/0x10 [ 2211.823974] ? print_usage_bug+0xc0/0xc0 [ 2211.828047] ? lock_downgrade+0x8f0/0x8f0 [ 2211.832216] ? mark_held_locks+0xc9/0x160 [ 2211.836367] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2211.840953] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2211.846059] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2211.851077] ? trace_hardirqs_on+0xd/0x10 [ 2211.855234] ? ___ratelimit+0xaa/0x655 [ 2211.859123] ? idr_get_free+0x10c0/0x10c0 [ 2211.863281] ? kasan_check_write+0x14/0x20 [ 2211.867603] ? do_raw_spin_lock+0xc1/0x200 [ 2211.871842] oom_kill_process.cold.25+0x10/0x10bc [ 2211.876696] ? oom_evaluate_task+0x540/0x540 [ 2211.881107] ? find_held_lock+0x36/0x1c0 [ 2211.885185] ? lock_downgrade+0x8f0/0x8f0 [ 2211.889344] ? kasan_check_read+0x11/0x20 [ 2211.893499] ? rcu_is_watching+0x8c/0x150 [ 2211.897647] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2211.902062] ? oom_badness+0xb00/0xb00 [ 2211.905954] ? rcu_read_unlock+0x35/0x70 [ 2211.910021] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2211.914257] ? css_task_iter_end+0x2ce/0x490 [ 2211.918692] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2211.923453] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2211.928476] ? trace_hardirqs_on+0xd/0x10 [ 2211.932624] ? _raw_spin_unlock_irq+0x27/0x70 [ 2211.937119] ? oom_badness+0xb00/0xb00 [ 2211.941012] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2211.945769] ? mem_cgroup_iter_break+0x30/0x30 [ 2211.950374] out_of_memory+0xa8a/0x14d0 [ 2211.954358] ? oom_killer_disable+0x3a0/0x3a0 [ 2211.958864] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2211.963887] ? trace_hardirqs_on+0xd/0x10 [ 2211.968057] mem_cgroup_out_of_memory+0x15e/0x210 [ 2211.972901] ? memcg_memory_event+0x40/0x40 [ 2211.977239] ? _raw_spin_unlock+0x22/0x30 [ 2211.981397] mem_cgroup_oom_synchronize+0x713/0x940 [ 2211.986416] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2211.991895] ? memcg_event_wake+0x450/0x450 [ 2211.996236] pagefault_out_of_memory+0xc8/0x197 [ 2212.000907] ? out_of_memory+0x14d0/0x14d0 [ 2212.005151] ? __handle_mm_fault+0x4460/0x4460 [ 2212.009740] mm_fault_error+0x1de/0x380 [ 2212.013720] __do_page_fault+0xd25/0xe50 [ 2212.017787] ? mm_fault_error+0x380/0x380 [ 2212.021936] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2212.027475] ? __x64_sys_clock_gettime+0x170/0x250 [ 2212.032408] ? __ia32_sys_clock_settime+0x290/0x290 [ 2212.037431] do_page_fault+0xf6/0x8c0 [ 2212.041237] ? vmalloc_sync_all+0x30/0x30 [ 2212.045394] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2212.050944] ? do_syscall_64+0x497/0x820 [ 2212.055006] ? syscall_slow_exit_work+0x500/0x500 [ 2212.059856] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2212.064789] ? syscall_return_slowpath+0x31d/0x5e0 [ 2212.069731] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2212.075103] ? page_fault+0x8/0x30 [ 2212.078653] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2212.083499] ? page_fault+0x8/0x30 [ 2212.087045] page_fault+0x1e/0x30 [ 2212.090497] RIP: 0033:0x40e33f [ 2212.093682] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2212.113417] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2212.118793] RAX: 00007f1884d92000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2212.126077] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2212.133348] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2212.140619] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2212.147900] R13: 00007f1884db2700 R14: 0000000000000005 R15: 0000000000000001 [ 2212.155256] Task in /ile0 killed as a result of limit of /ile0 [ 2212.161344] memory: usage 24kB, limit 20kB, failcnt 8367 [ 2212.166869] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2212.173677] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2212.179897] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2212.199437] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2212.208294] [26668] 0 26668 17618 8732 131072 0 0 syz-executor5 07:52:56 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000000001100"}, 0x2c) 07:52:56 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) lgetxattr(&(0x7f0000000000)='./file0//ile0\x00', &(0x7f0000000280)=ANY=[@ANYBLOB="73656375726974792e6bf31ead4fa5024c1e9d2b00000000b1fb73b4328e4c37834e497805c42dce22a99da355d3b72844d529f32e8103e3e0523830"], &(0x7f0000000180)=""/37, 0x25) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) [ 2212.217250] [26682] 0 26682 17585 8732 126976 0 0 syz-executor0 [ 2212.226192] [26690] 0 26690 17585 8731 131072 0 0 syz-executor6 [ 2212.235115] Memory cgroup out of memory: Kill process 26668 (syz-executor5) score 1752800 or sacrifice child [ 2212.245198] Killed process 26668 (syz-executor5) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:52:56 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xd8480000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2212.314965] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2212.325998] syz-executor0 cpuset=/ mems_allowed=0 [ 2212.330987] CPU: 0 PID: 26682 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2212.339072] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2212.348438] Call Trace: [ 2212.351054] dump_stack+0x1c9/0x2b4 [ 2212.353987] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2212.354698] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2212.354720] ? trace_hardirqs_on+0x10/0x10 [ 2212.354742] dump_header+0x27b/0xf64 [ 2212.382539] ? pagefault_out_of_memory+0x197/0x197 [ 2212.387483] ? __lock_acquire+0x7fc/0x5020 [ 2212.391733] ? print_usage_bug+0xc0/0xc0 [ 2212.395819] ? graph_lock+0x170/0x170 [ 2212.399630] ? print_usage_bug+0xc0/0xc0 [ 2212.403709] ? trace_hardirqs_on+0x10/0x10 [ 2212.407963] ? print_usage_bug+0xc0/0xc0 [ 2212.412045] ? lock_downgrade+0x8f0/0x8f0 [ 2212.416220] ? mark_held_locks+0xc9/0x160 [ 2212.416848] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2212.420368] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2212.420387] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2212.420405] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2212.420421] ? trace_hardirqs_on+0xd/0x10 [ 2212.420435] ? ___ratelimit+0xaa/0x655 [ 2212.420453] ? idr_get_free+0x10c0/0x10c0 [ 2212.461931] ? kasan_check_write+0x14/0x20 [ 2212.466184] ? do_raw_spin_lock+0xc1/0x200 [ 2212.470436] oom_kill_process.cold.25+0x10/0x10bc [ 2212.475297] ? oom_evaluate_task+0x540/0x540 [ 2212.479714] ? find_held_lock+0x36/0x1c0 [ 2212.483794] ? lock_downgrade+0x8f0/0x8f0 [ 2212.487958] ? kasan_check_read+0x11/0x20 [ 2212.492112] ? rcu_is_watching+0x8c/0x150 [ 2212.496271] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2212.500696] ? oom_badness+0xb00/0xb00 [ 2212.504602] ? rcu_read_unlock+0x35/0x70 [ 2212.508679] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2212.512926] ? css_task_iter_end+0x2ce/0x490 [ 2212.517352] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2212.522119] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2212.527161] ? trace_hardirqs_on+0xd/0x10 [ 2212.531319] ? _raw_spin_unlock_irq+0x27/0x70 [ 2212.535850] ? oom_badness+0xb00/0xb00 [ 2212.539752] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2212.539893] IPVS: set_ctl: invalid protocol: 0 172.20.20.0:0 [ 2212.544519] ? mem_cgroup_iter_break+0x30/0x30 [ 2212.544557] out_of_memory+0xa8a/0x14d0 [ 2212.544577] ? oom_killer_disable+0x3a0/0x3a0 [ 2212.544600] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2212.568414] ? trace_hardirqs_on+0xd/0x10 [ 2212.572590] mem_cgroup_out_of_memory+0x15e/0x210 [ 2212.577449] ? memcg_memory_event+0x40/0x40 [ 2212.581791] ? _raw_spin_unlock+0x22/0x30 [ 2212.585958] mem_cgroup_oom_synchronize+0x713/0x940 [ 2212.590987] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2212.596445] ? memcg_event_wake+0x450/0x450 [ 2212.600785] pagefault_out_of_memory+0xc8/0x197 [ 2212.605467] ? out_of_memory+0x14d0/0x14d0 [ 2212.609740] ? __handle_mm_fault+0x4460/0x4460 07:52:56 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000600"}, 0x2c) 07:52:56 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000001100"}, 0x2c) 07:52:56 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x11c, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:56 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x145, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2212.614336] mm_fault_error+0x1de/0x380 [ 2212.618332] __do_page_fault+0xd25/0xe50 [ 2212.622403] ? mm_fault_error+0x380/0x380 [ 2212.626558] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2212.632101] ? __x64_sys_clock_gettime+0x170/0x250 [ 2212.637046] ? __ia32_sys_clock_settime+0x290/0x290 [ 2212.642078] do_page_fault+0xf6/0x8c0 [ 2212.645894] ? vmalloc_sync_all+0x30/0x30 [ 2212.650053] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2212.655603] ? do_syscall_64+0x497/0x820 [ 2212.659675] ? syscall_slow_exit_work+0x500/0x500 [ 2212.664530] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2212.669473] ? syscall_return_slowpath+0x31d/0x5e0 [ 2212.674421] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2212.679968] ? retint_user+0x18/0x18 [ 2212.683698] ? page_fault+0x8/0x30 [ 2212.687248] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2212.692099] ? page_fault+0x8/0x30 [ 2212.695650] page_fault+0x1e/0x30 [ 2212.699104] RIP: 0033:0x46f8fd [ 2212.702289] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2212.721552] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2212.726908] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2212.734174] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2212.741430] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2212.748687] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2212.755944] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2212.763433] Task in /ile0 killed as a result of limit of /ile0 [ 2212.769540] memory: usage 24kB, limit 20kB, failcnt 8409 [ 2212.775057] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2212.781834] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2212.788051] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2212.807541] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2212.816371] [26682] 0 26682 17585 8732 126976 0 0 syz-executor0 [ 2212.825262] [26690] 0 26690 17585 8731 131072 0 0 syz-executor6 [ 2212.834178] Memory cgroup out of memory: Kill process 26682 (syz-executor0) score 1752600 or sacrifice child [ 2212.844213] Killed process 26682 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2212.869283] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2212.880272] syz-executor6 cpuset=/ mems_allowed=0 [ 2212.885207] CPU: 0 PID: 26690 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2212.892566] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2212.901922] Call Trace: [ 2212.904524] dump_stack+0x1c9/0x2b4 [ 2212.908163] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2212.913362] ? trace_hardirqs_on+0x10/0x10 [ 2212.917604] dump_header+0x27b/0xf64 [ 2212.921332] ? pagefault_out_of_memory+0x197/0x197 [ 2212.926260] ? __lock_acquire+0x7fc/0x5020 [ 2212.930496] ? print_usage_bug+0xc0/0xc0 [ 2212.934569] ? graph_lock+0x170/0x170 [ 2212.938366] ? print_usage_bug+0xc0/0xc0 [ 2212.942427] ? trace_hardirqs_on+0x10/0x10 [ 2212.946669] ? print_usage_bug+0xc0/0xc0 [ 2212.950738] ? lock_downgrade+0x8f0/0x8f0 [ 2212.954892] ? mark_held_locks+0xc9/0x160 [ 2212.959035] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2212.963618] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2212.968738] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2212.973764] ? trace_hardirqs_on+0xd/0x10 [ 2212.977928] ? ___ratelimit+0xaa/0x655 [ 2212.981823] ? idr_get_free+0x10c0/0x10c0 [ 2212.985983] ? kasan_check_write+0x14/0x20 [ 2212.990227] ? do_raw_spin_lock+0xc1/0x200 [ 2212.994479] oom_kill_process.cold.25+0x10/0x10bc [ 2212.999344] ? oom_evaluate_task+0x540/0x540 [ 2213.003763] ? find_held_lock+0x36/0x1c0 [ 2213.007848] ? lock_downgrade+0x8f0/0x8f0 [ 2213.012010] ? kasan_check_read+0x11/0x20 [ 2213.016166] ? rcu_is_watching+0x8c/0x150 [ 2213.020323] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2213.024742] ? oom_badness+0xb00/0xb00 [ 2213.028629] ? rcu_read_unlock+0x35/0x70 [ 2213.032674] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2213.036895] ? css_task_iter_end+0x2ce/0x490 [ 2213.041289] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2213.046039] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2213.051046] ? trace_hardirqs_on+0xd/0x10 [ 2213.055179] ? _raw_spin_unlock_irq+0x27/0x70 [ 2213.059658] ? oom_badness+0xb00/0xb00 [ 2213.063527] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2213.068278] ? mem_cgroup_iter_break+0x30/0x30 [ 2213.072854] out_of_memory+0xa8a/0x14d0 [ 2213.076818] ? oom_killer_disable+0x3a0/0x3a0 [ 2213.081301] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2213.086304] ? trace_hardirqs_on+0xd/0x10 [ 2213.090442] mem_cgroup_out_of_memory+0x15e/0x210 [ 2213.095279] ? memcg_memory_event+0x40/0x40 [ 2213.099606] ? _raw_spin_unlock+0x22/0x30 [ 2213.103745] mem_cgroup_oom_synchronize+0x713/0x940 [ 2213.108745] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2213.114180] ? memcg_event_wake+0x450/0x450 [ 2213.118495] pagefault_out_of_memory+0xc8/0x197 [ 2213.123146] ? out_of_memory+0x14d0/0x14d0 [ 2213.127372] ? __handle_mm_fault+0x4460/0x4460 [ 2213.131951] mm_fault_error+0x1de/0x380 [ 2213.135914] __do_page_fault+0xd25/0xe50 [ 2213.139963] ? mm_fault_error+0x380/0x380 [ 2213.144100] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2213.149632] ? __x64_sys_clock_gettime+0x170/0x250 [ 2213.154546] ? __ia32_sys_clock_settime+0x290/0x290 [ 2213.159552] do_page_fault+0xf6/0x8c0 [ 2213.163351] ? vmalloc_sync_all+0x30/0x30 [ 2213.167486] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2213.173022] ? do_syscall_64+0x497/0x820 [ 2213.177092] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2213.182008] ? syscall_return_slowpath+0x31d/0x5e0 [ 2213.186932] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2213.192455] ? retint_user+0x18/0x18 [ 2213.196155] ? page_fault+0x8/0x30 [ 2213.199684] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2213.204515] ? page_fault+0x8/0x30 [ 2213.208052] page_fault+0x1e/0x30 [ 2213.211499] RIP: 0033:0x46f8fd [ 2213.214675] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2213.233896] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2213.239247] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2213.246516] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2213.253787] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2213.261059] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2213.268325] R13: 0000000000a3fc20 R14: 0000000000000002 R15: 0000000000000001 [ 2213.275715] Task in /ile0 killed as a result of limit of /ile0 [ 2213.281881] memory: usage 24kB, limit 20kB, failcnt 8417 [ 2213.287408] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2213.294195] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2213.300371] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 07:52:57 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000380)=ANY=[@ANYBLOB="b5f505043b7467a7148562ebdfd1e70200000000006bc33bd8494a351400f80000000000000000f4b11790e160074dae10e20f7afcc0610f1c1b22d8c4d224e168ccce1026ee0ed67233fc4b004acf0d455305517ee34e2400000000000000c93c9e58c8d99153e524d1783138c9dbacbbf0bca043ffd3e32e33e82322d506fd8c320eb11b880582512a16637540c7b0351992e92ccd802fc68a2ed60bd32a20408024856db43b66952934b6f8fcc79a584e4cdc28e96fcbef447d12ecfa8af4edfb70c4a52825e865492874ff03a195c0d613f59593a335101bfdeefdf54b99dc5fb6ec248b59cdfed0b942ed9ffb2926dee91b1343dc4a966de16f54222d"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x40020200) 07:52:57 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x156, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:57 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x158, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:57 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x80, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x0, 0x1000, 0xeb, &(0x7f0000000280)="f91a4d30d59122ebee62a40694e6120ff87471f84a481d0c959eee17874210e1ec138feed295ff082b7be389b7a085c389c46f477cfa625351b37d1fc6fcc4957700d99e244a4f78a46a06edd4c5c5b313c4e2d8dc70a3445ea3a0e0a25dfc7923fa5478e5271f167b0f8d8e8db3a04c843535a15d1a673539b8d4722c8c2e4eea075e0b501c6ca422abf8d83419bcaf81e933f02170cf09809f42a9d0a1ffe61f17e62f01bc496f549a6e2a0b4749a4760a0a09ce81765eec7f71b377f45e8bfae9647ba397f2d7fe0186e8c8a407108cc80a8fe221b70bccea40c7408a62b8d9555641e42320fe8f0fd4f50dcbd89892e738c8d95db576dbc21bf37c00b723262651df8f2d80c6a0d4cc6f6cf64112c921cc089735a0755a21e6a6f1a057806e775796bcd15b2137b4920a35996e6d6d68651163a6b69a8ac8e6f06e88dc5b0b11239fe6f9d4033c153a7cb5ee89ff351c3a88dbbab49c05874f32ecf1209b54ca82f2e1b3fab3bb6ac6c660b8bda4a6e01a1a083178355afd7b424373b11b5f0a47bb111ff879ae4eac6ee1c6895bccd20517416a7d0dc500f3199e8193b690bec48df131f98ddb6d83fb66501106209283c6dc6e333dfb08ca68cdd9a3c459f2baaa88c35ebf53f8c480a429aa2f7f810ea6aca4ee933022c28d9c690068c2004b9685413277a90c37b7e5fe96b14a744dd2596df77eb62724fa60dae4ff191737fe077583ca956255660fa81a1d403d6b48a8b019edcd7d4fb145e4d9c368054c4f116368e3f60b1d5a5a242fa4b8f2c5a10ec29588ef595e2fad8a6c2595b23d8f049127ba7e6a1b1e21409d66b799a2600460e96581803024dbfd4f8319824c1019fda6a2feaa8ee419ff011810c6c3cc3afec09052a9824d097099aab736ceecb00739a4b13d8733e3c9363be0cf52c4b574734a2d2c6e736ba55c015ba6712a6290e22278cbeec8df6434a77b7396a0fd957657317b4d265963c93500740a68eefc84ae4c8997571c6d2528f98e9418c4eff89777276bf00dd2789536dd8d5fc31949103f28faf6a759188152f6f16c07554ab217ebb60858e4e5b5c930a34e8ea3dd4b1825523041aa7f5b0a232005807ed470490715cc5b6d331506a5b80edf9b8817ee546618554df4668b73942f70c86f34ce37d35de4bcdc08f90e33aac42ec12498c44f6cfa8622ff0cce7a17ecba08037c9a5e971fd864c48d0878328d85278a394ef09d1a1d0f19a5e58be446b97200c4e5508084707f7090675c7f9e951ff745e5b4b7e677dd07121d48319366a2c36d972df5bcbf24414d036f39be8978af5f67a92362f4a4911d962e4ce5172de8aac7fedaba00ff8971fd657854f84831c1f742adde170770151a8f13996732dfacc8cbdacace8985334149a638bd69a7e624954cb7972e45673cf4cec941260e11324299773b0fa83f1784e29e00e326209ae71d586aeb05474cf780bdc2e0d954e28d1f09e56ed84ec5cea9c9df3d27690e88b9f6059db396154b65b2ce2eb83ab0e1028155b6b766d7091970a340184005eeb85c7b6e267c46e18d18bbac774cbcbeb046df853b1743cd828d70849d65d2006d4039f6a401f85020e3a772f40789ff3681f4e0781ef1349c48ae9d680ce23faaa4b414386256086b42331e0f51a3156241539c73ba50ac4cc2ba20202e88b64e365a26dcdaf0647399a8effa30908b8420b178bd146aa747498cba2b9238ab17dabc180f5034ca9f7614889bda43454b1e78c1bfa6e3073f1ad20be31c33fbaea3010a69558606ff1aab0897d4549700f1139889ebd967575fac649edafffa22fdace28a1cd6b78178145714a16dc14180229feb7952b4e57c42712d62eb3aa98d2f0e6866e3dd9399c276b54ed4fe958c6e9ad49024740f7ffcde6de034a7895b9ad709ae5743116fbb565704f70e479d4130375720957031f607c59c9eedff5ac53b8f5f38494d0062e0cea47b9e5cdb744ffc49ba0630bc6bbf60486da25483765a6bebb220a565b7e26ba0df40246780bc0e479600cd990358b6d3a10f0fe86453a94235689907cbbd9dba8c1fd5279a1eb3e45322f1f8c1322848202da6a230cb1da39f4eed01bc8d7e10e3b830885a2ca977adb46835960cce808efb2cc3fc80d4dcee159aa6bd96787b4a29b76ec843576dc4bfc488925b67fe7d78faf595a5b62019264c6e8c940f66d8dab422fd355488814e0b79c146190ce31b9f588893b50609654e4cae211df52ec6057716b541aab089155103695ddae420b62cbab3021085f23d50a50af0a023ce1ec46b421620323ae21152e176f2eb1467b1884778834fa1533212cf5ba729bdf7e5c99e8a542ee1122c3e8949dd2c3495617827e6119520b9feea23f9102a7024aa3a2dc042f5cc9148a5d023718e989c9fd6a7395528241989467aa472915156ef6ea06aec0fb7f6098c69226fbbfa600f1e3f20ab347405996bb53ab24756af9a82a8e90ed83c969c9e249961508e5de49d928fff8018f79b53a55e7195f13c7f5f703a25893bd855c7ddc5003199601194a41e47d138596c778c8bf78a0298ab6d53b921c76170d828b8274812f0b4703b0d86895221c420025c205d512f3a181a473a990e48802058923e51f1dc6a0681800ac7b0afa4c1599a3eb272e511c9c5449fdb77dc52eab544e5ef9b45cccba6f65fecd7b3b2f7696782e4b32d95895174c0cb38351e95a33f3247e2d34a26f331046d32c17ad4a3f4d81edbc2c104fb4cb70a86a49fb6dd57042db7b3ccbe8143db1886063c4c9ffdd41b7fd535ded00dff5aeb98560f900b17426091ac1c2bfdffa2355db858e95b0d9d0e17d5d45e1a89dbb265307158cbfea8559cda25f4ee949b2f7da14e7f0ac479a174f5dea1abd926004db2faf40979ff81a5d9a0d308b26f8d2243a3126498522006c1fb3047897169c3311a9fa0d5ab2530a4c8778bf6586fb4632c65a7c90a0142780f9de484333eba575a2dd0ddaf587df23698ee2429afa9ef3db7d00d887ba94b3349d8eece877438371cc098bc2a6cdba76e7b64b901c44adf7ec4aabdc95067c901fb7ee13be32d743d8273660052851d1d077aca308681cdb7c134600ee74b61db34dcb5f648127e3e00cfbd3e92ef7bb8fe5d3cfdc4f545c0cdf827fcd678370198630e5369188f2d15efc030e687be2549914efc3eca68dfecb34100577675bab5522d844889f7e133383ad2a4784efb442c1ffb6c631a9551dc281879471452b5318a68c1c6471ea27b53113d14cb85db00024b19d7f875987c0b51d79547403df5c227832cd00c35d4534c8016df3a50f3bde66f5c9ccfda531d02d4ca27716099ce9506510251ff0819985e2715a12de4044b3556aa008b4172a194fd52a7d213ad6587feb61b7cd13e21dbbbdfd76720bf07e0e1b0c3a8b823bfc31849fb289c2c1a719c7397a60cbcad7ec1a3d68784d10300032fd05edfc4963a6ba06557a08913b1a7da5ff513263d78edcde2e6fc8c659b096b187cb341a2505cb4bf57d9d5194faeab89a6bc936dc8a21f2e60853bc2066181f6b0faa2edc570d932e614c9831ad46ea7113495144b7d69a7bf2285efff1c2decba5114fd93a8749ab34fb2c49b2240729a7f94dbe537c9582eceb891a40d6544f2befb29461ce5d98536eb9ba22867048ddbdc9cfdf4c04540e02b1fdfdb152b1ad3e26b225474fac42ca52316e1b467ce82a8baddf9bf1506fcc94c3654d00c1678a98e8e3cc9c07b54e452fd304ab4798bc3187a35d15b5942a1d0a82b111bb3cef245e3d6eb2760d9898338fa81519953dd53638c8fd4f1810ce17d9e021a60b00dff268d5f885bbac28c5a5a30ffad0e38428871038f8980503202ee5eab6d7e8ecf88ab37a6d0b583009dd2262cb139ddad7df8ca302410db99642e2d70336386e3d492a31aad41c01eef7a9f036917faf573e28de0adb0455005e78b30dc72427c60ac599e837419cd027d5b2dbb7790a6ec0f6073f7ef4c76b9e0e30e6ac17b6b531c3861bc3c2222a9333b7b34b3eee2b104412e6bd3322a650a0754b7cedb341372af75986e6473a8d7bd496355a686e47050b926e327128631760544f69b2101f24c754790648a127e7372886989e7a259c2a5c17ea0fd29f6a6e33085dc9aadc2750e511b6925fc783846ef071b735bc2113c1a1ebff9e0d4ca5ba4b656b21e8bfdef6ec01613327fef01237a486c273b2f8c6c6006f8e2045bbc4120afcd40db18d5a337e5d731b909db7dab9f6a8a68839fc690bc63e24e96cee4d4f8a0c6c6f3f3cd502b4d36d7c6d37cf01105a478692a9e7e44c0211e4bfde32ead35601347e58136c3f6f8df46804303afba6a2d8e409b0fdab4d76e96d8e0fc19e002a0ceb84dcc099b25656989cbfd2e440d734b99e7f7fe28832a29ec76d6a0b3528a37274334574cfed4b219884de326b17d1a6e971e5d6390d5c3779b7852392f590a0309d9a7c234c7a41084d8d28059cb4a7a43ff21089878c366318492d004883347dbad19422691fa33be0d22da8f6d08b6ee7c3a490112a4531ad1723dc8d0bcd668c041d5da943c98de4d7034abdea004ec370c4c68028c0579cd08d6a8f0fcaae150b204282db9d548043929021136721744078e0342d4bdaa70f18241768fe3784f13f45e639f2f22c2285c2d559be474da31a9eb38f227838aef37920300c4e5610a9e1b521ef90b1b7136a663a3d166d269c6e4578bb3fed2d23866a1d35ef51f107786fe9a4711beaa97d9cdd1f3c928666eca52d59ded51e103d6b08df8daa715eda3222e930370cb1496e06be4d888855c3389048f8bcbc943d30b1c9ee3b1ec60e0eb037eee2b1e3e4890cc02f3555061a218d50fd20043269d912c06b76621ca3bd4f4f7191f6643d445b69e1b0ed77f4d2ee5b2019a41354d3ee3a12452efe320be5c08a8c05856ae188ae2ba8fd2c807509a808f7a6f7226f853e89450c21fcbdb75146f03b4ab306a95bd29814ddcface10e95a259fe6ec7820878e816a04073b89c3c4c5e34d4553b2aa023849f3c928be44e6797447e72a4509a58aed6329db3a15a1ccf71773c2906c24ec59eda3770f5f1abbe8b211bf3946084ba99a7fee32085f9e3c5da0e94199eeb183f3c51ccd7e1c095f705eccc09e43f4769c469125528dfe56857b3fdb2c771f68370cef2011c1b1a52c28dec5ed1b9b7f7d3c7a0a47923b853371614bb7adbd65c3ce76c3e47b080c21df174819cffcf175c70ca1a00d01445199e92a14feb68fa5f465c16acdbad3b9ce0c6dfad3725ad553ff476effe5c0f3b367ad7bbf82b67fb9e436f780fafa87afb91c93bc6252078fab611f5961fac83d717297e8b6585b978e41a69802d3b83364b2716a42c4736ef501cff77cff2e54f42e0e04c9ca6b17ab8ea3953603ac1e01291a6a430e238805c19d9156ad2025882f3140b1d75565b5e0b4e2aaa39f076f6d71bcd7f0821a5d4c576353e5ebc44832518b10daacdd53abdc7851217dd32fcdb9e902a6e156644cef4144658cc6f9b13578749d62d538b8a8dd7d36e9897b04c18d81be848a2ae82c2d33e74c8fcbb02cbf856264d4c72e091a6473ecd544c041d7be35ecc168bed4a2259fe5efb00a1142356bbbc79ca98ef2ee051b0226e105bc13a333c722f8c4db99ce6a993af1458358ce8e5f588ed339c82893ffcf05902cabe3976abd6325229f3942177bbb0fe90dc4f51f65ba34209c8798596a782afe098194308c855bc6ff46a8feea03cd7f42c111a253a7036938b24c6c37965361f3", &(0x7f0000001280)=""/235, 0x1f}, 0x28) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x400) 07:52:57 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100007fffffff00"}, 0x2c) 07:52:57 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000140)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x40000000000, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000000c0)={0x0}, &(0x7f0000000200)=0xc) getpgrp(r1) r2 = openat$cgroup_procs(r0, &(0x7f0000000000)='\x00\x00\x00\x00\x00\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:52:57 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86ddffff00000000]}}, 0x1c) 07:52:57 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xf0}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2213.319883] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2213.328667] [26690] 0 26690 17585 8731 131072 0 0 syz-executor6 [ 2213.337562] Memory cgroup out of memory: Kill process 26690 (syz-executor6) score 1752600 or sacrifice child [ 2213.347653] Killed process 26690 (syz-executor6) total-vm:70340kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB [ 2213.359869] oom_reaper: reaped process 26690 (syz-executor6), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB 07:52:57 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) r2 = fcntl$getown(r0, 0x9) r3 = getuid() getgroups(0x3, &(0x7f0000001800)=[0x0, 0xffffffffffffffff, 0x0]) r5 = getpgid(0x0) lstat(&(0x7f0000001b00)='./file0//ile0\x00', &(0x7f0000001b40)={0x0, 0x0, 0x0, 0x0, 0x0}) r7 = getegid() ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000001bc0)=0x0) getresuid(&(0x7f0000001c00), &(0x7f0000001c40), &(0x7f0000001c80)=0x0) lstat(&(0x7f0000001cc0)='./file0\x00', &(0x7f0000001d00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r11 = getpgid(0xffffffffffffffff) stat(&(0x7f0000005a80)='./file0//ile0/file0\x00', &(0x7f0000001dc0)={0x0, 0x0, 0x0, 0x0, 0x0}) r13 = getgid() fcntl$getownex(r0, 0x10, &(0x7f0000001e40)={0x0, 0x0}) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000001e80)={{{@in6=@dev, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@remote}, 0x0, @in=@local}}, &(0x7f0000001f80)=0xe8) r16 = getegid() r17 = getpid() getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000001fc0)={{{@in6=@loopback, @in=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@loopback}, 0x0, @in6=@remote}}, &(0x7f00000020c0)=0xe8) stat(&(0x7f0000002100)='./file0//ile0\x00', &(0x7f0000002140)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000003940)=0x0) r21 = geteuid() stat(&(0x7f0000003980)='./file0//ile0\x00', &(0x7f00000039c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r23 = fcntl$getown(r1, 0x9) getsockopt$inet6_IPV6_XFRM_POLICY(r0, 0x29, 0x23, &(0x7f0000003cc0)={{{@in6=@loopback, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@mcast1}, 0x0, @in=@multicast2}}, &(0x7f0000003dc0)=0xe8) getresgid(&(0x7f0000003e00), &(0x7f0000003e40)=0x0, &(0x7f0000003e80)) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000005500)=0x0) getsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, &(0x7f0000005540)={{{@in=@loopback, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@local}, 0x0, @in=@broadcast}}, &(0x7f0000005640)=0xe8) r28 = getgid() r29 = gettid() getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000005680)={{{@in=@loopback, @in=@rand_addr, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4}, 0x0, @in=@remote}}, &(0x7f0000005780)=0xe8) r31 = getgid() r32 = getpid() r33 = getuid() getgroups(0x6, &(0x7f00000057c0)=[0xee00, 0xee01, 0xffffffffffffffff, 0xffffffffffffffff, 0xee00, 0xffffffffffffffff]) sendmmsg$unix(r0, &(0x7f00000058c0)=[{&(0x7f0000000140)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000000000)=[{&(0x7f0000000280)="87ee7a5ead561bd83f88cee0aa24af706c01f5e6ccbc7abcfd87fe694892e352e34ff97869c75ea573c82586d078f64fa92670360a9c08cf290de686e69bd3453f980e5c364fdaac7ab6649e5a9e5c1d0d852926be155792635c1ecfff6244470c2fa668396db410fdff1887473b1cd3643e98d05662a06f52ea719828166474924c4382fd4ea188add98182055fca41122f783cf5093713c98bc401c8f542ef35f4efacf01655be0ed3baadc9dab459b089001bfe4c611d9b4f65767ab38c15f402247a4dcd38552df56714113a8ce56607ca198f8061a62de2627188df0391", 0xe0}], 0x1, 0x0, 0x0, 0x4008000}, {&(0x7f0000000380)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001780)=[{&(0x7f0000000400)="2f108c6ef4eef04ce625adfe02df958156c4278164142201bd202aef86953dde2ce1fb7fc88465d4ff644db71c639b2d1ac03f132858d13b56f644cfc21ed57d0a7c12b28e7fc28563fdfc7f0ebdbd60a129f1a393c9e94e2a24f8c5", 0x5c}, {&(0x7f0000000480)="c890df8472de1ce8b14be1cbeb75150a015b5655e7a4b5ebceeb6a70772fe9b9941562342405548cc4a8a3bd02eb4dee73d673fdb8", 0x35}, {&(0x7f00000004c0)="a59257c682458c90485c2eb30fb88e6aa6c5d07c5dd0", 0x16}, {&(0x7f0000000500)="ccaff2024a900147cc015118d563031847b845af19fb2febc1de426318b297b6d4f788217a0486875158c8bc3d33dbf5920f77e2808b3cbfab61d59e75d3f28562bd08ce7de7a683cbcae37ead7d2ee428b9ff07a326767a60b5311c3f81c81ab76e5992db68a5749e7d86ed1c53f6eb75ff2f8a42dac290a851c0ddef085fb1d711ea676065e412813b1566b696f01a2a0e3122cb4d6c1a9ef5c69fc8db6cf83ad2aef294f23684073e2cb7f3f415c8995105b176c185473d9d1e47765523a5a42343ee8cdb8db75c71802c8bf09be5820cf74223126260b373cc54b3025b81cc098e8dcbfb83abc754ea2f7436f93af615e30d7e99c16f3fb279ddac1e19d1cfe16a8be95f933be55c296fd7fc2d54fd51d918c160e793ab281f201838a74b24765eade987b040e8c1f6caab53ce6b1b12905878dca5f6d93bca61e454984f87de52fae0cf2dc46c85e257a3d49d3397913544c3871eb94c568fe546a3bf1d1a1ca8acf8b97c34893370dee5193622cb416f759128c9c20fede2fc67d0e00bdf7724a9d80f1217bd9eb9d5ef2a944417dedc03f6e0c68b40639d86ee969a82fd10c609aa3399ea1a447f2bed2aa7efdd9602be7f02e6257454255265f1f6f45d1aa8cad8f72699693e5b3e7265dbb8e2824f25ea0ca3121c3071e479430dfe81b026b881363bba31efc9c29983c57a574a140ba07d89026d4db8e72bf444b6f857b60dfe222d8a598edc9dd5713b4e9a5fc1effec87b7bed313ef45b4c11375659a82f006516d36196938f97472161df3ad992d2efdb3c059165b4cc96a1bddef2868d1118f34a8830014ca671e4e1abb69262b36e3ad3893d024028dac46ae3899480d4c5cfeaba9d6f64484abb06d55fccc2a827a53e12cb9788907dd00a195363e97917b01b1bd8aa203042c5721a575aa53414cfbe79933c2ea8e1aff7011fad5aeb9c64915523e14a041d7bc23cfd18693020adfaa04c60beacb6455f5d3629de26257784a2fa4141a65bdc6cf48ca4eba49b87cfeb2a1c4b47d117b3cacdeaaf8ace1e254d3296287b6a5e370cb2d2f105ee51d9b0f78e929e057bff4d053da8fdd60291419a05abdc41bcde08fe082dce84696a2877d553f2f916e072dd4e4dca8b7fd7ec6d5dc9e4f63194444d9bcc4163c5c9462eeb4792f3c9ee6a6dc7a48e569aa391efc0daeac5d197d2c2ff0526d28732fd010eae6bc043b3c316417bc146aa1f30b3add93c552ec2bcbda256e0bc597a13dabe879cef96e07d340db64a58688eff099642dc5fe8eb1daaabdcc61f0d8a57e5398f74c8924c516d523a7461d93c445bebdf0246154689376470e10956b0e8e40828edc33a95dfe4a91023ac55362d102b45d7e2d810a1ccabba07f0e8877285f7a9128666bce418357cfab7b2456da4ff0c75dc152e91a6d1e090515a5f89eab985be16ec5b48d3bc7d259fd86b1e2f227cbc45f558964fc3bcabe4fb77e566ec6a9dd3361af8b1c8e124f51ed2a983b648b9ceb2f963c103385a6e9d9c085e52d60df2f5b2446b061d027d1df7b90ff184ca586d20387f786722185808f04ad7ebce2f7ccaef88cffd27545de0c1da9fe41fa60fdd1384053f443dc297506ea708264e8d851b65eca3bbf78fbb11a66a56cebd50751a56c6e0a526956e1f65bd63d87d1cc7dda337bcf4ba6a96ba5832e00058aa3e02e4d005a9af35637a469b13bac7b0f9d01db73935b1f4114e57485073a9ca10f5aca75138c8ea6702c599bcc3a7ecf26304b625d1b70b03601ca527ecd7f981143fbe6a91ca752bd9aad2a7ed24d3174e3e01bc7df4e3af826b35bda23ad82858603ded9ed39979b87eeecf3201a5528fbf2ee9e223689e7226a892c579402aa69d9c6c7cacc409fcc6cefd19d0817cc64d718d077993ebce9f86cd416b290265175d0c0b5357ceee48a28f8a4557bb257528763e24a99aa2f6f5b32c8b0d85c8f8b69e8290bf8558972d91de368781bb61d2d0cbc315af05ae388cff57e2d1d3b7312e0681c1d5e9fdeefc4998acbbe3e2fb54363fc9275ddf3fa829aa15ee8adca85e8f7ced6798c9069da1430c6d54445f914c53ce66162720d869e9896db6727498f58f2c07eb0ddee540098a47440362f1aaa157ea709907751bab930a9c0fe07d44df4162e999ac1af07e234bef667932cb6a07ba87c48ad5ee036b5c4eb2afe2c5d3a5cb948b932380ddd0b80d0171609af309c789e3c4c5b10b12461f3b7935dacaaadb2369cfba192c352543dc1a97232ff232adfbd244da2fff1323972e02de61d81cd5872445e42dc671d5229482abe4bf75fe11c45ed47f9eee0ae832d45a3a9b8e018f60938763a5063690d9da93a06368090edfe760902fea42be9a2c3e695f1d0d5784457ff40a263dd9d433ab23787ae5da82b854b7b8e53a5c4a1e6d8f47ba7135cb0dd7a574047759dacfb2ec5dae4237ae2644b02120f25a84a3cf0eea1fd5be304626f66ea5d2a3152f8f854a3dae5563ada3907fa59e0be407173f0f764f2efce0f3377370add3ccd537af75fcbb1c7aac729abd262fbf6c22e201ce810023d8449c9efd3b7a06ece593b9e4f423dddc07cd4bedc665b553aa29855b0c8c23a0876d9efd764bd6604bece5ce0bf8c891bb9112ad49640146ab61995acbdc80a3c068ad474d512454abf6c1115b870b44c77fbc561fd2120f3355455d77f3ece1f76079d22dad39d214f7c3d80db5a921260cc78d4ba4d2fc558758a95f2fd80cf8b7e10cf638b44ca1a6d1542ebc9325c5b0a8f6703d9ae5df8702f267c287690cfeac72de5a63d38842162ae9b067e8f899e52b3cfd2df85c607172b54570c88c5ccb31dc82c42a5067e4bdefcd0d4b2f9e08c8415c03d21cb1505b333b9d52ad464f4c63879a601a47e1676d558ed6258a0825fd4d56325c5125160dc5c2b91bef7f08116a8e51b876b067e4a920fb412d260bb4aeee9ee274c0c1d00102c21c10579231c9c7a7fd4b806fcca59498bb3301a899852c54a52a2e48b8a5a4e3813ab55d9db0dd3411166953e290665591c4d40a96000107197f9c8da6e61b2fc5a4507564204473a9265f0ce75bb7b2920272c0f169276eaddfa29ffb7785643b5242ecd127be6a20847a8a575b021ce628b6f52f8e66b62b037eee2ab5e0d809f3771acc93d21d91c34777f07987e63e8c9c9a7dc78d372ec2dea52b7811fa705b3eec62ccd6088cfdc3da7cc42457291c8cb6739b1cf169b9c701cb475253ca24a92f051b30377d3f29ca400dbd55a764ff3486c0d1b8cdaa8e9cd9a2219caecbfe0d9c572826e549aed3594574e8fdcb10a0fa6cef3220c761d03da3d96621389bcbde57c41e2d67befd702664b065ad8ffc313cadcfbe3d5af6bffaa2748bf3a671566d52018c54a02a03d41f51561cf7db8d5c1c001713e5ea540569aaf230c10f859cece69bd36490b083c322fc109116da1a74ee9c2e816c990afc3f1f3100e90bc8c9725b92adad98c40841f64e008c50d36d6accbadf4566d8ffc285936f034754e211aced15da7635faa758c64a96eddfa30573d620bf6bdd5a7f46b75eca48b79aa22ef29aec5bd59a370737e98a9035c92c8fe4a7220a54d01d0e0b2983ee27e8be973b0ef5bd5e6c1803731b196da0000fbe8032918dc877ca5453d7dd8fea935afae3d4784d418b193694f63b0aca50858657bb6419c90e0045c9fced22bf973f9a0485519e4aee09042a00dd27e12ae0cf7ec2f1390d7911f6b5f9f384cb9cc817a0a5c74c4ed1c7fe9419a4bfac9fae53b16baef0c68d3b40d52509461cadd576c87bca947400abd7183c75bd733bcf5a5b953492b346df3354a3c3e0a2c171391c9e4d122da3b77220d9996e371c6f9d89db65523ca78a7bacac9d3c2e087f81350dc1d6cc2d9186599e0504485bfc90497bbbc09164bf4ca83bafb731524d2cd3e3081a228fed82b97850336f254782d0919663e039d68a4a24bbb24f9feab0096efe7e0c71b646c500591154de13c1162938aa9e37750b7b8de7ad3fbe92d306f8230a15aeb556f1ee55a41d21c11cd989fff15e3cfb7574815807e1d2dc82493138293d20371dd17f70883fb000f861055098f09db92dad5906f85819a720f94903fff7632076f5e980b356836973a53c7e6a6deb8092fda1b6fbe7d285f80284c4f364ae8b0751751f76354ecd9cd798b86d6dda21e373e31acd829268361959065bf763ac8cc351d4ff8d7280af94135d48b4a12fab19922f06c139a8c33eb3de3a728dfda6738839fa592e1f93662061c63f771fc1476923a2f12ef6d0f4da2b3f83b461d0ddbe16c92b20ef7cae3f7c121761af1e82a28318fde280da2f7e295a6b2230248bd6748f20ba6ba4904fd5d77ecef64ab5c847adf4658b01d7f09f6ea4468f3b56117bc750453268f3c563006494f56db5bb360c3fbf4fb3b7c5e4d48c9643335eff128dd10d62c0296c3c8cf95b2f4246546e9871fd483b0756c3ae0408a12c48c7c6a7f868d728528ad6cb76c1b7744ed2786a46b07e4d471e8abff58721148938ac804c6c58dcb3669d8e0164f455043e98df0d75e9d2222936035c77df4be4500bfcf76262e7f90a9214d409596185b6d5a09c568920545c5fac197ca0c3c4bd52dca6708c5a2feca3a5c8adced3cb7dce55a82fa5e70e31b4d6c6eb4f38fdbd2797ddc0895165296cdf8563e7b573a09eb88a9d5a0c1afc52aab6ced4d0f81c11bb356c800ab595d06601f69edcd02913a397a03ca0b25126a2040f5550e9bbcd8f08f1f6d47c92b131d36492377605c8ac1a9e71054bfce085905216afe505efa532864120454d29c50e62218d571ab2622dbcbe6c2f28eb48feb0a1f442a066c27684bf5e64400161e57a141dba307505668a3bdd207695eb7a2b18a862a477958b08cd58d64710e9fbf0fc9696e2408d5228eea20eeb8fdbae3881c5d574c7d78f0d6d4ad772c127a115a48da5eb4863159f825b30fc0a8977f47f4e4a05692c2406c92f5dd2c6cd97990e9e657ab939af2c688edef4e0075453b41f48ebf304a476cb7d80c69e22b1e8cec21b188aa92946f6a2aa6c84634232efab0648a02c2b0a4cee1f7844074be57aed632823d3f4de30bebd94cf42f4ff9c116409236dd1b733a3c01418651924d09dba0c5ebebeffc1ebaea8d235e6353470f68dcff4cd091a1f45c80ff7e73f709952691eec88b360719e6fa895e73e87ac64cca9d21c98604ebb04ff6916f5fb57bd8a4d5b280185964e04aea6a775b56a2e35f7c54a98f32fa38476fa807098cd6498b0b655dbbc851ebb1c9c7f3f235b95a86f129ab4e9180e4a788937de7bc81a430d38d4d74875a19b21c6304242ed546b9241cbecc7d5e607c8804b2f68ce21c36fb0dca254114ee792bb55b8ae97d611fa05a607091cf57c82e26c48a9b95ee0ca00798d48eda6b7cafa999034b3132714810b8c2defad3d80586c9b937561dce83d83b42ba04b7f245e83eca83eabb504ca43813860ab613997f0c3d2688e335fcb9c779f42d474eadf50685dce5ae1a43b7e475027141a875898ceeaa810944559912715351c9872c5c5bb1068b56424535908bd15076fd6aa8b851a57d6786f4072593913a0e1a604786c45e4138a1a564c1fd601290036820a3aac2c70f7e21164bc9e3f2b830a074c961f7ed3533ee23c97fc01d347802affa1cd7b75470a9dce58201840f992763ad9d2bd68810584bd9335adb5a2fc07404460fc1dc971f9cc06cae84b7cf342ab63d8cb729959fbb8aafb2a585ed08dac524e4479179f4d", 0x1000}, {&(0x7f0000001500)="a917088558311aee0e7e2d26b85a0de7d8206067df6b103d1dd99e5c8a29218ee85decb7c6f74deceade7bcb080c434de48873114cbbf8928a0eb865eeb3f6ac0f17548c698deba5e31b548138034168f4200973979bc71f2b78e6e58bcd8175eafb93987ec98a8879f0f0b1c17164de1635ae609fbeaa3fa97390d83719318ac77aaad7b2caa928967f61f9e541f8a6fdf927b847", 0x95}, {&(0x7f00000015c0)="480900f17148d8560e0a84a9fb351cb73faaa2b940ecaf1b7edbe3083a7af147bc3072e7f140c7959d", 0x29}, {&(0x7f0000001600)="717bdd6768864e31471f1a27352fa7dc1d4062a96b35318f48b6dc2e86432a84b26349a47cf5af8e32158fbc91c0366d6cc27673b244303c64224faed6743019e674fa50cdd0ade3ece929390217adb862810f900f96b728c13b5f8c32565c7abb812e0fae522a7244319e5616e863ce65b4371127b6ba0ca1eb7be5af975e327005cda274a62a611fb36b95bbffc80594d66ed5d5955e41fc1f82", 0x9b}, {&(0x7f00000016c0)="8a569bd8d36d302cfbd23fa0fa66975aaf64973814f1eb651dfedaccd8ee44268f7e61b4d3bf22ab537e542895a27b9a6aea73dbe36fa28d7c9025b2c0c581b898e8d16e11979829861763e295adc720a6351e9f3053ceeaa2e7bb37ff997dd731b4f77c7aff40ad5725e5d60c4499cf53b3100a472568ec83de24a9b75f8d806e4247bec445db15b11a451a620d284d5c", 0x91}], 0x8, &(0x7f0000001840)=[@cred={0x20, 0x1, 0x2, r2, r3, r4}], 0x20, 0x40}, {&(0x7f0000001880)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001ac0)=[{&(0x7f0000001900)="4969e2541fa9c7bf1c206804111cb7886e540e4f483bb52a6b5de0d1ae4b58f6e375ff812ca5fae6338faac2b79041927af4c2eba378be00992a6517d08aec0789c4e3138b68b4798f9969aab602b73e7e6e49d5709b2a238725420d504eff0c3ed750fc79a6d5e532910a18f173018fb7b4356136b917489927aa813eff45705b477097e5a7ebc407e9adb8f14405ad5fb755fffd486d632f3c0aa2c9b71efade576393d76df870fe5bed6662581b39aa8056cab5be0e25762397cd5de7bc11cf9083033f1e8ff858337d6869ff05846e231fb10bb6633b633757e1ee4eba059e9289cbdb6072c442725414089c6b68107f3a44a9f5d0", 0xf7}, {&(0x7f0000001a00)="2a4f6ee77e3ecd088040cb9342451ebc2739ff4d2f149f637e9b719cd685f5455f4aecb775655c0464049d815dcb71bc2b934e3e70c1cba928a63be64ff5a9bda7bfc4a92c8b92604aa2a6d88da2f802b1d81d7a51997c171f7b0cd4c6c741ace6f6e3653731c7ecd099bc19a23981397088117205861033f5925c9d6521ba95caf03d88f640a3035edf9681ea24ac0498efaf15156e1a46f0a5b2", 0x9b}], 0x2, &(0x7f00000021c0)=[@cred={0x20, 0x1, 0x2, r5, r6, r7}, @rights={0x18, 0x1, 0x1, [r1, r0]}, @cred={0x20, 0x1, 0x2, r8, r9, r10}, @cred={0x20, 0x1, 0x2, r11, r12, r13}, @rights={0x18, 0x1, 0x1, [r0]}, @cred={0x20, 0x1, 0x2, r14, r15, r16}, @rights={0x28, 0x1, 0x1, [r1, r0, r0, r0, r1]}, @cred={0x20, 0x1, 0x2, r17, r18, r19}, @rights={0x30, 0x1, 0x1, [r0, r1, r0, r1, r1, r0, r0]}], 0x128, 0x4080}, {&(0x7f0000002300)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000003880)=[{&(0x7f0000002380)="c6cf6f49e2e6f9739ab69c86e36114eb08001dc09f1bfa20e1f8cfcca4df1a42375ccafb69863276be02984c544a408da7ceca89bb97c54a830f40eabed669b0c03a021df7df2a03311a487eb937bf3cf64b480331a42330fb2fca1b372affebf1f0daeae8e1b0f8cfe435958ecfa1a6cbc21bc4cff31a5f35640a93fbb06b624c09eeb1b2a710e30750a1c4ebfa5ea90e94dd28f75602f438cc0104936666ac372e9f1a80e054d351b1fb4bf84c88d989a4abbc462b6b325bdf29dbb08dd0bc3a47354074373e8e9e820442fb061d94d280c395e313d4c7a496ef3946e59a8293", 0xe1}, {&(0x7f0000002480)="a6fa4cc4f961859559c7323e003391ab1d4a0410c0949f9cf3f0ab3eff054163ddd307c4c52a0817eed1c2c4", 0x2c}, {&(0x7f00000024c0)="f6e30ead61816b10703b91cb43ac00a37e6679c5031f97a13fc34188d0736980a71e96a5912c6e5c0ef7420afc090436d3595ce9053a6c2210b239ed6faf872a12d47f34175a36d8f8e2892aa02ea3a22d7c0fef023de04a9d694c55a8b3105ef776eb1ddd730d963506ef2b58bfde2ec203bfc72ed2b0e11f89b69793a01b78617709f7a24cc2770c793e1a7d3aa63ad347130252e09794307b06c17107088715d8a87a7d369233020d39e28626d7f4bebceaa1442a1625a641b39c919bdb657b9e95dfc059e7459f6614f4ec226c6b4e176143d84e575b44fa199550531003b28fb5963ac608fb3c7f86f43b588a90b62d5733b3aa31dc4ad9062ddf899d7833e60a985f66293a74abea8dfd2b44e2406ad3c4c3fa61f70f54ead36ce84a7243da20b4f38a44bb36c4832b74fb68a935e1a36c217cd63ae66379319b1acc29459ee0e0e39cff3ef2254dc413517656995bb7662e8af5ec747ec6eb3e8b36a4bfee1c2aea221ed81a6a0e2b6feaea6d29f2e0715054320f2e815a396be666acf94bbe578d7855c0220a478d014460557b7f6fe822a67eddc08b3376d9ba30f282d678b72683dcc65e4bb331c15df9f862ffc08a2a75067768989b08832cf29a10838cdebba45f7a30393c6407f4e8e5542c513cefa46138e664520f5295310148770fb846cc87235d488d80fbfd8a3fa3cd1096ea0e18baf78878d27d15e22f3c7273829fe6051005268a94fe9cc3e5ae735a41d6ee05ab3fb7a6f0aa91fec5a6d64de6988a9ff8e7499ad06eef7b379fe9d46d78ececca50908bb56a752ef955532ca77de11175d6d95424709a200e8c2371e7a5a9c60856e0f70f88387f6c3aa80919e7999b6628054a09973f2eb40a39b4204a81c35d9b5bf3de9ed96b928bbf98719dbeb14007708b57436f1c3a065535c491fa9b66735bf7b73c886e722afbb38643597f77bf49b5d3a47c5c5e6e91c67af406ce7a30aaa05ce4d2bbf06f4d1c9efd370b3b7d58c3f4c7615bb49dcf4bbab06b867e04e6d1d004236d4a5c5e24f389b21b6db1257ed049f9cf04485c7a6299dd60b79f630aff8803859f174b478dcc7d411ac8306afff85509a1eb2613b8adb50bab52b9c31c2fd9023f8443531a9bbe33a41253ab921317fc4cdd08192535efe6e3f301deeb237ff32ec755800f3381e82949d785c60ef405e527ac87df52aebd5c4fdc0634ae0e1254f496bbd14dcee43bb3416ef43acd1bbfd60e6dcc134991aaba13d9b6f1e2b2728e2beea7aa8e3cfa211e8768d90682a1742e2cb9ee73f897a480a22672109962d8e636196091388d8cc01f0a08b2df08cee161e1113845f3f68534f45eda211c4c8abbb19c13dee8e43ed51047cf3fe4e34fbe6df2304739bcd8912edb2e0d54005c27d933062ca8894c74d2146579e8c9cc46479a078fdbf8e49c588b79eb51dbc013a0e575a4bf035295cb5c81fce79ed7d67103d2f5aab26439ed2ceaef19247804ce5d0c303ce58e1dca1118be566cd57f42befcf619096563fe28441845c3ecc060f2bc12432c8181dae8aebe96fbd8eb6a1d4c3cdfb1c2a903dbf02342579b2f26c557bfc382da7004d072f3c0c74fd892bf537a23f2593119853992c19624f40557b24278f354e348a66d1a525c6398679396588d8badd4f1dd0800d8f5a0d6a99affe9ce70f8a512c0921e25854acddbc227998f6e83cfa843881f1ab1d8fa497bac9e6ef9408fcc348d8f2c5600aa06325f717a43d71c74e9b261caa47bc15c2ba4704eaa4830d59ef76813aa3620b8d3ce6c9f038003b15b83d8a3e37d528aa0197f4f25aeb840d5e8d759e3a13a08a7b4f0d469a4af799d17726b34bb76d3a90e0e73027658004e879f8de97032b53ae38b3422b65e22ee7e621bb491c909f4da69a83f8735acf7f74960a13d4e593e5374b2a7378009de6d4dd5e24366b8e75f6704101bc1a258e5910f696b53dcdbd102117c45f6a0ded2b177041b6a7351f2f78d779eec453082856fcaaf4a2af53e963579d23f07c7999ce2a7dc72cce97bbfa2651074e2e5e3ed27847c802858585b39ab772c5320d3e613bc411b1ba9a7624cd0dc770a765e48f5281ea40e920c575982d3f681aee7001d5745a755956f5a9399cb40f67a6c53d5f8d034afcf243b15ce4c6ea2e5375a41f9e04f81490c5cf95f238b0c643a8ba784445f64c2e60c75d45aa3171bf60424e49f52d61c869cd4123fb5f649ddfc56bbf3296904f148ca4b93a4342f5cdc9fe9104966bb678b14809789738767662ce7fbd8631184b6628ddbdfc026e3492421b5de34cfe21278053c03dd8bda54ecadb8b4698bdc0919684909ed8d48feb6876e3ab0e80b0de79f9a1007b89c291d4c845e2970470c00f2da9d148a49c7495c8a103ce70882c3b7faac28b5853097ba93469019255b71650e1350d2092545c2b3a2467f171cde131b7cfcc51394ae6395d3da6e24ca55a602f5fd440820de1a1d24fcc1d4854aae661b9deec8395c81f0ac3bebeefde5406dbc1dff7b444876cf7acfaeb9f2ac0d745e2f34045ddf8cc7bb12a9e29bca7c2fccce9583543d7f7f8dda11615506b56326d7a5aa225b258fa585368e01e0ac2fb39fa8aaa7a0d17c4f540d753ff3137c68432b986f87d50ac81d3428078f958449e4f6600a4aaa3a85787c90d3dc10451bb4a8fd3c2dc65bbe86e8bfb77c1db4b6a0f5fd4689a8248c5e7799500b8fc14a58752cd5e826ba237593743f309efebcfe861bb8ddaf158d5304daf04b882887940cd3aa6987aae44e905bba29fb37048a95035b13da204b2eef80296c8d27b16c3563188eb1168f7d17822999240abb5acf778b99c9cd0825cd66b142f49347267fc978ea8e6447193a580afe1cee6de3378aaae139f4bc95b7ab9063f6b450a200eca2c8c5f6f7d2280af29d243ac77f031b181a21a8e265b90c2f6ba6f43a422cdd797c5c248d20e768bad7daace4d4bfa5c879a1cde43af591219babed262e0cfc80a071062b1f79488a0e3f821e4e7b85d96967258b1229902167b22190ad1e82078e8f099e485f8905a836b45d37aaad2221cc1932db0c8494cabbd3aa007df153017dd18d904fc0649b9f34f579b452ccbff86f20dfdc1f88bfc827714366ec489fd987799ed7ba3c7e2768e9ad7756f8cb1f65dfb331a2d4bf66fe158f65eaf009cb8f8ad70bf89a91b596153eb4341a9ffcecc67789256ac933351274f7f895d71d27f7796dd967a41c91a7d2704713d4749ea12e21bc1bc1f9c9162368682265747f84d5bb131cf6720a0422ab2632657c673c77ea44e906b9a0378d9298c97baff582508a8461d66e9cf17e4b4cbc939980204ef56cb2693df549d39df80249694d08d028f3776209680a25a95045f66febd6dad86cf597829eb25352d9656530233735f5c55a9e967eef253173c0860e1de4afaab490bb0b5c8c02e1cc0947b0719e69690e6541f96f7253ab2592257dcc269a058fb377180878211123d9a2c9c08c5408e3ae1e43110b68a37037f2da5f00f52fab974dc4431d92abb483be27deebc772e81ef2731d9f0a8dac74982d58ee01715b042a5300ee8b6b8a1c405920615aebc85609c7ef349890b0d644edab7afb535d25efcca326b4a61ab09a7f58ed318adbe617f9fd53ab27c47bfd85c0ae7456e47fa91d23773a86c3b4e47b0be554fa13de0d1175fb06041d319249b81a50b73bc65669b6c37148c3374af8e1995ba6006bcf57abd8815e48d93b3d26e3c07bb9576d17590a0b124b190aed67befee5cb0919d14a1db56e6bf3860d1289f14124300192d1c01c03abef1caa9b3dcc17648b6a67f0314ba7a946aa1495ac94fb8ba9112e1f9d7e502bc5032ba9eb9fe38f9ef3fa3656f3a6eb8c41c755d3b6e42a4a603fd4bf2aeaabffc6fc78a75f7f3453cd01217ac83fcdd64fd75ab9f84c06b2dac51e1d1dfbe1adf16abae83ec2d5f7a35e4879a2dd374914b079003e7974881e3039339a85d850afcc664a52b690dc4c58b5519e0a9ee6d0ff5e0b1ed45f9b4d150e8db99617ce468d1097b96cf076354032622b6ea062b1d041836e7964dd114224e9f3fe99f54eba403187291edfe3e8118834b85b98abe99910ba18c2c264986dcf41e980ad4ebac2fc9ed398afc9781c7cb53145b0967229dea843ced2c3b909d8b04d37e6a37c90631376a3fb9f9e84500c69bf3e899ccbea3338cacdc85fb1c4cf43a9f3b0f81d65d48872edb279384546cf952235ee0283c40bd8272191ac89a9cd0c50bc64ff8ac87b3fc8e1df2ffaf09daa310de3e02851130fef5e2a8d235b94491586c176c32306b147ac493772c8428d062bbe9055eecd754d0fabd7698bc6b7da13d53cce08222793cc303ca1d60abdcb2a0fcc5c79fd4ddda08f7547fc528e5c0daeeb267e07f3510e6bb4181a650aaffb9e7b110814711aca352fbdcdb68ae0bcd1319c6f37cf6ea40077bc7aa3d5dee2fa353b85e54f0eac870ec52e4e69f51804d7cb9a96ffd9bb62ec19f606647d330e693652835342cdecef560279e6292ba1577ed8bc21dbe338b50fddcd7fca2f5b96e11b4f3df9645562f598cfa00a376b36269134a4992473383222171de531d6dbdde18edfe0040b83445792e9a0109cac01689015f1f96baf61f814c0935ecfeef1cbecac415bb3a04cfd9b8dc6dca921ac40b69f79574f5bd8cb05dbf4291b6e0bbeaeafc275cce7b5c2f4089032d4aa2f387e6b68474502cb107653f9a168a8f3b2326d88d2a1ef678c810a83c7a2b62cdbae501adfc1093d87ca29de336868e37285b9cd162d89d114fc13fc19b687b9d4de0c147912afd19b05ff9f9035d27015e4c0ee9ede33114253f384aa494487f115c19b6661d8acd0cc3539f57610f59ffa314cefcaefa5af0dd4ab0a43a522a343fa8982004f1bc4a3db97f96d25c5f73d99331e0722a80e76c3ce856f8d1e0a392f20e175dd96aef3684cf3d17bf13f53f6083292427a1ca2c56ba0f3d37ab1793ea959208739759c437f123a7b55453662d8ab02445faf30fb640fef3301676ee84bdfdf03acb6bdda1763a89355e50a8468d908132a1c75f98bec47814293319b623cae112d8557173e7f34586e3b10a58dfaf3cfab981cc7105ea1f3706ef2fb4f67029be00536b31767a8cb0840ea9eaf446ce565d2d1e0af9faa2b8bea24cc65174e9f5214a1023fbaaa0b7687492b1bc0507c3b9853df1274cd03da923d778c1edb7f0a1cff1e1d9476a5bd843ef3612bdba9d5ff5e2843e8e09c8efc924b40b8a3e20a0bbabdd0498655ad37145dc4beb1be1cd14f8398692b0994fcc7ab3e3396c49d4ce355a5c8baaa12035a47dba7f03b0ce517e98051cb9c16873e2db16b1eab39808020f879092925fd04bb0b9548768ab25bc66f2169b85412661245116011212d2ffb2abfa6d04f50a4684ca042d59b7c57c712829acf24898aa4a9db113b35423a5a2a62c82562d173119f6ebff269c06ef827da2c36c1ff50019ff9a955c8c059b026e04c92bf5d1b335602074f997c92fd90c188550bbfdf63f5fea045b06badc50acb0eb5ea399ae74232fe0461461c32351365da44f4f3b17361c21c8db2eb4c817b1dc1b60dffc54a2e0e420b8c2683e6c04aa3806cd459d223341830a0283c5cab50c40f14b660626d4175f7061fb6d787d13f298c4328d7d66e835922d1ee14cd3b9b1f78bdb64a1c67a707f04068ffef0c419c28c4f5ad3d809d0bd81a51def761c03b10b98a1c7b5bc45b47552b2b3c1f2bcc69f78e3e0ce4643b2d8ef3bfdc", 0x1000}, {&(0x7f00000034c0)="b092ab9a314d34092098f0fd80994dc4db8880c54ac27ed8838fe4a4bbe3fd8b0e787f93d63b1e8c57d807a6fa1d35", 0x2f}, {&(0x7f0000003500)="db0f1c6ac0f6f8680603ee0a6156827bf76129ada13d0905f8bbbdbf15134efa2e4566133605b4065757a9613854de3b1543473dfe12cb62266538b1514c50491cd4fc23f1432c89b95e5ab2696cd315549a80ac66306eb4a979fbaa226f8d2fa9094e2c4dcaef48423f3eea8f8c53e36a0a839d3f099aeb0280d8dc06d7dbae34e01b78b00d938999095e71819347c773b75ee82853a91cad01e462e2d1162d5cf04ad4269c71c4060f5dfc7694cac6da1b262089e6569d69015d3abe94f0bdce5cf943c05e66cf15042575b191cd62e0c6bc4cefca", 0xd6}, {&(0x7f0000003600)="8ab1265ceae6db2c773deacdc711d15503ed96c53b4460c735d05b6d3bfe8abd9b7865f5867f13134ca631fef4e7580cd8f9002003", 0x35}, {&(0x7f0000003640)="40db971bb2b33780abc3cc720f7419aa94e20aa73b0db35e3634f3e67d65e6639f9f969207560ba1305d1e692cfb077967c5baed234f3a470d9d808f9a7a76af22bc2e746ae3e4adedf8b18535de9f2dd36656397955bcf92e0d5a", 0x5b}, {&(0x7f00000036c0)="f7b52eeb4add6051349c636bda40cfff73e49712c2ce00823e84b90698c78aa4eabcc214481b234e76b46edaa6cb3e72d65cd73cbb242abfab44e05b07f9835f7fa388232d213a78e369a8fdeb8af61e471914379b33ed4a55a217f7c6a65e098a82a404732fbe678436556defccdcac47f1bb59a6099e93bb7323230779c6f497850553e92d8807356f18c1956bed85d27de0888c2b7d98eed80963d8ed575c5647bb24ccd7c3ad59b9429f6103243c3f2f13c43869d527971772ae39b78b4f55a4ca3c407c3cf46f17d3f627317480ca2ac1eb1f64e155852e8f", 0xdb}, {&(0x7f00000037c0)="01da4c298615f2e758902942db922014437badd0", 0x14}, {&(0x7f0000003800)="8a32d9993461dc4cb3f0e6bce78b601a25348f03dbb65ec2f1eacb19b5ef45b05c31b1f19656e9a2bbc384a10754511fad56090bff9409e7df6bd179dcf13b05dee9443f1591a33d2838017da8", 0x4d}], 0xa, &(0x7f0000003a40)=[@cred={0x20, 0x1, 0x2, r20, r21, r22}], 0x20, 0x20000800}, {&(0x7f0000003a80)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000003c80)=[{&(0x7f0000003b00)="8fa76e7517c0ee764d3e5e3f8eb82e1104f1c6e6658fd025ebdba9c6adb362443302aea4a6331fd1f36864199c43bba4b34b077f44767365352715f047058a80c61a840cc08857a48779d5ce0d92f38bf4b6c5f1994dfd5f5f13763630d0417a2a4a0305406dd7e4bef6afc42bf2f6bb7ad21c5310ec2aa97af761cc3d9a6298185785109ae86a1915637ef42bfd28224d8c4d6be287107f63f5310136f5fc30dbcb118f1595f6e5d0487f9c52e450f3c4b847a2f81900d92cb09d0fcdb9e567432d5b39dc168460fa6cf352a05dc20d5eaf22f93e9135d9bd375c480c7dd88210b5264ee9", 0xe5}, {&(0x7f0000003c00)="e475df9b5bfd", 0x6}, {&(0x7f0000003c40)="0f8dcd8324a63e8c2a0d2ae96a42adbf4e42a10fb10df626e002436c21a3", 0x1e}], 0x3, &(0x7f0000003ec0)=[@cred={0x20, 0x1, 0x2, r23, r24, r25}, @rights={0x20, 0x1, 0x1, [r0, r1, r1, r1]}], 0x40, 0x11}, {&(0x7f0000003f00)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f00000051c0)=[{&(0x7f0000003f80)="2d78248033c0c7896638fc2988723815bd54762653abfc3c84ba6f03327f721e010343d143c92da5b47e223913c0f45d73c41800d64ea88761673a5bc5b13e52394a6e3d51a3ae07ef3692f7752365de90c0c70bb34bd5cb7335796ccf3a29630cbc", 0x62}, {&(0x7f0000004000)="5013a95d3e03b4d5193e7531292e02b479da2325bfa03ef76d6f36cbfc2bc7dba83cb09f2a8f9ba69211fe46f2821b96a5c3bd6331b26886ec6c8510db32d1fe2bcfe10c5a2acf0023246cc7610110cc157e3b89ef04c95a41", 0x59}, {&(0x7f0000004080)="98ed61f85ade34a8268265be331e6fc2600c2a69385d9ebf", 0x18}, {&(0x7f00000040c0)="a2af24cdb5b60251979a6f4e1a692080fe5dd207efb7c937e2491f4cbc4a7aad15fdc0be509236afb3db9b292019c96d300860ada3b67b51a3c562df734f80b8773dee", 0x43}, {&(0x7f0000004140)="d7c7e6e24052cf1959af9ec8ee72b1d626a63dd3f6ab355d65706058316d4092056ad0d8fa4016c795ad12e12d54dfd171c7aaddd1e7131fb040fb7b2b48bc67bcb2dbf01fda82ea7ba60ced5fc36fd57a963af07a1f09153e9b54f97e87f16d4e615cd2a8f9154517be8758b995", 0x6e}, {&(0x7f00000041c0)="091e3516402b5a9c68aec84cdd27f3fef3855672e511c7a6f9b260618d33987b811a07c003197dc721c55c4eee8847c51c85c73b2ec169244cf46f5748f6b57a122f1d4d5c644d30d406e98fc36d5518ae5396e5e8a095a5ab3d04c5b3644a1b9fff09360c790baa18623e8f8b2b552b96f55562ef7308b6fef83afc579ecf6f5d885d90b51f084ac394426139e67ed187a8e20b588577998a1af40bb3018cf936995eb18b8bad1c682a9022479a57c922cbc6e89a085bb38c394f4fea2f0fe92840a7e99c39f2ae5ce026cb205cf39a349e3fce5e05a8daa91678f8a4b3baf57c7907511673867e2600607cf09142e2f47c997dc2bee836bbf21a76339147e6cbc12574d37f47becd7925c1b47f46bbd04369a45492ce08a457e55a44534b58dc83461e7e995c9d716de7d9cd5d6dc1de8dd72f1a542c272560c9112308c6bdf745b4c9f0a79c8d490c95ad4fb566ec450e5be52905a1fed0ff958435567f545ea0d5b27c8d635208dcef6c4c9fd0cf2c7a32da343848ecb7738d0e90af4fc2f2f8f7662e04f24340eefc045698d4e8084aea55eb9353b07146f900945855403193d34b44b62437c6cebda32f80b742fc8730f820daa5173de829eef54e8a0f9359ad0f07e7c5a62e3a4f4d10a880a120d8f48385c55a0b78c9112f2cceffaa16854205313d79f85a618eb5e7942292bc635c47a3e68ddf2ec5c94eeea2676889324f8f29f81c4ea71c4b4ce473244c519b9a20b5e947dc6cdf5a53169451b8827a213a8c67b17f48a0d210a301ba080bb87465f90083d8437e5a479c3d32e757197e524f236a6bc3795a48981576141f53185cc305edb44bd0644e43cc336f0a7b259c1083a109ad984c73ac295572dab512bbc344335d05693e7c9fe41b52ea333b35f4b1ff6ab213c17b96d7746c48ba34252897293e38b04545fa0b13e618259847b938c428b65ad5bd6eea710494c879bbecd95bcf74ca9370087a9c564205bd3d722b85be797c78b4194b7a2005e8bb9c83109ec49e6936a6ece018dd2a7d69a9a28d101da0bb2a4b15ab9f8653f8909b8aa9d703124e6c41b7738e582b1a14e8d25103f509bfe811e9466c8a334f1aea9885aca987f66b357cf45d4d8df8853659a798a3bd93ab7baf0a2e8556c1497f3f34425b96c19977c45ef6378112098bd97f7faad8a3fa4bd9de202663f0974011375a255eddf08dd9dffb41d645c8ebdc0ac4bb2d719218cd8a8703b3731f792edf8c466192f391c6f88131f520d4905420e1a4caed420cda0da5fae0c163568a20d925ca7c24e5845c956cb2fc8324cdc425724acd5e94fa61f759f5730bc14c5b3794274cdf0b13ed3ed0a4697bf549502c64ac6437e00fd94ac8d174e0f275bb183c31068a0863680d6d18fd4feaa17554dfb29b6d8c3fc0c8212815d2543df53e81639abbbfa36becd11a2644d551afe09dd2cff29cc26eb68be05c1335c2786940dd32aedd607356ffe4e05f21d15e2bdae3d6437cdefc967d26827b0afcb3b3116dcec2d749aeb4440a99c67abdb82c9dbc2476800be6f1b29ade5aad71665eae6fa1f2e9ed4147a958b380c1392d850141a92ad501fe2c4ddd70657dd523e7309b88c4a8ac1e42097dd4aeabe0df5fd4e634a2979281008dea6a86cd91d8f824232535de4a0df4fd135e14b279f48c9c9f24c4bdfafb71b4c0ca594629bb787043af1ca1602ed102d51a0f1c45ee65e42d74c08c3468601885b7243f397dad32cdebe1d7c42a2b35fc0daad4a47525ca50f28221e0d8d555274c227782cab38c90f7e1689852a7e147c15d8c8d011ef4db39582aa9146f809a93e230afad7f5568653ffb175fc5f8919e9985614836e2bc56e7c728da945ce89f7de2327022ca44197d305cf6dac0fb902b1d970cd154cc981ad882e935073d9b34512494bc3feb29662ef4993f1dcdafc62dff745b686d57b3dc2f59cb7bf8739d1946e5d70df7addfa6c95e4bba4562a7bf256ec7a5c3470373b2dba498cbc754ede0233bf5957fab67f588b882a0f4f55f4c1082d0c81d700ebd6a3458eeab9f25e9d319ea7a8fb29e9df63d47f989b63551ed77a6e1d5c8ea2ce8318476f5943dfcd135c67621058684b69a56395a48785f1a22781f10f8bbe46a250cf75f6334f57d9af04775d8077e75458752aa70f03ca73dfe5aee8cdcc990ac9d545282aae7c4964541bb446b18e8e414e915892b80db122bb9a0464fd46128966c71900e41798468e9475e4b303648ac59378a1f578650d466b1a6bdf0251702d6cde56913d58e35ee8857bd436eba502e8270860104328e0fdec6289caa251f79e1e489a568b5399b1c35134f8659af5c58946f7771c0bae43b29bda25fdc713cc16ca472d97f3474851e4d226720ae31924111a60dc0f7190c00b74ee73b5360faa266c5abbef172ba065d5005138d0b6e6cd8536fd55a94a564b39cca431ab85f078c59381e122ea67e75096ef1ae5924a1751d5ba61bfb19b89708844384c0bf27d951573f459e54ef42c8d967396a0b11dd29811a39150b32d302ef290552abf19aabb41880ae7690ed0a9a9281b8646ec8984da9c4b9014778d478016acb0d54c3a82e0ee0179a770a7a009724a3174634846744d55a6c683f24058c6ff97caf0cea0b12e0cc471a3f1098065fc3335a726a31ca6a6e46b201d2b3ee54e311b31f33805a9af44fd9dd8861a2b6bd126745d1dc4b728f83e35deee3e2424fd93ac7df9a3c04d4626b85b47c20d80168df04b0442d4bcc8e5da136576f5e4966e465a6634cab20803af4518d0409022727a1db21142c49259636b71b800c00a988b2bd2a7dcd08734b2e12e784897d601e2cfa20dde15a31193150ad07bd76ad12819858503c9ba680ae20c007e379b51f74ead32807620e63acacfc3255e40a30fbb1426c94c9c7a9d0c94037238e08e14288225bfa567660bcd53b1f09764ca16a99cd131fe5be88cb2f6fce3ac41486b3decba72df00f565c759f0c8e83074b3bb11e578b4a3373e6b4698cde1a6a6cebb3270a6cce5923e4cfbc355bb146dd423701770c25b3b2cbeab7c7d8696d3c33fb45ac133a3a9eae3fb0f80f274d21a8bf564435b9eece139436903c79daf9924d2f6ea2b67b1f5caacc7ff7a6e6d1f3da3e791cd3244ca110f0a79de0baece56ad8f15b8ae6a8d79e76ad7deae7b0cd0a915baf487e39e6bd11cbdc659518ff247ee562083130ee8eef59c14bea0491067a545267787e3b98715c394fb7bfb98e58506a489c5ece955c1367de1b1ce520a9c59ac1696cb3b1c08a3dc450e3846a869d003a2e7b469a0d5af08395953a7ba63589a0d5eb6a2ac7ea782e17c1bfc540e90f389e56905072f48efaecedd70a1d104582df511e35dcd8779994e474bdcc586d977d0676d6de6edf8a0c0418a0cca8b8e35f462d7e623dedbf1f0f768fe0c5310e6c2b8743eb2293e5be30e5620926c3aeb24519aed6d49c266d82a50f032b9fa1222ef31820a58ab828e6e39e5f0f3be9d0ba2ff5b02b432b00593c24a5a8e86386261f54ff458bae93d91f66c473e6ab64c43139412c6b90512d81aa5503ea322cdc27caa0531bb69f5cf89a6182b9c474b6e46aaec75b292aeeb5d533c521e0c41ab59207cfa59f331d651cdb0471ea8390af5c9965168f05bcf80734d50fc058a023cf32cd8ae74c03a1aee853a573855c8e2e1e96d850a1c28f5a59878fbbb9063c173184602641995918167c85b5b94c765157566d441a60d7ab33247254e58cfe1b6732bc81ca8f95b72a612135414dcfb70d02fde86c4e8d3bfbc6fe2f441b1b689e6cb43a6189a944a300abef96385bf71226e7a76c710eb00a3716d3040ebab9bb6458a372a933c4678f76d31509e25ca5ffc0f425139a0ba8ccde940cb48aeb2a0bdc8a0942903d9cb1ce9b165110d61cd7aff8ebc7d56512d8ad204a1203e1325054b9b1faedd8ef8abcd9013f705d5bdcccf5af32a92808033834e4d161b0eaa66d42fa1dc8f44f4f99462c662aa63aa5b0608b19883e0e378e58935b2f26091750fe3fd3c68962e31e8df93f5d359b0e331fff4c281f944a5cd6a473eb7d88dfe1c25432c809afabee0839f49eae736bd418e5fa27b16880c5211488e2d365bf348860ff818071cde6dcc0993ebfa5a5f60d644efa1b552a9b50b087e7dd12fe85937da6ca33708466d41bae46e252169acbfb204fe92eb23849462789cdeba121d395447c2bc14fb9f6252243979133fded88e666ff1cd426f3d98cdfc1cb858accf93db366b361b03dda3933ed2918cbfc997fd27103cdbf3bc79d95fcf9afbd6d29d12ade8cd6865f6663c1dab6ce77c23b5709f1048f2cdf07f4589103e595f5dc93d0093844ed09ef13c611dc2dd16e9b37426d9d37b3206c4bba29ebc6544439ab7f4db1f5e2f21cc495705275a7a22bc17e1c8c4d164a692109fd88b7c4d27cf8e689a14d0fd08d89de9a44e3090cb00a08fccfd08cb323ef87a67d190a08364a1703b5da6b49b2c3e47b397b4f3a455806b556808e3e7de468708d308c431105fde26efa9e20ac3eb60674ea4e27550c0124bb003f20da57c67766b23cdc6455396565b468f296bd78e02458e53b346cf0af5034a39f82243eabc94eb4c77c1d9e90603e096841a943edc3c86df61b8678af2cb291f559f5a2d159dd532c8642c47571aebd56732294a822e05729df37823415a2aa8a6e201c7d3e0e72e96b6f1b70807a6241e8ea50fe91c4d9ba09769f79d616d9f9be7afff11db8b7dab12c74df1f6bd3c9727d22d6019bbe3f0c0e1192255f152d0520a6c7c1a62e599c189a6da74926178ada7f64da55ad74042520ef8dda82f3a1ee3ac840b225032a79fe574b6917b8194e95c24b2e799621be88263a4432fea4e1e9ee9389798e0e0ce26898750d887dda19037ec0508c903a25912dcad1439497bc3ee655aca35a1e16b1d0aa09791479053ae23bcb22d78c06a2e62bd57c7a7990dda058e1463ab5ed617d36106438c0e3e450c05c19167738f3bbfc8ebaef298655eb495cea9de6b9e9339386aca39fd8f4e8f4a94e4dd52cf328aaf8037dfcf0804943b4ec6e5c634383ce99cfadb2b8aeb03cfbfad0d26f3844a76e3bcdc7ab1c831c90d2f7bddc52da8754b333f167290ae8b4505a839e78acdea69a6707791b86be09e71136ed9e69acbe7c90c7fa5c96386969b0a50a9efcd3282e0be36c834a6f4a8907d52f58347ae47207680016f51121c13a6de79b8eff898404d47880889f72b342a10c3a1b1d374fc339513c633a2ba5508c286fb5aec077aa87d8a1ba4393cc8577c4c6df3c9b5fcc72310121ef625dad621ae6815c5d2d689c1f8354ed43016cee8fbc7c517487405ff5c959ef92269e416a44e10c748d48a0307114dd046d1f135aa7ee5a1c3bf9a530fa3f3a70b1f79f0a74ea73b361046a163fa725d00ea3863b92a7909c8fc1f6dd14d82e7ee9595e0cb378276e1bf3ec5d81fc640478186e63d0764e0fafe411b56fe5f113ab586f6c08056b7cada9d5c3c0065d153a931ff90f276a341abdfbaf9cfbdde7e81f946a024013362d9dad44386b0822d4d8cc168a185e1511195ce1fe47232954ffa64e066f0d74a2ec06591eceadecd2edaf4c060762c8fb0126ab791b47df7ec254333199314a3c6f690113e39294c8beeafad0b8dcc64a5229ecb3f667b798f2a56651a1612f3c4d063a72b347f38dd7acb9664f9915777bfd5f6bb2cd8464c0f515ca00ae4f1969294e8853d37ea13281aa03b9ef94f26862a4af32646a", 0x1000}], 0x6, &(0x7f0000005240)=[@rights={0x18, 0x1, 0x1, [r0]}, @rights={0x28, 0x1, 0x1, [r1, r0, r0, r1, r1, r0]}, @rights={0x38, 0x1, 0x1, [r0, r1, r0, r0, r1, r1, r0, r0, r0, r0]}], 0x78, 0x80}, {&(0x7f00000052c0)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f00000054c0)=[{&(0x7f0000005340)="1af050621ecc0508ffd96b66a1b841dbb1911259a09b8c18204c82caacb5b0ac6210bf1221ba206db216ad7bf9dfb0c9554583d8eed1d9e3e4df555cf4746703f2a647045b32869ae3d9c578651bd7f62111dcf9298dc3c0a7945430630783fe46558c28f9e5aefc2f037b423137242ff1b5b0f29ddd58adda0469c6974b", 0x7e}, {&(0x7f00000053c0)="446ec889f6a3e10bd22dbfac362241f1be6d21fe9bcc85d437a54d1c3083d5082efabe484865d81d194bf37ee80b2481c605cc2f30e738fd1253bb66b1c37f79cf2d5bf060b279673f7941045ff2c531ef0b6c0b84c40d1f692305b60506b34a8b2ceaf3d2377c215565fa8df8e7bd74b4962a66a57332044d76fd1b2d6e00e013fb098ba1965e16d4470d48e58c46c79e2e4bf85178e84002a50966a6db29f3d2509c8643134fee1c8a63c172d185be4fe94b51b9b157af2fa8f4c254275e9923b45136501640f5d6d03dd7595978e01b6109177baa42367ff48e345d562e834f917de4ff9509716a7d581436c11cbe91654f9c4f631ac8b92bb3", 0xfb}], 0x2, &(0x7f0000005800)=[@cred={0x20, 0x1, 0x2, r26, r27, r28}, @cred={0x20, 0x1, 0x2, r29, r30, r31}, @rights={0x18, 0x1, 0x1, [r0, r0]}, @cred={0x20, 0x1, 0x2, r32, r33, r34}, @rights={0x18, 0x1, 0x1, [r1]}, @rights={0x28, 0x1, 0x1, [r0, r1, r0, r0, r0]}], 0xb8, 0x1}], 0x7, 0x40000) [ 2213.442516] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2213.468421] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2213.479410] syz-executor5 cpuset=/ mems_allowed=0 [ 2213.484331] CPU: 0 PID: 26725 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2213.491699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2213.501068] Call Trace: [ 2213.503733] dump_stack+0x1c9/0x2b4 [ 2213.507384] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2213.512589] ? trace_hardirqs_on+0x10/0x10 [ 2213.516839] dump_header+0x27b/0xf64 [ 2213.520572] ? pagefault_out_of_memory+0x197/0x197 [ 2213.525513] ? __lock_acquire+0x7fc/0x5020 [ 2213.529762] ? print_usage_bug+0xc0/0xc0 [ 2213.533844] ? graph_lock+0x170/0x170 [ 2213.537684] ? print_usage_bug+0xc0/0xc0 07:52:57 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00L\x00'}, 0x2c) [ 2213.541773] ? trace_hardirqs_on+0x10/0x10 [ 2213.546022] ? print_usage_bug+0xc0/0xc0 [ 2213.550106] ? lock_downgrade+0x8f0/0x8f0 [ 2213.554270] ? mark_held_locks+0xc9/0x160 [ 2213.558427] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2213.563035] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2213.568163] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2213.569291] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2213.573186] ? trace_hardirqs_on+0xd/0x10 07:52:57 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0xd0, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:57 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1bf, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2213.573207] ? ___ratelimit+0xaa/0x655 [ 2213.573224] ? idr_get_free+0x10c0/0x10c0 [ 2213.573241] ? kasan_check_write+0x14/0x20 [ 2213.573256] ? do_raw_spin_lock+0xc1/0x200 [ 2213.573276] oom_kill_process.cold.25+0x10/0x10bc [ 2213.573301] ? oom_evaluate_task+0x540/0x540 [ 2213.573315] ? find_held_lock+0x36/0x1c0 [ 2213.573338] ? lock_downgrade+0x8f0/0x8f0 [ 2213.573356] ? kasan_check_read+0x11/0x20 [ 2213.573367] ? rcu_is_watching+0x8c/0x150 [ 2213.573381] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2213.573397] ? oom_badness+0xb00/0xb00 [ 2213.573414] ? rcu_read_unlock+0x35/0x70 [ 2213.573427] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2213.573442] ? css_task_iter_end+0x2ce/0x490 [ 2213.573459] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2213.573474] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2213.573490] ? trace_hardirqs_on+0xd/0x10 [ 2213.573503] ? _raw_spin_unlock_irq+0x27/0x70 [ 2213.573517] ? oom_badness+0xb00/0xb00 [ 2213.573532] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2213.573548] ? mem_cgroup_iter_break+0x30/0x30 [ 2213.573577] out_of_memory+0xa8a/0x14d0 [ 2213.573599] ? oom_killer_disable+0x3a0/0x3a0 [ 2213.573617] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2213.573633] ? trace_hardirqs_on+0xd/0x10 [ 2213.573655] mem_cgroup_out_of_memory+0x15e/0x210 [ 2213.573671] ? memcg_memory_event+0x40/0x40 [ 2213.573689] ? _raw_spin_unlock+0x22/0x30 [ 2213.573707] mem_cgroup_oom_synchronize+0x713/0x940 [ 2213.573724] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2213.573738] ? memcg_event_wake+0x450/0x450 [ 2213.573765] pagefault_out_of_memory+0xc8/0x197 [ 2213.573779] ? out_of_memory+0x14d0/0x14d0 [ 2213.573802] ? __handle_mm_fault+0x4460/0x4460 [ 2213.573819] mm_fault_error+0x1de/0x380 [ 2213.573838] __do_page_fault+0xd25/0xe50 [ 2213.573859] ? mm_fault_error+0x380/0x380 [ 2213.573877] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2213.573891] ? __x64_sys_clock_gettime+0x170/0x250 [ 2213.573907] ? __ia32_sys_clock_settime+0x290/0x290 [ 2213.774348] do_page_fault+0xf6/0x8c0 [ 2213.778150] ? vmalloc_sync_all+0x30/0x30 [ 2213.782297] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2213.787825] ? do_syscall_64+0x497/0x820 [ 2213.791878] ? syscall_slow_exit_work+0x500/0x500 [ 2213.796721] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2213.801648] ? syscall_return_slowpath+0x31d/0x5e0 [ 2213.806577] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2213.811928] ? page_fault+0x8/0x30 [ 2213.815458] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2213.820302] ? page_fault+0x8/0x30 [ 2213.823833] page_fault+0x1e/0x30 [ 2213.827272] RIP: 0033:0x46f8fd [ 2213.830460] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2213.849687] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2213.855056] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2213.862322] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2213.869581] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2213.876839] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2213.884106] R13: 0000000000a3fc20 R14: 0000000000000004 R15: 0000000000000001 [ 2213.891840] Task in /ile0 killed as a result of limit of /ile0 [ 2213.897901] memory: usage 24kB, limit 20kB, failcnt 8461 [ 2213.903435] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2213.910232] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2213.916463] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2213.935967] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 07:52:58 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100001100"}, 0x2c) [ 2213.944878] [26725] 0 26725 17585 8732 131072 0 0 syz-executor5 [ 2213.953796] [26736] 0 26736 17585 8731 131072 0 0 syz-executor6 [ 2213.962718] [26751] 0 26751 17618 8732 126976 0 0 syz-executor0 [ 2213.971636] Memory cgroup out of memory: Kill process 26725 (syz-executor5) score 1752800 or sacrifice child [ 2213.981714] Killed process 26725 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:52:58 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000280)='/dev/uinput\x00', 0x8000, 0x0) r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000300)='IPVS\x00') sendmsg$IPVS_CMD_DEL_DAEMON(r0, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="000429bd7a00fedbdf253a8b098f0262861cf0460000"], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x84) r2 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0x12) unshare(0x402) [ 2213.994154] oom_reaper: reaped process 26725 (syz-executor5), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB [ 2214.046140] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2214.057183] syz-executor0 cpuset=/ mems_allowed=0 [ 2214.062119] CPU: 1 PID: 26751 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2214.069484] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2214.078844] Call Trace: [ 2214.081452] dump_stack+0x1c9/0x2b4 [ 2214.085101] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2214.090302] ? trace_hardirqs_on+0x10/0x10 [ 2214.094550] dump_header+0x27b/0xf64 [ 2214.098282] ? pagefault_out_of_memory+0x197/0x197 [ 2214.103225] ? __lock_acquire+0x7fc/0x5020 [ 2214.107478] ? print_usage_bug+0xc0/0xc0 [ 2214.111559] ? graph_lock+0x170/0x170 [ 2214.115370] ? print_usage_bug+0xc0/0xc0 [ 2214.119475] ? trace_hardirqs_on+0x10/0x10 [ 2214.123793] ? print_usage_bug+0xc0/0xc0 [ 2214.127876] ? lock_downgrade+0x8f0/0x8f0 [ 2214.132042] ? mark_held_locks+0xc9/0x160 [ 2214.136205] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2214.140801] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2214.145916] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2214.150937] ? trace_hardirqs_on+0xd/0x10 [ 2214.155091] ? ___ratelimit+0xaa/0x655 [ 2214.158985] ? idr_get_free+0x10c0/0x10c0 [ 2214.163141] ? kasan_check_write+0x14/0x20 [ 2214.168017] ? do_raw_spin_lock+0xc1/0x200 [ 2214.172274] oom_kill_process.cold.25+0x10/0x10bc [ 2214.177134] ? oom_evaluate_task+0x540/0x540 [ 2214.181545] ? find_held_lock+0x36/0x1c0 [ 2214.185623] ? lock_downgrade+0x8f0/0x8f0 [ 2214.189785] ? kasan_check_read+0x11/0x20 [ 2214.193937] ? rcu_is_watching+0x8c/0x150 [ 2214.198089] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2214.202509] ? oom_badness+0xb00/0xb00 [ 2214.206400] ? rcu_read_unlock+0x35/0x70 [ 2214.210467] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2214.214712] ? css_task_iter_end+0x2ce/0x490 [ 2214.219127] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2214.223885] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2214.228906] ? trace_hardirqs_on+0xd/0x10 [ 2214.233056] ? _raw_spin_unlock_irq+0x27/0x70 [ 2214.237553] ? oom_badness+0xb00/0xb00 [ 2214.241450] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2214.246215] ? mem_cgroup_iter_break+0x30/0x30 [ 2214.250820] out_of_memory+0xa8a/0x14d0 [ 2214.254807] ? oom_killer_disable+0x3a0/0x3a0 [ 2214.259311] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2214.264336] ? trace_hardirqs_on+0xd/0x10 [ 2214.268511] mem_cgroup_out_of_memory+0x15e/0x210 [ 2214.273385] ? memcg_memory_event+0x40/0x40 [ 2214.277716] ? _raw_spin_unlock+0x22/0x30 [ 2214.280000] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2214.281873] mem_cgroup_oom_synchronize+0x713/0x940 [ 2214.281891] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2214.281904] ? memcg_event_wake+0x450/0x450 [ 2214.281928] pagefault_out_of_memory+0xc8/0x197 [ 2214.316021] ? out_of_memory+0x14d0/0x14d0 [ 2214.320275] ? __handle_mm_fault+0x4460/0x4460 [ 2214.321469] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2214.324859] mm_fault_error+0x1de/0x380 07:52:58 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305]}}, 0x1c) 07:52:58 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xfffffffffffff000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2214.324880] __do_page_fault+0xd25/0xe50 [ 2214.324900] ? mm_fault_error+0x380/0x380 [ 2214.324920] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2214.357647] ? __x64_sys_clock_gettime+0x170/0x250 [ 2214.362587] ? __ia32_sys_clock_settime+0x290/0x290 [ 2214.367616] do_page_fault+0xf6/0x8c0 [ 2214.371430] ? vmalloc_sync_all+0x30/0x30 [ 2214.375588] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2214.381133] ? do_syscall_64+0x497/0x820 [ 2214.385200] ? syscall_slow_exit_work+0x500/0x500 [ 2214.390053] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2214.394986] ? syscall_return_slowpath+0x31d/0x5e0 [ 2214.399928] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2214.405480] ? retint_user+0x18/0x18 [ 2214.409201] ? page_fault+0x8/0x30 [ 2214.412745] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2214.417589] ? page_fault+0x8/0x30 [ 2214.421115] page_fault+0x1e/0x30 [ 2214.424551] RIP: 0033:0x40e33f [ 2214.427722] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2214.446905] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2214.452268] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2214.459523] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2214.466777] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2214.474037] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2214.481296] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2214.488634] Task in /ile0 killed as a result of limit of /ile0 [ 2214.494723] memory: usage 24kB, limit 20kB, failcnt 8541 [ 2214.500209] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2214.507010] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2214.513210] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2214.532754] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2214.541551] [26736] 0 26736 17585 8731 131072 0 0 syz-executor6 [ 2214.550468] [26751] 0 26751 17618 8732 126976 0 0 syz-executor0 [ 2214.559384] [26775] 0 26775 17585 8732 131072 0 0 syz-executor5 [ 2214.568283] Memory cgroup out of memory: Kill process 26736 (syz-executor6) score 1752600 or sacrifice child [ 2214.578534] Killed process 26736 (syz-executor6) total-vm:70340kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB [ 2214.624897] oom_reaper: reaped process 26736 (syz-executor6), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2214.642860] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2214.653958] syz-executor0 cpuset=/ mems_allowed=0 [ 2214.658971] CPU: 1 PID: 26751 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 07:52:58 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000480)=ANY=[@ANYBLOB="b5f5037b3b7467a7148562ebdfd1e702000000ce409581e5399a950000000006000000000000000000000000941e8a6fc721ca435105df45165e35ca0325685d14a30c13fc3f1ef5516b987e6aa165a800beb66a403a37967c067916fc460c0ff3e589f2e7df92ca64c295e43b20bb90c7d80a1dea812ef302c3a70d9d5621aec60ada46a1dd57fe3e213780c63bbe38f3804d1a9f5d3bc51f6b9d305c1e16f9059027c882001bf40e5fd9e83b6fc81f621b0d"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x40020200) accept4$packet(r1, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000180)=0x14, 0x80000) setsockopt$RDS_GET_MR_FOR_DEST(r1, 0x114, 0x7, &(0x7f00000003c0)={@hci={0x1f, r3, 0x1}, {&(0x7f00000002c0)=""/181, 0xb5}, &(0x7f0000000380), 0x20}, 0xa0) 07:52:58 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0xcc, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:58 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x122, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:58 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000000008400"}, 0x2c) 07:52:58 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:52:58 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8848]}}, 0x1c) [ 2214.666360] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2214.675720] Call Trace: [ 2214.678316] dump_stack+0x1c9/0x2b4 [ 2214.681954] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2214.687154] ? trace_hardirqs_on+0x10/0x10 [ 2214.691407] dump_header+0x27b/0xf64 [ 2214.695142] ? pagefault_out_of_memory+0x197/0x197 [ 2214.700083] ? __lock_acquire+0x7fc/0x5020 [ 2214.704335] ? print_usage_bug+0xc0/0xc0 [ 2214.708414] ? graph_lock+0x170/0x170 [ 2214.712226] ? print_usage_bug+0xc0/0xc0 [ 2214.716293] ? trace_hardirqs_on+0x10/0x10 [ 2214.720565] ? print_usage_bug+0xc0/0xc0 07:52:58 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100008f0400"}, 0x2c) [ 2214.724643] ? lock_downgrade+0x8f0/0x8f0 [ 2214.728811] ? mark_held_locks+0xc9/0x160 [ 2214.732986] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2214.737577] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2214.742696] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2214.747746] ? trace_hardirqs_on+0xd/0x10 [ 2214.751921] ? ___ratelimit+0xaa/0x655 [ 2214.755813] ? idr_get_free+0x10c0/0x10c0 [ 2214.759964] ? kasan_check_write+0x14/0x20 [ 2214.764202] ? do_raw_spin_lock+0xc1/0x200 [ 2214.768493] oom_kill_process.cold.25+0x10/0x10bc 07:52:58 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00t\x00'}, 0x2c) [ 2214.773377] ? oom_evaluate_task+0x540/0x540 [ 2214.777791] ? find_held_lock+0x36/0x1c0 [ 2214.781904] ? lock_downgrade+0x8f0/0x8f0 [ 2214.786065] ? kasan_check_read+0x11/0x20 [ 2214.790253] ? rcu_is_watching+0x8c/0x150 [ 2214.794450] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2214.798874] ? oom_badness+0xb00/0xb00 [ 2214.802772] ? rcu_read_unlock+0x35/0x70 [ 2214.806841] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2214.811083] ? css_task_iter_end+0x2ce/0x490 [ 2214.815499] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2214.820266] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2214.825291] ? trace_hardirqs_on+0xd/0x10 [ 2214.829448] ? _raw_spin_unlock_irq+0x27/0x70 [ 2214.833948] ? oom_badness+0xb00/0xb00 [ 2214.837844] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2214.842609] ? mem_cgroup_iter_break+0x30/0x30 [ 2214.847210] out_of_memory+0xa8a/0x14d0 [ 2214.851195] ? oom_killer_disable+0x3a0/0x3a0 [ 2214.855711] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2214.860754] ? trace_hardirqs_on+0xd/0x10 [ 2214.864916] mem_cgroup_out_of_memory+0x15e/0x210 [ 2214.869765] ? memcg_memory_event+0x40/0x40 [ 2214.874095] ? _raw_spin_unlock+0x22/0x30 [ 2214.878256] mem_cgroup_oom_synchronize+0x713/0x940 [ 2214.883284] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2214.888743] ? memcg_event_wake+0x450/0x450 [ 2214.893087] pagefault_out_of_memory+0xc8/0x197 [ 2214.897764] ? out_of_memory+0x14d0/0x14d0 [ 2214.902016] ? __handle_mm_fault+0x4460/0x4460 [ 2214.906614] mm_fault_error+0x1de/0x380 [ 2214.910602] __do_page_fault+0xd25/0xe50 [ 2214.914677] ? mm_fault_error+0x380/0x380 [ 2214.918826] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2214.924349] ? __x64_sys_clock_gettime+0x170/0x250 [ 2214.929262] ? __ia32_sys_clock_settime+0x290/0x290 [ 2214.934267] do_page_fault+0xf6/0x8c0 [ 2214.938065] ? vmalloc_sync_all+0x30/0x30 [ 2214.942201] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2214.947737] ? do_syscall_64+0x497/0x820 [ 2214.951784] ? syscall_slow_exit_work+0x500/0x500 [ 2214.956630] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2214.961556] ? syscall_return_slowpath+0x31d/0x5e0 [ 2214.966484] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2214.972017] ? retint_user+0x18/0x18 [ 2214.975745] ? page_fault+0x8/0x30 [ 2214.979281] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2214.984110] ? page_fault+0x8/0x30 [ 2214.987635] page_fault+0x1e/0x30 [ 2214.991079] RIP: 0033:0x40e33f [ 2214.994254] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2215.013476] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2215.018838] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2215.026108] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2215.033384] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2215.040644] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2215.047906] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2215.055352] Task in /ile0 killed as a result of limit of /ile0 [ 2215.061408] memory: usage 24kB, limit 20kB, failcnt 8557 [ 2215.066886] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2215.073674] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2215.079848] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2215.099359] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2215.108183] [26751] 0 26751 17618 8732 126976 0 0 syz-executor0 [ 2215.117060] [26775] 0 26775 17585 8732 131072 0 0 syz-executor5 [ 2215.125942] Memory cgroup out of memory: Kill process 26775 (syz-executor5) score 1752800 or sacrifice child [ 2215.135978] Killed process 26775 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2215.154186] oom_reaper: reaped process 26775 (syz-executor5), now anon-rss:0kB, file-rss:32784kB, shmem-rss:0kB [ 2215.171315] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2215.182306] syz-executor0 cpuset=/ mems_allowed=0 [ 2215.187276] CPU: 1 PID: 26751 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2215.194640] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2215.204000] Call Trace: [ 2215.206600] dump_stack+0x1c9/0x2b4 [ 2215.210263] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2215.215533] ? trace_hardirqs_on+0x10/0x10 [ 2215.219805] dump_header+0x27b/0xf64 [ 2215.223556] ? pagefault_out_of_memory+0x197/0x197 [ 2215.228504] ? __lock_acquire+0x7fc/0x5020 [ 2215.232755] ? __lock_acquire+0x7fc/0x5020 [ 2215.237005] ? print_usage_bug+0xc0/0xc0 [ 2215.241077] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2215.245678] ? graph_lock+0x170/0x170 [ 2215.249492] ? print_usage_bug+0xc0/0xc0 [ 2215.253562] ? trace_hardirqs_on+0x10/0x10 [ 2215.257809] ? finish_task_switch+0x1d3/0x870 [ 2215.262310] ? finish_task_switch+0x18a/0x870 [ 2215.266825] ? print_usage_bug+0xc0/0xc0 [ 2215.270906] ? lock_downgrade+0x8f0/0x8f0 [ 2215.275074] ? mark_held_locks+0xc9/0x160 [ 2215.279227] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2215.283817] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2215.288931] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2215.293976] ? trace_hardirqs_on+0xd/0x10 [ 2215.298137] ? ___ratelimit+0xaa/0x655 [ 2215.302034] ? idr_get_free+0x10c0/0x10c0 [ 2215.306184] ? kasan_check_write+0x14/0x20 [ 2215.310411] ? do_raw_spin_lock+0xc1/0x200 [ 2215.314643] oom_kill_process.cold.25+0x10/0x10bc [ 2215.319481] ? oom_evaluate_task+0x540/0x540 [ 2215.323893] ? find_held_lock+0x36/0x1c0 [ 2215.327947] ? lock_downgrade+0x8f0/0x8f0 [ 2215.332084] ? kasan_check_read+0x11/0x20 [ 2215.336221] ? rcu_is_watching+0x8c/0x150 [ 2215.340355] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2215.344764] ? oom_badness+0xb00/0xb00 [ 2215.348650] ? rcu_read_unlock+0x35/0x70 [ 2215.352704] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2215.356926] ? css_task_iter_end+0x2ce/0x490 [ 2215.361319] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2215.366076] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2215.371079] ? trace_hardirqs_on+0xd/0x10 [ 2215.375216] ? _raw_spin_unlock_irq+0x27/0x70 [ 2215.379730] ? oom_badness+0xb00/0xb00 [ 2215.383606] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2215.388363] ? mem_cgroup_iter_break+0x30/0x30 [ 2215.392966] out_of_memory+0xa8a/0x14d0 [ 2215.396934] ? oom_killer_disable+0x3a0/0x3a0 [ 2215.401419] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2215.406423] ? trace_hardirqs_on+0xd/0x10 [ 2215.410562] mem_cgroup_out_of_memory+0x15e/0x210 [ 2215.415740] ? memcg_memory_event+0x40/0x40 [ 2215.420058] ? _raw_spin_unlock+0x22/0x30 [ 2215.424205] mem_cgroup_oom_synchronize+0x713/0x940 [ 2215.429215] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2215.434662] ? memcg_event_wake+0x450/0x450 [ 2215.438984] pagefault_out_of_memory+0xc8/0x197 [ 2215.443661] ? out_of_memory+0x14d0/0x14d0 [ 2215.447891] ? __handle_mm_fault+0x4460/0x4460 [ 2215.452463] mm_fault_error+0x1de/0x380 [ 2215.456427] __do_page_fault+0xd25/0xe50 [ 2215.460477] ? mm_fault_error+0x380/0x380 [ 2215.464617] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2215.470147] ? __x64_sys_clock_gettime+0x170/0x250 [ 2215.475081] ? __ia32_sys_clock_settime+0x290/0x290 [ 2215.480100] do_page_fault+0xf6/0x8c0 [ 2215.483887] ? vmalloc_sync_all+0x30/0x30 [ 2215.488031] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2215.493561] ? do_syscall_64+0x497/0x820 [ 2215.497607] ? syscall_slow_exit_work+0x500/0x500 [ 2215.502434] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2215.507351] ? syscall_return_slowpath+0x31d/0x5e0 [ 2215.512285] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2215.517823] ? retint_user+0x18/0x18 [ 2215.521532] ? page_fault+0x8/0x30 [ 2215.525076] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2215.529911] ? page_fault+0x8/0x30 [ 2215.533449] page_fault+0x1e/0x30 [ 2215.536904] RIP: 0033:0x40e33f [ 2215.540098] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2215.559323] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2215.564691] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2215.571960] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2215.579223] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2215.586495] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2215.593796] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2215.601182] Task in /ile0 killed as a result of limit of /ile0 [ 2215.608047] memory: usage 24kB, limit 20kB, failcnt 8597 [ 2215.613533] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2215.620321] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2215.626484] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2215.645935] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2215.654790] [26751] 0 26751 17618 8732 126976 0 0 syz-executor0 [ 2215.663695] [26805] 0 26805 17585 8731 131072 0 0 syz-executor6 07:52:59 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vcs\x00', 0x111100, 0x0) ioctl$KVM_SET_DEVICE_ATTR(r0, 0x4018aee1, &(0x7f0000000380)={0x0, 0x51, 0x2, &(0x7f0000000180)=0x8}) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x4000000) ioctl$EVIOCSMASK(r1, 0x40104593, &(0x7f0000000000)={0x12, 0xd3, &(0x7f0000000280)="6a11169913b7891fb693b8f4c2e0a176a5370017c8262f5d3ce5192d59fa126d0f36be6eb8817c732f0e9c18386a74db20d9a2e6d1ada0eb19b2d793d06cc428e480b34110ea5b2fed9f32df1461ea1e808cad29beec4804cae66d7fce517770566fd1ccdf67a7acf7eed97552d15d0e840d93f865a0e43c1798a460c71c16e08528f09ccceaa775d9cb506ea6cc5fe5b43169e8bc156e62736fdbb6fd820640aafda75dd79b8228a4bf5edc59f40dd6dc210f0c79d742eb1a953f9cb600431ece8a484bf179159c183cb868cb45930d8a32bb"}) 07:52:59 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000000000200"}, 0x2c) 07:52:59 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x39, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:59 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x1c4, &(0x7f00000011c0)}}], 0x249, 0x0) 07:52:59 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) clock_gettime(0x0, &(0x7f0000000140)={0x0, 0x0}) syz_genetlink_get_family_id$ipvs(&(0x7f0000000280)='IPVS\x00') utimensat(r0, &(0x7f0000000000)='./file0//ile0\x00', &(0x7f0000000180)={{r2, r3/1000+10000}, {0x77359400}}, 0x0) unshare(0x400) 07:52:59 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffdd86]}}, 0x1c) 07:52:59 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2215.672558] Memory cgroup out of memory: Kill process 26751 (syz-executor0) score 1752600 or sacrifice child [ 2215.682608] Killed process 26751 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2215.706578] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2215.717585] syz-executor6 cpuset=/ mems_allowed=0 [ 2215.722519] CPU: 1 PID: 26805 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2215.729885] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2215.739240] Call Trace: [ 2215.741842] dump_stack+0x1c9/0x2b4 [ 2215.745484] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2215.750691] ? trace_hardirqs_on+0x10/0x10 [ 2215.754938] dump_header+0x27b/0xf64 [ 2215.758676] ? pagefault_out_of_memory+0x197/0x197 [ 2215.763620] ? __lock_acquire+0x7fc/0x5020 [ 2215.763829] net_ratelimit: 2 callbacks suppressed [ 2215.763833] socket: no more sockets [ 2215.767858] ? print_usage_bug+0xc0/0xc0 [ 2215.767879] ? graph_lock+0x170/0x170 [ 2215.767893] ? print_usage_bug+0xc0/0xc0 [ 2215.767912] ? trace_hardirqs_on+0x10/0x10 [ 2215.767932] ? print_usage_bug+0xc0/0xc0 [ 2215.767954] ? lock_downgrade+0x8f0/0x8f0 [ 2215.767975] ? mark_held_locks+0xc9/0x160 [ 2215.804842] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2215.809447] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2215.814567] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2215.819601] ? trace_hardirqs_on+0xd/0x10 [ 2215.823766] ? ___ratelimit+0xaa/0x655 [ 2215.826261] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2215.827663] ? idr_get_free+0x10c0/0x10c0 [ 2215.827682] ? kasan_check_write+0x14/0x20 [ 2215.827697] ? do_raw_spin_lock+0xc1/0x200 [ 2215.827715] oom_kill_process.cold.25+0x10/0x10bc [ 2215.827737] ? oom_evaluate_task+0x540/0x540 [ 2215.864185] ? find_held_lock+0x36/0x1c0 [ 2215.868268] ? lock_downgrade+0x8f0/0x8f0 [ 2215.872441] ? kasan_check_read+0x11/0x20 07:52:59 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00z\x00'}, 0x2c) [ 2215.876595] ? rcu_is_watching+0x8c/0x150 [ 2215.880745] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2215.885168] ? oom_badness+0xb00/0xb00 [ 2215.889071] ? rcu_read_unlock+0x35/0x70 [ 2215.893135] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2215.897376] ? css_task_iter_end+0x2ce/0x490 [ 2215.901791] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2215.906551] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2215.911577] ? trace_hardirqs_on+0xd/0x10 [ 2215.915733] ? _raw_spin_unlock_irq+0x27/0x70 [ 2215.920238] ? oom_badness+0xb00/0xb00 [ 2215.924142] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2215.924554] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2215.928902] ? mem_cgroup_iter_break+0x30/0x30 [ 2215.928935] out_of_memory+0xa8a/0x14d0 [ 2215.928955] ? oom_killer_disable+0x3a0/0x3a0 [ 2215.928976] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2215.928991] ? trace_hardirqs_on+0xd/0x10 [ 2215.929015] mem_cgroup_out_of_memory+0x15e/0x210 [ 2215.929031] ? memcg_memory_event+0x40/0x40 [ 2215.929049] ? _raw_spin_unlock+0x22/0x30 [ 2215.929065] mem_cgroup_oom_synchronize+0x713/0x940 [ 2215.929081] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2215.929095] ? memcg_event_wake+0x450/0x450 [ 2215.929122] pagefault_out_of_memory+0xc8/0x197 [ 2215.929135] ? out_of_memory+0x14d0/0x14d0 [ 2215.929158] ? __handle_mm_fault+0x4460/0x4460 [ 2215.929175] mm_fault_error+0x1de/0x380 [ 2215.929195] __do_page_fault+0xd25/0xe50 [ 2215.929216] ? mm_fault_error+0x380/0x380 [ 2215.929233] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2215.929248] ? __x64_sys_clock_gettime+0x170/0x250 [ 2215.929262] ? __ia32_sys_clock_settime+0x290/0x290 [ 2215.929279] do_page_fault+0xf6/0x8c0 [ 2215.929294] ? vmalloc_sync_all+0x30/0x30 [ 2215.929306] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2215.929321] ? do_syscall_64+0x497/0x820 [ 2215.929341] ? syscall_slow_exit_work+0x500/0x500 [ 2215.929357] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2215.929374] ? syscall_return_slowpath+0x31d/0x5e0 [ 2215.929389] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2215.929405] ? retint_user+0x18/0x18 [ 2216.076924] ? page_fault+0x8/0x30 [ 2216.080455] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2216.085287] ? page_fault+0x8/0x30 [ 2216.088815] page_fault+0x1e/0x30 [ 2216.092266] RIP: 0033:0x46f8fd [ 2216.095439] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2216.114645] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2216.120003] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2216.127280] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2216.134557] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2216.141830] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2216.149100] R13: 0000000000a3fc20 R14: 0000000000000004 R15: 0000000000000001 [ 2216.156503] Task in /ile0 killed as a result of limit of /ile0 [ 2216.162558] memory: usage 24kB, limit 20kB, failcnt 8661 [ 2216.168517] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2216.175298] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2216.181464] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2216.200946] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2216.209740] [26805] 0 26805 17585 8731 131072 0 0 syz-executor6 [ 2216.218668] [26810] 0 26810 17585 8732 131072 0 0 syz-executor5 07:53:00 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}, 0x2c) 07:53:00 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x24, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2216.227534] Memory cgroup out of memory: Kill process 26805 (syz-executor6) score 1752600 or sacrifice child [ 2216.237578] Killed process 26805 (syz-executor6) total-vm:70340kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB [ 2216.262524] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2216.273508] syz-executor5 cpuset=/ mems_allowed=0 07:53:00 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x1a, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:00 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000540)=ANY=[@ANYPTR=&(0x7f0000000180)=ANY=[@ANYPTR64=&(0x7f0000000580)=ANY=[@ANYRESOCT=r0, @ANYRESOCT=r0, @ANYRESOCT=r0, @ANYPTR, @ANYRES64=r0, @ANYRESDEC=r0, @ANYRES16=r0, @ANYPTR64], @ANYRESOCT=r0, @ANYRESHEX=r0]]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) ioctl$FICLONE(r0, 0x40049409, r0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000400)={0x3, 0x4, 0x0, [{0x0, 0xb8, 0x6, 0x0, 0xae0, 0x0, 0x1}, {0xf3, 0x1, 0x200, 0x75, 0x2, 0x1, 0x1}, {0x9, 0x0, 0x55b34b3a, 0x3, 0xcde5, 0x2c, 0x1}, {0x3074, 0x7fff, 0x9, 0x6, 0x4, 0xfffffffffffffffd, 0xd82}]}) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x40020200) ioctl$sock_inet6_udp_SIOCINQ(r0, 0x541b, &(0x7f0000000600)) connect$rds(r1, &(0x7f0000000140)={0x2, 0x4e24, @local}, 0x10) getsockopt$inet_sctp_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000280)=@sack_info={0x0, 0x1, 0xa3}, &(0x7f00000002c0)=0xc) dup2(r2, r2) getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f0000000300)={r3, @in6={{0xa, 0x4e20, 0x1f, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x21}}, 0x7}}, 0xfff, 0x5, 0x40, 0xc9eb, 0x1}, &(0x7f00000003c0)=0x98) [ 2216.278440] CPU: 1 PID: 26810 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2216.285803] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2216.295160] Call Trace: [ 2216.297768] dump_stack+0x1c9/0x2b4 [ 2216.301409] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2216.306616] ? trace_hardirqs_on+0x10/0x10 [ 2216.310867] dump_header+0x27b/0xf64 [ 2216.314606] ? pagefault_out_of_memory+0x197/0x197 [ 2216.319555] ? __lock_acquire+0x7fc/0x5020 [ 2216.323806] ? print_usage_bug+0xc0/0xc0 [ 2216.327882] ? graph_lock+0x170/0x170 07:53:00 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\a\x00'}, 0x2c) [ 2216.331688] ? print_usage_bug+0xc0/0xc0 [ 2216.335768] ? trace_hardirqs_on+0x10/0x10 [ 2216.340018] ? print_usage_bug+0xc0/0xc0 [ 2216.344095] ? lock_downgrade+0x8f0/0x8f0 [ 2216.348257] ? mark_held_locks+0xc9/0x160 [ 2216.352405] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2216.356994] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2216.362120] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2216.367139] ? trace_hardirqs_on+0xd/0x10 [ 2216.371308] ? ___ratelimit+0xaa/0x655 [ 2216.375203] ? idr_get_free+0x10c0/0x10c0 07:53:00 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\a\x00'}, 0x2c) [ 2216.379359] ? kasan_check_write+0x14/0x20 [ 2216.383597] ? do_raw_spin_lock+0xc1/0x200 [ 2216.387839] oom_kill_process.cold.25+0x10/0x10bc [ 2216.392698] ? oom_evaluate_task+0x540/0x540 [ 2216.397108] ? find_held_lock+0x36/0x1c0 [ 2216.401179] ? lock_downgrade+0x8f0/0x8f0 [ 2216.405339] ? kasan_check_read+0x11/0x20 [ 2216.409491] ? rcu_is_watching+0x8c/0x150 [ 2216.413645] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2216.418065] ? oom_badness+0xb00/0xb00 [ 2216.421961] ? rcu_read_unlock+0x35/0x70 [ 2216.426031] ? mem_cgroup_iter+0x4bf/0x9e0 07:53:00 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100008400"}, 0x2c) 07:53:00 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\a\x00'}, 0x2c) [ 2216.430275] ? css_task_iter_end+0x2ce/0x490 [ 2216.434701] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2216.439464] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2216.444488] ? trace_hardirqs_on+0xd/0x10 [ 2216.448644] ? _raw_spin_unlock_irq+0x27/0x70 [ 2216.453139] ? oom_badness+0xb00/0xb00 [ 2216.457037] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2216.461802] ? mem_cgroup_iter_break+0x30/0x30 [ 2216.466417] out_of_memory+0xa8a/0x14d0 [ 2216.470402] ? oom_killer_disable+0x3a0/0x3a0 [ 2216.474910] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2216.479936] ? trace_hardirqs_on+0xd/0x10 [ 2216.484102] mem_cgroup_out_of_memory+0x15e/0x210 [ 2216.488955] ? memcg_memory_event+0x40/0x40 [ 2216.493295] ? _raw_spin_unlock+0x22/0x30 [ 2216.497458] mem_cgroup_oom_synchronize+0x713/0x940 [ 2216.502491] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2216.507958] ? memcg_event_wake+0x450/0x450 [ 2216.512655] pagefault_out_of_memory+0xc8/0x197 [ 2216.517341] ? out_of_memory+0x14d0/0x14d0 [ 2216.521596] ? __handle_mm_fault+0x4460/0x4460 [ 2216.526182] mm_fault_error+0x1de/0x380 [ 2216.530166] __do_page_fault+0xd25/0xe50 [ 2216.534247] ? mm_fault_error+0x380/0x380 [ 2216.538414] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2216.543963] ? __x64_sys_clock_gettime+0x170/0x250 [ 2216.548907] ? __ia32_sys_clock_settime+0x290/0x290 [ 2216.553936] do_page_fault+0xf6/0x8c0 [ 2216.557744] ? vmalloc_sync_all+0x30/0x30 [ 2216.561899] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2216.567451] ? do_syscall_64+0x497/0x820 [ 2216.571520] ? syscall_slow_exit_work+0x500/0x500 [ 2216.576365] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2216.581307] ? syscall_return_slowpath+0x31d/0x5e0 [ 2216.586239] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2216.591765] ? retint_user+0x18/0x18 [ 2216.595465] ? page_fault+0x8/0x30 [ 2216.598991] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2216.603833] ? page_fault+0x8/0x30 [ 2216.607379] page_fault+0x1e/0x30 [ 2216.610814] RIP: 0033:0x46f8fd [ 2216.613984] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2216.633183] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2216.638541] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2216.645799] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2216.653060] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2216.660320] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2216.667597] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2216.674964] Task in /ile0 killed as a result of limit of /ile0 [ 2216.681043] memory: usage 24kB, limit 20kB, failcnt 8701 [ 2216.686518] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2216.693310] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2216.699486] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2216.718990] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2216.727775] [26810] 0 26810 17585 8732 131072 0 0 syz-executor5 [ 2216.736684] [26833] 0 26833 17585 8732 126976 0 0 syz-executor0 [ 2216.745554] Memory cgroup out of memory: Kill process 26810 (syz-executor5) score 1752800 or sacrifice child [ 2216.755607] Killed process 26810 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2216.781102] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2216.792110] syz-executor0 cpuset=/ mems_allowed=0 [ 2216.797304] CPU: 1 PID: 26833 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2216.804756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2216.814114] Call Trace: [ 2216.816732] dump_stack+0x1c9/0x2b4 [ 2216.820387] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2216.825603] ? trace_hardirqs_on+0x10/0x10 [ 2216.829887] dump_header+0x27b/0xf64 [ 2216.833623] ? pagefault_out_of_memory+0x197/0x197 [ 2216.838566] ? __lock_acquire+0x7fc/0x5020 [ 2216.842815] ? print_usage_bug+0xc0/0xc0 [ 2216.846893] ? graph_lock+0x170/0x170 [ 2216.850706] ? print_usage_bug+0xc0/0xc0 [ 2216.854796] ? trace_hardirqs_on+0x10/0x10 [ 2216.859049] ? print_usage_bug+0xc0/0xc0 [ 2216.863126] ? lock_downgrade+0x8f0/0x8f0 [ 2216.867296] ? mark_held_locks+0xc9/0x160 [ 2216.871451] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2216.876045] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2216.881163] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2216.886187] ? trace_hardirqs_on+0xd/0x10 [ 2216.890345] ? ___ratelimit+0xaa/0x655 [ 2216.894241] ? idr_get_free+0x10c0/0x10c0 [ 2216.898404] ? kasan_check_write+0x14/0x20 [ 2216.902652] ? do_raw_spin_lock+0xc1/0x200 [ 2216.906906] oom_kill_process.cold.25+0x10/0x10bc [ 2216.911771] ? oom_evaluate_task+0x540/0x540 [ 2216.916207] ? find_held_lock+0x36/0x1c0 [ 2216.920280] ? lock_downgrade+0x8f0/0x8f0 [ 2216.924424] ? kasan_check_read+0x11/0x20 [ 2216.928572] ? rcu_is_watching+0x8c/0x150 [ 2216.932723] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2216.937127] ? oom_badness+0xb00/0xb00 [ 2216.941010] ? rcu_read_unlock+0x35/0x70 [ 2216.945069] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2216.949297] ? css_task_iter_end+0x2ce/0x490 [ 2216.953702] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2216.958450] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2216.963453] ? trace_hardirqs_on+0xd/0x10 [ 2216.968213] ? _raw_spin_unlock_irq+0x27/0x70 [ 2216.972697] ? oom_badness+0xb00/0xb00 [ 2216.976575] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2216.981320] ? mem_cgroup_iter_break+0x30/0x30 [ 2216.985899] out_of_memory+0xa8a/0x14d0 [ 2216.989886] ? oom_killer_disable+0x3a0/0x3a0 [ 2216.994377] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2216.999382] ? trace_hardirqs_on+0xd/0x10 [ 2217.003523] mem_cgroup_out_of_memory+0x15e/0x210 [ 2217.008361] ? memcg_memory_event+0x40/0x40 [ 2217.012699] ? _raw_spin_unlock+0x22/0x30 [ 2217.016841] mem_cgroup_oom_synchronize+0x713/0x940 [ 2217.021847] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2217.027290] ? memcg_event_wake+0x450/0x450 [ 2217.031607] pagefault_out_of_memory+0xc8/0x197 [ 2217.036273] ? out_of_memory+0x14d0/0x14d0 [ 2217.040511] ? __handle_mm_fault+0x4460/0x4460 [ 2217.045096] mm_fault_error+0x1de/0x380 [ 2217.049073] __do_page_fault+0xd25/0xe50 [ 2217.053133] ? mm_fault_error+0x380/0x380 [ 2217.057276] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2217.062808] ? __x64_sys_clock_gettime+0x170/0x250 [ 2217.067732] ? __ia32_sys_clock_settime+0x290/0x290 [ 2217.072739] do_page_fault+0xf6/0x8c0 [ 2217.076532] ? vmalloc_sync_all+0x30/0x30 [ 2217.080672] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2217.086206] ? do_syscall_64+0x497/0x820 [ 2217.090262] ? syscall_slow_exit_work+0x500/0x500 [ 2217.095099] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2217.100041] ? syscall_return_slowpath+0x31d/0x5e0 [ 2217.104975] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2217.110506] ? retint_user+0x18/0x18 [ 2217.114210] ? page_fault+0x8/0x30 [ 2217.117744] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2217.122585] ? page_fault+0x8/0x30 [ 2217.126130] page_fault+0x1e/0x30 [ 2217.129584] RIP: 0033:0x46f8fd [ 2217.132764] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2217.151992] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2217.157350] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2217.164608] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2217.171863] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2217.179117] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2217.186372] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2217.193729] Task in /ile0 killed as a result of limit of /ile0 [ 2217.199781] memory: usage 24kB, limit 20kB, failcnt 8741 [ 2217.205266] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2217.212064] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2217.218253] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2217.237818] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2217.246650] [26833] 0 26833 17585 8732 126976 0 0 syz-executor0 [ 2217.255539] [26859] 0 26859 17585 8731 131072 0 0 syz-executor6 [ 2217.264420] Memory cgroup out of memory: Kill process 26833 (syz-executor0) score 1752600 or sacrifice child [ 2217.274466] Killed process 26833 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:01 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r0, 0x84, 0x4, &(0x7f0000000080), &(0x7f00000000c0)=0x4) mount(&(0x7f0000000000)='./file0//ile0\x00', &(0x7f0000000300)='.\x00', &(0x7f0000000280)="74ad212844f95acdc38460b7e1413b0be5b69daae12fefb01341f515727ef0772ddef68578607975c21b6515a1ccc1b5e71950020a17920430b1e82d31d07ac9b321aebad64fa5bd681aa23022ae1f0074d32afbd34a87fc29a408ad25c4026ac9a2773d959078bfc2d134918ac75f6f90", 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:01 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00`\x00'}, 0x2c) 07:53:01 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0xdd, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:01 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0xe1, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:01 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8ffff00000000]}}, 0x1c) 07:53:01 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x1) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x8030200) 07:53:01 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x700000000000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2217.298402] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2217.309378] syz-executor6 cpuset=/ mems_allowed=0 [ 2217.314320] CPU: 1 PID: 26859 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2217.321683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2217.331045] Call Trace: [ 2217.333647] dump_stack+0x1c9/0x2b4 [ 2217.337287] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2217.342494] ? trace_hardirqs_on+0x10/0x10 07:53:01 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00h\x00'}, 0x2c) [ 2217.346738] dump_header+0x27b/0xf64 [ 2217.350465] ? pagefault_out_of_memory+0x197/0x197 [ 2217.355403] ? __lock_acquire+0x7fc/0x5020 [ 2217.359654] ? print_usage_bug+0xc0/0xc0 [ 2217.363729] ? graph_lock+0x170/0x170 [ 2217.367537] ? print_usage_bug+0xc0/0xc0 [ 2217.371608] ? trace_hardirqs_on+0x10/0x10 [ 2217.375863] ? print_usage_bug+0xc0/0xc0 [ 2217.379943] ? lock_downgrade+0x8f0/0x8f0 [ 2217.384107] ? mark_held_locks+0xc9/0x160 [ 2217.388263] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2217.392854] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2217.397969] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2217.402999] ? trace_hardirqs_on+0xd/0x10 [ 2217.407161] ? ___ratelimit+0xaa/0x655 [ 2217.411065] ? idr_get_free+0x10c0/0x10c0 [ 2217.415232] ? kasan_check_write+0x14/0x20 [ 2217.418398] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2217.419475] ? do_raw_spin_lock+0xc1/0x200 [ 2217.419499] oom_kill_process.cold.25+0x10/0x10bc [ 2217.419524] ? oom_evaluate_task+0x540/0x540 07:53:01 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000000000400"}, 0x2c) [ 2217.419538] ? find_held_lock+0x36/0x1c0 [ 2217.419560] ? lock_downgrade+0x8f0/0x8f0 [ 2217.455909] ? kasan_check_read+0x11/0x20 [ 2217.460069] ? rcu_is_watching+0x8c/0x150 [ 2217.464244] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2217.468673] ? oom_badness+0xb00/0xb00 [ 2217.472577] ? rcu_read_unlock+0x35/0x70 [ 2217.476646] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2217.480889] ? css_task_iter_end+0x2ce/0x490 [ 2217.485307] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2217.490071] ? trace_hardirqs_on_caller+0x421/0x5c0 07:53:01 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00L\x00'}, 0x2c) [ 2217.490805] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2217.495088] ? trace_hardirqs_on+0xd/0x10 [ 2217.495104] ? _raw_spin_unlock_irq+0x27/0x70 [ 2217.495119] ? oom_badness+0xb00/0xb00 [ 2217.495135] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2217.495150] ? mem_cgroup_iter_break+0x30/0x30 [ 2217.495179] out_of_memory+0xa8a/0x14d0 [ 2217.495204] ? oom_killer_disable+0x3a0/0x3a0 [ 2217.495220] ? trace_hardirqs_on_caller+0x421/0x5c0 07:53:01 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000000048f00"}, 0x2c) [ 2217.495235] ? trace_hardirqs_on+0xd/0x10 [ 2217.495258] mem_cgroup_out_of_memory+0x15e/0x210 [ 2217.495273] ? memcg_memory_event+0x40/0x40 [ 2217.495292] ? _raw_spin_unlock+0x22/0x30 [ 2217.495310] mem_cgroup_oom_synchronize+0x713/0x940 [ 2217.495327] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2217.495341] ? memcg_event_wake+0x450/0x450 [ 2217.495369] pagefault_out_of_memory+0xc8/0x197 [ 2217.495383] ? out_of_memory+0x14d0/0x14d0 [ 2217.495405] ? __handle_mm_fault+0x4460/0x4460 [ 2217.495421] mm_fault_error+0x1de/0x380 [ 2217.495440] __do_page_fault+0xd25/0xe50 [ 2217.495461] ? mm_fault_error+0x380/0x380 [ 2217.495478] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2217.495493] ? __x64_sys_clock_gettime+0x170/0x250 [ 2217.495507] ? __ia32_sys_clock_settime+0x290/0x290 [ 2217.495523] do_page_fault+0xf6/0x8c0 [ 2217.495539] ? vmalloc_sync_all+0x30/0x30 [ 2217.495553] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2217.495568] ? do_syscall_64+0x497/0x820 [ 2217.495585] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2217.495601] ? syscall_return_slowpath+0x31d/0x5e0 [ 2217.495619] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2217.495631] ? retint_user+0x18/0x18 [ 2217.495646] ? page_fault+0x8/0x30 [ 2217.495661] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2217.495676] ? page_fault+0x8/0x30 [ 2217.495691] page_fault+0x1e/0x30 [ 2217.495703] RIP: 0033:0x46f8fd [ 2217.495708] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2217.693336] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2217.698723] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2217.705999] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2217.713268] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2217.720542] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2217.727821] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2217.735282] Task in /ile0 killed as a result of limit of /ile0 [ 2217.741312] memory: usage 24kB, limit 20kB, failcnt 8769 [ 2217.746808] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2217.753582] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2217.759755] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2217.779245] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2217.788103] [26859] 0 26859 17585 8731 131072 0 0 syz-executor6 07:53:01 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x200, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000280)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1e70200000000000000010000000000000006000000000000000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x10) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x40020200) ioctl$RTC_UIE_OFF(r0, 0x7004) 07:53:01 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00`\x00'}, 0x2c) 07:53:01 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x18, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:01 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x19e, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2217.796984] [26864] 0 26864 17585 8732 131072 0 0 syz-executor5 [ 2217.805872] Memory cgroup out of memory: Kill process 26859 (syz-executor6) score 1752600 or sacrifice child [ 2217.815908] Killed process 26859 (syz-executor6) total-vm:70340kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB 07:53:01 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2217.861817] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2217.872806] syz-executor5 cpuset=/ mems_allowed=0 [ 2217.877750] CPU: 1 PID: 26864 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2217.885117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2217.894476] Call Trace: [ 2217.897079] dump_stack+0x1c9/0x2b4 [ 2217.900726] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2217.905960] ? trace_hardirqs_on+0x10/0x10 [ 2217.910215] dump_header+0x27b/0xf64 [ 2217.913950] ? pagefault_out_of_memory+0x197/0x197 [ 2217.918898] ? __lock_acquire+0x7fc/0x5020 [ 2217.923150] ? print_usage_bug+0xc0/0xc0 [ 2217.927235] ? graph_lock+0x170/0x170 [ 2217.931048] ? print_usage_bug+0xc0/0xc0 [ 2217.935125] ? trace_hardirqs_on+0x10/0x10 [ 2217.939426] ? print_usage_bug+0xc0/0xc0 [ 2217.943517] ? lock_downgrade+0x8f0/0x8f0 [ 2217.947686] ? mark_held_locks+0xc9/0x160 [ 2217.951843] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2217.956443] ? _raw_spin_unlock_irqrestore+0x74/0xc0 07:53:02 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) readlinkat(r0, &(0x7f0000000000)='./file0//ile0\x00', &(0x7f0000000140)=""/115, 0x73) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) [ 2217.961564] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2217.966590] ? trace_hardirqs_on+0xd/0x10 [ 2217.970748] ? ___ratelimit+0xaa/0x655 [ 2217.974644] ? idr_get_free+0x10c0/0x10c0 [ 2217.978796] ? kasan_check_write+0x14/0x20 [ 2217.983036] ? do_raw_spin_lock+0xc1/0x200 [ 2217.987338] oom_kill_process.cold.25+0x10/0x10bc [ 2217.992216] ? oom_evaluate_task+0x540/0x540 [ 2217.996685] ? find_held_lock+0x36/0x1c0 [ 2218.000795] ? lock_downgrade+0x8f0/0x8f0 [ 2218.004961] ? kasan_check_read+0x11/0x20 07:53:02 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00t\x00'}, 0x2c) [ 2218.009113] ? rcu_is_watching+0x8c/0x150 [ 2218.013269] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2218.017689] ? oom_badness+0xb00/0xb00 [ 2218.021588] ? rcu_read_unlock+0x35/0x70 [ 2218.025657] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2218.029900] ? css_task_iter_end+0x2ce/0x490 [ 2218.034318] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2218.039083] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2218.044111] ? trace_hardirqs_on+0xd/0x10 [ 2218.048453] ? _raw_spin_unlock_irq+0x27/0x70 [ 2218.050600] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2218.052955] ? oom_badness+0xb00/0xb00 [ 2218.052973] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2218.052989] ? mem_cgroup_iter_break+0x30/0x30 [ 2218.053020] out_of_memory+0xa8a/0x14d0 [ 2218.053039] ? oom_killer_disable+0x3a0/0x3a0 [ 2218.053059] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2218.053075] ? trace_hardirqs_on+0xd/0x10 [ 2218.053097] mem_cgroup_out_of_memory+0x15e/0x210 [ 2218.053112] ? memcg_memory_event+0x40/0x40 [ 2218.053131] ? _raw_spin_unlock+0x22/0x30 07:53:02 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00H\x00'}, 0x2c) [ 2218.053152] mem_cgroup_oom_synchronize+0x713/0x940 [ 2218.053168] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2218.053182] ? memcg_event_wake+0x450/0x450 [ 2218.053210] pagefault_out_of_memory+0xc8/0x197 [ 2218.053223] ? out_of_memory+0x14d0/0x14d0 [ 2218.053246] ? __handle_mm_fault+0x4460/0x4460 [ 2218.053263] mm_fault_error+0x1de/0x380 [ 2218.053282] __do_page_fault+0xd25/0xe50 [ 2218.053303] ? mm_fault_error+0x380/0x380 [ 2218.053321] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 07:53:02 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000000000500"}, 0x2c) [ 2218.053335] ? __x64_sys_clock_gettime+0x170/0x250 [ 2218.053349] ? __ia32_sys_clock_settime+0x290/0x290 [ 2218.053367] do_page_fault+0xf6/0x8c0 [ 2218.053382] ? vmalloc_sync_all+0x30/0x30 [ 2218.053396] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2218.053412] ? do_syscall_64+0x497/0x820 [ 2218.053426] ? syscall_slow_exit_work+0x500/0x500 [ 2218.053442] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2218.053459] ? syscall_return_slowpath+0x31d/0x5e0 [ 2218.053476] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2218.053489] ? retint_user+0x18/0x18 07:53:02 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400300]}}, 0x1c) [ 2218.053504] ? page_fault+0x8/0x30 [ 2218.053520] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2218.053536] ? page_fault+0x8/0x30 [ 2218.053550] page_fault+0x1e/0x30 [ 2218.053560] RIP: 0033:0x46f8fd [ 2218.053569] Code: [ 2218.132724] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2218.136214] 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2218.136469] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2218.136483] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2218.136492] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2218.136500] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2218.136508] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2218.136516] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2218.136659] Task in /ile0 killed as a result of limit of /ile0 [ 2218.136693] memory: usage 24kB, limit 20kB, failcnt 8841 [ 2218.136702] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2218.136710] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2218.136715] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2218.136811] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2218.137057] [26864] 0 26864 17585 8732 131072 0 0 syz-executor5 [ 2218.370120] [26903] 0 26903 17585 8731 131072 0 0 syz-executor6 [ 2218.379010] [26907] 0 26907 17585 8732 126976 0 0 syz-executor0 [ 2218.387915] Memory cgroup out of memory: Kill process 26864 (syz-executor5) score 1752800 or sacrifice child [ 2218.397951] Killed process 26864 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:02 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) getsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000280)={{{@in=@dev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@ipv4={[], [], @local}}, 0x0, @in6=@loopback}}, &(0x7f0000000000)=0xe8) stat(&(0x7f0000000140)='./file0//ile0\x00', &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) open(&(0x7f0000000180)='./file0//ile0\x00', 0x40040, 0x80) write$P9_RGETATTR(r0, &(0x7f0000000400)={0xa0, 0x19, 0x1, {0x80, {0x2, 0x1, 0x7}, 0x1, r1, r2, 0x200, 0xfffffffffffff929, 0x7, 0x0, 0x7ff, 0xffffffffffff4059, 0x2, 0x6, 0x7, 0x6, 0x5, 0x6, 0x5, 0x6, 0x5}}, 0xa0) r3 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0x12) unshare(0x400) 07:53:02 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00h\x00'}, 0x2c) 07:53:02 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0xd, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:02 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0xad, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2218.411213] oom_reaper: reaped process 26864 (syz-executor5), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2218.443914] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2218.454878] syz-executor6 cpuset=/ mems_allowed=0 07:53:02 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x6000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2218.459810] CPU: 1 PID: 26903 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2218.467175] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2218.476536] Call Trace: [ 2218.479144] dump_stack+0x1c9/0x2b4 [ 2218.482786] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2218.487988] ? trace_hardirqs_on+0x10/0x10 [ 2218.492236] dump_header+0x27b/0xf64 [ 2218.495965] ? pagefault_out_of_memory+0x197/0x197 [ 2218.500905] ? __lock_acquire+0x7fc/0x5020 [ 2218.505154] ? print_usage_bug+0xc0/0xc0 [ 2218.509234] ? graph_lock+0x170/0x170 07:53:02 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00H\x00'}, 0x2c) [ 2218.513040] ? print_usage_bug+0xc0/0xc0 [ 2218.517118] ? trace_hardirqs_on+0x10/0x10 [ 2218.521363] ? print_usage_bug+0xc0/0xc0 [ 2218.525439] ? lock_downgrade+0x8f0/0x8f0 [ 2218.529603] ? mark_held_locks+0xc9/0x160 [ 2218.533758] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2218.538352] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2218.543468] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2218.548500] ? trace_hardirqs_on+0xd/0x10 [ 2218.552661] ? ___ratelimit+0xaa/0x655 [ 2218.556558] ? idr_get_free+0x10c0/0x10c0 [ 2218.560720] ? kasan_check_write+0x14/0x20 [ 2218.564768] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2218.564961] ? do_raw_spin_lock+0xc1/0x200 [ 2218.583831] oom_kill_process.cold.25+0x10/0x10bc [ 2218.588697] ? oom_evaluate_task+0x540/0x540 [ 2218.593125] ? find_held_lock+0x36/0x1c0 [ 2218.597206] ? lock_downgrade+0x8f0/0x8f0 [ 2218.601370] ? kasan_check_read+0x11/0x20 [ 2218.605524] ? rcu_is_watching+0x8c/0x150 [ 2218.609681] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2218.614103] ? oom_badness+0xb00/0xb00 [ 2218.618002] ? rcu_read_unlock+0x35/0x70 [ 2218.622070] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2218.622317] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2218.626324] ? css_task_iter_end+0x2ce/0x490 [ 2218.626342] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2218.626359] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2218.626375] ? trace_hardirqs_on+0xd/0x10 [ 2218.626392] ? _raw_spin_unlock_irq+0x27/0x70 [ 2218.663795] ? oom_badness+0xb00/0xb00 [ 2218.667710] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2218.672481] ? mem_cgroup_iter_break+0x30/0x30 [ 2218.677099] out_of_memory+0xa8a/0x14d0 [ 2218.681098] ? oom_killer_disable+0x3a0/0x3a0 [ 2218.685607] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2218.690636] ? trace_hardirqs_on+0xd/0x10 [ 2218.694799] mem_cgroup_out_of_memory+0x15e/0x210 [ 2218.699675] ? memcg_memory_event+0x40/0x40 [ 2218.704012] ? _raw_spin_unlock+0x22/0x30 [ 2218.708170] mem_cgroup_oom_synchronize+0x713/0x940 [ 2218.713193] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2218.718673] ? memcg_event_wake+0x450/0x450 [ 2218.723013] pagefault_out_of_memory+0xc8/0x197 [ 2218.727695] ? out_of_memory+0x14d0/0x14d0 [ 2218.731948] ? __handle_mm_fault+0x4460/0x4460 [ 2218.736544] mm_fault_error+0x1de/0x380 [ 2218.740533] __do_page_fault+0xd25/0xe50 [ 2218.744611] ? mm_fault_error+0x380/0x380 [ 2218.748784] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2218.754335] ? __x64_sys_clock_gettime+0x170/0x250 [ 2218.759273] ? __ia32_sys_clock_settime+0x290/0x290 [ 2218.764305] do_page_fault+0xf6/0x8c0 [ 2218.768121] ? vmalloc_sync_all+0x30/0x30 [ 2218.772279] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2218.777822] ? do_syscall_64+0x497/0x820 [ 2218.781880] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2218.786796] ? syscall_return_slowpath+0x31d/0x5e0 [ 2218.791716] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2218.797246] ? retint_user+0x18/0x18 [ 2218.800945] ? page_fault+0x8/0x30 [ 2218.804480] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2218.809312] ? page_fault+0x8/0x30 [ 2218.812835] page_fault+0x1e/0x30 [ 2218.816273] RIP: 0033:0x46f8fd [ 2218.819441] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2218.838624] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2218.843993] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2218.851257] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2218.858517] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2218.866292] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2218.873551] R13: 0000000000a3fc20 R14: 0000000000000002 R15: 0000000000000001 [ 2218.881047] Task in /ile0 killed as a result of limit of /ile0 [ 2218.887131] memory: usage 24kB, limit 20kB, failcnt 8857 [ 2218.892629] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2218.899416] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2218.905581] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2218.925077] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2218.933846] [26903] 0 26903 17585 8731 131072 0 0 syz-executor6 [ 2218.942904] [26907] 0 26907 17585 8732 126976 0 0 syz-executor0 [ 2218.951785] Memory cgroup out of memory: Kill process 26903 (syz-executor6) score 1752600 or sacrifice child 07:53:03 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000280)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1e70200000000000000010000000000000006000000000000000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) socket$nl_xfrm(0x10, 0x3, 0x6) ioctl$SG_GET_KEEP_ORPHAN(r0, 0x2288, &(0x7f0000000140)) unshare(0x40020200) 07:53:03 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x8, 0x20400) ioctl$KVM_XEN_HVM_CONFIG(r0, 0x4038ae7a, &(0x7f0000000180)={0x3, 0xc001176a, &(0x7f0000000140)="c3310418739c18198ba4019d6a89bf48f1ee55cc02a9403e1a9dca5216fc34", &(0x7f0000000280)="48dfcad49642a2d1c8b1993b075f557e281f448e5df762e5c7c3a31ba7e90596cbb4c333fdfd5f9fe1dae2a9d5db0b1462ed5ccd55c3f98be7914366aad33673ba8581abd2deb58c5e72837e311acc024404cd14b0c96571d7c177964a27ab50f8b63b80f04863893b8b84c07798f1b6d2ece405524ea5b0672f0e68776da0bdfb6f11bd2b34b9aadf00b9afde2333858dd36ba08db726f025ad0af365007c09637c39aa2271bfb50f62fb6e8ff4b6ce486298334f733b8a8fd999c91f7687566477d5c99ec55ce555c737898aa041ad6d993358cd664dde4c821f15caa1fa1bca3a52eb", 0x1f, 0xe4}) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) bind$inet6(r1, &(0x7f0000000480)={0xa, 0x4e21, 0x8000, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r1, 0x84, 0x12, &(0x7f0000000380)=0x2, 0x4) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) accept$unix(r0, &(0x7f00000003c0)=@abs, &(0x7f0000000440)=0x6e) unshare(0x400) 07:53:03 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000400"}, 0x2c) 07:53:03 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000]}}, 0x1c) 07:53:03 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x184, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2218.961818] Killed process 26903 (syz-executor6) total-vm:70340kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB [ 2218.986245] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2218.997211] syz-executor0 cpuset=/ mems_allowed=0 [ 2219.002166] CPU: 1 PID: 26907 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2219.009538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2219.018897] Call Trace: [ 2219.021497] dump_stack+0x1c9/0x2b4 [ 2219.025149] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2219.030369] ? trace_hardirqs_on+0x10/0x10 [ 2219.034625] dump_header+0x27b/0xf64 [ 2219.038364] ? pagefault_out_of_memory+0x197/0x197 [ 2219.043309] ? __lock_acquire+0x7fc/0x5020 [ 2219.047567] ? print_usage_bug+0xc0/0xc0 [ 2219.051645] ? graph_lock+0x170/0x170 [ 2219.055459] ? print_usage_bug+0xc0/0xc0 [ 2219.059538] ? trace_hardirqs_on+0x10/0x10 [ 2219.063793] ? print_usage_bug+0xc0/0xc0 [ 2219.067875] ? lock_downgrade+0x8f0/0x8f0 [ 2219.072043] ? mark_held_locks+0xc9/0x160 [ 2219.076209] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2219.080840] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2219.085952] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2219.090978] ? trace_hardirqs_on+0xd/0x10 [ 2219.095137] ? ___ratelimit+0xaa/0x655 [ 2219.099032] ? idr_get_free+0x10c0/0x10c0 [ 2219.103195] ? kasan_check_write+0x14/0x20 [ 2219.107435] ? do_raw_spin_lock+0xc1/0x200 [ 2219.111684] oom_kill_process.cold.25+0x10/0x10bc [ 2219.116555] ? oom_evaluate_task+0x540/0x540 [ 2219.120993] ? find_held_lock+0x36/0x1c0 [ 2219.125114] ? lock_downgrade+0x8f0/0x8f0 [ 2219.129308] ? kasan_check_read+0x11/0x20 [ 2219.133493] ? rcu_is_watching+0x8c/0x150 [ 2219.137655] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2219.142109] ? oom_badness+0xb00/0xb00 [ 2219.146054] ? rcu_read_unlock+0x35/0x70 [ 2219.150170] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2219.154411] ? css_task_iter_end+0x2ce/0x490 [ 2219.158816] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2219.163583] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2219.168855] ? trace_hardirqs_on+0xd/0x10 [ 2219.172996] ? _raw_spin_unlock_irq+0x27/0x70 [ 2219.177490] ? oom_badness+0xb00/0xb00 [ 2219.181368] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2219.186112] ? mem_cgroup_iter_break+0x30/0x30 [ 2219.190688] out_of_memory+0xa8a/0x14d0 [ 2219.194655] ? oom_killer_disable+0x3a0/0x3a0 [ 2219.199143] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2219.204159] ? trace_hardirqs_on+0xd/0x10 [ 2219.208309] mem_cgroup_out_of_memory+0x15e/0x210 [ 2219.213138] ? memcg_memory_event+0x40/0x40 [ 2219.217453] ? _raw_spin_unlock+0x22/0x30 [ 2219.221603] mem_cgroup_oom_synchronize+0x713/0x940 [ 2219.226608] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2219.232062] ? memcg_event_wake+0x450/0x450 [ 2219.236388] pagefault_out_of_memory+0xc8/0x197 [ 2219.241055] ? out_of_memory+0x14d0/0x14d0 [ 2219.245284] ? __handle_mm_fault+0x4460/0x4460 [ 2219.249852] mm_fault_error+0x1de/0x380 [ 2219.253816] __do_page_fault+0xd25/0xe50 [ 2219.257881] ? mm_fault_error+0x380/0x380 [ 2219.262036] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2219.267572] ? __x64_sys_clock_gettime+0x170/0x250 [ 2219.272496] ? __ia32_sys_clock_settime+0x290/0x290 [ 2219.277510] do_page_fault+0xf6/0x8c0 [ 2219.281307] ? vmalloc_sync_all+0x30/0x30 [ 2219.285442] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2219.290975] ? do_syscall_64+0x497/0x820 [ 2219.295034] ? syscall_slow_exit_work+0x500/0x500 [ 2219.299872] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2219.304798] ? syscall_return_slowpath+0x31d/0x5e0 [ 2219.309731] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2219.315264] ? retint_user+0x18/0x18 [ 2219.318974] ? page_fault+0x8/0x30 [ 2219.322507] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2219.327337] ? page_fault+0x8/0x30 [ 2219.330863] page_fault+0x1e/0x30 [ 2219.334305] RIP: 0033:0x46f8fd [ 2219.337475] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2219.356701] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2219.362065] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2219.369325] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2219.376582] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2219.383841] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2219.391095] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2219.398460] Task in /ile0 killed as a result of limit of /ile0 [ 2219.404535] memory: usage 24kB, limit 20kB, failcnt 8909 [ 2219.410051] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2219.416821] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2219.423254] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2219.442721] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2219.451554] [26907] 0 26907 17585 8732 126976 0 0 syz-executor0 [ 2219.460452] [26959] 0 26959 17585 8732 131072 0 0 syz-executor5 [ 2219.469335] Memory cgroup out of memory: Kill process 26907 (syz-executor0) score 1752600 or sacrifice child [ 2219.479365] Killed process 26907 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2219.504468] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2219.515460] syz-executor5 cpuset=/ mems_allowed=0 [ 2219.520394] CPU: 1 PID: 26959 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2219.527760] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2219.537118] Call Trace: [ 2219.539725] dump_stack+0x1c9/0x2b4 [ 2219.543373] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2219.544870] socket: no more sockets [ 2219.548573] ? trace_hardirqs_on+0x10/0x10 [ 2219.548592] dump_header+0x27b/0xf64 [ 2219.548614] ? pagefault_out_of_memory+0x197/0x197 [ 2219.548631] ? __lock_acquire+0x7fc/0x5020 07:53:03 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0xc080, 0x0) r1 = memfd_create(&(0x7f0000000180)='posix_acl_accesscgroup\x00', 0x3) renameat(r0, &(0x7f0000000140)='./file0\x00', r1, &(0x7f0000000280)='./file0\x00') mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:03 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x1f1, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:03 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00 \x00'}, 0x2c) 07:53:03 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1f8, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:03 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xd848}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2219.569432] ? print_usage_bug+0xc0/0xc0 [ 2219.573504] ? graph_lock+0x170/0x170 [ 2219.577309] ? print_usage_bug+0xc0/0xc0 [ 2219.581376] ? trace_hardirqs_on+0x10/0x10 [ 2219.585622] ? print_usage_bug+0xc0/0xc0 [ 2219.589709] ? lock_downgrade+0x8f0/0x8f0 [ 2219.593870] ? mark_held_locks+0xc9/0x160 [ 2219.598029] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2219.602623] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2219.607756] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2219.612786] ? trace_hardirqs_on+0xd/0x10 07:53:03 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000300"}, 0x2c) [ 2219.616946] ? ___ratelimit+0xaa/0x655 [ 2219.620849] ? idr_get_free+0x10c0/0x10c0 [ 2219.625018] ? kasan_check_write+0x14/0x20 [ 2219.629267] ? do_raw_spin_lock+0xc1/0x200 [ 2219.633546] oom_kill_process.cold.25+0x10/0x10bc [ 2219.638417] ? oom_evaluate_task+0x540/0x540 [ 2219.642839] ? find_held_lock+0x36/0x1c0 [ 2219.646922] ? lock_downgrade+0x8f0/0x8f0 [ 2219.651088] ? kasan_check_read+0x11/0x20 [ 2219.655243] ? rcu_is_watching+0x8c/0x150 [ 2219.659395] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2219.663814] ? oom_badness+0xb00/0xb00 07:53:03 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000048f00"}, 0x2c) [ 2219.667714] ? rcu_read_unlock+0x35/0x70 [ 2219.671778] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2219.676025] ? css_task_iter_end+0x2ce/0x490 [ 2219.680444] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2219.685211] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2219.690236] ? trace_hardirqs_on+0xd/0x10 [ 2219.694396] ? _raw_spin_unlock_irq+0x27/0x70 [ 2219.698897] ? oom_badness+0xb00/0xb00 [ 2219.702794] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2219.707561] ? mem_cgroup_iter_break+0x30/0x30 [ 2219.712173] out_of_memory+0xa8a/0x14d0 07:53:03 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00z\x00'}, 0x2c) [ 2219.716165] ? oom_killer_disable+0x3a0/0x3a0 [ 2219.720675] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2219.725702] ? trace_hardirqs_on+0xd/0x10 [ 2219.729868] mem_cgroup_out_of_memory+0x15e/0x210 [ 2219.734721] ? memcg_memory_event+0x40/0x40 [ 2219.739057] ? _raw_spin_unlock+0x22/0x30 [ 2219.743222] mem_cgroup_oom_synchronize+0x713/0x940 [ 2219.748251] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2219.753716] ? memcg_event_wake+0x450/0x450 [ 2219.758064] pagefault_out_of_memory+0xc8/0x197 [ 2219.762740] ? out_of_memory+0x14d0/0x14d0 07:53:03 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000001100"}, 0x2c) 07:53:03 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000200"}, 0x2c) [ 2219.766992] ? __handle_mm_fault+0x4460/0x4460 [ 2219.771584] mm_fault_error+0x1de/0x380 [ 2219.775573] __do_page_fault+0xd25/0xe50 [ 2219.779648] ? mm_fault_error+0x380/0x380 [ 2219.783809] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2219.789414] ? __x64_sys_clock_gettime+0x170/0x250 [ 2219.794450] ? __ia32_sys_clock_settime+0x290/0x290 [ 2219.799474] do_page_fault+0xf6/0x8c0 [ 2219.803286] ? vmalloc_sync_all+0x30/0x30 [ 2219.807444] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2219.813006] ? do_syscall_64+0x497/0x820 07:53:03 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000000000600"}, 0x2c) [ 2219.817080] ? syscall_slow_exit_work+0x500/0x500 [ 2219.821963] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2219.826917] ? syscall_return_slowpath+0x31d/0x5e0 [ 2219.831864] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2219.837411] ? retint_user+0x18/0x18 [ 2219.841141] ? page_fault+0x8/0x30 [ 2219.844693] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2219.849546] ? page_fault+0x8/0x30 [ 2219.853092] page_fault+0x1e/0x30 [ 2219.856546] RIP: 0033:0x46f8fd [ 2219.859738] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2219.879095] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2219.884470] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2219.891747] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2219.899028] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2219.906312] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2219.913590] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2219.921082] Task in /ile0 killed as a result of limit of /ile0 [ 2219.927153] memory: usage 24kB, limit 20kB, failcnt 8949 [ 2219.932644] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2219.939414] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2219.945578] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2219.965151] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2219.973917] [26959] 0 26959 17585 8732 131072 0 0 syz-executor5 [ 2219.982809] [26972] 0 26972 17585 8731 131072 0 0 syz-executor6 [ 2219.991675] Memory cgroup out of memory: Kill process 26959 (syz-executor5) score 1752800 or sacrifice child [ 2220.001706] Killed process 26959 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2220.027000] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2220.038056] syz-executor6 cpuset=/ mems_allowed=0 [ 2220.042993] CPU: 1 PID: 26972 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2220.050362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2220.059720] Call Trace: [ 2220.062327] dump_stack+0x1c9/0x2b4 [ 2220.065977] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2220.071184] ? trace_hardirqs_on+0x10/0x10 [ 2220.075435] dump_header+0x27b/0xf64 [ 2220.079166] ? pagefault_out_of_memory+0x197/0x197 [ 2220.084108] ? __lock_acquire+0x7fc/0x5020 [ 2220.088359] ? print_usage_bug+0xc0/0xc0 [ 2220.092442] ? graph_lock+0x170/0x170 [ 2220.096256] ? print_usage_bug+0xc0/0xc0 [ 2220.100329] ? trace_hardirqs_on+0x10/0x10 [ 2220.104585] ? print_usage_bug+0xc0/0xc0 [ 2220.108665] ? lock_downgrade+0x8f0/0x8f0 [ 2220.112828] ? mark_held_locks+0xc9/0x160 [ 2220.116996] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2220.121591] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2220.126709] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2220.131740] ? trace_hardirqs_on+0xd/0x10 [ 2220.135902] ? ___ratelimit+0xaa/0x655 [ 2220.139799] ? idr_get_free+0x10c0/0x10c0 [ 2220.143948] ? kasan_check_write+0x14/0x20 [ 2220.148172] ? do_raw_spin_lock+0xc1/0x200 [ 2220.152397] oom_kill_process.cold.25+0x10/0x10bc [ 2220.157240] ? oom_evaluate_task+0x540/0x540 [ 2220.161634] ? find_held_lock+0x36/0x1c0 [ 2220.166067] ? lock_downgrade+0x8f0/0x8f0 [ 2220.170207] ? kasan_check_read+0x11/0x20 [ 2220.174340] ? rcu_is_watching+0x8c/0x150 [ 2220.178472] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2220.182869] ? oom_badness+0xb00/0xb00 [ 2220.186745] ? rcu_read_unlock+0x35/0x70 [ 2220.190802] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2220.195043] ? css_task_iter_end+0x2ce/0x490 [ 2220.199457] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2220.204208] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2220.209221] ? trace_hardirqs_on+0xd/0x10 [ 2220.213357] ? _raw_spin_unlock_irq+0x27/0x70 [ 2220.217838] ? oom_badness+0xb00/0xb00 [ 2220.221716] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2220.226460] ? mem_cgroup_iter_break+0x30/0x30 [ 2220.231054] out_of_memory+0xa8a/0x14d0 [ 2220.235032] ? oom_killer_disable+0x3a0/0x3a0 [ 2220.239532] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2220.244534] ? trace_hardirqs_on+0xd/0x10 [ 2220.248687] mem_cgroup_out_of_memory+0x15e/0x210 [ 2220.253519] ? memcg_memory_event+0x40/0x40 [ 2220.257845] ? _raw_spin_unlock+0x22/0x30 [ 2220.261981] mem_cgroup_oom_synchronize+0x713/0x940 [ 2220.266987] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2220.272440] ? memcg_event_wake+0x450/0x450 [ 2220.276758] pagefault_out_of_memory+0xc8/0x197 [ 2220.281419] ? out_of_memory+0x14d0/0x14d0 [ 2220.285653] ? __handle_mm_fault+0x4460/0x4460 [ 2220.290224] mm_fault_error+0x1de/0x380 [ 2220.294190] __do_page_fault+0xd25/0xe50 [ 2220.298244] ? mm_fault_error+0x380/0x380 [ 2220.302384] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2220.307922] ? __x64_sys_clock_gettime+0x170/0x250 [ 2220.312854] ? __ia32_sys_clock_settime+0x290/0x290 [ 2220.317865] do_page_fault+0xf6/0x8c0 [ 2220.321679] ? vmalloc_sync_all+0x30/0x30 [ 2220.325820] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2220.331350] ? do_syscall_64+0x497/0x820 [ 2220.335425] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2220.340372] ? syscall_return_slowpath+0x31d/0x5e0 [ 2220.345311] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2220.350838] ? retint_user+0x18/0x18 [ 2220.354540] ? page_fault+0x8/0x30 [ 2220.358069] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2220.362899] ? page_fault+0x8/0x30 [ 2220.366438] page_fault+0x1e/0x30 [ 2220.369888] RIP: 0033:0x46f8fd [ 2220.373067] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2220.392634] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2220.397988] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2220.405249] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2220.412507] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2220.419769] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2220.427037] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2220.434361] Task in /ile0 killed as a result of limit of /ile0 [ 2220.440434] memory: usage 24kB, limit 20kB, failcnt 9001 [ 2220.445930] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2220.452722] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2220.458959] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2220.478471] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2220.487300] [26972] 0 26972 17585 8731 131072 0 0 syz-executor6 [ 2220.496205] [27009] 0 27009 17585 8732 126976 0 0 syz-executor0 [ 2220.505430] Memory cgroup out of memory: Kill process 26972 (syz-executor6) score 1752600 or sacrifice child [ 2220.515472] Killed process 26972 (syz-executor6) total-vm:70340kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB 07:53:04 executing program 6: openat$vnet(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vhost-net\x00', 0x2, 0x0) r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000280)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1e70200000000000000010000000000000006000000000000000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x40020200) 07:53:04 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000400"}, 0x2c) 07:53:04 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x97, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:04 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x26, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:04 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000]}}, 0x1c) [ 2220.540369] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2220.551348] syz-executor0 cpuset=/ mems_allowed=0 [ 2220.556281] CPU: 1 PID: 27009 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2220.563651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2220.573011] Call Trace: [ 2220.575610] dump_stack+0x1c9/0x2b4 [ 2220.579252] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2220.584457] ? trace_hardirqs_on+0x10/0x10 [ 2220.588708] dump_header+0x27b/0xf64 [ 2220.592441] ? pagefault_out_of_memory+0x197/0x197 [ 2220.597384] ? __lock_acquire+0x7fc/0x5020 [ 2220.601638] ? print_usage_bug+0xc0/0xc0 [ 2220.605717] ? graph_lock+0x170/0x170 [ 2220.609530] ? print_usage_bug+0xc0/0xc0 [ 2220.613607] ? trace_hardirqs_on+0x10/0x10 [ 2220.617861] ? print_usage_bug+0xc0/0xc0 [ 2220.621952] ? lock_downgrade+0x8f0/0x8f0 [ 2220.626123] ? mark_held_locks+0xc9/0x160 [ 2220.630278] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2220.634877] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2220.640007] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2220.645077] ? trace_hardirqs_on+0xd/0x10 [ 2220.649249] ? ___ratelimit+0xaa/0x655 [ 2220.653151] ? idr_get_free+0x10c0/0x10c0 [ 2220.657312] ? kasan_check_write+0x14/0x20 [ 2220.661555] ? do_raw_spin_lock+0xc1/0x200 [ 2220.665802] oom_kill_process.cold.25+0x10/0x10bc [ 2220.670661] ? oom_evaluate_task+0x540/0x540 [ 2220.675078] ? find_held_lock+0x36/0x1c0 [ 2220.679160] ? lock_downgrade+0x8f0/0x8f0 [ 2220.683327] ? kasan_check_read+0x11/0x20 [ 2220.687482] ? rcu_is_watching+0x8c/0x150 [ 2220.691636] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2220.696060] ? oom_badness+0xb00/0xb00 [ 2220.699957] ? rcu_read_unlock+0x35/0x70 [ 2220.704029] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2220.708278] ? css_task_iter_end+0x2ce/0x490 [ 2220.712692] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2220.717443] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2220.722448] ? trace_hardirqs_on+0xd/0x10 [ 2220.726584] ? _raw_spin_unlock_irq+0x27/0x70 [ 2220.731177] ? oom_badness+0xb00/0xb00 [ 2220.735070] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2220.739834] ? mem_cgroup_iter_break+0x30/0x30 [ 2220.744417] out_of_memory+0xa8a/0x14d0 [ 2220.748385] ? oom_killer_disable+0x3a0/0x3a0 [ 2220.752873] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2220.757886] ? trace_hardirqs_on+0xd/0x10 [ 2220.762066] mem_cgroup_out_of_memory+0x15e/0x210 [ 2220.766911] ? memcg_memory_event+0x40/0x40 [ 2220.771225] ? _raw_spin_unlock+0x22/0x30 [ 2220.775378] mem_cgroup_oom_synchronize+0x713/0x940 [ 2220.780396] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2220.785859] ? memcg_event_wake+0x450/0x450 [ 2220.790201] pagefault_out_of_memory+0xc8/0x197 [ 2220.794863] ? out_of_memory+0x14d0/0x14d0 [ 2220.799090] ? __handle_mm_fault+0x4460/0x4460 [ 2220.803662] mm_fault_error+0x1de/0x380 [ 2220.807640] __do_page_fault+0xd25/0xe50 [ 2220.811694] ? mm_fault_error+0x380/0x380 [ 2220.815845] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2220.821558] ? __x64_sys_clock_gettime+0x170/0x250 [ 2220.826475] ? __ia32_sys_clock_settime+0x290/0x290 [ 2220.831483] do_page_fault+0xf6/0x8c0 [ 2220.835271] ? vmalloc_sync_all+0x30/0x30 [ 2220.839410] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2220.844956] ? do_syscall_64+0x497/0x820 [ 2220.849004] ? syscall_slow_exit_work+0x500/0x500 [ 2220.853842] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2220.858766] ? syscall_return_slowpath+0x31d/0x5e0 [ 2220.863686] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2220.869212] ? retint_user+0x18/0x18 [ 2220.872917] ? page_fault+0x8/0x30 [ 2220.876443] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2220.881275] ? page_fault+0x8/0x30 [ 2220.884798] page_fault+0x1e/0x30 [ 2220.888241] RIP: 0033:0x46f8fd [ 2220.891412] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2220.910594] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2220.915954] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2220.923213] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2220.930469] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2220.937736] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2220.944994] R13: 0000000000a3fc20 R14: 0000000000000002 R15: 0000000000000001 [ 2220.952414] Task in /ile0 killed as a result of limit of /ile0 [ 2220.958443] memory: usage 24kB, limit 20kB, failcnt 9009 [ 2220.963928] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2220.970700] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 07:53:05 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xa}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:05 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x9, 0x24200) ioctl$EVIOCGPROP(r0, 0x80404509, &(0x7f00000007c0)=""/218) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) read(r1, &(0x7f0000000140)=""/69, 0x45) openat$cgroup_procs(r1, &(0x7f0000000380)='tasks\x00', 0x2, 0x0) unshare(0x400) 07:53:05 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00 \x00'}, 0x2c) 07:53:05 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) r2 = getgid() fstat(r0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) getresgid(&(0x7f0000000300), &(0x7f0000000340)=0x0, &(0x7f0000000380)) getgroups(0x3, &(0x7f00000003c0)=[r2, r3, r4]) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) lstat(&(0x7f0000000000)='./file0//ile0\x00', &(0x7f0000000140)) unshare(0x4000000) 07:53:05 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x23f, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:05 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x1b4, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2220.976893] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2220.996377] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2221.005241] [27009] 0 27009 17585 8732 126976 0 0 syz-executor0 [ 2221.014131] Memory cgroup out of memory: Kill process 27009 (syz-executor0) score 1752600 or sacrifice child [ 2221.024172] Killed process 27009 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:05 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00z\x00'}, 0x2c) [ 2221.088608] net_ratelimit: 2 callbacks suppressed [ 2221.088617] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2221.135605] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2221.139998] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2221.161339] syz-executor5 cpuset=/ mems_allowed=0 [ 2221.166283] CPU: 1 PID: 27031 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2221.173654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2221.183017] Call Trace: 07:53:05 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000]}}, 0x1c) [ 2221.185622] dump_stack+0x1c9/0x2b4 [ 2221.189266] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2221.194474] ? trace_hardirqs_on+0x10/0x10 [ 2221.198721] dump_header+0x27b/0xf64 [ 2221.202452] ? pagefault_out_of_memory+0x197/0x197 [ 2221.207396] ? __lock_acquire+0x7fc/0x5020 [ 2221.211648] ? print_usage_bug+0xc0/0xc0 [ 2221.215727] ? graph_lock+0x170/0x170 [ 2221.219565] ? print_usage_bug+0xc0/0xc0 [ 2221.223639] ? trace_hardirqs_on+0x10/0x10 [ 2221.227900] ? print_usage_bug+0xc0/0xc0 [ 2221.231979] ? lock_downgrade+0x8f0/0x8f0 07:53:05 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00h\x00'}, 0x2c) [ 2221.236248] ? mark_held_locks+0xc9/0x160 [ 2221.240404] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2221.245001] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2221.250119] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2221.255144] ? trace_hardirqs_on+0xd/0x10 [ 2221.259300] ? ___ratelimit+0xaa/0x655 [ 2221.263200] ? idr_get_free+0x10c0/0x10c0 [ 2221.267357] ? kasan_check_write+0x14/0x20 [ 2221.271599] ? do_raw_spin_lock+0xc1/0x200 [ 2221.275846] oom_kill_process.cold.25+0x10/0x10bc [ 2221.280714] ? oom_evaluate_task+0x540/0x540 07:53:05 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00H\x00'}, 0x2c) [ 2221.285135] ? find_held_lock+0x36/0x1c0 [ 2221.289215] ? lock_downgrade+0x8f0/0x8f0 [ 2221.293373] ? kasan_check_read+0x11/0x20 [ 2221.297531] ? rcu_is_watching+0x8c/0x150 [ 2221.301689] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2221.306109] ? oom_badness+0xb00/0xb00 [ 2221.310005] ? rcu_read_unlock+0x35/0x70 [ 2221.314078] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2221.318321] ? css_task_iter_end+0x2ce/0x490 [ 2221.322741] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2221.327512] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2221.332542] ? trace_hardirqs_on+0xd/0x10 07:53:05 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000200"}, 0x2c) [ 2221.336702] ? _raw_spin_unlock_irq+0x27/0x70 [ 2221.341219] ? oom_badness+0xb00/0xb00 [ 2221.345120] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2221.349900] ? mem_cgroup_iter_break+0x30/0x30 [ 2221.354504] out_of_memory+0xa8a/0x14d0 [ 2221.358509] ? oom_killer_disable+0x3a0/0x3a0 [ 2221.363024] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2221.368053] ? trace_hardirqs_on+0xd/0x10 [ 2221.372224] mem_cgroup_out_of_memory+0x15e/0x210 [ 2221.377083] ? memcg_memory_event+0x40/0x40 [ 2221.381421] ? _raw_spin_unlock+0x22/0x30 [ 2221.385580] mem_cgroup_oom_synchronize+0x713/0x940 [ 2221.390619] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2221.396099] ? memcg_event_wake+0x450/0x450 [ 2221.400500] pagefault_out_of_memory+0xc8/0x197 [ 2221.405186] ? out_of_memory+0x14d0/0x14d0 [ 2221.409451] ? __handle_mm_fault+0x4460/0x4460 [ 2221.414050] mm_fault_error+0x1de/0x380 [ 2221.418050] __do_page_fault+0xd25/0xe50 [ 2221.422141] ? mm_fault_error+0x380/0x380 [ 2221.426328] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2221.431887] ? __x64_sys_clock_gettime+0x170/0x250 [ 2221.436834] ? __ia32_sys_clock_settime+0x290/0x290 [ 2221.441876] do_page_fault+0xf6/0x8c0 [ 2221.445700] ? vmalloc_sync_all+0x30/0x30 [ 2221.449870] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2221.455415] ? do_syscall_64+0x497/0x820 [ 2221.459475] ? syscall_slow_exit_work+0x500/0x500 [ 2221.464316] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2221.469250] ? syscall_return_slowpath+0x31d/0x5e0 [ 2221.474178] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2221.479537] ? page_fault+0x8/0x30 [ 2221.483086] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2221.487924] ? page_fault+0x8/0x30 [ 2221.491470] page_fault+0x1e/0x30 [ 2221.494913] RIP: 0033:0x46f8fd [ 2221.498089] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2221.518604] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2221.523974] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2221.531246] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2221.538519] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2221.545810] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2221.553091] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2221.560449] Task in /ile0 killed as a result of limit of /ile0 [ 2221.566525] memory: usage 24kB, limit 20kB, failcnt 9073 [ 2221.572054] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2221.578839] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2221.585032] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2221.604521] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2221.613378] [27027] 0 27027 17585 8732 126976 0 0 syz-executor0 [ 2221.622290] [27031] 0 27031 17585 8732 131072 0 0 syz-executor5 [ 2221.631189] [27035] 0 27035 17585 8731 131072 0 0 syz-executor6 [ 2221.640091] Memory cgroup out of memory: Kill process 27031 (syz-executor5) score 1752800 or sacrifice child [ 2221.650147] Killed process 27031 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2221.663432] oom_reaper: reaped process 27031 (syz-executor5), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB [ 2221.675650] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2221.686588] syz-executor0 cpuset=/ mems_allowed=0 [ 2221.691518] CPU: 1 PID: 27027 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2221.699319] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2221.708679] Call Trace: [ 2221.711281] dump_stack+0x1c9/0x2b4 [ 2221.714924] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2221.720129] ? trace_hardirqs_on+0x10/0x10 [ 2221.724381] dump_header+0x27b/0xf64 [ 2221.728116] ? pagefault_out_of_memory+0x197/0x197 [ 2221.733049] ? __lock_acquire+0x7fc/0x5020 [ 2221.737279] ? print_usage_bug+0xc0/0xc0 [ 2221.741344] ? graph_lock+0x170/0x170 [ 2221.745138] ? print_usage_bug+0xc0/0xc0 [ 2221.749197] ? trace_hardirqs_on+0x10/0x10 [ 2221.753442] ? print_usage_bug+0xc0/0xc0 [ 2221.757505] ? lock_downgrade+0x8f0/0x8f0 [ 2221.761654] ? mark_held_locks+0xc9/0x160 [ 2221.765795] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2221.770379] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2221.775474] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2221.780483] ? trace_hardirqs_on+0xd/0x10 [ 2221.784641] ? ___ratelimit+0xaa/0x655 [ 2221.788522] ? idr_get_free+0x10c0/0x10c0 [ 2221.792674] ? kasan_check_write+0x14/0x20 [ 2221.796900] ? do_raw_spin_lock+0xc1/0x200 [ 2221.801139] oom_kill_process.cold.25+0x10/0x10bc [ 2221.805981] ? oom_evaluate_task+0x540/0x540 [ 2221.810394] ? find_held_lock+0x36/0x1c0 [ 2221.814475] ? lock_downgrade+0x8f0/0x8f0 [ 2221.818633] ? kasan_check_read+0x11/0x20 [ 2221.823041] ? rcu_is_watching+0x8c/0x150 [ 2221.827205] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2221.831619] ? oom_badness+0xb00/0xb00 [ 2221.835507] ? rcu_read_unlock+0x35/0x70 [ 2221.839558] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2221.843792] ? css_task_iter_end+0x2ce/0x490 [ 2221.848206] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2221.852954] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2221.858145] ? trace_hardirqs_on+0xd/0x10 [ 2221.862292] ? _raw_spin_unlock_irq+0x27/0x70 [ 2221.866786] ? oom_badness+0xb00/0xb00 [ 2221.870699] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2221.875455] ? mem_cgroup_iter_break+0x30/0x30 [ 2221.880057] out_of_memory+0xa8a/0x14d0 [ 2221.884052] ? oom_killer_disable+0x3a0/0x3a0 [ 2221.888566] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2221.893580] ? trace_hardirqs_on+0xd/0x10 [ 2221.897748] mem_cgroup_out_of_memory+0x15e/0x210 [ 2221.902599] ? memcg_memory_event+0x40/0x40 [ 2221.906916] ? _raw_spin_unlock+0x22/0x30 [ 2221.911071] mem_cgroup_oom_synchronize+0x713/0x940 [ 2221.916097] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2221.921557] ? memcg_event_wake+0x450/0x450 [ 2221.925890] pagefault_out_of_memory+0xc8/0x197 [ 2221.930554] ? out_of_memory+0x14d0/0x14d0 [ 2221.934787] ? __handle_mm_fault+0x4460/0x4460 [ 2221.939373] mm_fault_error+0x1de/0x380 [ 2221.943344] __do_page_fault+0xd25/0xe50 [ 2221.947402] ? mm_fault_error+0x380/0x380 [ 2221.951551] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2221.957083] ? __x64_sys_clock_gettime+0x170/0x250 [ 2221.962008] ? __ia32_sys_clock_settime+0x290/0x290 [ 2221.968692] do_page_fault+0xf6/0x8c0 [ 2221.972491] ? vmalloc_sync_all+0x30/0x30 [ 2221.976632] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2221.982166] ? do_syscall_64+0x497/0x820 [ 2221.986226] ? syscall_slow_exit_work+0x500/0x500 [ 2221.991092] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2221.996036] ? syscall_return_slowpath+0x31d/0x5e0 [ 2222.001064] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2222.006686] ? retint_user+0x18/0x18 [ 2222.010407] ? page_fault+0x8/0x30 [ 2222.013950] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2222.018812] ? page_fault+0x8/0x30 [ 2222.022346] page_fault+0x1e/0x30 [ 2222.025794] RIP: 0033:0x46f8fd [ 2222.028966] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2222.048178] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2222.053537] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2222.060800] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2222.068063] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2222.075336] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2222.082594] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2222.090074] Task in /ile0 killed as a result of limit of /ile0 [ 2222.096155] memory: usage 24kB, limit 20kB, failcnt 9113 [ 2222.101658] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2222.108438] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2222.114615] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2222.134122] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2222.142950] [27027] 0 27027 17585 8732 126976 0 0 syz-executor0 [ 2222.151873] [27035] 0 27035 17618 8731 131072 0 0 syz-executor6 [ 2222.160760] Memory cgroup out of memory: Kill process 27035 (syz-executor6) score 1752600 or sacrifice child [ 2222.171356] Killed process 27035 (syz-executor6) total-vm:70472kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB [ 2222.193022] oom_reaper: reaped process 27035 (syz-executor6), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2222.215662] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2222.226643] syz-executor0 cpuset=/ mems_allowed=0 [ 2222.231560] CPU: 1 PID: 27027 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2222.238923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2222.248308] Call Trace: [ 2222.250897] dump_stack+0x1c9/0x2b4 [ 2222.254516] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2222.259700] ? trace_hardirqs_on+0x10/0x10 [ 2222.263940] dump_header+0x27b/0xf64 [ 2222.267652] ? pagefault_out_of_memory+0x197/0x197 [ 2222.272585] ? __lock_acquire+0x7fc/0x5020 [ 2222.276816] ? print_usage_bug+0xc0/0xc0 [ 2222.280872] ? graph_lock+0x170/0x170 [ 2222.284663] ? print_usage_bug+0xc0/0xc0 [ 2222.288732] ? trace_hardirqs_on+0x10/0x10 [ 2222.292978] ? print_usage_bug+0xc0/0xc0 [ 2222.297044] ? lock_downgrade+0x8f0/0x8f0 [ 2222.301189] ? mark_held_locks+0xc9/0x160 [ 2222.305341] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2222.309924] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2222.315036] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2222.320066] ? trace_hardirqs_on+0xd/0x10 [ 2222.324237] ? ___ratelimit+0xaa/0x655 [ 2222.328145] ? idr_get_free+0x10c0/0x10c0 [ 2222.332307] ? kasan_check_write+0x14/0x20 [ 2222.336551] ? do_raw_spin_lock+0xc1/0x200 [ 2222.340805] oom_kill_process.cold.25+0x10/0x10bc [ 2222.345649] ? oom_evaluate_task+0x540/0x540 [ 2222.350061] ? find_held_lock+0x36/0x1c0 [ 2222.354127] ? lock_downgrade+0x8f0/0x8f0 [ 2222.358275] ? kasan_check_read+0x11/0x20 [ 2222.362420] ? rcu_is_watching+0x8c/0x150 [ 2222.366563] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2222.370967] ? oom_badness+0xb00/0xb00 [ 2222.374850] ? rcu_read_unlock+0x35/0x70 [ 2222.378903] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2222.383140] ? css_task_iter_end+0x2ce/0x490 [ 2222.387559] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2222.392320] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2222.397338] ? trace_hardirqs_on+0xd/0x10 [ 2222.401478] ? _raw_spin_unlock_irq+0x27/0x70 [ 2222.405968] ? oom_badness+0xb00/0xb00 [ 2222.409849] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2222.414593] ? mem_cgroup_iter_break+0x30/0x30 [ 2222.419173] out_of_memory+0xa8a/0x14d0 [ 2222.423141] ? oom_killer_disable+0x3a0/0x3a0 [ 2222.427636] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2222.432660] ? trace_hardirqs_on+0xd/0x10 [ 2222.436829] mem_cgroup_out_of_memory+0x15e/0x210 [ 2222.441686] ? memcg_memory_event+0x40/0x40 [ 2222.446023] ? _raw_spin_unlock+0x22/0x30 [ 2222.450178] mem_cgroup_oom_synchronize+0x713/0x940 [ 2222.455200] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2222.460644] ? memcg_event_wake+0x450/0x450 [ 2222.464994] pagefault_out_of_memory+0xc8/0x197 [ 2222.469679] ? out_of_memory+0x14d0/0x14d0 [ 2222.473915] ? __handle_mm_fault+0x4460/0x4460 [ 2222.478493] mm_fault_error+0x1de/0x380 [ 2222.482469] __do_page_fault+0xd25/0xe50 [ 2222.486525] ? __schedule+0x1ec0/0x1ec0 [ 2222.490502] ? mm_fault_error+0x380/0x380 [ 2222.494673] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2222.500211] do_page_fault+0xf6/0x8c0 [ 2222.504006] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2222.509536] ? vmalloc_sync_all+0x30/0x30 [ 2222.513679] ? syscall_slow_exit_work+0x500/0x500 [ 2222.518511] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2222.523430] ? syscall_return_slowpath+0x31d/0x5e0 [ 2222.528351] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2222.533877] ? retint_user+0x18/0x18 [ 2222.537583] ? page_fault+0x8/0x30 [ 2222.541114] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2222.545946] ? page_fault+0x8/0x30 [ 2222.549481] page_fault+0x1e/0x30 [ 2222.552936] RIP: 0033:0x46f8fd [ 2222.556109] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2222.575347] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2222.580704] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2222.587987] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2222.595253] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2222.602533] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2222.609791] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2222.617184] Task in /ile0 killed as a result of limit of /ile0 [ 2222.623259] memory: usage 24kB, limit 20kB, failcnt 9129 [ 2222.628749] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2222.635525] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2222.641711] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2222.661211] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2222.670100] [27027] 0 27027 17585 8732 126976 0 0 syz-executor0 [ 2222.678966] Memory cgroup out of memory: Kill process 27027 (syz-executor0) score 1752600 or sacrifice child 07:53:06 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f00000003c0)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1e70200000000000000010000000000000006000000000000000000000000cfc0f720546fa93f242811997aaf3a3da29f1acf5d682ab165c49ff5178d4f2c65ddd5b2175416e3fda5eec6d2093fd1ef583f996a66a2196c086cd29ad9ba896ab648aaeab10a098a970dd08dd578108649c65c31ab2608f341604173176d7fa5e0f167d11cfbfa304b8e922895d27b94b1d17c77bb6ba7ba2cfa3019f5e23f4fadc72fd7d43119b93f870acd3b520a5ddfeb2ab182a0117575257d24f7594b781dd70dbe0b8c554bdc21c3f0d18ef5c486ea4f9782567441da"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/loop-control\x00', 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) clock_settime(0x7, &(0x7f00000002c0)={0x0, 0x989680}) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) r6 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x200000, 0x0) syz_kvm_setup_cpu$x86(r2, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text16={0x10, &(0x7f0000000180)="67660f384075800f01d166b8be0000000f23d80f21f86635400000e00f23f8a5440f20c0663502000000440f22c0670f22dd652680e7020fc71d0f01bfb3bf9a0020ae00", 0x44}], 0x1, 0x0, &(0x7f0000000200), 0x0) ioctl$SCSI_IOCTL_GET_BUS_NUMBER(r6, 0x5386, &(0x7f0000000140)) r7 = shmget(0x3, 0x1000, 0x78000100, &(0x7f0000ffe000/0x1000)=nil) shmctl$IPC_INFO(r7, 0x3, &(0x7f0000000280)=""/27) r8 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r8, &(0x7f0000000100), 0x12) unshare(0x40020200) 07:53:06 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\t\x00'}, 0x2c) 07:53:06 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0xe7, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:06 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x5f, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:06 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000000)='./file0//ile0\x00', 0x2, 0x3) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) 07:53:06 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xc}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:06 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000000000000]}}, 0x1c) 07:53:06 executing program 0: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000380)={@in6={{0xa, 0x4e23, 0x2, @local, 0xffffffff}}, 0xf8, 0x3, 0x8, "da289bbecc6ba9af4f10086b9a720fe92705a089ef37f7fe7562f2c53344748ff2510e1ef0297721a080f513f6ff7c4c6883c90f952112058a82e8c9f560c32fa690f48a647c1dcc20c986db2531d603"}, 0xd8) mkdir(&(0x7f00000001c0)='./file0\x00', 0xfffffffffffffffe) r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x1, 0x0) ioctl$KVM_SET_ONE_REG(r1, 0x4010aeac, &(0x7f0000000140)={0x4}) r2 = getpgrp(0x0) perf_event_open(&(0x7f0000000300)={0x5, 0x70, 0x0, 0x1ff, 0x7f, 0x100, 0x0, 0x200, 0x1, 0xc, 0x2308, 0x8001, 0x583, 0xfffffffffffff369, 0x1, 0x6, 0x10000, 0x8, 0x2, 0x0, 0x1ded, 0xfffffffffffffffa, 0x100000000, 0x8e, 0x1f, 0x7, 0x6, 0x7fff, 0x4, 0x7, 0x7, 0x6, 0x200, 0x0, 0x8, 0x64, 0x8, 0x9, 0x0, 0x1, 0x6, @perf_config_ext={0x100000000, 0xba8}, 0x0, 0x0, 0x6, 0x0, 0x3, 0x7fff, 0xd7}, r2, 0xb, 0xffffffffffffffff, 0x3) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r3 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) semget(0x3, 0x3, 0x208) r4 = openat$cgroup_procs(r3, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r4, &(0x7f00000002c0), 0x12) openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000180)='/dev/sequencer2\x00', 0x0, 0x0) unshare(0x4000000) [ 2222.688998] Killed process 27027 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2222.701308] oom_reaper: reaped process 27027 (syz-executor0), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB 07:53:06 executing program 5: mkdir(&(0x7f0000000180)='./file0//ile0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000140), 0xffffffffffffff4e) openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x101000, 0x0) unshare(0xc00000040000300) 07:53:06 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000500"}, 0x2c) [ 2222.762700] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2222.794537] Unknown ioctl 1074835116 07:53:06 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) r2 = pkey_alloc(0x0, 0x1) pkey_mprotect(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x2000000, r2) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) [ 2222.813568] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:06 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800000000000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2222.897060] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2222.908282] syz-executor0 cpuset=/ mems_allowed=0 [ 2222.913311] CPU: 0 PID: 27078 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2222.919140] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2222.920670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2222.920676] Call Trace: [ 2222.920699] dump_stack+0x1c9/0x2b4 [ 2222.920719] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2222.920737] ? trace_hardirqs_on+0x10/0x10 [ 2222.920756] dump_header+0x27b/0xf64 [ 2222.964461] ? pagefault_out_of_memory+0x197/0x197 [ 2222.969410] ? __lock_acquire+0x7fc/0x5020 [ 2222.973663] ? print_usage_bug+0xc0/0xc0 [ 2222.977740] ? graph_lock+0x170/0x170 [ 2222.977932] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2222.981537] ? print_usage_bug+0xc0/0xc0 [ 2222.981555] ? trace_hardirqs_on+0x10/0x10 [ 2222.981579] ? print_usage_bug+0xc0/0xc0 [ 2222.981605] ? lock_downgrade+0x8f0/0x8f0 [ 2222.981627] ? mark_held_locks+0xc9/0x160 [ 2223.017840] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2223.022447] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2223.027569] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2223.032596] ? trace_hardirqs_on+0xd/0x10 [ 2223.036775] ? ___ratelimit+0xaa/0x655 [ 2223.040679] ? idr_get_free+0x10c0/0x10c0 [ 2223.044839] ? kasan_check_write+0x14/0x20 [ 2223.049086] ? do_raw_spin_lock+0xc1/0x200 [ 2223.053341] oom_kill_process.cold.25+0x10/0x10bc [ 2223.058671] ? oom_evaluate_task+0x540/0x540 [ 2223.063092] ? find_held_lock+0x36/0x1c0 [ 2223.067176] ? lock_downgrade+0x8f0/0x8f0 [ 2223.071343] ? kasan_check_read+0x11/0x20 [ 2223.075502] ? print_usage_bug+0xc0/0xc0 [ 2223.079568] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2223.086338] ? oom_badness+0xb00/0xb00 [ 2223.090247] ? rcu_read_unlock+0x35/0x70 [ 2223.094313] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2223.098557] ? css_task_iter_end+0x2ce/0x490 [ 2223.102999] ? mark_held_locks+0xc9/0x160 [ 2223.107163] ? retint_kernel+0x10/0x10 [ 2223.111073] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2223.116151] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2223.120957] ? retint_kernel+0x10/0x10 [ 2223.124862] ? out_of_memory+0xa39/0x14d0 [ 2223.129023] out_of_memory+0xa8a/0x14d0 [ 2223.133027] ? oom_killer_disable+0x3a0/0x3a0 [ 2223.137543] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2223.142575] ? trace_hardirqs_on+0xd/0x10 07:53:07 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000300"}, 0x2c) 07:53:07 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000008400"}, 0x2c) 07:53:07 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00h\x00'}, 0x2c) 07:53:07 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00l\x00'}, 0x2c) [ 2223.146741] mem_cgroup_out_of_memory+0x15e/0x210 [ 2223.151593] ? memcg_memory_event+0x40/0x40 [ 2223.155926] ? _raw_spin_unlock+0x22/0x30 [ 2223.160109] mem_cgroup_oom_synchronize+0x713/0x940 [ 2223.165149] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2223.170617] ? memcg_event_wake+0x450/0x450 [ 2223.174971] pagefault_out_of_memory+0xc8/0x197 [ 2223.179655] ? out_of_memory+0x14d0/0x14d0 [ 2223.183917] ? __handle_mm_fault+0x4460/0x4460 [ 2223.188515] mm_fault_error+0x1de/0x380 [ 2223.192516] __do_page_fault+0xd25/0xe50 [ 2223.196600] ? mm_fault_error+0x380/0x380 [ 2223.200800] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2223.206358] ? __x64_sys_clock_gettime+0x170/0x250 [ 2223.211309] ? __ia32_sys_clock_settime+0x290/0x290 [ 2223.216347] do_page_fault+0xf6/0x8c0 [ 2223.220206] ? vmalloc_sync_all+0x30/0x30 [ 2223.224370] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2223.229910] ? do_syscall_64+0x497/0x820 [ 2223.233968] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2223.238894] ? syscall_return_slowpath+0x31d/0x5e0 [ 2223.243826] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2223.249183] ? page_fault+0x8/0x30 [ 2223.252724] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2223.257554] ? page_fault+0x8/0x30 [ 2223.261107] page_fault+0x1e/0x30 [ 2223.264566] RIP: 0033:0x46f8fd [ 2223.267747] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2223.287046] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2223.292402] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2223.299660] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2223.306918] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2223.314186] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2223.321456] R13: 0000000000a3fc20 R14: 0000000000000001 R15: 0000000000000001 [ 2223.328820] Task in /ile0 killed as a result of limit of /ile0 [ 2223.334910] memory: usage 24kB, limit 20kB, failcnt 9193 [ 2223.340407] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2223.347220] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2223.353413] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2223.372873] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2223.381642] [27078] 0 27078 17585 8732 126976 0 0 syz-executor0 [ 2223.390547] [27081] 0 27081 17585 9243 135168 0 0 syz-executor6 [ 2223.399439] [27091] 0 27091 17618 8732 131072 0 0 syz-executor5 [ 2223.408322] Memory cgroup out of memory: Kill process 27081 (syz-executor6) score 1855200 or sacrifice child [ 2223.418361] Killed process 27081 (syz-executor6) total-vm:70340kB, anon-rss:4204kB, file-rss:32768kB, shmem-rss:0kB [ 2223.458772] oom_reaper: reaped process 27081 (syz-executor6), now anon-rss:0kB, file-rss:32792kB, shmem-rss:0kB [ 2223.471496] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2223.482469] syz-executor0 cpuset=/ mems_allowed=0 [ 2223.487402] CPU: 0 PID: 27078 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2223.494762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2223.504116] Call Trace: [ 2223.506742] dump_stack+0x1c9/0x2b4 [ 2223.510392] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2223.515602] ? trace_hardirqs_on+0x10/0x10 [ 2223.519872] dump_header+0x27b/0xf64 [ 2223.523622] ? pagefault_out_of_memory+0x197/0x197 [ 2223.528543] ? __lock_acquire+0x7fc/0x5020 [ 2223.532768] ? __lock_acquire+0x7fc/0x5020 [ 2223.536990] ? print_usage_bug+0xc0/0xc0 [ 2223.541043] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2223.545618] ? graph_lock+0x170/0x170 [ 2223.549406] ? print_usage_bug+0xc0/0xc0 [ 2223.553455] ? trace_hardirqs_on+0x10/0x10 [ 2223.557679] ? finish_task_switch+0x2ca/0x870 [ 2223.562177] ? print_usage_bug+0xc0/0xc0 [ 2223.566232] ? lock_downgrade+0x8f0/0x8f0 [ 2223.570382] ? mark_held_locks+0xc9/0x160 [ 2223.574515] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2223.579088] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2223.584183] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2223.589190] ? trace_hardirqs_on+0xd/0x10 [ 2223.593862] ? ___ratelimit+0xaa/0x655 [ 2223.597741] ? idr_get_free+0x10c0/0x10c0 [ 2223.601879] ? kasan_check_write+0x14/0x20 [ 2223.606104] ? do_raw_spin_lock+0xc1/0x200 [ 2223.610335] oom_kill_process.cold.25+0x10/0x10bc [ 2223.615173] ? oom_evaluate_task+0x540/0x540 [ 2223.619575] ? find_held_lock+0x36/0x1c0 [ 2223.623650] ? lock_downgrade+0x8f0/0x8f0 [ 2223.627802] ? kasan_check_read+0x11/0x20 [ 2223.631948] ? rcu_is_watching+0x8c/0x150 [ 2223.636083] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2223.640479] ? oom_badness+0xb00/0xb00 [ 2223.644353] ? rcu_read_unlock+0x35/0x70 [ 2223.648402] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2223.652624] ? css_task_iter_end+0x2ce/0x490 [ 2223.657038] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2223.661786] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2223.666795] ? trace_hardirqs_on+0xd/0x10 [ 2223.670933] ? _raw_spin_unlock_irq+0x27/0x70 [ 2223.675419] ? oom_badness+0xb00/0xb00 [ 2223.679298] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2223.684047] ? mem_cgroup_iter_break+0x30/0x30 [ 2223.688645] out_of_memory+0xa8a/0x14d0 [ 2223.692613] ? oom_killer_disable+0x3a0/0x3a0 [ 2223.697127] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2223.702151] ? trace_hardirqs_on+0xd/0x10 [ 2223.706295] mem_cgroup_out_of_memory+0x15e/0x210 [ 2223.711128] ? memcg_memory_event+0x40/0x40 [ 2223.715447] ? _raw_spin_unlock+0x22/0x30 [ 2223.719588] mem_cgroup_oom_synchronize+0x713/0x940 [ 2223.724611] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2223.730051] ? memcg_event_wake+0x450/0x450 [ 2223.734372] pagefault_out_of_memory+0xc8/0x197 [ 2223.739033] ? out_of_memory+0x14d0/0x14d0 [ 2223.743264] ? __handle_mm_fault+0x4460/0x4460 [ 2223.747838] mm_fault_error+0x1de/0x380 [ 2223.751800] __do_page_fault+0xd25/0xe50 [ 2223.755853] ? mm_fault_error+0x380/0x380 [ 2223.759990] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2223.765523] ? __x64_sys_clock_gettime+0x170/0x250 [ 2223.770438] ? __ia32_sys_clock_settime+0x290/0x290 [ 2223.775450] do_page_fault+0xf6/0x8c0 [ 2223.779243] ? vmalloc_sync_all+0x30/0x30 [ 2223.783377] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2223.788915] ? do_syscall_64+0x497/0x820 [ 2223.792969] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2223.797896] ? syscall_return_slowpath+0x31d/0x5e0 [ 2223.802823] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2223.808351] ? retint_user+0x18/0x18 [ 2223.812062] ? page_fault+0x8/0x30 [ 2223.815592] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2223.820432] ? page_fault+0x8/0x30 [ 2223.823961] page_fault+0x1e/0x30 [ 2223.827402] RIP: 0033:0x46f8fd [ 2223.830575] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2223.849817] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2223.855171] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2223.862439] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2223.869697] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2223.876964] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2223.884222] R13: 0000000000a3fc20 R14: 0000000000000001 R15: 0000000000000001 [ 2223.891812] Task in /ile0 killed as a result of limit of /ile0 [ 2223.897898] memory: usage 24kB, limit 20kB, failcnt 9209 [ 2223.903432] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2223.910226] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2223.916443] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2223.935973] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2223.944891] [27078] 0 27078 17585 8732 126976 0 0 syz-executor0 [ 2223.953796] [27091] 0 27091 17618 8732 131072 0 0 syz-executor5 [ 2223.962712] Memory cgroup out of memory: Kill process 27091 (syz-executor5) score 1752800 or sacrifice child [ 2223.972789] Killed process 27091 (syz-executor5) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2223.989788] oom_reaper: reaped process 27091 (syz-executor5), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2224.000274] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2224.011216] syz-executor0 cpuset=/ mems_allowed=0 [ 2224.016152] CPU: 0 PID: 27078 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2224.023519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2224.032874] Call Trace: [ 2224.035456] dump_stack+0x1c9/0x2b4 [ 2224.039093] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2224.044283] ? trace_hardirqs_on+0x10/0x10 [ 2224.048507] dump_header+0x27b/0xf64 [ 2224.052213] ? pagefault_out_of_memory+0x197/0x197 [ 2224.057130] ? __lock_acquire+0x7fc/0x5020 [ 2224.061368] ? print_usage_bug+0xc0/0xc0 [ 2224.065431] ? graph_lock+0x170/0x170 [ 2224.069217] ? print_usage_bug+0xc0/0xc0 [ 2224.073285] ? trace_hardirqs_on+0x10/0x10 [ 2224.077515] ? print_usage_bug+0xc0/0xc0 [ 2224.081595] ? lock_downgrade+0x8f0/0x8f0 [ 2224.085744] ? mark_held_locks+0xc9/0x160 [ 2224.089885] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2224.094456] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2224.099559] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2224.104567] ? trace_hardirqs_on+0xd/0x10 [ 2224.108725] ? ___ratelimit+0xaa/0x655 [ 2224.112606] ? idr_get_free+0x10c0/0x10c0 [ 2224.116747] ? kasan_check_write+0x14/0x20 [ 2224.120973] ? do_raw_spin_lock+0xc1/0x200 [ 2224.125202] oom_kill_process.cold.25+0x10/0x10bc [ 2224.130044] ? oom_evaluate_task+0x540/0x540 [ 2224.134453] ? find_held_lock+0x36/0x1c0 [ 2224.138512] ? lock_downgrade+0x8f0/0x8f0 [ 2224.142655] ? kasan_check_read+0x11/0x20 [ 2224.146795] ? rcu_is_watching+0x8c/0x150 [ 2224.150932] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2224.155332] ? oom_badness+0xb00/0xb00 [ 2224.159211] ? rcu_read_unlock+0x35/0x70 [ 2224.163270] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2224.167509] ? css_task_iter_end+0x2ce/0x490 [ 2224.171915] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2224.176659] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2224.181681] ? trace_hardirqs_on+0xd/0x10 [ 2224.185822] ? _raw_spin_unlock_irq+0x27/0x70 [ 2224.190316] ? oom_badness+0xb00/0xb00 [ 2224.194205] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2224.198953] ? mem_cgroup_iter_break+0x30/0x30 [ 2224.203548] out_of_memory+0xa8a/0x14d0 [ 2224.207516] ? oom_killer_disable+0x3a0/0x3a0 [ 2224.212005] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2224.217025] ? trace_hardirqs_on+0xd/0x10 [ 2224.221171] mem_cgroup_out_of_memory+0x15e/0x210 [ 2224.226003] ? memcg_memory_event+0x40/0x40 [ 2224.230322] ? _raw_spin_unlock+0x22/0x30 [ 2224.234460] mem_cgroup_oom_synchronize+0x713/0x940 [ 2224.239468] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2224.244919] ? memcg_event_wake+0x450/0x450 [ 2224.249239] pagefault_out_of_memory+0xc8/0x197 [ 2224.253909] ? out_of_memory+0x14d0/0x14d0 [ 2224.258139] ? __handle_mm_fault+0x4460/0x4460 [ 2224.262710] mm_fault_error+0x1de/0x380 [ 2224.266686] __do_page_fault+0xd25/0xe50 [ 2224.270741] ? mm_fault_error+0x380/0x380 [ 2224.274889] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2224.280431] ? __x64_sys_clock_gettime+0x170/0x250 [ 2224.285352] ? __ia32_sys_clock_settime+0x290/0x290 [ 2224.290376] do_page_fault+0xf6/0x8c0 [ 2224.294169] ? vmalloc_sync_all+0x30/0x30 [ 2224.298307] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2224.303838] ? do_syscall_64+0x497/0x820 [ 2224.307894] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2224.312817] ? syscall_return_slowpath+0x31d/0x5e0 [ 2224.317742] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2224.323284] ? retint_user+0x18/0x18 [ 2224.326988] ? page_fault+0x8/0x30 [ 2224.330524] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2224.336053] ? page_fault+0x8/0x30 [ 2224.339594] page_fault+0x1e/0x30 [ 2224.343037] RIP: 0033:0x46f8fd [ 2224.346207] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2224.365424] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2224.370773] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2224.378030] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2224.385285] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2224.392555] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2224.399827] R13: 0000000000a3fc20 R14: 0000000000000001 R15: 0000000000000001 [ 2224.407236] Task in /ile0 killed as a result of limit of /ile0 [ 2224.413281] memory: usage 24kB, limit 20kB, failcnt 9217 [ 2224.418759] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2224.425541] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2224.431710] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2224.451229] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 07:53:08 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000280)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1e70200000000000000010000000000000006000000000000000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x40020200) 07:53:08 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000008400"}, 0x2c) 07:53:08 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x23d, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:08 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x21, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:08 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4788]}}, 0x1c) 07:53:08 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x6000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:08 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000140)='/dev/cuse\x00', 0x4300, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000000)='cgroup.procs\x00', r0}, 0x10) r2 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0x12) r4 = getpgrp(0x0) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000280)={0x0}, &(0x7f00000002c0)=0xc) setpgid(r4, r5) unshare(0x4000000) 07:53:08 executing program 5: openat$dsp(0xffffffffffffff9c, &(0x7f0000001600)='/dev/dsp\x00', 0x2, 0x0) r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001840)='cgroup.events\x00', 0x0, 0x0) ioctl$EVIOCGEFFECTS(r0, 0x80044584, &(0x7f0000001640)=""/67) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) userfaultfd(0x80000) unlinkat(r0, &(0x7f00000016c0)='./file0\x00', 0x200) ioctl$KVM_CREATE_DEVICE(r0, 0xc00caee0, &(0x7f0000000000)={0x3, r0, 0x1}) pwritev(r1, &(0x7f00000014c0)=[{&(0x7f0000000280)="231d64f881e5898bf20cc2756df7152dad3b9a9fbe6185c351267d10d04311feb35e662ba73dc03de8dae7787a69642314e585f8a2898aea33d304ed615463c77a7c961839727c5666ae59b796eca3e6e5ded724ba861718f42bdedd3e2ac725d4f8c32845df771bac3a12e9cde296a17527b93b6d7c979109ac10ed732f988820089f483e5d44d5d0b0eda754c7464d673e8969021adf7cefa184890f091681d0444c6160247374967bbda07700fa7a485aa38f302bc1195d890a5a36bdf5c9e76dfc8e6bbf41d8d1691c7bc6349d504cce6f376257b3751c19c18c7098494a6c9d27e99fc99c2f3c2dbb", 0xeb}, {&(0x7f0000000380)="4756068626cbf12e4b0120093535222ee30d5a3a685760c5d9b722004c4ef06515bbe7b5c1e2c0ded7adc0147dac0423da9148857aa2e77d0ae3a5d81bc8782b9a7e64eaa189acd567849878d5f42ee8f532bf10921fcba821384073ef880bdcd046f365e00aa71827045c8b6511a5261c9122188afbf3967d81be213a49e665260873b61962bde1eb0c138606f04a48d882df0f553e9ec5ba45e0d6ae1c76fb6fa86bdefb2674fb41adf6f98962916c70d88fe1e82847ce82d303fa77618630f050b24c96a46415d7b5069d79b3d4825542243624283f4bdf8b984e3fe8d7056210a8a5351f7240fd2947f2434a293c92f009fbff442ba55bc823e0d925869f2455ddce688b749c9cc9ccc43154c397e80fc061b2cdbb28c3e8139171b6212b12c628072223af738f42a9d1dc55871fa4a45e22327a5b739a44e85e6e68b77a03a6a1b7482845d5a253ab60b0bbac52f87681be1c1ac64bfa012bd9e3348fd9a9fc4ca235ce69a930586418dcfe394feebc6910c9d88c8ca1b2f7684dda7e9c3b4a3e5db229b9551c41d3e59f4a19297725bcd11d4509fba128f5ee6d7e6ab4adfc96c4954ee1284fa479b4db9c7ecb5f3623e8741460e7789814a45340f97d1057bd6db90de3cde59ac72ed8549fb1f71524ab10bfea448df36140af6280b718f7b84cef6096bbe27095445f2d5c079eeb31b0447e5dd085d2f9f8dfea9ef183df57488568474584d7b7c464633490b5a526221bc9eb990f115f4782d1ccc39162581a0542fee7e9dd459c9bcbecdf20dbad9504b18e6fb4671412ed571cbcbcf5f02d916adcb2260f61011ffbd94fc34d123fdf32c70f71d190d81c0363f4a8fffda8890e48124d1a0b600f056273e70436b5f9969342605259b067cc634e0bd6712bf38ab6633962c6751452fe592e83cfb90099a7c338c21aeead1776b3a7dc105e5aca1b70803aa1cae29c6660e76c0c29e460f602619018683ce6784f12529b04f21b2c87ecd42379b6f866160f326f4869ada4614ea4bb0177bfbac6ba6bcc3e0dcda0d550a0796731faab5939f8070d8b8e255101c3474361d629cbaf0ac92dd7b9799f7e7bcc825b70570fca12c14071cc37c91887d22e25eb9425e068f2bdc780dfc34e15aed9fb57542205b5987c43448ddd72812c858572d14fefc980e3b476f28b98fc59575c1794aeacc6f1f072bc0f387a49ef3a27a59afea5a11c7aca54ce64d83e96c22ddf9a4c046960b07545360cfa60ac7c17303175390f0c59d9a90922850a233506eeec08f26af8a4a54efd51a822c035decccc01ffcf3b18e2466f4917e322caa95a6a6f2a299a2d7820161572ab1385ff7276105d330f42f74e0a275bc6a9f4667635670b7b6365dd7fa8ce3ae43d71543595a2604e9022712302c1a221895a4c90e932eb763ce98317c942fe458fe7e69caf5956d0bd9c5c6cb775f57a7722e0dfa18902d3f23e4137a1f13792201fc354ee676788807a4d54991c64e0b6ab83c59c8b3a0513027cb1c46cb7b0565e3c7c0e6c1abd0188dddaff704e08c68bb3e17a703b2179c5611247775e92f53842fb09188d030f7659b9029310320e549e5b3550a3cbc43844b6eddd7538861894faa22bae5d8465f2732c20e940fc4748030f5250e7a4100b6718be89991c118d22aba9fee3978a0e820124600924df30b81c904f120f1b4aa955e01ba8bc3ecd0d4f136e27d1233bc03263307d0c228b62e65d1494e909d88a916b7ab47610c1cac4413e7da757f093e3e230015952c4528ec3252f0790bc19e73a83bc103772c244910efbd497b49f87497d9f0f72834dfd96c563faa2fc536f18060ee3b408582eb3dc9dd7e5596dbf8dc55b0cd6182a6afd9ad6d0ea27f1b5e8c120e22e6a3d8b57f7074321d01d87150d30178759e8d5486521cb8c17022b0134964c2761dcac297a044e507fdab1c5f22a1550a9990bd42a4f44804290831b1be2613340328116b895888bb8237a3cf324128170e81ca7e147dac7a980519fa215c581ba1a53ff1bd1cb5987fdf3b1bbe2f1792822d15770efd309471dba7b6d50444b85cab6c1326b8dda6f190d2e1fb16aea1d6759537ccfd7476972cc2dc3dcfa2353bcd71f6c21eec2b2e2ad16759eea7dffadd3b6ab37214ca6ede58c04f136371e90548e936147e9d72b63fe1ea586ba91dd326ebaa8284db7cab4faf491240fe4f95d5ac9d4a5f1f0077acadeaf024a2b3ec03a2f3f03b464023cf97102cd610badccca4b2af8420d29b2570a4b7b2ebf546f76cd33f0c738995f865a9c17fd2408412c1822bd28f9ce78217cacb82c070266aefd6c43908720cce957134ad8a59701725cabc991d5dcace7fcd18ee4f8ddbebb1bcc98043d7d8f32ec49824efd7e553665e2cfb7a2a9f1a0a768a07963348a8e2094972c6cce745243b01b3374313a5f5b7f652cc34ab1cbae7ca5e2a7bb1a598cf6a4d2915df78366a5cafee4c09308b00034cabb9592b66dc0244327620e28071131f92acaa037b092af77a0ab56d19943c130cfa712459528d066ef3a21a3a1a27d92932c0c7ea7dbe453c7e0f0a0968ccc640eea2de57701b3af71cb5772eeb3dd7d7c8272f57f55c0c415ef80feb8d697f34848e46dfacb5491b39971f2fa53bbb45bf46436141a82edf103e57e72a2caa466c0e2dc266a0e9b4b219e078f12c4ba7b68e67e2f5f61c18435b6424cd5519dfe47ae914564e9630310959b492d95f0838bc56e08defff9228334b5c25fed6821c4929c6203d1dc37d3c6ba58316fe7bacdab2536f3900256105e05936fe417071d93677c5901c5cc800664ae9f00a8bc4665cdae0fafe51428d1d2ef14825cf50b99eaa779263ae70167744f8ac8de4a0c3434cc3342de5d7a6129f9d26bb9f61d7b5b19a10bd8997102c6c16d4d094e89237f96da745630a6fb540f2f7cecaba15a2b2f12c602bb21346d6f6ed335d6db18f1c17224076c48eac494dc7590602999e79369d2c071e9a62c35d9233de12ed4e95e3003732208280554423c92e0bef382db9ad413ca2372a0269aef826f1bbad76d4b79f395a87b68dc3404b5c1f633c52d32aa8c004570e681508ab69f3a401f9412c5f410cfdae1c6416fa21a36e3cfb9830cbe4d92fa01e8b3262502814bec397a01f5e478ffdfdd155968b532ef27d1ef1f9705bcbe5b71d6ff6c37d407eb7ac731a65dcef2620f7731d685692e619f3cf4a8c2d3e4ed9e8819bfd9853e853429c824b93c38cd561f426a883baddc9d6caca513e80982bd91ffd7876b6fbf0c35d47f0ad3d15e46269911530055d1fc3bbc1b114a00874bb3010e49a224c1d1fa11abc24f2ae56da4388ecb699185b1e5b54c697a70f2d6c5d69f5a0061497a43e1736bc8bb406ff70af2e4f3736a112e97f3ad44abc9a8d1d5d0beed3c9a5ec0ee9cf4bbc3082cf3fffe6d9c0032d821fbebbeec1b6a1bb9b2803734ebb21beef6bf7b804328bc1943d3ff83a73beae9a3798e82c1d53481f6cb967e6cf7e93b70fdc232106ca4b3588de5e45e715748154c1783808ff2a1cfd4d19cb11e8733b0a4cdbbfe0b31c373feb3e5654c4f642a34b6f2693b90a568b5614ad8363f9f35162bf688a64c8cf13b846c22a0880606fff77ff790fec606fc383361e3d02d6f02b571ee9cf2a2a807f51bd3ec180dfaa10010387ffe47cf5658b8cd03e0ab21d143e31df09ccd10f619e38dcb3af735f8ac29c37a6f3682839bff9e5db9f4c413c6cba46ac4417fccbdd65c7aeb851b7be46e8e7cadbd00597c08730a448584c799a998bbf925bd817119186cac24c2aabe282833760029d5d9858dc2a4fd286733a9b0af46904a13aad01b7f1cedae68a822ac7902e0562401d46c056ced5cc581b78816187113d7898a014891be4f3b2034d337079435c7a8a0bbccbcd13baaf592eb5cc4f65691cb0461de5132bfb0ea3da1805cbb7a1338f405fa5e15593b0491d32f7d004782eb441991b94c5e82a926f8715a73b1f3bdd0595b1a8afcea78f75fd4a5582fbc2f275b33d2efc574bf74cd6072f20edfdbfc064db44ab35770f27248f72f1d54c0861a6c3fd453e3a427d0bc78b68de97b5868c1f5021cee35e4f71a99b2a10bbe48dc3cca659ad7fccf4d62fbc31906382d9569b0c005264fb6ccd5a347ce5359d1d96f4601a196129930e36efa33072495daea67bdcf84f9e90d96d7af8ff43f6a0b3fa85a4992e1a49b86751d2fa5140b1a96c3fe61193064621c700cd23b18753e7e3403e10a092d8130e7ed41d2c4c6245f08805b43f7e43dff2b0692a364a9d294eeb7bcfa9610fd071577778ec5b6b77dcd47f13b312d655e999f8e7a97e02ff0e4028ee8bec66608b174cbde01573b03cc2a4a20b5ba929d24b30196d71b41b0a330d7136ef8865176752d0058e046e36683949230bd80fe24e6f0c1c5414856b2df7f6a4ad92e03ed60e57e9e98bd5a0b75eb7fda2dce1d4869f112569ef8f1c8fb02136d2d75f6e0a0aed93f1f2cac6939685049ea6c4004a4ca0e210b19ae76ab6205368836ca1c729d260c27d4b91a67d2e5792f89cdb17ef14deab16015e29cb67caebc637dcc59322bf4ddc8c4346c6e0f5d860f60c8f4e9ed7b7086061bdf794688bfe00fd971664e438b7f8204b9ca7ab3a2e87a55a56eb2ecdd33d184ca2b1a6c2017b40054dc6b28f26b7791171ff0a447c04497608a225fe136d36a7baf9a5ddda7683ef0c48f4e03e59bdd41c8109f46dc7e79c44b5568029fcdc21b666a5588f299315a7aaa3793e8fe82dfdacca659544a48cc06f805babf971526347ecfd23edcba9efa28b6ca3ba76b0b1a83fb1e09ab0335e2d0c2b72977a669f894a5d29e2991f95cafe2aff9137bc4e67a0acc011a4f0f5cde019a53ff9c2fad28c5164adf321284a50b2859cef82a03d2f7a9d02efa39c75ead2693148e6e4b770c4aeb02833f686da553735517fe8aeb61a5d7fc306d65f174d019922ace446adfabe80a23e1fb211a11da37c62005c9fc54948356a8c4bf1f1dfac683a64fdd14e486577489ad9247c7c79a8f544e240379b6ee648f481bd6333214d1daa9019440ce3561c7059e2e7977f9d1cc95dffebffa1874112cdc058c821a9fbf4bd23d2176c36cbb97101b8d62a84e1e5f5e4f92881da0c4fdde530927d6b63eda71dda3616ac1c05bcbafbc378cdf076165ac3530d77c48199108e5bb20a9faf3d8496227ba20ce13e328febbf6a2f08aae4e386fc2dc939034ca245f9d4352d85472911e77907c10b5be487db98331c1dee546156ec522d449e6547f0bad77944dac26acbe8edfb765f76a809f8979ee25a4db68346b7552be0b9d443b501911f718d69cb79dde47a411a07c83cc931f8d554bececafedf01d2c34bf50e229263b51321eb0f6f4ced0e6f4d6152d568bc90c9db237d565d69743a8dca93645d0fde167f7824896ba3cf99ef8668040ea0787a3a0962a4ab4800fb58092d84b121d9edfcfd489da5f6f68840f87d36a39ff74269bcc68da6d83ee4e5ee6727938cb7e664789717c2f26d1bf80b9edd62e7eb99de7f8ca4be2baade590a2078ea2bf43549d6fc841d86795ee819861710a931f26e1a07f6c237ce6c7cb7d12095bdf3640d2a11d563dc7c7b223e27c1e1f7eaec6db66449774156f7ddf93dfb7b091b02422cf0dc04b8a1422fbea16c8fb906cb5d2aff371af7a1d20e22709820e94f84204f92ec724346d04b1c00036941cc41af1ebc7fabd483e64a019b27abbe4a3a02a1eff3393fc458502b87be5fb1ee4226019", 0x1000}, {&(0x7f0000001380)="527cf77a08658478cd9814f89f36773ed37beab7fdf4a8c03131a3b86427f0ad882e0d13312335c4aacab36faec378256cce92e9ec46b3de150e713363257c4d9a7f8c624a922d23474de3fa7d1056156db54bb5e9ee3ac19d3c453555ab18ba98065a03d3529496d7c3bf87d348c0cfe9113324df626e9d6ea07e3d6c1280f41eddf417092058ad4348b496e94d5c167d3f09486f199b7167aa72bf5e72651b3591d1ef89d920578ffc220f319d269f6324d1a709be9a411d5cc7e1fb", 0xbd}, {&(0x7f0000000140)="27515470cf42a5e50aa145f3936ff27e0754d878d9178418", 0x18}, {&(0x7f0000000180)="5dcc6805e08dbefbef59cda2f512d88a06ade3928167d8af7b90bc1d234a7458a12ab90ef041d47d7a50c491b0301033", 0x30}, {&(0x7f0000001440)="91e1eef8a12349e7771a92de729e72737c2d0babc9fdde192ff34d0eb9b849073f700106375299cf8a97feb6545200169f5c5db1694299035139cf70d919664190e3591a", 0x44}], 0x6, 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r2 = accept$inet(0xffffffffffffff9c, &(0x7f0000000240)={0x2, 0x0, @rand_addr}, &(0x7f0000001540)=0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f00000015c0)={0x4, &(0x7f0000001580)=[{0x7, 0xfffffffffffffff7, 0x6, 0x100000000}, {0xbe32, 0x7fffffff, 0x4, 0x6}, {0x9, 0x7, 0x2, 0x7}, {0x5, 0x8007ff, 0xff, 0x7fff}]}, 0x10) r3 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100), 0x12) unshare(0x400) sendto$inet6(r0, &(0x7f0000001700)="9c4cafa7782ba09f5c1640d560a81c416ac99f2415ed0696b578765bd2d0fe6be3cbeff384a2d67d64f92b38fbc38090fe70a34a797138f5a041be5c914566881f050ab4b46bf7fe89a2a9cd176dc715fb7cc8fcf1b650014c8bcba99149a898685a1c08e0653c61380764a84bca0204a5d7769e193d4952ce152397230044e2e1b3fb6a96c28f2c40e3738e43885ff1e9ad", 0x92, 0x10, &(0x7f00000017c0)={0xa, 0x4e22, 0xff, @mcast1, 0x3ff}, 0x1c) write$FUSE_NOTIFY_INVAL_INODE(r3, &(0x7f0000001800)={0x28, 0x2, 0x0, {0x2, 0x8, 0x6}}, 0x28) 07:53:08 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00t\x00'}, 0x2c) [ 2224.460115] [27078] 0 27078 17585 8732 126976 0 0 syz-executor0 [ 2224.469059] Memory cgroup out of memory: Kill process 27078 (syz-executor0) score 1752600 or sacrifice child [ 2224.479144] Killed process 27078 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2224.489202] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2224.541739] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:08 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x60000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:08 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) [ 2224.631609] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2224.642630] syz-executor0 cpuset=/ mems_allowed=0 [ 2224.647569] CPU: 0 PID: 27134 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2224.654940] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2224.664302] Call Trace: [ 2224.666908] dump_stack+0x1c9/0x2b4 [ 2224.670555] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2224.675772] ? trace_hardirqs_on+0x10/0x10 [ 2224.680024] dump_header+0x27b/0xf64 [ 2224.683766] ? pagefault_out_of_memory+0x197/0x197 [ 2224.688224] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2224.688706] ? __lock_acquire+0x7fc/0x5020 [ 2224.688726] ? print_usage_bug+0xc0/0xc0 [ 2224.711679] ? graph_lock+0x170/0x170 [ 2224.715490] ? print_usage_bug+0xc0/0xc0 [ 2224.719571] ? trace_hardirqs_on+0x10/0x10 [ 2224.723826] ? print_usage_bug+0xc0/0xc0 07:53:08 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000300"}, 0x2c) [ 2224.724880] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2224.727898] ? lock_downgrade+0x8f0/0x8f0 [ 2224.727923] ? mark_held_locks+0xc9/0x160 [ 2224.727937] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2224.727955] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2224.727971] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2224.727987] ? trace_hardirqs_on+0xd/0x10 [ 2224.728005] ? ___ratelimit+0xaa/0x655 [ 2224.728022] ? idr_get_free+0x10c0/0x10c0 [ 2224.728038] ? kasan_check_write+0x14/0x20 07:53:08 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00l\x00'}, 0x2c) 07:53:08 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00`\x00'}, 0x2c) [ 2224.728056] ? do_raw_spin_lock+0xc1/0x200 [ 2224.728076] oom_kill_process.cold.25+0x10/0x10bc [ 2224.728099] ? oom_evaluate_task+0x540/0x540 [ 2224.728114] ? find_held_lock+0x36/0x1c0 [ 2224.728138] ? lock_downgrade+0x8f0/0x8f0 [ 2224.728158] ? kasan_check_read+0x11/0x20 [ 2224.728171] ? rcu_is_watching+0x8c/0x150 [ 2224.728184] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2224.728202] ? oom_badness+0xb00/0xb00 [ 2224.728217] ? rcu_read_unlock+0x35/0x70 [ 2224.728229] ? mem_cgroup_iter+0x4bf/0x9e0 07:53:08 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00L\x00'}, 0x2c) [ 2224.728245] ? css_task_iter_end+0x2ce/0x490 [ 2224.728261] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2224.728276] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2224.728292] ? trace_hardirqs_on+0xd/0x10 [ 2224.728304] ? _raw_spin_unlock_irq+0x27/0x70 [ 2224.728318] ? oom_badness+0xb00/0xb00 [ 2224.728333] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2224.728349] ? mem_cgroup_iter_break+0x30/0x30 [ 2224.728380] out_of_memory+0xa8a/0x14d0 [ 2224.728400] ? oom_killer_disable+0x3a0/0x3a0 [ 2224.728418] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2224.728433] ? trace_hardirqs_on+0xd/0x10 [ 2224.728454] mem_cgroup_out_of_memory+0x15e/0x210 [ 2224.887891] ? memcg_memory_event+0x40/0x40 [ 2224.892233] ? _raw_spin_unlock+0x22/0x30 [ 2224.896397] mem_cgroup_oom_synchronize+0x713/0x940 [ 2224.901426] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2224.906882] ? memcg_event_wake+0x450/0x450 [ 2224.911230] pagefault_out_of_memory+0xc8/0x197 [ 2224.915909] ? out_of_memory+0x14d0/0x14d0 [ 2224.920166] ? __handle_mm_fault+0x4460/0x4460 [ 2224.924754] mm_fault_error+0x1de/0x380 [ 2224.928745] __do_page_fault+0xd25/0xe50 07:53:09 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\n\x00'}, 0x2c) [ 2224.932827] ? mm_fault_error+0x380/0x380 [ 2224.936992] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2224.942544] ? __x64_sys_clock_gettime+0x170/0x250 [ 2224.947517] ? __ia32_sys_clock_settime+0x290/0x290 [ 2224.952546] do_page_fault+0xf6/0x8c0 [ 2224.956375] ? vmalloc_sync_all+0x30/0x30 [ 2224.960528] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2224.966072] ? do_syscall_64+0x497/0x820 [ 2224.970141] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2224.975080] ? syscall_return_slowpath+0x31d/0x5e0 [ 2224.980027] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2224.985405] ? page_fault+0x8/0x30 [ 2224.988957] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2224.993814] ? page_fault+0x8/0x30 [ 2224.997361] page_fault+0x1e/0x30 [ 2225.000818] RIP: 0033:0x40e33f [ 2225.004005] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2225.023361] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2225.028739] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2225.036034] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2225.043321] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2225.050593] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2225.057862] R13: 00007ff4a0756700 R14: 0000000000000004 R15: 0000000000000001 [ 2225.065333] Task in /ile0 killed as a result of limit of /ile0 [ 2225.071411] memory: usage 24kB, limit 20kB, failcnt 9269 [ 2225.076915] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2225.083723] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2225.089912] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2225.109460] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2225.118294] [27134] 0 27134 17618 8732 126976 0 0 syz-executor0 [ 2225.127199] [27137] 0 27137 17585 8731 131072 0 0 syz-executor6 [ 2225.136120] [27145] 0 27145 17618 8732 131072 0 0 syz-executor5 [ 2225.144989] Memory cgroup out of memory: Kill process 27134 (syz-executor0) score 1752600 or sacrifice child [ 2225.155064] Killed process 27134 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2225.167583] oom_reaper: reaped process 27134 (syz-executor0), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB [ 2225.178101] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2225.189096] syz-executor5 cpuset=/ mems_allowed=0 [ 2225.194045] CPU: 1 PID: 27145 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2225.201409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2225.210761] Call Trace: [ 2225.213345] dump_stack+0x1c9/0x2b4 [ 2225.217062] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2225.222261] ? trace_hardirqs_on+0x10/0x10 [ 2225.226507] dump_header+0x27b/0xf64 [ 2225.230218] ? pagefault_out_of_memory+0x197/0x197 [ 2225.235329] ? __lock_acquire+0x7fc/0x5020 [ 2225.239559] ? print_usage_bug+0xc0/0xc0 [ 2225.243626] ? graph_lock+0x170/0x170 [ 2225.247434] ? print_usage_bug+0xc0/0xc0 [ 2225.251497] ? trace_hardirqs_on+0x10/0x10 [ 2225.255737] ? print_usage_bug+0xc0/0xc0 [ 2225.259806] ? lock_downgrade+0x8f0/0x8f0 [ 2225.263954] ? mark_held_locks+0xc9/0x160 [ 2225.268101] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2225.272682] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2225.277777] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2225.282794] ? trace_hardirqs_on+0xd/0x10 [ 2225.286945] ? ___ratelimit+0xaa/0x655 [ 2225.290826] ? idr_get_free+0x10c0/0x10c0 [ 2225.294972] ? kasan_check_write+0x14/0x20 [ 2225.299204] ? do_raw_spin_lock+0xc1/0x200 [ 2225.303443] oom_kill_process.cold.25+0x10/0x10bc [ 2225.308282] ? oom_evaluate_task+0x540/0x540 [ 2225.312678] ? find_held_lock+0x36/0x1c0 [ 2225.316741] ? lock_downgrade+0x8f0/0x8f0 [ 2225.320895] ? kasan_check_read+0x11/0x20 [ 2225.325038] ? rcu_is_watching+0x8c/0x150 [ 2225.329182] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2225.333577] ? oom_badness+0xb00/0xb00 [ 2225.337460] ? rcu_read_unlock+0x35/0x70 [ 2225.341515] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2225.345756] ? css_task_iter_end+0x2ce/0x490 [ 2225.350175] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2225.354926] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2225.359959] ? trace_hardirqs_on+0xd/0x10 [ 2225.364102] ? _raw_spin_unlock_irq+0x27/0x70 [ 2225.368594] ? oom_badness+0xb00/0xb00 [ 2225.372472] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2225.377229] ? mem_cgroup_iter_break+0x30/0x30 [ 2225.381819] out_of_memory+0xa8a/0x14d0 [ 2225.385783] ? oom_killer_disable+0x3a0/0x3a0 [ 2225.390268] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2225.395281] ? trace_hardirqs_on+0xd/0x10 [ 2225.399452] mem_cgroup_out_of_memory+0x15e/0x210 [ 2225.404308] ? memcg_memory_event+0x40/0x40 [ 2225.408642] ? _raw_spin_unlock+0x22/0x30 [ 2225.412811] mem_cgroup_oom_synchronize+0x713/0x940 [ 2225.417940] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2225.423389] ? memcg_event_wake+0x450/0x450 [ 2225.427703] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2225.432710] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 2225.437465] pagefault_out_of_memory+0xc8/0x197 [ 2225.442151] ? out_of_memory+0x14d0/0x14d0 [ 2225.446382] ? mm_fault_error+0x30/0x380 [ 2225.450441] mm_fault_error+0x1de/0x380 [ 2225.454510] __do_page_fault+0xd25/0xe50 [ 2225.458577] ? mm_fault_error+0x380/0x380 [ 2225.462723] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2225.468265] ? __x64_sys_clock_gettime+0x170/0x250 [ 2225.473228] ? __ia32_sys_clock_settime+0x290/0x290 [ 2225.478263] do_page_fault+0xf6/0x8c0 [ 2225.482066] ? vmalloc_sync_all+0x30/0x30 [ 2225.486210] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2225.491744] ? do_syscall_64+0x497/0x820 [ 2225.495808] ? syscall_slow_exit_work+0x500/0x500 [ 2225.500660] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2225.505594] ? syscall_return_slowpath+0x31d/0x5e0 [ 2225.510535] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2225.516069] ? retint_user+0x18/0x18 [ 2225.519783] ? page_fault+0x8/0x30 [ 2225.523317] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2225.528170] ? page_fault+0x8/0x30 [ 2225.531704] page_fault+0x1e/0x30 [ 2225.535151] RIP: 0033:0x40e33f [ 2225.538320] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2225.557509] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2225.562879] RAX: 00007f1884d92000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2225.570148] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2225.577415] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2225.584686] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2225.591956] R13: 00007f1884db2700 R14: 0000000000000003 R15: 0000000000000001 [ 2225.600504] Task in /ile0 killed as a result of limit of /ile0 [ 2225.606579] memory: usage 24kB, limit 20kB, failcnt 9297 [ 2225.612064] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2225.618862] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2225.625045] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2225.644556] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2225.653360] [27137] 0 27137 17585 8731 131072 0 0 syz-executor6 [ 2225.662272] [27145] 0 27145 17618 8732 131072 0 0 syz-executor5 [ 2225.671186] Memory cgroup out of memory: Kill process 27145 (syz-executor5) score 1752800 or sacrifice child [ 2225.681229] Killed process 27145 (syz-executor5) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2225.696349] oom_reaper: reaped process 27145 (syz-executor5), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB [ 2225.734618] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2225.745730] syz-executor6 cpuset=/ mems_allowed=0 [ 2225.750661] CPU: 0 PID: 27137 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2225.758033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2225.767462] Call Trace: [ 2225.770070] dump_stack+0x1c9/0x2b4 [ 2225.773713] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2225.778920] ? trace_hardirqs_on+0x10/0x10 [ 2225.783172] dump_header+0x27b/0xf64 [ 2225.786904] ? pagefault_out_of_memory+0x197/0x197 [ 2225.791849] ? __lock_acquire+0x7fc/0x5020 [ 2225.796104] ? print_usage_bug+0xc0/0xc0 [ 2225.800184] ? graph_lock+0x170/0x170 [ 2225.803989] ? print_usage_bug+0xc0/0xc0 [ 2225.808058] ? trace_hardirqs_on+0x10/0x10 [ 2225.812292] ? print_usage_bug+0xc0/0xc0 [ 2225.816358] ? lock_downgrade+0x8f0/0x8f0 [ 2225.820506] ? mark_held_locks+0xc9/0x160 [ 2225.824653] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2225.829225] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2225.834319] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2225.839326] ? trace_hardirqs_on+0xd/0x10 [ 2225.843466] ? ___ratelimit+0xaa/0x655 [ 2225.847346] ? idr_get_free+0x10c0/0x10c0 [ 2225.851483] ? kasan_check_write+0x14/0x20 [ 2225.855724] ? do_raw_spin_lock+0xc1/0x200 [ 2225.859958] oom_kill_process.cold.25+0x10/0x10bc [ 2225.864793] ? oom_evaluate_task+0x540/0x540 [ 2225.869186] ? find_held_lock+0x36/0x1c0 [ 2225.873237] ? lock_downgrade+0x8f0/0x8f0 [ 2225.877375] ? kasan_check_read+0x11/0x20 [ 2225.881506] ? rcu_is_watching+0x8c/0x150 [ 2225.885647] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2225.890053] ? oom_badness+0xb00/0xb00 [ 2225.893939] ? rcu_read_unlock+0x35/0x70 [ 2225.897996] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2225.902229] ? css_task_iter_end+0x2ce/0x490 [ 2225.906629] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2225.911395] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2225.916410] ? trace_hardirqs_on+0xd/0x10 [ 2225.920549] ? _raw_spin_unlock_irq+0x27/0x70 [ 2225.925043] ? oom_badness+0xb00/0xb00 [ 2225.928925] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2225.933689] ? mem_cgroup_iter_break+0x30/0x30 [ 2225.938279] out_of_memory+0xa8a/0x14d0 [ 2225.942249] ? oom_killer_disable+0x3a0/0x3a0 [ 2225.946735] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2225.951749] ? trace_hardirqs_on+0xd/0x10 [ 2225.955909] mem_cgroup_out_of_memory+0x15e/0x210 [ 2225.960747] ? memcg_memory_event+0x40/0x40 [ 2225.965065] ? _raw_spin_unlock+0x22/0x30 [ 2225.969205] mem_cgroup_oom_synchronize+0x713/0x940 [ 2225.974220] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2225.979668] ? memcg_event_wake+0x450/0x450 [ 2225.983988] pagefault_out_of_memory+0xc8/0x197 [ 2225.988647] ? out_of_memory+0x14d0/0x14d0 [ 2225.992875] ? __handle_mm_fault+0x4460/0x4460 [ 2225.997447] mm_fault_error+0x1de/0x380 [ 2226.001414] __do_page_fault+0xd25/0xe50 [ 2226.005477] ? mm_fault_error+0x380/0x380 [ 2226.009616] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2226.015157] do_page_fault+0xf6/0x8c0 [ 2226.018960] ? vmalloc_sync_all+0x30/0x30 [ 2226.023101] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2226.028627] ? do_syscall_64+0x497/0x820 [ 2226.032678] ? syscall_slow_exit_work+0x500/0x500 [ 2226.037510] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2226.042436] ? syscall_return_slowpath+0x31d/0x5e0 [ 2226.047358] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2226.052893] ? retint_user+0x18/0x18 [ 2226.056601] ? page_fault+0x8/0x30 [ 2226.060129] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2226.064967] ? page_fault+0x8/0x30 [ 2226.068494] page_fault+0x1e/0x30 [ 2226.071947] RIP: 0033:0x46f8fd [ 2226.075119] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2226.094430] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2226.099787] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2226.107056] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2226.114325] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2226.121588] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2226.128967] R13: 0000000000a3fc20 R14: 0000000000000004 R15: 0000000000000001 [ 2226.136283] Task in /ile0 killed as a result of limit of /ile0 [ 2226.142364] memory: usage 24kB, limit 20kB, failcnt 9305 [ 2226.147837] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2226.154618] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2226.160783] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 07:53:10 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x16a, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:10 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00'}, 0x2c) 07:53:10 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000140)=ANY=[@ANYBLOB="b5f5057b3b7472a7148562ebdfd1ed020000000000000001000000000000000600000000000000000000000070158a5543d8146bee3f446e232793a58c71f62f3c78cc1041808da4553ce7eb4ae6c63f70ad3adacb392e3376de2a2b401595775d871ba040bfdda82197dd04ad1b0c0bbab7b2e0000000000000000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x40020200) 07:53:10 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x1e1, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:10 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x1, 0x0) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000140)=0x0) fcntl$lock(r0, 0x6, &(0x7f0000000180)={0x2, 0x2, 0x7bda, 0x6, r1}) fcntl$setlease(r0, 0x400, 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r2 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0x12) unshare(0x400) 07:53:10 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) socketpair$packet(0x11, 0x2, 0x300, &(0x7f0000000000)) unshare(0x4000000) 07:53:10 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10]}}, 0x1c) 07:53:10 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x5000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2226.180279] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2226.189126] [27137] 0 27137 17585 8731 131072 0 0 syz-executor6 [ 2226.197996] Memory cgroup out of memory: Kill process 27137 (syz-executor6) score 1752600 or sacrifice child [ 2226.208075] Killed process 27137 (syz-executor6) total-vm:70340kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB [ 2226.278559] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2226.312599] socket: no more sockets [ 2226.316433] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2226.347738] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2226.358856] syz-executor5 cpuset=/ mems_allowed=0 [ 2226.363837] CPU: 0 PID: 27180 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 07:53:10 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x500}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2226.371209] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2226.380571] Call Trace: [ 2226.383176] dump_stack+0x1c9/0x2b4 [ 2226.386823] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2226.392038] ? trace_hardirqs_on+0x10/0x10 [ 2226.396296] dump_header+0x27b/0xf64 [ 2226.400035] ? pagefault_out_of_memory+0x197/0x197 [ 2226.404984] ? __lock_acquire+0x7fc/0x5020 [ 2226.409238] ? print_usage_bug+0xc0/0xc0 [ 2226.413318] ? graph_lock+0x170/0x170 [ 2226.417171] ? print_usage_bug+0xc0/0xc0 [ 2226.421251] ? trace_hardirqs_on+0x10/0x10 07:53:10 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000100"}, 0x2c) [ 2226.425507] ? print_usage_bug+0xc0/0xc0 [ 2226.429589] ? lock_downgrade+0x8f0/0x8f0 [ 2226.433764] ? mark_held_locks+0xc9/0x160 [ 2226.437923] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2226.442513] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2226.447634] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2226.452668] ? trace_hardirqs_on+0xd/0x10 [ 2226.456833] ? ___ratelimit+0xaa/0x655 [ 2226.460737] ? idr_get_free+0x10c0/0x10c0 [ 2226.464903] ? kasan_check_write+0x14/0x20 [ 2226.469152] ? do_raw_spin_lock+0xc1/0x200 [ 2226.473408] oom_kill_process.cold.25+0x10/0x10bc [ 2226.475101] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2226.478299] ? oom_evaluate_task+0x540/0x540 [ 2226.478317] ? find_held_lock+0x36/0x1c0 [ 2226.478341] ? lock_downgrade+0x8f0/0x8f0 [ 2226.478362] ? kasan_check_read+0x11/0x20 [ 2226.478373] ? rcu_is_watching+0x8c/0x150 [ 2226.478386] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2226.478403] ? oom_badness+0xb00/0xb00 [ 2226.478419] ? rcu_read_unlock+0x35/0x70 07:53:10 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00'}, 0x2c) [ 2226.478431] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2226.478446] ? css_task_iter_end+0x2ce/0x490 [ 2226.478462] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2226.478475] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2226.478491] ? trace_hardirqs_on+0xd/0x10 [ 2226.478506] ? _raw_spin_unlock_irq+0x27/0x70 [ 2226.478519] ? oom_badness+0xb00/0xb00 [ 2226.478534] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2226.478551] ? mem_cgroup_iter_break+0x30/0x30 [ 2226.478580] out_of_memory+0xa8a/0x14d0 [ 2226.478600] ? oom_killer_disable+0x3a0/0x3a0 07:53:10 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000000000100"}, 0x2c) 07:53:10 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0xb8, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2226.478618] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2226.478633] ? trace_hardirqs_on+0xd/0x10 [ 2226.478656] mem_cgroup_out_of_memory+0x15e/0x210 [ 2226.478672] ? memcg_memory_event+0x40/0x40 [ 2226.478691] ? _raw_spin_unlock+0x22/0x30 [ 2226.478709] mem_cgroup_oom_synchronize+0x713/0x940 [ 2226.478726] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2226.478740] ? memcg_event_wake+0x450/0x450 [ 2226.478768] pagefault_out_of_memory+0xc8/0x197 [ 2226.478781] ? out_of_memory+0x14d0/0x14d0 [ 2226.478804] ? __handle_mm_fault+0x4460/0x4460 [ 2226.478821] mm_fault_error+0x1de/0x380 07:53:10 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x181, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:10 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00h\x00'}, 0x2c) [ 2226.478840] __do_page_fault+0xd25/0xe50 [ 2226.478860] ? mm_fault_error+0x380/0x380 [ 2226.478877] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2226.478904] ? __x64_sys_clock_gettime+0x170/0x250 [ 2226.478918] ? __ia32_sys_clock_settime+0x290/0x290 [ 2226.478935] do_page_fault+0xf6/0x8c0 [ 2226.478951] ? vmalloc_sync_all+0x30/0x30 [ 2226.478963] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2226.478982] ? do_syscall_64+0x497/0x820 07:53:10 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000400"}, 0x2c) [ 2226.531406] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2226.535442] ? syscall_slow_exit_work+0x500/0x500 [ 2226.535459] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2226.535477] ? syscall_return_slowpath+0x31d/0x5e0 [ 2226.700611] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2226.705992] ? page_fault+0x8/0x30 [ 2226.709551] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2226.714414] ? page_fault+0x8/0x30 [ 2226.717973] page_fault+0x1e/0x30 [ 2226.721433] RIP: 0033:0x46f8fd 07:53:10 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00c\x00'}, 0x2c) 07:53:10 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00h\x00'}, 0x2c) [ 2226.724624] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2226.743979] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2226.749361] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2226.756647] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2226.763930] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2226.771211] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2226.778490] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2226.785979] Task in /ile0 killed as a result of limit of /ile0 [ 2226.792044] memory: usage 24kB, limit 20kB, failcnt 9413 [ 2226.797546] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2226.804365] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2226.810562] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2226.830058] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2226.838925] [27180] 0 27180 17585 8732 131072 0 0 syz-executor5 [ 2226.847831] [27183] 0 27183 17585 8732 126976 0 0 syz-executor0 [ 2226.856757] [27188] 0 27188 17585 8731 131072 0 0 syz-executor6 [ 2226.865660] Memory cgroup out of memory: Kill process 27180 (syz-executor5) score 1752800 or sacrifice child [ 2226.875766] Killed process 27180 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2226.889796] oom_reaper: reaped process 27180 (syz-executor5), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB [ 2226.901829] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2226.912793] syz-executor0 cpuset=/ mems_allowed=0 [ 2226.917752] CPU: 0 PID: 27183 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2226.925119] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2226.934484] Call Trace: [ 2226.937092] dump_stack+0x1c9/0x2b4 [ 2226.940751] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2226.945964] ? trace_hardirqs_on+0x10/0x10 [ 2226.950225] dump_header+0x27b/0xf64 [ 2226.953949] ? pagefault_out_of_memory+0x197/0x197 [ 2226.958883] ? __lock_acquire+0x7fc/0x5020 [ 2226.963121] ? print_usage_bug+0xc0/0xc0 [ 2226.967190] ? graph_lock+0x170/0x170 [ 2226.970988] ? print_usage_bug+0xc0/0xc0 [ 2226.975066] ? trace_hardirqs_on+0x10/0x10 [ 2226.979319] ? print_usage_bug+0xc0/0xc0 [ 2226.983387] ? lock_downgrade+0x8f0/0x8f0 [ 2226.987532] ? mark_held_locks+0xc9/0x160 [ 2226.991674] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2226.996246] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2227.001344] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2227.006349] ? trace_hardirqs_on+0xd/0x10 [ 2227.010497] ? ___ratelimit+0xaa/0x655 [ 2227.014385] ? idr_get_free+0x10c0/0x10c0 [ 2227.018527] ? kasan_check_write+0x14/0x20 [ 2227.022766] ? do_raw_spin_lock+0xc1/0x200 [ 2227.027009] oom_kill_process.cold.25+0x10/0x10bc [ 2227.031857] ? oom_evaluate_task+0x540/0x540 [ 2227.036254] ? find_held_lock+0x36/0x1c0 [ 2227.040321] ? lock_downgrade+0x8f0/0x8f0 [ 2227.044463] ? kasan_check_read+0x11/0x20 [ 2227.048598] ? rcu_is_watching+0x8c/0x150 [ 2227.052742] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2227.057157] ? oom_badness+0xb00/0xb00 [ 2227.061043] ? rcu_read_unlock+0x35/0x70 [ 2227.065096] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2227.069321] ? css_task_iter_end+0x2ce/0x490 [ 2227.073730] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2227.078473] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2227.083481] ? trace_hardirqs_on+0xd/0x10 [ 2227.087615] ? _raw_spin_unlock_irq+0x27/0x70 [ 2227.092111] ? oom_badness+0xb00/0xb00 [ 2227.095999] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2227.100749] ? mem_cgroup_iter_break+0x30/0x30 [ 2227.105334] out_of_memory+0xa8a/0x14d0 [ 2227.109310] ? oom_killer_disable+0x3a0/0x3a0 [ 2227.113797] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2227.118803] ? trace_hardirqs_on+0xd/0x10 [ 2227.122959] mem_cgroup_out_of_memory+0x15e/0x210 [ 2227.127800] ? memcg_memory_event+0x40/0x40 [ 2227.132127] ? _raw_spin_unlock+0x22/0x30 [ 2227.136267] mem_cgroup_oom_synchronize+0x713/0x940 [ 2227.141285] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2227.146735] ? memcg_event_wake+0x450/0x450 [ 2227.151060] pagefault_out_of_memory+0xc8/0x197 [ 2227.155730] ? out_of_memory+0x14d0/0x14d0 [ 2227.159967] ? __handle_mm_fault+0x4460/0x4460 [ 2227.164542] mm_fault_error+0x1de/0x380 [ 2227.168514] __do_page_fault+0xd25/0xe50 [ 2227.172589] ? mm_fault_error+0x380/0x380 [ 2227.176734] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2227.182259] ? __x64_sys_clock_gettime+0x170/0x250 [ 2227.187176] ? __ia32_sys_clock_settime+0x290/0x290 [ 2227.192181] do_page_fault+0xf6/0x8c0 [ 2227.195985] ? vmalloc_sync_all+0x30/0x30 [ 2227.200123] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2227.205653] ? do_syscall_64+0x497/0x820 [ 2227.209705] ? syscall_slow_exit_work+0x500/0x500 [ 2227.214538] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2227.219463] ? syscall_return_slowpath+0x31d/0x5e0 [ 2227.224393] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2227.229927] ? retint_user+0x18/0x18 [ 2227.233642] ? page_fault+0x8/0x30 [ 2227.237174] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2227.242024] ? page_fault+0x8/0x30 [ 2227.245569] page_fault+0x1e/0x30 [ 2227.249030] RIP: 0033:0x46f8fd [ 2227.252211] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2227.271397] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2227.276754] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2227.284038] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2227.291318] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2227.298581] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2227.305850] R13: 0000000000a3fc20 R14: 0000000000000001 R15: 0000000000000001 [ 2227.313298] Task in /ile0 killed as a result of limit of /ile0 [ 2227.319370] memory: usage 24kB, limit 20kB, failcnt 9429 [ 2227.324864] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2227.331660] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2227.337834] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2227.357326] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2227.366817] [27183] 0 27183 17585 8732 126976 0 0 syz-executor0 [ 2227.375715] [27188] 0 27188 17585 8731 131072 0 0 syz-executor6 [ 2227.384590] Memory cgroup out of memory: Kill process 27183 (syz-executor0) score 1752600 or sacrifice child [ 2227.394625] Killed process 27183 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2227.406650] oom_reaper: reaped process 27183 (syz-executor0), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2227.428569] syz-executor6 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2227.439595] syz-executor6 cpuset=/ mems_allowed=0 [ 2227.444533] CPU: 0 PID: 27188 Comm: syz-executor6 Not tainted 4.18.0-rc7+ #177 [ 2227.451899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2227.461258] Call Trace: [ 2227.463864] dump_stack+0x1c9/0x2b4 [ 2227.467512] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2227.472732] ? trace_hardirqs_on+0x10/0x10 [ 2227.477014] dump_header+0x27b/0xf64 [ 2227.480759] ? pagefault_out_of_memory+0x197/0x197 [ 2227.485724] ? __lock_acquire+0x7fc/0x5020 [ 2227.489972] ? print_usage_bug+0xc0/0xc0 [ 2227.494050] ? graph_lock+0x170/0x170 [ 2227.497887] ? print_usage_bug+0xc0/0xc0 [ 2227.501967] ? trace_hardirqs_on+0x10/0x10 [ 2227.506485] ? print_usage_bug+0xc0/0xc0 [ 2227.510577] ? lock_downgrade+0x8f0/0x8f0 [ 2227.514752] ? mark_held_locks+0xc9/0x160 [ 2227.518889] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2227.523460] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2227.528549] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2227.533555] ? trace_hardirqs_on+0xd/0x10 [ 2227.537692] ? ___ratelimit+0xaa/0x655 [ 2227.541569] ? idr_get_free+0x10c0/0x10c0 [ 2227.545703] ? kasan_check_write+0x14/0x20 [ 2227.549926] ? do_raw_spin_lock+0xc1/0x200 [ 2227.554156] oom_kill_process.cold.25+0x10/0x10bc [ 2227.558992] ? oom_evaluate_task+0x540/0x540 [ 2227.563388] ? find_held_lock+0x36/0x1c0 [ 2227.567440] ? lock_downgrade+0x8f0/0x8f0 [ 2227.571584] ? kasan_check_read+0x11/0x20 [ 2227.575715] ? rcu_is_watching+0x8c/0x150 [ 2227.579846] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2227.584249] ? oom_badness+0xb00/0xb00 [ 2227.588124] ? rcu_read_unlock+0x35/0x70 [ 2227.592180] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2227.596420] ? css_task_iter_end+0x2ce/0x490 [ 2227.600822] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2227.605568] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2227.610571] ? trace_hardirqs_on+0xd/0x10 [ 2227.614704] ? _raw_spin_unlock_irq+0x27/0x70 [ 2227.619183] ? oom_badness+0xb00/0xb00 [ 2227.623069] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2227.627814] ? mem_cgroup_iter_break+0x30/0x30 [ 2227.632396] out_of_memory+0xa8a/0x14d0 [ 2227.636359] ? oom_killer_disable+0x3a0/0x3a0 [ 2227.640854] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2227.645868] ? trace_hardirqs_on+0xd/0x10 [ 2227.650026] mem_cgroup_out_of_memory+0x15e/0x210 [ 2227.654864] ? memcg_memory_event+0x40/0x40 [ 2227.659339] ? _raw_spin_unlock+0x22/0x30 [ 2227.663482] mem_cgroup_oom_synchronize+0x713/0x940 [ 2227.668496] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2227.673934] ? memcg_event_wake+0x450/0x450 [ 2227.678248] pagefault_out_of_memory+0xc8/0x197 [ 2227.682904] ? out_of_memory+0x14d0/0x14d0 [ 2227.687145] ? __handle_mm_fault+0x4460/0x4460 [ 2227.691733] mm_fault_error+0x1de/0x380 [ 2227.695716] __do_page_fault+0xd25/0xe50 [ 2227.699767] ? mm_fault_error+0x380/0x380 [ 2227.703907] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2227.709431] ? __x64_sys_clock_gettime+0x170/0x250 [ 2227.714345] ? __ia32_sys_clock_settime+0x290/0x290 [ 2227.719362] do_page_fault+0xf6/0x8c0 [ 2227.723159] ? vmalloc_sync_all+0x30/0x30 [ 2227.727295] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2227.732829] ? do_syscall_64+0x497/0x820 [ 2227.736879] ? syscall_slow_exit_work+0x500/0x500 [ 2227.741707] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2227.746623] ? syscall_return_slowpath+0x31d/0x5e0 [ 2227.751541] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2227.757080] ? retint_user+0x18/0x18 [ 2227.760786] ? page_fault+0x8/0x30 [ 2227.764312] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2227.769141] ? page_fault+0x8/0x30 [ 2227.772663] page_fault+0x1e/0x30 [ 2227.776099] RIP: 0033:0x46f8fd [ 2227.779283] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2227.798476] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2227.803837] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2227.811092] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2227.818347] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2227.825609] R10: 0000000001b44940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2227.832882] R13: 0000000000a3fc20 R14: 0000000000000002 R15: 0000000000000001 [ 2227.840392] Task in /ile0 killed as a result of limit of /ile0 [ 2227.846457] memory: usage 24kB, limit 20kB, failcnt 9437 [ 2227.851933] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2227.858711] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2227.864880] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 07:53:12 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000340)={0x400, 0xa, 0x41f, 0x1, 0x0}, &(0x7f0000000380)=0x10) getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000003c0)={r1, @in={{0x2, 0x4e24, @loopback}}, 0x1, 0x8, 0x6}, &(0x7f0000000480)=0x98) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000500)=ANY=[@ANYRES64=r0, @ANYPTR=&(0x7f0000000180)=ANY=[@ANYRES64=0x0, @ANYRESHEX], @ANYRESOCT=r0, @ANYRES32=r0, @ANYRESDEC=r0, @ANYRESDEC=r0]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000300), 0x4) r2 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r3 = openat$cgroup_procs(r2, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0x12) lstat(&(0x7f0000000140)='./file0//ile0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) r5 = getegid() fchown(r0, r4, r5) unshare(0x40020200) ppoll(&(0x7f00000004c0)=[{r3, 0x8044}, {r0, 0x8}, {r0, 0x1}, {r3, 0x20}], 0x4, &(0x7f0000000580), &(0x7f00000005c0)={0x1ae}, 0x8) 07:53:12 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\n\x00'}, 0x2c) 07:53:12 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x131, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:12 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x19, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:12 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x4) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) ioctl$SG_SET_DEBUG(r0, 0x227e, &(0x7f0000000000)=0x1) 07:53:12 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4888]}}, 0x1c) 07:53:12 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x6000000000000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:12 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) ioctl$RTC_WIE_ON(r0, 0x700f) unshare(0x4000000) [ 2227.884392] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2227.893224] [27188] 0 27188 17585 8731 131072 0 0 syz-executor6 [ 2227.902091] Memory cgroup out of memory: Kill process 27188 (syz-executor6) score 1752600 or sacrifice child [ 2227.912142] Killed process 27188 (syz-executor6) total-vm:70340kB, anon-rss:2156kB, file-rss:32768kB, shmem-rss:0kB [ 2227.924369] oom_reaper: reaped process 27188 (syz-executor6), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB 07:53:12 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00h\x00'}, 0x2c) [ 2227.990065] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:12 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0xca85a540ccce669f) [ 2228.032540] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2228.036584] IPVS: ftp: loaded support on port[0] = 21 [ 2228.086984] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2228.098088] syz-executor5 cpuset=/ mems_allowed=0 [ 2228.103046] CPU: 1 PID: 27241 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2228.110415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2228.119777] Call Trace: [ 2228.122382] dump_stack+0x1c9/0x2b4 [ 2228.126026] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2228.131241] ? trace_hardirqs_on+0x10/0x10 07:53:12 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\a\x00'}, 0x2c) [ 2228.135495] dump_header+0x27b/0xf64 [ 2228.139236] ? pagefault_out_of_memory+0x197/0x197 [ 2228.141563] IPVS: ftp: loaded support on port[0] = 21 [ 2228.144187] ? __lock_acquire+0x7fc/0x5020 [ 2228.144208] ? print_usage_bug+0xc0/0xc0 [ 2228.144230] ? graph_lock+0x170/0x170 [ 2228.144254] ? print_usage_bug+0xc0/0xc0 [ 2228.166453] ? trace_hardirqs_on+0x10/0x10 [ 2228.170710] ? print_usage_bug+0xc0/0xc0 [ 2228.174792] ? lock_downgrade+0x8f0/0x8f0 [ 2228.178959] ? mark_held_locks+0xc9/0x160 [ 2228.183121] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2228.187719] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2228.192841] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2228.197876] ? trace_hardirqs_on+0xd/0x10 [ 2228.202042] ? ___ratelimit+0xaa/0x655 [ 2228.205937] ? idr_get_free+0x10c0/0x10c0 [ 2228.210091] ? kasan_check_write+0x14/0x20 [ 2228.214334] ? do_raw_spin_lock+0xc1/0x200 [ 2228.218581] oom_kill_process.cold.25+0x10/0x10bc [ 2228.223441] ? oom_evaluate_task+0x540/0x540 [ 2228.227853] ? find_held_lock+0x36/0x1c0 [ 2228.231927] ? lock_downgrade+0x8f0/0x8f0 07:53:12 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000]}}, 0x1c) 07:53:12 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x16b, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:12 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x64, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2228.236092] ? kasan_check_read+0x11/0x20 [ 2228.240251] ? rcu_is_watching+0x8c/0x150 [ 2228.244404] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2228.248827] ? oom_badness+0xb00/0xb00 [ 2228.252724] ? rcu_read_unlock+0x35/0x70 [ 2228.256793] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2228.261536] ? css_task_iter_end+0x2ce/0x490 [ 2228.265958] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2228.270721] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2228.275750] ? trace_hardirqs_on+0xd/0x10 [ 2228.279909] ? _raw_spin_unlock_irq+0x27/0x70 [ 2228.284415] ? oom_badness+0xb00/0xb00 07:53:12 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x9000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2228.288314] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2228.293087] ? mem_cgroup_iter_break+0x30/0x30 [ 2228.297698] out_of_memory+0xa8a/0x14d0 [ 2228.301712] ? oom_killer_disable+0x3a0/0x3a0 [ 2228.306231] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2228.311261] ? trace_hardirqs_on+0xd/0x10 [ 2228.315428] mem_cgroup_out_of_memory+0x15e/0x210 [ 2228.320285] ? memcg_memory_event+0x40/0x40 [ 2228.324625] ? _raw_spin_unlock+0x22/0x30 [ 2228.328792] mem_cgroup_oom_synchronize+0x713/0x940 07:53:12 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00`\x00'}, 0x2c) [ 2228.333823] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2228.339285] ? memcg_event_wake+0x450/0x450 [ 2228.343637] pagefault_out_of_memory+0xc8/0x197 [ 2228.348317] ? out_of_memory+0x14d0/0x14d0 [ 2228.352593] ? __handle_mm_fault+0x4460/0x4460 [ 2228.357190] mm_fault_error+0x1de/0x380 [ 2228.361187] __do_page_fault+0xd25/0xe50 [ 2228.365274] ? mm_fault_error+0x380/0x380 [ 2228.369435] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2228.374985] ? __x64_sys_clock_gettime+0x170/0x250 [ 2228.379927] ? __ia32_sys_clock_settime+0x290/0x290 [ 2228.384957] do_page_fault+0xf6/0x8c0 [ 2228.388788] ? vmalloc_sync_all+0x30/0x30 [ 2228.392976] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2228.398520] ? do_syscall_64+0x497/0x820 [ 2228.402588] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2228.407527] ? syscall_return_slowpath+0x31d/0x5e0 [ 2228.412489] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2228.417862] ? page_fault+0x8/0x30 [ 2228.421410] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2228.426261] ? page_fault+0x8/0x30 [ 2228.429803] page_fault+0x1e/0x30 [ 2228.433256] RIP: 0033:0x46f8fd [ 2228.436440] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2228.455801] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2228.461177] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2228.468454] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2228.475744] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2228.483026] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2228.490328] R13: 0000000000a3fc20 R14: 0000000000000001 R15: 0000000000000001 [ 2228.497699] Task in /ile0 killed as a result of limit of /ile0 [ 2228.503794] memory: usage 24kB, limit 20kB, failcnt 9477 [ 2228.509315] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2228.516124] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2228.519577] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2228.523465] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2228.551194] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2228.557645] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 07:53:12 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000280)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1e70200000000000000010000000000000006000000000000000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r0, &(0x7f0000000140), 0x12) unshare(0x40020200) 07:53:12 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000000000000100"}, 0x2c) 07:53:12 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0xee, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:12 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x7, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:12 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x6, 0x8843) setsockopt$inet6_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000380), 0x4) r1 = gettid() capget(&(0x7f0000000280)={0x20080522, r1}, &(0x7f0000000480)={0x8000, 0x6, 0x0, 0x2, 0x2, 0x100}) getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(0xffffffffffffffff, 0x84, 0x6d, &(0x7f00000003c0)=ANY=[@ANYRES32=0x0, @ANYBLOB="29d0bd243c8dd96109d35561257f85ee26ca25e53fd6e51546dc0d81978a7462b0b5c0d305c73581e46df6b2f2f1c7d8dc30a16fcc00047f73aca95ca106204cecc88350fa0f7acf8c0b2110147c253e5908323b85cd93d2e824c1cb820a844fdadc6966bb676060f020d970abdc2b2cace87207de90cea09262d4e9a4d3332348770caacc936ffeca38829c196ee7c4dbd8b038cbe28c90a15c04fc582d6665877052cf40f14a8c7b21772c3a24947525de3c"], &(0x7f00000002c0)=0x31) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000300)={r2, 0x7}, &(0x7f0000000340)=0x8) r3 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) connect$unix(r3, &(0x7f0000000140)=@abs={0x1, 0x0, 0x4e24}, 0x6e) write$cgroup_pid(r4, &(0x7f0000000100), 0x12) unshare(0x2000000) 07:53:12 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00H\x00'}, 0x2c) [ 2228.557872] [27241] 0 27241 17585 8732 131072 0 0 syz-executor5 [ 2228.557904] [27273] 0 27273 17585 8732 126976 0 0 syz-executor0 [ 2228.557926] Memory cgroup out of memory: Kill process 27241 (syz-executor5) score 1752800 or sacrifice child [ 2228.557975] Killed process 27241 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2228.583617] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2228.632450] syz-executor0 cpuset=/ mems_allowed=0 07:53:12 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000500"}, 0x2c) [ 2228.637488] CPU: 1 PID: 27273 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2228.644856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2228.654304] Call Trace: [ 2228.656915] dump_stack+0x1c9/0x2b4 [ 2228.660567] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2228.665777] ? trace_hardirqs_on+0x10/0x10 [ 2228.670049] dump_header+0x27b/0xf64 [ 2228.673791] ? pagefault_out_of_memory+0x197/0x197 [ 2228.678738] ? __lock_acquire+0x7fc/0x5020 [ 2228.682988] ? print_usage_bug+0xc0/0xc0 07:53:12 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00c\x00'}, 0x2c) 07:53:12 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00l\x00'}, 0x2c) [ 2228.687063] ? graph_lock+0x170/0x170 [ 2228.690873] ? print_usage_bug+0xc0/0xc0 [ 2228.694950] ? trace_hardirqs_on+0x10/0x10 [ 2228.699219] ? print_usage_bug+0xc0/0xc0 [ 2228.703304] ? lock_downgrade+0x8f0/0x8f0 [ 2228.707478] ? mark_held_locks+0xc9/0x160 [ 2228.711632] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2228.716256] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2228.721380] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2228.726411] ? trace_hardirqs_on+0xd/0x10 [ 2228.730577] ? ___ratelimit+0xaa/0x655 [ 2228.734485] ? idr_get_free+0x10c0/0x10c0 [ 2228.738640] ? kasan_check_write+0x14/0x20 [ 2228.742888] ? do_raw_spin_lock+0xc1/0x200 [ 2228.747156] oom_kill_process.cold.25+0x10/0x10bc [ 2228.752029] ? oom_evaluate_task+0x540/0x540 [ 2228.756456] ? find_held_lock+0x36/0x1c0 [ 2228.760554] ? lock_downgrade+0x8f0/0x8f0 [ 2228.764742] ? kasan_check_read+0x11/0x20 [ 2228.768903] ? rcu_is_watching+0x8c/0x150 [ 2228.773060] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2228.777478] ? oom_badness+0xb00/0xb00 [ 2228.781381] ? rcu_read_unlock+0x35/0x70 [ 2228.785457] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2228.789702] ? css_task_iter_end+0x2ce/0x490 [ 2228.794127] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2228.798891] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2228.803920] ? trace_hardirqs_on+0xd/0x10 [ 2228.808107] ? _raw_spin_unlock_irq+0x27/0x70 [ 2228.812613] ? oom_badness+0xb00/0xb00 [ 2228.816515] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2228.821286] ? mem_cgroup_iter_break+0x30/0x30 [ 2228.827273] out_of_memory+0xa8a/0x14d0 [ 2228.831244] ? oom_killer_disable+0x3a0/0x3a0 [ 2228.835745] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2228.840775] ? trace_hardirqs_on+0xd/0x10 [ 2228.844927] mem_cgroup_out_of_memory+0x15e/0x210 [ 2228.849757] ? memcg_memory_event+0x40/0x40 [ 2228.854079] ? _raw_spin_unlock+0x22/0x30 [ 2228.858229] mem_cgroup_oom_synchronize+0x713/0x940 [ 2228.863241] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2228.868687] ? memcg_event_wake+0x450/0x450 [ 2228.873000] pagefault_out_of_memory+0xc8/0x197 [ 2228.877677] ? out_of_memory+0x14d0/0x14d0 [ 2228.881901] ? __handle_mm_fault+0x4460/0x4460 [ 2228.886469] mm_fault_error+0x1de/0x380 [ 2228.890441] __do_page_fault+0xd25/0xe50 [ 2228.894502] ? mm_fault_error+0x380/0x380 [ 2228.898654] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2228.904182] ? exit_to_usermode_loop+0x1f4/0x370 [ 2228.908924] ? syscall_slow_exit_work+0x500/0x500 [ 2228.913751] do_page_fault+0xf6/0x8c0 [ 2228.917535] ? vmalloc_sync_all+0x30/0x30 [ 2228.921679] ? do_syscall_64+0x497/0x820 [ 2228.925730] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2228.930650] ? syscall_return_slowpath+0x31d/0x5e0 [ 2228.935579] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2228.941371] ? retint_user+0x18/0x18 [ 2228.945086] ? page_fault+0x8/0x30 [ 2228.948613] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2228.953445] ? page_fault+0x8/0x30 [ 2228.956989] page_fault+0x1e/0x30 [ 2228.960438] RIP: 0033:0x46f8fd [ 2228.963605] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2228.982784] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2228.988140] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2228.995410] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2229.002753] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2229.010029] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2229.017287] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2229.024642] Task in /ile0 killed as a result of limit of /ile0 [ 2229.030731] memory: usage 24kB, limit 20kB, failcnt 9485 [ 2229.036222] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2229.043043] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2229.049240] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2229.068999] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2229.077824] [27273] 0 27273 17585 8732 126976 0 0 syz-executor0 07:53:13 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='ufs\x00', 0x0, 0x0) r0 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x400, 0x0) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0x7, &(0x7f0000000140)={0x5, 0x8, 0xffffffffffffff4a, 0x9}, 0x10) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:13 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00c\x00'}, 0x2c) [ 2229.086833] Memory cgroup out of memory: Kill process 27273 (syz-executor0) score 1752600 or sacrifice child [ 2229.096877] Killed process 27273 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:13 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88480000]}}, 0x1c) 07:53:13 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1f6, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:13 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x3, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:13 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xc3ffffff}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:13 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000001100"}, 0x2c) [ 2229.239432] IPVS: ftp: loaded support on port[0] = 21 [ 2229.250443] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2229.261480] syz-executor5 cpuset=/ mems_allowed=0 [ 2229.266447] CPU: 1 PID: 27322 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2229.273812] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2229.283608] Call Trace: [ 2229.286217] dump_stack+0x1c9/0x2b4 [ 2229.289867] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2229.295083] ? trace_hardirqs_on+0x10/0x10 [ 2229.299336] dump_header+0x27b/0xf64 [ 2229.303077] ? pagefault_out_of_memory+0x197/0x197 [ 2229.308022] ? __lock_acquire+0x7fc/0x5020 [ 2229.312274] ? print_usage_bug+0xc0/0xc0 [ 2229.316358] ? graph_lock+0x170/0x170 [ 2229.320172] ? print_usage_bug+0xc0/0xc0 [ 2229.324251] ? trace_hardirqs_on+0x10/0x10 [ 2229.328510] ? print_usage_bug+0xc0/0xc0 [ 2229.332591] ? lock_downgrade+0x8f0/0x8f0 [ 2229.336756] ? mark_held_locks+0xc9/0x160 [ 2229.340910] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2229.345501] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2229.350619] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2229.355652] ? trace_hardirqs_on+0xd/0x10 [ 2229.359831] ? ___ratelimit+0xaa/0x655 [ 2229.363743] ? idr_get_free+0x10c0/0x10c0 [ 2229.367904] ? kasan_check_write+0x14/0x20 [ 2229.372154] ? do_raw_spin_lock+0xc1/0x200 [ 2229.376407] oom_kill_process.cold.25+0x10/0x10bc [ 2229.381268] ? oom_evaluate_task+0x540/0x540 [ 2229.385688] ? find_held_lock+0x36/0x1c0 [ 2229.389767] ? lock_downgrade+0x8f0/0x8f0 [ 2229.393929] ? kasan_check_read+0x11/0x20 [ 2229.398092] ? rcu_is_watching+0x8c/0x150 [ 2229.402277] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2229.406709] ? oom_badness+0xb00/0xb00 [ 2229.410609] ? rcu_read_unlock+0x35/0x70 [ 2229.414711] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2229.418956] ? css_task_iter_end+0x2ce/0x490 [ 2229.423374] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2229.428142] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2229.433168] ? trace_hardirqs_on+0xd/0x10 [ 2229.437327] ? _raw_spin_unlock_irq+0x27/0x70 [ 2229.441831] ? oom_badness+0xb00/0xb00 [ 2229.445730] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2229.450497] ? mem_cgroup_iter_break+0x30/0x30 [ 2229.455101] out_of_memory+0xa8a/0x14d0 [ 2229.459098] ? oom_killer_disable+0x3a0/0x3a0 [ 2229.463601] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2229.468617] ? trace_hardirqs_on+0xd/0x10 [ 2229.472773] mem_cgroup_out_of_memory+0x15e/0x210 [ 2229.477615] ? memcg_memory_event+0x40/0x40 [ 2229.481929] ? _raw_spin_unlock+0x22/0x30 [ 2229.486086] mem_cgroup_oom_synchronize+0x713/0x940 [ 2229.491285] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2229.496746] ? memcg_event_wake+0x450/0x450 [ 2229.501190] pagefault_out_of_memory+0xc8/0x197 [ 2229.505860] ? out_of_memory+0x14d0/0x14d0 [ 2229.510116] ? __handle_mm_fault+0x4460/0x4460 [ 2229.514690] mm_fault_error+0x1de/0x380 [ 2229.518655] __do_page_fault+0xd25/0xe50 [ 2229.522716] ? mm_fault_error+0x380/0x380 [ 2229.526860] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2229.532400] ? __x64_sys_clock_gettime+0x170/0x250 [ 2229.537328] ? __ia32_sys_clock_settime+0x290/0x290 [ 2229.542342] do_page_fault+0xf6/0x8c0 [ 2229.546137] ? vmalloc_sync_all+0x30/0x30 [ 2229.550276] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2229.555817] ? do_syscall_64+0x497/0x820 [ 2229.560077] ? syscall_slow_exit_work+0x500/0x500 [ 2229.564934] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2229.569853] ? syscall_return_slowpath+0x31d/0x5e0 [ 2229.574962] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2229.580610] ? page_fault+0x8/0x30 [ 2229.584149] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2229.589077] ? page_fault+0x8/0x30 [ 2229.592612] page_fault+0x1e/0x30 [ 2229.596536] RIP: 0033:0x46f8fd [ 2229.599707] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2229.618914] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2229.624301] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2229.631590] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2229.638856] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2229.646125] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2229.653396] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2229.660799] Task in /ile0 killed as a result of limit of /ile0 [ 2229.666888] memory: usage 24kB, limit 20kB, failcnt 9505 [ 2229.672391] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2229.679178] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2229.685358] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2229.704868] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2229.713670] [27322] 0 27322 17585 8732 131072 0 0 syz-executor5 [ 2229.722587] Memory cgroup out of memory: Kill process 27322 (syz-executor5) score 1752800 or sacrifice child [ 2229.732817] Killed process 27322 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2229.761738] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:13 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x13, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:13 executing program 0: mkdir(&(0x7f0000000000)='./file0//ile0\x00', 0x22) r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x200002, 0x0) ioctl$fiemap(r0, 0xc020660b, &(0x7f00000005c0)=ANY=[@ANYBLOB="0000000000000000008000000000000002000000f16b0000e31f000000000000ffffffff00000000fcff00000002040000000000000000590000000000a3fd0000000000000004000000000000000100000000000000000000000000000000000000000000020200001a0000000000000000000000836bdaaa1b8a6d973b612124f65f5b8c9f3112263a2e4eb0848ac63c039c00b11d240a07cead434a1693e7d6309cf4f8cfb4365869b375d9ac0c42f310e42c34afcee6623cd69c66d88ec3a60042179ed3d3545ddfaa094974de00f5cf3b840263b82230b6c4ba54cfe755a9745743cd860d52acb09d2593a3cdb104dbf0c410463b5f68250900000041a402e8811bc0c825c5452d8aecf5d85a134b49541531be6dc4756343f40d551438bb93e72971a03b4d157c8c0cecc79d6d249d3824812e580000000000000000"]) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x2020200) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0)='IPVS\x00') sendmsg$IPVS_CMD_NEW_SERVICE(r0, &(0x7f0000000580)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x80}, 0xc, &(0x7f0000000540)={&(0x7f0000000380)={0x80, r3, 0x900, 0x70bd27, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_SERVICE={0x44, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x1}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'nq\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x8}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x2c}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x1}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x100000002}]}, @IPVS_CMD_ATTR_DEST={0x28, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x2}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e24}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv6=@mcast1}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x800}, 0x10) ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x10, 0x3ff, 0x0, 0x5, 0xc, 0x11, "db4a50fb4789e4e1ba7b3915b36756a0cce6c38dc7ca4aa36fe95c0e14c424061fa1b784e260fc85611886e10969a8608b226acb2cf8ee6954480f6d8975df94", "5a1c4be586b3737e677b078028019ae3708d601b99c3efac212d24541f00c20e77ee9c2556a5677d07f8a626f8886e0d22746ad2eb4e517e6cf192a2b20f932d", "a9e44dea755217afd46c96a6dd091d0cf9608be0ab5fec123a0fca16345d35ce", [0x3f, 0x1]}) 07:53:13 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00z\x00'}, 0x2c) 07:53:13 executing program 5: mkdir(&(0x7f0000000280)='./file0//ile0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000180)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f00000001c0)={0x73, 0x79, 0x7a, 0x3}, &(0x7f00000002c0)="71d48cd365bca131318bf6c14341ed7330386346d24a13d4e583761cfe29f8458e2bb91a77619c9076331a430f71be903bb18657673f92c59a9cda0fe46e60033af6910a47d7fab93d5a8e1ca6cb2195a3c6e4f269df49249995f7ef3708c9338f4eb81a3c761c7709b85ff1af6e727c7ed61f4521b18e108dd2b0b813da1e3a6a0278951fea773e1e030a628eb24e031b5fc5cca65f996dedeb6902604751750ae0544b119ef66591c68f5ceed60b14fbed9105feb265efe002ed86f480ca32c918a89be95e99542e7dce17b7f6e463cf059eef1995fcb3abd2d9592526b694e97dd791f8d38e", 0xe7, 0xfffffffffffffffa) r1 = add_key$keyring(&(0x7f00000003c0)='keyring\x00', &(0x7f0000000400)={0x73, 0x79, 0x7a, 0x0}, 0x0, 0x0, 0xfffffffffffffffa) keyctl$link(0x8, r0, r1) r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x1) ioctl$TUNGETIFF(r2, 0x800454d2, &(0x7f0000000140)) ioctl$TIOCNOTTY(r2, 0x5422) r3 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) write$cgroup_pid(r4, &(0x7f0000000100), 0x12) unshare(0x400) restart_syscall() 07:53:13 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x6b, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:13 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8ffff00000000]}}, 0x1c) 07:53:13 executing program 6: seccomp(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000080)=[{0x6, 0x0, 0x0, 0x100050e6c}]}) close(0xffffffffffffffff) 07:53:13 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x900}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:14 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000280)=@security={'security\x00', 0xe, 0x4, 0x3c0, 0x200, 0x0, 0x200, 0x0, 0x200, 0x2f0, 0x2f0, 0x2f0, 0x2f0, 0x2f0, 0x4, &(0x7f0000000000), {[{{@uncond, 0x0, 0xc8, 0x110}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0x80000000, 'syz1\x00', 0x3ff}}}, {{@ipv6={@mcast2, @mcast2, [0xff, 0xffffff00, 0xffffffff, 0xff0000ff], [0xffffff00, 0xffffff00, 0xff, 0xffffff00], 'gretap0\x00', 'gre0\x00', {0xff}, {}, 0x3c, 0x2, 0x7, 0x10}, 0x0, 0xc8, 0xf0}, @common=@unspec=@AUDIT={0x28, 'AUDIT\x00', 0x0, {0x3}}}, {{@ipv6={@ipv4={[], [], @loopback}, @local, [0xffffffff, 0xff, 0xffffffff, 0xffffffff], [0xffffffff, 0xff, 0xffffffff], 'vlan0\x00', 'tunl0\x00', {0xff}, {}, 0x87, 0x6, 0x1}, 0x0, 0xc8, 0xf0}, @common=@unspec=@STANDARD={0x28}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x420) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:14 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000140)='./file0\x00', 0x20200001, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) r2 = getpid() sendmsg$nl_generic(r0, &(0x7f0000001cc0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000001c80)={&(0x7f0000001d00)=ANY=[@ANYBLOB="0c190000170008042dbd7000fedbdf251a00000051a43aa3f9e8d3d5f5c742bcbc4b4046ed203f5d61f87003defa5c59293def312fa3dae05c0ddb040e5913762d75a65ac365d08ccbc40ba1cbe78efc06000000fbefc5e0105d3f4ef0f20be500be8c953043b94d027aa631ba15080c1ab8efa8f03cdfbf0e491f5ff6fa37252a705c71c66a1366af54b96d6e0e5e36d137b504f65a911c336096755a31eaad3ea29324ef8810f9c9d64e994eda14645c3c195c40ae0ae1a699efac469cc224db23689aaba9b77118c8cd78b5f56097259c7b9b20109f788c1447ed398befd76ba0007c00140083006367726f75702e70726f637300000000c843e2bf711ed950211ae30b1da41ae92f6e694fd63010c682607b0631169447f9c2345e77f53d0e3dbf06cd60ed51d692076538224d12cfa2dcf64a715de60208caadc249093fddb82423a4122625839fbaeb6518391f99fe45f3b4cd8f799adfde760c1008000600", @ANYRES32=r2, @ANYBLOB="08002f000010000008001300ac1414aa08007200080000000000003a9e683961df333f3ebec5681c90df4e313f5e93b5540378000400160008001b0020000000e4001200279969588090e78bf8310c0ba5c72f24660401461b4e9220405725dcab164fd2b1cd8629c192396154f5d325b24e686cd25a6cfeba788e8d6ace192e54674bc72a15c319e48f051b716a4fcc616b17a13c8d7234d9b792c0b15f94187638db32a12f176c54bfde8e60f92e98b7df2333383d3ec8e97246e6a5065dbc83c075027753fe71d459f062b673eee94ebc956ea4e77f5eb5266b18a0e1b2cf3a4e08cf166edcdcd6b79b895c3c10f235e3d170ef945cf910fc30562cf930afeb0edaab380473b1a949347a9d2348da112a644949bf1e29849da77b930582757f0000009630cae6a14466cf37e8866e1bef09babf001cd7f0ef0dc4fc9c542e5515443bfcda26fbd0d2a37c62821c42c2e1c080ae23ec4e47974aedbb633b283f0e5da57e98efae85bee2b70fc8671fa58265e9218be2eb85feab95a203ffb4cb523e15b36f1d91d9dee0293814868a471d34c37d20755b3e810aa03b8109c75976b305dbc77d4aa033681f7aefee76455cab24cba1cfd359e6235aba9093e5bc1ca88115f8ae5da2399361c9b123efe46cc72a2f819bdc51debca4057d95b557a3025e759cc3636f59d92b919d4c0b0f354e912aefa65a787fa7ad6dd837ebae1eb2dd6639eeb4547ad00c56d46fae95979d1dacd04347796e52f1d753ab0942bf56d00af1a356b55974815e888748aacc27c63b940a61467e31918244ee7b21e7d8a44127989eac5e37748384a30cb888a04e9f5d05c89757e12a1a225fe2622b0d0c00667d9bb26c689da212c9537e1e0d48db124ed6f31a48a0331ce59986d7c125d0d88d5f92abe6a09fc48241d1e1d6206f2a9177e00db960fa78f6eb260d03d2478daf8f889b1909dd0e99993253a9769fcb9a8d952f5df151ca91659248784f8db5463425897bdb82f669d531c7fe2fe2df786921341af92fe00fbe87b64ebb2e8906719537f2e51637382c2e8315cfedf2a2ca787ead3e4dbbe6e9ce34ba72ae3f644dfc6a24ec5c7ac6d880d45a5ad88d8f164a7226e8950ff206c1a6feec5c3c3f93e91aae2a3fb585305cbbf6970b43bcac90575e19a8049df23093bd838f24e14b330272d84b7531e408fa6d21c84d976d111fbb8916bd62d1d4c93c814da3a981457364e17e0ce7c8b488936b001032e06048384394391f62741812faa013850008003d0000000000b37a9cd2adaeb9a3ee7ae0a97f4a36bf8e3514c8660e70ccbeec2d1ab1f88c93577cea6372ddbe711cf37e50e9d33c50901028ea7b4f428199723a3ceaf913d047b65a0013b66d26969de5b23a6e8a1f90c928f1cfc5f5e27d259a13b96360d86b954dfe05bd6437fe769c4a4e0e2014cc0d28ef4a0594fc81f57d801d9bb91d006ce19e0c7eda63fc052edeed13c4908de31284bb9162bad54941bdb189b4514994cc15d0c29de008b89f8cadaad2f3444ca8136531fcfd1936e22024b5b1af20985c753e2d1e22061ca6b659a6c28ea5194e378e7224f7548b8833bbb288fd8a1e69e108ed5f98ba290b145f0ad0cd2ac3bb9743a73ca6a08b964a6e3de9491b08f7816a2140c55c44b07ea75731dcf052d7a29b44059acd099c408ce27543cc8e9c9264197bd86960fff76d301699dc328e383965f707114f0f64ea6fabfe7660e9b5490efa29213837bc7dbcdaeaf0b7e1eb77f3c3278790fa4299b26476469eccfa385c75856a183ea4f0c8fcfa0bbf3fc49ed057f1cc2ed38e9b19a085a71585787d004cc8210a70590213048f4ec76a1180ebf743853120270dce2283184331ceb24497d44f0d3b26d4e8c1e17fcdaa9b02c26467588765ded96890bcc278071ac2a49549f9845bce7c9f7c892ff4f2b74dcbbd346c78428f4c6898c94f4b183b94cab2b8e06e39b3727038b95a461500ec4ba90b28118724bd64a7c2febe813e26688887daa2fd6e95e46ecd5116761849b8b8aed77cff399565b902b1ba8e59ef3eed87e0416e7dbe98c93df754220892744b5c38b298438ca750790ef545890d7e7401596d422b665be672ce5f2c5e97d7f6bb54fdd3d565b95e8d658d898e993097b2a1683a798ccf72f2ab5a673308a92933729833f09c7c5c5476f522b1a15d4274e54b7ebc62d86a3096cfff01c7bf81e53b5b475b5216e44b45a9c77dc8ee128de16ae35a9698edb34d40340194a82714f9ea20f58934c02d76cdcbaf5967fa63ddf5d1b3edfa7d5dc9ea68512056a0173f7604796a36bc7cf51193fe35272fba3a9b5630a211f925ac62cfd3ccf7848801212cea3c26c1814e265be5c3892bb2c4c89e35ce9057eb0fa6d1e66f2265a2bebcc2212446938e66ae8bb54668dbbfca7e3359df58f45f1b00f11dcb14354213697429304796545c61352af5f20d058544c7f84d5c757a3cc98c89304a24148cefb7b16850a5027bc5e1977fd89c5200047c7b2d97964edf3d2f24d29fcb65bc3da9c75c01133e8148eccb4c838193937290a020b3153887052e5c17996453c4f4af692c0dd7e0917f84480fc1e8a31d7218c4172c01d50226943e718c159a1edbad7d0dfb0e3351193a6d5e092d922d388e10bd862fccecb6916980b158c791b0846ccd8d7f24724f62e5526c1ec221b0cf068d6ec50a44602314ea2d6bb4eb5ac264fec5941169dd30821864cbd4953d4800d3fd07414ff8c15ea828f1843929a6789e5f4c1a6416c1938b056c5e261a8b3fc0a0d0c3835965d981049c47370d0d7fc1782143aa333b86e87dcc16b04c1ce69a6801f09a716222759ffe36160c68855cf51f7338be07b2f1b9d2ffb68a5e4d96d71df718f2de2b4f378673cf003d11e1e69948096e961f63c026aba62abb6760253f0b93a3507f4097dfba462cb51c48702c242dcc8e3cda8b9abec1061f15c51380a540bddd1b20057d3da0f0487e7e76b966628cb42e6f093fb6025955394d80eeba8eb84d4316873c9f2b61282b8c1adba5c10f6733c6c2253d12106de64537be15f372502aa5d451591d680c211d71ba0bb40cdeeb02fdba4c1fceb459fdeb78e1519ddfc52a3f79c4bfb533d235942a7e0f1aa81ac5a28cce7a0add93721bbc1604cd68e1ea2c1cacd52a93f6767d1dc6d416589b01b0bed6e28e3db090ba9ecea67a07087d6c06ce38dd37580d5bea4f16f55726aca151c2feb5423715b4e02e1a0aa476d5565b91bc79ab8293296684a6a4a725932af751f202591d6ad545b548fa8c6133980239141b54ebaff67a9b6dc8ce46714e9d65fe0d240278bdeb69edba55bf86ff9f27ad79b888656a15fb6b21545cf4bc587d411c6c751514c499a392b187cd3a6efbf4ab20b13b60be6f037a8499c7981bd011bb0249dfa25262aaef6b7fcc2b16e932c17999f41c184f9578bb60eb8e776fcc362d234e1e46bd31484b50771897d827cc4bc2540c1fcafb8c0b3dce58d2a7fc4ec6f15964601734a08428cb1e6a1d7ffe77ab21f1402f6667b2bb4d08ee3e5ca53120643c886227f72a42c86c65a930a5f33b7525cb07abd7fd206c49419b0b80dd0a56149d3948d853004e9d268beca52de09662ce4545db9e307c42b582ab48b96c2364eceadd0b7d282a2f722f5f00811a968b19f0e9848174dfffafb3863101ee53b0e6140dcfeb43e66f84b471669281f797302327f56c467959fe56b10cc64e6083622eee4a4da4947a30277e7f2e4d5baf5ccd0739b11448f3e61426af1380d77a6b511353fac431a75261fdc7d74aba0bc6802e392c460a67e9d8f052d73ead74c2580d7394db6669cb186014b4ab9a0784a94ae676ba59b6ce9a327c06984242c7ae8348d021c50bf7fd082579520b340a22269cd34bebf15b7c2eede5bce2e00734a1b791588f9f620ca768c64f921f473c6e05e32d4082b88478e5fef127ee071da58b9c275fe50d00513f52129f8193ac54f0f219a3da6ca095c9399ffc5379d313aebc885c98ee8bad3f3e30e9412ac10135a67ed9e80655bd9cb012d53459bf6af18cffe1e5cde790bd890f4a3efffd0a64f697e538318369b49ea835d8c64a2dcc6c429dd4eabbd05d8e5a78c60708d29570e0ce8bcc222ad79c9822a164a5c8939be4ad4a2dfb2f7a9bc2765116d81ae19a6b12ce0c506e21c95007a575b43a84f8b345aa8e9751a8da3da9c2702e7962d08897bfe70c34cc8ac9c05ea0283bfb6e44f5c7b2c346522d41f901b2ca2807e297b9e0db09b80a6f59f55e96b512921ba07601db8e3ea787d9d9fa2f9dac5c177de6070e2f42d48c156dd8dc7984b9555a45d85bdf51c4a853fd47b802aab0c86a7f328c0a4e1730ab77ff98c74cd819be370df8eb9f0c755a913c83e03bc56a0a914bd74a30df60a36c71a351b92c786eea3f9237fab1d82637a13c05966711f9482281d9676ec8e023e77747d55e6444350cc31e289694340a041e0c26ccfce884535796038ac9b1be65b1e41350be9a1041bb2b22abf232233b914e2a4a087be45dfeb32c3169ef735d6624a8052581da97827eb701a3c1e838c99ca9a7cb710c44013fa318f73ac10bf05e78c7066403c8e7658b621ae6781d2ca862ec10b637dcdbd8725ad205bc6552c51e22cc143e0c42d8d090542965bcdfc5ee3ed8260760dacbe016e6344e9c533d1040377de7b11f6f43f680261cf282265ffb74ae1114728d5c575dea95c4f53c4b7ad28e75772f9530c86a3be08122bf64202404b0938926d984c9573b99702497cc1ef9aaf3577eb2f72ef2c2b3ad11579c59b8f1a3c30b1cf9a200143ebee190328f71df5623d218ba816761b694cb38c877071fa1ad58e86236908884d731bbe254598172de04d641bab3f2e926b21abace9883179678c8d3bec7677dfbfc3fb649e961b2448f70b640b32d725a71889e9d0ab90c1aec3255a9d89aae83f76915ea6946f7ffd19c32726f01c814c3f4e8a7d5f0cfeb113d28fb3c87ddc2f53cfdd1be0164d80b530e1d4957d33d6da6b88edfe34a5db0fa9ae15bcfda701a49e6f11dd195f72b74bb538ff6becacc9fe0c9cf3dcebe533bcdc04085bd1bbd22ce3f6a75c3d7b9e08a9956eb478f1e432e118b6f5181e89f9f215f9a7636345180c19a068b21c8ce605ea2526b361d81af4a0400b92399533f0c9bcb9f2d32cbacf79f904c8315cfc54ca047cd416991599d0fa36c6171e94966f867fa7ee0a45187ae15188d4c655dbdc7cc0b6412f725ede5a458bd0ee336e52625963be0de9228b9d7164e912aa1faf568a383916450b0920ce38bacfd3996649ba4ba30cfede3d2177c2b4383c68ab4dcb8bba9c365fd6ebc9d8d035b66e330d4b2ad2713b383b816abfb0ebd2f5b1f78192bec3f4479b51bff18043cbcfd90a7bdf7e673cc39697766c814b29d5bc99499771ac11558fd62d3d49b436bf5149be71d4393a645cc9824344ab655b4385db1667daa32847746519c4a13b28f55bb3e0dad4110435098b12a5278f3c9861c793c257329a6c8fbe05601deb494ac3fa5a8465db92d31b62028668fd465288e4dc58d2e405b09b303dadf6d2cafe2653c098de363e81387d201913a5384467a8ab9e201c85637429e3e66d12fb5f8613d30fcdf151f97d9fbd770051229a7dad2a8927c384b195c9b216b8acda10e34278514c4f4c18fe92fb5a4667ea1f81b2f70f3f847f50274c4d513a6b9571239b4ea768c17bf7fe19ba263451619d61afb64c8e2e14b06cfad24c3e17bf6c39c73166aa3892edb675f8e89bb7d702a03022e808510d6f3769252fa6a5c76f5781790e02fac7e9ff562a571cdb5dbf7ddafaa122c3b7c369b83357273b2923b1620a7a27b7bf085dc1e5cef5830fce628f9acb466cff0269af56224ec5a4f99618c93860b6447785ef20ccbbd32448b6b0972482727896a00757363344f15eae6a90be85b6daad1cd8bbcba6906839b29f45b4dbbf5ef576409baa0315bb31ebdb1be0a62c2635dc363670dc72fd10763975ab1ab291a1f51fc942baf11adf5460705733f74d7dc66dfb0f130d66de9dc7690176d610464fb4aa19feecd7709f2991015457ff60a1b02113a706381241d9ec7e19c7afd63d89ea9869a2a3c3e6c55db435b0a9b221c1e3e4f65dc715f6620057bbb531b3abef30c8cc252e10bcebe32fe6d68e3ee6fa1d5d5c1f41153ae33c154462d1a3a3c826500d7b1e6b0a98bd7bdc6aff493e29792f2a1ced10b55410de6e7f4310c85f42399ab55c0a3a420df1f80a038678c630914c24823e332d8a7549b6462a94b328d5037b246df72894c06ef6cf3218e34c02ab9e888739c4c26b61adfe5f02269d5d06df95c3eda37a19c5dfe4588098e5b3394fae2cf97f9d63133098b5e3e196545c25cdb11ad0cdeb86bd85bd03f79632400153a3c430c9433b39a7d8be040bf1d1ee0b8d225e603747b56758b37fcdcdbf27313f293ac7c12dd9bb738a95a69e269255be2614d9aa7f7bb12d65fb00eaf98c3d1161115e7587ba724f8be3d89c81c06eaa587ec34c96f7de3056a7398730b644afd3b3fb12a46636b58b244b47b8f19074a0898a94d6b05adfcd5dfe6aa17f18700ac0e53b99f11b5c440075b746d98916e7f6bacb17015d0986b137ede161b80c4a6d2a064305793aef9df5d7471383d9bfbc3b8d7001903570cf0a45b0612aa248f1c9b79426ba28fa5c3a633dc4c249e9443eea2320b65c10f7f582e0069e0853886eb076b4e25e07d6bb3478de394435c2b80e2967a81e9514ae5227706e7461a205405dff4425b46b3dd9874150021e54ef4f0a15e6b4a169dfa2924a17be2c68033bf6a6baed994f29d0d37a591d1a351b6dfd441f97a9c106730123b2dbf79bcff45d011db63d3f4dbbec146b9181e168826cc53838bd86e2fba9f8aefc71b1803a22b74e2df4f0b138640826d3d964c54f6aa3d6d865ac47f24df103d25e9cf7a45c86969859a7f6581d55330f4558751aec43b34d1e27e56c050def7f88e84e768058c508e8c789f4030f7274e82d8d10dcd13450250cfb41f69828beccebd17ff40da71f17b0cecc353af66da622836fe842638b54802ae5779e0a12ad6976317eab632180483c10d84a518a66ba7a4b5b2438780758fb1c7c61c03801b46f824cd1cdf9b1cd5bee659d067274371d316d09006de899d6d0c050fcf864e8eb3ec6d682280e0561a681d91beaff3b768f0263108197529cb7983eae860a038940255298cee4cdacb57746a1d2be21adc3618dcd3fc82fc24b34a3cc149de64cb978c4d9a585d15ad1f8c7ef8a00019dc2be605f9547500e9135e3292627616e0c3a7e94a3af29f7383767100da3fc835a92efd45a66a41093ddfcd55e833f30f6c4773c73b847fe4c24e57e5e891ba0225ebaba57bf4638e33031771386bf847044b443870cd9384780b8304b2182a1fc01c086d94ed6f61021f7a74ddfb3e8c81ac23e0931cd6e58d529aeb67fc83fd34102e200385b357457dd6c33a53af91a1fbf1adcd4dc389d4da81354a5030bdc03a04002c003739bbe2a59c1de05cae371a34485d0d0c1a6dd1030519dd056f88dfe38f70231b37b4159c5dd1544b5c19656a49f1827924cd30733567fb205c545f608728ceb9ce8df1d31d684a18a3eb9b2c93f501c6c1b0ef163b2396e0def6e9a67a950b79391eab8b251852a0f233738cdc122747f3b92577f96c5b72c84783db3d13bc1167f043febf89589264ac20d9730b623e26e7fecc007f00e0c515ab2b2d12b88bafe22aae55debfc5bcc7292a547696b663febed3ec6e37b2a98442f15c9d8943f7b3b1e3b5a8afddbde242fc02d88caa5bccf558273cf688fb9d7541264852078c29534ae9083da37e46c0647439b91b80a1d4df9c898a2aa2af3c468df2d391db51cd09a0ae9989f4497f3b693a1f7cbe0b32459a321eff9025119e2edf88aa318371172c9595d3f7a390c765dc6379d5d467a212893865d01e96fa8b16cd05cf2264ce277630172ead504f8a7b708a754f277372e9bb47e16e2ee430d00014002c0000000000000000000000ffffac1414bbf192d68adb9313c471147d7180a77252c5c4d0dde67366f61949d5ed3becc5fae33ca2cf25f5ff3d3fa3ee8cc13f5bccafbf23675d1bcbe1a30cac1ba580a313a29f0d14bd10cbf59f8964b1736447150939da70bfad2c366c5cd8828798c6de9380d68007cce89cbe49045609388657716caa24da40b8f6f8ade7481bbc1aabe03b8f41c483550185a7c98af9d542cd3d948b24d991b4b4a9ebbeb7a9db7b623494fbcb41e79bec250ba16d60cf8511050911a61e14002900fe8000000000000000000000000000bb000080000600f2953e94b29fec4eaf559cec62baf6250bbfc5796d8b4470b08c13e28a32c44e686933f5269851e6248742a7bb47c854fbdb00e736e94a5bfc3c5180364c80febce6c0de95f20a3ceeefef46dc0547ea394aa1f4dcda4de521253d46fa8ec5d31862df0f092e45fce08e6b5289f53e06649f7bd708004f00e0000002000000"], 0x190c}, 0x1, 0x0, 0x0, 0x10}, 0x20000000) bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)={&(0x7f0000000040)='./file0\x00'}, 0x10) semget$private(0x0, 0x3, 0x40) setsockopt$EBT_SO_SET_COUNTERS(r0, 0x0, 0x81, &(0x7f0000000380)={'filter\x00', 0x0, 0x0, 0x0, [], 0x3, &(0x7f0000000340)=[{}, {}], 0x0, [{}, {}, {}]}, 0xa8) write$P9_RSETATTR(r0, &(0x7f0000000000)={0x7, 0x1b, 0x80000001}, 0x7) ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000280)="2920e0714295129b7ce0a14f2eac96c047c401206a6ee1cd9222cebd00155a21b36320f8c2ee7d96ebfb064fa30f1e16c7bb2b7726c58fca6b9e1c3422ec3d84ee2921d64ccff079a6f4199745070afc8a3e4959b53d49b4362237c230defba65aca0e") unshare(0x400) 07:53:14 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xa7}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:14 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) unshare(0x400) [ 2230.067174] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2230.078304] syz-executor0 cpuset=/ mems_allowed=0 [ 2230.083252] CPU: 0 PID: 27375 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2230.091159] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2230.100524] Call Trace: [ 2230.103127] dump_stack+0x1c9/0x2b4 [ 2230.106762] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2230.111987] ? trace_hardirqs_on+0x10/0x10 [ 2230.116231] dump_header+0x27b/0xf64 [ 2230.119955] ? pagefault_out_of_memory+0x197/0x197 [ 2230.124894] ? __lock_acquire+0x7fc/0x5020 [ 2230.129139] ? print_usage_bug+0xc0/0xc0 [ 2230.133221] ? graph_lock+0x170/0x170 [ 2230.137024] ? print_usage_bug+0xc0/0xc0 [ 2230.141107] ? trace_hardirqs_on+0x10/0x10 [ 2230.145354] ? print_usage_bug+0xc0/0xc0 [ 2230.149444] ? lock_downgrade+0x8f0/0x8f0 [ 2230.153611] ? mark_held_locks+0xc9/0x160 [ 2230.157775] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2230.162366] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2230.167485] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2230.172507] ? trace_hardirqs_on+0xd/0x10 [ 2230.176663] ? ___ratelimit+0xaa/0x655 [ 2230.180598] ? idr_get_free+0x10c0/0x10c0 [ 2230.184752] ? kasan_check_write+0x14/0x20 [ 2230.188988] ? do_raw_spin_lock+0xc1/0x200 [ 2230.193235] oom_kill_process.cold.25+0x10/0x10bc [ 2230.198094] ? oom_evaluate_task+0x540/0x540 [ 2230.202514] ? find_held_lock+0x36/0x1c0 [ 2230.206601] ? lock_downgrade+0x8f0/0x8f0 [ 2230.210763] ? kasan_check_read+0x11/0x20 07:53:14 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000000000048f00"}, 0x2c) [ 2230.214919] ? rcu_is_watching+0x8c/0x150 [ 2230.219077] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2230.223510] ? oom_badness+0xb00/0xb00 [ 2230.227416] ? rcu_read_unlock+0x35/0x70 [ 2230.231486] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2230.235734] ? css_task_iter_end+0x2ce/0x490 [ 2230.240183] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2230.244956] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2230.249985] ? trace_hardirqs_on+0xd/0x10 [ 2230.254144] ? _raw_spin_unlock_irq+0x27/0x70 [ 2230.258649] ? oom_badness+0xb00/0xb00 [ 2230.262555] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2230.267325] ? mem_cgroup_iter_break+0x30/0x30 [ 2230.271933] out_of_memory+0xa8a/0x14d0 [ 2230.275916] ? oom_killer_disable+0x3a0/0x3a0 [ 2230.280442] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2230.285512] ? trace_hardirqs_on+0xd/0x10 [ 2230.289695] mem_cgroup_out_of_memory+0x15e/0x210 [ 2230.294549] ? memcg_memory_event+0x40/0x40 [ 2230.298877] ? _raw_spin_unlock+0x22/0x30 [ 2230.303484] mem_cgroup_oom_synchronize+0x713/0x940 [ 2230.308512] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2230.313977] ? memcg_event_wake+0x450/0x450 [ 2230.318312] pagefault_out_of_memory+0xc8/0x197 [ 2230.322984] ? out_of_memory+0x14d0/0x14d0 [ 2230.327231] ? __handle_mm_fault+0x4460/0x4460 [ 2230.332352] mm_fault_error+0x1de/0x380 [ 2230.336325] __do_page_fault+0xd25/0xe50 [ 2230.340384] ? mm_fault_error+0x380/0x380 [ 2230.344524] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2230.350063] ? __x64_sys_clock_gettime+0x170/0x250 [ 2230.354988] ? __ia32_sys_clock_settime+0x290/0x290 [ 2230.359999] do_page_fault+0xf6/0x8c0 [ 2230.363791] ? vmalloc_sync_all+0x30/0x30 [ 2230.367926] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2230.373451] ? do_syscall_64+0x497/0x820 [ 2230.377498] ? syscall_slow_exit_work+0x500/0x500 [ 2230.382339] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2230.387259] ? syscall_return_slowpath+0x31d/0x5e0 [ 2230.392181] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2230.397540] ? page_fault+0x8/0x30 [ 2230.401069] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2230.405898] ? page_fault+0x8/0x30 [ 2230.409423] page_fault+0x1e/0x30 [ 2230.412864] RIP: 0033:0x40e33f [ 2230.416039] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2230.435262] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2230.440624] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2230.447879] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2230.455135] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 07:53:14 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) setxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='system.advise\x00', &(0x7f0000000280)="e063707573657400", 0x8, 0x1) shmget$private(0x0, 0x2000, 0x0, &(0x7f0000ffc000/0x2000)=nil) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) r2 = shmget(0x2, 0x3000, 0x54000004, &(0x7f0000ffb000/0x3000)=nil) shmctl$IPC_STAT(r2, 0x2, &(0x7f0000000000)=""/21) [ 2230.462390] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2230.469644] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2230.477156] Task in /ile0 killed as a result of limit of /ile0 [ 2230.483194] memory: usage 24kB, limit 20kB, failcnt 9525 [ 2230.488720] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2230.495514] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2230.501713] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2230.521214] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2230.530090] [27375] 0 27375 17618 8732 126976 0 0 syz-executor0 [ 2230.539056] Memory cgroup out of memory: Kill process 27375 (syz-executor0) score 1752600 or sacrifice child [ 2230.549112] Killed process 27375 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:14 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000140)="636700f5cb8363c67129f077ab57fa29a21234f1b7ad390758ca1cca71d9c1", 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) setsockopt$bt_BT_DEFER_SETUP(r0, 0x112, 0x7, &(0x7f0000000000)=0x80000000, 0x4) unshare(0x4000000) 07:53:14 executing program 6: seccomp(0x1, 0x0, &(0x7f0000000180)={0x1, &(0x7f0000000000)=[{0x100000000006, 0x0, 0x0, 0x50651}]}) keyctl$set_timeout(0xf, 0x0, 0x0) [ 2230.561346] oom_reaper: reaped process 27375 (syz-executor0), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2230.775622] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2230.786587] syz-executor5 cpuset=/ mems_allowed=0 [ 2230.791516] CPU: 1 PID: 27415 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2230.798874] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2230.808227] Call Trace: [ 2230.810822] dump_stack+0x1c9/0x2b4 [ 2230.814457] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2230.819652] ? trace_hardirqs_on+0x10/0x10 [ 2230.823895] dump_header+0x27b/0xf64 [ 2230.827624] ? pagefault_out_of_memory+0x197/0x197 [ 2230.832576] ? __lock_acquire+0x7fc/0x5020 [ 2230.836817] ? print_usage_bug+0xc0/0xc0 [ 2230.840891] ? graph_lock+0x170/0x170 [ 2230.844703] ? print_usage_bug+0xc0/0xc0 [ 2230.848773] ? trace_hardirqs_on+0x10/0x10 [ 2230.853030] ? print_usage_bug+0xc0/0xc0 [ 2230.857108] ? lock_downgrade+0x8f0/0x8f0 [ 2230.861265] ? mark_held_locks+0xc9/0x160 [ 2230.865410] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2230.870000] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2230.875109] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2230.880127] ? trace_hardirqs_on+0xd/0x10 [ 2230.884282] ? ___ratelimit+0xaa/0x655 [ 2230.888174] ? idr_get_free+0x10c0/0x10c0 [ 2230.892334] ? kasan_check_write+0x14/0x20 [ 2230.896569] ? do_raw_spin_lock+0xc1/0x200 [ 2230.900826] oom_kill_process.cold.25+0x10/0x10bc [ 2230.905679] ? oom_evaluate_task+0x540/0x540 [ 2230.910088] ? find_held_lock+0x36/0x1c0 [ 2230.914161] ? lock_downgrade+0x8f0/0x8f0 [ 2230.918315] ? kasan_check_read+0x11/0x20 [ 2230.922463] ? rcu_is_watching+0x8c/0x150 [ 2230.926609] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2230.931023] ? oom_badness+0xb00/0xb00 [ 2230.934917] ? rcu_read_unlock+0x35/0x70 [ 2230.938974] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2230.943215] ? css_task_iter_end+0x2ce/0x490 [ 2230.947627] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2230.952393] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2230.957413] ? trace_hardirqs_on+0xd/0x10 [ 2230.961564] ? _raw_spin_unlock_irq+0x27/0x70 [ 2230.966062] ? oom_badness+0xb00/0xb00 [ 2230.969952] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2230.974721] ? mem_cgroup_iter_break+0x30/0x30 [ 2230.979344] out_of_memory+0xa8a/0x14d0 [ 2230.983335] ? oom_killer_disable+0x3a0/0x3a0 [ 2230.987841] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2230.992859] ? trace_hardirqs_on+0xd/0x10 [ 2230.997039] mem_cgroup_out_of_memory+0x15e/0x210 [ 2231.001887] ? memcg_memory_event+0x40/0x40 [ 2231.006216] ? _raw_spin_unlock+0x22/0x30 [ 2231.010371] mem_cgroup_oom_synchronize+0x713/0x940 [ 2231.015392] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2231.020845] ? memcg_event_wake+0x450/0x450 [ 2231.025183] pagefault_out_of_memory+0xc8/0x197 [ 2231.029853] ? out_of_memory+0x14d0/0x14d0 [ 2231.034118] ? __handle_mm_fault+0x4460/0x4460 [ 2231.038707] mm_fault_error+0x1de/0x380 [ 2231.042687] __do_page_fault+0xd25/0xe50 [ 2231.046756] ? mm_fault_error+0x380/0x380 [ 2231.050920] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2231.056466] ? __x64_sys_clock_gettime+0x170/0x250 [ 2231.061394] ? __ia32_sys_clock_settime+0x290/0x290 [ 2231.066416] do_page_fault+0xf6/0x8c0 [ 2231.070222] ? vmalloc_sync_all+0x30/0x30 [ 2231.074371] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2231.079907] ? do_syscall_64+0x497/0x820 [ 2231.083974] ? syscall_slow_exit_work+0x500/0x500 [ 2231.088821] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2231.093753] ? syscall_return_slowpath+0x31d/0x5e0 [ 2231.098689] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2231.104056] ? page_fault+0x8/0x30 [ 2231.107602] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2231.112445] ? page_fault+0x8/0x30 [ 2231.115992] page_fault+0x1e/0x30 [ 2231.119443] RIP: 0033:0x46f8fd [ 2231.122623] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2231.141991] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2231.147380] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2231.154652] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2231.161976] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2231.169251] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2231.176620] R13: 0000000000a3fc20 R14: 0000000000000005 R15: 0000000000000001 [ 2231.185085] Task in /ile0 killed as a result of limit of /ile0 [ 2231.191147] memory: usage 24kB, limit 20kB, failcnt 9557 [ 2231.196665] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2231.203471] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 07:53:15 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x15d, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:15 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000000000000400"}, 0x2c) 07:53:15 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xfffffffe}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:15 executing program 0: r0 = socket$vsock_stream(0x28, 0x1, 0x0) write$binfmt_misc(r0, &(0x7f00000012c0)={'syz1', "048e585f3ce1d919a971e095c5a80b9a1c6796570b36222a9adca1d2af6a42de3ef504bacc9b9b4331f38c1943c9b195b830e031a9f56e4493f06c47fe7692f98c0f0d861e1d62da3637a9e54330827ca2a085a632be4f40536be5263969058debd72aaad7e1d8e8ad35562cfcee39b5cff4170c3a1ff4a49c248f94f0ed237105e623c955b31de8513226bcbae1a974e15e9a970ec18ea64c7873d90ec6b62991aee243b98d0a58951d4ee067b24cd17badd9"}, 0xb7) r1 = dup3(0xffffffffffffffff, 0xffffffffffffff9c, 0x80000) getsockopt$inet_dccp_buf(r1, 0x21, 0x80, &(0x7f0000000180)=""/33, &(0x7f0000001280)=0x21) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000000)=0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000140)=r2, 0x36f) unshare(0x4000000) mq_timedreceive(0xffffffffffffffff, &(0x7f0000000280)=""/4096, 0x1000, 0x0, &(0x7f0000000100)={0x77359400}) 07:53:15 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x183, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:15 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000]}}, 0x1c) 07:53:15 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) write$FUSE_INTERRUPT(r0, &(0x7f0000000000)={0x10, 0xfffffffffffffff5, 0x3}, 0x10) unshare(0x4000000) 07:53:15 executing program 6: pipe2(&(0x7f0000000180), 0x0) shutdown(0xffffffffffffffff, 0x0) seccomp(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x10000006, 0x0, 0x0, 0x50ee1}]}) getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000480), &(0x7f00000004c0)=0x4) 07:53:15 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000000000000600"}, 0x2c) [ 2231.209679] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2231.229187] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2231.238064] [27415] 0 27415 17585 8732 131072 0 0 syz-executor5 [ 2231.246982] Memory cgroup out of memory: Kill process 27415 (syz-executor5) score 1752800 or sacrifice child [ 2231.257081] Killed process 27415 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:15 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f0000000340)='/dev/vcs#\x00', 0xc50, 0x280) ioctl$KDDELIO(r0, 0x4b35, 0x9) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) ioctl$PIO_SCRNMAP(r1, 0x4b41, &(0x7f0000000380)="f60a78a11e7f98ec89312bb08deae612c12e3fbb83aba6692afe931941174568d7234e6198e2a422fe4358268574320bad110c3d7d35c436b0b549da25f73f30684dab698755c2ae5e57d6f591cd9c17f6d9aa86519ccd9903c49f9525d5f7ae4a077c983e16ca8cf82e2c4c458b62acb2fc21a7da20791b5d0b2dc81a8194626180a0c9aea01fc97b2e73587e1aac68033817b82be3ee7942983cbe734fd0c9260066e92b3e7e36b9cd18fe3c2e5d77353f7e65347568e12446ad4343065259fc5cd2d7e53b6026dc565d13f2d17ac71c66fbbc9cd525d288363006358e2c075354bcf77ae276a205876798daf0d43d2cbdb5b1a054492be4faf2a2238a099967962e8fe957d7a12a490ebeb9c4376c69615c01965c86fc8c0509a72ff17b852d1132d51b70c8ec34f12f3ad5a75ad8a95f6c3b3fb5c92140d52eb7daf7f0352ca2acf67d70b288ff753aa02a5c1d24b3092eeb5e8552329ab318111c80276e3ce67bb21f0eaa27ac7af2143b80995cece0aabfb3fc639b7fd89e974576c8b40bc443ea0f384fa6cb715192867369da41e26b364258a86d67eb68cf88ebedabd2d192bad8dd9d985bbc12317a925813c3693df60ceeacb38dc44465cc5cbd80062866f5f2901bca3371fefa43aa9c91132a1e4dec0d492fcaafc472b6492e94313edbc17775c48c6c9216a0e7505cf81bbd3bd201be0604265124a9a7a2d077cf2e3634f376baca5ebab2b484cdfa5289b54aa5a1a7cafb0918a48e525c595bc06ab669d36c09bb455c514d783b087ec0ef3f944d018f907537d916d124e327467efa799a314f231f061f6bdb533a4a1dc1fd3efb06391d88b401badcb636142e2baa4c6bf672db64c663a5fc0393e89d7ca1ff5dc577d4264093332c81e9707f3a4243a1581e62ded8fe240c788176c61701c11fd46eff5b154c778ac6a3d128ec4cf28b050707c53ee0f99c2403e3847d57e456a676a05dfb5138077141a21b40017b0cd67aa4e2ba108af12f086f7c28cf40166bac78d56139187bd70cfe12b4f3ccee0bd6c55d3d07438d63b232cc48f706a565ee0724a8518aefb71a82f981a666107ff5c0d23e4f60d7051905b74e936aa95b57de100cfdf6bad727f7af5b8c2fe002cda752672b965fcd2476c2bb27533ff83e92f2766386dca4425cd27de7b976c3a49518dcd0b407a5620fe4fb2f9acee35c331e11a942f5e4eca2e14c51e695d3a863679772ba7f13239f758b2d40a9f2f3fee16d6e92977788c0facf51bd6f26b1acc6567a69da865993cfec7681f96b7a5e380d8fd91cfdadad18720e7f32d25c6d7596b576d3a7eb56da57d8ab77de38a2badd50fd79c3933fcaff2f76f201ce231a50108db9a0ce2e83c6ffb5787071fa7c81515600b9e41334bf12df78661278ea27f3c08be5b24ee17deb362597793eb0c60c8f2e7b0e85045f03d0e442fe4ac436d9cb1d47cbddec3778b254bc33838516a31cbd9485202d1d4386fbc5258a500e0640a157693a21cda9783d2a31985616dae2e08e6156b49e7d9ec80384ab2408164ad6389d5d190d4fe8787dc8cae63c857856d71d313e1b2f231188adbbeed1c62d10ef3776572bf1f38e60ceb17b0b25c417d96fe30a2bf400adb3ad395b32bbe6ce9ff548af39639fbfffb626e49f6c4c8ebdad9f11c96610b2498e996557786a2c5647cb6f15b109866befe5217650922d0abb198284a344a1eaba9c691e824c000cab30bc6bfe8d3c6ad6f563ae833c0ea2104e69c60aa10d96d350d27ba55dce812faa2b358131b3e7666e8d369e7d872fb6da3a2e70773b2c9f3e7c91bfa9b4325e92025b445a765ae35c45166fe13c5eeae71eedb38588cf61153d95a1954bc6040148fd5e5af2a73dfbec8a278218ae567bee149a988413f08fd55d59684692c12e9eaba42204b60ba95376920502f1bb97dfbf7460686d3e9a08359d5d7d6fdcd47fd186d97f6867bec7ebc7800537e6e6d1e45bd1f65c072019a7a285913c4f319f317e34f9ec45a0afbfb8978b10fcc7c596f3da636394cf03b45373f2f0cd929b416435f40f7dadab0e9a6d4e19f82917c1fc47dc2ecf577c9431d0a550aa31a5afc54d3695e89b09d7b119c388cda5000d286eb3ed169c4bdd185ec36836e03adf47030d87f50b5e6155c25a7c2f481d39b5b3041054db0543ad71257286903113d9e85573cf591bcd8e386c4872299232d2365b457dfeac55a328810a8d6ead1da32bf5fac9de978eeba14e2fda38c15addd7c005202822df4ab267cafc38f9da4abf2ffe52a155e2ed88e35418c58da27b88640201cfdf2d41af4dcdcea7ce5772c91d9cf0c3b1ac515bf2028f0af2c358819ea5f3b7ccce2c68d86e7207b47a5c98fc28f45d37f38a8214f39203cf1ccf46387e976aa8c5098fd0296e16d5157f6b582c2d7b0c882caa4a0f210badca6475bea2cb6b7e713caa5d858f4f5508b58aa7abe04a63a25949a91434b55c99af7201e4ce44cdc4be7fb9b8d17dde63ade76e6a14fa3cb82aa61c710747a9a0f0fa4c9b215a62d6cb8218a2479e5dce423b1ef4f5765256d5da7ce18c0815d5577bd20f1038789e198e4518782e9491bf0ea0323ae1ad3092b2cb9258f634b8bfb0c1c94a9b5a3decba227eda056e428c90be2673ad5fc05dd1e21da43767695186ecce3dcf32158ca2ba42e71a21d1fcf2e3485f46e54f0e7e0e38b4ec9581dcfb987fb12e5952419d22f704d808501e4a29dca0df41f35044162fe9601c4e12e1acecb7cabb905bd115d52131af743ed3fd4327ebe03bcb0b808cc04dd64a76e8d997c735b1aae6aa1927e4a1dd33a3e4de2560935645f241e1446c6133b1daabe6afcbf9f20528ea85f846d3e6dbcea95e46847d03865c4a8fb6809713d23e104b033a18af8f2b1c97e903a2880ed5e50ac948cd68fd441a9c11cc5e6059161f6aed4b720a84267b2b271231b7da238d10bbaa1a1029b8dc1712bd783cbd0073fcb7ce86bfc58e551a017293d67cbccc38b6d4a8fcafff473651c6f73f24f591a1120279f00c32824468aed64a4152a6fabb28589cc14ef8ea2d6b7a4cf308583761460b9c89778f899ba6620a38acd2f5625d49bd44f48fccfd2fc533e527de4f4904c3bf8ca6b80f1268e33b670e42e0fe8d0dada9183e252d9baed32afda3d6fe12071822eb18d94f348ea548139384c95a79e10305d8aca932d66535b54289d2dd2d6183aecbb0534b20db9049d6d3da0d02ed7d883dde17fc16efb6220627f6b12c420d162d73fecc56ac933d963d787e46a0dc3a762bb9f5b16ded849387d535c73ea4a7a29f2b61216615e4bdca4a38ae1564cdcf8f5fdc6fcb674d2471df0078dfcea87195e88f9cdce9a56ede11b10a3ee96caac622491c34c77709685911377fc83117ea7df024c6825f1485978955cfc6e7ae63d070c3aba2bc25b60bf4a0f7b54f9311635bff0b0c02a88a7242f33b2f3b4321e292db1ac9e86e9b40fdb786a9ff160ea6039e08c076e605c3f764831c5e89d5b44acf4c8ceefa111dcdc022394cd3800d48bc80d01de1ec3545f85627a1fa508e3cc9108243ac1336f8b4cc22a028cfb1823a27837fdf1e2ab11f20b2c8c4fb99b4686fee72f6c38ba4c893484e9d12ff49ab8a2e8a1f494ee192680d1996ba334ca2a0237b162d04ad2ff08686539e105ad2e411d262b9e8688c0c31e688e60b8c94d241c1ca6d96442bb43d4e53c8d633c24a9910ac6bf55c03fe3b183827167fa36e1bfaf0711829609a6a050394cac5d22a09ac81d2b1267934c4e2cd28b6db517edca1c901d10994daf54112d57601289ecf2fcde0602504caaf9267a6cedc97bc0b80fe5f58f801b9ca84554594756857d795212570e8fa6785f13568d59e42c2fd5117f9083ce870b59ea2f1848a94109f32e8b63a76698170313700eb8795af882854423241e181ceb62b96f7f04601bd54380e707fb5f9c0b26d25ff76b5204f62cf2923ed71acc76ad7d7637cefd07d3053f551995172ab8774cbadae1dd688d2611d5c56fab45426f2e6eec2f1eab4b7ffe0887d8f32f65f33fdd0e6bf0799535c359715ca0fbafc96dc322c68251c1894a57a9831a83c7a2d6bc4ec22796c9f37a31c229f1114698b36f36c2c37acb23768ef5ec93cd4e131bc897b32c0af9d34570878651ddc6682f989d74266639a6b1439801ef8a7c5d171b2e5cc8fecf3a1ace1d804d27221284f356bb88162795e0f116336ea25754b788eb0a92fcee0fd7a36a768c3999cdbb259fa65c42211d6ae825d0bae5764027362473636cdc4e8f3aadb6d1fd104429a5ceb93a1b131b2c784267d10bc12d80d28d30b10ea2bf0780c28055ff8d7c014289e7f75973567922087718d0a50408c2132c97bbe784270c211bc8abe7f088114692eedf369be976354ac21564f778122b7d2732d61ca36d83c4ab2d31e2ee47f0b0e4387797286e6b6367cd87ff72f909a9c579813db204a432b79f7da8d2cb46f7751038ce98684ae8bad2aab23bf82960d4fb2c2e03c161f4f50c3287f41175c60449212561cc094849603654c8e861eaa83272d07015865345c47fb8da7a5752f659f995e9709e5d740ebab493ecfd9dad47b52eb773872fea1ef2909153d60dbb3dc50b3aea1afdc2ca567c5918eaa784165ec13a7b8173701f0693a78748ae605669ba54918aea51db138aa1177f4a89e21b0910bbf86e0479512576c83902be3a60b506061078f8a502d4096b26b607dc6ae2f6fcf09f8262cad42c416b64369aea62f7ce72c922dbcf67ff409a919b71648abf0d845d67bd881e56f7268b98fc8666f3ab58e350a6440442e5b342c5ea556a295745863fde7b0565bac806a1a88eb082cb99cb5d7016ca63bdad146ff2364a945dc7f63e0d41d9111817480c207b2a368baa65245b0f6255028d664f997ee47ee318aa33f9299417ebaef44c79cbcd3819a890e71d774665194c8ee9c05d73c7abaa8f6eba977e13dabfb108786b3bbdbd602afd28220e5939170218a5110a7bb2706cdb89328604f69d011dcdbd1004d28d70fdfc6c1dbec5e4119d2f9084786221d81183ed988e07d2f750a1880bfa26ff67006bce18be51d2dc0f9c3a4868708caca28272cdf9990172f838f9d5db1cddab74f8a2f21a40c4ded112d979ada57554c6431ff91dcdf9c4bcbe8c90f30175556928db08f0d427e79a3bbb8de7c63baed2de225546cccdaaac3940ce9c21de5e66e4e273c788d76fc2892ca5cca3e7527745709eebaa509be3968e1fb0d9a89a0b92f4b9fb3c854e8ae23d1e87ca504582564dfdaa55c361aeb720a752ea468077cbf8ac9d2195746ddda77dc1dc4c603054c65a01ac10b19f128ee5dc02946562197cc3664d3b94bc34a66efd1fa255372fb0262fcf0f1b4b39ca82c674fab9cd11ddfb6e76e14543909e3d358b25c3457da536981618da7b96c57a0516bf95d6cc3881857b95803f15d03f7f8156d98602fc6f7c846f8e19c4a76522736e5f6708fedbe6d430959956fa24516c805dca8b9c4a7952ff25353acd3e1b288fc72fd9cdb1108d0883b6d7b7ad4cfb6f89deba5e41d129e6d611faf0b184083f3453e5b22bb07d82d577072c37cb8cb150b121b91eb532ed1dfabcfc24643f7d0a2e46ad6fdf763bec0d48113d2d4527005783b14ba111c81e3b014930c9e0adb0ebc65a80d36d98895bf4215a0e9860766ee2c16e576538471cfc9e2a496ba7a9e0472f2a07beb070b3c56d2343a3f8c262a3e28deb8d9537b5376edcfa9774c6b036821538ad354eb") r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) mount(&(0x7f0000000000)='./file0\x00', &(0x7f0000000140)='./file0//ile0\x00', &(0x7f0000000180)='nilfs2\x00', 0x1001, 0x0) unshare(0x400) recvfrom(r1, &(0x7f0000000280)=""/179, 0xb3, 0x40002021, 0x0, 0x0) 07:53:15 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x600000000000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2231.304818] net_ratelimit: 6 callbacks suppressed [ 2231.304828] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2231.326771] oom_reaper: reaped process 27415 (syz-executor5), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB [ 2231.440697] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2231.491798] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2231.503330] syz-executor0 cpuset=/ mems_allowed=0 [ 2231.508265] CPU: 1 PID: 27436 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2231.515626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2231.524982] Call Trace: [ 2231.527578] dump_stack+0x1c9/0x2b4 [ 2231.531211] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2231.536433] ? trace_hardirqs_on+0x10/0x10 [ 2231.540675] dump_header+0x27b/0xf64 [ 2231.544421] ? pagefault_out_of_memory+0x197/0x197 [ 2231.549358] ? __lock_acquire+0x7fc/0x5020 [ 2231.553603] ? print_usage_bug+0xc0/0xc0 [ 2231.557675] ? graph_lock+0x170/0x170 [ 2231.561475] ? print_usage_bug+0xc0/0xc0 [ 2231.565541] ? trace_hardirqs_on+0x10/0x10 [ 2231.569785] ? print_usage_bug+0xc0/0xc0 [ 2231.573856] ? lock_downgrade+0x8f0/0x8f0 [ 2231.578015] ? mark_held_locks+0xc9/0x160 [ 2231.582165] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2231.586773] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2231.591891] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2231.596931] ? trace_hardirqs_on+0xd/0x10 [ 2231.601079] ? ___ratelimit+0xaa/0x655 [ 2231.604989] ? idr_get_free+0x10c0/0x10c0 [ 2231.609137] ? kasan_check_write+0x14/0x20 [ 2231.613370] ? do_raw_spin_lock+0xc1/0x200 [ 2231.617614] oom_kill_process.cold.25+0x10/0x10bc [ 2231.622478] ? oom_evaluate_task+0x540/0x540 [ 2231.626903] ? find_held_lock+0x36/0x1c0 [ 2231.630980] ? lock_downgrade+0x8f0/0x8f0 [ 2231.635135] ? kasan_check_read+0x11/0x20 [ 2231.639280] ? rcu_is_watching+0x8c/0x150 [ 2231.643431] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2231.647841] ? oom_badness+0xb00/0xb00 [ 2231.651733] ? rcu_read_unlock+0x35/0x70 [ 2231.655792] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2231.660029] ? css_task_iter_end+0x2ce/0x490 [ 2231.664438] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2231.669196] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2231.674224] ? trace_hardirqs_on+0xd/0x10 [ 2231.678380] ? _raw_spin_unlock_irq+0x27/0x70 [ 2231.682886] ? oom_badness+0xb00/0xb00 [ 2231.685343] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2231.686792] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2231.686810] ? mem_cgroup_iter_break+0x30/0x30 [ 2231.686842] out_of_memory+0xa8a/0x14d0 [ 2231.714811] ? oom_killer_disable+0x3a0/0x3a0 [ 2231.719317] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2231.724336] ? trace_hardirqs_on+0xd/0x10 [ 2231.728493] mem_cgroup_out_of_memory+0x15e/0x210 [ 2231.733349] ? memcg_memory_event+0x40/0x40 [ 2231.737677] ? _raw_spin_unlock+0x22/0x30 [ 2231.741830] mem_cgroup_oom_synchronize+0x713/0x940 [ 2231.746873] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2231.752332] ? memcg_event_wake+0x450/0x450 [ 2231.756669] pagefault_out_of_memory+0xc8/0x197 [ 2231.761338] ? out_of_memory+0x14d0/0x14d0 [ 2231.765583] ? __handle_mm_fault+0x4460/0x4460 [ 2231.770177] mm_fault_error+0x1de/0x380 [ 2231.774165] __do_page_fault+0xd25/0xe50 [ 2231.778246] ? mm_fault_error+0x380/0x380 [ 2231.782408] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2231.787960] ? __x64_sys_clock_gettime+0x170/0x250 [ 2231.792898] ? __ia32_sys_clock_settime+0x290/0x290 [ 2231.797942] do_page_fault+0xf6/0x8c0 [ 2231.801758] ? vmalloc_sync_all+0x30/0x30 [ 2231.805926] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2231.811473] ? do_syscall_64+0x497/0x820 [ 2231.815568] ? syscall_slow_exit_work+0x500/0x500 [ 2231.820430] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2231.825373] ? syscall_return_slowpath+0x31d/0x5e0 [ 2231.830343] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2231.835744] ? page_fault+0x8/0x30 07:53:15 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0xa0, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:15 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x21d, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:15 executing program 6: seccomp(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000140)=[{0x10000006, 0x0, 0x0, 0x50ee1}]}) ioctl$sock_proto_private(0xffffffffffffffff, 0x0, &(0x7f0000002780)) [ 2231.839317] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2231.844176] ? page_fault+0x8/0x30 [ 2231.847727] page_fault+0x1e/0x30 [ 2231.851185] RIP: 0033:0x46f8fd [ 2231.854376] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2231.873744] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2231.879125] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2231.886410] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 07:53:16 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00`\x00'}, 0x2c) [ 2231.893698] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2231.900984] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2231.908266] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2231.915638] Task in /ile0 killed as a result of limit of /ile0 [ 2231.921706] memory: usage 24kB, limit 20kB, failcnt 9621 [ 2231.927232] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2231.934068] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2231.940282] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2231.959825] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2231.968729] [27436] 0 27436 17585 8732 126976 0 0 syz-executor0 [ 2231.977651] [27437] 0 27437 17585 8732 131072 0 0 syz-executor5 07:53:16 executing program 6: [ 2231.986561] Memory cgroup out of memory: Kill process 27437 (syz-executor5) score 1752800 or sacrifice child [ 2231.996663] Killed process 27437 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:16 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xa7000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2232.037566] oom_reaper: reaped process 27437 (syz-executor5), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB 07:53:16 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = openat$cuse(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cuse\x00', 0x42402, 0x0) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='eql\x00', 0x10) setsockopt$inet_sctp_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000300)=0x3f, 0x4) keyctl$join(0x1, &(0x7f0000000480)={0x73, 0x79, 0x7a, 0x2}) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000340)='./file0//ile0\x00', 0x0, 0x10) r2 = openat$cgroup_procs(r1, &(0x7f0000000180)='cgroup.procs\x00', 0x2, 0x0) getpid() ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000240)=0x0) write$cgroup_pid(r2, &(0x7f0000000100)=r3, 0x12) unshare(0x400) name_to_handle_at(r0, &(0x7f0000000400)='./file0//ile0\x00', &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f00000003c0)=ANY=[@ANYRESHEX=r1, @ANYPTR64=&(0x7f0000000040)=ANY=[@ANYRES64, @ANYPTR], @ANYPTR64=&(0x7f0000000380)=ANY=[@ANYRESOCT=r1], @ANYRES32=r0, @ANYRES64=r2, @ANYRES16=r0]], &(0x7f0000000280), 0x400) [ 2232.080270] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2232.091373] syz-executor0 cpuset=/ mems_allowed=0 [ 2232.096313] CPU: 1 PID: 27436 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2232.103686] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2232.113049] Call Trace: [ 2232.115653] dump_stack+0x1c9/0x2b4 [ 2232.119300] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2232.124507] ? trace_hardirqs_on+0x10/0x10 07:53:16 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000400"}, 0x2c) [ 2232.128762] dump_header+0x27b/0xf64 [ 2232.132496] ? pagefault_out_of_memory+0x197/0x197 [ 2232.137432] ? __lock_acquire+0x7fc/0x5020 [ 2232.141684] ? print_usage_bug+0xc0/0xc0 [ 2232.145771] ? graph_lock+0x170/0x170 [ 2232.149583] ? print_usage_bug+0xc0/0xc0 [ 2232.153662] ? trace_hardirqs_on+0x10/0x10 [ 2232.157925] ? print_usage_bug+0xc0/0xc0 [ 2232.162008] ? lock_downgrade+0x8f0/0x8f0 [ 2232.166819] ? mark_held_locks+0xc9/0x160 [ 2232.170984] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2232.175579] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2232.180699] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2232.185721] ? trace_hardirqs_on+0xd/0x10 [ 2232.189886] ? ___ratelimit+0xaa/0x655 [ 2232.193788] ? idr_get_free+0x10c0/0x10c0 [ 2232.197945] ? kasan_check_write+0x14/0x20 [ 2232.202182] ? do_raw_spin_lock+0xc1/0x200 [ 2232.206450] oom_kill_process.cold.25+0x10/0x10bc [ 2232.211311] ? oom_evaluate_task+0x540/0x540 [ 2232.215724] ? find_held_lock+0x36/0x1c0 [ 2232.219801] ? lock_downgrade+0x8f0/0x8f0 [ 2232.223977] ? kasan_check_read+0x11/0x20 [ 2232.228130] ? rcu_is_watching+0x8c/0x150 [ 2232.232279] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2232.236692] ? oom_badness+0xb00/0xb00 [ 2232.240587] ? rcu_read_unlock+0x35/0x70 [ 2232.244652] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2232.248895] ? css_task_iter_end+0x2ce/0x490 [ 2232.253310] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2232.258089] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2232.263115] ? trace_hardirqs_on+0xd/0x10 [ 2232.267264] ? _raw_spin_unlock_irq+0x27/0x70 [ 2232.271762] ? oom_badness+0xb00/0xb00 [ 2232.275656] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 07:53:16 executing program 6: [ 2232.280417] ? mem_cgroup_iter_break+0x30/0x30 [ 2232.285021] out_of_memory+0xa8a/0x14d0 [ 2232.289011] ? oom_killer_disable+0x3a0/0x3a0 [ 2232.293515] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2232.298541] ? trace_hardirqs_on+0xd/0x10 [ 2232.302711] mem_cgroup_out_of_memory+0x15e/0x210 [ 2232.307599] ? memcg_memory_event+0x40/0x40 [ 2232.311939] ? _raw_spin_unlock+0x22/0x30 [ 2232.316102] mem_cgroup_oom_synchronize+0x713/0x940 [ 2232.321136] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2232.326601] ? memcg_event_wake+0x450/0x450 07:53:16 executing program 6: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x1, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000340)="2f65786500000000000409004bcd6c22100ab0ddd9de91be10eebf000ee9a90f798058439ed554fa07424adec901d2da75af1f02acc7edbcd7a071fb35331ce39c5a") write$FUSE_NOTIFY_INVAL_INODE(r0, &(0x7f0000000500)={0x28, 0x2, 0x0, {0x0, 0xffff, 0x9}}, 0x28) sendfile(r0, r1, &(0x7f00000000c0), 0x80000002) lstat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)) [ 2232.330951] pagefault_out_of_memory+0xc8/0x197 [ 2232.335638] ? out_of_memory+0x14d0/0x14d0 [ 2232.339895] ? __handle_mm_fault+0x4460/0x4460 [ 2232.344491] mm_fault_error+0x1de/0x380 [ 2232.348478] __do_page_fault+0xd25/0xe50 [ 2232.352549] ? __schedule+0x1ec0/0x1ec0 [ 2232.356543] ? mm_fault_error+0x380/0x380 [ 2232.360705] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2232.366263] do_page_fault+0xf6/0x8c0 [ 2232.370078] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2232.375627] ? vmalloc_sync_all+0x30/0x30 [ 2232.379793] ? syscall_slow_exit_work+0x500/0x500 [ 2232.384652] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2232.389600] ? syscall_return_slowpath+0x31d/0x5e0 [ 2232.389620] ? retint_user+0x18/0x18 [ 2232.389635] ? page_fault+0x8/0x30 [ 2232.389655] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2232.389668] ? page_fault+0x8/0x30 [ 2232.389680] page_fault+0x1e/0x30 [ 2232.389689] RIP: 0033:0x46f8fd [ 2232.398615] Code: 54 55 53 48 81 [ 2232.406992] ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2232.438241] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2232.438255] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2232.438262] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2232.438274] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2232.465406] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2232.465416] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 07:53:16 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffdd86]}}, 0x1c) [ 2232.465495] Task in /ile0 killed as a result of limit of /ile0 [ 2232.486429] memory: usage 24kB, limit 20kB, failcnt 9629 [ 2232.490799] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2232.491922] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2232.491932] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2232.491938] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2232.492068] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2232.492300] [27436] 0 27436 17585 8732 126976 0 0 syz-executor0 [ 2232.492334] Memory cgroup out of memory: Kill process 27436 (syz-executor0) score 1752600 or sacrifice child [ 2232.492380] Killed process 27436 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:16 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0xfffffffffffffe20) unshare(0x4000000) 07:53:16 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000007fffffff00"}, 0x2c) 07:53:16 executing program 6: r0 = socket(0xa, 0x1, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'veth0_to_bridge\x00'}) sendmsg$nl_route(r1, &(0x7f0000000180)={&(0x7f0000000040), 0xc, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYBLOB="000000000000000004001600100001000c000900b21a1472d14cb3a4eb4329a0212d000000"], 0x1}}, 0x0) ioctl$sock_SIOCGIFCONF(r1, 0x8910, &(0x7f0000000100)=@buf={0x5b, &(0x7f0000000080)="9397e8e99cf627aec899fd9fa43d00e4b85fad4e697f5d0dd2afc16d60b379a97763c9101b78db29e2c49ea21db79c4b2f7e865318a5b7ac4d01b8651c47f2a69370f489b46a5f60b8b10a1b628108bac118149a3c5e6a7e57ca24"}) 07:53:16 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x155, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:16 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x221, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2232.516356] oom_reaper: reaped process 27436 (syz-executor0), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB [ 2232.567914] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:16 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\t\x00'}, 0x2c) 07:53:16 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xfeffffff}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:16 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000140)=0x0) write$cgroup_pid(r0, &(0x7f0000000180)=r2, 0x12) setsockopt$inet_sctp6_SCTP_ADAPTATION_LAYER(r0, 0x84, 0x7, &(0x7f0000000000)={0x1}, 0x4) write$cgroup_pid(r1, &(0x7f0000000100), 0xfffffe5d) unshare(0x4000000) socket$inet_icmp_raw(0x2, 0x3, 0x1) 07:53:16 executing program 6: r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000)='/dev/rfkill\x00', 0x4000, 0x0) ioctl$BLKREPORTZONE(r0, 0xc0101282, &(0x7f0000000280)=ANY=[@ANYBLOB="b5f5057b3b7467a7148562ebdfd1e70200000000000000010000000000000006000000000000000000000000"]) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x40020200) [ 2232.781523] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2232.792569] syz-executor5 cpuset=/ mems_allowed=0 [ 2232.797501] CPU: 0 PID: 27499 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2232.804870] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2232.814229] Call Trace: [ 2232.816836] dump_stack+0x1c9/0x2b4 [ 2232.820490] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2232.825731] ? trace_hardirqs_on+0x10/0x10 [ 2232.829982] dump_header+0x27b/0xf64 [ 2232.833715] ? pagefault_out_of_memory+0x197/0x197 [ 2232.838655] ? __lock_acquire+0x7fc/0x5020 [ 2232.842900] ? print_usage_bug+0xc0/0xc0 [ 2232.846987] ? graph_lock+0x170/0x170 [ 2232.850806] ? print_usage_bug+0xc0/0xc0 [ 2232.854885] ? trace_hardirqs_on+0x10/0x10 [ 2232.859136] ? print_usage_bug+0xc0/0xc0 [ 2232.863243] ? lock_downgrade+0x8f0/0x8f0 [ 2232.865133] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2232.867409] ? mark_held_locks+0xc9/0x160 [ 2232.867423] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2232.867450] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2232.867468] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2232.867483] ? trace_hardirqs_on+0xd/0x10 [ 2232.867504] ? ___ratelimit+0xaa/0x655 [ 2232.867527] ? idr_get_free+0x10c0/0x10c0 [ 2232.867546] ? kasan_check_write+0x14/0x20 [ 2232.867559] ? do_raw_spin_lock+0xc1/0x200 [ 2232.867583] oom_kill_process.cold.25+0x10/0x10bc [ 2232.867612] ? oom_evaluate_task+0x540/0x540 [ 2232.867630] ? find_held_lock+0x36/0x1c0 [ 2232.867660] ? lock_downgrade+0x8f0/0x8f0 [ 2232.867683] ? kasan_check_read+0x11/0x20 [ 2232.867696] ? rcu_is_watching+0x8c/0x150 [ 2232.867710] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2232.867734] ? oom_badness+0xb00/0xb00 [ 2232.867757] ? rcu_read_unlock+0x35/0x70 [ 2232.867770] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2232.867786] ? css_task_iter_end+0x2ce/0x490 [ 2232.867803] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2232.867816] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2232.867836] ? trace_hardirqs_on+0xd/0x10 [ 2232.867852] ? _raw_spin_unlock_irq+0x27/0x70 [ 2232.912763] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2232.913473] ? oom_badness+0xb00/0xb00 [ 2232.913491] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2232.913508] ? mem_cgroup_iter_break+0x30/0x30 [ 2232.913537] out_of_memory+0xa8a/0x14d0 [ 2232.913556] ? oom_killer_disable+0x3a0/0x3a0 [ 2232.913574] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2232.913589] ? trace_hardirqs_on+0xd/0x10 [ 2232.913613] mem_cgroup_out_of_memory+0x15e/0x210 [ 2232.913629] ? memcg_memory_event+0x40/0x40 [ 2232.913650] ? _raw_spin_unlock+0x22/0x30 [ 2232.913668] mem_cgroup_oom_synchronize+0x713/0x940 [ 2232.913685] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2232.913699] ? memcg_event_wake+0x450/0x450 [ 2232.913727] pagefault_out_of_memory+0xc8/0x197 [ 2232.913741] ? out_of_memory+0x14d0/0x14d0 [ 2232.913763] ? __handle_mm_fault+0x4460/0x4460 [ 2232.913779] mm_fault_error+0x1de/0x380 [ 2232.913796] __do_page_fault+0xd25/0xe50 07:53:17 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x103, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:17 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1f4, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2233.082230] ? mm_fault_error+0x380/0x380 [ 2233.086392] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2233.091937] ? __x64_sys_clock_gettime+0x170/0x250 [ 2233.096878] ? __ia32_sys_clock_settime+0x290/0x290 [ 2233.101909] do_page_fault+0xf6/0x8c0 [ 2233.105720] ? vmalloc_sync_all+0x30/0x30 [ 2233.109878] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2233.115420] ? do_syscall_64+0x497/0x820 [ 2233.119491] ? syscall_slow_exit_work+0x500/0x500 [ 2233.124345] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2233.129288] ? syscall_return_slowpath+0x31d/0x5e0 [ 2233.134212] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2233.139562] ? page_fault+0x8/0x30 [ 2233.143102] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2233.147941] ? page_fault+0x8/0x30 [ 2233.151464] page_fault+0x1e/0x30 [ 2233.154907] RIP: 0033:0x46f8fd [ 2233.158085] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2233.177356] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2233.182721] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2233.189979] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2233.197239] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2233.204500] R10: 0000000001f32940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2233.211793] R13: 0000000000a3fc20 R14: 0000000000000005 R15: 0000000000000001 [ 2233.219125] Task in /ile0 killed as a result of limit of /ile0 [ 2233.225194] memory: usage 24kB, limit 20kB, failcnt 9673 [ 2233.230672] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2233.237461] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2233.243638] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2233.263122] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2233.271953] [27499] 0 27499 17585 8732 131072 0 0 syz-executor5 07:53:17 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x200002, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) 07:53:17 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\a\x00'}, 0x2c) 07:53:17 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000000)={0x0, 0x5}, &(0x7f0000000140)=0x8) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000180)=@assoc_id=r2, 0x4) 07:53:17 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x210, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2233.280872] [27509] 0 27509 17585 8731 131072 0 0 syz-executor6 [ 2233.289739] Memory cgroup out of memory: Kill process 27499 (syz-executor5) score 1752800 or sacrifice child [ 2233.299779] Killed process 27499 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2233.440198] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2233.451175] syz-executor0 cpuset=/ mems_allowed=0 [ 2233.456108] CPU: 1 PID: 27543 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2233.463476] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2233.472832] Call Trace: [ 2233.475432] dump_stack+0x1c9/0x2b4 [ 2233.479071] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2233.484274] ? trace_hardirqs_on+0x10/0x10 [ 2233.488516] dump_header+0x27b/0xf64 [ 2233.492238] ? pagefault_out_of_memory+0x197/0x197 [ 2233.497173] ? __lock_acquire+0x7fc/0x5020 [ 2233.501407] ? graph_lock+0x170/0x170 [ 2233.505217] ? print_usage_bug+0xc0/0xc0 [ 2233.509282] ? print_usage_bug+0xc0/0xc0 [ 2233.513353] ? graph_lock+0x170/0x170 [ 2233.517155] ? print_usage_bug+0xc0/0xc0 [ 2233.521238] ? trace_hardirqs_on+0x10/0x10 [ 2233.525484] ? print_usage_bug+0xc0/0xc0 [ 2233.529556] ? lock_downgrade+0x8f0/0x8f0 [ 2233.533717] ? mark_held_locks+0xc9/0x160 [ 2233.537869] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2233.542455] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2233.547567] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2233.552588] ? trace_hardirqs_on+0xd/0x10 [ 2233.556739] ? ___ratelimit+0xaa/0x655 [ 2233.560644] ? idr_get_free+0x10c0/0x10c0 [ 2233.564798] ? kasan_check_write+0x14/0x20 [ 2233.569032] ? do_raw_spin_lock+0xc1/0x200 [ 2233.573274] oom_kill_process.cold.25+0x10/0x10bc [ 2233.578134] ? oom_evaluate_task+0x540/0x540 [ 2233.582550] ? find_held_lock+0x36/0x1c0 [ 2233.586628] ? lock_downgrade+0x8f0/0x8f0 [ 2233.590783] ? kasan_check_read+0x11/0x20 [ 2233.594934] ? rcu_is_watching+0x8c/0x150 [ 2233.599083] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2233.603499] ? oom_badness+0xb00/0xb00 [ 2233.607391] ? rcu_read_unlock+0x35/0x70 [ 2233.611451] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2233.615690] ? css_task_iter_end+0x2ce/0x490 [ 2233.620120] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2233.624898] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2233.629936] ? trace_hardirqs_on+0xd/0x10 [ 2233.634088] ? _raw_spin_unlock_irq+0x27/0x70 [ 2233.638600] ? oom_badness+0xb00/0xb00 [ 2233.642489] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2233.647266] ? mem_cgroup_iter_break+0x30/0x30 [ 2233.651870] out_of_memory+0xa8a/0x14d0 [ 2233.655857] ? oom_killer_disable+0x3a0/0x3a0 [ 2233.660359] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2233.665380] ? trace_hardirqs_on+0xd/0x10 [ 2233.669536] mem_cgroup_out_of_memory+0x15e/0x210 [ 2233.674383] ? memcg_memory_event+0x40/0x40 [ 2233.678712] ? _raw_spin_unlock+0x22/0x30 [ 2233.682874] mem_cgroup_oom_synchronize+0x713/0x940 [ 2233.687906] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2233.693357] ? memcg_event_wake+0x450/0x450 [ 2233.697710] pagefault_out_of_memory+0xc8/0x197 [ 2233.702403] ? out_of_memory+0x14d0/0x14d0 [ 2233.706645] ? __handle_mm_fault+0x4460/0x4460 [ 2233.711234] mm_fault_error+0x1de/0x380 [ 2233.715215] __do_page_fault+0xd25/0xe50 [ 2233.719291] ? mm_fault_error+0x380/0x380 [ 2233.723443] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2233.728987] ? __x64_sys_clock_gettime+0x170/0x250 [ 2233.733921] ? __ia32_sys_clock_settime+0x290/0x290 [ 2233.738959] do_page_fault+0xf6/0x8c0 [ 2233.742765] ? vmalloc_sync_all+0x30/0x30 [ 2233.746915] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2233.752454] ? do_syscall_64+0x497/0x820 [ 2233.756533] ? syscall_slow_exit_work+0x500/0x500 [ 2233.761381] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2233.766511] ? syscall_return_slowpath+0x31d/0x5e0 [ 2233.771447] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2233.776987] ? page_fault+0x8/0x30 [ 2233.780529] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2233.785374] ? page_fault+0x8/0x30 [ 2233.788925] page_fault+0x1e/0x30 [ 2233.792378] RIP: 0033:0x46f8fd [ 2233.795558] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2233.814930] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2233.820301] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2233.827574] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2233.834845] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2233.842119] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2233.849404] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2233.857482] Task in /ile0 killed as a result of limit of /ile0 [ 2233.863574] memory: usage 24kB, limit 20kB, failcnt 9725 [ 2233.869083] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2233.875874] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 07:53:17 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40030000000000]}}, 0x1c) 07:53:17 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x195, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:17 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x600}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:17 executing program 6: r0 = socket$inet(0x2, 0xfffffffffffffffd, 0x5) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e03}, 0xf) sendto$inet(r0, &(0x7f0000000200), 0x0, 0x20000003, &(0x7f0000000140)={0x2, 0x1000004e23, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='ip_vti0\x00', 0x355) r1 = memfd_create(&(0x7f0000000000)='dev ', 0x0) ftruncate(r1, 0x40001) getsockopt$EBT_SO_GET_INFO(r0, 0x0, 0x80, &(0x7f0000000380)={'filter\x00'}, &(0x7f0000000400)=0x78) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025c3f0a00145f8f764070") getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r2, 0x84, 0x73, &(0x7f0000000700)={0x0, 0x4, 0x30, 0x6, 0x4}, &(0x7f0000000740)=0x18) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r2, 0x84, 0x71, &(0x7f0000000780)={r3, 0x7}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0xc, 0x8, &(0x7f0000000500)=@raw=[@generic={0x7f, 0x9, 0x20, 0x9}, @ldst={0x3, 0x2, 0x3, 0xf, 0x3, 0xfffffffffffffff4, 0xfffffffffffffff0}, @jmp={0x5, 0x25a, 0x8, 0x3, 0x77f2eb8617a20732, 0x20, 0xfffffffffffffff0}, @jmp={0x5, 0xe58b, 0xda065e20ba171cee, 0xa, 0x0, 0x16, 0xffffffffffffffff}], &(0x7f0000000540)='syzkaller\x00', 0x3f, 0xef, &(0x7f0000000580)=""/239, 0x41100, 0x1, [], 0x0, 0x1}, 0x48) getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000040)={0x0, 0x40}, &(0x7f00000000c0)=0x8) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000240)=0xffffffffffffff3e) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000100)={0x0, 0x7}, &(0x7f00000001c0)=0x8) ioctl$TIOCMGET(r1, 0x5415, &(0x7f0000000440)) getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f00000002c0)={r4, 0x5, 0xfffffffffffffffb, 0x2, 0x81, 0xfc31, 0x8, 0xfff, {r5, @in={{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xd}}}, 0x3, 0x81, 0x80000000, 0x8, 0x2}}, &(0x7f0000000200)=0xb0) timerfd_settime(r1, 0x1, &(0x7f0000000480), &(0x7f00000004c0)) sendfile(r0, r1, &(0x7f0000000180), 0xa00004000000002) [ 2233.882070] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2233.901575] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2233.910442] [27543] 0 27543 17585 8732 126976 0 0 syz-executor0 [ 2233.917144] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:18 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00H\x00'}, 0x2c) [ 2233.919349] [27544] 0 27544 17585 8732 131072 0 0 syz-executor5 [ 2233.919370] Memory cgroup out of memory: Kill process 27544 (syz-executor5) score 1752800 or sacrifice child [ 2233.919425] Killed process 27544 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:18 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000300"}, 0x2c) [ 2234.008694] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:18 executing program 6: r0 = socket(0x1e, 0x5, 0x0) listen(r0, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f00000000c0)="c4824da82b66ba2100b801000000efb9270900000f323640a7650f30c4e2899c8e02000000f02046452ef3440f6fb800f0ff7fc42101dbc40f2047", 0x3b}], 0x1, 0x0, &(0x7f0000000140), 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000300)=@req={0xfff, 0x0, 0x0, 0x7}, 0x10) socket(0xc, 0x6, 0x3ff) accept4$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0x0, @reserved}, 0x70c000, 0x0) 07:53:18 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\a\x00'}, 0x2c) 07:53:18 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x48d8}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2234.126828] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:18 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x5}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:18 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00 \x00'}, 0x2c) 07:53:18 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000000)) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) [ 2234.228271] oom_reaper: reaped process 27544 (syz-executor5), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB 07:53:18 executing program 6: unshare(0x24020400) pipe(&(0x7f0000000080)={0xffffffffffffffff}) close(r0) poll(&(0x7f00000000c0)=[{r0}], 0x1, 0x0) bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @rand_addr=0xe41}, 0x10) 07:53:18 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000000000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2234.415096] syz-executor5 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2234.426101] syz-executor5 cpuset=/ mems_allowed=0 [ 2234.431054] CPU: 0 PID: 27583 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2234.438423] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2234.447781] Call Trace: [ 2234.450379] dump_stack+0x1c9/0x2b4 [ 2234.454014] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2234.459226] ? trace_hardirqs_on+0x10/0x10 [ 2234.463477] dump_header+0x27b/0xf64 [ 2234.467213] ? pagefault_out_of_memory+0x197/0x197 [ 2234.472155] ? __lock_acquire+0x7fc/0x5020 [ 2234.476413] ? print_usage_bug+0xc0/0xc0 [ 2234.480495] ? graph_lock+0x170/0x170 [ 2234.484305] ? print_usage_bug+0xc0/0xc0 [ 2234.488379] ? trace_hardirqs_on+0x10/0x10 [ 2234.492623] ? print_usage_bug+0xc0/0xc0 [ 2234.496699] ? lock_downgrade+0x8f0/0x8f0 [ 2234.500861] ? mark_held_locks+0xc9/0x160 [ 2234.505014] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2234.509634] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2234.514747] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2234.519768] ? trace_hardirqs_on+0xd/0x10 [ 2234.523922] ? ___ratelimit+0xaa/0x655 [ 2234.527814] ? idr_get_free+0x10c0/0x10c0 [ 2234.531965] ? kasan_check_write+0x14/0x20 [ 2234.536200] ? do_raw_spin_lock+0xc1/0x200 [ 2234.540440] oom_kill_process.cold.25+0x10/0x10bc [ 2234.545294] ? oom_evaluate_task+0x540/0x540 [ 2234.549703] ? find_held_lock+0x36/0x1c0 [ 2234.553775] ? lock_downgrade+0x8f0/0x8f0 [ 2234.557933] ? kasan_check_read+0x11/0x20 [ 2234.562084] ? rcu_is_watching+0x8c/0x150 [ 2234.566237] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2234.570672] ? oom_badness+0xb00/0xb00 [ 2234.574565] ? rcu_read_unlock+0x35/0x70 [ 2234.578628] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2234.582868] ? css_task_iter_end+0x2ce/0x490 [ 2234.587280] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2234.592043] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2234.597061] ? trace_hardirqs_on+0xd/0x10 [ 2234.601209] ? _raw_spin_unlock_irq+0x27/0x70 [ 2234.605704] ? oom_badness+0xb00/0xb00 [ 2234.609599] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2234.614361] ? mem_cgroup_iter_break+0x30/0x30 [ 2234.618968] out_of_memory+0xa8a/0x14d0 [ 2234.622954] ? oom_killer_disable+0x3a0/0x3a0 [ 2234.627462] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2234.632483] ? trace_hardirqs_on+0xd/0x10 [ 2234.636644] mem_cgroup_out_of_memory+0x15e/0x210 [ 2234.641494] ? memcg_memory_event+0x40/0x40 [ 2234.645824] ? _raw_spin_unlock+0x22/0x30 [ 2234.649983] mem_cgroup_oom_synchronize+0x713/0x940 [ 2234.655006] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2234.660481] ? memcg_event_wake+0x450/0x450 [ 2234.664819] pagefault_out_of_memory+0xc8/0x197 [ 2234.669487] ? out_of_memory+0x14d0/0x14d0 [ 2234.673729] ? __handle_mm_fault+0x4460/0x4460 [ 2234.678312] mm_fault_error+0x1de/0x380 [ 2234.682296] __do_page_fault+0xd25/0xe50 [ 2234.686366] ? mm_fault_error+0x380/0x380 [ 2234.690542] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2234.696085] ? __x64_sys_clock_gettime+0x170/0x250 [ 2234.701025] ? __ia32_sys_clock_settime+0x290/0x290 [ 2234.706047] do_page_fault+0xf6/0x8c0 [ 2234.709852] ? vmalloc_sync_all+0x30/0x30 [ 2234.714003] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2234.719544] ? do_syscall_64+0x497/0x820 [ 2234.723608] ? syscall_slow_exit_work+0x500/0x500 [ 2234.728453] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2234.733388] ? syscall_return_slowpath+0x31d/0x5e0 [ 2234.738323] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2234.743687] ? page_fault+0x8/0x30 [ 2234.747232] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2234.752077] ? page_fault+0x8/0x30 [ 2234.755622] page_fault+0x1e/0x30 [ 2234.759100] RIP: 0033:0x40e33f [ 2234.762285] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2234.781688] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2234.787064] RAX: 00007f1884d92000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2234.794343] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2234.801621] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2234.808899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2234.816173] R13: 00007f1884db2700 R14: 0000000000000003 R15: 0000000000000001 [ 2234.823764] Task in /ile0 killed as a result of limit of /ile0 [ 2234.829844] memory: usage 24kB, limit 20kB, failcnt 9753 [ 2234.835369] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2234.842449] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2234.848658] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2234.868168] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2234.876931] [27543] 0 27543 17585 8732 126976 0 0 syz-executor0 [ 2234.885828] [27583] 0 27583 17618 8732 131072 0 0 syz-executor5 [ 2234.894796] Memory cgroup out of memory: Kill process 27583 (syz-executor5) score 1752800 or sacrifice child [ 2234.904860] Killed process 27583 (syz-executor5) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2234.927276] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2234.938213] syz-executor0 cpuset=/ mems_allowed=0 [ 2234.943132] CPU: 0 PID: 27543 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2234.950495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2234.959847] Call Trace: [ 2234.962430] dump_stack+0x1c9/0x2b4 [ 2234.966063] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2234.971254] ? trace_hardirqs_on+0x10/0x10 [ 2234.975484] dump_header+0x27b/0xf64 [ 2234.979191] ? pagefault_out_of_memory+0x197/0x197 [ 2234.984112] ? __lock_acquire+0x7fc/0x5020 [ 2234.988344] ? print_usage_bug+0xc0/0xc0 [ 2234.992408] ? graph_lock+0x170/0x170 [ 2234.996193] ? print_usage_bug+0xc0/0xc0 [ 2235.000253] ? trace_hardirqs_on+0x10/0x10 [ 2235.004487] ? print_usage_bug+0xc0/0xc0 [ 2235.008540] ? lock_downgrade+0x8f0/0x8f0 [ 2235.012691] ? mark_held_locks+0xc9/0x160 [ 2235.016829] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2235.021422] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2235.026518] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2235.031519] ? trace_hardirqs_on+0xd/0x10 [ 2235.035657] ? ___ratelimit+0xaa/0x655 [ 2235.039547] ? idr_get_free+0x10c0/0x10c0 [ 2235.043690] ? kasan_check_write+0x14/0x20 [ 2235.047909] ? do_raw_spin_lock+0xc1/0x200 [ 2235.052151] oom_kill_process.cold.25+0x10/0x10bc [ 2235.056984] ? oom_evaluate_task+0x540/0x540 [ 2235.061388] ? find_held_lock+0x36/0x1c0 [ 2235.065452] ? lock_downgrade+0x8f0/0x8f0 [ 2235.069610] ? kasan_check_read+0x11/0x20 [ 2235.073754] ? rcu_is_watching+0x8c/0x150 [ 2235.077897] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2235.082291] ? oom_badness+0xb00/0xb00 [ 2235.086166] ? rcu_read_unlock+0x35/0x70 [ 2235.090211] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2235.094430] ? css_task_iter_end+0x2ce/0x490 [ 2235.098831] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2235.103572] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2235.108573] ? trace_hardirqs_on+0xd/0x10 [ 2235.112718] ? _raw_spin_unlock_irq+0x27/0x70 [ 2235.117210] ? oom_badness+0xb00/0xb00 [ 2235.121086] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2235.125841] ? mem_cgroup_iter_break+0x30/0x30 [ 2235.130418] out_of_memory+0xa8a/0x14d0 [ 2235.134385] ? oom_killer_disable+0x3a0/0x3a0 [ 2235.138884] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2235.143888] ? trace_hardirqs_on+0xd/0x10 [ 2235.148054] mem_cgroup_out_of_memory+0x15e/0x210 [ 2235.152893] ? memcg_memory_event+0x40/0x40 [ 2235.157219] ? _raw_spin_unlock+0x22/0x30 [ 2235.161358] mem_cgroup_oom_synchronize+0x713/0x940 [ 2235.166368] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2235.171837] ? memcg_event_wake+0x450/0x450 [ 2235.176172] pagefault_out_of_memory+0xc8/0x197 [ 2235.180828] ? out_of_memory+0x14d0/0x14d0 [ 2235.185064] ? __handle_mm_fault+0x4460/0x4460 [ 2235.189633] mm_fault_error+0x1de/0x380 [ 2235.193596] __do_page_fault+0xd25/0xe50 [ 2235.197644] ? mm_fault_error+0x380/0x380 [ 2235.201780] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2235.207303] ? __x64_sys_clock_gettime+0x170/0x250 [ 2235.212230] ? __ia32_sys_clock_settime+0x290/0x290 [ 2235.217245] do_page_fault+0xf6/0x8c0 [ 2235.221047] ? vmalloc_sync_all+0x30/0x30 [ 2235.225191] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2235.230732] ? do_syscall_64+0x497/0x820 [ 2235.234784] ? syscall_slow_exit_work+0x500/0x500 [ 2235.239627] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2235.244554] ? syscall_return_slowpath+0x31d/0x5e0 [ 2235.249472] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2235.254997] ? retint_user+0x18/0x18 [ 2235.258702] ? page_fault+0x8/0x30 [ 2235.262228] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2235.267069] ? page_fault+0x8/0x30 [ 2235.270610] page_fault+0x1e/0x30 [ 2235.274058] RIP: 0033:0x46f8fd [ 2235.277231] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2235.296434] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2235.301799] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2235.309072] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2235.316355] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2235.323624] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2235.330881] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2235.338264] Task in /ile0 killed as a result of limit of /ile0 [ 2235.344322] memory: usage 24kB, limit 20kB, failcnt 9761 [ 2235.349802] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2235.356602] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 07:53:19 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) openat$cgroup_procs(r0, &(0x7f0000000000)='cgroup.threads\x00', 0x2, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:19 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00z\x00'}, 0x2c) [ 2235.362835] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2235.382692] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2235.391478] [27543] 0 27543 17585 8732 126976 0 0 syz-executor0 [ 2235.400386] Memory cgroup out of memory: Kill process 27543 (syz-executor0) score 1752600 or sacrifice child [ 2235.410417] Killed process 27543 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:19 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8847000000000000]}}, 0x1c) 07:53:19 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x133, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:19 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x142, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:19 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000140)="636772a418702e6a72f6d31612947e0231a4fc45c6fd2d77d86f627300", 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) 07:53:19 executing program 6: r0 = socket$nl_generic(0x10, 0x3, 0x10) socketpair(0x1b, 0x807, 0x3021835d, &(0x7f0000000040)={0xffffffffffffffff}) ioctl$KDADDIO(r1, 0x4b34, 0x1f) sendmsg$nl_generic(r0, &(0x7f0000000000)={&(0x7f0000000080), 0x6, &(0x7f0000000140)={&(0x7f0000000480)={0x1c, 0x800000000028, 0x4, 0x0, 0x0, {0x1}}, 0x1c}}, 0x0) 07:53:19 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xf0ffffff}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:19 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000048f00"}, 0x2c) 07:53:19 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) ioctl$TIOCMBIC(r0, 0x5417, &(0x7f0000000000)=0x4) unshare(0x10420000) 07:53:19 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x9effffff}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2235.658940] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2235.669955] syz-executor0 cpuset=/ mems_allowed=0 [ 2235.674903] CPU: 1 PID: 27615 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2235.682270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2235.691625] Call Trace: [ 2235.694225] dump_stack+0x1c9/0x2b4 [ 2235.697863] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2235.703126] ? trace_hardirqs_on+0x10/0x10 07:53:19 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000300"}, 0x2c) [ 2235.707389] dump_header+0x27b/0xf64 [ 2235.711117] ? pagefault_out_of_memory+0x197/0x197 [ 2235.716061] ? __lock_acquire+0x7fc/0x5020 [ 2235.720314] ? print_usage_bug+0xc0/0xc0 [ 2235.724394] ? graph_lock+0x170/0x170 [ 2235.728205] ? print_usage_bug+0xc0/0xc0 [ 2235.732274] ? trace_hardirqs_on+0x10/0x10 [ 2235.736529] ? print_usage_bug+0xc0/0xc0 [ 2235.740615] ? lock_downgrade+0x8f0/0x8f0 [ 2235.744778] ? mark_held_locks+0xc9/0x160 [ 2235.748930] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2235.753518] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2235.758634] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2235.763656] ? trace_hardirqs_on+0xd/0x10 [ 2235.767816] ? ___ratelimit+0xaa/0x655 [ 2235.771712] ? idr_get_free+0x10c0/0x10c0 [ 2235.775862] ? kasan_check_write+0x14/0x20 [ 2235.780085] ? do_raw_spin_lock+0xc1/0x200 [ 2235.784314] oom_kill_process.cold.25+0x10/0x10bc [ 2235.789161] ? oom_evaluate_task+0x540/0x540 [ 2235.793574] ? find_held_lock+0x36/0x1c0 [ 2235.797630] ? lock_downgrade+0x8f0/0x8f0 [ 2235.801769] ? kasan_check_read+0x11/0x20 [ 2235.805907] ? rcu_is_watching+0x8c/0x150 [ 2235.810044] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2235.814439] ? oom_badness+0xb00/0xb00 [ 2235.818317] ? rcu_read_unlock+0x35/0x70 [ 2235.822367] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2235.826593] ? css_task_iter_end+0x2ce/0x490 [ 2235.831000] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2235.835749] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2235.840751] ? trace_hardirqs_on+0xd/0x10 [ 2235.844889] ? _raw_spin_unlock_irq+0x27/0x70 [ 2235.849385] ? oom_badness+0xb00/0xb00 [ 2235.853271] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2235.858023] ? mem_cgroup_iter_break+0x30/0x30 [ 2235.862604] out_of_memory+0xa8a/0x14d0 [ 2235.866573] ? oom_killer_disable+0x3a0/0x3a0 [ 2235.871060] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2235.876065] ? trace_hardirqs_on+0xd/0x10 [ 2235.880209] mem_cgroup_out_of_memory+0x15e/0x210 [ 2235.885043] ? memcg_memory_event+0x40/0x40 [ 2235.889368] ? _raw_spin_unlock+0x22/0x30 [ 2235.893518] mem_cgroup_oom_synchronize+0x713/0x940 [ 2235.898544] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2235.903984] ? memcg_event_wake+0x450/0x450 [ 2235.908316] pagefault_out_of_memory+0xc8/0x197 [ 2235.912983] ? out_of_memory+0x14d0/0x14d0 [ 2235.917215] ? __handle_mm_fault+0x4460/0x4460 [ 2235.921803] mm_fault_error+0x1de/0x380 [ 2235.925769] __do_page_fault+0xd25/0xe50 [ 2235.929831] ? mm_fault_error+0x380/0x380 [ 2235.933978] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2235.939515] ? __x64_sys_clock_gettime+0x170/0x250 [ 2235.944434] ? __ia32_sys_clock_settime+0x290/0x290 [ 2235.949448] do_page_fault+0xf6/0x8c0 [ 2235.953238] ? vmalloc_sync_all+0x30/0x30 [ 2235.957374] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2235.962902] ? do_syscall_64+0x497/0x820 [ 2235.966953] ? syscall_slow_exit_work+0x500/0x500 [ 2235.971800] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2235.976723] ? syscall_return_slowpath+0x31d/0x5e0 [ 2235.981655] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2235.987014] ? page_fault+0x8/0x30 [ 2235.990558] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2235.995395] ? page_fault+0x8/0x30 [ 2235.998927] page_fault+0x1e/0x30 [ 2236.002383] RIP: 0033:0x46f8fd [ 2236.005557] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2236.024785] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2236.030149] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2236.037517] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2236.044792] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2236.052056] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 07:53:20 executing program 6: r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x0, @empty, 0x1ff}, 0x1c) setsockopt$inet6_int(r0, 0x29, 0x40048, &(0x7f0000000040)=0x7, 0xffffffffffffff6b) sendto$inet6(r0, &(0x7f0000000100), 0xd14b, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x200500, 0x0) ioctl$VT_GETSTATE(r1, 0x5603, &(0x7f0000000080)={0x2, 0x1, 0x7}) [ 2236.059311] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2236.066659] Task in /ile0 killed as a result of limit of /ile0 [ 2236.072716] memory: usage 24kB, limit 20kB, failcnt 9813 [ 2236.078229] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2236.085044] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2236.091244] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB 07:53:20 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\a\x00'}, 0x2c) [ 2236.110764] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2236.119682] [27615] 0 27615 17585 8732 126976 0 0 syz-executor0 [ 2236.128802] [27630] 0 27630 17585 8732 131072 0 0 syz-executor5 [ 2236.137735] Memory cgroup out of memory: Kill process 27630 (syz-executor5) score 1752800 or sacrifice child [ 2236.147813] Killed process 27630 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:20 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:20 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000200"}, 0x2c) [ 2236.193179] oom_reaper: reaped process 27630 (syz-executor5), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2236.215470] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2236.226452] syz-executor0 cpuset=/ mems_allowed=0 [ 2236.231411] CPU: 1 PID: 27615 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2236.238797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2236.248160] Call Trace: [ 2236.250800] dump_stack+0x1c9/0x2b4 [ 2236.254447] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2236.259674] ? trace_hardirqs_on+0x10/0x10 [ 2236.263926] dump_header+0x27b/0xf64 [ 2236.267659] ? pagefault_out_of_memory+0x197/0x197 [ 2236.272596] ? __lock_acquire+0x7fc/0x5020 [ 2236.276843] ? __lock_acquire+0x7fc/0x5020 [ 2236.281093] ? print_usage_bug+0xc0/0xc0 [ 2236.285167] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2236.289762] ? graph_lock+0x170/0x170 [ 2236.293567] ? print_usage_bug+0xc0/0xc0 [ 2236.297638] ? trace_hardirqs_on+0x10/0x10 [ 2236.301902] ? finish_task_switch+0x2ca/0x870 [ 2236.306418] ? print_usage_bug+0xc0/0xc0 [ 2236.310504] ? lock_downgrade+0x8f0/0x8f0 [ 2236.314680] ? mark_held_locks+0xc9/0x160 [ 2236.318840] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2236.323435] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2236.328551] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2236.333586] ? trace_hardirqs_on+0xd/0x10 [ 2236.337750] ? ___ratelimit+0xaa/0x655 [ 2236.341654] ? idr_get_free+0x10c0/0x10c0 [ 2236.345823] ? kasan_check_write+0x14/0x20 [ 2236.350077] ? do_raw_spin_lock+0xc1/0x200 [ 2236.354324] oom_kill_process.cold.25+0x10/0x10bc [ 2236.359186] ? oom_evaluate_task+0x540/0x540 [ 2236.363626] ? find_held_lock+0x36/0x1c0 [ 2236.367728] ? lock_downgrade+0x8f0/0x8f0 [ 2236.371895] ? kasan_check_read+0x11/0x20 [ 2236.376043] ? rcu_is_watching+0x8c/0x150 [ 2236.380196] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2236.384615] ? oom_badness+0xb00/0xb00 [ 2236.388518] ? rcu_read_unlock+0x35/0x70 [ 2236.392585] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2236.396829] ? css_task_iter_end+0x2ce/0x490 [ 2236.401245] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2236.405992] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2236.411000] ? trace_hardirqs_on+0xd/0x10 [ 2236.415149] ? _raw_spin_unlock_irq+0x27/0x70 [ 2236.419659] ? oom_badness+0xb00/0xb00 [ 2236.423536] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2236.428283] ? mem_cgroup_iter_break+0x30/0x30 [ 2236.432866] out_of_memory+0xa8a/0x14d0 [ 2236.436848] ? oom_killer_disable+0x3a0/0x3a0 [ 2236.441358] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2236.446370] ? trace_hardirqs_on+0xd/0x10 [ 2236.450518] mem_cgroup_out_of_memory+0x15e/0x210 [ 2236.455349] ? memcg_memory_event+0x40/0x40 [ 2236.459662] ? _raw_spin_unlock+0x22/0x30 [ 2236.463798] mem_cgroup_oom_synchronize+0x713/0x940 [ 2236.468818] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2236.474268] ? memcg_event_wake+0x450/0x450 [ 2236.478601] pagefault_out_of_memory+0xc8/0x197 [ 2236.483262] ? out_of_memory+0x14d0/0x14d0 [ 2236.487495] ? __handle_mm_fault+0x4460/0x4460 [ 2236.492073] mm_fault_error+0x1de/0x380 [ 2236.496048] __do_page_fault+0xd25/0xe50 [ 2236.500133] ? mm_fault_error+0x380/0x380 [ 2236.504285] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2236.509830] ? __x64_sys_clock_gettime+0x170/0x250 [ 2236.514754] ? __ia32_sys_clock_settime+0x290/0x290 [ 2236.519787] do_page_fault+0xf6/0x8c0 [ 2236.523579] ? vmalloc_sync_all+0x30/0x30 [ 2236.527713] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2236.533236] ? do_syscall_64+0x497/0x820 [ 2236.537282] ? syscall_slow_exit_work+0x500/0x500 [ 2236.542117] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2236.547048] ? syscall_return_slowpath+0x31d/0x5e0 [ 2236.551964] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2236.557494] ? retint_user+0x18/0x18 [ 2236.561202] ? page_fault+0x8/0x30 [ 2236.564749] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2236.569583] ? page_fault+0x8/0x30 [ 2236.573115] page_fault+0x1e/0x30 [ 2236.576556] RIP: 0033:0x46f8fd [ 2236.579734] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2236.598963] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2236.604328] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2236.611594] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2236.618852] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2236.626113] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2236.633373] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2236.640766] Task in /ile0 killed as a result of limit of /ile0 [ 2236.646848] memory: usage 24kB, limit 20kB, failcnt 9821 [ 2236.652351] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2236.659150] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2236.665328] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2236.684831] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 07:53:20 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000180)) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) utime(&(0x7f0000000000)='./file0//ile0\x00', &(0x7f0000000140)={0x10000, 0x2}) 07:53:20 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000000000000200"}, 0x2c) [ 2236.693658] [27615] 0 27615 17585 8732 126976 0 0 syz-executor0 [ 2236.702561] Memory cgroup out of memory: Kill process 27615 (syz-executor0) score 1752600 or sacrifice child [ 2236.712607] Killed process 27615 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:20 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8906]}}, 0x1c) 07:53:20 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x11f, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:20 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280)='/dev/hwrng\x00', 0x80, 0x0) getsockopt$sock_cred(0xffffffffffffff9c, 0x1, 0x11, &(0x7f0000000500)={0x0, 0x0}, &(0x7f0000000300)=0x23e) r2 = getgid() mount$fuseblk(&(0x7f0000000000)='/dev/loop0\x00', &(0x7f0000000140)='./file0//ile0\x00', &(0x7f0000000180)='fuseblk\x00', 0x2000800, &(0x7f0000000340)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xe000}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@allow_other='allow_other'}, {@allow_other='allow_other'}, {@default_permissions='default_permissions'}, {@default_permissions='default_permissions'}, {@max_read={'max_read', 0x3d, 0xb}}, {@allow_other='allow_other'}, {@max_read={'max_read', 0x3d, 0x6b06}}, {@allow_other='allow_other'}]}}) r3 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r4 = openat$cgroup_procs(r3, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_RECVRCVINFO(r0, 0x84, 0x20, &(0x7f0000000480), &(0x7f00000004c0)=0x4) write$cgroup_pid(r4, &(0x7f0000000100), 0x12) unshare(0x400) 07:53:20 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x28, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:20 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x700}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:20 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000000000008400"}, 0x2c) [ 2236.838948] net_ratelimit: 11 callbacks suppressed [ 2236.838956] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2236.856815] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2236.870167] syz-executor0 cpuset=/ mems_allowed=0 [ 2236.875102] CPU: 0 PID: 27669 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2236.882470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2236.891828] Call Trace: [ 2236.894433] dump_stack+0x1c9/0x2b4 [ 2236.898077] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2236.903289] ? trace_hardirqs_on+0x10/0x10 [ 2236.907543] dump_header+0x27b/0xf64 [ 2236.911301] ? pagefault_out_of_memory+0x197/0x197 [ 2236.916248] ? __lock_acquire+0x7fc/0x5020 [ 2236.920503] ? print_usage_bug+0xc0/0xc0 [ 2236.924577] ? graph_lock+0x170/0x170 [ 2236.928384] ? print_usage_bug+0xc0/0xc0 [ 2236.932453] ? trace_hardirqs_on+0x10/0x10 [ 2236.933903] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2236.936697] ? print_usage_bug+0xc0/0xc0 [ 2236.936723] ? lock_downgrade+0x8f0/0x8f0 [ 2236.936747] ? mark_held_locks+0xc9/0x160 [ 2236.936763] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2236.968340] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2236.973458] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2236.978490] ? trace_hardirqs_on+0xd/0x10 [ 2236.982657] ? ___ratelimit+0xaa/0x655 [ 2236.986563] ? idr_get_free+0x10c0/0x10c0 [ 2236.990730] ? kasan_check_write+0x14/0x20 [ 2236.994985] ? do_raw_spin_lock+0xc1/0x200 [ 2236.999243] oom_kill_process.cold.25+0x10/0x10bc [ 2237.004109] ? oom_evaluate_task+0x540/0x540 [ 2237.008533] ? find_held_lock+0x36/0x1c0 [ 2237.012619] ? lock_downgrade+0x8f0/0x8f0 [ 2237.016784] ? kasan_check_read+0x11/0x20 [ 2237.020937] ? rcu_is_watching+0x8c/0x150 [ 2237.025091] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2237.029511] ? oom_badness+0xb00/0xb00 [ 2237.033415] ? rcu_read_unlock+0x35/0x70 [ 2237.037485] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2237.041718] ? css_task_iter_end+0x2ce/0x490 [ 2237.046128] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2237.050875] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2237.055885] ? trace_hardirqs_on+0xd/0x10 [ 2237.060032] ? _raw_spin_unlock_irq+0x27/0x70 [ 2237.064535] ? oom_badness+0xb00/0xb00 [ 2237.068417] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2237.073177] ? mem_cgroup_iter_break+0x30/0x30 [ 2237.077766] out_of_memory+0xa8a/0x14d0 [ 2237.081746] ? oom_killer_disable+0x3a0/0x3a0 [ 2237.086245] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2237.091261] ? trace_hardirqs_on+0xd/0x10 [ 2237.095411] mem_cgroup_out_of_memory+0x15e/0x210 [ 2237.100251] ? memcg_memory_event+0x40/0x40 [ 2237.104566] ? _raw_spin_unlock+0x22/0x30 [ 2237.108708] mem_cgroup_oom_synchronize+0x713/0x940 [ 2237.113710] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2237.119158] ? memcg_event_wake+0x450/0x450 [ 2237.123496] pagefault_out_of_memory+0xc8/0x197 [ 2237.128152] ? out_of_memory+0x14d0/0x14d0 [ 2237.132388] ? __handle_mm_fault+0x4460/0x4460 [ 2237.136959] mm_fault_error+0x1de/0x380 [ 2237.140925] __do_page_fault+0xd25/0xe50 [ 2237.144977] ? mm_fault_error+0x380/0x380 [ 2237.149114] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2237.154638] ? __x64_sys_clock_gettime+0x170/0x250 [ 2237.159575] ? __ia32_sys_clock_settime+0x290/0x290 [ 2237.164585] do_page_fault+0xf6/0x8c0 [ 2237.168375] ? vmalloc_sync_all+0x30/0x30 [ 2237.172511] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2237.178052] ? do_syscall_64+0x497/0x820 [ 2237.182100] ? syscall_slow_exit_work+0x500/0x500 07:53:21 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x226, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:21 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x165, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:21 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) getsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040), 0x10) bind$alg(r0, &(0x7f0000000300)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58) r1 = dup3(r0, r0, 0x80000) ioctl$TCFLSH(r1, 0x540b, 0xff) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000), 0x0) openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x40, 0x0) 07:53:21 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00t\x00'}, 0x2c) [ 2237.186944] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2237.191866] ? syscall_return_slowpath+0x31d/0x5e0 [ 2237.196788] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2237.202157] ? page_fault+0x8/0x30 [ 2237.205711] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2237.210566] ? page_fault+0x8/0x30 [ 2237.214118] page_fault+0x1e/0x30 [ 2237.217601] RIP: 0033:0x46f8fd [ 2237.220788] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 07:53:21 executing program 6: r0 = socket$inet6(0xa, 0x8000000000000802, 0x0) r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x4001) ioctl$EVIOCGSND(r1, 0x8040451a, &(0x7f0000000100)=""/253) setsockopt$inet6_int(r0, 0x29, 0x49, &(0x7f00000000c0), 0x4) r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x4200, 0x0) connect$pptp(r2, &(0x7f0000000080)={0x18, 0x2, {0x2, @loopback}}, 0x1e) [ 2237.240146] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2237.245520] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2237.252800] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2237.260081] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2237.267361] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2237.274643] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2237.282148] Task in /ile0 killed as a result of limit of /ile0 07:53:21 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00'}, 0x2c) [ 2237.288232] memory: usage 24kB, limit 20kB, failcnt 9885 [ 2237.293753] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2237.300650] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2237.306870] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2237.326406] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 07:53:21 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000600"}, 0x2c) [ 2237.335262] [27669] 0 27669 17585 8732 126976 0 0 syz-executor0 [ 2237.344214] [27676] 0 27676 17585 8732 131072 0 0 syz-executor5 [ 2237.353130] Memory cgroup out of memory: Kill process 27676 (syz-executor5) score 1752800 or sacrifice child [ 2237.363244] Killed process 27676 (syz-executor5) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2237.378774] oom_reaper: reaped process 27676 (syz-executor5), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB 07:53:21 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\n\x00'}, 0x2c) [ 2237.398704] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2237.409699] syz-executor0 cpuset=/ mems_allowed=0 [ 2237.414659] CPU: 0 PID: 27669 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2237.422017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2237.431377] Call Trace: [ 2237.433981] dump_stack+0x1c9/0x2b4 [ 2237.437624] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2237.442830] ? trace_hardirqs_on+0x10/0x10 [ 2237.447083] dump_header+0x27b/0xf64 [ 2237.450817] ? pagefault_out_of_memory+0x197/0x197 [ 2237.455760] ? __lock_acquire+0x7fc/0x5020 [ 2237.460009] ? __lock_acquire+0x7fc/0x5020 [ 2237.464258] ? print_usage_bug+0xc0/0xc0 [ 2237.468328] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2237.472928] ? graph_lock+0x170/0x170 [ 2237.476741] ? print_usage_bug+0xc0/0xc0 [ 2237.480805] ? trace_hardirqs_on+0x10/0x10 [ 2237.485041] ? finish_task_switch+0x1d3/0x870 [ 2237.489545] ? finish_task_switch+0x18a/0x870 [ 2237.494057] ? print_usage_bug+0xc0/0xc0 [ 2237.498130] ? lock_downgrade+0x8f0/0x8f0 [ 2237.502293] ? mark_held_locks+0xc9/0x160 [ 2237.506450] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2237.511039] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2237.516151] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2237.521175] ? trace_hardirqs_on+0xd/0x10 [ 2237.525337] ? ___ratelimit+0xaa/0x655 [ 2237.529237] ? idr_get_free+0x10c0/0x10c0 [ 2237.533397] ? kasan_check_write+0x14/0x20 [ 2237.537640] ? do_raw_spin_lock+0xc1/0x200 [ 2237.541895] oom_kill_process.cold.25+0x10/0x10bc [ 2237.546762] ? oom_evaluate_task+0x540/0x540 [ 2237.551182] ? find_held_lock+0x36/0x1c0 [ 2237.555262] ? lock_downgrade+0x8f0/0x8f0 [ 2237.559425] ? kasan_check_read+0x11/0x20 [ 2237.563580] ? rcu_is_watching+0x8c/0x150 [ 2237.567734] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2237.572153] ? oom_badness+0xb00/0xb00 [ 2237.576050] ? rcu_read_unlock+0x35/0x70 [ 2237.580125] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2237.584369] ? css_task_iter_end+0x2ce/0x490 [ 2237.588781] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2237.593529] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2237.598531] ? trace_hardirqs_on+0xd/0x10 [ 2237.602667] ? _raw_spin_unlock_irq+0x27/0x70 [ 2237.607158] ? oom_badness+0xb00/0xb00 [ 2237.611042] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2237.615792] ? mem_cgroup_iter_break+0x30/0x30 [ 2237.620371] out_of_memory+0xa8a/0x14d0 [ 2237.624353] ? oom_killer_disable+0x3a0/0x3a0 [ 2237.628844] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2237.633860] ? trace_hardirqs_on+0xd/0x10 [ 2237.638012] mem_cgroup_out_of_memory+0x15e/0x210 [ 2237.642855] ? memcg_memory_event+0x40/0x40 [ 2237.647182] ? _raw_spin_unlock+0x22/0x30 [ 2237.651320] mem_cgroup_oom_synchronize+0x713/0x940 [ 2237.656334] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2237.661786] ? memcg_event_wake+0x450/0x450 [ 2237.666473] pagefault_out_of_memory+0xc8/0x197 [ 2237.671144] ? out_of_memory+0x14d0/0x14d0 [ 2237.675375] ? __handle_mm_fault+0x4460/0x4460 [ 2237.679953] mm_fault_error+0x1de/0x380 [ 2237.683939] __do_page_fault+0xd25/0xe50 [ 2237.687993] ? mm_fault_error+0x380/0x380 [ 2237.692134] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2237.697656] ? __x64_sys_clock_gettime+0x170/0x250 [ 2237.702578] ? __ia32_sys_clock_settime+0x290/0x290 [ 2237.707590] do_page_fault+0xf6/0x8c0 [ 2237.711381] ? vmalloc_sync_all+0x30/0x30 [ 2237.715517] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2237.721049] ? do_syscall_64+0x497/0x820 [ 2237.725098] ? syscall_slow_exit_work+0x500/0x500 [ 2237.729929] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2237.734847] ? syscall_return_slowpath+0x31d/0x5e0 [ 2237.739771] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2237.745294] ? retint_user+0x18/0x18 [ 2237.748993] ? page_fault+0x8/0x30 [ 2237.752528] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2237.757361] ? page_fault+0x8/0x30 [ 2237.760904] page_fault+0x1e/0x30 [ 2237.764342] RIP: 0033:0x46f8fd [ 2237.767510] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2237.786692] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2237.792049] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2237.799309] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2237.806567] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2237.813826] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2237.821082] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2237.828604] Task in /ile0 killed as a result of limit of /ile0 [ 2237.834682] memory: usage 24kB, limit 20kB, failcnt 9893 [ 2237.840171] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2237.846975] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2237.853158] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2237.872652] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2237.881447] [27669] 0 27669 17585 8732 126976 0 0 syz-executor0 [ 2237.890347] Memory cgroup out of memory: Kill process 27669 (syz-executor0) score 1752600 or sacrifice child 07:53:22 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) ioctl$KVM_S390_VCPU_FAULT(r0, 0x4008ae52, &(0x7f0000000000)=0x2) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:22 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00L\x00'}, 0x2c) 07:53:22 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100]}}, 0x1c) 07:53:22 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x6, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:22 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:22 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000280), 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) 07:53:22 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x1d9, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2237.900407] Killed process 27669 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2237.912413] oom_reaper: reaped process 27669 (syz-executor0), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB 07:53:22 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070") r1 = socket(0xa, 0x1, 0x0) ioctl$fiemap(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)={0x0, 0xfffffffffffffffe, 0x1, 0x8}) ioctl(r1, 0x8916, &(0x7f0000000000)) ioctl(r1, 0x8936, &(0x7f0000000000)) socket$inet_dccp(0x2, 0x6, 0x0) 07:53:22 executing program 5: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000380)='./file0/file0\x00', 0x14000, 0xffffffffffffffff) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r0, 0x6, 0x1d, &(0x7f0000000040)={0xb80b, 0x400, 0x1, 0x7f, 0x3}, 0x14) setxattr(&(0x7f0000000000)='./file0//ile0\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="6274726673050000006f75702e70626f63bc00"], &(0x7f0000000180)='cgroup.procs\x00', 0xd, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x400) write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000002c0)={0x0, 0x18, 0xfa00, {0x4, &(0x7f0000000280)={0xffffffffffffffff}, 0x106, 0x1}}, 0x20) write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000300)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0x0, @mcast2, 0x8}, {0xa, 0x4e24, 0xa10, @dev={0xfe, 0x80, [], 0x1a}, 0x100000001}, r2, 0x7a}}, 0x48) 07:53:22 executing program 5: mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000001fe2)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") r2 = socket$inet6_sctp(0xa, 0x1, 0x84) r3 = socket(0x0, 0x7, 0x0) connect$vsock_dgram(r3, &(0x7f0000000040)={0x28, 0x0, 0xffffffff, @host}, 0x10) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000000)=0x1, 0x4) restart_syscall() setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f0000000100)={'veth1_to_bond\x00', &(0x7f0000000080)=@ethtool_gstrings={0x1b, 0x1}}) close(r2) close(r0) [ 2238.014124] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:22 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00c\x00'}, 0x2c) 07:53:22 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x81000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2238.055207] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:22 executing program 6: r0 = socket$inet6_udplite(0xa, 0x2, 0x88) write$binfmt_script(r0, &(0x7f0000000380)=ANY=[@ANYRESOCT=r0], 0x17) getsockopt$inet_sctp_SCTP_PR_SUPPORTED(0xffffffffffffff9c, 0x84, 0x71, &(0x7f0000000140)={0x0, 0x1}, &(0x7f0000000180)=0x8) r2 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000200)='/dev/qat_adf_ctl\x00', 0x8001, 0x0) getsockopt$IP_VS_SO_GET_VERSION(r2, 0x0, 0x480, &(0x7f00000000c0), &(0x7f0000000100)=0x40) ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000010000000000025a0000001000000000000000000000000000000000000000000000000000000000000000000000000000000bbe7f3fe78ac630c3ac742ed1455b37aeab6661037a78684f3045ebc407aaf5c4ac042663b43b26ab26d8b6cbbd7d8dd3ac4050e2ce48b97c2a4429afa38550000000000000000096a878b56913eb324cd7de3884d55510054ed41c9f8ea72140d2cbf6fa4835dc977a290bc705b30c3156d2c91cdbbef54ecbdecd26686849aa83114e2329f00c0e70a09edaba4762f55d9805ec85394727e0ff9f80fa4974786c37675cecd1d8da3ab13bd606218ad7219838002ca68457da7d0f80468361a5c15ec09f6530030e1d7adb887a0cbae73217d716885970cbd9cc7c63657f73577de4c40e38624dbdfed6b41d3000000000000000000"]) ioctl$KVM_SET_TSC_KHZ(r2, 0xaea2, 0xfff) setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f00000001c0)={0x100000000, 0x8, 0x1, 0xac1, 0x8, 0x81, 0x2, 0x81, r1}, 0x20) setsockopt$inet6_MCAST_LEAVE_GROUP(r0, 0x29, 0x2d, &(0x7f0000000000)={0x2, {{0xa, 0x4e22, 0x7e1, @mcast1, 0x20}}}, 0x88) socket$pppoe(0x18, 0x1, 0x0) socket$bt_rfcomm(0x1f, 0x3, 0x3) symlinkat(&(0x7f00000003c0)='./file0\x00', r2, &(0x7f0000000400)='./file0\x00') [ 2238.153806] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2238.231258] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2238.237585] QAT: Invalid ioctl [ 2238.251730] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2238.262828] syz-executor0 cpuset=/ mems_allowed=0 [ 2238.267772] CPU: 1 PID: 27736 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2238.272114] QAT: Invalid ioctl [ 2238.275131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2238.275137] Call Trace: [ 2238.275160] dump_stack+0x1c9/0x2b4 [ 2238.275182] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2238.299105] ? trace_hardirqs_on+0x10/0x10 [ 2238.303348] dump_header+0x27b/0xf64 [ 2238.307078] ? pagefault_out_of_memory+0x197/0x197 [ 2238.312014] ? __lock_acquire+0x7fc/0x5020 [ 2238.312348] QAT: Invalid ioctl [ 2238.316255] ? print_usage_bug+0xc0/0xc0 [ 2238.316279] ? graph_lock+0x170/0x170 [ 2238.316297] ? print_usage_bug+0xc0/0xc0 [ 2238.319550] QAT: Invalid ioctl [ 2238.323529] ? trace_hardirqs_on+0x10/0x10 [ 2238.323553] ? print_usage_bug+0xc0/0xc0 [ 2238.323576] ? lock_downgrade+0x8f0/0x8f0 [ 2238.323597] ? mark_held_locks+0xc9/0x160 [ 2238.351228] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2238.355821] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2238.360939] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2238.365963] ? trace_hardirqs_on+0xd/0x10 [ 2238.370118] ? ___ratelimit+0xaa/0x655 [ 2238.374016] ? idr_get_free+0x10c0/0x10c0 07:53:22 executing program 5: r0 = openat$vsock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vsock\x00', 0x80000, 0x0) ioctl$SCSI_IOCTL_DOORUNLOCK(r0, 0x5381) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070") ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000240)=0x0) r3 = getpgid(r2) perf_event_open(&(0x7f00000002c0)={0x5, 0x70, 0x99ce, 0x7, 0x4, 0x0, 0x0, 0x4, 0x4, 0x8, 0x5, 0x401, 0x8, 0x61c911ab, 0x8, 0xfff, 0x100000000, 0x6, 0x38000, 0x23, 0x3, 0x0, 0x2, 0x20, 0x9, 0x1, 0x0, 0x80, 0xffff, 0x9, 0xfffffffffffffffe, 0x80000000, 0xfffffffffffff761, 0x4, 0x4, 0xe16, 0x81, 0x1, 0x0, 0x7fff, 0x2, @perf_config_ext={0x3, 0xa5}, 0x0, 0xf4, 0x8, 0x0, 0x8, 0x5, 0x3779}, r3, 0x6, 0xffffffffffffff9c, 0x2) syz_open_dev$sndtimer(&(0x7f0000000200)='/dev/snd/timer\x00', 0x0, 0x20000) write$tun(r0, &(0x7f0000001340)={@void, @val={0x1, 0x3, 0x0, 0x5, 0x7, 0x40}, @ipv6={0x1, 0x6, "ba48c1", 0x14c, 0x0, 0x7, @mcast1, @ipv4={[], [], @rand_addr=0x7}, {[@hopopts={0x2b, 0x0, [], [@padn={0x1, 0x2, [0x0, 0x0]}]}, @routing={0x7e, 0xa, 0x2, 0x4, 0x0, [@mcast1, @remote, @empty, @remote, @dev={0xfe, 0x80, [], 0x10}]}, @hopopts={0xbf, 0x5, [], [@enc_lim={0x4, 0x1, 0x10000}, @calipso={0x7, 0x10, {0xfffffffffffffffb, 0x2, 0xa28, 0x3, [0x1]}}, @enc_lim={0x4, 0x1, 0x4d}, @hao={0xc9, 0x10, @dev={0xfe, 0x80, [], 0x1f}}, @pad1]}], @dccp={{0x4e22, 0x4e21, 0x4, 0x1, 0x8, 0x0, 0x0, 0xf, 0x300000, "e9dd8d", 0x8, "101f13"}, "144d0f0ad05ef00e0ae7b662df572e0032eee7e6db05fa10813ba5b4a70f2884cc69bba6e40140c6aee83715dc7672fb7d07bd9220791f2639349875c9dbf90e8813270f74c1773289ab9c87cd3402afad26890e41eee828ed4ab98da583055cc8fcf0ef8c75e9c0bdecc191a8d6c1a94ca517ed27521bc4fecd1797d56a56788d8eecafed24f74fe3c2491c978797a0a77e3625623dc04624cad549"}}}}, 0x17e) r4 = syz_open_dev$sndtimer(&(0x7f0000000000)='/dev/snd/timer\x00', 0x0, 0x0) r5 = semget(0x0, 0x1, 0x0) semctl$IPC_RMID(r5, 0x0, 0x0) getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000340)={0x0, 0x0, 0x1f, 0x72}, &(0x7f0000000080)=0x10) ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f0000000040)={{0x1}}) clone(0x0, &(0x7f0000000080), &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)) ioctl$SNDRV_TIMER_IOCTL_INFO(r4, 0x40505412, &(0x7f0000000340)=""/4096) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) semtimedop(0x0, &(0x7f0000000140)=[{0x3, 0xfffffffffffffff9}], 0x1, &(0x7f0000efe000)={0x2000}) r6 = semget(0x2, 0x4, 0x128) semctl$SETALL(r6, 0x0, 0x11, &(0x7f0000003000)=[0x0, 0x0, 0x0, 0x7fff]) 07:53:22 executing program 6: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_add_memb(r0, 0x107, 0x12, &(0x7f0000000080)={0x0, 0x1, 0x6, @broadcast}, 0x10) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000000)=0x0) ptrace$pokeuser(0x6, r1, 0x3f, 0x0) getsockname$packet(r0, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f00000004c0)=0x14) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000500)={'team0\x00', r2}) r3 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vga_arbiter\x00', 0x80000, 0x0) getresuid(&(0x7f0000000180)=0x0, &(0x7f00000001c0), &(0x7f0000000200)) setsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000240)={{{@in6=@loopback, @in6, 0x4e20, 0x0, 0x4e24, 0x2, 0xa, 0x20, 0xa0, 0x5c, r2, r4}, {0x20, 0x6, 0x6, 0x8, 0x6, 0x1, 0xea3}, {0xfffffffffffffffe, 0x7fff, 0x80000000000, 0x7}, 0x100000001, 0x6e6bbe, 0x2, 0x1, 0x1, 0x2}, {{@in6=@dev={0xfe, 0x80, [], 0x13}, 0x4d4, 0xff}, 0xa, @in6=@ipv4={[], [], @loopback}, 0x3501, 0x3, 0x1, 0x401, 0x4, 0x0, 0x8}}, 0xe8) [ 2238.378174] ? kasan_check_write+0x14/0x20 [ 2238.382428] ? do_raw_spin_lock+0xc1/0x200 [ 2238.386678] oom_kill_process.cold.25+0x10/0x10bc [ 2238.391539] ? oom_evaluate_task+0x540/0x540 [ 2238.395955] ? find_held_lock+0x36/0x1c0 [ 2238.400038] ? lock_downgrade+0x8f0/0x8f0 [ 2238.404201] ? kasan_check_read+0x11/0x20 [ 2238.408384] ? rcu_is_watching+0x8c/0x150 [ 2238.411479] Unknown ioctl 21377 [ 2238.412605] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2238.412645] ? oom_badness+0xb00/0xb00 [ 2238.424192] ? rcu_read_unlock+0x35/0x70 [ 2238.428280] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2238.432541] ? css_task_iter_end+0x2ce/0x490 [ 2238.436951] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2238.441703] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2238.446717] ? trace_hardirqs_on+0xd/0x10 [ 2238.450858] ? _raw_spin_unlock_irq+0x27/0x70 [ 2238.455345] ? oom_badness+0xb00/0xb00 [ 2238.459227] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2238.463974] ? mem_cgroup_iter_break+0x30/0x30 [ 2238.468571] out_of_memory+0xa8a/0x14d0 [ 2238.472545] ? oom_killer_disable+0x3a0/0x3a0 [ 2238.477045] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2238.482057] ? trace_hardirqs_on+0xd/0x10 [ 2238.486231] mem_cgroup_out_of_memory+0x15e/0x210 [ 2238.491092] ? memcg_memory_event+0x40/0x40 [ 2238.495501] ? _raw_spin_unlock+0x22/0x30 [ 2238.499649] mem_cgroup_oom_synchronize+0x713/0x940 [ 2238.504659] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2238.510105] ? memcg_event_wake+0x450/0x450 [ 2238.514436] pagefault_out_of_memory+0xc8/0x197 [ 2238.519110] ? out_of_memory+0x14d0/0x14d0 [ 2238.523344] ? __handle_mm_fault+0x4460/0x4460 [ 2238.527917] mm_fault_error+0x1de/0x380 [ 2238.531884] __do_page_fault+0xd25/0xe50 [ 2238.535942] ? mm_fault_error+0x380/0x380 [ 2238.540093] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2238.545630] ? __x64_sys_clock_gettime+0x170/0x250 [ 2238.550554] ? __ia32_sys_clock_settime+0x290/0x290 [ 2238.555566] do_page_fault+0xf6/0x8c0 [ 2238.559358] ? vmalloc_sync_all+0x30/0x30 [ 2238.563498] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2238.569031] ? do_syscall_64+0x497/0x820 [ 2238.573082] ? syscall_slow_exit_work+0x500/0x500 [ 2238.577918] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2238.582840] ? syscall_return_slowpath+0x31d/0x5e0 [ 2238.587767] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2238.593133] ? page_fault+0x8/0x30 [ 2238.596662] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2238.601496] ? page_fault+0x8/0x30 [ 2238.605031] page_fault+0x1e/0x30 [ 2238.608474] RIP: 0033:0x40e33f [ 2238.611659] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2238.631012] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2238.636385] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2238.643641] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2238.650900] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2238.658172] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2238.665432] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2238.673420] Task in /ile0 killed as a result of limit of /ile0 07:53:22 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x44, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2238.679524] memory: usage 24kB, limit 20kB, failcnt 9913 [ 2238.685052] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2238.691870] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2238.698080] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2238.717632] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 07:53:22 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_PVERSION(r0, 0x80045500, &(0x7f0000000000)) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) ioctl$TIOCCBRK(r0, 0x5428) 07:53:22 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88470000]}}, 0x1c) 07:53:22 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000007fffffff00"}, 0x2c) [ 2238.726451] [27736] 0 27736 17618 8732 126976 0 0 syz-executor0 [ 2238.735399] Memory cgroup out of memory: Kill process 27736 (syz-executor0) score 1752600 or sacrifice child [ 2238.745451] Killed process 27736 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2238.768454] Unknown ioctl 21377 [ 2238.888260] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2238.899254] syz-executor0 cpuset=/ mems_allowed=0 [ 2238.904226] CPU: 1 PID: 27795 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2238.911607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2238.920964] Call Trace: [ 2238.923566] dump_stack+0x1c9/0x2b4 [ 2238.927208] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2238.932409] ? trace_hardirqs_on+0x10/0x10 07:53:23 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x4c, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:23 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x300}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:23 executing program 6: r0 = socket$can_bcm(0x1d, 0x2, 0x2) connect(r0, &(0x7f0000002000)=@ethernet, 0x10) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000002fd8)={'vcan0\x00', 0x0}) sendmsg$can_bcm(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x1d, r1}, 0x10, &(0x7f0000000100)={&(0x7f0000000080)={0x1, 0x0, 0x0, {0x77359400}, {0x77359400}, {}, 0x1300, @can={{}, 0x0, 0x0, 0x0, 0x0, "65a0178f2fde4db3"}}, 0x38}}, 0x0) syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x7a1, 0x0) 07:53:23 executing program 5: pipe2(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) mkdir(&(0x7f000082f000)='./control\x00', 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) getpgrp(0xffffffffffffffff) ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000100)) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000140)) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000180)) ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f00000001c0)) fcntl$getown(r2, 0x9) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000200), &(0x7f0000000240)=0xc) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000280)={0x0}, &(0x7f00000002c0)=0xc) r4 = getpgrp(r3) sched_setaffinity(r4, 0x8, &(0x7f00000000c0)=0x5162b57e) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000bc8000)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000d62fe0)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r5 = creat(&(0x7f000009aff8)='./file0\x00', 0x0) write$sndseq(r5, &(0x7f0000011fd2)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time={0x77359400}}], 0x30) unlink(&(0x7f0000000080)='./file0\x00') link(&(0x7f0000f3bff8)='./file0\x00', &(0x7f00006b3ff0)='./control/file0\x00') lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) ioctl$RNDCLEARPOOL(r0, 0x5206, &(0x7f0000000040)=0x7fffffff) dup2(r0, r2) 07:53:23 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000100"}, 0x2c) [ 2238.936651] dump_header+0x27b/0xf64 [ 2238.940382] ? pagefault_out_of_memory+0x197/0x197 [ 2238.945320] ? __lock_acquire+0x7fc/0x5020 [ 2238.949567] ? print_usage_bug+0xc0/0xc0 [ 2238.953645] ? graph_lock+0x170/0x170 [ 2238.957543] ? print_usage_bug+0xc0/0xc0 [ 2238.961613] ? trace_hardirqs_on+0x10/0x10 [ 2238.965862] ? print_usage_bug+0xc0/0xc0 [ 2238.969938] ? lock_downgrade+0x8f0/0x8f0 [ 2238.972148] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2238.974094] ? mark_held_locks+0xc9/0x160 [ 2238.974108] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2238.974124] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2238.974143] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2239.007610] ? trace_hardirqs_on+0xd/0x10 [ 2239.011770] ? ___ratelimit+0xaa/0x655 [ 2239.015668] ? idr_get_free+0x10c0/0x10c0 [ 2239.019825] ? kasan_check_write+0x14/0x20 [ 2239.024063] ? do_raw_spin_lock+0xc1/0x200 07:53:23 executing program 6: r0 = socket$inet6(0xa, 0xfffffffffffe, 0xa) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") r1 = socket$inet_sctp(0x2, 0x5, 0x84) setsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000380)=0xad, 0x4) r2 = socket$nl_route(0x10, 0x3, 0x0) connect$netlink(r2, &(0x7f0000000080)=@proc, 0xc) r3 = syz_open_dev$usbmon(&(0x7f00000003c0)='/dev/usbmon#\x00', 0x80000001, 0x800) ioctl$TUNGETFEATURES(r3, 0x800454cf, &(0x7f0000000400)) r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0) setsockopt$inet_sctp_SCTP_AUTOCLOSE(r4, 0x84, 0x4, &(0x7f00000000c0)=0x20, 0x4) r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000240)='/dev/sequencer2\x00', 0x10000, 0x0) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r5, 0x6, 0x21, &(0x7f0000000340)="4e8e6784488be82cfc39449aabc8629e", 0x10) sendmsg$nl_route(r2, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=@getneightbl={0x14, 0x42, 0x300, 0x70bd25, 0x25dfdbfc, {}, ["", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x44001}, 0x10) sendmsg$nl_route(r2, &(0x7f0000000300)={&(0x7f0000000040), 0xc, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c005f001600050000000000000000000a000000", @ANYRES32=0x0, @ANYBLOB="14000200fea00000000000000027f985d831b5e4635122c3df2d00ada900000000"], 0x2c}}, 0x0) [ 2239.025429] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2239.028303] oom_kill_process.cold.25+0x10/0x10bc [ 2239.028329] ? oom_evaluate_task+0x540/0x540 [ 2239.028345] ? find_held_lock+0x36/0x1c0 [ 2239.028371] ? lock_downgrade+0x8f0/0x8f0 [ 2239.028392] ? kasan_check_read+0x11/0x20 [ 2239.064634] ? rcu_is_watching+0x8c/0x150 [ 2239.068795] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2239.073214] ? oom_badness+0xb00/0xb00 [ 2239.077110] ? rcu_read_unlock+0x35/0x70 [ 2239.081173] ? mem_cgroup_iter+0x4bf/0x9e0 07:53:23 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000008400"}, 0x2c) [ 2239.085415] ? css_task_iter_end+0x2ce/0x490 [ 2239.089829] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2239.094595] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2239.099626] ? trace_hardirqs_on+0xd/0x10 [ 2239.103780] ? _raw_spin_unlock_irq+0x27/0x70 [ 2239.108284] ? oom_badness+0xb00/0xb00 [ 2239.112187] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2239.116957] ? mem_cgroup_iter_break+0x30/0x30 [ 2239.121564] out_of_memory+0xa8a/0x14d0 [ 2239.125556] ? oom_killer_disable+0x3a0/0x3a0 [ 2239.130059] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2239.135082] ? trace_hardirqs_on+0xd/0x10 07:53:23 executing program 6: ioctl(0xffffffffffffffff, 0x0, &(0x7f0000000100)) r0 = timerfd_create(0x0, 0x0) r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000080)='/dev/hwrng\x00', 0x0, 0x0) clock_gettime(0x0, &(0x7f0000000100)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_STATUS(r1, 0xc05c5340, &(0x7f0000000140)={0x45, 0x7, 0x8001, {r2, r3+10000000}, 0x9, 0x7ff}) readv(r0, &(0x7f0000000000)=[{&(0x7f0000000280)=""/146, 0x92}], 0x1) ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000040)={'veth1_to_bond\x00', &(0x7f0000000000)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000010"]}) r4 = gettid() setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000340)=@mangle={'mangle\x00', 0x1f, 0x6, 0x6a8, 0x248, 0x4e8, 0x0, 0x3b0, 0x3b0, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x5d8, 0x6, &(0x7f00000001c0), {[{{@uncond, 0x0, 0xf0, 0x118, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x7}}]}, @common=@inet=@SYNPROXY={0x28, 'SYNPROXY\x00', 0x0, {0x14, 0x80, 0x101}}}, {{@uncond, 0x0, 0xf0, 0x130, 0x0, {}, [@inet=@rpfilter={0x28, 'rpfilter\x00'}]}, @common=@inet=@TCPOPTSTRIP={0x40, 'TCPOPTSTRIP\x00', 0x0, {[0x3ff, 0x4a5e, 0x3, 0x0, 0x0, 0x0, 0x8, 0x9]}}}, {{@uncond, 0x0, 0x120, 0x168, 0x0, {}, [@common=@frag={0x30, 'frag\x00', 0x0, {0x2, 0x859, 0x8, 0x10, 0x3}}, @inet=@rpfilter={0x28, 'rpfilter\x00', 0x0, {0x1}}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv6=@ipv4={[], [], @multicast1}, @ipv4, 0x34, 0x3e, 0x5}}}, {{@uncond, 0x0, 0xf0, 0x138, 0x0, {}, [@common=@inet=@socket1={0x28, 'socket\x00', 0x1, 0x1}]}, @SNPT={0x48, 'SNPT\x00', 0x0, {@ipv4=@multicast1, @ipv6=@ipv4={[], [], @local}, 0x2, 0x12, 0x3}}}, {{@ipv6={@remote, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0xa}}, [0xffffff00, 0xff, 0xff0000ff, 0xff000000], [0xffffff00, 0xff, 0xffffff00, 0xffffffff], 'ipddp0\x00', 'bond_slave_1\x00', {0xff}, {0xff}, 0xaf, 0x1, 0x1}, 0x0, 0xc8, 0xf0}, @HL={0x28, 'HL\x00', 0x0, {0x1, 0x2}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x708) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) timer_settime(0x0, 0x0, &(0x7f00000000c0)={{0x0, 0x8}, {0x0, 0x989680}}, &(0x7f0000040000)) tkill(r4, 0x1004000000016) 07:53:23 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000000000001100"}, 0x2c) [ 2239.139248] mem_cgroup_out_of_memory+0x15e/0x210 [ 2239.144099] ? memcg_memory_event+0x40/0x40 [ 2239.148430] ? _raw_spin_unlock+0x22/0x30 [ 2239.152593] mem_cgroup_oom_synchronize+0x713/0x940 [ 2239.157619] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2239.163075] ? memcg_event_wake+0x450/0x450 [ 2239.167418] pagefault_out_of_memory+0xc8/0x197 [ 2239.172118] ? out_of_memory+0x14d0/0x14d0 [ 2239.176387] ? __handle_mm_fault+0x4460/0x4460 [ 2239.180979] mm_fault_error+0x1de/0x380 [ 2239.184966] __do_page_fault+0xd25/0xe50 07:53:23 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000000000000500"}, 0x2c) [ 2239.189038] ? mm_fault_error+0x380/0x380 [ 2239.193199] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2239.198744] ? __x64_sys_clock_gettime+0x170/0x250 [ 2239.203717] ? __ia32_sys_clock_settime+0x290/0x290 [ 2239.208741] do_page_fault+0xf6/0x8c0 [ 2239.212549] ? vmalloc_sync_all+0x30/0x30 [ 2239.216702] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2239.222248] ? do_syscall_64+0x497/0x820 [ 2239.226332] ? syscall_slow_exit_work+0x500/0x500 [ 2239.231180] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2239.236114] ? syscall_return_slowpath+0x31d/0x5e0 [ 2239.241050] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2239.246420] ? page_fault+0x8/0x30 [ 2239.249966] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2239.254812] ? page_fault+0x8/0x30 [ 2239.258358] page_fault+0x1e/0x30 [ 2239.261814] RIP: 0033:0x40e33f [ 2239.264996] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2239.284362] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 07:53:23 executing program 6: r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0x14, &(0x7f00000000c0)=@assoc_value={0x0}, &(0x7f0000000100)=0x8) getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f0000000140)={r1, @in={{0x2, 0x4e21}}}, &(0x7f0000000200)=0x84) pkey_mprotect(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x4, 0xffffffffffffffff) r2 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x3, 0x44200) ioctl$SNDRV_TIMER_IOCTL_TREAD(r2, 0x40045402, &(0x7f0000000040)) r3 = userfaultfd(0x0) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f0000003fe8)={0xaa, 0x46}) 07:53:23 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00'}, 0x2c) [ 2239.289739] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2239.297017] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2239.304291] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2239.311563] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2239.318840] R13: 00007ff4a0756700 R14: 0000000000000002 R15: 0000000000000001 [ 2239.326264] Task in /ile0 killed as a result of limit of /ile0 [ 2239.332353] memory: usage 24kB, limit 20kB, failcnt 9933 [ 2239.337864] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2239.344661] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2239.350859] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2239.370361] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2239.379249] [27795] 0 27795 17618 8732 126976 0 0 syz-executor0 07:53:23 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x104, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:23 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) stat(&(0x7f0000000180)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) getsockopt$inet_sctp_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000540), &(0x7f0000000580)=0xb) write$FUSE_WRITE(r0, &(0x7f0000000480)={0x18, 0xfffffffffffffffe, 0x4, {0x8001}}, 0x18) stat(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) mount$fuse(0x0, &(0x7f0000000000)='./file0//ile0\x00', &(0x7f0000000140)='fuse\x00', 0x40, &(0x7f00000003c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x5000}, 0x2c, {'user_id', 0x3d, r1}, 0x2c, {'group_id', 0x3d, r2}, 0x2c, {[{@max_read={'max_read', 0x3d, 0xdde600000}}]}}) ioctl$SNDRV_CTL_IOCTL_CARD_INFO(r0, 0x81785501, &(0x7f00000004c0)=""/128) r3 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r3, &(0x7f0000000100), 0x12) unshare(0x4000000) [ 2239.388169] Memory cgroup out of memory: Kill process 27795 (syz-executor0) score 1752600 or sacrifice child [ 2239.398241] Killed process 27795 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2239.412771] oom_reaper: reaped process 27795 (syz-executor0), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2239.516018] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2239.527249] syz-executor0 cpuset=/ mems_allowed=0 [ 2239.532188] CPU: 0 PID: 27851 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2239.535746] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2239.539563] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2239.539568] Call Trace: 07:53:23 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88a8ffff]}}, 0x1c) 07:53:23 executing program 6: r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/stat\x00') ioctl$RTC_WIE_ON(r0, 0x700f) syz_emit_ethernet(0x3e, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffff41e644f5ff9eb5290330ff08004500ed4e5a64000000019078ac1414bbac1414110308907800000000450000000000000000000000ac1414aaac141400"], &(0x7f0000000000)={0x0, 0x0, [0x0, 0x976, 0x0, 0xaa9]}) 07:53:23 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000008400"}, 0x2c) 07:53:23 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x6b, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:23 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xd848000000000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2239.539591] dump_stack+0x1c9/0x2b4 [ 2239.539609] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2239.539630] ? trace_hardirqs_on+0x10/0x10 [ 2239.565889] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2239.566204] dump_header+0x27b/0xf64 [ 2239.566227] ? pagefault_out_of_memory+0x197/0x197 [ 2239.602530] ? __lock_acquire+0x7fc/0x5020 [ 2239.606788] ? print_usage_bug+0xc0/0xc0 [ 2239.610893] ? graph_lock+0x170/0x170 [ 2239.614714] ? print_usage_bug+0xc0/0xc0 [ 2239.618789] ? trace_hardirqs_on+0x10/0x10 [ 2239.623044] ? print_usage_bug+0xc0/0xc0 [ 2239.627125] ? lock_downgrade+0x8f0/0x8f0 [ 2239.631295] ? mark_held_locks+0xc9/0x160 [ 2239.635443] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2239.640034] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2239.645166] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2239.650190] ? trace_hardirqs_on+0xd/0x10 [ 2239.654346] ? ___ratelimit+0xaa/0x655 [ 2239.658241] ? idr_get_free+0x10c0/0x10c0 [ 2239.662396] ? kasan_check_write+0x14/0x20 07:53:23 executing program 5: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r3 = openat$null(0xffffffffffffff9c, &(0x7f0000000040)='/dev/null\x00', 0x10000, 0x0) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='procvboxnet0\x00', 0xffffffffffffff9c}, 0x10) bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000002c0)={r3, r4, 0xd}, 0x10) ioctl$KVM_SET_SREGS(r2, 0x4138ae84, &(0x7f0000000080)={{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x10000}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x1f}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fff}, {0x0, 0x0, 0x0, 0x7d5e}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x800, 0x6}, {}, {}, {}, {}, 0x80050002, 0x0, 0x0, 0x300220}) recvmsg$kcm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000000300)=""/127, 0x7f}], 0x1, 0x0, 0x0, 0xfffffffffffffffc}, 0x142) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000280)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000580), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f00000001c0)) ioctl$TIOCLINUX3(r4, 0x541c, &(0x7f0000000400)) 07:53:23 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x9f, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:23 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1e0, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:23 executing program 6: sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040), 0x33d, &(0x7f0000013ff1)={&(0x7f0000000080)=ANY=[@ANYBLOB="1c000040280007000000000000000000010000004b0300e4f230d87061000000000000000285ac1a40b548e1849fc8dc95a363cdd62e3d81d4ae1fd896f39c50a23919c238b33a872ed832d25076a9944400af700e2587d50757928a42e3925e829614d928fc2c1a28036fee8af3ab42eaca720a05e27ee7bf96ad99f5aed49901040000abf2837bb663eaee1008b1da14c792f072f96cc01522e2053fb20ee9de4abc264c34e1580affbc4959c7773ef5f224d6c9b0bb48fa872756dcfa8aa25b1f711a9f8de66da0646c3e5b2de5ff203801d84431fc048d22f96e2c2b299297e54e260fe269c211f20fbb1fa167629b4279457a015e"], 0x1c}}, 0x0) 07:53:23 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000001100"}, 0x2c) [ 2239.666645] ? do_raw_spin_lock+0xc1/0x200 [ 2239.670890] oom_kill_process.cold.25+0x10/0x10bc [ 2239.675759] ? oom_evaluate_task+0x540/0x540 [ 2239.680171] ? find_held_lock+0x36/0x1c0 [ 2239.684247] ? lock_downgrade+0x8f0/0x8f0 [ 2239.688409] ? kasan_check_read+0x11/0x20 [ 2239.692563] ? rcu_is_watching+0x8c/0x150 [ 2239.696718] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2239.701159] ? oom_badness+0xb00/0xb00 [ 2239.705054] ? rcu_read_unlock+0x35/0x70 [ 2239.709120] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2239.713360] ? css_task_iter_end+0x2ce/0x490 [ 2239.717777] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2239.722555] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2239.728101] ? trace_hardirqs_on+0xd/0x10 [ 2239.732242] ? _raw_spin_unlock_irq+0x27/0x70 [ 2239.736726] ? oom_badness+0xb00/0xb00 [ 2239.740608] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2239.745355] ? mem_cgroup_iter_break+0x30/0x30 [ 2239.749946] out_of_memory+0xa8a/0x14d0 [ 2239.753923] ? oom_killer_disable+0x3a0/0x3a0 [ 2239.758410] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2239.763416] ? trace_hardirqs_on+0xd/0x10 [ 2239.767556] mem_cgroup_out_of_memory+0x15e/0x210 [ 2239.772386] ? memcg_memory_event+0x40/0x40 [ 2239.776703] ? _raw_spin_unlock+0x22/0x30 [ 2239.780840] mem_cgroup_oom_synchronize+0x713/0x940 [ 2239.785845] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2239.791283] ? memcg_event_wake+0x450/0x450 [ 2239.795598] pagefault_out_of_memory+0xc8/0x197 [ 2239.800264] ? out_of_memory+0x14d0/0x14d0 [ 2239.804490] ? __handle_mm_fault+0x4460/0x4460 [ 2239.809060] mm_fault_error+0x1de/0x380 [ 2239.813028] __do_page_fault+0xd25/0xe50 [ 2239.817079] ? mm_fault_error+0x380/0x380 [ 2239.821226] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2239.826752] ? exit_to_usermode_loop+0x1f4/0x370 [ 2239.831506] ? syscall_slow_exit_work+0x500/0x500 [ 2239.836339] do_page_fault+0xf6/0x8c0 [ 2239.840128] ? vmalloc_sync_all+0x30/0x30 [ 2239.844261] ? do_syscall_64+0x497/0x820 [ 2239.848321] ? syscall_slow_exit_work+0x500/0x500 [ 2239.853150] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2239.858067] ? syscall_return_slowpath+0x31d/0x5e0 [ 2239.862987] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2239.868336] ? page_fault+0x8/0x30 [ 2239.871864] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2239.876720] ? page_fault+0x8/0x30 [ 2239.880257] page_fault+0x1e/0x30 [ 2239.883700] RIP: 0033:0x40e33f [ 2239.886873] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2239.906107] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2239.911458] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2239.918715] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2239.925978] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2239.933234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2239.940490] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2239.947880] Task in /ile0 killed as a result of limit of /ile0 [ 2239.954041] memory: usage 24kB, limit 20kB, failcnt 9953 [ 2239.959511] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2239.966302] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2239.972483] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2239.991986] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2240.000853] [27851] 0 27851 17618 8732 126976 0 0 syz-executor0 07:53:24 executing program 6: socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x2, &(0x7f000039a000)=[{0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10) sendmmsg(r0, &(0x7f0000000000), 0x4000000000000fe, 0x0) r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0xbbd6, 0x0) getsockopt$XDP_STATISTICS(r2, 0x11b, 0x7, &(0x7f0000000080), &(0x7f00000000c0)=0x18) 07:53:24 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000000280)=""/4096) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) ioctl$sock_inet_tcp_SIOCINQ(r0, 0x541b, &(0x7f0000000000)) r2 = gettid() fcntl$setownex(r0, 0xf, &(0x7f0000000140)={0x2, r2}) 07:53:24 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xc000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2240.016110] Memory cgroup out of memory: Kill process 27851 (syz-executor0) score 1752600 or sacrifice child [ 2240.026171] Killed process 27851 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2240.048852] oom_reaper: reaped process 27851 (syz-executor0), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB 07:53:24 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000600"}, 0x2c) [ 2240.141782] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2240.153378] syz-executor0 cpuset=/ mems_allowed=0 [ 2240.158357] CPU: 0 PID: 27893 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2240.165737] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2240.175100] Call Trace: [ 2240.177697] dump_stack+0x1c9/0x2b4 [ 2240.181330] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2240.186539] ? trace_hardirqs_on+0x10/0x10 [ 2240.190770] dump_header+0x27b/0xf64 [ 2240.194479] ? pagefault_out_of_memory+0x197/0x197 [ 2240.199399] ? __lock_acquire+0x7fc/0x5020 [ 2240.203623] ? print_usage_bug+0xc0/0xc0 [ 2240.207684] ? graph_lock+0x170/0x170 [ 2240.211471] ? print_usage_bug+0xc0/0xc0 [ 2240.215525] ? trace_hardirqs_on+0x10/0x10 [ 2240.219762] ? print_usage_bug+0xc0/0xc0 [ 2240.223816] ? lock_downgrade+0x8f0/0x8f0 [ 2240.227964] ? mark_held_locks+0xc9/0x160 [ 2240.232099] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2240.236677] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2240.241778] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2240.246782] ? trace_hardirqs_on+0xd/0x10 [ 2240.250919] ? ___ratelimit+0xaa/0x655 [ 2240.254795] ? idr_get_free+0x10c0/0x10c0 [ 2240.258940] ? kasan_check_write+0x14/0x20 [ 2240.263161] ? do_raw_spin_lock+0xc1/0x200 [ 2240.267388] oom_kill_process.cold.25+0x10/0x10bc [ 2240.272237] ? oom_evaluate_task+0x540/0x540 [ 2240.276647] ? find_held_lock+0x36/0x1c0 [ 2240.280705] ? lock_downgrade+0x8f0/0x8f0 [ 2240.285582] ? kasan_check_read+0x11/0x20 [ 2240.289715] ? rcu_is_watching+0x8c/0x150 [ 2240.293846] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2240.298241] ? oom_badness+0xb00/0xb00 [ 2240.302129] ? rcu_read_unlock+0x35/0x70 [ 2240.306174] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2240.310396] ? css_task_iter_end+0x2ce/0x490 [ 2240.314791] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2240.319533] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2240.324535] ? trace_hardirqs_on+0xd/0x10 [ 2240.328666] ? _raw_spin_unlock_irq+0x27/0x70 [ 2240.333598] ? oom_badness+0xb00/0xb00 [ 2240.337477] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2240.342221] ? mem_cgroup_iter_break+0x30/0x30 [ 2240.346812] out_of_memory+0xa8a/0x14d0 [ 2240.350778] ? oom_killer_disable+0x3a0/0x3a0 [ 2240.355266] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2240.360267] ? trace_hardirqs_on+0xd/0x10 [ 2240.364406] mem_cgroup_out_of_memory+0x15e/0x210 [ 2240.369235] ? memcg_memory_event+0x40/0x40 [ 2240.373549] ? _raw_spin_unlock+0x22/0x30 [ 2240.377686] mem_cgroup_oom_synchronize+0x713/0x940 [ 2240.382690] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2240.388128] ? memcg_event_wake+0x450/0x450 [ 2240.392445] pagefault_out_of_memory+0xc8/0x197 [ 2240.397099] ? out_of_memory+0x14d0/0x14d0 [ 2240.401325] ? __handle_mm_fault+0x4460/0x4460 [ 2240.405894] mm_fault_error+0x1de/0x380 [ 2240.409856] __do_page_fault+0xd25/0xe50 [ 2240.413910] ? mm_fault_error+0x380/0x380 [ 2240.418048] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2240.423572] ? __x64_sys_clock_gettime+0x170/0x250 [ 2240.428488] ? __ia32_sys_clock_settime+0x290/0x290 [ 2240.433491] do_page_fault+0xf6/0x8c0 [ 2240.437276] ? vmalloc_sync_all+0x30/0x30 [ 2240.441411] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2240.446938] ? do_syscall_64+0x497/0x820 [ 2240.450984] ? syscall_slow_exit_work+0x500/0x500 [ 2240.455817] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2240.460732] ? syscall_return_slowpath+0x31d/0x5e0 [ 2240.465654] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2240.471005] ? page_fault+0x8/0x30 [ 2240.474539] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2240.479384] ? page_fault+0x8/0x30 [ 2240.482914] page_fault+0x1e/0x30 [ 2240.486351] RIP: 0033:0x40e33f [ 2240.489524] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2240.508750] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2240.514101] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2240.521356] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2240.528611] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2240.535870] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2240.543127] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2240.550465] Task in /ile0 killed as a result of limit of /ile0 [ 2240.556540] memory: usage 24kB, limit 20kB, failcnt 9973 [ 2240.562065] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2240.568878] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 07:53:24 executing program 5: r0 = perf_event_open$cgroup(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4900, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x108}, 0xffffffffffffff9c, 0x0, 0xffffffffffffff9c, 0x0) r1 = syz_open_dev$amidi(&(0x7f00000000c0)='/dev/amidi#\x00', 0x9, 0xfd) r2 = dup2(r0, r0) getsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000180)=0x400, &(0x7f0000000140)=0x2) ioctl$SCSI_IOCTL_STOP_UNIT(r2, 0x6) [ 2240.575078] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2240.594644] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2240.603558] [27893] 0 27893 17618 8732 126976 0 0 syz-executor0 [ 2240.612478] Memory cgroup out of memory: Kill process 27893 (syz-executor0) score 1752600 or sacrifice child [ 2240.622552] Killed process 27893 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:24 executing program 5: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-cast5-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005", 0x5) r1 = accept$alg(r0, 0x0, 0x0) sendmmsg$alg(r1, &(0x7f0000003e80)=[{0x0, 0x0, &(0x7f0000002a80), 0x167, &(0x7f0000000100)=[@op={0x18}], 0x18}], 0x1, 0x0) recvmmsg(r0, &(0x7f0000001280)=[{{&(0x7f0000000ec0)=@nl=@proc, 0x80, &(0x7f0000001180)=[{&(0x7f0000000140)=""/251, 0xfb}], 0x1, &(0x7f0000000240)=""/157, 0xffffffffffffff17}}], 0x1, 0x0, &(0x7f0000001380)={0x77359400}) [ 2240.683007] oom_reaper: reaped process 27893 (syz-executor0), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB 07:53:24 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000]}}, 0x1c) 07:53:24 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00H\x00'}, 0x2c) 07:53:24 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x9effffff00000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:24 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) unshare(0x4010000) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:24 executing program 5: r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000080)=0x1b4, 0x4) socketpair(0x18, 0x80005, 0x1, &(0x7f0000000300)={0xffffffffffffffff}) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x24, &(0x7f0000000400)={@local, @broadcast, 0x0}, &(0x7f0000000440)=0xc) sendmsg$can_raw(r1, &(0x7f0000000580)={&(0x7f0000000480)={0x1d, r2}, 0x10, &(0x7f0000000540)={&(0x7f00000004c0)=@canfd={{0x3, 0x1, 0xdfd, 0x3}, 0x5, 0x3, 0x0, 0x0, "86efb61a9cc0c683eb13bfc485f0215067dd02aabafa31209fbbf17af34e67c58f3054007b50949820e9464aa4f3a4b3e346309f14a3f827addae646f4118fe6"}, 0x48}, 0x1, 0x0, 0x0, 0x80}, 0x40) sendto$inet6(r0, &(0x7f00000000c0), 0x246, 0x0, &(0x7f0000005fe4)={0xa, 0x0, 0x100000002, @mcast2}, 0x1c) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x3ff, &(0x7f0000000280)="0a5cc80700315f85714070") setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000100), 0xfffffffffffffebb) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f00000000c0)=0x4, 0x4) setsockopt$inet6_MCAST_LEAVE_GROUP(r3, 0x29, 0x2d, &(0x7f0000000140)={0x80000000, {{0xa, 0x4e23, 0x0, @ipv4={[], [], @rand_addr=0x80000000}, 0x830}}}, 0x88) fsetxattr(r3, &(0x7f0000000200)=@random={'trusted.', '(\x00'}, &(0x7f0000000240)='\x00', 0x1, 0x1) recvmmsg(r0, &(0x7f0000001b00)=[{{&(0x7f0000000000)=@nl, 0x80, &(0x7f00000000c0), 0x0, &(0x7f00000002c0)=""/18, 0x12}}], 0x80001fc, 0x12000, &(0x7f00000009c0)={0x77359400}) 07:53:24 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000008400"}, 0x2c) 07:53:24 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x1ee, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:24 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1e4, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:24 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000280)="637dfdbac1702e70726f637300c5e42ed9caf79c80f7537008cbf963574b19dce8347a8206ec2ea445f9b169575542da7712e98ca1eb26e42ed47318b709de66b022e1e4aa08dc85cd38378c2f7c5437892030b1ca67980f328de35d0912ff38a9d9477747d83e3a5baa61b1b7bb3e918fc951ba11dc7e52c9ae0e23a6ca723886d78f2655d64042be6445a96c0e40c4abe35a4ea131a7861b80a071ae9d50b691900e5806f7876988040228be9f3bd021e803f2a401d3d8ecb7e08a9d1780c15bc4f8ac", 0x2, 0x0) r2 = getuid() getgroups(0x6, &(0x7f0000000000)=[0xee00, 0xee00, 0xee01, 0x0, 0x0, 0xffffffffffffffff]) getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x8, 0x20}, &(0x7f0000000180)=0xc) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000240)={r4, 0x6, 0x2}, &(0x7f0000000380)=0x8) fchown(r1, r2, r3) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r0) 07:53:24 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x7000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:25 executing program 5: r0 = socket$inet6(0xa, 0x1, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'lo\x00', 0x0}) sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000500)=ANY=[@ANYBLOB='(\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', @ANYRES32=r2, @ANYBLOB="000000000000000008000a000f000000"], 0x28}}, 0x0) 07:53:25 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000000)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0xfffffffffffffffc, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x4, 0x40000) openat$cgroup_procs(r0, &(0x7f00000000c0)='tasks\x00', 0x2, 0x0) unshare(0x4000000) mknod(&(0x7f0000000180)='./file0//ile0\x00', 0xc004, 0x8) 07:53:25 executing program 6: r0 = getpgrp(0x0) r1 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0xffffffffffffffff}, r0, 0x0, 0xffffffffffffffff, 0x0) rt_sigsuspend(&(0x7f00009b2000), 0x8) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x0) perf_event_open(&(0x7f0000000040)={0x7, 0x70, 0x3, 0x8, 0x68c, 0x20, 0x0, 0x2, 0x80, 0x0, 0x1, 0x1d94, 0x7, 0x7, 0xfffffffffffffc01, 0x7, 0x7, 0xffffffffffffff80, 0x2, 0x7000000000000, 0x7f, 0x2a2, 0x1, 0x9, 0x8000, 0x5, 0x0, 0x401, 0x4, 0x4, 0x10001, 0x6, 0x0, 0x100, 0x100, 0xe886337, 0x2, 0x7fffffff, 0x0, 0x8001, 0x0, @perf_config_ext={0xfffffffffffffff9, 0x1000}, 0x1000, 0x1f, 0x10000, 0x2, 0x6, 0xfffffffffffffffa, 0x401}, r0, 0xc, r1, 0x2) 07:53:25 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xa700}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:25 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000048f00"}, 0x2c) 07:53:25 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070") r1 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10003, 0x80011, r1, 0x0) get_mempolicy(&(0x7f0000000080), &(0x7f0000000100), 0x6140, &(0x7f0000002000/0x2000)=nil, 0x4) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x208000, 0x0) 07:53:25 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x689]}}, 0x1c) 07:53:25 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000140)='./file0//ile0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:25 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00l\x00'}, 0x2c) 07:53:25 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000180)="025c3f0a00145f8f764070") sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000040), 0xc, &(0x7f0000000080)={&(0x7f0000000880)=ANY=[]}, 0x1, 0x0, 0x0, 0x800}, 0x0) r1 = socket(0x10, 0x3, 0x0) setsockopt$inet_mreqsrc(r1, 0x0, 0x27, &(0x7f0000000100)={@rand_addr=0x1, @empty, @local}, 0xc) ioctl$sock_ifreq(r1, 0x89f3, &(0x7f0000000000)={'ip6tnl0\x00', @ifru_ivalue=0x9}) r2 = syz_open_dev$adsp(&(0x7f0000000200)='/dev/adsp#\x00', 0x8001, 0x800) ioctl$SNDRV_RAWMIDI_IOCTL_DROP(r2, 0x40045730, &(0x7f0000000240)=0x1) getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000140), &(0x7f00000001c0)=0x4) 07:53:25 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x6}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:25 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00h\x00'}, 0x2c) 07:53:25 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x17, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:25 executing program 5: r0 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x80000, 0x0) ioctl$KVM_SET_CLOCK(r1, 0x4030ae7b, &(0x7f0000000200)={0x1, 0x3}) perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0x0, r0, 0x0) clone(0x0, &(0x7f0000000300), &(0x7f00000001c0), &(0x7f0000000280), &(0x7f0000000100)="4b2c5c5aed62d57490f3e6adb6b190bad5ce5677864556f389d22e09eda4855cb825bc9247245415c4dbf0f3f260dc2782c80c3ebf32f756b9ad14b2effcb9e02d02624481364be307025e121f2f42947ec475d7db9de3a1b35620fa3a8cb2a8f83aa271b19036eb5c9e3192e33360ac42073b95b51b68ea443c98bd9cde5a0a204c13b8fb39c911ec2ca29be18891fd434eb73796a60bdf6e2dcac4e70c792325fae479253fc5e50000") 07:53:25 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(&(0x7f0000000400)='./file0\x00', &(0x7f0000000300)='./file0\x00', &(0x7f00000003c0)='cgroup2\x00', 0x2100000, 0x0) r0 = syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0x1f, 0x400000) ioctl$KVM_SET_CLOCK(r0, 0x4030ae7b, &(0x7f0000000180)={0x6, 0x8000}) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) openat$cgroup_procs(r1, &(0x7f0000000080)='cgroup.procs\x00', 0x2, 0x0) getsockopt$inet6_buf(r1, 0x29, 0x2d, &(0x7f0000000440)=""/200, &(0x7f0000000000)=0xc8) unshare(0x400000000000) 07:53:25 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x83, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:25 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x7}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:25 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = fcntl$getown(r0, 0x9) write$cgroup_pid(r0, &(0x7f0000000000)=r1, 0x12) write$cgroup_pid(r0, &(0x7f0000000100)=r1, 0xfffffffffffffe93) r2 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) setsockopt$inet6_MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000280)={{0xa, 0x4e20, 0x2, @dev={0xfe, 0x80, [], 0x10}, 0x99}, {0xa, 0x4e20, 0xfffffffffffffffb, @ipv4={[], [], @broadcast}, 0x9}, 0x4d9, [0x10001, 0x6, 0x6, 0x3, 0xfbb, 0xffffffffffffff7c, 0x8, 0x5]}, 0x5c) ioctl$EVIOCGMTSLOTS(r0, 0x8040450a, &(0x7f0000000300)=""/138) write$cgroup_pid(r2, &(0x7f0000000140), 0x12) unshare(0x4000000) [ 2241.434247] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2241.445287] syz-executor0 cpuset=/ mems_allowed=0 [ 2241.450233] CPU: 1 PID: 28021 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2241.457597] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2241.466956] Call Trace: [ 2241.469560] dump_stack+0x1c9/0x2b4 [ 2241.473225] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2241.478430] ? trace_hardirqs_on+0x10/0x10 [ 2241.482676] dump_header+0x27b/0xf64 [ 2241.486410] ? pagefault_out_of_memory+0x197/0x197 [ 2241.491350] ? __lock_acquire+0x7fc/0x5020 [ 2241.495598] ? print_usage_bug+0xc0/0xc0 [ 2241.499679] ? graph_lock+0x170/0x170 [ 2241.503497] ? print_usage_bug+0xc0/0xc0 [ 2241.507567] ? trace_hardirqs_on+0x10/0x10 [ 2241.511818] ? print_usage_bug+0xc0/0xc0 [ 2241.515893] ? lock_downgrade+0x8f0/0x8f0 [ 2241.520056] ? mark_held_locks+0xc9/0x160 [ 2241.524210] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2241.528798] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2241.533912] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2241.538935] ? trace_hardirqs_on+0xd/0x10 [ 2241.543093] ? ___ratelimit+0xaa/0x655 [ 2241.546975] ? idr_get_free+0x10c0/0x10c0 [ 2241.551108] ? kasan_check_write+0x14/0x20 [ 2241.555329] ? do_raw_spin_lock+0xc1/0x200 [ 2241.559556] oom_kill_process.cold.25+0x10/0x10bc [ 2241.564389] ? oom_evaluate_task+0x540/0x540 [ 2241.568781] ? find_held_lock+0x36/0x1c0 [ 2241.572834] ? lock_downgrade+0x8f0/0x8f0 [ 2241.576970] ? kasan_check_read+0x11/0x20 [ 2241.581102] ? rcu_is_watching+0x8c/0x150 [ 2241.585250] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2241.589649] ? oom_badness+0xb00/0xb00 [ 2241.593535] ? rcu_read_unlock+0x35/0x70 [ 2241.597589] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2241.601824] ? css_task_iter_end+0x2ce/0x490 [ 2241.606226] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2241.610970] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2241.615977] ? trace_hardirqs_on+0xd/0x10 [ 2241.620115] ? _raw_spin_unlock_irq+0x27/0x70 [ 2241.624597] ? oom_badness+0xb00/0xb00 [ 2241.628470] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2241.633223] ? mem_cgroup_iter_break+0x30/0x30 [ 2241.637806] out_of_memory+0xa8a/0x14d0 [ 2241.641770] ? oom_killer_disable+0x3a0/0x3a0 [ 2241.646251] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2241.651277] ? trace_hardirqs_on+0xd/0x10 [ 2241.655418] mem_cgroup_out_of_memory+0x15e/0x210 [ 2241.660250] ? memcg_memory_event+0x40/0x40 [ 2241.664563] ? _raw_spin_unlock+0x22/0x30 [ 2241.668702] mem_cgroup_oom_synchronize+0x713/0x940 [ 2241.673708] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2241.679148] ? memcg_event_wake+0x450/0x450 [ 2241.683476] pagefault_out_of_memory+0xc8/0x197 [ 2241.688135] ? out_of_memory+0x14d0/0x14d0 [ 2241.692365] ? __handle_mm_fault+0x4460/0x4460 [ 2241.696948] mm_fault_error+0x1de/0x380 [ 2241.700916] __do_page_fault+0xd25/0xe50 [ 2241.704973] ? mm_fault_error+0x380/0x380 [ 2241.709116] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2241.714655] ? __x64_sys_clock_gettime+0x170/0x250 [ 2241.719570] ? __ia32_sys_clock_settime+0x290/0x290 [ 2241.724572] do_page_fault+0xf6/0x8c0 [ 2241.728361] ? vmalloc_sync_all+0x30/0x30 [ 2241.732495] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2241.738027] ? do_syscall_64+0x497/0x820 [ 2241.742091] ? syscall_slow_exit_work+0x500/0x500 [ 2241.746925] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2241.751843] ? syscall_return_slowpath+0x31d/0x5e0 [ 2241.756765] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2241.762134] ? page_fault+0x8/0x30 [ 2241.765662] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2241.770504] ? page_fault+0x8/0x30 [ 2241.774040] page_fault+0x1e/0x30 [ 2241.777486] RIP: 0033:0x46f8fd [ 2241.780662] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2241.799851] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2241.805206] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2241.812487] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2241.819754] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2241.827029] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2241.834309] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2241.842489] Task in /ile0 killed as a result of limit of /ile0 [ 2241.848525] memory: usage 24kB, limit 20kB, failcnt 10005 [ 2241.854091] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2241.860861] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2241.867057] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2241.886555] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2241.895352] [28021] 0 28021 17585 8732 126976 0 0 syz-executor0 [ 2241.904323] Memory cgroup out of memory: Kill process 28021 (syz-executor0) score 1752600 or sacrifice child [ 2241.914370] Killed process 28021 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:26 executing program 6: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = syz_open_dev$sndctrl(&(0x7f0000000080)='/dev/snd/controlC#\x00', 0x2, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_INFO(r1, 0x40045542, &(0x7f0000004000)) r2 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x200, 0x0) syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x20, 0x0) utimes(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)={{0x77359400}, {0x77359400}}) r3 = gettid() timer_create(0x0, &(0x7f00005b6000)={0x0, 0x12, 0x0, @thr={&(0x7f0000000400), &(0x7f0000000440)}}, &(0x7f0000044000)) fsetxattr(r0, &(0x7f0000000100)=@known='security.selinux\x00', &(0x7f0000000140)='/dev/snd/controlC#\x00', 0x13, 0x0) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r3, 0x1000000000016) close(r2) 07:53:26 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00 \x00'}, 0x2c) 07:53:26 executing program 5: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = open(&(0x7f0000000040)='./file0\x00', 0x2, 0x80) setsockopt$XDP_RX_RING(r0, 0x11b, 0x2, &(0x7f0000000080)=0x105018, 0x4) syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x0) r1 = syz_open_dev$evdev(&(0x7f0000000100)='/dev/input/event#\x00', 0x3, 0x402) write$binfmt_elf32(r1, &(0x7f0000000140)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x0, 0x38}, [{}]}, 0x58) write$binfmt_elf32(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB="7f454c460000000000000000000000000200010081000000"], 0x18) write$binfmt_elf64(r1, &(0x7f0000000380)=ANY=[@ANYBLOB="7f454c460000000000000000000000000000000000000000000000000000000000000000000000380000000000000000fffffffffffffff700000000000000000000000000000000000000e9dc150fdb9220ce1337948ac04b0c00000000000000000000000000000000"], 0x78) 07:53:26 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x900000000000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:26 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1100000000000000]}}, 0x1c) 07:53:26 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0xdf, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:26 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0xd2, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:26 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4020000) [ 2241.926656] oom_reaper: reaped process 28021 (syz-executor0), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB 07:53:26 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00l\x00'}, 0x2c) [ 2242.007440] net_ratelimit: 12 callbacks suppressed [ 2242.007449] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:26 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x2) ioctl(r0, 0x8912, &(0x7f0000000180)="025c3f0a00145f8f764070") r1 = shmget(0x3, 0x3000, 0x80, &(0x7f0000ffc000/0x3000)=nil) shmctl$IPC_STAT(r1, 0x2, &(0x7f0000000100)=""/90) r2 = socket(0x1e, 0x2, 0x0) bind(r2, &(0x7f00000001c0)=@generic={0x1e, "0103000000000000000000000000000009a979f321b30c7bc8790405c7bad62e0a43a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb31f1314a8ef151622ca5bdb9c8ead2000077aeb81c90001d6d7c980ee590c8b9f70dc136cb184a"}, 0x80) bind(r2, &(0x7f0000afb000)=@generic={0x1e, "01030000000000b9000000004700000000a979f321b30c7bc8790405c7bad62e0a63a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb3151d24acef1f1622ca5bdb9c8ea31000077aeb81c90001d6d7c980400000000f70dc136cb184a"}, 0x80) splice(r2, &(0x7f0000000240), r0, &(0x7f0000000280), 0x80, 0x0) r3 = socket(0x1e, 0x2, 0x0) r4 = semget(0x3, 0x0, 0x100) semctl$SEM_STAT(r4, 0x3, 0x12, &(0x7f00000002c0)=""/235) recvfrom(r0, &(0x7f0000000000)=""/94, 0x5e, 0x40012140, 0x0, 0x0) r5 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0xc0, 0x404440) ioctl$SIOCGIFHWADDR(r5, 0x8927, &(0x7f00000000c0)) bind(r3, &(0x7f0000afb000)=@generic={0x1e, "01030000000000b9000000004700000000a979f321b30c7bc8790405c7bad62e0a63a632ed4938d36d73fb8f8401a3ff59829a2b0afe7ce43a4b2470a0c5216669ca021f6f65dcf160e7e58f358c0002f0000158d19bcb3151d24acef1f1622ca5bdb9c8ea31000077aeb81c90001b6d7c980400000000f70dc136cb184a"}, 0x80) r6 = socket(0x1e, 0x5, 0x0) sendmsg(r6, &(0x7f0000316000)={&(0x7f0000dd7000)=@generic={0x10000000001e, "010000000000000000000001e526cc573c5bf86c483724c71e14dd6a739effea1b48006be61ffe06d79f00000000000000076c3f010039d8f986ff03000000000000af50d5fe32c419d67bcbc7e3ad316a198356ed0008341c1fd45624281e27800ece70b076cf979ac40000bd767e2e78a1dfd300981a1565b3b16d7436"}, 0xffffffffffffff37, &(0x7f0000d0bfd0), 0x36a, &(0x7f0000000100)}, 0x0) [ 2242.060294] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:26 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x134, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2242.113341] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2242.124443] syz-executor0 cpuset=/ mems_allowed=0 [ 2242.129414] CPU: 0 PID: 28043 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2242.136780] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2242.146141] Call Trace: [ 2242.148740] dump_stack+0x1c9/0x2b4 [ 2242.152386] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2242.157594] ? trace_hardirqs_on+0x10/0x10 07:53:26 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4305000000000000]}}, 0x1c) 07:53:26 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x22d, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2242.161844] dump_header+0x27b/0xf64 [ 2242.165582] ? pagefault_out_of_memory+0x197/0x197 [ 2242.170522] ? perf_trace_lock+0xde/0x920 [ 2242.174683] ? __lock_acquire+0x7fc/0x5020 [ 2242.178930] ? zap_class+0x740/0x740 [ 2242.182653] ? print_usage_bug+0xc0/0xc0 [ 2242.186738] ? perf_trace_lock+0xde/0x920 [ 2242.190901] ? graph_lock+0x170/0x170 [ 2242.194715] ? print_usage_bug+0xc0/0xc0 [ 2242.198791] ? zap_class+0x740/0x740 [ 2242.202533] ? print_usage_bug+0xc0/0xc0 [ 2242.206620] ? lock_downgrade+0x8f0/0x8f0 [ 2242.210788] ? mark_held_locks+0xc9/0x160 [ 2242.214942] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2242.219536] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2242.224653] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2242.229686] ? trace_hardirqs_on+0xd/0x10 [ 2242.233851] ? ___ratelimit+0xaa/0x655 [ 2242.237753] ? idr_get_free+0x10c0/0x10c0 [ 2242.241914] ? kasan_check_write+0x14/0x20 [ 2242.246166] ? do_raw_spin_lock+0xc1/0x200 [ 2242.250423] oom_kill_process.cold.25+0x10/0x10bc [ 2242.255294] ? oom_evaluate_task+0x540/0x540 [ 2242.259718] ? find_held_lock+0x36/0x1c0 07:53:26 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x69, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:26 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x182, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2242.263804] ? lock_downgrade+0x8f0/0x8f0 [ 2242.267966] ? rcu_is_watching+0x8c/0x150 [ 2242.272127] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2242.276550] ? oom_badness+0xb00/0xb00 [ 2242.280465] ? rcu_read_unlock+0x35/0x70 [ 2242.284541] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2242.288787] ? css_task_iter_end+0x2ce/0x490 [ 2242.293211] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2242.297982] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2242.303013] ? trace_hardirqs_on+0xd/0x10 [ 2242.307174] ? _raw_spin_unlock_irq+0x27/0x70 [ 2242.311704] ? oom_badness+0xb00/0xb00 [ 2242.315606] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2242.320409] ? mem_cgroup_iter_break+0x30/0x30 [ 2242.325026] out_of_memory+0xa8a/0x14d0 [ 2242.329025] ? oom_killer_disable+0x3a0/0x3a0 [ 2242.334071] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2242.339103] ? trace_hardirqs_on+0xd/0x10 [ 2242.343272] mem_cgroup_out_of_memory+0x15e/0x210 [ 2242.348134] ? memcg_memory_event+0x40/0x40 [ 2242.352488] ? _raw_spin_unlock+0x22/0x30 [ 2242.356649] mem_cgroup_oom_synchronize+0x713/0x940 07:53:26 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0xd8, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2242.361682] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2242.367144] ? memcg_event_wake+0x450/0x450 [ 2242.371489] pagefault_out_of_memory+0xc8/0x197 [ 2242.376166] ? out_of_memory+0x14d0/0x14d0 [ 2242.380422] ? __handle_mm_fault+0x4460/0x4460 [ 2242.385021] mm_fault_error+0x1de/0x380 [ 2242.389014] __do_page_fault+0xd25/0xe50 [ 2242.393097] ? mm_fault_error+0x380/0x380 [ 2242.397267] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2242.402817] ? __x64_sys_clock_gettime+0x170/0x250 [ 2242.407760] ? __ia32_sys_clock_settime+0x290/0x290 [ 2242.412797] do_page_fault+0xf6/0x8c0 [ 2242.416609] ? vmalloc_sync_all+0x30/0x30 [ 2242.421289] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2242.426838] ? do_syscall_64+0x497/0x820 [ 2242.430914] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2242.435859] ? syscall_return_slowpath+0x31d/0x5e0 [ 2242.440800] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2242.446175] ? page_fault+0x8/0x30 [ 2242.449726] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2242.454583] ? page_fault+0x8/0x30 [ 2242.458137] page_fault+0x1e/0x30 [ 2242.461592] RIP: 0033:0x40e33f [ 2242.464812] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2242.484231] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2242.489615] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2242.496898] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2242.504180] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2242.511465] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2242.518835] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2242.527388] Task in /ile0 killed as a result of limit of /ile0 [ 2242.533495] memory: usage 24kB, limit 20kB, failcnt 10025 [ 2242.539093] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2242.545906] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 07:53:26 executing program 6: r0 = socket$inet6(0xa, 0x0, 0x0) ioctl(0xffffffffffffffff, 0x8912, &(0x7f0000000280)) mkdir(&(0x7f00000013c0)='./file0\x00', 0x0) clone(0x0, &(0x7f0000001580), &(0x7f0000001300), &(0x7f0000001540), &(0x7f0000001500)) mount(&(0x7f0000000080)='./file0\x00', &(0x7f0000001340)='./file0\x00', &(0x7f00000012c0)='proc\x00', 0x0, &(0x7f0000001400)) r1 = open$dir(&(0x7f0000000040)='./file0\x00', 0x0, 0x0) getdents64(r1, &(0x7f00000002c0)=""/4096, 0x1000) r2 = dup3(r1, r0, 0x80000) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffff9c, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000000)={0xffffffffffffffff}, 0x106}}, 0x20) write$RDMA_USER_CM_CMD_BIND(r2, &(0x7f0000001400)={0x14, 0x88, 0xfa00, {r3, 0x1c, 0x0, @ib={0x1b, 0x800, 0x2, {"5a1d31f29af23431e43190177a46c9b9"}, 0x20, 0xf97}}}, 0x90) wait4(0x0, &(0x7f0000000100), 0x0, &(0x7f00000001c0)) 07:53:26 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x8a, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:26 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\n\x00'}, 0x2c) 07:53:26 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xa00}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:26 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x16a, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:26 executing program 5: r0 = syz_open_dev$dspn(&(0x7f0000000040)='/dev/dsp#\x00', 0x401, 0x8000) r1 = open(&(0x7f0000000100)='./file0\x00', 0x141101, 0x10) linkat(r0, &(0x7f00000000c0)='./file0\x00', r1, &(0x7f0000000140)='./file0\x00', 0x400) r2 = socket$inet6(0xa, 0x3, 0x1) ioctl(r2, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070") r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000080)={"726f736530000d000000000000000400", 0x5}) ioctl$TUNSETOFFLOAD(r3, 0x400454d4, 0x0) 07:53:26 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000100)='./file0//ile0\x00', 0x4000000, 0x20) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000140)=0x0) write$cgroup_pid(r1, &(0x7f0000000000)=r2, 0xd) unshare(0x4000000) [ 2242.552146] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2242.571695] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2242.580487] [28043] 0 28043 17618 8732 126976 0 0 syz-executor0 [ 2242.589399] Memory cgroup out of memory: Kill process 28043 (syz-executor0) score 1752600 or sacrifice child [ 2242.599449] Killed process 28043 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2242.698325] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2242.703005] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2242.724146] syz-executor0 cpuset=/ mems_allowed=0 [ 2242.729098] CPU: 0 PID: 28107 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2242.736465] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2242.745847] Call Trace: [ 2242.748456] dump_stack+0x1c9/0x2b4 [ 2242.752101] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2242.757304] ? trace_hardirqs_on+0x10/0x10 [ 2242.761553] dump_header+0x27b/0xf64 [ 2242.765283] ? pagefault_out_of_memory+0x197/0x197 [ 2242.770219] ? __lock_acquire+0x7fc/0x5020 [ 2242.774469] ? print_usage_bug+0xc0/0xc0 [ 2242.778545] ? graph_lock+0x170/0x170 [ 2242.782350] ? print_usage_bug+0xc0/0xc0 [ 2242.786426] ? trace_hardirqs_on+0x10/0x10 [ 2242.790675] ? print_usage_bug+0xc0/0xc0 [ 2242.794754] ? lock_downgrade+0x8f0/0x8f0 [ 2242.798914] ? mark_held_locks+0xc9/0x160 [ 2242.803065] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2242.807655] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2242.812776] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2242.817800] ? trace_hardirqs_on+0xd/0x10 [ 2242.821956] ? ___ratelimit+0xaa/0x655 [ 2242.825849] ? idr_get_free+0x10c0/0x10c0 [ 2242.830000] ? kasan_check_write+0x14/0x20 [ 2242.834326] ? do_raw_spin_lock+0xc1/0x200 [ 2242.838571] oom_kill_process.cold.25+0x10/0x10bc [ 2242.843436] ? oom_evaluate_task+0x540/0x540 07:53:26 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x15c, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:26 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0xe6, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:26 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0xfffffffffffffffc, 0x0) splice(r0, &(0x7f00000000c0), r0, &(0x7f0000000100), 0x10001, 0x4) openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x80000, 0x0) r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x240000, 0x0) setsockopt$inet6_tcp_int(r1, 0x6, 0x3f, &(0x7f0000000040)=0x9, 0x4) 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000001100"}, 0x2c) [ 2242.847880] ? find_held_lock+0x36/0x1c0 [ 2242.851955] ? lock_downgrade+0x8f0/0x8f0 [ 2242.856115] ? kasan_check_read+0x11/0x20 [ 2242.860266] ? rcu_is_watching+0x8c/0x150 [ 2242.864420] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2242.868836] ? oom_badness+0xb00/0xb00 [ 2242.872752] ? rcu_read_unlock+0x35/0x70 [ 2242.876816] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2242.881062] ? css_task_iter_end+0x2ce/0x490 [ 2242.885478] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2242.890241] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2242.895265] ? trace_hardirqs_on+0xd/0x10 07:53:27 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000]}}, 0x1c) 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000300"}, 0x2c) [ 2242.899426] ? _raw_spin_unlock_irq+0x27/0x70 [ 2242.903951] ? oom_badness+0xb00/0xb00 [ 2242.907845] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2242.912631] ? mem_cgroup_iter_break+0x30/0x30 [ 2242.917249] out_of_memory+0xa8a/0x14d0 [ 2242.921243] ? oom_killer_disable+0x3a0/0x3a0 [ 2242.925746] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2242.930769] ? trace_hardirqs_on+0xd/0x10 [ 2242.934943] mem_cgroup_out_of_memory+0x15e/0x210 [ 2242.939795] ? memcg_memory_event+0x40/0x40 [ 2242.944129] ? _raw_spin_unlock+0x22/0x30 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}, 0x2c) [ 2242.948285] mem_cgroup_oom_synchronize+0x713/0x940 [ 2242.953307] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2242.958762] ? memcg_event_wake+0x450/0x450 [ 2242.963101] pagefault_out_of_memory+0xc8/0x197 [ 2242.967776] ? out_of_memory+0x14d0/0x14d0 [ 2242.972024] ? __handle_mm_fault+0x4460/0x4460 [ 2242.976616] mm_fault_error+0x1de/0x380 [ 2242.980609] __do_page_fault+0xd25/0xe50 [ 2242.984687] ? mm_fault_error+0x380/0x380 [ 2242.988846] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2242.994391] ? __x64_sys_clock_gettime+0x170/0x250 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000500"}, 0x2c) [ 2242.999333] ? __ia32_sys_clock_settime+0x290/0x290 [ 2243.004364] do_page_fault+0xf6/0x8c0 [ 2243.008183] ? vmalloc_sync_all+0x30/0x30 [ 2243.012340] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2243.017892] ? do_syscall_64+0x497/0x820 [ 2243.021965] ? syscall_slow_exit_work+0x500/0x500 [ 2243.026814] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2243.031752] ? syscall_return_slowpath+0x31d/0x5e0 [ 2243.036688] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2243.042064] ? page_fault+0x8/0x30 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00`\x00'}, 0x2c) 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000000000000300"}, 0x2c) [ 2243.045613] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2243.050461] ? page_fault+0x8/0x30 [ 2243.054438] page_fault+0x1e/0x30 [ 2243.057889] RIP: 0033:0x46f8fd [ 2243.061084] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2243.080463] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2243.085853] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2243.093130] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00l\x00'}, 0x2c) 07:53:27 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x11e, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2243.100414] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2243.107690] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2243.114988] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2243.122493] Task in /ile0 killed as a result of limit of /ile0 [ 2243.128561] memory: usage 24kB, limit 20kB, failcnt 10057 [ 2243.134162] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2243.140965] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2243.147173] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2243.166710] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2243.175576] [28107] 0 28107 17585 8732 126976 0 0 syz-executor0 [ 2243.184592] Memory cgroup out of memory: Kill process 28107 (syz-executor0) score 1752600 or sacrifice child [ 2243.194687] Killed process 28107 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2243.207255] oom_reaper: reaped process 28107 (syz-executor0), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB [ 2243.242976] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:27 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x16d, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00t\x00'}, 0x2c) 07:53:27 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x8) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) sendmsg$nl_crypto(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)=@delrng={0x10, 0x14, 0x4, 0x70bd27, 0x25dfdbfc, "", [""]}, 0x10}, 0x1, 0x0, 0x0, 0x840}, 0x10) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:27 executing program 5: r0 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0) write$binfmt_misc(r0, &(0x7f0000000200)=ANY=[@ANYBLOB="00007a0a36a8b1907c8e9a6513e544ecbd001d7b0092f3ea5f91a2faf777c2820857c6f2549321082449f083531c8a26dcc9b08cebf8afd834c83e833ce7f8bcd4634e1e6c472cc4e13cda91a979159c52fe7d716ef450bf28c39f3c11822fb7dc317be687dd5215fa448b791a11438c472a4517a76b360f14d00fad89a7649171ee560d7579f50ec7bd217ab4482f7e46a1bdbd285d857b6c84291c9d230ac2f65bdcaa2ec8074f5a3435c95aca7370e88bf780377625719011c0a514534800000000000000"], 0x4) ioctl$BLKGETSIZE64(r0, 0x80081272, &(0x7f00000001c0)) execveat(r0, &(0x7f0000000000)='\x00', &(0x7f00000001c0), &(0x7f0000000180)=[&(0x7f0000000080)='\x00', &(0x7f0000000100)='vboxnet0bdev\x00', &(0x7f0000000140)='\x00'], 0x1000) 07:53:27 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xfffffff0}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:27 executing program 6: rt_sigprocmask(0x0, &(0x7f0000037ff8)={0xfffffffffffffffe}, 0x0, 0x8) r0 = syz_open_procfs(0x0, &(0x7f00000001c0)="6e65742f69505f7461626c65735f6d61746368657300651ddea5c1d22f40ac8c6e5e5e14d86450afc04419d8111cbdb9c604ae59b460e6bf3d8eb3dcc1b0deb4ae19684b48d0d8330240e009bf7e98e946faee373518d3e535f8ed157c765988b9e46364444a0bd3d2fe25a49a0e4b61a7ed220f2c38c28df890942db7bd2feccc8a81d6df9fe5968c9fee25cb40806a0a7da77c9de3732f5c3bb27959fbbb3375ae719c509decc0de2a920f70953340e2b1ec3152e902e48048f7f0cd1b9e92513b11d0d1d5a68edec53eb61b152ade232aab") ftruncate(r0, 0x100000000) pipe(&(0x7f0000000000)) [ 2243.368731] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2243.379716] syz-executor0 cpuset=/ mems_allowed=0 [ 2243.384642] CPU: 1 PID: 28179 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2243.392000] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2243.401357] Call Trace: [ 2243.403954] dump_stack+0x1c9/0x2b4 [ 2243.407614] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2243.412818] ? trace_hardirqs_on+0x10/0x10 07:53:27 executing program 5: r0 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r0, &(0x7f0000cd0000)={0x0, 0x0, &(0x7f00008feff0)={&(0x7f0000f85000)={0x2, 0x1, 0x0, 0x2, 0xc, 0x0, 0x0, 0x0, [@sadb_address={0x5, 0x6, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[], [], @multicast2}}}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x0, 0x0, @ipv4={[], [], @broadcast}}}]}, 0x60}}, 0x0) sendmsg$key(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="e3090019103d8d4903f4a00000000000"], 0x10}}, 0x0) 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}, 0x2c) 07:53:27 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x806]}}, 0x1c) [ 2243.417067] dump_header+0x27b/0xf64 [ 2243.420803] ? pagefault_out_of_memory+0x197/0x197 [ 2243.425752] ? __lock_acquire+0x7fc/0x5020 [ 2243.429994] ? print_usage_bug+0xc0/0xc0 [ 2243.434069] ? graph_lock+0x170/0x170 [ 2243.437876] ? print_usage_bug+0xc0/0xc0 [ 2243.441952] ? trace_hardirqs_on+0x10/0x10 [ 2243.446197] ? print_usage_bug+0xc0/0xc0 [ 2243.450275] ? lock_downgrade+0x8f0/0x8f0 [ 2243.454434] ? mark_held_locks+0xc9/0x160 [ 2243.458585] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2243.463178] ? _raw_spin_unlock_irqrestore+0x74/0xc0 07:53:27 executing program 6: r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000)='/dev/net/tun\x00', 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'irlan0\x00', 0x1}) ioctl$TUNSETVNETBE(r0, 0x401054d5, &(0x7f0000000100)) openat$tun(0xffffffffffffff9c, &(0x7f0000000040)='/dev/net/tun\x00', 0x20000, 0x0) 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000600"}, 0x2c) [ 2243.468291] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2243.473311] ? trace_hardirqs_on+0xd/0x10 [ 2243.477468] ? ___ratelimit+0xaa/0x655 [ 2243.481360] ? idr_get_free+0x10c0/0x10c0 [ 2243.485516] ? kasan_check_write+0x14/0x20 [ 2243.489758] ? do_raw_spin_lock+0xc1/0x200 [ 2243.494002] oom_kill_process.cold.25+0x10/0x10bc [ 2243.498868] ? oom_evaluate_task+0x540/0x540 [ 2243.503279] ? find_held_lock+0x36/0x1c0 [ 2243.507353] ? lock_downgrade+0x8f0/0x8f0 [ 2243.511511] ? kasan_check_read+0x11/0x20 [ 2243.515662] ? rcu_is_watching+0x8c/0x150 [ 2243.519814] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2243.524241] ? oom_badness+0xb00/0xb00 [ 2243.524833] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2243.528193] ? rcu_read_unlock+0x35/0x70 [ 2243.528208] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2243.528224] ? css_task_iter_end+0x2ce/0x490 [ 2243.528241] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2243.528256] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2243.528272] ? trace_hardirqs_on+0xd/0x10 [ 2243.528286] ? _raw_spin_unlock_irq+0x27/0x70 [ 2243.528301] ? oom_badness+0xb00/0xb00 [ 2243.528315] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2243.528330] ? mem_cgroup_iter_break+0x30/0x30 [ 2243.528358] out_of_memory+0xa8a/0x14d0 [ 2243.528378] ? oom_killer_disable+0x3a0/0x3a0 [ 2243.528397] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2243.528413] ? trace_hardirqs_on+0xd/0x10 [ 2243.528436] mem_cgroup_out_of_memory+0x15e/0x210 [ 2243.528452] ? memcg_memory_event+0x40/0x40 [ 2243.528469] ? _raw_spin_unlock+0x22/0x30 07:53:27 executing program 6: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x1, 0x14, 0x5, 0x6}, 0x2c) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000080)={r0}, 0x20) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000200)={r0, &(0x7f0000000000), &(0x7f0000000140)=""/144}, 0x18) [ 2243.528487] mem_cgroup_oom_synchronize+0x713/0x940 [ 2243.528503] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2243.528516] ? memcg_event_wake+0x450/0x450 [ 2243.528545] pagefault_out_of_memory+0xc8/0x197 [ 2243.528558] ? out_of_memory+0x14d0/0x14d0 [ 2243.528580] ? __handle_mm_fault+0x4460/0x4460 [ 2243.528597] mm_fault_error+0x1de/0x380 [ 2243.528615] __do_page_fault+0xd25/0xe50 [ 2243.528636] ? mm_fault_error+0x380/0x380 [ 2243.528654] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2243.528668] ? __x64_sys_clock_gettime+0x170/0x250 [ 2243.528685] ? __ia32_sys_clock_settime+0x290/0x290 [ 2243.578322] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2243.582978] do_page_fault+0xf6/0x8c0 [ 2243.582995] ? vmalloc_sync_all+0x30/0x30 [ 2243.583012] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2243.583028] ? do_syscall_64+0x497/0x820 [ 2243.583045] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2243.583062] ? syscall_return_slowpath+0x31d/0x5e0 [ 2243.583080] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2243.583095] ? page_fault+0x8/0x30 [ 2243.583109] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2243.583124] ? page_fault+0x8/0x30 [ 2243.583138] page_fault+0x1e/0x30 [ 2243.583148] RIP: 0033:0x40e33f [ 2243.583152] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2243.583414] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2243.583428] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2243.583437] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2243.583446] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2243.583455] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2243.583463] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2243.583604] Task in [ 2243.591485] IPVS: set_ctl: invalid protocol: 0 172.20.20.0:0 [ 2243.592127] /ile0 killed as a result of limit of /ile0 [ 2243.592153] memory: usage 24kB, limit 20kB, failcnt 10077 [ 2243.592162] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2243.592172] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2243.592177] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2243.853975] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000008f0400"}, 0x2c) 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00t\x00'}, 0x2c) 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000500"}, 0x2c) 07:53:27 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x8d, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:27 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1f7, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:27 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00L\x00'}, 0x2c) 07:53:28 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) openat$cgroup_procs(r0, &(0x7f0000000140)='tasks\x00', 0x2, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:28 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\t\x00'}, 0x2c) [ 2243.862811] [28179] 0 28179 17618 8732 126976 0 0 syz-executor0 [ 2243.871732] Memory cgroup out of memory: Kill process 28179 (syz-executor0) score 1752600 or sacrifice child [ 2243.881774] Killed process 28179 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:28 executing program 5: r0 = accept4(0xffffffffffffffff, &(0x7f0000000080)=@hci, &(0x7f0000000000)=0x80, 0x80000) setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0x7, &(0x7f0000000100)={0x9, 0x4, 0x9, 0x7}, 0x10) ioctl$PPPIOCGL2TPSTATS(0xffffffffffffffff, 0x80487436, &(0x7f0000000400)) clock_gettime(0x0, &(0x7f00000008c0)) request_key(&(0x7f00000002c0)='id_resolver\x00', &(0x7f00000006c0), &(0x7f0000000700)='cgroup2\x00', 0xffffffffffffffff) syz_open_dev$sndseq(&(0x7f0000000040)='/dev/snd/seq\x00', 0x0, 0x80000) clone(0x0, &(0x7f0000000b40), &(0x7f0000000c40), &(0x7f0000000c80), &(0x7f0000000cc0)) 07:53:28 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xffffff7f00000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:28 executing program 6: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r0, 0x6, 0x80000000000002, &(0x7f0000000140)=0x78, 0x4) bind$inet(r0, &(0x7f0000deb000)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x3, &(0x7f0000000000)=[{0x7, 0x0, 0x100000000, 0xfffffffffffffffe}, {0xa6, 0x6c6, 0xfffffffffffffff7, 0x10001}, {0x100000001, 0x6, 0x101, 0x9}]}, 0x10) setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000080)={0x1, &(0x7f0000f40ff8)=[{0x6, 0x0, 0x0, 0xe8}]}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='hybla\x00', 0x6) sendto$inet(r0, &(0x7f0000a88f88), 0xfffffffffffffe6e, 0x20000000, &(0x7f0000e68000)={0x2, 0x4004e23, @local}, 0x10) shutdown(r0, 0x1) 07:53:28 executing program 5: r0 = socket(0x40000000015, 0x5, 0x0) bind$inet(r0, &(0x7f0000fc4000)={0x2, 0x0, @loopback}, 0x10) sendmmsg(r0, &(0x7f0000573000)=[{{&(0x7f0000000000)=@in={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x80, &(0x7f0000926fb0), 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="583fa2ffed0000000000000014010000060000000000000000000000000000a139289a9e80403089ed688f4d738a595553aab45f8dd0678bbe7b46f8e89f8f659e671c9b63b74d9bc17700004f015de3ba9b55b600000000000000"], 0x58}}], 0x1, 0x0) [ 2244.044768] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2244.072583] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2244.083600] syz-executor0 cpuset=/ mems_allowed=0 [ 2244.088527] CPU: 0 PID: 28240 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2244.095890] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2244.105247] Call Trace: [ 2244.107849] dump_stack+0x1c9/0x2b4 [ 2244.111501] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2244.116708] ? trace_hardirqs_on+0x10/0x10 [ 2244.120940] dump_header+0x27b/0xf64 [ 2244.124649] ? pagefault_out_of_memory+0x197/0x197 [ 2244.129598] ? __lock_acquire+0x7fc/0x5020 [ 2244.133826] ? print_usage_bug+0xc0/0xc0 [ 2244.137881] ? graph_lock+0x170/0x170 [ 2244.141670] ? print_usage_bug+0xc0/0xc0 [ 2244.145719] ? trace_hardirqs_on+0x10/0x10 [ 2244.149949] ? print_usage_bug+0xc0/0xc0 [ 2244.154032] ? lock_downgrade+0x8f0/0x8f0 [ 2244.158175] ? mark_held_locks+0xc9/0x160 [ 2244.162311] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2244.166911] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2244.172008] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2244.177028] ? trace_hardirqs_on+0xd/0x10 [ 2244.181164] ? ___ratelimit+0xaa/0x655 [ 2244.185041] ? idr_get_free+0x10c0/0x10c0 [ 2244.189187] ? kasan_check_write+0x14/0x20 [ 2244.193410] ? do_raw_spin_lock+0xc1/0x200 [ 2244.197632] oom_kill_process.cold.25+0x10/0x10bc [ 2244.202481] ? oom_evaluate_task+0x540/0x540 [ 2244.206884] ? find_held_lock+0x36/0x1c0 [ 2244.210949] ? lock_downgrade+0x8f0/0x8f0 [ 2244.215089] ? kasan_check_read+0x11/0x20 [ 2244.219225] ? rcu_is_watching+0x8c/0x150 [ 2244.223359] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2244.227778] ? oom_badness+0xb00/0xb00 [ 2244.231659] ? rcu_read_unlock+0x35/0x70 [ 2244.235716] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2244.239936] ? css_task_iter_end+0x2ce/0x490 [ 2244.244332] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2244.249079] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2244.254083] ? trace_hardirqs_on+0xd/0x10 [ 2244.258229] ? _raw_spin_unlock_irq+0x27/0x70 [ 2244.262711] ? oom_badness+0xb00/0xb00 [ 2244.266595] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2244.271339] ? mem_cgroup_iter_break+0x30/0x30 [ 2244.275916] out_of_memory+0xa8a/0x14d0 [ 2244.279882] ? oom_killer_disable+0x3a0/0x3a0 [ 2244.284364] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2244.289367] ? trace_hardirqs_on+0xd/0x10 [ 2244.293508] mem_cgroup_out_of_memory+0x15e/0x210 [ 2244.298339] ? memcg_memory_event+0x40/0x40 [ 2244.302652] ? _raw_spin_unlock+0x22/0x30 [ 2244.306788] mem_cgroup_oom_synchronize+0x713/0x940 [ 2244.311791] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2244.317228] ? memcg_event_wake+0x450/0x450 [ 2244.321543] pagefault_out_of_memory+0xc8/0x197 [ 2244.326198] ? out_of_memory+0x14d0/0x14d0 [ 2244.330783] ? __handle_mm_fault+0x4460/0x4460 [ 2244.335355] mm_fault_error+0x1de/0x380 [ 2244.339317] __do_page_fault+0xd25/0xe50 [ 2244.343365] ? mm_fault_error+0x380/0x380 [ 2244.347503] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2244.353027] ? __x64_sys_clock_gettime+0x170/0x250 [ 2244.357941] ? __ia32_sys_clock_settime+0x290/0x290 [ 2244.362945] do_page_fault+0xf6/0x8c0 [ 2244.366731] ? vmalloc_sync_all+0x30/0x30 [ 2244.370863] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2244.376388] ? do_syscall_64+0x497/0x820 [ 2244.380434] ? syscall_slow_exit_work+0x500/0x500 [ 2244.385262] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2244.390185] ? syscall_return_slowpath+0x31d/0x5e0 [ 2244.395104] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2244.400451] ? page_fault+0x8/0x30 [ 2244.403989] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2244.408832] ? page_fault+0x8/0x30 [ 2244.412371] page_fault+0x1e/0x30 [ 2244.415823] RIP: 0033:0x40e33f [ 2244.418996] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2244.438225] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2244.443574] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2244.450827] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2244.458084] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2244.465338] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2244.472591] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2244.480896] Task in /ile0 killed as a result of limit of /ile0 [ 2244.486965] memory: usage 24kB, limit 20kB, failcnt 10097 [ 2244.492564] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2244.499351] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2244.505546] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2244.519852] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:28 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11]}}, 0x1c) 07:53:28 executing program 5: r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f0000000180)={&(0x7f0000000580)=@newsa={0xf0, 0x10, 0x501, 0x0, 0x0, {{@in6=@ipv4, @in6=@loopback}, {@in=@local, 0x0, 0x32}, @in=@remote, {}, {}, {}, 0x0, 0x0, 0x2}}, 0xf0}, 0x8}, 0x0) socketpair(0x1b, 0x1, 0x2, &(0x7f0000000480)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000500)='IPVS\x00') ioctl$EVIOCGKEYCODE_V2(r2, 0x80284504, &(0x7f0000000040)=""/57) sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f00000006c0)={&(0x7f00000004c0), 0xc, &(0x7f0000000680)={&(0x7f0000000540)={0x34, r3, 0x108, 0x70bd28, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_SERVICE={0x20, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'ovf\x00'}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x27, 0x20}}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x4000) 07:53:28 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00L\x00'}, 0x2c) 07:53:28 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x43, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:28 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x400000000000000, 0xfffffffffffffffd) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) [ 2244.525056] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2244.525285] [28240] 0 28240 17618 8732 126976 0 0 syz-executor0 [ 2244.525315] Memory cgroup out of memory: Kill process 28240 (syz-executor0) score 1752600 or sacrifice child [ 2244.525364] Killed process 28240 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:28 executing program 5: setsockopt(0xffffffffffffffff, 0x0, 0x4, &(0x7f0000000040), 0x0) 07:53:28 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x3000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:28 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000040)="0a5cc80700315f85714070") r1 = socket$inet_udp(0x2, 0x2, 0x0) connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10) r2 = socket(0xa, 0x1, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r2, 0x0, 0x2a, &(0x7f00000002c0)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) ioctl$sock_inet_SIOCGIFPFLAGS(r0, 0x8935, &(0x7f0000000080)={'ip6gretap0\x00', 0x9}) readlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=""/124, 0x7c) setsockopt$sock_timeval(r1, 0x1, 0xd, &(0x7f0000000100), 0x10) [ 2244.686720] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2244.714419] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2244.725524] syz-executor0 cpuset=/ mems_allowed=0 [ 2244.730473] CPU: 1 PID: 28278 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2244.733269] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2244.737829] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2244.737835] Call Trace: [ 2244.737858] dump_stack+0x1c9/0x2b4 [ 2244.737877] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2244.737895] ? trace_hardirqs_on+0x10/0x10 [ 2244.737913] dump_header+0x27b/0xf64 [ 2244.737937] ? pagefault_out_of_memory+0x197/0x197 [ 2244.737952] ? __lock_acquire+0x7fc/0x5020 [ 2244.737970] ? print_usage_bug+0xc0/0xc0 [ 2244.737991] ? graph_lock+0x170/0x170 [ 2244.738005] ? print_usage_bug+0xc0/0xc0 [ 2244.738023] ? trace_hardirqs_on+0x10/0x10 [ 2244.738046] ? print_usage_bug+0xc0/0xc0 [ 2244.738071] ? lock_downgrade+0x8f0/0x8f0 [ 2244.738094] ? mark_held_locks+0xc9/0x160 [ 2244.738108] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2244.738124] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2244.738142] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2244.738157] ? trace_hardirqs_on+0xd/0x10 [ 2244.738174] ? ___ratelimit+0xaa/0x655 [ 2244.738190] ? idr_get_free+0x10c0/0x10c0 [ 2244.738206] ? kasan_check_write+0x14/0x20 [ 2244.738219] ? do_raw_spin_lock+0xc1/0x200 [ 2244.738238] oom_kill_process.cold.25+0x10/0x10bc [ 2244.738261] ? oom_evaluate_task+0x540/0x540 [ 2244.738276] ? find_held_lock+0x36/0x1c0 [ 2244.738301] ? lock_downgrade+0x8f0/0x8f0 [ 2244.738320] ? kasan_check_read+0x11/0x20 [ 2244.738336] ? rcu_is_watching+0x8c/0x150 [ 2244.879996] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2244.884399] ? oom_badness+0xb00/0xb00 [ 2244.888376] ? rcu_read_unlock+0x35/0x70 [ 2244.892433] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2244.896655] ? css_task_iter_end+0x2ce/0x490 [ 2244.901051] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2244.905797] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2244.910805] ? trace_hardirqs_on+0xd/0x10 [ 2244.914942] ? _raw_spin_unlock_irq+0x27/0x70 [ 2244.919423] ? oom_badness+0xb00/0xb00 [ 2244.923313] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2244.928071] ? mem_cgroup_iter_break+0x30/0x30 [ 2244.932663] out_of_memory+0xa8a/0x14d0 [ 2244.936627] ? oom_killer_disable+0x3a0/0x3a0 [ 2244.941123] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2244.946132] ? trace_hardirqs_on+0xd/0x10 [ 2244.950307] mem_cgroup_out_of_memory+0x15e/0x210 [ 2244.955140] ? memcg_memory_event+0x40/0x40 [ 2244.959453] ? _raw_spin_unlock+0x22/0x30 [ 2244.963595] mem_cgroup_oom_synchronize+0x713/0x940 [ 2244.968604] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2244.974052] ? memcg_event_wake+0x450/0x450 [ 2244.978388] pagefault_out_of_memory+0xc8/0x197 [ 2244.983061] ? out_of_memory+0x14d0/0x14d0 [ 2244.987306] ? __handle_mm_fault+0x4460/0x4460 [ 2244.991902] mm_fault_error+0x1de/0x380 [ 2244.995883] __do_page_fault+0xd25/0xe50 [ 2244.999936] ? mm_fault_error+0x380/0x380 [ 2245.004077] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2245.009622] ? __x64_sys_clock_gettime+0x170/0x250 [ 2245.014562] ? __ia32_sys_clock_settime+0x290/0x290 [ 2245.019570] do_page_fault+0xf6/0x8c0 [ 2245.023357] ? vmalloc_sync_all+0x30/0x30 [ 2245.027494] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2245.033036] ? do_syscall_64+0x497/0x820 [ 2245.037085] ? syscall_slow_exit_work+0x500/0x500 [ 2245.041926] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2245.046845] ? syscall_return_slowpath+0x31d/0x5e0 [ 2245.051764] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2245.057115] ? page_fault+0x8/0x30 [ 2245.060641] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2245.065473] ? page_fault+0x8/0x30 [ 2245.068999] page_fault+0x1e/0x30 [ 2245.072441] RIP: 0033:0x40e33f [ 2245.075611] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2245.094834] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2245.100192] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2245.107448] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2245.114707] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2245.122010] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2245.129281] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 07:53:29 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1cc, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:29 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00z\x00'}, 0x2c) [ 2245.136587] Task in /ile0 killed as a result of limit of /ile0 [ 2245.142629] memory: usage 24kB, limit 20kB, failcnt 10117 [ 2245.148209] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2245.155031] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2245.161210] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2245.180707] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 07:53:29 executing program 0: mkdir(&(0x7f00000002c0)='./file0//ile0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) ioctl$PIO_FONT(r0, 0x4b61, &(0x7f0000000300)="b62bc2aedb63f1de27ee49b3da7fec0e64ae6ed767341b6a6ab214734d7b7f5d9b450f3384962bded6864070c8c93684a6e30f2ecc697830329b153d26c2d5086d14ffb7bce4b27d0536e555c93d91b474a31f4f2c908c778acad220eb72948288ef5d03f0eb539767f00d3e5191fd72778c75c85380bcc5ab2cd3c7157c11b7530934d2f09bcfa1886e264ac6494932c18597ef617b3d029ac7607c4d89fb4513d0911e09cb178a656e5f4b3be72fcb11d916954cbbefc0d23f862f458a1f3226577e97085b1af2dc438df8eaac3e005e0905d0ae660fe8df9119dd397db7c91226dcf12c5cbf9151fce2d0a5f0") fstatfs(r0, &(0x7f0000000140)=""/166) [ 2245.189537] [28278] 0 28278 17618 8732 126976 0 0 syz-executor0 [ 2245.198437] Memory cgroup out of memory: Kill process 28278 (syz-executor0) score 1752600 or sacrifice child [ 2245.208496] Killed process 28278 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:29 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xc00}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:29 executing program 6: r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x1030}, 0x2c) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x5, &(0x7f0000000200)=ANY=[@ANYBLOB="b400000000000000bd00020000000000070000000000000000000de31ee8000095000000000000004a6dcbd5d966606a76d7efae5c725e4c7a0a548d90686f25947b97d34dbf4f93cba6b0365becc49aefda0d4bb2f2193d29bb5bc7d96df68d65e70ce889ac23abf0df383635f2941cc3b4f0b3abf35887d512c439cb8061b3281c8168cb6b14c413a8fac432dea990453d184ef5a996a78d8a23ea40ef5fb6655597bcb8c75b0b159de126b24e821c52f2646036df19a5cfa82fe59185ed52fe6ff6c4"], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0x3e9, &(0x7f000000cf3d)=""/195}, 0x48) r1 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$SCSI_IOCTL_TEST_UNIT_READY(r1, 0x2) write$P9_RAUTH(r1, &(0x7f0000000000)={0x14, 0x67, 0x1, {0x0, 0x2, 0x3}}, 0x14) io_setup(0x6, &(0x7f0000000040)=0x0) ioctl$SG_GET_LOW_DMA(r0, 0x227a, &(0x7f0000000080)) io_destroy(r2) 07:53:29 executing program 5: syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x7, 0x400001) migrate_pages(0x0, 0x4, &(0x7f0000000000)=0x1, &(0x7f00000000c0)=0x1) 07:53:29 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x3}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:29 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000012000/0x2000)=nil, 0x2000, 0x4000000001, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r3, 0x0, 0x4, &(0x7f0000013ff4)={@local, @rand_addr, @multicast2}, 0xc) setsockopt$SO_TIMESTAMPING(r3, 0x1, 0x12, &(0x7f0000000000)=0xffffffffffffffe, 0x4) close(r3) r4 = dup3(r1, r2, 0x0) ioctl$VT_OPENQRY(r4, 0x5600, &(0x7f0000000040)) 07:53:29 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000]}}, 0x1c) 07:53:29 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = accept4$vsock_stream(0xffffffffffffff9c, &(0x7f0000000140)={0x28, 0x0, 0xffffffff, @my=0x0}, 0x10, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x28, 0x6, &(0x7f0000000180)={0x77359400}, 0x10) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000000)) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000300)={0x0}, &(0x7f0000000340)=0xc) perf_event_open(&(0x7f0000000280)={0x0, 0x70, 0x6, 0x8000, 0x9, 0x1ff, 0x0, 0x100000000, 0xc008, 0x3, 0x2, 0xcd, 0x8d25, 0x7fffffff, 0x1, 0x6b6f7bb2, 0x1, 0xfffffffffffff6e3, 0x20, 0xfffffffffffffffa, 0xfffffffffffffff9, 0x4, 0x353c, 0xa0e6, 0x400, 0x8, 0x800, 0x7, 0xfffffffffffffffc, 0x5, 0x4, 0x1, 0x9, 0x1, 0x9, 0x7fffffff, 0x4, 0x7, 0x0, 0x2, 0x2, @perf_config_ext={0xfffffffffffffffd, 0x7ff}, 0x0, 0x3f, 0x0, 0x7, 0x4b, 0x2, 0x3ff}, r3, 0x7, r1, 0x1) unshare(0x4000000) 07:53:29 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xffffffff00000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:29 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0xc, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:29 executing program 6: r0 = socket$inet(0x2, 0x4000000000000001, 0x0) socketpair$packet(0x11, 0x3, 0x300, &(0x7f0000000040)) r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x101, 0x100) ioctl$TIOCGPTPEER(r1, 0x5441, 0x8) fcntl$getflags(r0, 0x40b) setsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000480)={{{@in6=@ipv4={[], [], @loopback}, @in6=@ipv4, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@dev, 0x0, 0x33}, 0x0, @in6=@remote}}, 0xe8) close(r0) 07:53:29 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\t\x00'}, 0x2c) 07:53:29 executing program 5: r0 = socket$inet6(0xa, 0x1000000000005, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000265000)=@req={0x3fc}, 0x10) bind(r1, &(0x7f0000d01ff0)=ANY=[], 0x0) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x9, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000040)=0x28) close(r1) sendto$inet6(0xffffffffffffffff, &(0x7f00007a8fff), 0x3a7, 0x0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) 07:53:29 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xf000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2245.587663] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2245.598692] syz-executor0 cpuset=/ mems_allowed=0 [ 2245.603646] CPU: 0 PID: 28342 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2245.611014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2245.620375] Call Trace: [ 2245.622999] dump_stack+0x1c9/0x2b4 [ 2245.626655] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2245.631857] ? trace_hardirqs_on+0x10/0x10 [ 2245.636106] dump_header+0x27b/0xf64 [ 2245.639839] ? pagefault_out_of_memory+0x197/0x197 [ 2245.644780] ? __lock_acquire+0x7fc/0x5020 [ 2245.649033] ? print_usage_bug+0xc0/0xc0 [ 2245.653105] ? print_usage_bug+0xc0/0xc0 [ 2245.657179] ? print_usage_bug+0xc0/0xc0 [ 2245.661252] ? graph_lock+0x170/0x170 [ 2245.665058] ? print_usage_bug+0xc0/0xc0 [ 2245.669139] ? print_usage_bug+0xc0/0xc0 [ 2245.673218] ? lock_downgrade+0x8f0/0x8f0 [ 2245.677374] ? mark_held_locks+0xc9/0x160 [ 2245.681524] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2245.686116] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2245.691232] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2245.696253] ? trace_hardirqs_on+0xd/0x10 [ 2245.700408] ? ___ratelimit+0xaa/0x655 [ 2245.704305] ? idr_get_free+0x10c0/0x10c0 [ 2245.708458] ? kasan_check_write+0x14/0x20 [ 2245.712696] ? do_raw_spin_lock+0xc1/0x200 [ 2245.716940] oom_kill_process.cold.25+0x10/0x10bc [ 2245.721797] ? oom_evaluate_task+0x540/0x540 [ 2245.726215] ? find_held_lock+0x36/0x1c0 [ 2245.730291] ? lock_downgrade+0x8f0/0x8f0 [ 2245.734451] ? kasan_check_read+0x11/0x20 [ 2245.738601] ? rcu_is_watching+0x8c/0x150 [ 2245.742753] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2245.747176] ? oom_badness+0xb00/0xb00 [ 2245.751079] ? rcu_read_unlock+0x35/0x70 [ 2245.755150] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2245.759390] ? css_task_iter_end+0x2ce/0x490 [ 2245.763807] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2245.768570] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2245.773592] ? trace_hardirqs_on+0xd/0x10 [ 2245.777749] ? _raw_spin_unlock_irq+0x27/0x70 [ 2245.782249] ? oom_badness+0xb00/0xb00 [ 2245.786153] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2245.790915] ? mem_cgroup_iter_break+0x30/0x30 [ 2245.795517] out_of_memory+0xa8a/0x14d0 [ 2245.799505] ? oom_killer_disable+0x3a0/0x3a0 [ 2245.804013] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2245.809038] ? trace_hardirqs_on+0xd/0x10 [ 2245.813206] mem_cgroup_out_of_memory+0x15e/0x210 [ 2245.818055] ? memcg_memory_event+0x40/0x40 [ 2245.822383] ? _raw_spin_unlock+0x22/0x30 [ 2245.826539] mem_cgroup_oom_synchronize+0x713/0x940 [ 2245.831566] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2245.837023] ? memcg_event_wake+0x450/0x450 [ 2245.841389] pagefault_out_of_memory+0xc8/0x197 [ 2245.846063] ? out_of_memory+0x14d0/0x14d0 [ 2245.850310] ? __handle_mm_fault+0x4460/0x4460 [ 2245.854901] mm_fault_error+0x1de/0x380 [ 2245.858883] __do_page_fault+0xd25/0xe50 [ 2245.862959] ? mm_fault_error+0x380/0x380 [ 2245.867121] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2245.872678] ? __x64_sys_clock_gettime+0x170/0x250 [ 2245.877616] ? __ia32_sys_clock_settime+0x290/0x290 [ 2245.882666] do_page_fault+0xf6/0x8c0 [ 2245.886470] ? vmalloc_sync_all+0x30/0x30 [ 2245.890625] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2245.896171] ? do_syscall_64+0x497/0x820 [ 2245.900261] ? syscall_slow_exit_work+0x500/0x500 [ 2245.905135] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2245.910074] ? syscall_return_slowpath+0x31d/0x5e0 [ 2245.915018] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2245.920393] ? page_fault+0x8/0x30 [ 2245.923948] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2245.928806] ? page_fault+0x8/0x30 [ 2245.932355] page_fault+0x1e/0x30 [ 2245.935806] RIP: 0033:0x40e33f 07:53:29 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0xb6, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:29 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00t\x00'}, 0x2c) 07:53:29 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x1fd, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:29 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00L\x00'}, 0x2c) 07:53:29 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e710000000000000200"}, 0x2c) 07:53:29 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00H\x00'}, 0x2c) 07:53:29 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00z\x00'}, 0x2c) 07:53:29 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00`\x00'}, 0x2c) [ 2245.938991] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2245.959050] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2245.964432] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2245.971711] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2245.978987] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2245.986637] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2245.993917] R13: 00007ff4a0756700 R14: 0000000000000005 R15: 0000000000000001 [ 2246.001401] Task in /ile0 killed as a result of limit of /ile0 [ 2246.007488] memory: usage 24kB, limit 20kB, failcnt 10137 [ 2246.013098] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2246.019908] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2246.026124] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2246.045827] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2246.054624] [28342] 0 28342 17618 8732 126976 0 0 syz-executor0 [ 2246.063534] Memory cgroup out of memory: Kill process 28342 (syz-executor0) score 1752600 or sacrifice child [ 2246.073579] Killed process 28342 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2246.085719] oom_reaper: reaped process 28342 (syz-executor0), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB 07:53:30 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11000000]}}, 0x1c) 07:53:30 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000000000000001100"}, 0x2c) 07:53:30 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x11f, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:30 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0xe, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:30 executing program 5: r0 = socket$inet6(0xa, 0x805, 0x0) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) ioctl$KVM_SET_SIGNAL_MASK(0xffffffffffffffff, 0x4004ae8b, &(0x7f0000000240)=ANY=[@ANYBLOB="0b09404fd5995ab6663b243ae3"]) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000500)="0f0866b8ed008ec066ba4000b000eed2a807000000410f01cab98e0b0000b862000000ba000000000f30b90b0800000f320fc72a8f2a60128f00000000003000000fc7aa00100000", 0x48}], 0x1, 0x0, &(0x7f0000000000), 0x1000000000000040) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025c3f0a00145f8f764070") r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000180)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_sha384\x00'}, 0xfffffffffffffe3e) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000ff8000)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10) r5 = accept$alg(r4, 0x0, 0x0) ioctl$KVM_SIGNAL_MSI(r2, 0x4020aea5, &(0x7f0000000200)={0x6000, 0x2000, 0x0, 0x4080000000000}) pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x80000) r7 = openat$cuse(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/cuse\x00', 0x400000, 0x0) ioctl$TUNGETFILTER(r6, 0x801054db, &(0x7f0000000300)=""/211) ioctl$TUNSETSTEERINGEBPF(r6, 0x800454e0, &(0x7f0000000140)=r7) recvmsg(r5, &(0x7f00000015c0)={&(0x7f0000000040)=@pppol2tpin6, 0x80, &(0x7f00000014c0)=[{&(0x7f0000003ec0)=""/4096, 0x1000}], 0x1, &(0x7f0000001580)=""/32, 0x20}, 0x0) 07:53:30 executing program 0: mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:30 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x300000000000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:30 executing program 6: r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x40, 0x0) ioctl$KDSETMODE(r0, 0x4b3a, 0x1) keyctl$dh_compute(0x17, &(0x7f0000001340), &(0x7f0000001380)=""/4096, 0x1000, &(0x7f00000024c0)={&(0x7f0000002380)={'poly1305-simd\x00'}, &(0x7f00000023c0)}) 07:53:30 executing program 6: r0 = socket$pppoe(0x18, 0x1, 0x0) r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x6, 0x600880) ioctl$KVM_SET_DEVICE_ATTR(r1, 0x4018aee1, &(0x7f0000000100)={0x0, 0x800, 0x10000, &(0x7f0000000040)=0x8}) getsockopt(r0, 0x4, 0x5, &(0x7f0000000300)=""/142, &(0x7f00000001c0)=0x8e) ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000080)={'vlan0\x00', &(0x7f00000000c0)=@ethtool_ringparam={0x11, 0x0, 0x10001}}) recvmsg(r1, &(0x7f00000002c0)={&(0x7f0000000140)=@in={0x2, 0x0, @local}, 0x80, &(0x7f00000001c0), 0x0, &(0x7f0000000200)=""/140, 0x8c, 0x7}, 0x40000040) 07:53:30 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\t\x00'}, 0x2c) 07:53:30 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0xc3ffffff00000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2246.303571] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2246.314541] syz-executor0 cpuset=/ mems_allowed=0 [ 2246.319491] CPU: 0 PID: 28403 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2246.326859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2246.336768] Call Trace: [ 2246.339370] dump_stack+0x1c9/0x2b4 [ 2246.343008] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2246.348215] ? trace_hardirqs_on+0x10/0x10 07:53:30 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000000000000000600"}, 0x2c) 07:53:30 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") getsockopt$sock_int(r0, 0x1, 0x4, &(0x7f00000000c0), &(0x7f0000000040)=0x1) r1 = memfd_create(&(0x7f0000000000)='@cpuset\x00', 0x1) r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000100)='IPVS\x00') sendmsg$IPVS_CMD_NEW_DAEMON(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x200400}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x10d, 0x70bd2c, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x480d5) [ 2246.352460] dump_header+0x27b/0xf64 [ 2246.356192] ? pagefault_out_of_memory+0x197/0x197 [ 2246.361137] ? __lock_acquire+0x7fc/0x5020 [ 2246.365385] ? print_usage_bug+0xc0/0xc0 [ 2246.369465] ? graph_lock+0x170/0x170 [ 2246.373277] ? print_usage_bug+0xc0/0xc0 [ 2246.377350] ? trace_hardirqs_on+0x10/0x10 [ 2246.381600] ? print_usage_bug+0xc0/0xc0 [ 2246.385680] ? lock_downgrade+0x8f0/0x8f0 [ 2246.389842] ? mark_held_locks+0xc9/0x160 [ 2246.394001] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2246.398601] ? _raw_spin_unlock_irqrestore+0x74/0xc0 07:53:30 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00h\x00'}, 0x2c) 07:53:30 executing program 6: r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140)='/dev/kvm\x00', 0x0, 0x0) r1 = fcntl$dupfd(r0, 0x0, r0) perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = socket$inet6(0xa, 0x6, 0x20001) syz_open_dev$evdev(&(0x7f00000000c0)='/dev/input/event#\x00', 0x80000000, 0x200000001031ff) ioctl(r2, 0x6, &(0x7f0000000280)="0a5cc80700315f85714070") setsockopt$RDS_FREE_MR(r1, 0x114, 0x3, &(0x7f0000000040)={{0x7ff, 0x1}, 0x1}, 0x10) ioctl$KVM_CHECK_EXTENSION_VM(r1, 0xae03, 0x78) write$P9_RREADLINK(r1, &(0x7f0000000000)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) [ 2246.403720] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2246.408757] ? trace_hardirqs_on+0xd/0x10 [ 2246.412927] ? ___ratelimit+0xaa/0x655 [ 2246.416824] ? idr_get_free+0x10c0/0x10c0 [ 2246.420984] ? kasan_check_write+0x14/0x20 [ 2246.425224] ? do_raw_spin_lock+0xc1/0x200 [ 2246.429467] oom_kill_process.cold.25+0x10/0x10bc [ 2246.434325] ? oom_evaluate_task+0x540/0x540 [ 2246.438739] ? find_held_lock+0x36/0x1c0 [ 2246.442848] ? lock_downgrade+0x8f0/0x8f0 [ 2246.447021] ? kasan_check_read+0x11/0x20 [ 2246.451172] ? rcu_is_watching+0x8c/0x150 [ 2246.455324] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2246.459740] ? oom_badness+0xb00/0xb00 [ 2246.463722] ? rcu_read_unlock+0x35/0x70 [ 2246.467789] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2246.472044] ? css_task_iter_end+0x2ce/0x490 [ 2246.476462] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2246.481225] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2246.486241] ? trace_hardirqs_on+0xd/0x10 [ 2246.490380] ? _raw_spin_unlock_irq+0x27/0x70 [ 2246.494864] ? oom_badness+0xb00/0xb00 [ 2246.498741] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2246.503486] ? mem_cgroup_iter_break+0x30/0x30 [ 2246.508065] out_of_memory+0xa8a/0x14d0 [ 2246.512039] ? oom_killer_disable+0x3a0/0x3a0 [ 2246.516526] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2246.521530] ? trace_hardirqs_on+0xd/0x10 [ 2246.525673] mem_cgroup_out_of_memory+0x15e/0x210 [ 2246.530503] ? memcg_memory_event+0x40/0x40 [ 2246.534828] ? _raw_spin_unlock+0x22/0x30 [ 2246.538963] mem_cgroup_oom_synchronize+0x713/0x940 [ 2246.543965] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2246.549402] ? memcg_event_wake+0x450/0x450 [ 2246.553728] pagefault_out_of_memory+0xc8/0x197 [ 2246.558383] ? out_of_memory+0x14d0/0x14d0 [ 2246.562610] ? __handle_mm_fault+0x4460/0x4460 [ 2246.567179] mm_fault_error+0x1de/0x380 [ 2246.571143] __do_page_fault+0xd25/0xe50 [ 2246.575195] ? mm_fault_error+0x380/0x380 [ 2246.579329] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2246.584854] ? __x64_sys_clock_gettime+0x170/0x250 [ 2246.589776] ? __ia32_sys_clock_settime+0x290/0x290 [ 2246.594782] do_page_fault+0xf6/0x8c0 [ 2246.598570] ? vmalloc_sync_all+0x30/0x30 [ 2246.602702] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2246.608239] ? do_syscall_64+0x497/0x820 [ 2246.612286] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2246.617215] ? syscall_return_slowpath+0x31d/0x5e0 [ 2246.622132] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2246.627514] ? page_fault+0x8/0x30 [ 2246.631055] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2246.635899] ? page_fault+0x8/0x30 [ 2246.639435] page_fault+0x1e/0x30 [ 2246.642873] RIP: 0033:0x46f8fd [ 2246.646046] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2246.665284] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2246.670637] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2246.677908] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2246.685162] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2246.692418] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 07:53:30 executing program 5: mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffc, 0x31, 0xffffffffffffffff, 0x0) r0 = openat$null(0xffffffffffffff9c, &(0x7f0000000140)='/dev/null\x00', 0x2, 0x0) fcntl$getownex(r0, 0x10, &(0x7f0000000180)={0x0, 0x0}) r2 = fcntl$getown(r0, 0x9) r3 = socket(0xb, 0x4, 0x2) kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r0, &(0x7f00000001c0)={r0, r3, 0x2}) connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e23, @loopback}, 0x10) setsockopt$packet_int(r0, 0x107, 0x13, &(0x7f0000000080)=0x80000000, 0x4) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = socket$packet(0x11, 0x3, 0x300) r6 = syz_open_dev$audion(&(0x7f0000000700)='/dev/audio#\x00', 0x2, 0x101000) bind$alg(r6, &(0x7f0000000740)={0x26, 'hash\x00', 0x0, 0x0, 'wp512\x00'}, 0x58) setsockopt$packet_fanout(r5, 0x107, 0x12, &(0x7f0000000200), 0x4) setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f0000000340)=ANY=[@ANYRESHEX=r2], 0x1) setsockopt$inet_MCAST_MSFILTER(r4, 0x0, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="000000000000000002000000ffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000d2b90000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000005b2b85d5e58a0367fc6b6625cae2b73a88358f7319bd52bf0fdacc29df54ce1cca9e4635cabe8d812c2144cdc7f18eded7ca3c96214fbc9318fe64df434207efef60342defb4867ede8ffdb6996771094870c2ffab846ae5f9668f13f313faf8066276725944075c022c33b82a433d84"], 0x90) openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x40, 0x29) [ 2246.699673] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2246.707483] Task in /ile0 killed as a result of limit of /ile0 [ 2246.713538] memory: usage 24kB, limit 20kB, failcnt 10169 [ 2246.719143] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2246.725944] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2246.732146] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2246.751639] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2246.760456] [28403] 0 28403 17585 8732 126976 0 0 syz-executor0 [ 2246.769390] Memory cgroup out of memory: Kill process 28403 (syz-executor0) score 1752600 or sacrifice child [ 2246.779435] Killed process 28403 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2246.792241] oom_reaper: reaped process 28403 (syz-executor0), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB 07:53:30 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8060000]}}, 0x1c) 07:53:30 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\a\x00'}, 0x2c) 07:53:30 executing program 0: r0 = dup2(0xffffffffffffff9c, 0xffffffffffffffff) mknodat(r0, &(0x7f0000000140)='./file0\x00', 0x8000, 0x2f6) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x4000000) write$P9_RREADLINK(r1, &(0x7f0000000000)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) [ 2246.939203] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2246.950165] syz-executor0 cpuset=/ mems_allowed=0 [ 2246.955238] CPU: 1 PID: 28463 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2246.962607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2246.971964] Call Trace: [ 2246.974569] dump_stack+0x1c9/0x2b4 [ 2246.978210] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2246.983410] ? trace_hardirqs_on+0x10/0x10 [ 2246.987659] dump_header+0x27b/0xf64 [ 2246.991386] ? pagefault_out_of_memory+0x197/0x197 [ 2246.996324] ? __lock_acquire+0x7fc/0x5020 [ 2247.000585] ? print_usage_bug+0xc0/0xc0 [ 2247.004658] ? graph_lock+0x170/0x170 [ 2247.008461] ? print_usage_bug+0xc0/0xc0 [ 2247.012551] ? trace_hardirqs_on+0x10/0x10 [ 2247.016810] ? print_usage_bug+0xc0/0xc0 [ 2247.020884] ? lock_downgrade+0x8f0/0x8f0 [ 2247.025045] ? mark_held_locks+0xc9/0x160 [ 2247.029198] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2247.033789] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2247.038900] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2247.043917] ? trace_hardirqs_on+0xd/0x10 [ 2247.048077] ? ___ratelimit+0xaa/0x655 [ 2247.051968] ? idr_get_free+0x10c0/0x10c0 [ 2247.056118] ? kasan_check_write+0x14/0x20 [ 2247.060359] ? do_raw_spin_lock+0xc1/0x200 [ 2247.064604] oom_kill_process.cold.25+0x10/0x10bc [ 2247.069461] ? oom_evaluate_task+0x540/0x540 [ 2247.073881] ? find_held_lock+0x36/0x1c0 [ 2247.077960] ? lock_downgrade+0x8f0/0x8f0 [ 2247.082118] ? kasan_check_read+0x11/0x20 [ 2247.086269] ? rcu_is_watching+0x8c/0x150 [ 2247.090423] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2247.094845] ? oom_badness+0xb00/0xb00 [ 2247.098740] ? rcu_read_unlock+0x35/0x70 [ 2247.102808] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2247.107048] ? css_task_iter_end+0x2ce/0x490 [ 2247.111462] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2247.116226] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2247.121250] ? trace_hardirqs_on+0xd/0x10 [ 2247.125432] ? _raw_spin_unlock_irq+0x27/0x70 [ 2247.129966] ? oom_badness+0xb00/0xb00 [ 2247.133883] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2247.138641] ? mem_cgroup_iter_break+0x30/0x30 [ 2247.143278] out_of_memory+0xa8a/0x14d0 [ 2247.147286] ? oom_killer_disable+0x3a0/0x3a0 [ 2247.151858] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2247.156890] ? trace_hardirqs_on+0xd/0x10 [ 2247.161053] mem_cgroup_out_of_memory+0x15e/0x210 [ 2247.165912] ? memcg_memory_event+0x40/0x40 [ 2247.170266] ? _raw_spin_unlock+0x22/0x30 [ 2247.174432] mem_cgroup_oom_synchronize+0x713/0x940 [ 2247.179453] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2247.184904] ? memcg_event_wake+0x450/0x450 07:53:31 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0xa2, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:31 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x17c, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:31 executing program 5: r0 = socket(0x1e, 0x1, 0x0) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ptmx\x00', 0x80000, 0x0) ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000340)={0xffffffff, 0xffffffff, 0x2, 0x6, 0x7, 0xc1f}) open_by_handle_at(r0, &(0x7f0000000280)={0x21, 0x384c, "6d6403a12bfedbc1d1554504401f35d306a1cdc04a6409c9e7"}, 0x1) sendmsg(r0, &(0x7f00003bbfc8)={&(0x7f0000fdbf80)=@generic={0x10000000001e, "02ff0100000001000000000000000ae77f5bf86c48020002000000f1ffffff009a480075e6a50000de010300000000e4ff064b3f013a000000080000008f00000000ac50d5fe32c4000000007fffffff6a008356edb9a6341c1fd45624281e00070ecddd0206c39750c40000fd00000900000000000b0000db000004da36"}, 0x2ef, &(0x7f0000d1b000), 0x4b, &(0x7f000012e000)}, 0x0) clock_gettime(0x0, &(0x7f0000004200)={0x0, 0x0}) recvmmsg(r0, &(0x7f0000004040)=[{{&(0x7f0000000140)=@in={0x2, 0x0, @rand_addr}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)=""/14, 0xe}], 0x1}}, {{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000001c0)=""/156, 0x9c}], 0x1, &(0x7f0000003900)=""/109, 0x6d}}], 0x2, 0x0, &(0x7f0000004240)={0x0, r2+10000000}) r3 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x100, 0x80) ioctl$TIOCSSOFTCAR(r3, 0x541a, &(0x7f0000000040)=0x1e) write$binfmt_elf32(r0, &(0x7f00000015c0)=ANY=[@ANYPTR=&(0x7f0000000100)=ANY=[@ANYRES16]], 0xfffffd6d) 07:53:31 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:31 executing program 6: r0 = socket$inet6(0xa, 0x2, 0x0) connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c) r1 = socket$nl_xfrm(0x10, 0x3, 0x6) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r2, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") r3 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/mixer\x00', 0x141000, 0x0) r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000180)='IPVS\x00') sendmsg$IPVS_CMD_DEL_SERVICE(r3, &(0x7f00000004c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10080000}, 0xc, &(0x7f0000000480)={&(0x7f00000003c0)={0x88, r4, 0x0, 0x70bd25, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x20}, @IPVS_CMD_ATTR_DEST={0x54, 0x2, [@IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@remote}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x7}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x8001}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@dev={0xac, 0x14, 0x14, 0xd}}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x20}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x1f}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x5e0f}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xaf0}]}, 0x88}, 0x1, 0x0, 0x0, 0x804}, 0x81) rt_sigsuspend(&(0x7f0000000000)={0x1c89}, 0x8) r5 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x0, 0x0) setsockopt$IP_VS_SO_SET_FLUSH(r5, 0x0, 0x485, 0x0, 0x0) sendmsg$nl_xfrm(r1, &(0x7f000014f000)={&(0x7f00003c7ff4), 0xc, &(0x7f00000bfff0)={&(0x7f0000006440)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@mcast1, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0xa}}}, 0xb8}}, 0x0) r6 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xad2, 0x0) ioctl$EVIOCGSW(r6, 0x8040451b, &(0x7f00000002c0)=""/209) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f00000001c0)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, 0x0, 0x200000001fffffe}, 0x90) 07:53:31 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\n\x00'}, 0x2c) 07:53:31 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000000100"}, 0x2c) [ 2247.189246] pagefault_out_of_memory+0xc8/0x197 [ 2247.193924] ? out_of_memory+0x14d0/0x14d0 [ 2247.198180] ? __handle_mm_fault+0x4460/0x4460 [ 2247.202773] mm_fault_error+0x1de/0x380 [ 2247.206769] __do_page_fault+0xd25/0xe50 [ 2247.210841] ? mm_fault_error+0x380/0x380 [ 2247.214998] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2247.220539] ? __x64_sys_clock_gettime+0x170/0x250 [ 2247.225475] ? __ia32_sys_clock_settime+0x290/0x290 [ 2247.230497] do_page_fault+0xf6/0x8c0 [ 2247.234310] ? vmalloc_sync_all+0x30/0x30 07:53:31 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x4, 0x32, 0xffffffffffffffff, 0x0) r1 = userfaultfd(0x0) ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000003fe8)) ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f0000000040)=0xfffffffffffffffb, 0x4) setsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r2, 0x84, 0x8, &(0x7f0000013e95), 0x4) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x30, &(0x7f0000000340)=ANY=[], 0x0) r3 = socket$inet6(0xa, 0x1000000000002, 0x0) r4 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x8, 0x0) ioctl$KVM_GET_ONE_REG(r4, 0x4010aeab, &(0x7f00000000c0)={0x0, 0x7}) ioctl(r3, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070") ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000500)={'lo\x00', 0x0}) ioctl$sock_inet6_SIOCSIFDSTADDR(r2, 0x8936, &(0x7f0000000240)={@mcast1, 0x0, r5}) close(r2) close(r1) [ 2247.238465] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2247.244006] ? do_syscall_64+0x497/0x820 [ 2247.248075] ? syscall_slow_exit_work+0x500/0x500 [ 2247.252929] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2247.257864] ? syscall_return_slowpath+0x31d/0x5e0 [ 2247.262806] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2247.268177] ? page_fault+0x8/0x30 [ 2247.271726] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2247.276574] ? page_fault+0x8/0x30 [ 2247.280120] page_fault+0x1e/0x30 [ 2247.283572] RIP: 0033:0x46f8fd 07:53:31 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\n\x00'}, 0x2c) [ 2247.286761] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2247.306108] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2247.311488] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2247.318770] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2247.326046] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2247.333324] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 07:53:31 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00z\x00'}, 0x2c) [ 2247.340601] R13: 0000000000a3fc20 R14: 0000000000000002 R15: 0000000000000001 [ 2247.347959] Task in /ile0 killed as a result of limit of /ile0 [ 2247.354051] memory: usage 24kB, limit 20kB, failcnt 10201 [ 2247.359627] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2247.366454] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 07:53:31 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000000000000008400"}, 0x2c) 07:53:31 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070") r1 = socket$inet6(0xa, 0x1, 0x0) mmap(&(0x7f0000011000/0x3000)=nil, 0x3000, 0x1, 0x32, 0xffffffffffffffff, 0x0) r2 = userfaultfd(0x0) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000002000)) ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000001000)={{&(0x7f0000011000/0x3000)=nil, 0x3000}, 0x1}) r3 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cuse\x00', 0x101000, 0x0) ioctl$SCSI_IOCTL_GET_PCI(r3, 0x5387, &(0x7f00000000c0)) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqsrc(r4, 0x0, 0x4, &(0x7f0000013ff4)={@local, @rand_addr, @multicast2}, 0xc) getsockopt$inet_int(r4, 0x0, 0x53, &(0x7f0000000000), &(0x7f0000000040)=0x4) close(r4) dup3(r1, r2, 0x0) 07:53:31 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) clock_gettime(0x0, &(0x7f0000000000)={0x0, 0x0}) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TEMPO(r0, 0x402c5342, &(0x7f0000000140)={0x15f, 0x7, 0xfffffffffffffbff, {r2, r3+30000000}, 0x5, 0x7ac}) 07:53:31 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x34000]}}, 0x1c) [ 2247.372633] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2247.392149] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2247.401077] [28463] 0 28463 17585 8732 126976 0 0 syz-executor0 [ 2247.410070] Memory cgroup out of memory: Kill process 28463 (syz-executor0) score 1752600 or sacrifice child [ 2247.420123] Killed process 28463 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:31 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0x2000, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2247.528518] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2247.539571] syz-executor0 cpuset=/ mems_allowed=0 [ 2247.544515] CPU: 0 PID: 28515 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2247.551904] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2247.561263] Call Trace: [ 2247.563864] dump_stack+0x1c9/0x2b4 [ 2247.567514] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2247.572740] ? trace_hardirqs_on+0x10/0x10 [ 2247.576990] dump_header+0x27b/0xf64 [ 2247.580722] ? pagefault_out_of_memory+0x197/0x197 [ 2247.585663] ? __lock_acquire+0x7fc/0x5020 [ 2247.589914] ? print_usage_bug+0xc0/0xc0 [ 2247.594000] ? graph_lock+0x170/0x170 [ 2247.597810] ? print_usage_bug+0xc0/0xc0 [ 2247.601887] ? trace_hardirqs_on+0x10/0x10 [ 2247.606135] ? print_usage_bug+0xc0/0xc0 [ 2247.610210] ? lock_downgrade+0x8f0/0x8f0 [ 2247.614374] ? mark_held_locks+0xc9/0x160 [ 2247.618525] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2247.623111] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2247.628224] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2247.633252] ? trace_hardirqs_on+0xd/0x10 [ 2247.637415] ? ___ratelimit+0xaa/0x655 [ 2247.641313] ? idr_get_free+0x10c0/0x10c0 [ 2247.645469] ? kasan_check_write+0x14/0x20 [ 2247.649705] ? do_raw_spin_lock+0xc1/0x200 [ 2247.653950] oom_kill_process.cold.25+0x10/0x10bc [ 2247.658856] ? oom_evaluate_task+0x540/0x540 [ 2247.663280] ? find_held_lock+0x36/0x1c0 [ 2247.667357] ? lock_downgrade+0x8f0/0x8f0 [ 2247.671519] ? kasan_check_read+0x11/0x20 [ 2247.675672] ? rcu_is_watching+0x8c/0x150 [ 2247.679820] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2247.684237] ? oom_badness+0xb00/0xb00 [ 2247.688130] ? rcu_read_unlock+0x35/0x70 [ 2247.692195] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2247.696434] ? css_task_iter_end+0x2ce/0x490 [ 2247.700854] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2247.705612] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2247.710636] ? trace_hardirqs_on+0xd/0x10 [ 2247.714795] ? _raw_spin_unlock_irq+0x27/0x70 [ 2247.719297] ? oom_badness+0xb00/0xb00 [ 2247.723196] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 07:53:31 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x22f, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:31 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0xc, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:31 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00l\x00'}, 0x2c) 07:53:31 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00'}, 0x2c) 07:53:31 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000008400"}, 0x2c) [ 2247.727964] ? mem_cgroup_iter_break+0x30/0x30 [ 2247.732575] out_of_memory+0xa8a/0x14d0 [ 2247.736550] ? oom_killer_disable+0x3a0/0x3a0 [ 2247.741050] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2247.746073] ? trace_hardirqs_on+0xd/0x10 [ 2247.750221] mem_cgroup_out_of_memory+0x15e/0x210 [ 2247.755073] ? memcg_memory_event+0x40/0x40 [ 2247.759403] ? _raw_spin_unlock+0x22/0x30 [ 2247.763557] mem_cgroup_oom_synchronize+0x713/0x940 [ 2247.768578] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2247.774034] ? memcg_event_wake+0x450/0x450 [ 2247.778378] pagefault_out_of_memory+0xc8/0x197 [ 2247.783063] ? out_of_memory+0x14d0/0x14d0 [ 2247.787314] ? __handle_mm_fault+0x4460/0x4460 [ 2247.791903] mm_fault_error+0x1de/0x380 [ 2247.795891] __do_page_fault+0xd25/0xe50 [ 2247.799974] ? mm_fault_error+0x380/0x380 [ 2247.804130] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2247.809671] ? __x64_sys_clock_gettime+0x170/0x250 [ 2247.814611] ? __ia32_sys_clock_settime+0x290/0x290 [ 2247.819639] do_page_fault+0xf6/0x8c0 [ 2247.823456] ? vmalloc_sync_all+0x30/0x30 [ 2247.827615] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2247.833157] ? do_syscall_64+0x497/0x820 [ 2247.837220] ? syscall_slow_exit_work+0x500/0x500 [ 2247.842067] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2247.847017] ? syscall_return_slowpath+0x31d/0x5e0 [ 2247.851967] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2247.852784] net_ratelimit: 14 callbacks suppressed [ 2247.852792] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2247.857329] ? page_fault+0x8/0x30 [ 2247.857348] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2247.857364] ? page_fault+0x8/0x30 [ 2247.857378] page_fault+0x1e/0x30 [ 2247.857389] RIP: 0033:0x40e33f [ 2247.857393] Code: 0f 84 [ 2247.894623] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2247.895563] c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2247.931126] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2247.936498] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2247.943760] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2247.951023] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2247.958292] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2247.965548] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2247.973098] Task in /ile0 killed as a result of limit of /ile0 [ 2247.979142] memory: usage 24kB, limit 20kB, failcnt 10221 [ 2247.984733] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2247.991514] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2247.997690] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2248.017207] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2248.026016] [28515] 0 28515 17618 8732 126976 0 0 syz-executor0 [ 2248.034949] Memory cgroup out of memory: Kill process 28515 (syz-executor0) score 1752600 or sacrifice child [ 2248.045012] Killed process 28515 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:32 executing program 6: syz_emit_ethernet(0xfed1, &(0x7f000000a000)={@broadcast=[0xff, 0xe0], @broadcast, [], {@ipv4={0x800, {{0x5, 0x4, 0xe803, 0x0, 0xfec3, 0x0, 0x0, 0x0, 0x29, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}, @multicast1}, @udp={0xf0ffff, 0x0, 0x8}}}}}, 0x0) syz_emit_ethernet(0xb2, &(0x7f0000000000)={@broadcast, @empty, [], {@llc={0x4, {@llc={0xaa, 0xe0, 'T', "b895a20851bb7e853885afdfbd5889b004dfe8180778ccb64031d68a602577dce8e3ea20bac589871f508a0196dc630476bb5fd15db8c383cd56ece81e596655251f0f013f4c6f935a8bc447186114b602995419d842ca166b3e18acace5814d7a8d650edaa9cf25b9cc712f5ce17b5b735cacac6df2812db08fb460bda03ee408ddde69baa813b9f6c82ef8743f0b8a063c2189bb5435c3bdfcb33ef5cc10c17a"}}}}}, &(0x7f00000000c0)={0x0, 0x3, [0xcef, 0xf39, 0xca, 0x455]}) syz_extract_tcp_res$synack(&(0x7f0000000100), 0x1, 0x0) 07:53:32 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000048f00"}, 0x2c) 07:53:32 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0xbd, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:32 executing program 5: r0 = socket$inet6_sctp(0xa, 0x10000000005, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000080)=[@in={0x2, 0x0, @dev}], 0x10) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000002240)={0x1, [0x0]}, &(0x7f0000003a40)=0x8) getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000140)={r1, @in6}, &(0x7f0000000200)=0x90) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000040)={r2}, &(0x7f00000000c0)=0x10) getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000000)={r2, 0x2, 0x100}, &(0x7f0000000100)=0x8) 07:53:32 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x5, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:32 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:32 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffa888]}}, 0x1c) 07:53:32 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0x4b4, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:32 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000008400"}, 0x2c) [ 2248.168260] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2248.200979] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2248.212006] syz-executor0 cpuset=/ mems_allowed=0 [ 2248.216963] CPU: 0 PID: 28555 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2248.224326] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2248.233690] Call Trace: [ 2248.236311] dump_stack+0x1c9/0x2b4 [ 2248.239959] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2248.245159] ? trace_hardirqs_on+0x10/0x10 [ 2248.249404] dump_header+0x27b/0xf64 [ 2248.249658] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:32 executing program 6: r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x8, 0x800) setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000080)=[{0x2, 0x6}, {0x4, 0x5}, {0x3, 0x20}], 0x3) r1 = socket$nl_generic(0x10, 0x3, 0x10) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x81}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r2 = syz_genetlink_get_family_id$fou(&(0x7f0000000380)='fou\x00') sendmsg$FOU_CMD_GET(r1, &(0x7f0000000140)={&(0x7f0000000040), 0xc, &(0x7f0000000100)={&(0x7f00000000c0)=ANY=[@ANYBLOB="e5d11599", @ANYRES16=r2, @ANYBLOB="2503000f997d56f99ab92d789181"], 0x14}}, 0x0) 07:53:32 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000000000000000500"}, 0x2c) [ 2248.253128] ? pagefault_out_of_memory+0x197/0x197 [ 2248.253146] ? __lock_acquire+0x7fc/0x5020 [ 2248.253166] ? print_usage_bug+0xc0/0xc0 [ 2248.253187] ? graph_lock+0x170/0x170 [ 2248.253202] ? print_usage_bug+0xc0/0xc0 [ 2248.253219] ? trace_hardirqs_on+0x10/0x10 [ 2248.253241] ? print_usage_bug+0xc0/0xc0 [ 2248.253264] ? lock_downgrade+0x8f0/0x8f0 [ 2248.253286] ? mark_held_locks+0xc9/0x160 [ 2248.253299] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2248.253316] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2248.253334] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2248.253350] ? trace_hardirqs_on+0xd/0x10 [ 2248.253367] ? ___ratelimit+0xaa/0x655 [ 2248.253384] ? idr_get_free+0x10c0/0x10c0 [ 2248.253400] ? kasan_check_write+0x14/0x20 [ 2248.253412] ? do_raw_spin_lock+0xc1/0x200 [ 2248.253431] oom_kill_process.cold.25+0x10/0x10bc [ 2248.253455] ? oom_evaluate_task+0x540/0x540 [ 2248.253469] ? find_held_lock+0x36/0x1c0 [ 2248.253494] ? lock_downgrade+0x8f0/0x8f0 [ 2248.253513] ? kasan_check_read+0x11/0x20 [ 2248.253526] ? rcu_is_watching+0x8c/0x150 [ 2248.253539] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2248.253556] ? oom_badness+0xb00/0xb00 [ 2248.253573] ? rcu_read_unlock+0x35/0x70 [ 2248.253588] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2248.383624] ? css_task_iter_end+0x2ce/0x490 [ 2248.388036] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2248.392788] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2248.397801] ? trace_hardirqs_on+0xd/0x10 [ 2248.401944] ? _raw_spin_unlock_irq+0x27/0x70 [ 2248.406431] ? oom_badness+0xb00/0xb00 [ 2248.410326] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2248.415077] ? mem_cgroup_iter_break+0x30/0x30 [ 2248.419665] out_of_memory+0xa8a/0x14d0 [ 2248.423635] ? oom_killer_disable+0x3a0/0x3a0 [ 2248.428136] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2248.433146] ? trace_hardirqs_on+0xd/0x10 [ 2248.437290] mem_cgroup_out_of_memory+0x15e/0x210 [ 2248.442991] ? memcg_memory_event+0x40/0x40 [ 2248.447314] ? _raw_spin_unlock+0x22/0x30 [ 2248.451456] mem_cgroup_oom_synchronize+0x713/0x940 [ 2248.456474] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2248.461919] ? memcg_event_wake+0x450/0x450 [ 2248.466247] pagefault_out_of_memory+0xc8/0x197 [ 2248.470912] ? out_of_memory+0x14d0/0x14d0 [ 2248.475157] ? __handle_mm_fault+0x4460/0x4460 [ 2248.479734] mm_fault_error+0x1de/0x380 [ 2248.483704] __do_page_fault+0xd25/0xe50 [ 2248.487762] ? mm_fault_error+0x380/0x380 [ 2248.491918] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2248.497444] ? __x64_sys_clock_gettime+0x170/0x250 [ 2248.502361] ? __ia32_sys_clock_settime+0x290/0x290 [ 2248.507379] do_page_fault+0xf6/0x8c0 [ 2248.511172] ? vmalloc_sync_all+0x30/0x30 [ 2248.515310] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2248.520852] ? do_syscall_64+0x497/0x820 [ 2248.524904] ? syscall_slow_exit_work+0x500/0x500 [ 2248.529750] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2248.534674] ? syscall_return_slowpath+0x31d/0x5e0 [ 2248.539596] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2248.544951] ? page_fault+0x8/0x30 [ 2248.548492] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2248.553327] ? page_fault+0x8/0x30 [ 2248.556858] page_fault+0x1e/0x30 [ 2248.560302] RIP: 0033:0x40e33f [ 2248.563490] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2248.582827] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2248.588183] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2248.595444] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2248.602702] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2248.609960] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2248.617228] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2248.624712] Task in /ile0 killed as a result of limit of /ile0 [ 2248.630781] memory: usage 24kB, limit 20kB, failcnt 10241 [ 2248.636384] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2248.643182] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2248.644525] IPVS: set_ctl: invalid protocol: 0 172.20.20.0:0 07:53:32 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x218, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2248.649416] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2248.674839] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2248.683697] [28555] 0 28555 17618 8732 126976 0 0 syz-executor0 [ 2248.692665] Memory cgroup out of memory: Kill process 28555 (syz-executor0) score 1752600 or sacrifice child [ 2248.702775] Killed process 28555 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:32 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) ioctl$sock_inet_SIOCSIFPFLAGS(r0, 0x8934, &(0x7f0000000000)={'syz_tun\x00', 0xffffffffffffb84c}) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:32 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000300"}, 0x2c) 07:53:32 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0x63c, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2248.714833] oom_reaper: reaped process 28555 (syz-executor0), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB 07:53:32 executing program 6: r0 = socket$inet6_dccp(0xa, 0x6, 0x0) ioctl$SG_GET_KEEP_ORPHAN(r0, 0x2288, &(0x7f0000000100)) ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f00000000c0)=@get={0x1, &(0x7f0000000000)=""/173, 0x1}) [ 2248.805885] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2248.840245] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2248.867961] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2248.878960] syz-executor0 cpuset=/ mems_allowed=0 [ 2248.883901] CPU: 0 PID: 28594 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2248.891267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2248.900627] Call Trace: [ 2248.903231] dump_stack+0x1c9/0x2b4 [ 2248.906882] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2248.912089] ? trace_hardirqs_on+0x10/0x10 [ 2248.916333] dump_header+0x27b/0xf64 [ 2248.920069] ? pagefault_out_of_memory+0x197/0x197 [ 2248.925021] ? __lock_acquire+0x7fc/0x5020 [ 2248.929266] ? print_usage_bug+0xc0/0xc0 [ 2248.933346] ? graph_lock+0x170/0x170 [ 2248.937155] ? print_usage_bug+0xc0/0xc0 [ 2248.941226] ? trace_hardirqs_on+0x10/0x10 [ 2248.945472] ? print_usage_bug+0xc0/0xc0 [ 2248.949547] ? lock_downgrade+0x8f0/0x8f0 [ 2248.953712] ? mark_held_locks+0xc9/0x160 [ 2248.957869] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2248.962461] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2248.967575] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2248.972598] ? trace_hardirqs_on+0xd/0x10 [ 2248.976756] ? ___ratelimit+0xaa/0x655 [ 2248.980657] ? idr_get_free+0x10c0/0x10c0 [ 2248.984818] ? kasan_check_write+0x14/0x20 [ 2248.989067] ? do_raw_spin_lock+0xc1/0x200 [ 2248.993309] oom_kill_process.cold.25+0x10/0x10bc [ 2248.998167] ? oom_evaluate_task+0x540/0x540 [ 2249.002583] ? find_held_lock+0x36/0x1c0 [ 2249.006689] ? lock_downgrade+0x8f0/0x8f0 [ 2249.010855] ? kasan_check_read+0x11/0x20 [ 2249.015007] ? rcu_is_watching+0x8c/0x150 [ 2249.019163] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2249.023581] ? oom_badness+0xb00/0xb00 [ 2249.027482] ? rcu_read_unlock+0x35/0x70 [ 2249.031550] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2249.035793] ? css_task_iter_end+0x2ce/0x490 [ 2249.040211] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2249.040259] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2249.044965] ? trace_hardirqs_on_caller+0x421/0x5c0 07:53:33 executing program 5: r0 = syz_open_dev$sndctrl(&(0x7f0000006000)='/dev/snd/controlC#\x00', 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r0, 0x40045532, &(0x7f0000000100)=0x20000) r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000009000)='/dev/audio\x00', 0x0, 0x0) r2 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x0, 0x40400) dup2(r2, r1) io_setup(0x4, &(0x7f0000000000)=0x0) io_submit(r3, 0x1, &(0x7f0000001440)=[&(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, r2, &(0x7f0000000040)='M', 0x1}]) 07:53:33 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xe34, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:33 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x49, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:33 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x204, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:33 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00 \x00'}, 0x2c) 07:53:33 executing program 6: perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x3, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) getsockopt$IP_VS_SO_GET_DESTS(r0, 0x0, 0x50, &(0x7f0000000080)=""/24, &(0x7f0000000000)=0x18) [ 2249.044983] ? trace_hardirqs_on+0xd/0x10 [ 2249.044998] ? _raw_spin_unlock_irq+0x27/0x70 [ 2249.045012] ? oom_badness+0xb00/0xb00 [ 2249.045028] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2249.045043] ? mem_cgroup_iter_break+0x30/0x30 [ 2249.045073] out_of_memory+0xa8a/0x14d0 [ 2249.045094] ? oom_killer_disable+0x3a0/0x3a0 [ 2249.045111] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2249.045125] ? trace_hardirqs_on+0xd/0x10 [ 2249.045148] mem_cgroup_out_of_memory+0x15e/0x210 [ 2249.045164] ? memcg_memory_event+0x40/0x40 [ 2249.045182] ? _raw_spin_unlock+0x22/0x30 [ 2249.045200] mem_cgroup_oom_synchronize+0x713/0x940 [ 2249.045216] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2249.045231] ? memcg_event_wake+0x450/0x450 [ 2249.045259] pagefault_out_of_memory+0xc8/0x197 [ 2249.045272] ? out_of_memory+0x14d0/0x14d0 [ 2249.045294] ? __handle_mm_fault+0x4460/0x4460 [ 2249.045311] mm_fault_error+0x1de/0x380 [ 2249.045330] __do_page_fault+0xd25/0xe50 [ 2249.045351] ? mm_fault_error+0x380/0x380 [ 2249.045368] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2249.045383] ? __x64_sys_clock_gettime+0x170/0x250 [ 2249.045397] ? __ia32_sys_clock_settime+0x290/0x290 [ 2249.045414] do_page_fault+0xf6/0x8c0 [ 2249.045430] ? vmalloc_sync_all+0x30/0x30 [ 2249.045444] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2249.045460] ? do_syscall_64+0x497/0x820 [ 2249.045474] ? syscall_slow_exit_work+0x500/0x500 [ 2249.045490] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2249.045506] ? syscall_return_slowpath+0x31d/0x5e0 [ 2249.045524] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2249.045538] ? page_fault+0x8/0x30 [ 2249.045552] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2249.045566] ? page_fault+0x8/0x30 [ 2249.045582] page_fault+0x1e/0x30 [ 2249.143786] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2249.146282] RIP: 0033:0x40e33f [ 2249.146287] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2249.146549] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2249.146563] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2249.146572] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2249.146580] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2249.146588] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2249.146597] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2249.146776] Task in /ile0 killed as a result of limit of /ile0 [ 2249.146811] memory: usage 24kB, limit 20kB, failcnt 10261 [ 2249.146821] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2249.146829] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2249.146835] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2249.349661] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2249.358435] [28594] 0 28594 17618 8732 126976 0 0 syz-executor0 07:53:33 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8864000000000000]}}, 0x1c) 07:53:33 executing program 6: r0 = socket$inet_udp(0x2, 0x2, 0x0) connect(r0, &(0x7f00000001c0)=@in, 0x80) r1 = gettid() openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x0, 0x0) r2 = syz_open_procfs(r1, &(0x7f0000001340)='smaps\x00') sendfile(r0, r2, &(0x7f0000000000), 0x2020000000000ff) 07:53:33 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000048f00"}, 0x2c) 07:53:33 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x21a, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:33 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x170, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:33 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0xffffffffffffffe4) unshare(0x4000000) [ 2249.367342] Memory cgroup out of memory: Kill process 28594 (syz-executor0) score 1752600 or sacrifice child [ 2249.377379] Killed process 28594 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2249.389308] oom_reaper: reaped process 28594 (syz-executor0), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB 07:53:33 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0x25, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:33 executing program 6: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x2000, 0x0) getsockopt$inet_sctp_SCTP_PR_STREAM_STATUS(r0, 0x84, 0x74, &(0x7f00000001c0)=""/4096, &(0x7f0000000080)=0x1000) openat$cgroup_procs(r0, &(0x7f00000000c0)='cgroup.threads\x00', 0x2, 0x0) futex(&(0x7f000000cffc), 0x800000000005, 0x0, &(0x7f0000000180)={0x77359400}, &(0x7f0000000040), 0x1000000) 07:53:33 executing program 5: r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/fib_triestat\x00') openat$random(0xffffffffffffff9c, &(0x7f0000000080)='/dev/urandom\x00', 0x80000, 0x0) fchown(r0, 0x0, 0x0) write$cgroup_type(r0, &(0x7f0000000000)='threaded\x00', 0x9) 07:53:33 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00H\x00'}, 0x2c) 07:53:33 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000000)='./file0//ile0\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x48020, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:33 executing program 5: r0 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r0, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc}, 0x10) r1 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000080)=@req3={0x4, 0x10001, 0x0, 0x1, 0x9, 0x59, 0x7}, 0x1c) sendmmsg$alg(r1, &(0x7f0000008fc0)=[{0x0, 0x0, &(0x7f0000000880), 0x0, &(0x7f0000000940)}], 0x1, 0x0) close(r1) close(r0) 07:53:33 executing program 6: r0 = socket$inet6(0xa, 0x1000000000005, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000000)=0x7fe, 0x1000000ff) sendto$inet6(r1, &(0x7f00000000c0)="6a666ace9ce087f4b20000000000", 0xee, 0x0, &(0x7f0000000040)={0xa, 0x0, 0x4, @remote}, 0x1c) setsockopt$sock_int(r1, 0x1, 0x23, &(0x7f0000000400)=0x3, 0x4) recvmsg(r1, &(0x7f0000000300)={&(0x7f00000001c0)=@hci, 0x80, &(0x7f00000002c0)}, 0x2000) [ 2249.534120] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2249.594512] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:33 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xc68, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:33 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) getpgid(0xffffffffffffffff) getpid() fcntl$getown(r0, 0x9) r1 = getpgrp(0x0) write$cgroup_pid(r0, &(0x7f0000000280)=r1, 0x136) unshare(0x4000000) 07:53:33 executing program 5: r0 = socket$inet6(0xa, 0x5, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="025c3f0a00145f8f764070") r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) mmap(&(0x7f00001ed000/0x4000)=nil, 0x4000, 0x0, 0x4012, r2, 0x0) bind$inet(r1, &(0x7f0000942000)={0x2, 0x4e20, @multicast1}, 0x10) syz_open_dev$adsp(&(0x7f0000000080)='/dev/adsp#\x00', 0x7, 0x40180) connect$inet(r1, &(0x7f0000000100)={0x2, 0x4e20, @loopback}, 0x10) sendto$inet(r1, &(0x7f0000000600)="bfbffc9b6ca44f6ff7df1be8f692499790a434ffe1513f544c73677a40e2bdcee0a3b2f9d3c0be6c6ac2005a2f7f394a7bed0edd506cb729aa62ad67aceb800e0c295c5f98a2f484be7fe6b6c3f928b63ce211a1d286f52ee4ddce3375f57eaba53aac4165378057958c51d77504f9d6af518abde031bb385b15a2795785c7633e966be5ed6381a5d67df25c5fe6071411c5c8c76c3e026dea0ba91a8a8a0ac6349c41b8e49f44916535d00c325685e31fd967a4cd7ff0dd46793312c55c709762e58ed831de3270d992bab28c145f387aefe6b784abbb024d26e859bc6bec8b8580807a5c1a84e288c3e272a18b68a049204bd304abd08ad4f06e8888daa73979d58c5ae8412606cc8f9ce038914e21ed69f460d6d515a48bd0ec8059dd44a1ae8813b9ee77f207087851812ef17f806aeba9a2d177fc9000030fc12445ef4ba2ad9e008af08ddc9e2d51119a87a9740cc0bbfbf3da7da8f180565d7d2344bd6ffea422d1cb9bee7ea0aa9a4b395e926714b2e9cc4c1850e49d3073bf101cd009941e0ba439da408ae459e23affac40638e8bddf95f1e0c4461ebac58253bda8e3541a485775a2faf01d9278c229a9bcb18991ac1e1512fe708e6d75655d20c299a0266f1e01111e01a41b56b15e62a90930c20b8b5ed0a88a7efdc62d5a628f4f6d5d292b087aad68d72e670ab7747bd2f8328c19df4da409ca5265010b38c81f0008d2a4f0bb19e6cbdc6b0d042926a9580f0608c60db73012d9770e2f3b0f0329124283c9480ea960d4c5f255ca97be92dabbfca13d3f45311655bf16ab2e04720bb94446a216d9ad85b45b42a1d0a8af995fb6eebec390ce72de8e1096933095c279f424975870c694cf0c7bad462a3fe8574111fe761e61beb7d08073e351a0e86a98ab98313e5f75ff2f85b97be18726e785c6385a3384b05ceba0eb969c0ed2380ede4dd8b2a17aea680dc78bc9fd7132b7aa53e0d7e354f1d0bce40d6775aff514238e7bb39e05cdb502b825db358e298ad186d268294993a337824c0fc78f983395ac4877b044ec36aeab8edbdbd4110951d72b67fa8fc717b72abe3ffe868c7052e590f10a9d77dd5f4d365e895ce0d1b2d512ad17f82222167a578f96db1ce93fc396e2db4b9abd01a6d9fd6ea16cfe43fe2a6d2efcab84bb0e229fb648ac643ad9c97d7c5b2f1c391b4d32b1a246665ce3e11dc236036eceda3f397e5e1d62175b77cd5ec20be3703f7d3286932fdb5e6d545748cc32a3568695d755dedfc66182860b36749dcfc89722adfbddffda61bba8722a71ba5e244fe445c18fc5e053801b3f44ae68d782f1b7925bbe0fdfe95d55de18795d1ea3e4b7660c2a8dfc76823dfb81880887b9d36558961264c6a921c84ecac9f6df82134177bbefc1c73eea3518064ce99e773dcb24bd97258a2459e2673275c74fe4478ed2f6243b86ac5cd738fa6341f0c173ec47d19a94919341662f5e8ff2d50e21d6d674f86ae1e2c0d6c6c87ea98084bf838841a2566bc9d85e15d0a168f52f80f6474a87cc7568e156f19b95f762f926d12ac242627ba1ded393cfd16c3a44f12a5d4b8447472166daacfa2d430787f58397387466e36fde8b9a96d5c02b1e7f32a654c926e9136d16b52c1ece887dee4538a211cb8103a0c7c7118c23a47af69b94a9a512468c789555f7eeccfcfff4e893ef2146b49f2720d9b2232c797e16324d54d5b2347731de2c72e785d8cbfa0ef75e636b9feafca0afaa3968990bad350630f0ab105eea6027b4b9e98c88fdf4d8aea375980f891db9c863389a7a0dd9da06f5a603d7fd1c93e21cddd50760018c4438dbd5ea8d24ba8dfc43fee4dedb61f7c6beb8200f04f4252c35058d33fd0c54ae734c78c53900006c21d102c0cf4b17d9d5fc1802500e5accd81790ae6cd22b6b812e4c9449418152bdae8db766cfa15eb2c55142dfee2147becb778b5fb3aa2c55fa2c3403f2951c5f5971ef751a72455d96b706c166d63192d1d1f86c9147b1b76ae74dca35a1c7938986907dfb814e86066acd1e342240986cbfb8394d36f01b6f3a6d96578c0b4d8bd73f3e56e20c836e0016e48fabbe169ca8fb48c8e084a110a1cb8916f8a59adc5f61c164d63e39cd2270f7d724380931203e4b30d430db0ccbf75c9a997f080dcc7d43c6586483d9281ac86258313abb8c21a0259816c59f613ddb350d3f3b81b9ced61da6d22552681888a6429683fdd24a2761746c8d67e9e84dcfbe2bfbc728debbb8fc2665a226addd3f5ce9fa991eddf57ce24d640a560a698284120ccc5f1f8152f656f23d7b13cd43b4d3537f126a0f386a35e04606b7623e6e141ccced4e51d4ac051e48caf30adc614e9cd408f567b6ccd8b1177f051c92084f36b252c83fb7291427204c3e3f65dba92a9ca067bb403de3ba27d53e50ee158e7aed6dea0584d18e373cc6051a8084cf02d5716ac666cb48eff33c9ba18b557be9351beb919d82077dc47db880b525b72e08ca949a7386a1bf3d7dea38096347ec8437cbc2e4e5f6775785514d5479567c0802b50122e7af2922f048f48a8584aab8c1ce7f04fb4a4b4cc13f5a4e2c9318078bc8c634710272104f08c822efab2f9f9b174068621f7cec424a100289a7a884b51da75a5c61be653b4467a59285746496f8a7fc7288413c07629e4baf61e7142c50abc59bd23cdccaafde5b4ff8c2384dfddbf70f28fe10551bab875aa329a9f0ea4ab6732f51870df4030b38831fafa4c8408f8092c4c929cf13675ed056c750cfaa5b12ba3273c4858fc0c88957b84417375c9ef0a91b7ab52c8225d449e268bd9dbfb137885370d9f7afacd41884b4e68548ac28ef96f9fdf287cce84dbb2d788cd95f4962550247ee228cc930b4a938902bc20ca81a0a8c2e5a59fbb4ac4c611909e4f155a1c52bb8d95fb6d24337310bf32f7b0d3949e4c89048ac2153a40a875f89ac6aed185a5652e3b76f67794d3d9c62aadf949136efec6af8ec5fcdd64824994d2c48e3aee4a98191a574f208e40fcee03ad68003a6cfd6dd310096471e30034817a269d2a7ab8adaf3a0e3027e42a7c13494f5434610e1d3f6a472755f40539c80e7f8a2eb69a3466a4288ac9336ece8d17834eb235ff5232c3e8d9a4522cce4ad2ac3934197796baca5e6d22290b204e7bd9791d934941bf87a22435f91928f46bfc2dce38a9642913720ca8249b4cf7043567ba668ee49a8218a2cad42115d405eac16900ac6f39a90836d3fa5ed7679ae8341adc9dbb755e11c5488de0f8c348d586b6a43e8c4e9128641f5ea881c3e1bb6dfbc3da8629c53ae0d97d73c1f6e49d4fb701e0c21d13d4f35a81956f760e895991f8c0a11c02a0c13c0b43e21e84d8ec9404334577d142b90cb2e1b00a4b19a31035e0ffd99b82a032bcbaee8133b2f748e3c448185f2cf154c198a5e84e8d1c420c43e92e27f69a936ef4519d173adbd6635cc116391bbc2ddc15fd088d33218a565115bcb1f603ff6ffa8ab5e0ccc9c80c5d57997b3272596b7bb1e20a49d51dee0f9607fd90682a7be72eed1a25d65ed193d66544667fe4a5eca809f9bdb7e644e2dcffc92117b81057916568e375986deec0df95cf9cabc2dd4e6266a1dbf7dfedb2dcafb602dc842502fea3e3413026643236faa0853b127ceb897af3274ed901832b751d02401a712007faee5ae8f6901c0e7414a234644002ba66847c7734d0649ecfeb5cc1ef752c94c632083bb9c454ac66962ac3f92b0e64bf2c9ad23aa4ee8f3b985349aa02f70b269dd531a6314e240d0e936065b46bc115d2fe814c6d875e52a0d5664c5c5f53b9d433817048b9e0a6bcc9745999a14ae62ba8da9d12ea871317803f7770e8c197c8216b23706c6c0cd28444fb5efe381de00735c6793167a3e0a4565a9ffc2b08a87350d69cbed0162db74c54f7fa773d6f5a376deed340ac6bbc73eadfb4b78983eb6e807848802753eb4b26dee4a9e8b796ab97c02084c76f73eed89128210e9fd5f46f76a87d3a1dd82ce7a5747dd81c01d4796823bad91ed57f553a715786a7c260f83e2a969e81c627db6769253d62a9c077da2b9e2716de77567a1407a528ee7c24a4090ea705be5620c7ddc67dfa4de4d8753ab2be2cdfb7a4f1ee563946e33e11c6f280b8a0b7b2f22cc5d8c69498980b2c5a135fede810d326aa4f5f6489ff620f8a9a3246fb56fcbcd26ddd12652b421264bc8167f8d5b83bb72622d3c0ac0de289bcc9cd233221287a34db3ad8564b224907eead0441feeae031ea1528eafa0e929194943466efff884bb925ea7f93c0cae6c7b0c02641a69512b11846bd932f050c5c69999889e8e742eaaa0e42bf9635fa762b535b45b193c475b27fa209ee599cb63ac8df698973326ae4bdc304067ea50da348531315938fa2ae7bd2684fcd682159037b6bfe446a143e8d0642d53df4b8b53ad67e6dccd208b2fa16af37bac06dc4c1a154a5dd7ba88020cd6ad680b9c5a9e1437c22c681aabe2b74480bac34524368f134907b684a6194bc4094f2679ebbe0d2241333c0c7217c8f28273bcf2802224c51d6e111d4dbdcbed0c7ad5a868e08eacc285199a0e64e1ff096becb53ab2bf100c69f7653bda6fa50fc71c5541d17ce341833a1d1b06b7f8899475615820d69f56aacf603e8977558816de4316afb81c24e53411feca65bc84da171a291251abfe3f07c3d5af2e3cf7eb61823dda9100872aa7f0a0b1631b22b0241ccfb6f4fba43e9b1a57ce7451b3a56fc7d5a91227e66b47cdadd35945fc3d694d2c5f09c4b0e8cd0fefde5e8c13b907ad3ddccee5a1fb5ceee00ad0e7e8b556548a40061b56316b5899e5e92d6d0bb822fe1b29a337dc6ec1a7e758f441353bbd69dd6c9e8f09f9e9dac93a4dd6cc5855228c2bd2ca6e702100cc18dfa6b2b90e964e2bc398e38702270e2f36954c563e5077979c765dd8639c2580062dad6546045e528b1aaefce93edcb27942a497df73363cfe3ef1dd9bd36fcb7c1427c2a650ccf09fbfaf1fa356a4976abe2ada744fe93e190a0ba0b5b8de8f984e31c9f2b2cc0f73d94bb31548518e96d2c0a23d89b66dd567709134ffd0600c5593a80e5470fca3883a685b9e2616254fc33f1eed13c6e3a9a75d3c7ce67e254aecbeb91b1c0812207b26ea2c55dc8542aa99e4593ec3142e0203ee944ba7918c648ede46c7656d642619f78fd426ca5b485cc919bff461249288b6709406781306d72bdf8c01c23a6b030d1d8417996c2b8615f1ef1eade7b7f424c187efcf4abd4e6de56a32ebb7011fc409e130462385fe345233b6129066041231d87912b24143327a7a9ce1fa4e08506598fc3d6e3939bfe4288624a772b9a8dbf621432405e9cc15f24985f5e57673b51f23c4cb3aa1ae546dff31d2fbab81bb2f9729ee7b1d5a9674be4b771b18ee7374bb8c0323ea22e33178d208e2e5c17a2a5087f2cf75dcf038d66a4f6ee5cd0f5f757fc371f8f9efc1644e26c2478362561eafb9c534973fb3b32d8e69079bc5e44c064c293fd558c3283cf7648d25b49202515f69c4b2f6aadac15335c5d99dc278af7cfdf6cca8d7d7ec980c16caa8f2ff598a7f552c800ebb98afbfacd084f4f5ca1d72deacc4e1b3f83d8238b0e066da13d6c568a274fbb3cf86b4c7d40320140388425a8c4ab44fe4d703efffcedac918fb89ea7884684f0c43fbbeadf81af5e62e7a64414da41dc4be590fb037be9d3d62a9e6a38d40b7052ea15c84621633f80f8c6b1c4841d503e47616874fddfeda77743937fc70218", 0x1000, 0x0, &(0x7f00000000c0)={0x2, 0x0, @remote}, 0x10) r3 = dup2(r0, r1) ioctl$PPPIOCGL2TPSTATS(r3, 0x80487436, &(0x7f0000000300)="a1cff98fa5fd70ed79edc8e371e8323f6ec82267660926e28091efebc084a14b5f08c19a16fd3ecc14c7f95f3d88e542c4d83ee7d2d738e4d588872d212043e4c9adb28141f7f5bf3a1163485188830d4491d66c52b6ee28169e6aa3ca55048730c36c47174f088b4c067c9ea86151028b80c02ce8ff2d26d15599135d2c8106648beeac1eea0b7ef13ef0baa9556fa80dcf1f6dcc6d8a856cc56cab2fc6214005f4f6de230dbd79c665b6ccf8c681b42bed7534732593052342819662e0bde8aee7f6ab5a41112c2b3ab5ff2470fba683810ce0b415638d40c3ba74911636ac33cfae0ccdeb0acd27a00fd9b42a15c3716e") socketpair$packet(0x11, 0x3, 0x300, &(0x7f0000000000)) shutdown(r1, 0x2) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r1, 0x6, 0x23, &(0x7f0000000240)={&(0x7f00001ee000/0x2000)=nil, 0x2000}, &(0x7f00000002c0)=0x10) r4 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/amemthresh\x00', 0x2, 0x0) ioctl$IOC_PR_PREEMPT_ABORT(r4, 0x401870cc, &(0x7f0000000040)={0x8, 0x100000001, 0x4, 0x780f9a56}) 07:53:33 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400000000000000]}}, 0x1c) 07:53:33 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00l\x00'}, 0x2c) 07:53:33 executing program 0: r0 = open(&(0x7f0000000000)='./file0//ile0\x00', 0x101000, 0x10) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0x2, &(0x7f0000000300)=0x1c, 0x4) mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) utime(&(0x7f00000002c0)='./file0//ile0\x00', &(0x7f0000000380)={0x7, 0xf81}) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:33 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0x18, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:33 executing program 6: r0 = socket$inet_dccp(0x2, 0x6, 0x0) perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = open(&(0x7f0000000080)='./file0\x00', 0x80800, 0x2) getsockopt$kcm_KCM_RECV_DISABLE(r1, 0x119, 0x1, &(0x7f00000000c0), 0x4) getsockopt$inet_int(r0, 0x10d, 0xc, &(0x7f0000000100), &(0x7f0000000040)=0x4) 07:53:33 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x19b, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:33 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x51, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:34 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00c\x00'}, 0x2c) [ 2249.909336] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2249.920495] syz-executor0 cpuset=/ mems_allowed=0 [ 2249.925444] CPU: 1 PID: 28706 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2249.932813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2249.942172] Call Trace: [ 2249.944771] dump_stack+0x1c9/0x2b4 [ 2249.948415] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2249.953622] ? trace_hardirqs_on+0x10/0x10 07:53:34 executing program 6: r0 = socket$inet6(0xa, 0x80002, 0x5) r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000100)='/dev/full\x00', 0x240400, 0x0) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r1, 0xc0045520, &(0x7f0000000140)=0x4) ioctl(r0, 0x8912, &(0x7f00000005c0)="0a5cc80700315f85714070") r2 = socket$inet(0x10, 0x3, 0xc) sendmsg(r2, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000000707031dfffd946fa2830020200a0009000100001d85680c1baba20400ff7e28000000110affffba010000000009b356da5a80d18be34c8546c8243929db2406b20cd37ed01cc0", 0x4c}], 0x1}, 0x0) ioctl$BLKTRACESTART(r1, 0x1274, 0x0) r3 = dup3(r0, r0, 0x80000) ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000080)={[{0x8, 0x4, 0x100000000, 0x20, 0xfffffffffffffc00, 0x6, 0x1, 0x4, 0x4000401, 0xc000000000000000, 0x873, 0x1ff, 0x20081}, {0x5, 0x240000000000, 0x28dd, 0x0, 0x5, 0x5, 0x0, 0x8, 0x89, 0x6, 0x4, 0x545, 0x6}, {0x8, 0xffffffff, 0xad4c, 0x3fe00000000000, 0x1, 0x101, 0x39f, 0x2, 0x4, 0x7, 0x7ff, 0x9, 0x2}], 0x7fffffff}) getsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f0000000180)={@multicast1, @multicast2}, &(0x7f00000001c0)=0x8) ioctl$RTC_ALM_SET(r3, 0x40247007, &(0x7f0000000200)={0x27, 0xf, 0x14, 0x1d, 0xa, 0x5d, 0x1, 0x28, 0x1}) 07:53:34 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x129, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:34 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0xb1, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:34 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x86ddffff]}}, 0x1c) [ 2249.957872] dump_header+0x27b/0xf64 [ 2249.961610] ? pagefault_out_of_memory+0x197/0x197 [ 2249.966557] ? __lock_acquire+0x7fc/0x5020 [ 2249.970808] ? print_usage_bug+0xc0/0xc0 [ 2249.974889] ? graph_lock+0x170/0x170 [ 2249.978706] ? print_usage_bug+0xc0/0xc0 [ 2249.982781] ? trace_hardirqs_on+0x10/0x10 [ 2249.987046] ? print_usage_bug+0xc0/0xc0 [ 2249.991148] ? lock_downgrade+0x8f0/0x8f0 [ 2249.995315] ? mark_held_locks+0xc9/0x160 [ 2249.999468] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2250.004079] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2250.009191] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2250.014223] ? trace_hardirqs_on+0xd/0x10 [ 2250.018384] ? ___ratelimit+0xaa/0x655 [ 2250.022290] ? idr_get_free+0x10c0/0x10c0 [ 2250.026443] ? kasan_check_write+0x14/0x20 [ 2250.030685] ? do_raw_spin_lock+0xc1/0x200 [ 2250.034935] oom_kill_process.cold.25+0x10/0x10bc [ 2250.039797] ? oom_evaluate_task+0x540/0x540 [ 2250.044221] ? find_held_lock+0x36/0x1c0 [ 2250.048311] ? lock_downgrade+0x8f0/0x8f0 [ 2250.052475] ? kasan_check_read+0x11/0x20 [ 2250.056628] ? rcu_is_watching+0x8c/0x150 [ 2250.060781] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2250.065201] ? oom_badness+0xb00/0xb00 [ 2250.069098] ? rcu_read_unlock+0x35/0x70 [ 2250.073166] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2250.077409] ? css_task_iter_end+0x2ce/0x490 [ 2250.077534] netlink: 20 bytes leftover after parsing attributes in process `syz-executor6'. [ 2250.081823] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2250.081840] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2250.081857] ? trace_hardirqs_on+0xd/0x10 [ 2250.081872] ? _raw_spin_unlock_irq+0x27/0x70 07:53:34 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\n\x00'}, 0x2c) [ 2250.081886] ? oom_badness+0xb00/0xb00 [ 2250.081903] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2250.117414] ? mem_cgroup_iter_break+0x30/0x30 [ 2250.121504] netlink: 20 bytes leftover after parsing attributes in process `syz-executor6'. [ 2250.122014] out_of_memory+0xa8a/0x14d0 [ 2250.134479] ? oom_killer_disable+0x3a0/0x3a0 [ 2250.139008] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2250.144040] ? trace_hardirqs_on+0xd/0x10 [ 2250.148232] mem_cgroup_out_of_memory+0x15e/0x210 [ 2250.153097] ? memcg_memory_event+0x40/0x40 07:53:34 executing program 6: sched_setaffinity(0x0, 0x8, &(0x7f0000000080)=0x6) socketpair$inet6_tcp(0xa, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) getsockopt$inet_mreqn(0xffffffffffffff9c, 0x0, 0x20, &(0x7f0000000180)={@multicast2, @remote, 0x0}, &(0x7f00000001c0)=0xc) fstat(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet6_IPV6_IPSEC_POLICY(r0, 0x29, 0x22, &(0x7f0000000280)={{{@in=@rand_addr=0x3ff, @in=@multicast2, 0x4e20, 0x0, 0x4e20, 0x9, 0xa, 0x80, 0x80, 0x6f, r1, r2}, {0x4af5, 0x7fffffff, 0x3f, 0x101, 0x4, 0x7, 0x0, 0x2}, {0x6, 0xff, 0x65d96c81, 0x3c}, 0xffffffffffffff7f, 0x6e6bb1, 0x2, 0x1, 0x1, 0x3}, {{@in=@multicast1, 0x4d6, 0x3b}, 0xa, @in6=@loopback, 0x3505, 0x1, 0x1, 0x9c91, 0x3, 0x400, 0x6}}, 0xe8) clone(0x200, &(0x7f0000000300), &(0x7f0000000140), &(0x7f0000000040), &(0x7f00000000c0)) mknod(&(0x7f0000000100)='./file0\x00', 0x1040, 0x0) execve(&(0x7f0000000400)='./file0\x00', &(0x7f0000000600), &(0x7f0000775000)) socketpair$inet_dccp(0x2, 0x6, 0x0, &(0x7f0000000380)) open$dir(&(0x7f00000000c0)='./file0\x00', 0x27d, 0x0) [ 2250.157436] ? _raw_spin_unlock+0x22/0x30 [ 2250.161669] mem_cgroup_oom_synchronize+0x713/0x940 [ 2250.167393] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2250.172854] ? memcg_event_wake+0x450/0x450 [ 2250.177292] pagefault_out_of_memory+0xc8/0x197 [ 2250.181997] ? out_of_memory+0x14d0/0x14d0 [ 2250.186353] ? __handle_mm_fault+0x4460/0x4460 [ 2250.191278] mm_fault_error+0x1de/0x380 [ 2250.195305] __do_page_fault+0xd25/0xe50 [ 2250.199388] ? mm_fault_error+0x380/0x380 [ 2250.203547] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 07:53:34 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000000000000000400"}, 0x2c) [ 2250.209094] ? __x64_sys_clock_gettime+0x170/0x250 [ 2250.214035] ? __ia32_sys_clock_settime+0x290/0x290 [ 2250.219064] do_page_fault+0xf6/0x8c0 [ 2250.222908] ? vmalloc_sync_all+0x30/0x30 [ 2250.227067] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2250.232611] ? do_syscall_64+0x497/0x820 [ 2250.236681] ? syscall_slow_exit_work+0x500/0x500 [ 2250.241530] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2250.246461] ? syscall_return_slowpath+0x31d/0x5e0 [ 2250.251573] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2250.256938] ? page_fault+0x8/0x30 [ 2250.260482] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2250.265350] ? page_fault+0x8/0x30 [ 2250.268897] page_fault+0x1e/0x30 [ 2250.272348] RIP: 0033:0x40e33f [ 2250.275534] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2250.294872] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2250.300282] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2250.307578] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2250.314863] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2250.322139] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2250.329419] R13: 00007ff4a0756700 R14: 0000000000000002 R15: 0000000000000001 [ 2250.336789] Task in /ile0 killed as a result of limit of /ile0 [ 2250.342891] memory: usage 24kB, limit 20kB, failcnt 10281 [ 2250.348502] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2250.355333] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2250.361537] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2250.381056] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2250.389903] [28706] 0 28706 17618 8732 126976 0 0 syz-executor0 [ 2250.398795] Memory cgroup out of memory: Kill process 28706 (syz-executor0) score 1752600 or sacrifice child [ 2250.408839] Killed process 28706 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:34 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x236, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:34 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000000000600"}, 0x2c) 07:53:34 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x90, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:34 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r0, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:34 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xde8, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:34 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bond_slave_1\x00', 0x0}) r3 = memfd_create(&(0x7f0000000000)='@system\x00', 0x2) r4 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x40, 0x100) bind$xdp(r3, &(0x7f0000000180)={0x2c, 0x2, r2, 0xc, r4}, 0x10) sendmsg$nl_route(r1, &(0x7f0000000100)={&(0x7f0000000b40), 0xc, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x20, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2}}, 0x20}}, 0x0) bind$netlink(r3, &(0x7f00000001c0)={0x10, 0x0, 0x25dfdbff, 0x348000}, 0xc) 07:53:34 executing program 5: capset(&(0x7f0000000000)={0x400019980330}, &(0x7f0000b2d000)) r0 = socket(0x10, 0x3, 0x0) ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'irlan0\x00', 0x1000}) ioctl$sock_ifreq(r0, 0x89f2, &(0x7f0000000040)={'ip6tnl0\x00', @ifru_addrs=@generic={0x0, "0f3566cf5130cfa70d1116eea8ea"}}) ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000080)=0x0) ioprio_set$pid(0x3, r1, 0xc7b5) 07:53:34 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8848]}}, 0x1c) 07:53:34 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x2) ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070") r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000080)={0x26, 'hash\x00', 0x0, 0x0, 'tgr160-generic\x00'}, 0x58) r2 = accept$alg(r1, 0x0, 0x0) sendmmsg$alg(r2, &(0x7f0000000700)=[{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000040)='c', 0x1}, {&(0x7f0000000200)}, {&(0x7f0000000340)}, {&(0x7f0000000400)="bc5bcef5c1b574d0c7d230f0e2363f61410d906ab90517338f476eb378c025545d12804797cb774b0189c6b31523e29cbf6cc3485783ee846ac958489a969550", 0x40}, {&(0x7f0000000540)="abccbbbd5ac99e83092dc7a5c4586f8302f41ccbaea08cf76762a59d9d4373d53ec1f6fd1af11175085e89ede2eecf8c18ce8930a2d0c789792a3dfff7ad67acc459e8e946a80c73ce4347fa22ec8274dc00dca2eef7de052da9019c3c848e833105514385415f1b8b74a8", 0x6b}], 0x5}], 0x1, 0x0) 07:53:34 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = epoll_create(0x5) writev(r0, &(0x7f0000000000)=[{&(0x7f0000000280)="ff363af9ea3c954f1eebac734084e68f014322e013c3f68eff4844f2a342aeed22a72d4ba35c5bb7e04af789cb7fd82006df7a37b0447c175946b6e1bc56637af72dfbba080ec3f1bdeb8b7fcd70bc8cd91b546b871095166dbf7f11e652ac93fbaceaa1f400d0d1ea7e6da5f5d2cc8ac4dd47e78bd5f905328c9247e58fde9230f7cf85002de4b0e1724daf9d39b7520adfb3b40785158f3534743eb1fbd9c2cfafda1419c26ca99facbf53fd2159917c10a80695f70eea47e5afe362f8adfea6c32981fec818d8365308a8a44a27113720b657694c903c907ac8fd9d4a6b6bea28174a1591f6fb02cb279f96edb7628498e11b1f95b2d287", 0xf9}], 0x1) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:34 executing program 5: r0 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x6, 0x498b00) bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000080)={r0, &(0x7f0000000140)="381c6023c1d81c514a08c8488abe59333480bf600a301b785e18257b838e2c67f9d00756f0988120386aedc6eeeb48e818cf2ab93d3220d22d257bf9e8cfaa12e6e747844d959bf372765769b31bae6499cb6e14140421a7330af0a85bea6c07f83ace421d41697f8458afce7a5dfe236ca9c4d77d3dd4d1b7f2034bb5ce96730c088be60a2cc2dd839ef656b40a6d5de72766a34095dbcc92787b0572c6c2f00f3ca62e7862fb7d46b706ee358bc6d957517fe75f3bbe96b845de39f8ec115c4cf4181389ce62e97da0a5e8924c", &(0x7f0000000400)=""/4096}, 0x18) r1 = open(&(0x7f00009e1000)='./file0\x00', 0x8040, 0x0) fcntl$setlease(r1, 0x400, 0x0) rt_sigprocmask(0x0, &(0x7f0000032ff8)={0xfffffffffffffffe}, 0x0, 0x8) rt_sigtimedwait(&(0x7f00005a1000)={0xfffffffffffffffd}, &(0x7f00000003c0), &(0x7f00007adff0)={0x77359400}, 0x8) truncate(&(0x7f000037eff8)='./file0\x00', 0x0) openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x1, 0x0) r2 = gettid() write$FUSE_POLL(r1, &(0x7f0000000000)={0x18, 0x0, 0x8, {0x2}}, 0x18) timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000)) r3 = socket$inet6(0xa, 0x802, 0x0) ioctl(r3, 0x100008912, &(0x7f0000000100)="025cc80700145f8f764070") timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, &(0x7f0000040000)) tkill(r2, 0x1000000000016) fcntl$setlease(r1, 0x400, 0x2) 07:53:34 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0x10, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:34 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000400"}, 0x2c) 07:53:34 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xde0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:34 executing program 6: r0 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x80003, 0xff) setsockopt$inet6_int(r1, 0x29, 0x16, &(0x7f0000fcb000), 0xfffffefc) ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000040)=0x0) r3 = dup(r0) setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000080)=0x1, 0x4) ioprio_get$pid(0x1, r2) dup2(r0, r1) [ 2250.764759] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2250.775860] syz-executor0 cpuset=/ mems_allowed=0 [ 2250.780806] CPU: 1 PID: 28783 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2250.788429] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2250.797787] Call Trace: [ 2250.800395] dump_stack+0x1c9/0x2b4 [ 2250.804041] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2250.809246] ? trace_hardirqs_on+0x10/0x10 07:53:34 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000000007fffffff00"}, 0x2c) [ 2250.813492] dump_header+0x27b/0xf64 [ 2250.817229] ? pagefault_out_of_memory+0x197/0x197 [ 2250.822170] ? __lock_acquire+0x7fc/0x5020 [ 2250.826419] ? print_usage_bug+0xc0/0xc0 [ 2250.830491] ? graph_lock+0x170/0x170 [ 2250.834303] ? print_usage_bug+0xc0/0xc0 [ 2250.838373] ? trace_hardirqs_on+0x10/0x10 [ 2250.842623] ? print_usage_bug+0xc0/0xc0 [ 2250.846701] ? lock_downgrade+0x8f0/0x8f0 [ 2250.850865] ? mark_held_locks+0xc9/0x160 [ 2250.855134] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2250.859724] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2250.864824] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2250.869838] ? trace_hardirqs_on+0xd/0x10 [ 2250.874006] ? ___ratelimit+0xaa/0x655 [ 2250.877898] ? idr_get_free+0x10c0/0x10c0 [ 2250.882045] ? kasan_check_write+0x14/0x20 [ 2250.886273] ? do_raw_spin_lock+0xc1/0x200 [ 2250.890506] oom_kill_process.cold.25+0x10/0x10bc [ 2250.895352] ? oom_evaluate_task+0x540/0x540 [ 2250.899765] ? find_held_lock+0x36/0x1c0 [ 2250.903829] ? lock_downgrade+0x8f0/0x8f0 [ 2250.907972] ? kasan_check_read+0x11/0x20 [ 2250.912112] ? rcu_is_watching+0x8c/0x150 [ 2250.916260] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2250.920669] ? oom_badness+0xb00/0xb00 [ 2250.924565] ? rcu_read_unlock+0x35/0x70 [ 2250.928614] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2250.932838] ? css_task_iter_end+0x2ce/0x490 [ 2250.937237] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2250.941996] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2250.947028] ? trace_hardirqs_on+0xd/0x10 [ 2250.951173] ? _raw_spin_unlock_irq+0x27/0x70 [ 2250.955669] ? oom_badness+0xb00/0xb00 [ 2250.959547] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2250.964297] ? mem_cgroup_iter_break+0x30/0x30 [ 2250.968885] out_of_memory+0xa8a/0x14d0 [ 2250.972857] ? oom_killer_disable+0x3a0/0x3a0 [ 2250.977348] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2250.982366] ? trace_hardirqs_on+0xd/0x10 [ 2250.986522] mem_cgroup_out_of_memory+0x15e/0x210 [ 2250.991359] ? memcg_memory_event+0x40/0x40 [ 2250.995678] ? _raw_spin_unlock+0x22/0x30 [ 2250.999818] mem_cgroup_oom_synchronize+0x713/0x940 [ 2251.004825] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2251.010265] ? memcg_event_wake+0x450/0x450 [ 2251.014590] pagefault_out_of_memory+0xc8/0x197 [ 2251.019252] ? out_of_memory+0x14d0/0x14d0 [ 2251.023491] ? __handle_mm_fault+0x4460/0x4460 [ 2251.028072] mm_fault_error+0x1de/0x380 [ 2251.032047] __do_page_fault+0xd25/0xe50 [ 2251.036111] ? mm_fault_error+0x380/0x380 [ 2251.040250] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2251.045793] ? __x64_sys_clock_gettime+0x170/0x250 [ 2251.050713] ? __ia32_sys_clock_settime+0x290/0x290 [ 2251.055722] do_page_fault+0xf6/0x8c0 [ 2251.059513] ? vmalloc_sync_all+0x30/0x30 [ 2251.063652] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2251.069185] ? do_syscall_64+0x497/0x820 [ 2251.073236] ? syscall_slow_exit_work+0x500/0x500 [ 2251.078071] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2251.082996] ? syscall_return_slowpath+0x31d/0x5e0 [ 2251.087928] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2251.093285] ? page_fault+0x8/0x30 [ 2251.096815] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2251.101650] ? page_fault+0x8/0x30 [ 2251.105202] page_fault+0x1e/0x30 [ 2251.108668] RIP: 0033:0x46f8fd [ 2251.111841] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2251.131203] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2251.136560] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2251.143821] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2251.151080] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2251.158339] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2251.165599] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2251.173103] Task in /ile0 killed as a result of limit of /ile0 [ 2251.179180] memory: usage 24kB, limit 20kB, failcnt 10325 [ 2251.184781] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2251.191583] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 07:53:35 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x48, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:35 executing program 5: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = gettid() r2 = syz_open_procfs(r1, &(0x7f0000000200)='cgroup\x00') r3 = perf_event_open(&(0x7f0000000180)={0x2, 0x70, 0x3e5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$void(r0, 0xc0045878) sync() pipe2$9p(&(0x7f0000000380), 0x80000) r4 = shmget(0x0, 0x4000, 0x100000054001200, &(0x7f0000ffa000/0x4000)=nil) shmctl$SHM_LOCK(r4, 0xb) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc83d6d345f8f762070") ioctl$VT_SETMODE(r2, 0x5602, &(0x7f0000000340)={0x7ff, 0x0, 0x10000, 0x800, 0x3}) r5 = memfd_create(&(0x7f00000003c0)="2d42d54e49c56aba707070f00884a26d003a2900bb8dacac76617d6b6e6823cb290fc8c03a9c631064eea98b4363ad899c6bdec5e936dd55a93dcd4a78aa8f7eb93061a9b2044b98933f8851f7d61da1ce8b19eaefe3abb6a52434d6fe370fe7d924ce20ab4eaec9bdd36740e127730e90f2cd72b828", 0x0) pwrite64(r5, &(0x7f0000000300)='U', 0x1, 0x0) ioctl$PERF_EVENT_IOC_ID(r3, 0x80082407, &(0x7f0000000040)) ioctl$EVIOCSREP(r2, 0x40084503, &(0x7f00000002c0)=[0x5000000, 0x7fffffff]) ioctl$SCSI_IOCTL_STOP_UNIT(r2, 0x6) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(r5, 0x84, 0x15, &(0x7f0000000100)={0x1}, 0x1) ioctl(r5, 0x4, &(0x7f0000000080)="61b7d1a36e5405000000000000006feec9e43b64a34823e3932c99") getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000240)=0x6) r6 = shmget$private(0x0, 0x2000, 0x1000, &(0x7f0000ffc000/0x2000)=nil) shmat(r6, &(0x7f0000ffb000/0x4000)=nil, 0x2000) r7 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r7, 0x8912, &(0x7f00000005c0)="0a5cc80700315f85714070") shmctl$SHM_LOCK(r6, 0xb) 07:53:35 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1c0, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:35 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000000000000000200"}, 0x2c) 07:53:35 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) pipe(&(0x7f0000000000)) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) [ 2251.197800] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2251.217314] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2251.226137] [28783] 0 28783 17585 8732 126976 0 0 syz-executor0 [ 2251.235075] Memory cgroup out of memory: Kill process 28783 (syz-executor0) score 1752600 or sacrifice child [ 2251.245141] Killed process 28783 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:35 executing program 6: r0 = syz_open_dev$binder(&(0x7f0000008ff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f0000000080)="025cc80700145f8f764070") r2 = syz_open_dev$binder(&(0x7f000000fff3)='/dev/binder#\x00', 0xffffffffffffffff, 0x0) poll(&(0x7f00000000c0)=[{r0}], 0x1, 0x40) r3 = socket(0x7, 0x3, 0x1) r4 = dup2(r2, r0) ioctl$PPPIOCGMRU(r3, 0x80047453, &(0x7f0000000000)) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000440), 0x0, 0x0, &(0x7f0000000040)}) 07:53:35 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xde4, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2251.428435] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2251.439651] syz-executor0 cpuset=/ mems_allowed=0 [ 2251.444598] CPU: 0 PID: 28837 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2251.451967] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2251.461346] Call Trace: [ 2251.463945] dump_stack+0x1c9/0x2b4 [ 2251.467585] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2251.472787] ? trace_hardirqs_on+0x10/0x10 [ 2251.477029] dump_header+0x27b/0xf64 [ 2251.480764] ? pagefault_out_of_memory+0x197/0x197 [ 2251.485704] ? __lock_acquire+0x7fc/0x5020 [ 2251.489947] ? print_usage_bug+0xc0/0xc0 [ 2251.494020] ? graph_lock+0x170/0x170 [ 2251.497830] ? print_usage_bug+0xc0/0xc0 [ 2251.501905] ? trace_hardirqs_on+0x10/0x10 [ 2251.506162] ? print_usage_bug+0xc0/0xc0 [ 2251.510239] ? lock_downgrade+0x8f0/0x8f0 [ 2251.514405] ? mark_held_locks+0xc9/0x160 [ 2251.518558] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2251.523150] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2251.528272] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2251.533294] ? trace_hardirqs_on+0xd/0x10 [ 2251.537477] ? ___ratelimit+0xaa/0x655 [ 2251.541373] ? idr_get_free+0x10c0/0x10c0 [ 2251.545530] ? kasan_check_write+0x14/0x20 [ 2251.549773] ? do_raw_spin_lock+0xc1/0x200 [ 2251.554018] oom_kill_process.cold.25+0x10/0x10bc [ 2251.558880] ? oom_evaluate_task+0x540/0x540 [ 2251.563297] ? find_held_lock+0x36/0x1c0 [ 2251.567375] ? lock_downgrade+0x8f0/0x8f0 [ 2251.571537] ? kasan_check_read+0x11/0x20 [ 2251.575695] ? rcu_is_watching+0x8c/0x150 [ 2251.579848] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2251.584629] ? oom_badness+0xb00/0xb00 [ 2251.588528] ? rcu_read_unlock+0x35/0x70 [ 2251.592597] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2251.596868] ? css_task_iter_end+0x2ce/0x490 [ 2251.601286] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2251.606052] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2251.611077] ? trace_hardirqs_on+0xd/0x10 [ 2251.615235] ? _raw_spin_unlock_irq+0x27/0x70 [ 2251.619736] ? oom_badness+0xb00/0xb00 [ 2251.623640] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2251.628406] ? mem_cgroup_iter_break+0x30/0x30 [ 2251.633012] out_of_memory+0xa8a/0x14d0 [ 2251.637002] ? oom_killer_disable+0x3a0/0x3a0 [ 2251.641514] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2251.646541] ? trace_hardirqs_on+0xd/0x10 [ 2251.650710] mem_cgroup_out_of_memory+0x15e/0x210 [ 2251.655574] ? memcg_memory_event+0x40/0x40 [ 2251.659915] ? _raw_spin_unlock+0x22/0x30 [ 2251.664076] mem_cgroup_oom_synchronize+0x713/0x940 [ 2251.669103] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2251.674575] ? memcg_event_wake+0x450/0x450 [ 2251.678938] pagefault_out_of_memory+0xc8/0x197 [ 2251.683623] ? out_of_memory+0x14d0/0x14d0 [ 2251.687878] ? __handle_mm_fault+0x4460/0x4460 [ 2251.692472] mm_fault_error+0x1de/0x380 [ 2251.696463] __do_page_fault+0xd25/0xe50 [ 2251.700543] ? mm_fault_error+0x380/0x380 [ 2251.704705] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2251.710251] ? __x64_sys_clock_gettime+0x170/0x250 [ 2251.715193] ? __ia32_sys_clock_settime+0x290/0x290 [ 2251.720227] do_page_fault+0xf6/0x8c0 [ 2251.724041] ? vmalloc_sync_all+0x30/0x30 [ 2251.728204] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2251.733754] ? do_syscall_64+0x497/0x820 [ 2251.737827] ? syscall_slow_exit_work+0x500/0x500 [ 2251.742679] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2251.747661] ? syscall_return_slowpath+0x31d/0x5e0 [ 2251.752613] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2251.757989] ? page_fault+0x8/0x30 [ 2251.761540] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2251.766486] ? page_fault+0x8/0x30 [ 2251.770043] page_fault+0x1e/0x30 [ 2251.773498] RIP: 0033:0x40e33f [ 2251.776683] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2251.796041] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2251.801424] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2251.808709] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2251.815992] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 07:53:35 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3580]}}, 0x1c) 07:53:35 executing program 5: r0 = socket$inet6(0xa, 0x81000000800002, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000100)=0x41a}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") ioctl$sock_netdev_private(r1, 0x40005504, &(0x7f00000002c0)) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000000)=""/95) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x10000, 0x0) futimesat(r2, &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)={{0x77359400}, {0x77359400}}) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000180)={0x0, 0x1, 0xfffffffffffffff9}, 0x8) 07:53:35 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0xfe, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:35 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0xad, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:35 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000000000000000100"}, 0x2c) 07:53:35 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000001100"}, 0x2c) 07:53:35 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000200"}, 0x2c) 07:53:35 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\t\x00'}, 0x2c) 07:53:35 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00t\x00'}, 0x2c) 07:53:35 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\t\x00'}, 0x2c) 07:53:35 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00h\x00'}, 0x2c) 07:53:35 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00h\x00'}, 0x2c) 07:53:35 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x1e, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2251.823294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2251.830577] R13: 00007ff4a0756700 R14: 0000000000000001 R15: 0000000000000001 [ 2251.838788] Task in /ile0 killed as a result of limit of /ile0 [ 2251.844859] memory: usage 24kB, limit 20kB, failcnt 10345 [ 2251.850476] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2251.857285] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2251.863495] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2251.883554] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2251.892467] [28837] 0 28837 17618 8732 126976 0 0 syz-executor0 [ 2251.901382] Memory cgroup out of memory: Kill process 28837 (syz-executor0) score 1752600 or sacrifice child [ 2251.911447] Killed process 28837 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:36 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) mmap(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x50, r1, 0x0) unshare(0x4000000) 07:53:36 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1c1, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:36 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xdec, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2251.924241] oom_reaper: reaped process 28837 (syz-executor0), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB 07:53:36 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffca88]}}, 0x1c) 07:53:36 executing program 6: r0 = syz_open_dev$ndb(&(0x7f0000000000)='/dev/nbd#\x00', 0xffffffffffffffff, 0x0) getsockopt$inet_mreq(r0, 0x0, 0x20, &(0x7f0000000100)={@rand_addr, @multicast1}, &(0x7f0000000140)=0x8) ioctl$BLKTRACETEARDOWN(r0, 0x301, 0x0) io_setup(0x1000, &(0x7f0000000280)=0x0) io_pgetevents(r1, 0x200, 0x2, &(0x7f0000000080)=[{}, {}], &(0x7f00000000c0), 0x0) 07:53:36 executing program 5: r0 = socket$inet6(0xa, 0x81000000800002, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000100)=0x41a}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") ioctl$sock_netdev_private(r1, 0x40005504, &(0x7f00000002c0)) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000000)=""/95) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x10000, 0x0) futimesat(r2, &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)={{0x77359400}, {0x77359400}}) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000180)={0x0, 0x1, 0xfffffffffffffff9}, 0x8) 07:53:36 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00c\x00'}, 0x2c) 07:53:36 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xc1c, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2252.053267] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2252.064421] syz-executor0 cpuset=/ mems_allowed=0 [ 2252.069353] CPU: 1 PID: 28909 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2252.076722] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2252.086088] Call Trace: [ 2252.088695] dump_stack+0x1c9/0x2b4 [ 2252.092344] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2252.097557] ? trace_hardirqs_on+0x10/0x10 07:53:36 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000500"}, 0x2c) [ 2252.101811] dump_header+0x27b/0xf64 [ 2252.105550] ? pagefault_out_of_memory+0x197/0x197 [ 2252.110497] ? __lock_acquire+0x7fc/0x5020 [ 2252.114752] ? print_usage_bug+0xc0/0xc0 [ 2252.118836] ? graph_lock+0x170/0x170 [ 2252.122647] ? print_usage_bug+0xc0/0xc0 [ 2252.126723] ? trace_hardirqs_on+0x10/0x10 [ 2252.130978] ? print_usage_bug+0xc0/0xc0 [ 2252.135060] ? lock_downgrade+0x8f0/0x8f0 [ 2252.139232] ? mark_held_locks+0xc9/0x160 [ 2252.143389] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2252.147984] ? _raw_spin_unlock_irqrestore+0x74/0xc0 07:53:36 executing program 5: r0 = socket$inet6(0xa, 0x81000000800002, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000100)=0x41a}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") ioctl$sock_netdev_private(r1, 0x40005504, &(0x7f00000002c0)) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000000)=""/95) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x10000, 0x0) futimesat(r2, &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)={{0x77359400}, {0x77359400}}) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000180)={0x0, 0x1, 0xfffffffffffffff9}, 0x8) [ 2252.153100] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2252.158123] ? trace_hardirqs_on+0xd/0x10 [ 2252.162789] ? ___ratelimit+0xaa/0x655 [ 2252.166796] ? idr_get_free+0x10c0/0x10c0 [ 2252.170954] ? kasan_check_write+0x14/0x20 [ 2252.175198] ? do_raw_spin_lock+0xc1/0x200 [ 2252.179452] oom_kill_process.cold.25+0x10/0x10bc [ 2252.184313] ? oom_evaluate_task+0x540/0x540 [ 2252.188736] ? find_held_lock+0x36/0x1c0 [ 2252.192822] ? lock_downgrade+0x8f0/0x8f0 [ 2252.196983] ? kasan_check_read+0x11/0x20 07:53:36 executing program 5: r0 = socket$inet6(0xa, 0x81000000800002, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000100)=0x41a}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") ioctl$sock_netdev_private(r1, 0x40005504, &(0x7f00000002c0)) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000000)=""/95) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x10000, 0x0) futimesat(r2, &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)={{0x77359400}, {0x77359400}}) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r0, 0x84, 0x79, &(0x7f0000000180)={0x0, 0x1, 0xfffffffffffffff9}, 0x8) [ 2252.201139] ? rcu_is_watching+0x8c/0x150 [ 2252.205296] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2252.209723] ? oom_badness+0xb00/0xb00 [ 2252.213625] ? rcu_read_unlock+0x35/0x70 [ 2252.217698] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2252.221944] ? css_task_iter_end+0x2ce/0x490 [ 2252.226363] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2252.231127] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2252.236156] ? trace_hardirqs_on+0xd/0x10 [ 2252.240316] ? _raw_spin_unlock_irq+0x27/0x70 [ 2252.244831] ? oom_badness+0xb00/0xb00 [ 2252.248731] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2252.253504] ? mem_cgroup_iter_break+0x30/0x30 [ 2252.258104] out_of_memory+0xa8a/0x14d0 [ 2252.262079] ? oom_killer_disable+0x3a0/0x3a0 [ 2252.266571] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2252.271577] ? trace_hardirqs_on+0xd/0x10 [ 2252.275720] mem_cgroup_out_of_memory+0x15e/0x210 [ 2252.280557] ? memcg_memory_event+0x40/0x40 [ 2252.284872] ? _raw_spin_unlock+0x22/0x30 [ 2252.289016] mem_cgroup_oom_synchronize+0x713/0x940 [ 2252.294031] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2252.299472] ? memcg_event_wake+0x450/0x450 [ 2252.303789] pagefault_out_of_memory+0xc8/0x197 [ 2252.308445] ? out_of_memory+0x14d0/0x14d0 [ 2252.312671] ? __handle_mm_fault+0x4460/0x4460 [ 2252.317240] mm_fault_error+0x1de/0x380 [ 2252.321206] __do_page_fault+0xd25/0xe50 [ 2252.325257] ? mm_fault_error+0x380/0x380 [ 2252.329391] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2252.334929] ? __x64_sys_clock_gettime+0x170/0x250 [ 2252.339850] ? __ia32_sys_clock_settime+0x290/0x290 [ 2252.344859] do_page_fault+0xf6/0x8c0 [ 2252.348662] ? vmalloc_sync_all+0x30/0x30 [ 2252.352820] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2252.358344] ? do_syscall_64+0x497/0x820 [ 2252.362391] ? syscall_slow_exit_work+0x500/0x500 [ 2252.367224] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2252.372141] ? syscall_return_slowpath+0x31d/0x5e0 [ 2252.377160] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2252.382515] ? page_fault+0x8/0x30 [ 2252.386051] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2252.390885] ? page_fault+0x8/0x30 [ 2252.394423] page_fault+0x1e/0x30 [ 2252.397864] RIP: 0033:0x46f8fd [ 2252.401035] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2252.420270] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2252.425622] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2252.432890] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2252.440155] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2252.447413] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 07:53:36 executing program 5: r0 = socket$inet6(0xa, 0x81000000800002, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000100)=0x41a}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") ioctl$sock_netdev_private(r1, 0x40005504, &(0x7f00000002c0)) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000000)=""/95) r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x10000, 0x0) futimesat(r2, &(0x7f0000000140)='./file0\x00', &(0x7f0000000200)={{0x77359400}, {0x77359400}}) [ 2252.454669] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2252.462031] Task in /ile0 killed as a result of limit of /ile0 [ 2252.468088] memory: usage 24kB, limit 20kB, failcnt 10377 [ 2252.473676] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2252.480458] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 07:53:36 executing program 5: r0 = socket$inet6(0xa, 0x81000000800002, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000100)=0x41a}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") ioctl$sock_netdev_private(r1, 0x40005504, &(0x7f00000002c0)) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000000)=""/95) openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x10000, 0x0) 07:53:36 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) shutdown(r0, 0x1) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:36 executing program 5: r0 = socket$inet6(0xa, 0x81000000800002, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000100)=0x41a}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") ioctl$sock_netdev_private(r1, 0x40005504, &(0x7f00000002c0)) ioctl$SNDRV_CTL_IOCTL_PCM_NEXT_DEVICE(r1, 0x80045530, &(0x7f0000000000)=""/95) [ 2252.486918] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2252.506444] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2252.515890] [28909] 0 28909 17585 8732 126976 0 0 syz-executor0 [ 2252.524792] Memory cgroup out of memory: Kill process 28909 (syz-executor0) score 1752600 or sacrifice child [ 2252.534854] Killed process 28909 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:36 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x17b, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:36 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xdd0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:36 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='/dev/kvm\x00'}, 0x10) write$P9_RXATTRWALK(r1, &(0x7f0000000100)={0xf, 0x1f, 0x2, 0x7}, 0xf) ioctl(r0, 0x8912, &(0x7f0000000040)="025cc83d8b345f8f762070") r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380)='/dev/kvm\x00', 0x0, 0x0) r3 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/rtc0\x00', 0x0, 0x0) ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r1, 0x111, 0x3, 0x0, 0x4) getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000140)={0x0, 0x5}, &(0x7f0000000240)=0xfffffffffffffdee) setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f00000001c0)={0x9, 0x2, 0xe0000000000000, 0x3bf, r4}, 0x10) 07:53:36 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00`\x00'}, 0x2c) [ 2252.682302] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2252.693271] syz-executor0 cpuset=/ mems_allowed=0 [ 2252.698214] CPU: 1 PID: 28945 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2252.705576] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2252.714963] Call Trace: [ 2252.717567] dump_stack+0x1c9/0x2b4 [ 2252.721208] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2252.726414] ? trace_hardirqs_on+0x10/0x10 [ 2252.730662] dump_header+0x27b/0xf64 [ 2252.734397] ? pagefault_out_of_memory+0x197/0x197 [ 2252.739338] ? __lock_acquire+0x7fc/0x5020 [ 2252.743586] ? print_usage_bug+0xc0/0xc0 [ 2252.747661] ? graph_lock+0x170/0x170 [ 2252.751469] ? print_usage_bug+0xc0/0xc0 [ 2252.755541] ? trace_hardirqs_on+0x10/0x10 [ 2252.759789] ? print_usage_bug+0xc0/0xc0 [ 2252.763867] ? lock_downgrade+0x8f0/0x8f0 [ 2252.768036] ? mark_held_locks+0xc9/0x160 [ 2252.772287] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2252.776878] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2252.781997] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2252.787029] ? trace_hardirqs_on+0xd/0x10 [ 2252.791185] ? ___ratelimit+0xaa/0x655 [ 2252.795076] ? idr_get_free+0x10c0/0x10c0 [ 2252.799244] ? kasan_check_write+0x14/0x20 [ 2252.803487] ? do_raw_spin_lock+0xc1/0x200 [ 2252.807715] oom_kill_process.cold.25+0x10/0x10bc [ 2252.812557] ? oom_evaluate_task+0x540/0x540 [ 2252.816954] ? find_held_lock+0x36/0x1c0 [ 2252.821019] ? lock_downgrade+0x8f0/0x8f0 [ 2252.825161] ? kasan_check_read+0x11/0x20 [ 2252.829294] ? rcu_is_watching+0x8c/0x150 [ 2252.833429] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2252.837831] ? oom_badness+0xb00/0xb00 [ 2252.841708] ? rcu_read_unlock+0x35/0x70 [ 2252.845756] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2252.849979] ? css_task_iter_end+0x2ce/0x490 [ 2252.854382] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2252.859135] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2252.864139] ? trace_hardirqs_on+0xd/0x10 [ 2252.868273] ? _raw_spin_unlock_irq+0x27/0x70 [ 2252.872756] ? oom_badness+0xb00/0xb00 [ 2252.876634] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2252.881376] ? mem_cgroup_iter_break+0x30/0x30 [ 2252.885958] out_of_memory+0xa8a/0x14d0 [ 2252.889928] ? oom_killer_disable+0x3a0/0x3a0 [ 2252.894418] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2252.899424] ? trace_hardirqs_on+0xd/0x10 [ 2252.903566] mem_cgroup_out_of_memory+0x15e/0x210 [ 2252.908399] ? memcg_memory_event+0x40/0x40 [ 2252.912713] ? _raw_spin_unlock+0x22/0x30 [ 2252.916864] mem_cgroup_oom_synchronize+0x713/0x940 [ 2252.921869] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2252.927306] ? memcg_event_wake+0x450/0x450 [ 2252.931625] pagefault_out_of_memory+0xc8/0x197 [ 2252.936280] ? out_of_memory+0x14d0/0x14d0 [ 2252.940509] ? __handle_mm_fault+0x4460/0x4460 [ 2252.945083] mm_fault_error+0x1de/0x380 [ 2252.949051] __do_page_fault+0xd25/0xe50 [ 2252.953101] ? mm_fault_error+0x380/0x380 [ 2252.957254] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2252.962779] ? __x64_sys_clock_gettime+0x170/0x250 [ 2252.967700] ? __ia32_sys_clock_settime+0x290/0x290 [ 2252.972797] do_page_fault+0xf6/0x8c0 [ 2252.976599] ? vmalloc_sync_all+0x30/0x30 [ 2252.980737] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2252.986268] ? do_syscall_64+0x497/0x820 [ 2252.990336] ? syscall_slow_exit_work+0x500/0x500 [ 2252.995173] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2253.000092] ? syscall_return_slowpath+0x31d/0x5e0 [ 2253.005020] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2253.010375] ? page_fault+0x8/0x30 [ 2253.013908] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2253.018743] ? page_fault+0x8/0x30 [ 2253.022286] page_fault+0x1e/0x30 [ 2253.025724] RIP: 0033:0x40e33f [ 2253.028896] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2253.048150] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2253.053502] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2253.060771] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2253.068029] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2253.075294] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2253.082548] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2253.090108] Task in /ile0 killed as a result of limit of /ile0 [ 2253.096157] memory: usage 24kB, limit 20kB, failcnt 10397 [ 2253.101747] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2253.108538] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2253.110285] net_ratelimit: 16 callbacks suppressed [ 2253.110292] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2253.114744] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2253.114845] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2253.115095] [28945] 0 28945 17618 8732 126976 0 0 syz-executor0 [ 2253.120833] IPVS: set_ctl: invalid protocol: 0 172.20.20.0:0 [ 2253.134748] Memory cgroup out of memory: Kill process 28945 (syz-executor0) score 1752600 or sacrifice child [ 2253.134801] Killed process 28945 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2253.190567] oom_reaper: reaped process 28945 (syz-executor0), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2253.246866] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:37 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000]}}, 0x1c) 07:53:37 executing program 5: r0 = socket$inet6(0xa, 0x81000000800002, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r1, 0x4018aee3, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000100)=0x41a}) ioctl(r0, 0x8912, &(0x7f0000000280)="025cc80700145f8f764070") ioctl$sock_netdev_private(r1, 0x40005504, &(0x7f00000002c0)) 07:53:37 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1c9, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:37 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0xb5, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:37 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x40, 0x0) ioctl$SCSI_IOCTL_PROBE_HOST(r0, 0x5385, &(0x7f0000000140)) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:37 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00L\x00'}, 0x2c) 07:53:37 executing program 6: futex(&(0x7f0000000040)=0x4, 0x0, 0x4, &(0x7f0000000000)={0x77359400}, &(0x7f0000000080), 0x0) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) 07:53:37 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xb50, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:37 executing program 5: socket$inet6(0xa, 0x81000000800002, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$KVM_HAS_DEVICE_ATTR(r0, 0x4018aee3, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000100)=0x41a}) ioctl$sock_netdev_private(r0, 0x40005504, &(0x7f00000002c0)) [ 2253.346557] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2253.396138] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2253.404406] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2253.407133] syz-executor0 cpuset=/ mems_allowed=0 [ 2253.426783] CPU: 0 PID: 28978 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2253.434145] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2253.443499] Call Trace: [ 2253.446091] dump_stack+0x1c9/0x2b4 [ 2253.449719] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2253.454907] ? trace_hardirqs_on+0x10/0x10 [ 2253.459142] dump_header+0x27b/0xf64 [ 2253.462854] ? pagefault_out_of_memory+0x197/0x197 [ 2253.467774] ? __lock_acquire+0x7fc/0x5020 [ 2253.472007] ? print_usage_bug+0xc0/0xc0 [ 2253.476071] ? graph_lock+0x170/0x170 [ 2253.479879] ? print_usage_bug+0xc0/0xc0 [ 2253.483932] ? trace_hardirqs_on+0x10/0x10 [ 2253.488169] ? print_usage_bug+0xc0/0xc0 [ 2253.492232] ? lock_downgrade+0x8f0/0x8f0 [ 2253.496383] ? mark_held_locks+0xc9/0x160 [ 2253.500521] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2253.505107] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2253.510221] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2253.515232] ? trace_hardirqs_on+0xd/0x10 [ 2253.519374] ? ___ratelimit+0xaa/0x655 [ 2253.523261] ? idr_get_free+0x10c0/0x10c0 [ 2253.527404] ? kasan_check_write+0x14/0x20 [ 2253.531626] ? do_raw_spin_lock+0xc1/0x200 [ 2253.535867] oom_kill_process.cold.25+0x10/0x10bc [ 2253.540712] ? oom_evaluate_task+0x540/0x540 [ 2253.545108] ? find_held_lock+0x36/0x1c0 [ 2253.549180] ? lock_downgrade+0x8f0/0x8f0 [ 2253.553325] ? kasan_check_read+0x11/0x20 [ 2253.557464] ? rcu_is_watching+0x8c/0x150 [ 2253.561611] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2253.566020] ? oom_badness+0xb00/0xb00 [ 2253.569906] ? rcu_read_unlock+0x35/0x70 [ 2253.573956] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2253.578183] ? css_task_iter_end+0x2ce/0x490 [ 2253.582587] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2253.587334] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2253.592340] ? trace_hardirqs_on+0xd/0x10 [ 2253.596476] ? _raw_spin_unlock_irq+0x27/0x70 [ 2253.600961] ? oom_badness+0xb00/0xb00 [ 2253.604838] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2253.609585] ? mem_cgroup_iter_break+0x30/0x30 [ 2253.614174] out_of_memory+0xa8a/0x14d0 [ 2253.618145] ? oom_killer_disable+0x3a0/0x3a0 [ 2253.622634] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2253.627640] ? trace_hardirqs_on+0xd/0x10 [ 2253.631785] mem_cgroup_out_of_memory+0x15e/0x210 [ 2253.636622] ? memcg_memory_event+0x40/0x40 [ 2253.640952] ? _raw_spin_unlock+0x22/0x30 [ 2253.645104] mem_cgroup_oom_synchronize+0x713/0x940 [ 2253.650122] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2253.655562] ? memcg_event_wake+0x450/0x450 [ 2253.659885] pagefault_out_of_memory+0xc8/0x197 [ 2253.664542] ? out_of_memory+0x14d0/0x14d0 [ 2253.668774] ? __handle_mm_fault+0x4460/0x4460 [ 2253.673351] mm_fault_error+0x1de/0x380 [ 2253.677318] __do_page_fault+0xd25/0xe50 [ 2253.681377] ? mm_fault_error+0x380/0x380 [ 2253.685517] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2253.691046] ? __x64_sys_clock_gettime+0x170/0x250 [ 2253.695968] ? __ia32_sys_clock_settime+0x290/0x290 [ 2253.700976] do_page_fault+0xf6/0x8c0 [ 2253.704766] ? vmalloc_sync_all+0x30/0x30 [ 2253.708904] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2253.714529] ? do_syscall_64+0x497/0x820 [ 2253.718582] ? syscall_slow_exit_work+0x500/0x500 [ 2253.723432] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2253.728353] ? syscall_return_slowpath+0x31d/0x5e0 [ 2253.733280] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2253.738636] ? page_fault+0x8/0x30 [ 2253.742178] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2253.747021] ? page_fault+0x8/0x30 [ 2253.750555] page_fault+0x1e/0x30 [ 2253.753996] RIP: 0033:0x46f8fd [ 2253.757177] Code: 54 55 53 48 81 ec 28 21 00 00 8b 8f c0 00 00 00 85 c9 0f 85 4d 01 00 00 c7 87 c0 00 00 00 ff ff ff ff 48 8d 84 24 20 01 00 00 <48> 89 bc 24 00 01 00 00 48 89 fb 41 bd 00 00 00 00 c7 84 24 e0 00 [ 2253.776510] RSP: 002b:0000000000a3d550 EFLAGS: 00010246 [ 2253.781866] RAX: 0000000000a3d670 RBX: 0000000000709f00 RCX: 00000000ffffffff [ 2253.789127] RDX: 0000000000a3fc20 RSI: 00000000004c1f52 RDI: 0000000000709f00 [ 2253.796398] RBP: 0000000000a3fbf0 R08: 0000000000a44bd0 R09: 00000000004c1f52 [ 2253.803664] R10: 0000000002273940 R11: 0000000000000246 R12: 00000000004c1f52 [ 2253.810934] R13: 0000000000a3fc20 R14: 0000000000000003 R15: 0000000000000001 [ 2253.818530] Task in /ile0 killed as a result of limit of /ile0 [ 2253.824650] memory: usage 24kB, limit 20kB, failcnt 10429 [ 2253.830259] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2253.837066] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2253.843294] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2253.862839] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name [ 2253.871688] [28978] 0 28978 17585 8732 126976 0 0 syz-executor0 [ 2253.880661] Memory cgroup out of memory: Kill process 28978 (syz-executor0) score 1752600 or sacrifice child 07:53:38 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e7100000000000000000000048f00"}, 0x2c) 07:53:38 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x1bd, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2253.890752] Killed process 28978 (syz-executor0) total-vm:70340kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB 07:53:38 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xdf0, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:38 executing program 5: socket$inet6(0xa, 0x81000000800002, 0x0) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$sock_netdev_private(r0, 0x40005504, &(0x7f00000002c0)) 07:53:38 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x1, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) getsockopt$inet_sctp6_SCTP_RTOINFO(r0, 0x84, 0x0, &(0x7f0000000000)={0x0, 0x6, 0x55, 0x1}, &(0x7f0000000140)=0x10) setsockopt$inet_sctp6_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000180)={r2, 0x8}, 0x8) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000280)={{{@in6=@loopback, @in=@local}}, {{@in=@rand_addr}, 0x0, @in=@broadcast}}, &(0x7f0000000380)=0xe8) socket$bt_hidp(0x1f, 0x3, 0x6) getsockname$inet(r0, &(0x7f00000003c0)={0x2, 0x0, @multicast1}, &(0x7f0000000400)=0x10) unshare(0x40000000) 07:53:38 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x200013c0, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2253.929902] oom_reaper: reaped process 28978 (syz-executor0), now anon-rss:0kB, file-rss:32000kB, shmem-rss:0kB 07:53:38 executing program 5: socket$inet6(0xa, 0x81000000800002, 0x0) ioctl$sock_netdev_private(0xffffffffffffffff, 0x40005504, &(0x7f00000002c0)) [ 2254.037491] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2254.046226] IPVS: ftp: loaded support on port[0] = 21 07:53:38 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8100000000000000]}}, 0x1c) 07:53:38 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00t\x00'}, 0x2c) 07:53:38 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$sock_netdev_private(r0, 0x40005504, &(0x7f00000002c0)) [ 2254.095207] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:38 executing program 5: openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$sock_netdev_private(0xffffffffffffffff, 0x40005504, &(0x7f00000002c0)) 07:53:38 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xb, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:38 executing program 5: r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$sock_netdev_private(r0, 0x0, &(0x7f00000002c0)) [ 2254.214463] IPVS: ftp: loaded support on port[0] = 21 07:53:38 executing program 6: r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff7ffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, @perf_config_ext, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x3}, 0x0, 0x0, 0xffffffffffffffff, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vga_arbiter\x00', 0x0, 0x0) pread64(r0, &(0x7f0000000000)=""/65, 0x41, 0x0) 07:53:38 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00z\x00'}, 0x2c) 07:53:38 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xc74, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:38 executing program 6: r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-vsock\x00', 0x2, 0x0) ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x0}) r1 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_dgram(r1, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x0}, 0x10) r2 = dup3(r1, r0, 0x400000080000) fallocate(r1, 0x8, 0x3, 0x1) r3 = syz_genetlink_get_family_id$fou(&(0x7f0000000100)='fou\x00') sendmsg$FOU_CMD_DEL(r2, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x14, r3, 0x500, 0x70bd26, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x4008000}, 0x40) shutdown(r1, 0x0) poll(&(0x7f00000000c0)=[{r1}], 0x1, 0x0) [ 2254.358721] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. [ 2254.390129] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:39 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x7ffff000, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:39 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xb44, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:39 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00L\x00'}, 0x2c) [ 2255.592188] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:39 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = open(&(0x7f0000000000)='./file0//ile0\x00', 0xd0d7f, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:39 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x1d, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:39 executing program 6: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000003, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000008f00)={'tunl0\x00'}) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000006000/0x18000)=nil, &(0x7f00000001c0)=[@textreal={0x8, &(0x7f00000000c0)="0f0f1ba00873850f01d1ba4000b8a989ef660f2ac3ba4000b85700eff3cfbad00466b8b200000066ef3e0f38003abaf80c66b8a206ef8766efbafc0cec", 0x3d}], 0xb2b67b7e2b624215, 0x8, &(0x7f0000000200), 0x1000000000000131) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000100)={0x6, 0x8001}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000000)=[@textreal={0x8, &(0x7f0000000140)="65d9f3ba2000b0e1eed9ff66b8c4b800000f23c00f21f86635000005000f23f80f01d1baf80c66b8a322e48266efbafc0cb09dee6726670f32670fb2aec1cb0000ff22c02200", 0x46}], 0x1, 0x0, &(0x7f00000000c0), 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 07:53:39 executing program 5 (fault-call:1 fault-nth:0): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$sock_netdev_private(r0, 0x40005504, &(0x7f00000002c0)) 07:53:39 executing program 4: r0 = socket$packet(0x11, 0x1000000003, 0x300) setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000040)=0x4006, 0x4) r1 = fcntl$dupfd(r0, 0x0, r0) sendto$inet6(r1, &(0x7f0000000000)="440180d000f29901000000000000", 0xe, 0x0, &(0x7f0000000440)={0xa, 0x0, 0x20000000010, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x88640000]}}, 0x1c) 07:53:39 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00\x00\x00 \x00'}, 0x2c) [ 2255.657687] A link change request failed with some changes committed already. Interface wlan0 may have been left with an inconsistent configuration, please check. 07:53:39 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xbe4, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) [ 2255.749764] FAULT_INJECTION: forcing a failure. [ 2255.749764] name failslab, interval 1, probability 0, space 0, times 0 [ 2255.761696] CPU: 0 PID: 29081 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2255.769106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2255.778475] Call Trace: [ 2255.781086] dump_stack+0x1c9/0x2b4 [ 2255.784744] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2255.789961] should_fail.cold.4+0xa/0x1a [ 2255.794048] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2255.801169] ? graph_lock+0x170/0x170 [ 2255.805059] ? find_held_lock+0x36/0x1c0 [ 2255.809120] ? __lock_is_held+0xb5/0x140 [ 2255.813186] ? check_same_owner+0x340/0x340 [ 2255.817503] ? _parse_integer+0x13b/0x190 [ 2255.821640] ? rcu_note_context_switch+0x730/0x730 [ 2255.826567] ? graph_lock+0x170/0x170 [ 2255.830359] __should_failslab+0x124/0x180 [ 2255.834588] should_failslab+0x9/0x14 [ 2255.838377] kmem_cache_alloc_trace+0x2cb/0x780 [ 2255.843036] ? find_held_lock+0x36/0x1c0 [ 2255.847092] input_allocate_device+0xaf/0x370 [ 2255.851579] ? input_devices_seq_start+0x110/0x110 [ 2255.856509] uinput_ioctl_handler.isra.10+0xee7/0x2540 [ 2255.861781] ? uinput_request_submit.part.9+0x2d0/0x2d0 [ 2255.867132] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2255.871534] ? __fget+0x414/0x670 [ 2255.874985] ? match_held_lock+0x8c1/0x8d0 [ 2255.879214] ? expand_files.part.8+0x9c0/0x9c0 [ 2255.883790] ? kasan_check_write+0x14/0x20 [ 2255.888022] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2255.892946] uinput_ioctl+0x4c/0x60 [ 2255.896564] ? uinput_compat_ioctl+0x90/0x90 [ 2255.900958] do_vfs_ioctl+0x1de/0x1720 [ 2255.904836] ? __lock_is_held+0xb5/0x140 [ 2255.908888] ? ioctl_preallocate+0x300/0x300 [ 2255.913286] ? __fget_light+0x2f7/0x440 [ 2255.917286] ? fget_raw+0x20/0x20 [ 2255.920728] ? __sb_end_write+0xac/0xe0 [ 2255.924696] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2255.930222] ? fput+0x130/0x1a0 [ 2255.933499] ? ksys_write+0x1ae/0x260 [ 2255.937288] ? security_file_ioctl+0x94/0xc0 [ 2255.941684] ksys_ioctl+0xa9/0xd0 [ 2255.945128] __x64_sys_ioctl+0x73/0xb0 [ 2255.949023] do_syscall_64+0x1b9/0x820 [ 2255.952901] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2255.957818] ? syscall_return_slowpath+0x31d/0x5e0 [ 2255.962749] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2255.968106] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2255.972954] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2255.978133] RIP: 0033:0x456b29 [ 2255.981306] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 07:53:40 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00z\x00'}, 0x2c) [ 2256.000556] RSP: 002b:00007f1884dd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2256.008269] RAX: ffffffffffffffda RBX: 00007f1884dd36d4 RCX: 0000000000456b29 [ 2256.015542] RDX: 00000000200002c0 RSI: 0000000040005504 RDI: 0000000000000013 [ 2256.022797] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000 [ 2256.030064] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 2256.037319] R13: 00000000004d14a8 R14: 00000000004c6f0f R15: 0000000000000000 07:53:40 executing program 5 (fault-call:1 fault-nth:1): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$sock_netdev_private(r0, 0x40005504, &(0x7f00000002c0)) 07:53:40 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f0000000000)='./file0//ile0\x00', &(0x7f0000000080)='./file1\x00', &(0x7f0000000280)="6e66613400e96865e1e62c2ed787ab527759d5410c37ac6c5a62de9979dd5b4c4c5243d82974a379d3065a444d3bd06c8f9aded4804a9a3e92d961576d5edf908ebc0e646a4aee3573b6fc15158ccfb6747dcb0ba5edbe99f7855f8273dbe482f9531da56580ab8e3330af6c3fa49e2af80b6184db85081826fa037137cc88d8ec3939b6150a5c63b85436b6000dfb94e0dfbc5c7beb06fc8817c3cb9a884bb901a5386aa0a39d7990977d318087e6ab58093c1652c0aa74b8e5002ba1ffab90100b0b8076078a5d3fe6f53bcde7867538023c4d4436c5ede137634fcd0685b949f3febada530966e31d74ac1121321b49cc22fa56b45a6bf133fadde97847032ad18b86d8ed2a84cdab08d5e6e912cca37a44a9c3495c4053fa4bf80601aa726b91ac3cad4df6df1a940bd1ff8bd8b3e6cfce69db1f6afb29fbfaa6377cb5607f2c6eb9c73db4236d6dd60264ecc10d534bca0ded96b8768b09a9c83cf6657a82", 0x0, 0x0) r0 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) r1 = openat$cgroup_procs(r0, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r1, &(0x7f0000000100), 0x12) unshare(0x4000000) 07:53:40 executing program 0: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) mount(&(0x7f00000000c0)='./file0//ile0\x00', &(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) r0 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_inet_SIOCSIFDSTADDR(r0, 0x8918, &(0x7f0000000280)={'team0\x00', {0x2, 0x4e22, @multicast1}}) r1 = open(&(0x7f0000000040)='./file0//ile0\x00', 0x0, 0x0) getsockopt$inet_mreq(r1, 0x0, 0x20, &(0x7f0000000140)={@multicast1, @broadcast}, &(0x7f0000000180)=0x8) r2 = openat$cgroup_procs(r1, &(0x7f0000000240)='cgroup.procs\x00', 0x2, 0x0) write$cgroup_pid(r2, &(0x7f0000000100), 0x12) connect$pppoe(r1, &(0x7f0000000000)={0x18, 0x0, {0x0, @local, 'vlan0\x00'}}, 0x1e) unshare(0x4004000000) [ 2256.206886] FAULT_INJECTION: forcing a failure. [ 2256.206886] name failslab, interval 1, probability 0, space 0, times 0 [ 2256.218273] CPU: 0 PID: 29107 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2256.225647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2256.235033] Call Trace: [ 2256.237636] dump_stack+0x1c9/0x2b4 [ 2256.241283] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2256.246499] should_fail.cold.4+0xa/0x1a [ 2256.248151] syz-executor0 invoked oom-killer: gfp_mask=0x6000c0(GFP_KERNEL), nodemask=(null), order=0, oom_score_adj=0 [ 2256.250571] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2256.250606] ? lock_downgrade+0x8f0/0x8f0 [ 2256.250623] ? lock_downgrade+0x8f0/0x8f0 [ 2256.261472] syz-executor0 cpuset= [ 2256.266556] ? graph_lock+0x170/0x170 [ 2256.266577] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2256.266597] ? find_held_lock+0x36/0x1c0 [ 2256.270740] / [ 2256.274869] ? __lock_is_held+0xb5/0x140 [ 2256.274895] ? check_same_owner+0x340/0x340 [ 2256.274912] ? rcu_note_context_switch+0x730/0x730 [ 2256.278580] mems_allowed=0 [ 2256.282353] __should_failslab+0x124/0x180 [ 2256.282374] should_failslab+0x9/0x14 [ 2256.317792] __kmalloc_track_caller+0x2c4/0x760 [ 2256.322455] ? pointer+0x950/0x950 [ 2256.325995] ? async_suspend_noirq+0x110/0x110 [ 2256.331104] ? kvasprintf_const+0x67/0x190 [ 2256.335339] kvasprintf+0xb1/0x140 [ 2256.338880] ? bust_spinlocks+0xe0/0xe0 [ 2256.342858] kvasprintf_const+0x67/0x190 [ 2256.346920] kobject_set_name_vargs+0x5b/0x150 [ 2256.351503] dev_set_name+0xad/0xe0 [ 2256.355140] ? device_initialize+0x5f0/0x5f0 [ 2256.359551] ? input_allocate_device+0x276/0x370 [ 2256.364305] input_allocate_device+0x298/0x370 [ 2256.368885] ? input_devices_seq_start+0x110/0x110 [ 2256.373842] uinput_ioctl_handler.isra.10+0xee7/0x2540 [ 2256.379121] ? uinput_request_submit.part.9+0x2d0/0x2d0 [ 2256.384482] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2256.388896] ? __fget+0x414/0x670 [ 2256.392359] ? match_held_lock+0x8c1/0x8d0 [ 2256.396590] ? expand_files.part.8+0x9c0/0x9c0 [ 2256.401169] ? kasan_check_write+0x14/0x20 [ 2256.405407] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2256.410339] uinput_ioctl+0x4c/0x60 [ 2256.413966] ? uinput_compat_ioctl+0x90/0x90 [ 2256.418372] do_vfs_ioctl+0x1de/0x1720 [ 2256.422259] ? __lock_is_held+0xb5/0x140 [ 2256.426316] ? ioctl_preallocate+0x300/0x300 [ 2256.430721] ? __fget_light+0x2f7/0x440 [ 2256.434697] ? fget_raw+0x20/0x20 [ 2256.438164] ? __sb_end_write+0xac/0xe0 [ 2256.442149] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2256.447687] ? fput+0x130/0x1a0 [ 2256.450965] ? ksys_write+0x1ae/0x260 [ 2256.454767] ? security_file_ioctl+0x94/0xc0 [ 2256.459172] ksys_ioctl+0xa9/0xd0 [ 2256.462641] __x64_sys_ioctl+0x73/0xb0 [ 2256.466529] do_syscall_64+0x1b9/0x820 [ 2256.470414] ? finish_task_switch+0x1d3/0x870 [ 2256.474908] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2256.479840] ? syscall_return_slowpath+0x31d/0x5e0 [ 2256.484771] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2256.490160] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2256.495016] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2256.500202] RIP: 0033:0x456b29 [ 2256.503382] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2256.522711] RSP: 002b:00007f1884dd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2256.530419] RAX: ffffffffffffffda RBX: 00007f1884dd36d4 RCX: 0000000000456b29 [ 2256.537694] RDX: 00000000200002c0 RSI: 0000000040005504 RDI: 0000000000000013 [ 2256.544961] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000 [ 2256.552223] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 2256.559500] R13: 00000000004d14a8 R14: 00000000004c6f0f R15: 0000000000000001 [ 2256.566785] CPU: 1 PID: 29109 Comm: syz-executor0 Not tainted 4.18.0-rc7+ #177 [ 2256.574182] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2256.583540] Call Trace: [ 2256.586146] dump_stack+0x1c9/0x2b4 [ 2256.589791] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2256.594998] ? trace_hardirqs_on+0x10/0x10 [ 2256.599249] dump_header+0x27b/0xf64 [ 2256.602983] ? pagefault_out_of_memory+0x197/0x197 [ 2256.607928] ? __lock_acquire+0x7fc/0x5020 [ 2256.612179] ? print_usage_bug+0xc0/0xc0 [ 2256.616257] ? graph_lock+0x170/0x170 [ 2256.620075] ? print_usage_bug+0xc0/0xc0 [ 2256.624150] ? trace_hardirqs_on+0x10/0x10 [ 2256.628406] ? print_usage_bug+0xc0/0xc0 [ 2256.632489] ? lock_downgrade+0x8f0/0x8f0 [ 2256.636659] ? mark_held_locks+0xc9/0x160 [ 2256.640819] ? do_raw_spin_trylock+0x1c0/0x1c0 [ 2256.645417] ? _raw_spin_unlock_irqrestore+0x74/0xc0 [ 2256.650540] ? trace_hardirqs_on_caller+0x421/0x5c0 07:53:40 executing program 2: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) close(r1) ioctl$fiemap(r0, 0xc020660b, &(0x7f0000000480)={0xffff, 0xfffffffffffff6e6, 0x3, 0x1, 0x1, [{0x1, 0x8, 0x252f, 0x0, 0x0, 0x4}]}) io_setup(0x8, &(0x7f0000000240)) r2 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x2, 0x2) unlink(&(0x7f0000000440)='./file0\x00') getpeername$packet(0xffffffffffffffff, &(0x7f00000002c0)={0x11, 0x0, 0x0}, &(0x7f0000000300)=0x14) sendmsg$nl_route_sched(r2, &(0x7f0000000400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x88000100}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)=@gettclass={0x24, 0x2a, 0xc00, 0x70bd29, 0x25dfdbfd, {0x0, r3, {0x1, 0x1f}, {0x7, 0xd}, {0xfff3}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x800}, 0x10) removexattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.system.Security\x00') r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000100)={&(0x7f00000000c0), 0xc9c, &(0x7f0000000000)={&(0x7f00000001c0)=@newlink={0x28, 0x10, 0xc362e63b3f31ba5f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 07:53:40 executing program 3: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x7, &(0x7f0000001180), 0x190, &(0x7f00000011c0)}}], 0x249, 0x0) [ 2256.655565] ? trace_hardirqs_on+0xd/0x10 [ 2256.659724] ? ___ratelimit+0xaa/0x655 [ 2256.663619] ? idr_get_free+0x10c0/0x10c0 [ 2256.667777] ? kasan_check_write+0x14/0x20 [ 2256.672018] ? do_raw_spin_lock+0xc1/0x200 [ 2256.676267] oom_kill_process.cold.25+0x10/0x10bc [ 2256.681131] ? oom_evaluate_task+0x540/0x540 [ 2256.685550] ? find_held_lock+0x36/0x1c0 [ 2256.689629] ? lock_downgrade+0x8f0/0x8f0 [ 2256.693792] ? kasan_check_read+0x11/0x20 [ 2256.698476] ? rcu_is_watching+0x8c/0x150 [ 2256.702631] ? rcu_report_qs_rnp+0x7a0/0x7a0 07:53:40 executing program 7: r0 = socket$inet6(0xa, 0x80003, 0xff) connect$inet6(r0, &(0x7f0000000180)={0xa, 0x0, 0x0, @mcast1, 0x4}, 0x1c) sendmmsg(r0, &(0x7f0000001300)=[{{0x0, 0x0, &(0x7f0000001180), 0x198, &(0x7f00000011c0)}}], 0x249, 0x0) 07:53:40 executing program 6: r0 = socket$alg(0x26, 0x5, 0x0) r1 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r1, 0x8912, &(0x7f00000005c0)="0a5cc80700315f85714070") pipe2(&(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}, 0x800) ioctl$KDSKBLED(r2, 0x4b65, 0x1) getsockopt$sock_int(r0, 0x1, 0x28, &(0x7f0000000040), &(0x7f0000000100)=0x4) [ 2256.707060] ? oom_badness+0xb00/0xb00 [ 2256.710960] ? rcu_read_unlock+0x35/0x70 [ 2256.715028] ? mem_cgroup_iter+0x4bf/0x9e0 [ 2256.719290] ? css_task_iter_end+0x2ce/0x490 [ 2256.723702] ? mem_cgroup_nr_lru_pages+0x80/0x80 [ 2256.728464] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2256.733495] ? trace_hardirqs_on+0xd/0x10 [ 2256.737663] ? _raw_spin_unlock_irq+0x27/0x70 [ 2256.742166] ? oom_badness+0xb00/0xb00 [ 2256.746069] ? mem_cgroup_scan_tasks+0x1c3/0x1e0 [ 2256.750839] ? mem_cgroup_iter_break+0x30/0x30 [ 2256.755449] out_of_memory+0xa8a/0x14d0 07:53:40 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, 'nq\x00\x00\x00\x00\x00l\x00'}, 0x2c) [ 2256.759437] ? oom_killer_disable+0x3a0/0x3a0 [ 2256.763948] ? trace_hardirqs_on_caller+0x421/0x5c0 [ 2256.768978] ? trace_hardirqs_on+0xd/0x10 [ 2256.773142] mem_cgroup_out_of_memory+0x15e/0x210 [ 2256.777998] ? memcg_memory_event+0x40/0x40 [ 2256.782335] ? _raw_spin_unlock+0x22/0x30 [ 2256.786501] mem_cgroup_oom_synchronize+0x713/0x940 [ 2256.791528] ? mem_cgroup_select_victim_node+0x4a0/0x4a0 [ 2256.796989] ? memcg_event_wake+0x450/0x450 [ 2256.801334] pagefault_out_of_memory+0xc8/0x197 07:53:40 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070") socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x80, 0x0) r2 = socket$inet6(0xa, 0x1000000000002, 0x0) r3 = memfd_create(&(0x7f0000000140)="2b8b8a16114fdd02759b9461ac0000000000000000000000", 0x3) write$binfmt_misc(r3, &(0x7f0000000c40)=ANY=[@ANYRES32], 0xff67) sendfile(r1, r3, &(0x7f0000000000), 0xffff) fcntl$addseals(r3, 0x409, 0x2) fchown(r3, 0x0, 0x0) r4 = dup3(r2, r3, 0x0) shutdown(r1, 0x1) ioctl$BLKROGET(r4, 0x125e, &(0x7f0000000040)) [ 2256.806016] ? out_of_memory+0x14d0/0x14d0 [ 2256.810268] ? __handle_mm_fault+0x4460/0x4460 [ 2256.814859] mm_fault_error+0x1de/0x380 [ 2256.818847] __do_page_fault+0xd25/0xe50 [ 2256.822924] ? mm_fault_error+0x380/0x380 [ 2256.827104] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 2256.832654] ? __x64_sys_clock_gettime+0x170/0x250 [ 2256.837606] ? __ia32_sys_clock_settime+0x290/0x290 [ 2256.842633] do_page_fault+0xf6/0x8c0 [ 2256.846444] ? vmalloc_sync_all+0x30/0x30 [ 2256.850601] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 07:53:40 executing program 1: mmap(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x200000c, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IP_VS_SO_SET_ZERO(r0, 0x0, 0x48f, &(0x7f0000000040)={0x0, @dev, 0x0, 0x0, "6e71000000000300"}, 0x2c) 07:53:41 executing program 5 (fault-call:1 fault-nth:2): r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0) ioctl$sock_netdev_private(r0, 0x40005504, &(0x7f00000002c0)) [ 2256.856150] ? do_syscall_64+0x497/0x820 [ 2256.860220] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2256.865160] ? syscall_return_slowpath+0x31d/0x5e0 [ 2256.870100] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2256.875465] ? page_fault+0x8/0x30 [ 2256.879015] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2256.883891] ? page_fault+0x8/0x30 [ 2256.887440] page_fault+0x1e/0x30 [ 2256.890896] RIP: 0033:0x40e33f [ 2256.894084] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 2256.913608] RSP: 002b:0000000000a3fc20 EFLAGS: 00010206 [ 2256.918992] RAX: 00007ff4a0736000 RBX: 0000000000020000 RCX: 0000000000456b7a [ 2256.926273] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 2256.933553] RBP: 0000000000a3fd00 R08: ffffffffffffffff R09: 0000000000000000 [ 2256.940831] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000a3fdf0 [ 2256.948114] R13: 00007ff4a0756700 R14: 0000000000000003 R15: 0000000000000001 [ 2256.955696] Task in /ile0 killed as a result of limit of /ile0 [ 2256.961738] memory: usage 20kB, limit 20kB, failcnt 10437 [ 2256.967328] memory+swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2256.974118] kmem: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 2256.980319] Memory cgroup stats for /ile0: cache:0KB rss:0KB rss_huge:0KB shmem:0KB mapped_file:0KB dirty:0KB writeback:0KB swap:0KB inactive_anon:0KB active_anon:0KB inactive_file:0KB active_file:0KB unevictable:0KB [ 2256.999856] [ pid ] uid tgid total_vm rss pgtables_bytes swapents oom_score_adj name 07:53:41 executing program 6: r0 = socket$inet6(0xa, 0x1000000000002, 0x0) ioctl(r0, 0x8912, &(0x7f0000000280)="0a5cc80700315f85714070") r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) r4 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x40, 0x0) ioctl$KDGKBMODE(r4, 0x4b44, &(0x7f0000000200)) setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r4, 0x84, 0x13, &(0x7f00000001c0)=0x2, 0x4) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f00000002c0)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000001000/0x2000)=nil}) ioctl$KVM_NMI(r3, 0xae9a) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000001000/0x18000)=nil, &(0x7f0000000e00)=[@textreal={0x8, &(0x7f0000000100)="66b8000000800f23d80f21f86635400000d00f23f80f20d86635080000000f22d83e0f01c8d20d66b9910900000f320f35baf80c66b82a5d888766efbafc0cb816afef0fae830d5c0f060fc71e643d", 0x4f}], 0x1, 0x0, &(0x7f0000000080)=[@cr4={0x1, 0x48}], 0x1) ioctl$KVM_RUN(r3, 0xae80, 0x0) getsockopt(r0, 0xf, 0x6, &(0x7f0000000040)=""/42, &(0x7f00000000c0)=0x2a) write$binfmt_elf32(0xffffffffffffffff, &(0x7f0000003080)=ANY=[], 0x0) [ 2257.008722] [29109] 0 29109 17618 8732 126976 0 0 syz-executor0 [ 2257.017662] Memory cgroup out of memory: Kill process 29109 (syz-executor0) score 1752600 or sacrifice child [ 2257.027734] Killed process 29109 (syz-executor0) total-vm:70472kB, anon-rss:2160kB, file-rss:32768kB, shmem-rss:0kB [ 2257.042269] oom_reaper: reaped process 29109 (syz-executor0), now anon-rss:0kB, file-rss:32780kB, shmem-rss:0kB [ 2257.067842] FAULT_INJECTION: forcing a failure. [ 2257.067842] name failslab, interval 1, probability 0, space 0, times 0 [ 2257.079251] CPU: 1 PID: 29147 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2257.086616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2257.095980] Call Trace: [ 2257.098587] dump_stack+0x1c9/0x2b4 [ 2257.102241] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2257.107459] should_fail.cold.4+0xa/0x1a [ 2257.111651] ? fault_create_debugfs_attr+0x1f0/0x1f0 [ 2257.116778] ? pointer+0x950/0x950 [ 2257.120337] ? graph_lock+0x170/0x170 [ 2257.124145] ? graph_lock+0x170/0x170 [ 2257.127954] ? __lock_is_held+0xb5/0x140 [ 2257.132019] ? __sanitizer_cov_trace_cmp4+0x16/0x20 [ 2257.137044] ? find_held_lock+0x36/0x1c0 [ 2257.141118] ? __lock_is_held+0xb5/0x140 [ 2257.145196] ? check_same_owner+0x340/0x340 [ 2257.149534] ? rcu_note_context_switch+0x730/0x730 [ 2257.154476] ? lock_release+0xa30/0xa30 [ 2257.158458] __should_failslab+0x124/0x180 [ 2257.162705] should_failslab+0x9/0x14 [ 2257.166508] kmem_cache_alloc_trace+0x2cb/0x780 [ 2257.171214] ? __might_fault+0x1a3/0x1e0 [ 2257.175284] input_alloc_absinfo+0x86/0xf0 [ 2257.179536] uinput_ioctl_handler.isra.10+0x1c4e/0x2540 [ 2257.184921] ? uinput_request_submit.part.9+0x2d0/0x2d0 [ 2257.190274] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2257.194679] ? __fget+0x414/0x670 [ 2257.198126] ? match_held_lock+0x8c1/0x8d0 [ 2257.202347] ? expand_files.part.8+0x9c0/0x9c0 [ 2257.206917] ? kasan_check_write+0x14/0x20 [ 2257.211143] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2257.216070] uinput_ioctl+0x4c/0x60 [ 2257.219699] ? uinput_compat_ioctl+0x90/0x90 [ 2257.224098] do_vfs_ioctl+0x1de/0x1720 [ 2257.227992] ? __lock_is_held+0xb5/0x140 [ 2257.232045] ? ioctl_preallocate+0x300/0x300 [ 2257.236453] ? __fget_light+0x2f7/0x440 [ 2257.240414] ? fget_raw+0x20/0x20 [ 2257.243857] ? __sb_end_write+0xac/0xe0 [ 2257.247840] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2257.253380] ? fput+0x130/0x1a0 [ 2257.256650] ? ksys_write+0x1ae/0x260 [ 2257.260444] ? security_file_ioctl+0x94/0xc0 [ 2257.264840] ksys_ioctl+0xa9/0xd0 [ 2257.268295] __x64_sys_ioctl+0x73/0xb0 [ 2257.272174] do_syscall_64+0x1b9/0x820 [ 2257.276053] ? finish_task_switch+0x1d3/0x870 [ 2257.280538] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2257.285461] ? syscall_return_slowpath+0x31d/0x5e0 [ 2257.290387] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2257.299585] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2257.304438] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2257.309627] RIP: 0033:0x456b29 [ 2257.312804] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2257.332156] RSP: 002b:00007f1884dd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2257.339942] RAX: ffffffffffffffda RBX: 00007f1884dd36d4 RCX: 0000000000456b29 [ 2257.347201] RDX: 00000000200002c0 RSI: 0000000040005504 RDI: 0000000000000013 [ 2257.354458] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000 [ 2257.361730] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 2257.368999] R13: 00000000004d14a8 R14: 00000000004c6f0f R15: 0000000000000002 [ 2257.376505] ------------[ cut here ]------------ [ 2257.381294] input_alloc_absinfo(): kcalloc() failed? [ 2257.386695] WARNING: CPU: 1 PID: 29147 at drivers/input/input.c:487 input_alloc_absinfo+0xc1/0xf0 [ 2257.395727] Kernel panic - not syncing: panic_on_warn set ... [ 2257.395727] [ 2257.403127] CPU: 1 PID: 29147 Comm: syz-executor5 Not tainted 4.18.0-rc7+ #177 [ 2257.410474] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 2257.419813] Call Trace: [ 2257.422398] dump_stack+0x1c9/0x2b4 [ 2257.426026] ? dump_stack_print_info.cold.2+0x52/0x52 [ 2257.431212] panic+0x238/0x4e7 [ 2257.434405] ? add_taint.cold.5+0x16/0x16 [ 2257.438546] ? __warn.cold.8+0x148/0x1ba [ 2257.442604] ? input_alloc_absinfo+0xc1/0xf0 [ 2257.447002] __warn.cold.8+0x163/0x1ba [ 2257.450887] ? input_alloc_absinfo+0xc1/0xf0 [ 2257.455298] report_bug+0x252/0x2d0 [ 2257.458916] do_error_trap+0x1fc/0x4d0 [ 2257.462803] ? math_error+0x3e0/0x3e0 [ 2257.466599] ? vprintk_default+0x28/0x30 [ 2257.470649] ? vprintk_func+0x81/0xe7 [ 2257.474440] ? printk+0xa7/0xcf [ 2257.477723] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2257.482557] do_invalid_op+0x1b/0x20 [ 2257.486261] invalid_op+0x14/0x20 [ 2257.489718] RIP: 0010:input_alloc_absinfo+0xc1/0xf0 [ 2257.494726] Code: 80 3c 11 00 75 38 48 89 83 60 01 00 00 48 85 c0 75 96 e8 f2 dc 13 fd 48 c7 c6 20 4e 5c 87 48 c7 c7 20 48 5c 87 e8 ef f5 de fc <0f> 0b e9 77 ff ff ff 4c 89 e7 e8 20 b9 51 fd e9 60 ff ff ff 4c 89 [ 2257.513974] RSP: 0018:ffff8801bfddfa30 EFLAGS: 00010282 [ 2257.519331] RAX: 0000000000000000 RBX: ffff8801d0a82c80 RCX: ffffc90004e2c000 [ 2257.526596] RDX: 0000000000040000 RSI: ffffffff81632481 RDI: ffff8801bfddf708 [ 2257.533854] RBP: ffff8801bfddfa48 R08: ffff880197114280 R09: 0000000000000006 [ 2257.541112] R10: ffff880197114280 R11: 0000000000000000 R12: ffff8801d0a82de0 [ 2257.548368] R13: ffff8801d0a82de0 R14: ffff8801b2442d88 R15: ffff8801d0a82c80 [ 2257.555653] ? vprintk_func+0x81/0xe7 [ 2257.559468] uinput_ioctl_handler.isra.10+0x1c4e/0x2540 [ 2257.564825] ? uinput_request_submit.part.9+0x2d0/0x2d0 [ 2257.570191] ? rcu_report_qs_rnp+0x7a0/0x7a0 [ 2257.574617] ? __fget+0x414/0x670 [ 2257.578065] ? match_held_lock+0x8c1/0x8d0 [ 2257.582294] ? expand_files.part.8+0x9c0/0x9c0 [ 2257.586878] ? kasan_check_write+0x14/0x20 [ 2257.591276] ? __mutex_unlock_slowpath+0x197/0x8c0 [ 2257.596203] uinput_ioctl+0x4c/0x60 [ 2257.599824] ? uinput_compat_ioctl+0x90/0x90 [ 2257.604222] do_vfs_ioctl+0x1de/0x1720 [ 2257.608102] ? __lock_is_held+0xb5/0x140 [ 2257.612157] ? ioctl_preallocate+0x300/0x300 [ 2257.616555] ? __fget_light+0x2f7/0x440 [ 2257.620525] ? fget_raw+0x20/0x20 [ 2257.623984] ? __sb_end_write+0xac/0xe0 [ 2257.627967] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 2257.633494] ? fput+0x130/0x1a0 [ 2257.636786] ? ksys_write+0x1ae/0x260 [ 2257.640585] ? security_file_ioctl+0x94/0xc0 [ 2257.644995] ksys_ioctl+0xa9/0xd0 [ 2257.648442] __x64_sys_ioctl+0x73/0xb0 [ 2257.652317] do_syscall_64+0x1b9/0x820 [ 2257.656193] ? finish_task_switch+0x1d3/0x870 [ 2257.660683] ? syscall_return_slowpath+0x5e0/0x5e0 [ 2257.665609] ? syscall_return_slowpath+0x31d/0x5e0 [ 2257.670533] ? entry_SYSCALL_64_after_hwframe+0x59/0xbe [ 2257.675900] ? trace_hardirqs_off_thunk+0x1a/0x1c [ 2257.680750] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 2257.686101] RIP: 0033:0x456b29 [ 2257.689275] Code: fd b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 2257.708518] RSP: 002b:00007f1884dd2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 2257.716219] RAX: ffffffffffffffda RBX: 00007f1884dd36d4 RCX: 0000000000456b29 [ 2257.723477] RDX: 00000000200002c0 RSI: 0000000040005504 RDI: 0000000000000013 [ 2257.730746] RBP: 00000000009300a0 R08: 0000000000000000 R09: 0000000000000000 [ 2257.738006] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000014 [ 2257.745275] R13: 00000000004d14a8 R14: 00000000004c6f0f R15: 0000000000000002 [ 2257.753379] Dumping ftrace buffer: [ 2257.757251] (ftrace buffer empty) [ 2257.760949] Kernel Offset: disabled [ 2257.764565] Rebooting in 86400 seconds..