.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1171.699294] Mem-Info: [ 1171.706919] active_anon:1300538 inactive_anon:4314 isolated_anon:0 [ 1171.706919] active_file:1036 inactive_file:1115 isolated_file:70 [ 1171.706919] unevictable:0 dirty:942 writeback:0 unstable:0 [ 1171.706919] slab_reclaimable:16262 slab_unreclaimable:131156 [ 1171.706919] mapped:54381 shmem:4490 pagetables:32562 bounce:0 [ 1171.706919] free:26164 free_pcp:154 free_cma:0 [ 1171.825126] Node 0 active_anon:1890448kB inactive_anon:16140kB active_file:2516kB inactive_file:2492kB unevictable:0kB isolated(anon):0kB isolated(file):300kB mapped:216584kB dirty:1232kB writeback:0kB shmem:16804kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 679936kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1171.892364] Node 1 active_anon:3314404kB inactive_anon:1116kB active_file:1248kB inactive_file:1296kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:2536kB writeback:0kB shmem:1156kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 2048kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1171.927064] Node 0 DMA free:10388kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1171.960188] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1171.965590] Node 0 DMA32 free:40132kB min:36296kB low:45368kB high:54440kB active_anon:1888176kB inactive_anon:16120kB active_file:2280kB inactive_file:2368kB unevictable:0kB writepending:1304kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9248kB pagetables:55440kB bounce:0kB free_pcp:104kB local_pcp:8kB free_cma:0kB [ 1172.002093] lowmem_reserve[]: 0 0 0 0 0 [ 1172.006178] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1172.226164] lowmem_reserve[]: 0 0 0 0 0 [ 1172.248578] Node 1 Normal free:61160kB min:53592kB low:66988kB high:80384kB active_anon:3302752kB inactive_anon:1128kB active_file:1572kB inactive_file:1776kB unevictable:0kB writepending:2528kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:32768kB pagetables:74740kB bounce:0kB free_pcp:412kB local_pcp:332kB free_cma:0kB [ 1172.387204] lowmem_reserve[]: 0 0 0 0 0 [ 1172.399924] Node 0 DMA: 1*4kB (U) 4*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10388kB [ 1172.462601] Node 0 DMA32: 104*4kB (UMEH) 387*8kB (UMH) 194*16kB (UM) 204*32kB (UM) 4*64kB (UME) 3*128kB (ME) 1*256kB (M) 6*512kB (ME) 0*1024kB 4*2048kB (ME) 3*4096kB (M) = 37592kB [ 1172.498430] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1172.540811] Node 1 Normal: 1178*4kB (UMEH) 660*8kB (UMEH) 249*16kB (UMEH) 95*32kB (UMEH) 33*64kB (UM) 26*128kB (UME) 9*256kB (UM) 5*512kB (UM) 3*1024kB (ME) 1*2048kB (E) 7*4096kB (UM) = 61112kB [ 1172.587154] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1172.635782] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1172.648769] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1172.678862] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1172.694738] 6761 total pagecache pages [ 1172.698657] 0 pages in swap cache [ 1172.702100] Swap cache stats: add 0, delete 0, find 0/0 [ 1172.722251] Free swap = 0kB [ 1172.726858] Total swap = 0kB [ 1172.729930] 1965979 pages RAM [ 1172.733078] 0 pages HighMem/MovableOnly [ 1172.782866] 338455 pages reserved [ 1172.832676] 0 pages cma reserved [ 1172.867433] Out of memory: Kill process 20160 (syz-executor.0) score 1007 or sacrifice child 19:21:25 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:25 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:21:25 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:25 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:25 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1174.292019] syz-executor.2 invoked oom-killer: gfp_mask=0x14280ca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=1000 [ 1174.318212] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 1174.364359] CPU: 0 PID: 20275 Comm: syz-executor.2 Not tainted 4.14.182-syzkaller #0 [ 1174.372272] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1174.381624] Call Trace: [ 1174.384206] dump_stack+0x1b2/0x283 [ 1174.387813] dump_header+0x178/0x7aa [ 1174.391518] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1174.396526] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1174.401613] ? ___ratelimit+0x2cd/0x522 [ 1174.405578] oom_kill_process.cold+0x10/0xc16 [ 1174.410071] ? lock_downgrade+0x6e0/0x6e0 [ 1174.414204] out_of_memory+0x2d5/0x10f0 [ 1174.418158] ? oom_killer_disable+0x1c0/0x1c0 [ 1174.422631] ? mutex_trylock+0x152/0x1a0 [ 1174.426672] __alloc_pages_nodemask+0x2556/0x2730 [ 1174.431597] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1174.436420] ? __anon_vma_prepare+0x172/0x370 [ 1174.440900] ? anon_vma_interval_tree_insert+0x20a/0x3c0 [ 1174.446393] alloc_pages_vma+0xc1/0x4b0 [ 1174.450348] do_anonymous_page+0x6cd/0x17d0 [ 1174.454650] ? finish_fault+0x290/0x290 [ 1174.458601] ? trace_hardirqs_on+0x10/0x10 [ 1174.462816] __handle_mm_fault+0x1c49/0x3700 [ 1174.467215] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1174.471956] handle_mm_fault+0x306/0x794 [ 1174.475999] __do_page_fault+0x578/0xb50 [ 1174.480039] ? mm_fault_error+0x2c0/0x2c0 [ 1174.484174] ? do_page_fault+0x60/0x4f2 [ 1174.488128] ? page_fault+0x2f/0x50 [ 1174.491734] page_fault+0x45/0x50 [ 1174.495170] RIP: b348c700:0x8c0 19:21:27 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:21:27 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1174.498439] RSP: 20000:00007ffe569b97d0 EFLAGS: 7ffe569b98d0 [ 1175.170640] Mem-Info: [ 1175.193038] active_anon:1295586 inactive_anon:4313 isolated_anon:281 [ 1175.193038] active_file:797 inactive_file:1975 isolated_file:159 [ 1175.193038] unevictable:0 dirty:978 writeback:0 unstable:0 [ 1175.193038] slab_reclaimable:16314 slab_unreclaimable:131167 [ 1175.193038] mapped:54999 shmem:4489 pagetables:32646 bounce:0 [ 1175.193038] free:28884 free_pcp:701 free_cma:0 [ 1175.543797] Node 0 active_anon:1893712kB inactive_anon:16124kB active_file:3328kB inactive_file:3024kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:216896kB dirty:1484kB writeback:100kB shmem:16784kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 673792kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 19:21:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:27 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:27 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1175.695970] Node 1 active_anon:3300640kB inactive_anon:1128kB active_file:1152kB inactive_file:3408kB unevictable:0kB isolated(anon):236kB isolated(file):0kB mapped:1200kB dirty:2528kB writeback:0kB shmem:1172kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 4096kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1175.828690] Node 0 DMA free:10388kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 19:21:28 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1176.095727] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1176.120732] Node 0 DMA32 free:27272kB min:36296kB low:45368kB high:54440kB active_anon:1898880kB inactive_anon:16124kB active_file:2608kB inactive_file:1628kB unevictable:0kB writepending:1464kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9280kB pagetables:55864kB bounce:0kB free_pcp:1092kB local_pcp:688kB free_cma:0kB [ 1176.281958] lowmem_reserve[]: 0 0 0 0 0 [ 1176.303859] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1176.399184] lowmem_reserve[]: 0 0 0 0 0 [ 1176.419484] Node 1 Normal free:45556kB min:53592kB low:66988kB high:80384kB active_anon:3318828kB inactive_anon:1128kB active_file:1432kB inactive_file:1680kB unevictable:0kB writepending:2544kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33408kB pagetables:75116kB bounce:0kB free_pcp:708kB local_pcp:12kB free_cma:0kB [ 1176.569127] lowmem_reserve[]: 0 0 0 0 0 [ 1176.595488] Node 0 DMA: 1*4kB (U) 4*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10388kB [ 1176.674176] Node 0 DMA32: 160*4kB (UME) 293*8kB (UM) 170*16kB (UME) 282*32kB (UME) 41*64kB (UM) 10*128kB (ME) 4*256kB (ME) 2*512kB (M) 0*1024kB 2*2048kB (ME) 1*4096kB (M) = 28872kB [ 1176.745010] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1176.796899] Node 1 Normal: 1093*4kB (UMEH) 439*8kB (UMEH) 126*16kB (UMEH) 22*32kB (UMEH) 6*64kB (UM) 15*128kB (UME) 6*256kB (UM) 4*512kB (UM) 3*1024kB (ME) 1*2048kB (E) 6*4096kB (UM) = 46188kB [ 1176.870349] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1176.912836] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1176.921568] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1176.984623] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1177.015399] 5741 total pagecache pages [ 1177.019359] 0 pages in swap cache [ 1177.046449] Swap cache stats: add 0, delete 0, find 0/0 [ 1177.051849] Free swap = 0kB [ 1177.069957] Total swap = 0kB [ 1177.073181] 1965979 pages RAM [ 1177.076298] 0 pages HighMem/MovableOnly [ 1177.080264] 338455 pages reserved [ 1177.133462] 0 pages cma reserved [ 1177.136872] Out of memory: Kill process 20274 (syz-executor.3) score 1007 or sacrifice child [ 1177.301161] oom_reaper: reaped process 20275 (syz-executor.2), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1177.590999] syz-executor.5 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1177.642802] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 1177.647958] CPU: 1 PID: 20539 Comm: syz-executor.5 Not tainted 4.14.182-syzkaller #0 [ 1177.655837] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1177.665196] Call Trace: [ 1177.667793] dump_stack+0x1b2/0x283 [ 1177.671532] dump_header+0x178/0x7aa [ 1177.675247] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1177.680265] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1177.685393] ? ___ratelimit+0x2cd/0x522 [ 1177.689366] oom_kill_process.cold+0x10/0xc16 [ 1177.693857] ? lock_acquire+0x170/0x3f0 [ 1177.697825] ? lock_downgrade+0x6e0/0x6e0 [ 1177.701975] out_of_memory+0x2d5/0x10f0 [ 1177.705972] ? oom_killer_disable+0x1c0/0x1c0 [ 1177.710461] ? mutex_trylock+0x152/0x1a0 [ 1177.714520] __alloc_pages_nodemask+0x2556/0x2730 [ 1177.719380] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1177.724223] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1177.729060] ? trace_hardirqs_on+0x10/0x10 [ 1177.733294] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1177.738137] ? cache_grow_begin+0x3f/0x410 [ 1177.742377] cache_grow_begin+0x91/0x410 [ 1177.746472] fallback_alloc+0x205/0x2b0 [ 1177.750447] kmem_cache_alloc+0x1e5/0x3c0 [ 1177.754595] getname_flags+0xc8/0x550 [ 1177.758398] user_path_mountpoint_at+0x23/0x40 [ 1177.762977] SyS_umount+0x11b/0xc00 [ 1177.766603] ? do_rmdir+0x340/0x340 [ 1177.770247] ? __detach_mounts+0x2e0/0x2e0 [ 1177.775172] ? __do_page_fault+0x19a/0xb50 [ 1177.779404] ? do_syscall_64+0x4c/0x640 [ 1177.783379] ? __detach_mounts+0x2e0/0x2e0 [ 1177.787618] do_syscall_64+0x1d5/0x640 [ 1177.791593] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1177.796778] RIP: 0033:0x45f497 [ 1177.799963] RSP: 002b:00007ffe52bc1628 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1177.807668] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045f497 [ 1177.814931] RDX: 00000000004031d8 RSI: 0000000000000002 RDI: 00007ffe52bc16d0 [ 1177.822193] RBP: 00000000000009b7 R08: 0000000000000000 R09: 0000000000000010 [ 1177.829482] R10: 000000000000000a R11: 0000000000000246 R12: 00007ffe52bc2760 [ 1177.836744] R13: 000000000153e940 R14: 0000000000000000 R15: 00007ffe52bc2760 [ 1177.886380] Mem-Info: [ 1177.888865] active_anon:1306135 inactive_anon:4313 isolated_anon:0 [ 1177.888865] active_file:583 inactive_file:557 isolated_file:34 [ 1177.888865] unevictable:0 dirty:995 writeback:0 unstable:0 [ 1177.888865] slab_reclaimable:16340 slab_unreclaimable:130891 [ 1177.888865] mapped:53466 shmem:4489 pagetables:32762 bounce:0 [ 1177.888865] free:21499 free_pcp:62 free_cma:0 [ 1177.923999] Node 0 active_anon:1905736kB inactive_anon:16124kB active_file:968kB inactive_file:996kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:213748kB dirty:1444kB writeback:0kB shmem:16784kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 686080kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1177.953247] Node 1 active_anon:3318752kB inactive_anon:1128kB active_file:1328kB inactive_file:1268kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:40kB dirty:2536kB writeback:0kB shmem:1172kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1177.984993] Node 0 DMA free:10388kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1178.042824] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1178.047893] Node 0 DMA32 free:28776kB min:36296kB low:45368kB high:54440kB active_anon:1900488kB inactive_anon:16124kB active_file:860kB inactive_file:976kB unevictable:0kB writepending:1444kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9344kB pagetables:55772kB bounce:0kB free_pcp:480kB local_pcp:120kB free_cma:0kB [ 1178.130417] lowmem_reserve[]: 0 0 0 0 0 [ 1178.140558] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1178.202746] lowmem_reserve[]: 0 0 0 0 0 [ 1178.206776] Node 1 Normal free:47288kB min:53592kB low:66988kB high:80384kB active_anon:3318752kB inactive_anon:1128kB active_file:1272kB inactive_file:1216kB unevictable:0kB writepending:2536kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33184kB pagetables:75148kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1178.250058] lowmem_reserve[]: 0 0 0 0 0 [ 1178.254183] Node 0 DMA: 1*4kB (U) 4*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10388kB [ 1178.269751] Node 0 DMA32: 161*4kB (UME) 336*8kB (UM) 195*16kB (UME) 281*32kB (UME) 41*64kB (UM) 10*128kB (ME) 4*256kB (ME) 2*512kB (M) 0*1024kB 2*2048kB (ME) 1*4096kB (M) = 29588kB [ 1178.286314] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1178.297076] Node 1 Normal: 1194*4kB (UMEH) 432*8kB (UMEH) 123*16kB (UMEH) 27*32kB (UME) 8*64kB (UM) 17*128kB (UME) 7*256kB (UM) 4*512kB (UM) 3*1024kB (ME) 1*2048kB (E) 6*4096kB (UM) = 47288kB [ 1178.314459] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1178.323374] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1178.331985] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1178.340887] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1178.349649] 5544 total pagecache pages [ 1178.353609] 0 pages in swap cache [ 1178.357056] Swap cache stats: add 0, delete 0, find 0/0 [ 1178.362404] Free swap = 0kB [ 1178.366028] Total swap = 0kB [ 1178.369065] 1965979 pages RAM [ 1178.372161] 0 pages HighMem/MovableOnly [ 1178.376209] 338455 pages reserved [ 1178.379656] 0 pages cma reserved [ 1178.383058] Out of memory: Kill process 14236 (syz-executor.0) score 1007 or sacrifice child [ 1178.391667] Killed process 14236 (syz-executor.0) total-vm:75236kB, anon-rss:16564kB, file-rss:34816kB, shmem-rss:0kB [ 1178.448381] oom_reaper: reaped process 14236 (syz-executor.0), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1178.512467] syz-executor.5 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1178.543965] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 1178.549524] CPU: 1 PID: 20539 Comm: syz-executor.5 Not tainted 4.14.182-syzkaller #0 [ 1178.557409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1178.566772] Call Trace: [ 1178.569361] dump_stack+0x1b2/0x283 [ 1178.572990] dump_header+0x178/0x7aa [ 1178.576701] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1178.581716] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1178.586818] ? ___ratelimit+0x2cd/0x522 [ 1178.590888] oom_kill_process.cold+0x10/0xc16 [ 1178.595378] ? lock_acquire+0x170/0x3f0 [ 1178.599353] ? lock_downgrade+0x6e0/0x6e0 [ 1178.603503] out_of_memory+0x2d5/0x10f0 [ 1178.607481] ? oom_killer_disable+0x1c0/0x1c0 [ 1178.611971] ? mutex_trylock+0x152/0x1a0 [ 1178.616035] __alloc_pages_nodemask+0x2556/0x2730 [ 1178.620889] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1178.625725] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1178.630567] ? trace_hardirqs_on+0x10/0x10 [ 1178.634801] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1178.639643] ? cache_grow_begin+0x3f/0x410 [ 1178.643872] cache_grow_begin+0x91/0x410 [ 1178.647956] fallback_alloc+0x205/0x2b0 [ 1178.651929] kmem_cache_alloc+0x1e5/0x3c0 [ 1178.656074] getname_flags+0xc8/0x550 [ 1178.659876] user_path_mountpoint_at+0x23/0x40 [ 1178.664457] SyS_umount+0x11b/0xc00 [ 1178.668080] ? do_rmdir+0x340/0x340 [ 1178.671704] ? __detach_mounts+0x2e0/0x2e0 [ 1178.675946] ? __do_page_fault+0x19a/0xb50 [ 1178.680186] ? do_syscall_64+0x4c/0x640 [ 1178.684157] ? __detach_mounts+0x2e0/0x2e0 [ 1178.688388] do_syscall_64+0x1d5/0x640 [ 1178.692275] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1178.697456] RIP: 0033:0x45f497 [ 1178.700633] RSP: 002b:00007ffe52bc1628 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1178.708333] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045f497 [ 1178.715591] RDX: 00000000004031d8 RSI: 0000000000000002 RDI: 00007ffe52bc16d0 [ 1178.722849] RBP: 00000000000009b7 R08: 0000000000000000 R09: 0000000000000010 [ 1178.730105] R10: 000000000000000a R11: 0000000000000246 R12: 00007ffe52bc2760 [ 1178.737367] R13: 000000000153e940 R14: 0000000000000000 R15: 00007ffe52bc2760 19:21:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:21:31 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1179.311115] Mem-Info: [ 1179.371847] active_anon:1296684 inactive_anon:4313 isolated_anon:0 [ 1179.371847] active_file:664 inactive_file:2396 isolated_file:154 [ 1179.371847] unevictable:0 dirty:1006 writeback:0 unstable:0 [ 1179.371847] slab_reclaimable:16392 slab_unreclaimable:130621 [ 1179.371847] mapped:54864 shmem:4489 pagetables:32684 bounce:0 [ 1179.371847] free:29004 free_pcp:396 free_cma:0 19:21:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1179.802652] Node 0 active_anon:1880816kB inactive_anon:16124kB active_file:952kB inactive_file:6976kB unevictable:0kB isolated(anon):0kB isolated(file):556kB mapped:218252kB dirty:1488kB writeback:0kB shmem:16784kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 661504kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1179.974183] Node 1 active_anon:3310020kB inactive_anon:1128kB active_file:1288kB inactive_file:1216kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:2536kB writeback:0kB shmem:1172kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1180.068585] Node 0 DMA free:10388kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1180.098691] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1180.105970] Node 0 DMA32 free:38104kB min:36296kB low:45368kB high:54440kB active_anon:1883672kB inactive_anon:16124kB active_file:152kB inactive_file:7264kB unevictable:0kB writepending:1548kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9312kB pagetables:55796kB bounce:0kB free_pcp:912kB local_pcp:228kB free_cma:0kB 19:21:32 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1180.326310] lowmem_reserve[]: 0 0 0 0 0 [ 1180.358409] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1180.428674] lowmem_reserve[]: 0 0 0 0 0 [ 1180.524481] Node 1 Normal free:57404kB min:53592kB low:66988kB high:80384kB active_anon:3310020kB inactive_anon:1128kB active_file:1284kB inactive_file:1256kB unevictable:0kB writepending:2536kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33248kB pagetables:75012kB bounce:0kB free_pcp:768kB local_pcp:684kB free_cma:0kB [ 1180.739287] lowmem_reserve[]: 0 0 0 0 0 [ 1180.743372] Node 0 DMA: 1*4kB (U) 4*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10388kB [ 1180.770547] Node 0 DMA32: 304*4kB (UM) 341*8kB (UME) 241*16kB (UME) 218*32kB (UMEH) 9*64kB (UME) 3*128kB (M) 1*256kB (M) 1*512kB (M) 1*1024kB (M) 4*2048kB (UME) 4*4096kB (M) = 42104kB [ 1180.788698] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1180.803488] Node 1 Normal: 1623*4kB (UMEH) 944*8kB (UMEH) 273*16kB (UMEH) 76*32kB (UMEH) 25*64kB (UM) 19*128kB (UME) 7*256kB (UM) 4*512kB (UM) 3*1024kB (ME) 1*2048kB (E) 6*4096kB (UM) = 58412kB [ 1180.823794] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1180.977341] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1180.986146] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1180.999442] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1181.008348] 5775 total pagecache pages [ 1181.016269] 0 pages in swap cache [ 1181.020117] Swap cache stats: add 0, delete 0, find 0/0 [ 1181.025556] Free swap = 0kB [ 1181.028565] Total swap = 0kB [ 1181.031572] 1965979 pages RAM [ 1181.049858] 0 pages HighMem/MovableOnly [ 1181.058879] 338455 pages reserved [ 1181.062361] 0 pages cma reserved [ 1181.066109] Out of memory: Kill process 14421 (syz-executor.0) score 1007 or sacrifice child [ 1181.078792] Killed process 14421 (syz-executor.0) total-vm:75236kB, anon-rss:16564kB, file-rss:34816kB, shmem-rss:0kB [ 1181.112262] oom_reaper: reaped process 14421 (syz-executor.0), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1181.300886] loop2: p1 p2 < > p3 p4 < p5 > [ 1181.315261] loop2: partition table partially beyond EOD, truncated [ 1181.359912] loop2: p1 size 11290111 extends beyond EOD, truncated [ 1181.391769] loop2: p3 start 4293001441 is beyond EOD, truncated [ 1181.603691] loop2: p5 size 11290111 extends beyond EOD, truncated 19:21:35 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(0x0) 19:21:35 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:21:35 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:35 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:21:35 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:35 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:35 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:35 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(0x0) 19:21:35 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:35 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:21:36 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:36 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(0x0) 19:21:36 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:36 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:36 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(0x0) 19:21:36 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:36 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:36 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:37 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) 19:21:37 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:37 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:21:37 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:38 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:21:38 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1186.585154] systemd invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1186.624151] systemd cpuset=/ mems_allowed=0-1 [ 1186.638297] CPU: 0 PID: 1 Comm: systemd Not tainted 4.14.182-syzkaller #0 [ 1186.645260] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1186.654772] Call Trace: [ 1186.657360] dump_stack+0x1b2/0x283 [ 1186.661016] dump_header+0x178/0x7aa [ 1186.664762] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1186.669772] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1186.674871] ? ___ratelimit+0x2cd/0x522 [ 1186.678881] oom_kill_process.cold+0x10/0xc16 [ 1186.683370] ? lock_downgrade+0x6e0/0x6e0 [ 1186.687549] out_of_memory+0x2d5/0x10f0 [ 1186.691603] ? oom_killer_disable+0x1c0/0x1c0 [ 1186.696091] ? mutex_trylock+0x152/0x1a0 [ 1186.700200] __alloc_pages_nodemask+0x2556/0x2730 [ 1186.705245] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1186.710199] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1186.715093] ? trace_hardirqs_on+0x10/0x10 [ 1186.719378] ? cache_grow_begin+0x3f/0x410 [ 1186.723648] cache_grow_begin+0x91/0x410 [ 1186.727706] fallback_alloc+0x205/0x2b0 [ 1186.731681] kmem_cache_alloc+0x1e5/0x3c0 [ 1186.735873] getname_flags+0xc8/0x550 [ 1186.739711] do_sys_open+0x202/0x3e0 [ 1186.743462] ? filp_open+0x60/0x60 [ 1186.746993] ? __do_page_fault+0x19a/0xb50 [ 1186.751229] ? do_syscall_64+0x4c/0x640 [ 1186.755196] ? do_sys_open+0x3e0/0x3e0 [ 1186.759075] do_syscall_64+0x1d5/0x640 [ 1186.762968] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1186.768187] RIP: 0033:0x7f9f1d69f70d [ 1186.771934] RSP: 002b:00007fff82a4a290 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 1186.779640] RAX: ffffffffffffffda RBX: 0000555f01856480 RCX: 00007f9f1d69f70d [ 1186.787022] RDX: 00000000000001b6 RSI: 0000000000080000 RDI: 00007fff82a4a350 [ 1186.794289] RBP: 0000000000000008 R08: 0000000000000008 R09: 0000000000000001 [ 1186.801594] R10: 0000000000080000 R11: 0000000000000293 R12: 00007f9f1edd97b4 [ 1186.808945] R13: 0000000000000001 R14: 00007fff82a4a350 R15: 0000000000000000 19:21:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) 19:21:38 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1187.457148] Mem-Info: [ 1187.459929] active_anon:1306052 inactive_anon:4312 isolated_anon:0 [ 1187.459929] active_file:1060 inactive_file:1072 isolated_file:92 [ 1187.459929] unevictable:0 dirty:1030 writeback:7 unstable:0 [ 1187.459929] slab_reclaimable:16574 slab_unreclaimable:130637 [ 1187.459929] mapped:54318 shmem:4488 pagetables:32849 bounce:0 [ 1187.459929] free:20498 free_pcp:263 free_cma:0 [ 1187.507506] Node 0 active_anon:1897104kB inactive_anon:16128kB active_file:2512kB inactive_file:2640kB unevictable:0kB isolated(anon):0kB isolated(file):416kB mapped:216572kB dirty:1576kB writeback:32kB shmem:16788kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 659456kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1187.609881] Node 1 active_anon:3327104kB inactive_anon:1120kB active_file:1320kB inactive_file:1252kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:2544kB writeback:0kB shmem:1164kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1187.693989] Node 0 DMA free:10388kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1187.777670] lowmem_reserve[]: 0 2559 2559 2559 2559 19:21:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) creat(&(0x7f00000002c0)='./bus\x00', 0x0) [ 1187.827924] Node 0 DMA32 free:40508kB min:36296kB low:45368kB high:54440kB active_anon:1881140kB inactive_anon:16128kB active_file:1588kB inactive_file:3960kB unevictable:0kB writepending:1608kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9376kB pagetables:56272kB bounce:0kB free_pcp:448kB local_pcp:136kB free_cma:0kB [ 1187.863038] lowmem_reserve[]: 0 0 0 0 0 [ 1187.867873] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1187.895339] lowmem_reserve[]: 0 0 0 0 0 [ 1187.927488] Node 1 Normal free:57572kB min:53592kB low:66988kB high:80384kB active_anon:3312784kB inactive_anon:1120kB active_file:1276kB inactive_file:1192kB unevictable:0kB writepending:2540kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:32960kB pagetables:75100kB bounce:0kB free_pcp:36kB local_pcp:28kB free_cma:0kB [ 1187.965735] lowmem_reserve[]: 0 0 0 0 0 [ 1187.969871] Node 0 DMA: 1*4kB (U) 4*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10388kB [ 1188.024570] Node 0 DMA32: 11*4kB (U) 10*8kB (UM) 127*16kB (UME) 219*32kB (UM) 14*64kB (UM) 11*128kB (ME) 7*256kB (M) 0*512kB 2*1024kB (ME) 3*2048kB (UM) 4*4096kB (M) = 37836kB [ 1188.082861] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1188.126559] Node 1 Normal: 646*4kB (UME) 616*8kB (UMEH) 308*16kB (UME) 90*32kB (UME) 51*64kB (UM) 27*128kB (UME) 9*256kB (UM) 5*512kB (UM) 3*1024kB (ME) 1*2048kB (E) 6*4096kB (UM) = 56600kB [ 1188.306702] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1188.375387] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1188.421919] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1188.430801] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1188.472143] 6692 total pagecache pages [ 1188.476623] 0 pages in swap cache [ 1188.480082] Swap cache stats: add 0, delete 0, find 0/0 [ 1188.491921] Free swap = 0kB [ 1188.495020] Total swap = 0kB [ 1188.498042] 1965979 pages RAM [ 1188.501147] 0 pages HighMem/MovableOnly [ 1188.561892] 338455 pages reserved [ 1188.565521] 0 pages cma reserved [ 1188.568888] Out of memory: Kill process 20534 (syz-executor.2) score 1007 or sacrifice child [ 1196.762475] syz-executor.3 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1196.798881] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 1196.804118] CPU: 1 PID: 6354 Comm: syz-executor.3 Not tainted 4.14.182-syzkaller #0 [ 1196.811903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1196.821247] Call Trace: [ 1196.823833] dump_stack+0x1b2/0x283 [ 1196.827458] dump_header+0x178/0x7aa [ 1196.831160] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1196.836169] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1196.842307] ? ___ratelimit+0x2cd/0x522 [ 1196.846275] oom_kill_process.cold+0x10/0xc16 [ 1196.850762] ? lock_downgrade+0x6e0/0x6e0 [ 1196.854905] out_of_memory+0x2d5/0x10f0 [ 1196.858883] ? oom_killer_disable+0x1c0/0x1c0 [ 1196.863370] ? mutex_trylock+0x152/0x1a0 [ 1196.867438] __alloc_pages_nodemask+0x2556/0x2730 [ 1196.872296] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1196.877136] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1196.881975] ? trace_hardirqs_on+0x10/0x10 [ 1196.886210] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1196.891053] ? cache_grow_begin+0x3f/0x410 [ 1196.895285] cache_grow_begin+0x91/0x410 [ 1196.899339] fallback_alloc+0x205/0x2b0 [ 1196.903310] kmem_cache_alloc+0x1e5/0x3c0 [ 1196.907454] getname_flags+0xc8/0x550 [ 1196.911249] user_path_mountpoint_at+0x23/0x40 [ 1196.915908] SyS_umount+0x11b/0xc00 [ 1196.919524] ? lock_downgrade+0x6e0/0x6e0 [ 1196.923669] ? __detach_mounts+0x2e0/0x2e0 [ 1196.927895] ? up_read+0x17/0x30 [ 1196.931252] ? __do_page_fault+0x19a/0xb50 [ 1196.935478] ? do_syscall_64+0x4c/0x640 [ 1196.939442] ? __detach_mounts+0x2e0/0x2e0 [ 1196.943671] do_syscall_64+0x1d5/0x640 [ 1196.947556] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1196.952735] RIP: 0033:0x45f497 [ 1196.956015] RSP: 002b:00007ffe89bda278 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1196.963718] RAX: ffffffffffffffda RBX: 0000000000122248 RCX: 000000000045f497 [ 1196.970983] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe89bdb3b0 [ 1196.978253] RBP: 00000000000013d1 R08: 0000000000000001 R09: 000000000272a940 [ 1196.985516] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe89bdb3b0 [ 1196.992781] R13: 00007ffe89bdb3a0 R14: 0000000000000000 R15: 00007ffe89bdb3b0 [ 1197.027083] Mem-Info: [ 1197.029534] active_anon:1302941 inactive_anon:4312 isolated_anon:0 [ 1197.029534] active_file:583 inactive_file:506 isolated_file:0 [ 1197.029534] unevictable:0 dirty:1041 writeback:0 unstable:0 [ 1197.029534] slab_reclaimable:16617 slab_unreclaimable:130506 [ 1197.029534] mapped:53298 shmem:4488 pagetables:32844 bounce:0 [ 1197.029534] free:25064 free_pcp:0 free_cma:0 [ 1197.078516] Node 0 active_anon:1894948kB inactive_anon:16128kB active_file:932kB inactive_file:808kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213192kB dirty:1616kB writeback:0kB shmem:16788kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 663552kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1197.110964] Node 1 active_anon:3316816kB inactive_anon:1120kB active_file:1324kB inactive_file:1320kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:2548kB writeback:0kB shmem:1164kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1197.179945] Node 0 DMA free:10388kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1197.223238] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1197.228314] Node 0 DMA32 free:36160kB min:36296kB low:45368kB high:54440kB active_anon:1889552kB inactive_anon:16128kB active_file:932kB inactive_file:780kB unevictable:0kB writepending:1616kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9408kB pagetables:56128kB bounce:0kB free_pcp:120kB local_pcp:120kB free_cma:0kB [ 1197.262177] lowmem_reserve[]: 0 0 0 0 0 [ 1197.266214] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1197.309950] lowmem_reserve[]: 0 0 0 0 0 [ 1197.315469] Node 1 Normal free:53584kB min:53592kB low:66988kB high:80384kB active_anon:3316816kB inactive_anon:1120kB active_file:1456kB inactive_file:1212kB unevictable:0kB writepending:2548kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:32768kB pagetables:75224kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 1197.356721] lowmem_reserve[]: 0 0 0 0 0 [ 1197.360743] Node 0 DMA: 1*4kB (U) 4*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10388kB [ 1197.380296] Node 0 DMA32: 591*4kB (UME) 259*8kB (ME) 206*16kB (UME) 227*32kB (UME) 21*64kB (UM) 3*128kB (ME) 0*256kB 0*512kB 1*1024kB (E) 1*2048kB (U) 4*4096kB (M) = 36180kB [ 1197.401495] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1197.458590] Node 1 Normal: 304*4kB (UME) 650*8kB (UME) 299*16kB (UME) 45*32kB (UME) 51*64kB (UM) 27*128kB (UME) 9*256kB (UM) 5*512kB (UM) 3*1024kB (ME) 1*2048kB (E) 6*4096kB (UM) = 53920kB [ 1197.480730] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1197.489631] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1197.498276] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1197.507150] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1197.515782] 5580 total pagecache pages [ 1197.519672] 0 pages in swap cache [ 1197.523240] Swap cache stats: add 0, delete 0, find 0/0 [ 1197.528594] Free swap = 0kB [ 1197.531649] Total swap = 0kB [ 1197.534655] 1965979 pages RAM [ 1197.537745] 0 pages HighMem/MovableOnly [ 1197.557650] 338455 pages reserved [ 1197.561163] 0 pages cma reserved [ 1197.564525] Out of memory: Kill process 15315 (syz-executor.1) score 1007 or sacrifice child [ 1197.577413] Killed process 15315 (syz-executor.1) total-vm:75368kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB [ 1197.642475] oom_reaper: reaped process 15315 (syz-executor.1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1198.702644] loop2: p1 p2 < > p3 p4 < p5 > [ 1198.706922] loop2: partition table partially beyond EOD, truncated [ 1198.741681] loop2: p1 size 11290111 extends beyond EOD, truncated [ 1198.765254] loop2: p3 start 4293001441 is beyond EOD, truncated [ 1198.784833] loop2: p5 size 11290111 extends beyond EOD, truncated 19:21:55 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:21:55 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:55 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:55 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:55 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) 19:21:55 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1205.047129] syz-executor.4 invoked oom-killer: gfp_mask=0x14280ca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=1000 [ 1205.117560] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 1205.134349] CPU: 1 PID: 20605 Comm: syz-executor.4 Not tainted 4.14.182-syzkaller #0 [ 1205.142267] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1205.151624] Call Trace: [ 1205.154309] dump_stack+0x1b2/0x283 [ 1205.157936] dump_header+0x178/0x7aa [ 1205.161650] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1205.166667] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1205.171781] ? ___ratelimit+0x2cd/0x522 [ 1205.175775] oom_kill_process.cold+0x10/0xc16 [ 1205.180282] ? lock_downgrade+0x6e0/0x6e0 [ 1205.184441] out_of_memory+0x2d5/0x10f0 [ 1205.188418] ? oom_killer_disable+0x1c0/0x1c0 [ 1205.192911] ? mutex_trylock+0x152/0x1a0 [ 1205.196972] __alloc_pages_nodemask+0x2556/0x2730 [ 1205.201829] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1205.206670] ? trace_hardirqs_on+0x10/0x10 [ 1205.210911] ? __anon_vma_prepare+0x172/0x370 [ 1205.215417] ? anon_vma_interval_tree_insert+0x20a/0x3c0 [ 1205.220872] alloc_pages_vma+0xc1/0x4b0 [ 1205.224855] do_anonymous_page+0x6cd/0x17d0 [ 1205.229179] ? finish_task_switch+0x14d/0x610 [ 1205.233670] ? switch_mm_irqs_off+0x2cd/0xec0 [ 1205.238163] ? finish_fault+0x290/0x290 [ 1205.242137] ? __schedule+0x8ae/0x1d70 [ 1205.246286] __handle_mm_fault+0x1c49/0x3700 [ 1205.250697] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1205.255460] handle_mm_fault+0x306/0x794 [ 1205.259522] __do_page_fault+0x578/0xb50 [ 1205.263586] ? mm_fault_error+0x2c0/0x2c0 [ 1205.267729] ? do_page_fault+0x60/0x4f2 [ 1205.271703] ? page_fault+0x2f/0x50 [ 1205.275329] page_fault+0x45/0x50 [ 1205.278775] RIP: d9d8c700:0xbd4 [ 1205.282043] RSP: 20000:00007fff6e715960 EFLAGS: 7fff6e715a60 [ 1205.339377] Mem-Info: [ 1205.347816] active_anon:1305041 inactive_anon:4312 isolated_anon:0 [ 1205.347816] active_file:701 inactive_file:808 isolated_file:64 [ 1205.347816] unevictable:0 dirty:1068 writeback:0 unstable:0 [ 1205.347816] slab_reclaimable:16618 slab_unreclaimable:132049 [ 1205.347816] mapped:53774 shmem:4488 pagetables:32945 bounce:0 [ 1205.347816] free:20268 free_pcp:344 free_cma:0 [ 1205.382034] Node 0 active_anon:1900496kB inactive_anon:16132kB active_file:1528kB inactive_file:1816kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:214988kB dirty:1716kB writeback:0kB shmem:16796kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 667648kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1205.412670] Node 1 active_anon:3319668kB inactive_anon:1116kB active_file:1276kB inactive_file:1416kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:2556kB writeback:0kB shmem:1156kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1205.477789] Node 0 DMA free:10388kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1205.546569] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1205.557530] Node 0 DMA32 free:31748kB min:36296kB low:45368kB high:54440kB active_anon:1895100kB inactive_anon:16132kB active_file:1216kB inactive_file:1300kB unevictable:0kB writepending:1716kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9664kB pagetables:56284kB bounce:0kB free_pcp:1080kB local_pcp:608kB free_cma:0kB [ 1205.648616] lowmem_reserve[]: 0 0 0 0 0 [ 1205.676764] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1205.729823] lowmem_reserve[]: 0 0 0 0 0 [ 1205.738502] Node 1 Normal free:46248kB min:53592kB low:66988kB high:80384kB active_anon:3313368kB inactive_anon:1116kB active_file:1276kB inactive_file:1416kB unevictable:0kB writepending:2556kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33056kB pagetables:75472kB bounce:0kB free_pcp:704kB local_pcp:0kB free_cma:0kB [ 1205.842546] lowmem_reserve[]: 0 0 0 0 0 [ 1205.846632] Node 0 DMA: 1*4kB (U) 4*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10388kB [ 1205.865695] Node 0 DMA32: 568*4kB (UME) 618*8kB (UME) 295*16kB (UME) 216*32kB (UME) 17*64kB (UM) 3*128kB (ME) 1*256kB (E) 1*512kB (E) 0*1024kB 2*2048kB (UM) 3*4096kB (M) = 37472kB [ 1205.919769] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1205.965796] Node 1 Normal: 345*4kB (UME) 551*8kB (UMEH) 143*16kB (UME) 140*32kB (MEH) 100*64kB (MH) 19*128kB (MEH) 7*256kB (MH) 5*512kB (MH) 3*1024kB (ME) 1*2048kB (E) 4*4096kB (M) = 47244kB [ 1206.001766] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1206.012964] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1206.023401] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1206.075207] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1206.106243] 5644 total pagecache pages [ 1206.110361] 0 pages in swap cache [ 1206.118970] Swap cache stats: add 0, delete 0, find 0/0 [ 1206.124495] Free swap = 0kB [ 1206.127619] Total swap = 0kB [ 1206.143309] 1965979 pages RAM [ 1206.146526] 0 pages HighMem/MovableOnly [ 1206.151885] 338455 pages reserved [ 1206.155436] 0 pages cma reserved [ 1206.158898] Out of memory: Kill process 15354 (syz-executor.0) score 1007 or sacrifice child [ 1206.170921] Killed process 15354 (syz-executor.0) total-vm:75236kB, anon-rss:16564kB, file-rss:34816kB, shmem-rss:0kB 19:21:59 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) creat(&(0x7f00000002c0)='./bus\x00', 0x0) 19:21:59 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:21:59 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(0x0, 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:59 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) 19:21:59 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:21:59 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1208.957375] syz-executor.1 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1209.022455] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 1209.027634] CPU: 0 PID: 20653 Comm: syz-executor.1 Not tainted 4.14.182-syzkaller #0 [ 1209.035512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1209.044863] Call Trace: [ 1209.047455] dump_stack+0x1b2/0x283 [ 1209.051089] dump_header+0x178/0x7aa [ 1209.054796] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1209.059810] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1209.064906] ? ___ratelimit+0x2cd/0x522 [ 1209.068877] oom_kill_process.cold+0x10/0xc16 [ 1209.073368] ? lock_acquire+0x170/0x3f0 [ 1209.077339] ? lock_downgrade+0x6e0/0x6e0 [ 1209.081484] out_of_memory+0x2d5/0x10f0 [ 1209.085457] ? oom_killer_disable+0x1c0/0x1c0 [ 1209.089945] ? mutex_trylock+0x152/0x1a0 [ 1209.094003] __alloc_pages_nodemask+0x2556/0x2730 [ 1209.098868] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1209.105010] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1209.109848] ? trace_hardirqs_on+0x10/0x10 [ 1209.114081] ? __lock_acquire+0x655/0x42a0 [ 1209.118439] ? _raw_spin_unlock+0x29/0x40 [ 1209.122590] ? cache_grow_begin+0x3f/0x410 [ 1209.126929] cache_grow_begin+0x91/0x410 [ 1209.130988] fallback_alloc+0x205/0x2b0 [ 1209.134958] kmem_cache_alloc+0x1e5/0x3c0 [ 1209.139100] getname_flags+0xc8/0x550 [ 1209.142897] ? SyS_access+0x20/0x20 [ 1209.146518] user_path_at_empty+0x2a/0x50 [ 1209.150667] SyS_chdir+0x7e/0x1a0 [ 1209.154126] ? SyS_access+0x20/0x20 [ 1209.157746] ? __do_page_fault+0x19a/0xb50 [ 1209.162005] ? do_syscall_64+0x4c/0x640 [ 1209.165971] ? SyS_access+0x20/0x20 [ 1209.169592] do_syscall_64+0x1d5/0x640 [ 1209.173482] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1209.178661] RIP: 0033:0x45c0b7 [ 1209.181843] RSP: 002b:00007ffe15f68708 EFLAGS: 00000246 ORIG_RAX: 0000000000000050 [ 1209.189548] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045c0b7 [ 1209.196813] RDX: 0000000000000001 RSI: 0000000000741e70 RDI: 00007ffe15f68750 [ 1209.204073] RBP: 0000000000000000 R08: 0000000000000001 R09: 00000000017b1940 [ 1209.211359] R10: 00000000017b1c10 R11: 0000000000000246 R12: 0000000000000000 [ 1209.218621] R13: 00007ffe15f68740 R14: 0000000000000000 R15: 00007ffe15f68750 [ 1209.236874] Mem-Info: [ 1209.239324] active_anon:1302509 inactive_anon:4312 isolated_anon:0 [ 1209.239324] active_file:619 inactive_file:581 isolated_file:0 [ 1209.239324] unevictable:0 dirty:1073 writeback:0 unstable:0 [ 1209.239324] slab_reclaimable:16551 slab_unreclaimable:132298 [ 1209.239324] mapped:53340 shmem:4488 pagetables:32941 bounce:0 [ 1209.239324] free:23133 free_pcp:356 free_cma:0 [ 1209.273555] Node 0 active_anon:1904456kB inactive_anon:16120kB active_file:904kB inactive_file:704kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:213232kB dirty:1712kB writeback:0kB shmem:16784kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 679936kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1209.302176] Node 1 active_anon:3304880kB inactive_anon:1128kB active_file:1276kB inactive_file:1076kB unevictable:0kB isolated(anon):0kB isolated(file):384kB mapped:28kB dirty:2580kB writeback:0kB shmem:1168kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1209.330534] Node 0 DMA free:10388kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1209.369324] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1209.388577] Node 0 DMA32 free:29952kB min:36296kB low:45368kB high:54440kB active_anon:1899060kB inactive_anon:16120kB active_file:996kB inactive_file:772kB unevictable:0kB writepending:1712kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9440kB pagetables:56016kB bounce:0kB free_pcp:720kB local_pcp:0kB free_cma:0kB [ 1209.487498] lowmem_reserve[]: 0 0 0 0 0 [ 1209.516546] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1209.607373] lowmem_reserve[]: 0 0 0 0 0 [ 1209.624609] Node 1 Normal free:53680kB min:53592kB low:66988kB high:80384kB active_anon:3301064kB inactive_anon:1128kB active_file:2648kB inactive_file:3372kB unevictable:0kB writepending:2580kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:32864kB pagetables:75576kB bounce:0kB free_pcp:1072kB local_pcp:444kB free_cma:0kB [ 1209.740784] lowmem_reserve[]: 0 0 0 0 0 [ 1209.799943] Node 0 DMA: 1*4kB (U) 4*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10388kB [ 1209.831724] Node 0 DMA32: 1365*4kB (UME) 765*8kB (UME) 368*16kB (UME) 255*32kB (UME) 29*64kB (UM) 4*128kB (ME) 1*256kB (E) 1*512kB (E) 0*1024kB 1*2048kB (U) 0*4096kB = 30812kB [ 1209.854154] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1209.885405] Node 1 Normal: 48*4kB (UE) 258*8kB (UMEH) 323*16kB (UMEH) 183*32kB (MEH) 124*64kB (UMH) 48*128kB (UMEH) 13*256kB (UMH) 6*512kB (MH) 5*1024kB (UME) 2*2048kB (UE) 3*4096kB (M) = 55264kB [ 1209.922786] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1209.953221] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1209.976860] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1209.996190] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1210.014183] 5812 total pagecache pages [ 1210.022873] 0 pages in swap cache [ 1210.031405] Swap cache stats: add 0, delete 0, find 0/0 [ 1210.042617] Free swap = 0kB [ 1210.049186] Total swap = 0kB [ 1210.056194] 1965979 pages RAM [ 1210.062839] 0 pages HighMem/MovableOnly [ 1210.071576] 338455 pages reserved [ 1210.079712] 0 pages cma reserved [ 1210.086686] Out of memory: Kill process 20643 (syz-executor.5) score 1007 or sacrifice child [ 1210.105857] Killed process 20643 (syz-executor.5) total-vm:75368kB, anon-rss:16572kB, file-rss:34816kB, shmem-rss:0kB 19:22:03 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:03 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) creat(&(0x7f00000002c0)='./bus\x00', 0x0) 19:22:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) creat(&(0x7f00000002c0)='./bus\x00', 0x0) 19:22:03 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:04 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) [ 1212.836022] systemd-udevd invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1212.864897] systemd-udevd cpuset=/ mems_allowed=0-1 [ 1212.892947] CPU: 1 PID: 14334 Comm: systemd-udevd Not tainted 4.14.182-syzkaller #0 [ 1212.900805] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1212.910158] Call Trace: [ 1212.912758] dump_stack+0x1b2/0x283 [ 1212.918819] dump_header+0x178/0x7aa [ 1212.922532] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1212.927547] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1212.932648] ? ___ratelimit+0x2cd/0x522 [ 1212.936622] oom_kill_process.cold+0x10/0xc16 [ 1212.941115] ? lock_downgrade+0x6e0/0x6e0 [ 1212.945269] out_of_memory+0x2d5/0x10f0 [ 1212.949250] ? oom_killer_disable+0x1c0/0x1c0 [ 1212.953744] ? mutex_trylock+0x152/0x1a0 [ 1212.957807] __alloc_pages_nodemask+0x2556/0x2730 [ 1212.962663] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1212.967862] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1212.972704] ? trace_hardirqs_on+0x10/0x10 [ 1212.976942] ? cache_grow_begin+0x3f/0x410 [ 1212.981177] cache_grow_begin+0x91/0x410 [ 1212.985269] fallback_alloc+0x205/0x2b0 [ 1212.989246] kmem_cache_alloc+0x1e5/0x3c0 [ 1212.993400] getname_flags+0xc8/0x550 [ 1212.997199] ? SyS_unlinkat+0x70/0x70 [ 1213.000996] do_unlinkat+0x9e/0x5c0 [ 1213.004626] ? do_rmdir+0x340/0x340 [ 1213.008246] ? syscall_slow_exit_work+0x560/0x560 [ 1213.013095] ? do_syscall_64+0x4c/0x640 [ 1213.017068] ? SyS_unlinkat+0x70/0x70 [ 1213.020864] do_syscall_64+0x1d5/0x640 [ 1213.024752] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1213.029937] RIP: 0033:0x7f04fa2960e7 [ 1213.033635] RSP: 002b:00007ffc616a46c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 1213.041462] RAX: ffffffffffffffda RBX: 000055fc7dc407f0 RCX: 00007f04fa2960e7 [ 1213.048740] RDX: 00007ffc616a45a0 RSI: 00007ffc616a45a0 RDI: 00007ffc616a46d0 [ 1213.056008] RBP: 000000000000199a R08: 00000000000001c0 R09: 0000000000000014 [ 1213.063293] R10: 00007ffc616a46c0 R11: 0000000000000246 R12: 00007ffc616a46d0 [ 1213.070545] R13: 000055fc7dc407f0 R14: 0000000000000003 R15: 000000000000000e [ 1213.104839] Mem-Info: [ 1213.107290] active_anon:1298654 inactive_anon:4312 isolated_anon:0 [ 1213.107290] active_file:600 inactive_file:664 isolated_file:56 [ 1213.107290] unevictable:0 dirty:1081 writeback:0 unstable:0 [ 1213.107290] slab_reclaimable:16540 slab_unreclaimable:132386 [ 1213.107290] mapped:53414 shmem:4488 pagetables:32935 bounce:0 [ 1213.107290] free:26711 free_pcp:434 free_cma:0 [ 1213.144956] Node 0 active_anon:1894416kB inactive_anon:16124kB active_file:1856kB inactive_file:1496kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:214040kB dirty:1716kB writeback:0kB shmem:16788kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 675840kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1213.178880] Node 1 active_anon:3300200kB inactive_anon:1124kB active_file:1088kB inactive_file:1652kB unevictable:0kB isolated(anon):0kB isolated(file):92kB mapped:116kB dirty:2608kB writeback:0kB shmem:1164kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1213.234357] Node 0 DMA free:10388kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1213.277868] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1213.287357] Node 0 DMA32 free:36372kB min:36296kB low:45368kB high:54440kB active_anon:1889020kB inactive_anon:16124kB active_file:2280kB inactive_file:2188kB unevictable:0kB writepending:1716kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9440kB pagetables:56124kB bounce:0kB free_pcp:860kB local_pcp:580kB free_cma:0kB [ 1213.326175] lowmem_reserve[]: 0 0 0 0 0 19:22:05 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1213.377835] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1213.449628] lowmem_reserve[]: 0 0 0 0 0 [ 1213.466108] Node 1 Normal free:56152kB min:53592kB low:66988kB high:80384kB active_anon:3300252kB inactive_anon:1124kB active_file:2300kB inactive_file:2880kB unevictable:0kB writepending:2608kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33024kB pagetables:75592kB bounce:0kB free_pcp:1124kB local_pcp:392kB free_cma:0kB [ 1213.598164] lowmem_reserve[]: 0 0 0 0 0 [ 1213.607988] Node 0 DMA: 1*4kB (U) 4*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10388kB [ 1213.657266] Node 0 DMA32: 642*4kB (UMEH) 580*8kB (UMEH) 339*16kB (UMEH) 255*32kB (UMEH) 29*64kB (UM) 4*128kB (ME) 1*256kB (E) 1*512kB (E) 0*1024kB 2*2048kB (UM) 2*4096kB (M) = 36216kB [ 1213.938351] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1213.999107] Node 1 Normal: 241*4kB (UME) 41*8kB (UMEH) 83*16kB (UME) 195*32kB (UMEH) 123*64kB (MH) 47*128kB (MEH) 13*256kB (UMH) 7*512kB (UMH) 5*1024kB (UME) 1*2048kB (E) 3*4096kB (M) = 49116kB [ 1214.084741] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1214.116973] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1214.143905] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1214.167794] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1214.186340] 6253 total pagecache pages [ 1214.194914] 0 pages in swap cache [ 1214.203016] Swap cache stats: add 0, delete 0, find 0/0 [ 1214.214185] Free swap = 0kB [ 1214.220755] Total swap = 0kB [ 1214.227314] 1965979 pages RAM [ 1214.233958] 0 pages HighMem/MovableOnly [ 1214.242529] 338455 pages reserved [ 1214.249464] 0 pages cma reserved [ 1214.256471] Out of memory: Kill process 15388 (syz-executor.0) score 1007 or sacrifice child [ 1214.315094] Killed process 15388 (syz-executor.0) total-vm:75236kB, anon-rss:16564kB, file-rss:34816kB, shmem-rss:0kB [ 1214.406293] oom_reaper: reaped process 15388 (syz-executor.0), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:22:06 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) 19:22:06 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) 19:22:06 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(0x0, 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1215.019320] syz-fuzzer invoked oom-killer: gfp_mask=0x14201ca(GFP_HIGHUSER_MOVABLE|__GFP_COLD), nodemask=(null), order=0, oom_score_adj=0 [ 1215.122672] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1215.157269] CPU: 1 PID: 6328 Comm: syz-fuzzer Not tainted 4.14.182-syzkaller #0 [ 1215.164761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1215.174098] Call Trace: [ 1215.176670] dump_stack+0x1b2/0x283 [ 1215.180276] dump_header+0x178/0x7aa [ 1215.183966] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1215.188974] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1215.194063] ? ___ratelimit+0x2cd/0x522 [ 1215.198017] oom_kill_process.cold+0x10/0xc16 [ 1215.202493] ? lock_downgrade+0x6e0/0x6e0 [ 1215.206622] out_of_memory+0x2d5/0x10f0 [ 1215.210577] ? oom_killer_disable+0x1c0/0x1c0 [ 1215.215052] ? mutex_trylock+0x152/0x1a0 [ 1215.219113] __alloc_pages_nodemask+0x2556/0x2730 [ 1215.223940] ? __schedule+0x8ae/0x1d70 [ 1215.227812] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1215.232632] ? trace_hardirqs_on+0x10/0x10 [ 1215.236845] ? find_get_entry+0x31b/0x660 [ 1215.240994] alloc_pages_current+0xe7/0x1e0 [ 1215.245297] __page_cache_alloc+0x243/0x3c0 [ 1215.249609] filemap_fault+0xd42/0x18f0 [ 1215.253629] ext4_filemap_fault+0x84/0xb0 [ 1215.257778] __do_fault+0xfa/0x380 [ 1215.261300] __handle_mm_fault+0x2055/0x3700 [ 1215.265691] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1215.270482] ? selinux_file_permission+0x7a/0x440 [ 1215.275312] handle_mm_fault+0x306/0x794 [ 1215.279358] __do_page_fault+0x578/0xb50 [ 1215.283405] ? mm_fault_error+0x2c0/0x2c0 [ 1215.287539] ? do_page_fault+0x60/0x4f2 [ 1215.291526] ? page_fault+0x2f/0x50 [ 1215.295133] page_fault+0x45/0x50 [ 1215.298588] RIP: 011c:0x200 19:22:07 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) 19:22:07 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) 19:22:08 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(0x0, 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:08 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1215.301497] RSP: 7d800:000000c00004b4b0 EFLAGS: 0000011d [ 1216.503343] Mem-Info: [ 1216.598029] active_anon:1298525 inactive_anon:4312 isolated_anon:0 [ 1216.598029] active_file:1413 inactive_file:1309 isolated_file:124 [ 1216.598029] unevictable:0 dirty:1095 writeback:0 unstable:0 [ 1216.598029] slab_reclaimable:16553 slab_unreclaimable:132640 [ 1216.598029] mapped:54965 shmem:4488 pagetables:32863 bounce:0 [ 1216.598029] free:25566 free_pcp:2 free_cma:0 19:22:08 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1216.829368] Node 0 active_anon:1891600kB inactive_anon:16112kB active_file:3916kB inactive_file:3764kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:218608kB dirty:1740kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 675840kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 19:22:08 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1217.154802] Node 1 active_anon:3300944kB inactive_anon:1140kB active_file:3832kB inactive_file:3996kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:3152kB dirty:2620kB writeback:0kB shmem:1180kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 19:22:09 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1217.249517] Node 0 DMA free:10388kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1217.279981] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1217.353681] Node 0 DMA32 free:29348kB min:36296kB low:45368kB high:54440kB active_anon:1895076kB inactive_anon:16112kB active_file:2960kB inactive_file:2920kB unevictable:0kB writepending:1732kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9504kB pagetables:55896kB bounce:0kB free_pcp:616kB local_pcp:204kB free_cma:0kB [ 1217.524961] lowmem_reserve[]: 0 0 0 0 0 [ 1217.538580] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1217.709402] lowmem_reserve[]: 0 0 0 0 0 [ 1217.723810] Node 1 Normal free:59816kB min:53592kB low:66988kB high:80384kB active_anon:3295612kB inactive_anon:1140kB active_file:1936kB inactive_file:2072kB unevictable:0kB writepending:2620kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33088kB pagetables:75792kB bounce:0kB free_pcp:768kB local_pcp:124kB free_cma:0kB [ 1217.756149] lowmem_reserve[]: 0 0 0 0 0 [ 1217.793610] Node 0 DMA: 1*4kB (U) 4*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10388kB 19:22:09 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) [ 1217.981690] Node 0 DMA32: 1312*4kB (UEH) 411*8kB (UME) 354*16kB (UME) 237*32kB (UME) 31*64kB (UM) 5*128kB (ME) 3*256kB (ME) 3*512kB (ME) 0*1024kB 3*2048kB (UM) 1*4096kB (M) = 36952kB [ 1218.058395] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1218.109781] Node 1 Normal: 220*4kB (UME) 140*8kB (UMEH) 244*16kB (UME) 158*32kB (UMEH) 117*64kB (UM) 43*128kB (UMEH) 26*256kB (MH) 14*512kB (MH) 7*1024kB (ME) 1*2048kB (E) 2*4096kB (M) = 55184kB [ 1218.173996] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1218.217734] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1218.277655] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1218.319523] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1218.362945] 6021 total pagecache pages [ 1218.366867] 0 pages in swap cache [ 1218.378594] Swap cache stats: add 0, delete 0, find 0/0 [ 1218.389751] Free swap = 0kB [ 1218.392791] Total swap = 0kB [ 1218.399930] 1965979 pages RAM [ 1218.403048] 0 pages HighMem/MovableOnly [ 1218.414269] 338455 pages reserved [ 1218.421307] 0 pages cma reserved [ 1218.424684] Out of memory: Kill process 20702 (syz-executor.3) score 1007 or sacrifice child [ 1222.757106] syz-executor.1 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1222.827068] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 1222.857516] CPU: 1 PID: 6353 Comm: syz-executor.1 Not tainted 4.14.182-syzkaller #0 [ 1222.865340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1222.874693] Call Trace: [ 1222.877288] dump_stack+0x1b2/0x283 [ 1222.880913] dump_header+0x178/0x7aa [ 1222.884620] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1222.889631] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1222.894727] ? ___ratelimit+0x2cd/0x522 [ 1222.898704] oom_kill_process.cold+0x10/0xc16 [ 1222.903199] ? lock_downgrade+0x6e0/0x6e0 [ 1222.907348] out_of_memory+0x2d5/0x10f0 [ 1222.911322] ? oom_killer_disable+0x1c0/0x1c0 [ 1222.915810] ? mutex_trylock+0x152/0x1a0 [ 1222.919875] __alloc_pages_nodemask+0x2556/0x2730 [ 1222.924766] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1222.929601] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1222.934438] ? trace_hardirqs_on+0x10/0x10 [ 1222.938680] ? cache_grow_begin+0x3f/0x410 [ 1222.942913] cache_grow_begin+0x91/0x410 [ 1222.946970] fallback_alloc+0x205/0x2b0 [ 1222.950939] kmem_cache_alloc+0x1e5/0x3c0 [ 1222.955081] getname_flags+0xc8/0x550 [ 1222.958873] SyS_mkdirat+0x83/0x220 [ 1222.962494] ? SyS_mknod+0x30/0x30 [ 1222.966026] ? __do_page_fault+0x19a/0xb50 [ 1222.970254] ? do_syscall_64+0x4c/0x640 [ 1222.974224] ? SyS_mkdirat+0x220/0x220 [ 1222.978104] do_syscall_64+0x1d5/0x640 [ 1222.981988] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1222.987165] RIP: 0033:0x45bee7 [ 1222.990347] RSP: 002b:00007ffe15f68708 EFLAGS: 00000202 ORIG_RAX: 0000000000000053 [ 1222.998048] RAX: ffffffffffffffda RBX: 00000000001292cc RCX: 000000000045bee7 [ 1223.005319] RDX: 00007ffe15f68756 RSI: 00000000000001ff RDI: 00007ffe15f68750 [ 1223.012583] RBP: 00000000000011c2 R08: 0000000000000000 R09: 0000000000000006 [ 1223.019845] R10: 0000000000000064 R11: 0000000000000202 R12: 0000000000000009 [ 1223.027118] R13: 00007ffe15f68740 R14: 0000000000128ecd R15: 00007ffe15f68750 [ 1223.063016] Mem-Info: [ 1223.065470] active_anon:1299955 inactive_anon:4316 isolated_anon:0 [ 1223.065470] active_file:651 inactive_file:449 isolated_file:0 [ 1223.065470] unevictable:0 dirty:1091 writeback:0 unstable:0 [ 1223.065470] slab_reclaimable:16505 slab_unreclaimable:133577 [ 1223.065470] mapped:53370 shmem:4492 pagetables:32911 bounce:0 [ 1223.065470] free:24953 free_pcp:184 free_cma:0 [ 1223.099374] Node 0 active_anon:1898648kB inactive_anon:16112kB active_file:880kB inactive_file:824kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213280kB dirty:1732kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 669696kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1223.128015] Node 1 active_anon:3301172kB inactive_anon:1152kB active_file:1380kB inactive_file:1304kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:2632kB writeback:0kB shmem:1196kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1223.156983] Node 0 DMA free:10388kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1223.199119] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1223.204192] Node 0 DMA32 free:36244kB min:36296kB low:45368kB high:54440kB active_anon:1893252kB inactive_anon:16112kB active_file:976kB inactive_file:824kB unevictable:0kB writepending:1732kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9472kB pagetables:55912kB bounce:0kB free_pcp:120kB local_pcp:120kB free_cma:0kB [ 1223.285787] lowmem_reserve[]: 0 0 0 0 0 [ 1223.293822] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1223.337658] lowmem_reserve[]: 0 0 0 0 0 [ 1223.357248] Node 1 Normal free:53176kB min:53592kB low:66988kB high:80384kB active_anon:3301172kB inactive_anon:1152kB active_file:936kB inactive_file:1732kB unevictable:0kB writepending:2632kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:32768kB pagetables:75708kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1223.436418] lowmem_reserve[]: 0 0 0 0 0 [ 1223.440515] Node 0 DMA: 1*4kB (U) 4*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10388kB [ 1223.458673] Node 0 DMA32: 1254*4kB (UME) 397*8kB (UME) 320*16kB (UME) 243*32kB (UME) 31*64kB (UM) 5*128kB (ME) 3*256kB (ME) 3*512kB (ME) 0*1024kB 3*2048kB (UM) 1*4096kB (M) = 36256kB [ 1223.495370] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1223.517598] Node 1 Normal: 187*4kB (UME) 177*8kB (UMEH) 127*16kB (UME) 162*32kB (UMEH) 120*64kB (UM) 43*128kB (UMEH) 26*256kB (MH) 14*512kB (MH) 7*1024kB (ME) 1*2048kB (E) 2*4096kB (M) = 53796kB [ 1223.547573] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1223.561208] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1223.579655] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1223.588619] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1223.600747] 5613 total pagecache pages [ 1223.604704] 0 pages in swap cache [ 1223.608180] Swap cache stats: add 0, delete 0, find 0/0 [ 1223.613702] Free swap = 0kB [ 1223.616710] Total swap = 0kB [ 1223.628015] 1965979 pages RAM [ 1223.631259] 0 pages HighMem/MovableOnly [ 1223.635224] 338455 pages reserved [ 1223.638667] 0 pages cma reserved [ 1223.642145] Out of memory: Kill process 15473 (syz-executor.1) score 1007 or sacrifice child [ 1223.651582] Killed process 15473 (syz-executor.1) total-vm:75368kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB 19:22:15 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:15 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:15 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1223.779965] oom_reaper: reaped process 15473 (syz-executor.1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:22:16 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:16 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:16 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:16 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:16 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) 19:22:18 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:18 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:18 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:18 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:18 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:19 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:19 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:19 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:19 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x0) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:23 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:23 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1231.521280] syz-fuzzer invoked oom-killer: gfp_mask=0x14201ca(GFP_HIGHUSER_MOVABLE|__GFP_COLD), nodemask=(null), order=0, oom_score_adj=0 [ 1231.611197] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1231.649189] CPU: 1 PID: 6328 Comm: syz-fuzzer Not tainted 4.14.182-syzkaller #0 [ 1231.656674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1231.666026] Call Trace: [ 1231.668620] dump_stack+0x1b2/0x283 [ 1231.672255] dump_header+0x178/0x7aa [ 1231.675977] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1231.680987] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1231.686070] ? ___ratelimit+0x2cd/0x522 [ 1231.690029] oom_kill_process.cold+0x10/0xc16 [ 1231.694505] ? lock_downgrade+0x6e0/0x6e0 [ 1231.698632] out_of_memory+0x2d5/0x10f0 [ 1231.702597] ? oom_killer_disable+0x1c0/0x1c0 [ 1231.707070] ? mutex_trylock+0x152/0x1a0 [ 1231.711115] __alloc_pages_nodemask+0x2556/0x2730 [ 1231.715954] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1231.720787] ? trace_hardirqs_on+0x10/0x10 [ 1231.725017] ? find_get_entry+0x31b/0x660 [ 1231.729167] alloc_pages_current+0xe7/0x1e0 [ 1231.733467] __page_cache_alloc+0x243/0x3c0 [ 1231.737785] filemap_fault+0xd42/0x18f0 [ 1231.741756] ext4_filemap_fault+0x84/0xb0 [ 1231.748688] __do_fault+0xfa/0x380 [ 1231.752237] __handle_mm_fault+0x2055/0x3700 [ 1231.756647] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1231.761465] ? __fsnotify_update_child_dentry_flags.part.0+0x2e0/0x2e0 [ 1231.768315] handle_mm_fault+0x306/0x794 [ 1231.772367] __do_page_fault+0x578/0xb50 [ 1231.776410] ? mm_fault_error+0x2c0/0x2c0 [ 1231.780546] ? do_page_fault+0x60/0x4f2 [ 1231.784502] ? page_fault+0x2f/0x50 [ 1231.788121] page_fault+0x45/0x50 [ 1231.791556] RIP: 0007:0x6 [ 1231.794292] RSP: 0000:000000c0000f0d38 EFLAGS: ffffffffffffffff [ 1231.916660] Mem-Info: [ 1231.934342] active_anon:1294479 inactive_anon:4314 isolated_anon:0 [ 1231.934342] active_file:860 inactive_file:857 isolated_file:75 [ 1231.934342] unevictable:0 dirty:1102 writeback:0 unstable:0 [ 1231.934342] slab_reclaimable:16033 slab_unreclaimable:135724 [ 1231.934342] mapped:54004 shmem:4490 pagetables:32911 bounce:0 [ 1231.934342] free:28113 free_pcp:30 free_cma:0 [ 1232.042068] Node 0 active_anon:1890028kB inactive_anon:16128kB active_file:1528kB inactive_file:2304kB unevictable:0kB isolated(anon):0kB isolated(file):300kB mapped:215084kB dirty:1772kB writeback:0kB shmem:16788kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 673792kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1232.103332] Node 1 active_anon:3287832kB inactive_anon:1128kB active_file:1332kB inactive_file:1336kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:2664kB writeback:0kB shmem:1172kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1232.160197] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1232.233204] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1232.242781] Node 0 DMA32 free:46408kB min:36296kB low:45368kB high:54440kB active_anon:1884632kB inactive_anon:16128kB active_file:1384kB inactive_file:1316kB unevictable:0kB writepending:1772kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9472kB pagetables:56100kB bounce:0kB free_pcp:1288kB local_pcp:620kB free_cma:0kB [ 1232.312343] lowmem_reserve[]: 0 0 0 0 0 [ 1232.317705] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1232.344128] lowmem_reserve[]: 0 0 0 0 0 [ 1232.348245] Node 1 Normal free:57528kB min:53592kB low:66988kB high:80384kB active_anon:3287832kB inactive_anon:1128kB active_file:1332kB inactive_file:1336kB unevictable:0kB writepending:2664kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:32864kB pagetables:75480kB bounce:0kB free_pcp:20kB local_pcp:20kB free_cma:0kB [ 1232.378108] lowmem_reserve[]: 0 0 0 0 0 [ 1232.382235] Node 0 DMA: 1*4kB (U) 5*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1232.397935] Node 0 DMA32: 3187*4kB (UME) 1277*8kB (UME) 561*16kB (UME) 267*32kB (UME) 37*64kB (UME) 0*128kB 0*256kB 0*512kB 0*1024kB 2*2048kB (M) 0*4096kB = 46948kB [ 1232.413172] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1232.427721] Node 1 Normal: 342*4kB (UME) 340*8kB (UME) 662*16kB (UME) 249*32kB (UMEH) 139*64kB (UMH) 55*128kB (UMH) 30*256kB (UMH) 14*512kB (MH) 4*1024kB (UM) 0*2048kB 0*4096kB = 57528kB [ 1232.448909] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1232.457894] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1232.494790] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1232.525017] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1232.567761] 6357 total pagecache pages [ 1232.630544] 0 pages in swap cache [ 1232.650421] Swap cache stats: add 0, delete 0, find 0/0 [ 1232.672558] Free swap = 0kB [ 1232.686344] Total swap = 0kB [ 1232.696276] 1965979 pages RAM [ 1232.705307] 0 pages HighMem/MovableOnly [ 1232.710065] 338455 pages reserved [ 1232.713601] 0 pages cma reserved [ 1232.717029] Out of memory: Kill process 16381 (syz-executor.1) score 1007 or sacrifice child [ 1232.732110] Killed process 16381 (syz-executor.1) total-vm:75368kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB [ 1232.797811] oom_reaper: reaped process 16381 (syz-executor.1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:22:24 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x0) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:24 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) 19:22:24 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:25 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:25 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:25 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x0) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:25 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:25 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:26 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:26 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) 19:22:26 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:26 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:26 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:27 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:27 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:27 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:27 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) 19:22:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:27 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:27 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:27 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:28 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:28 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:28 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:28 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:28 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:28 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:28 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) [ 1236.378663] syz-executor.4 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1236.450407] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 1236.455563] CPU: 1 PID: 6351 Comm: syz-executor.4 Not tainted 4.14.182-syzkaller #0 [ 1236.463355] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1236.472743] Call Trace: [ 1236.475318] dump_stack+0x1b2/0x283 [ 1236.478929] dump_header+0x178/0x7aa [ 1236.482632] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1236.487632] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1236.492719] ? ___ratelimit+0x2cd/0x522 [ 1236.496764] oom_kill_process.cold+0x10/0xc16 [ 1236.501257] ? lock_downgrade+0x6e0/0x6e0 [ 1236.505389] out_of_memory+0x2d5/0x10f0 [ 1236.509351] ? oom_killer_disable+0x1c0/0x1c0 [ 1236.513829] ? mutex_trylock+0x152/0x1a0 [ 1236.517879] __alloc_pages_nodemask+0x2556/0x2730 [ 1236.522728] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1236.527554] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1236.532380] ? trace_hardirqs_on+0x10/0x10 [ 1236.536603] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1236.541438] ? cache_grow_begin+0x3f/0x410 [ 1236.545654] cache_grow_begin+0x91/0x410 [ 1236.549711] fallback_alloc+0x205/0x2b0 [ 1236.553695] kmem_cache_alloc+0x1e5/0x3c0 [ 1236.557831] getname_flags+0xc8/0x550 [ 1236.561618] user_path_mountpoint_at+0x23/0x40 [ 1236.566199] SyS_umount+0x11b/0xc00 [ 1236.569817] ? lock_downgrade+0x6e0/0x6e0 [ 1236.573944] ? __detach_mounts+0x2e0/0x2e0 [ 1236.578157] ? up_read+0x17/0x30 [ 1236.581506] ? __do_page_fault+0x19a/0xb50 [ 1236.585723] ? do_syscall_64+0x4c/0x640 [ 1236.589680] ? __detach_mounts+0x2e0/0x2e0 [ 1236.593906] do_syscall_64+0x1d5/0x640 [ 1236.597777] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1236.602946] RIP: 0033:0x45f497 [ 1236.606120] RSP: 002b:00007fff6e714a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1236.613805] RAX: ffffffffffffffda RBX: 000000000012dd89 RCX: 000000000045f497 [ 1236.621054] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007fff6e715b70 [ 1236.628311] RBP: 00000000000019fa R08: 0000000000000001 R09: 0000000002988940 [ 1236.635558] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff6e715b70 [ 1236.642819] R13: 00007fff6e715b60 R14: 0000000000000000 R15: 00007fff6e715b70 [ 1237.194198] Mem-Info: [ 1237.324576] active_anon:1301902 inactive_anon:4314 isolated_anon:0 [ 1237.324576] active_file:1154 inactive_file:1112 isolated_file:122 [ 1237.324576] unevictable:0 dirty:1143 writeback:0 unstable:0 [ 1237.324576] slab_reclaimable:16039 slab_unreclaimable:135710 [ 1237.324576] mapped:54548 shmem:4490 pagetables:33131 bounce:0 [ 1237.324576] free:19474 free_pcp:284 free_cma:0 [ 1237.463245] Node 0 active_anon:1909184kB inactive_anon:16124kB active_file:1204kB inactive_file:1292kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:214272kB dirty:1836kB writeback:0kB shmem:16784kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 675840kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1237.498797] Node 1 active_anon:3298424kB inactive_anon:1132kB active_file:1580kB inactive_file:1664kB unevictable:0kB isolated(anon):0kB isolated(file):108kB mapped:620kB dirty:2736kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1237.532574] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1237.658678] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1237.674085] Node 0 DMA32 free:29204kB min:36296kB low:45368kB high:54440kB active_anon:1903788kB inactive_anon:16124kB active_file:1016kB inactive_file:1016kB unevictable:0kB writepending:1788kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9760kB pagetables:56308kB bounce:0kB free_pcp:128kB local_pcp:128kB free_cma:0kB [ 1237.894625] lowmem_reserve[]: 0 0 0 0 0 [ 1237.914253] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1237.940496] lowmem_reserve[]: 0 0 0 0 0 [ 1237.944794] Node 1 Normal free:40240kB min:53592kB low:66988kB high:80384kB active_anon:3302684kB inactive_anon:1132kB active_file:1560kB inactive_file:1392kB unevictable:0kB writepending:2700kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:32832kB pagetables:76192kB bounce:0kB free_pcp:548kB local_pcp:72kB free_cma:0kB [ 1237.982801] lowmem_reserve[]: 0 0 0 0 0 [ 1237.996813] Node 0 DMA: 1*4kB (U) 5*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1238.059194] Node 0 DMA32: 2673*4kB (UME) 684*8kB (UME) 356*16kB (UME) 186*32kB (UME) 4*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28068kB [ 1238.106197] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1238.123836] Node 1 Normal: 462*4kB (UMEH) 554*8kB (UMEH) 328*16kB (UMEH) 155*32kB (UMEH) 40*64kB (UMH) 52*128kB (M) 41*256kB (UM) 17*512kB (M) 8*1024kB (UM) 0*2048kB 0*4096kB = 53096kB [ 1238.144433] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1238.153585] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1238.166351] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1238.175622] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1238.224357] 5781 total pagecache pages [ 1238.260811] 0 pages in swap cache [ 1238.275918] Swap cache stats: add 0, delete 0, find 0/0 [ 1238.288480] Free swap = 0kB [ 1238.291702] Total swap = 0kB [ 1238.294894] 1965979 pages RAM [ 1238.301795] 0 pages HighMem/MovableOnly [ 1238.305933] 338455 pages reserved [ 1238.309565] 0 pages cma reserved [ 1238.313071] Out of memory: Kill process 21087 (syz-executor.3) score 1007 or sacrifice child [ 1238.325624] Killed process 21087 (syz-executor.3) total-vm:75368kB, anon-rss:16440kB, file-rss:34840kB, shmem-rss:0kB [ 1238.420019] oom_reaper: reaped process 21087 (syz-executor.3), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:22:31 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:31 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(0x0) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:31 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(0x0) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:31 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(0x0) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1240.942938] loop2: p1 p2 < > p3 p4 < p5 > [ 1240.982148] loop2: partition table partially beyond EOD, truncated [ 1240.997072] loop2: p1 size 11290111 extends beyond EOD, truncated [ 1241.020485] loop2: p3 start 4293001441 is beyond EOD, truncated 19:22:33 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(0x0) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:33 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1241.047027] loop2: p5 size 11290111 extends beyond EOD, truncated 19:22:33 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:33 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:33 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(0x0) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:35 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:35 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:35 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:35 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:35 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) 19:22:36 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:36 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1249.754587] syz-executor.3 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1249.786154] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 1249.791372] CPU: 0 PID: 6354 Comm: syz-executor.3 Not tainted 4.14.182-syzkaller #0 [ 1249.799157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1249.808501] Call Trace: [ 1249.811085] dump_stack+0x1b2/0x283 [ 1249.814710] dump_header+0x178/0x7aa [ 1249.818419] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1249.823426] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1249.828520] ? ___ratelimit+0x2cd/0x522 [ 1249.832491] oom_kill_process.cold+0x10/0xc16 [ 1249.836982] ? lock_downgrade+0x6e0/0x6e0 [ 1249.841131] out_of_memory+0x2d5/0x10f0 [ 1249.845103] ? oom_killer_disable+0x1c0/0x1c0 [ 1249.849592] ? mutex_trylock+0x152/0x1a0 [ 1249.853647] __alloc_pages_nodemask+0x2556/0x2730 [ 1249.858498] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1249.863331] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1249.868187] ? trace_hardirqs_on+0x10/0x10 [ 1249.872417] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1249.877258] ? cache_grow_begin+0x3f/0x410 [ 1249.881485] cache_grow_begin+0x91/0x410 [ 1249.885537] fallback_alloc+0x205/0x2b0 [ 1249.889508] kmem_cache_alloc+0x1e5/0x3c0 [ 1249.893650] getname_flags+0xc8/0x550 [ 1249.897447] user_path_mountpoint_at+0x23/0x40 [ 1249.902023] SyS_umount+0x11b/0xc00 [ 1249.905646] ? lock_downgrade+0x6e0/0x6e0 [ 1249.909790] ? __detach_mounts+0x2e0/0x2e0 [ 1249.914013] ? up_read+0x17/0x30 [ 1249.917371] ? __do_page_fault+0x19a/0xb50 [ 1249.921598] ? do_syscall_64+0x4c/0x640 [ 1249.925564] ? __detach_mounts+0x2e0/0x2e0 [ 1249.929793] do_syscall_64+0x1d5/0x640 [ 1249.933680] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1249.938858] RIP: 0033:0x45f497 [ 1249.942037] RSP: 002b:00007ffe89bda278 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1249.949734] RAX: ffffffffffffffda RBX: 000000000013043a RCX: 000000000045f497 [ 1249.957000] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe89bdb3b0 [ 1249.964261] RBP: 000000000000144d R08: 0000000000000001 R09: 000000000272a940 [ 1249.971521] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe89bdb3b0 [ 1249.978784] R13: 00007ffe89bdb3a0 R14: 0000000000000000 R15: 00007ffe89bdb3b0 [ 1250.015357] Mem-Info: [ 1250.017858] active_anon:1301411 inactive_anon:4312 isolated_anon:0 [ 1250.017858] active_file:593 inactive_file:551 isolated_file:0 [ 1250.017858] unevictable:0 dirty:1133 writeback:0 unstable:0 [ 1250.017858] slab_reclaimable:16351 slab_unreclaimable:134036 [ 1250.017858] mapped:53364 shmem:4488 pagetables:33217 bounce:0 [ 1250.017858] free:22873 free_pcp:59 free_cma:0 [ 1250.058424] Node 0 active_anon:1908948kB inactive_anon:16112kB active_file:912kB inactive_file:848kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213456kB dirty:1812kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 675840kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1250.090855] Node 1 active_anon:3296696kB inactive_anon:1136kB active_file:1392kB inactive_file:1324kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:2720kB writeback:0kB shmem:1180kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1250.133244] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1250.159917] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1250.164954] Node 0 DMA32 free:27568kB min:36296kB low:45368kB high:54440kB active_anon:1903552kB inactive_anon:16112kB active_file:960kB inactive_file:848kB unevictable:0kB writepending:1812kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9632kB pagetables:56340kB bounce:0kB free_pcp:228kB local_pcp:116kB free_cma:0kB [ 1250.201508] lowmem_reserve[]: 0 0 0 0 0 [ 1250.205511] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1250.231631] lowmem_reserve[]: 0 0 0 0 0 [ 1250.235640] Node 1 Normal free:53528kB min:53592kB low:66988kB high:80384kB active_anon:3296696kB inactive_anon:1136kB active_file:1524kB inactive_file:1376kB unevictable:0kB writepending:2720kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33120kB pagetables:76504kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1250.281206] lowmem_reserve[]: 0 0 0 0 0 [ 1250.285251] Node 0 DMA: 1*4kB (U) 5*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1250.300931] Node 0 DMA32: 2304*4kB (UME) 644*8kB (UME) 342*16kB (UME) 210*32kB (UME) 6*64kB (UME) 1*128kB (M) 0*256kB 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 27584kB [ 1250.316075] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1250.326854] Node 1 Normal: 12*4kB (UM) 223*8kB (UME) 403*16kB (UME) 160*32kB (UME) 81*64kB (UM) 63*128kB (UME) 41*256kB (ME) 18*512kB (ME) 7*1024kB (M) 0*2048kB 0*4096kB = 53528kB [ 1250.349461] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1250.360116] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1250.368739] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1250.377617] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1250.386184] 5654 total pagecache pages [ 1250.401107] 0 pages in swap cache [ 1250.404575] Swap cache stats: add 0, delete 0, find 0/0 [ 1250.411913] Free swap = 0kB [ 1250.414926] Total swap = 0kB [ 1250.417979] 1965979 pages RAM [ 1250.421072] 0 pages HighMem/MovableOnly [ 1250.425032] 338455 pages reserved [ 1250.428708] 0 pages cma reserved [ 1250.432064] Out of memory: Kill process 16412 (syz-executor.1) score 1007 or sacrifice child [ 1250.440689] Killed process 16412 (syz-executor.1) total-vm:75368kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB [ 1250.506485] oom_reaper: reaped process 16412 (syz-executor.1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:22:37 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:37 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:37 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:37 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r1, &(0x7f0000000080)={0x10}, 0x10) 19:22:38 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r1, &(0x7f0000000080)={0x10}, 0x10) 19:22:42 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:43 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, 0x0, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:43 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:43 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:22:43 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:43 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:43 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:43 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:43 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:22:43 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:43 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:22:43 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(0x0) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:43 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:44 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:44 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:44 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:44 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:44 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1252.605895] syz-executor.1 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1252.640686] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 1252.654212] CPU: 1 PID: 6353 Comm: syz-executor.1 Not tainted 4.14.182-syzkaller #0 [ 1252.662034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1252.671388] Call Trace: [ 1252.673976] dump_stack+0x1b2/0x283 [ 1252.677607] dump_header+0x178/0x7aa [ 1252.681581] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1252.686597] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1252.691700] ? ___ratelimit+0x2cd/0x522 [ 1252.695693] oom_kill_process.cold+0x10/0xc16 [ 1252.700195] ? lock_downgrade+0x6e0/0x6e0 [ 1252.704345] out_of_memory+0x2d5/0x10f0 [ 1252.708320] ? oom_killer_disable+0x1c0/0x1c0 [ 1252.712812] ? mutex_trylock+0x152/0x1a0 [ 1252.716876] __alloc_pages_nodemask+0x2556/0x2730 [ 1252.721758] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1252.726598] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1252.731438] ? trace_hardirqs_on+0x10/0x10 [ 1252.735661] ? cache_grow_begin+0x3f/0x410 [ 1252.739878] cache_grow_begin+0x91/0x410 [ 1252.743924] fallback_alloc+0x205/0x2b0 [ 1252.747881] kmem_cache_alloc+0x1e5/0x3c0 [ 1252.752008] getname_flags+0xc8/0x550 [ 1252.755788] ? SyS_unlinkat+0x70/0x70 [ 1252.759568] do_unlinkat+0x9e/0x5c0 [ 1252.763177] ? do_rmdir+0x340/0x340 [ 1252.766816] ? __do_page_fault+0x19a/0xb50 [ 1252.771032] ? do_syscall_64+0x4c/0x640 [ 1252.774984] ? SyS_unlinkat+0x70/0x70 [ 1252.778763] do_syscall_64+0x1d5/0x640 [ 1252.782632] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1252.787819] RIP: 0033:0x45c817 [ 1252.790985] RSP: 002b:00007ffe15f67618 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 1252.798684] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045c817 [ 1252.805934] RDX: 00007ffe15f67630 RSI: 00007ffe15f67630 RDI: 00007ffe15f676c0 [ 1252.813183] RBP: 000000000000123f R08: 0000000000000000 R09: 000000000000000a [ 1252.820433] R10: 0000000000000003 R11: 0000000000000246 R12: 00007ffe15f68750 [ 1252.827681] R13: 00000000017b2940 R14: 0000000000000000 R15: 00007ffe15f68750 [ 1252.894569] Mem-Info: [ 1252.897807] active_anon:1298250 inactive_anon:4315 isolated_anon:0 [ 1252.897807] active_file:997 inactive_file:981 isolated_file:64 [ 1252.897807] unevictable:0 dirty:1164 writeback:1 unstable:0 [ 1252.897807] slab_reclaimable:16583 slab_unreclaimable:132845 [ 1252.897807] mapped:54326 shmem:4492 pagetables:33380 bounce:0 [ 1252.897807] free:25583 free_pcp:315 free_cma:0 [ 1252.942301] Node 0 active_anon:1909288kB inactive_anon:16112kB active_file:916kB inactive_file:888kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213788kB dirty:1816kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 675840kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1253.101257] Node 1 active_anon:3283700kB inactive_anon:1148kB active_file:3184kB inactive_file:4636kB unevictable:0kB isolated(anon):0kB isolated(file):384kB mapped:3952kB dirty:2832kB writeback:4kB shmem:1196kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1253.214023] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1253.257147] lowmem_reserve[]: 0 2559 2559 2559 2559 19:22:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:45 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:22:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:45 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:45 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1253.295388] Node 0 DMA32 free:27488kB min:36296kB low:45368kB high:54440kB active_anon:1903900kB inactive_anon:16112kB active_file:916kB inactive_file:888kB unevictable:0kB writepending:1816kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9632kB pagetables:56296kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1253.338025] lowmem_reserve[]: 0 0 0 0 0 [ 1253.342447] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1253.406534] lowmem_reserve[]: 0 0 0 0 0 [ 1253.412865] Node 1 Normal free:61400kB min:53592kB low:66988kB high:80384kB active_anon:3283700kB inactive_anon:1148kB active_file:4568kB inactive_file:5024kB unevictable:0kB writepending:2836kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33056kB pagetables:76852kB bounce:0kB free_pcp:680kB local_pcp:464kB free_cma:0kB [ 1253.596801] lowmem_reserve[]: 0 0 0 0 0 [ 1253.600831] Node 0 DMA: 1*4kB (U) 5*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1253.866782] Node 0 DMA32: 2238*4kB (UME) 670*8kB (UME) 333*16kB (UME) 211*32kB (UME) 7*64kB (UME) 1*128kB (M) 0*256kB 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 27480kB [ 1253.889578] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1253.903845] Node 1 Normal: 499*4kB (UME) 380*8kB (UME) 609*16kB (UME) 344*32kB (UME) 44*64kB (UM) 6*128kB (UM) 2*256kB (UM) 26*512kB (M) 9*1024kB (M) 1*2048kB (E) 0*4096kB = 54460kB [ 1253.996772] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1254.005642] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1254.014493] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1254.046806] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1254.055411] 6876 total pagecache pages [ 1254.078933] 0 pages in swap cache [ 1254.084397] Swap cache stats: add 0, delete 0, find 0/0 [ 1254.090886] Free swap = 0kB [ 1254.094446] Total swap = 0kB [ 1254.098752] 1965979 pages RAM [ 1254.108404] 0 pages HighMem/MovableOnly [ 1254.125435] loop2: p1 p2 < > p3 p4 < p5 > [ 1254.130500] loop2: partition table partially beyond EOD, truncated [ 1254.138213] 338455 pages reserved [ 1254.142141] 0 pages cma reserved 19:22:46 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:46 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1254.148179] Out of memory: Kill process 18278 (syz-executor.1) score 1007 or sacrifice child [ 1254.158001] loop2: p1 size 11290111 extends beyond EOD, truncated [ 1254.170379] loop2: p3 start 4293001441 is beyond EOD, truncated [ 1254.191671] Killed process 18278 (syz-executor.1) total-vm:75368kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB [ 1254.204384] loop2: p5 size 11290111 extends beyond EOD, truncated [ 1254.604093] loop2: p1 p2 < > p3 p4 < p5 > [ 1254.614241] loop2: partition table partially beyond EOD, truncated [ 1254.633528] loop2: p1 size 11290111 extends beyond EOD, truncated [ 1254.661574] loop2: p3 start 4293001441 is beyond EOD, truncated [ 1254.677945] loop2: p5 size 11290111 extends beyond EOD, truncated 19:22:46 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:46 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:46 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:46 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:46 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:46 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:22:46 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) [ 1254.952622] loop2: p1 p2 < > p3 p4 < p5 > [ 1254.962992] loop2: partition table partially beyond EOD, truncated 19:22:47 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1255.148231] syz-executor.0 invoked oom-killer: gfp_mask=0x14280ca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=1000 19:22:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1255.207293] syz-executor.0 cpuset=/ mems_allowed=0-1 [ 1255.217672] CPU: 0 PID: 21512 Comm: syz-executor.0 Not tainted 4.14.182-syzkaller #0 [ 1255.225586] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1255.234935] Call Trace: [ 1255.237526] dump_stack+0x1b2/0x283 [ 1255.241156] dump_header+0x178/0x7aa [ 1255.244869] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1255.249890] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1255.255001] ? ___ratelimit+0x2cd/0x522 [ 1255.258976] oom_kill_process.cold+0x10/0xc16 [ 1255.264088] ? lock_downgrade+0x6e0/0x6e0 [ 1255.268237] out_of_memory+0x2d5/0x10f0 [ 1255.272215] ? oom_killer_disable+0x1c0/0x1c0 [ 1255.276715] ? mutex_trylock+0x152/0x1a0 [ 1255.280781] __alloc_pages_nodemask+0x2556/0x2730 [ 1255.285637] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1255.290486] ? __anon_vma_prepare+0x172/0x370 [ 1255.294158] loop2: p1 size 11290111 extends beyond EOD, [ 1255.294982] ? anon_vma_interval_tree_insert+0x20a/0x3c0 [ 1255.305886] alloc_pages_vma+0xc1/0x4b0 [ 1255.309865] do_anonymous_page+0x6cd/0x17d0 [ 1255.314193] ? finish_fault+0x290/0x290 [ 1255.318168] ? trace_hardirqs_on+0x10/0x10 [ 1255.322399] ? trace_hardirqs_on+0x10/0x10 [ 1255.326638] __handle_mm_fault+0x1c49/0x3700 [ 1255.328457] truncated [ 1255.331044] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1255.331063] handle_mm_fault+0x306/0x794 [ 1255.342262] __do_page_fault+0x578/0xb50 [ 1255.346327] ? mm_fault_error+0x2c0/0x2c0 [ 1255.350482] ? do_page_fault+0x60/0x4f2 19:22:47 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) 19:22:47 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1255.351647] loop2: p3 start 4293001441 is beyond EOD, [ 1255.354451] ? page_fault+0x2f/0x50 [ 1255.354460] page_fault+0x45/0x50 [ 1255.354467] RIP: 89249700:0xc55 [ 1255.354473] RSP: 20000:00007ffc27b5dfd0 EFLAGS: 7ffc27b5e0d0 [ 1255.381264] Mem-Info: [ 1255.390513] active_anon:1296171 inactive_anon:4315 isolated_anon:0 [ 1255.390513] active_file:1700 inactive_file:1349 isolated_file:110 [ 1255.390513] unevictable:0 dirty:1183 writeback:0 unstable:0 [ 1255.390513] slab_reclaimable:16671 slab_unreclaimable:133251 [ 1255.390513] mapped:55180 shmem:4492 pagetables:33446 bounce:0 [ 1255.390513] free:25980 free_pcp:426 free_cma:0 [ 1255.406430] truncated [ 1255.429775] Node 0 active_anon:1905068kB inactive_anon:16112kB active_file:1604kB inactive_file:1436kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214816kB dirty:1820kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 675840kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1255.446462] loop2: p5 size 11290111 extends beyond EOD, [ 1255.471806] Node 1 active_anon:3279716kB inactive_anon:1148kB active_file:4844kB inactive_file:3880kB unevictable:0kB isolated(anon):0kB isolated(file):380kB mapped:5604kB dirty:2912kB writeback:0kB shmem:1196kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 19:22:47 executing program 2: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) [ 1255.528058] truncated 19:22:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1255.781026] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1255.820364] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1255.826282] Node 0 DMA32 free:29312kB min:36296kB low:45368kB high:54440kB active_anon:1899572kB inactive_anon:16112kB active_file:1704kB inactive_file:1436kB unevictable:0kB writepending:1820kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9664kB pagetables:56300kB bounce:0kB free_pcp:880kB local_pcp:144kB free_cma:0kB [ 1255.864328] lowmem_reserve[]: 0 0 0 0 0 [ 1255.869570] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1255.896853] lowmem_reserve[]: 0 0 0 0 0 [ 1255.900864] Node 1 Normal free:63984kB min:53592kB low:66988kB high:80384kB active_anon:3280116kB inactive_anon:1148kB active_file:3928kB inactive_file:4008kB unevictable:0kB writepending:2812kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33184kB pagetables:77460kB bounce:0kB free_pcp:1340kB local_pcp:636kB free_cma:0kB [ 1255.965882] loop2: p1 p2 < > p3 p4 < p5 > [ 1255.966732] lowmem_reserve[]: 0 0 0 0 0 [ 1255.974802] loop2: partition table partially beyond EOD, truncated [ 1255.984526] Node 0 DMA: 1*4kB (U) 5*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1256.001325] loop2: p1 size 11290111 extends beyond EOD, truncated [ 1256.037367] Node 0 DMA32: 2276*4kB (UMEH) 665*8kB (UME) 359*16kB (UME) 196*32kB (UME) 18*64kB (UME) 12*128kB (M) 1*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 29896kB [ 1256.053017] loop2: p3 start 4293001441 is beyond EOD, truncated [ 1256.080712] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1256.090709] loop2: p5 size 11290111 extends beyond EOD, truncated [ 1256.145313] Node 1 Normal: 2*4kB (ME) 16*8kB (UMEH) 360*16kB (UMEH) 372*32kB (UM) 98*64kB (UMH) 35*128kB (UMEH) 19*256kB (UME) 28*512kB (UME) 10*1024kB (ME) 0*2048kB 0*4096kB = 57992kB [ 1256.210418] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1256.227538] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1256.236191] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1256.266601] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1256.275538] 6922 total pagecache pages [ 1256.296561] 0 pages in swap cache [ 1256.300045] Swap cache stats: add 0, delete 0, find 0/0 [ 1256.305487] Free swap = 0kB [ 1256.316607] Total swap = 0kB [ 1256.319657] 1965979 pages RAM [ 1256.322755] 0 pages HighMem/MovableOnly [ 1256.337431] 338455 pages reserved [ 1256.344034] 0 pages cma reserved [ 1256.356475] loop2: p1 p2 < > p3 p4 < p5 > [ 1256.356862] Out of memory: Kill process 21514 (syz-executor.4) score 1007 or sacrifice child [ 1256.371120] loop2: partition table partially beyond EOD, truncated [ 1256.389203] loop2: p1 size 11290111 extends beyond EOD, truncated [ 1256.412769] loop2: p3 start 4293001441 is beyond EOD, truncated [ 1256.433072] loop2: p5 size 11290111 extends beyond EOD, truncated 19:22:48 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:48 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, 0x0, 0x0) 19:22:48 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:48 executing program 2: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) 19:22:48 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:48 executing program 2: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) 19:22:49 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:49 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:49 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, 0x0, 0x0) 19:22:49 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:49 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, 0x0, 0x0) 19:22:50 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:50 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, 0x0, 0x0) 19:22:50 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, 0x0, 0x0) 19:22:51 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:22:51 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:51 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, 0x0, 0x0) 19:22:51 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:51 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:22:51 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:52 executing program 2: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, 0x0, 0x0) 19:22:52 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:52 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:22:52 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) 19:22:52 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:52 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:53 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:53 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1261.219813] syz-executor.1 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 19:22:53 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) 19:22:53 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) [ 1261.273470] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 1261.305183] CPU: 0 PID: 6353 Comm: syz-executor.1 Not tainted 4.14.182-syzkaller #0 [ 1261.313014] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1261.327839] Call Trace: [ 1261.330433] dump_stack+0x1b2/0x283 [ 1261.334060] dump_header+0x178/0x7aa [ 1261.337776] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1261.342894] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1261.347994] ? ___ratelimit+0x2cd/0x522 [ 1261.351965] oom_kill_process.cold+0x10/0xc16 [ 1261.356461] ? lock_downgrade+0x6e0/0x6e0 [ 1261.360607] out_of_memory+0x2d5/0x10f0 [ 1261.364580] ? oom_killer_disable+0x1c0/0x1c0 [ 1261.369079] ? mutex_trylock+0x152/0x1a0 [ 1261.373343] __alloc_pages_nodemask+0x2556/0x2730 [ 1261.378227] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1261.383087] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1261.387927] ? trace_hardirqs_on+0x10/0x10 [ 1261.392163] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1261.397007] ? cache_grow_begin+0x3f/0x410 [ 1261.401237] cache_grow_begin+0x91/0x410 [ 1261.405295] fallback_alloc+0x205/0x2b0 [ 1261.409265] kmem_cache_alloc+0x1e5/0x3c0 [ 1261.413410] getname_flags+0xc8/0x550 [ 1261.417213] user_path_mountpoint_at+0x23/0x40 [ 1261.421972] SyS_umount+0x11b/0xc00 [ 1261.425595] ? lock_downgrade+0x6e0/0x6e0 [ 1261.429748] ? __detach_mounts+0x2e0/0x2e0 [ 1261.433979] ? up_read+0x17/0x30 [ 1261.437343] ? __do_page_fault+0x19a/0xb50 [ 1261.441571] ? do_syscall_64+0x4c/0x640 [ 1261.445551] ? __detach_mounts+0x2e0/0x2e0 [ 1261.449785] do_syscall_64+0x1d5/0x640 [ 1261.453674] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1261.458856] RIP: 0033:0x45f497 [ 1261.462038] RSP: 002b:00007ffe15f67618 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1261.469744] RAX: ffffffffffffffda RBX: 0000000000133ee2 RCX: 000000000045f497 [ 1261.477010] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe15f68750 [ 1261.484364] RBP: 0000000000001276 R08: 0000000000000001 R09: 00000000017b1940 [ 1261.491641] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe15f68750 [ 1261.498934] R13: 00007ffe15f68740 R14: 0000000000000000 R15: 00007ffe15f68750 19:22:53 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) [ 1262.125835] Mem-Info: [ 1262.129043] active_anon:1302964 inactive_anon:4316 isolated_anon:0 [ 1262.129043] active_file:761 inactive_file:748 isolated_file:64 [ 1262.129043] unevictable:0 dirty:1164 writeback:0 unstable:0 [ 1262.129043] slab_reclaimable:16663 slab_unreclaimable:133362 [ 1262.129043] mapped:53818 shmem:4492 pagetables:33426 bounce:0 [ 1262.129043] free:20848 free_pcp:50 free_cma:0 [ 1262.179822] Node 0 active_anon:1909812kB inactive_anon:16112kB active_file:1032kB inactive_file:1028kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213820kB dirty:1820kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 675840kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1262.264153] Node 1 active_anon:3302044kB inactive_anon:1152kB active_file:1852kB inactive_file:1704kB unevictable:0kB isolated(anon):0kB isolated(file):248kB mapped:852kB dirty:2836kB writeback:0kB shmem:1196kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1262.405363] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5396kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1262.536140] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1262.541242] Node 0 DMA32 free:27616kB min:36296kB low:45368kB high:54440kB active_anon:1904316kB inactive_anon:16112kB active_file:1088kB inactive_file:868kB unevictable:0kB writepending:1820kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9760kB pagetables:56304kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1262.606105] lowmem_reserve[]: 0 0 0 0 0 [ 1262.610781] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1262.676077] lowmem_reserve[]: 0 0 0 0 0 [ 1262.680109] Node 1 Normal free:53940kB min:53592kB low:66988kB high:80384kB active_anon:3292972kB inactive_anon:1152kB active_file:2044kB inactive_file:3284kB unevictable:0kB writepending:2836kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33376kB pagetables:77376kB bounce:0kB free_pcp:532kB local_pcp:380kB free_cma:0kB [ 1262.759741] lowmem_reserve[]: 0 0 0 0 0 [ 1262.763762] Node 0 DMA: 2*4kB (UE) 5*8kB (UE) 3*16kB (UM) 4*32kB (UME) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1262.816087] Node 0 DMA32: 2332*4kB (UEH) 613*8kB (UMEH) 327*16kB (UEH) 181*32kB (UEH) 3*64kB (UE) 7*128kB (M) 1*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 27112kB [ 1262.856217] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1263.044994] Node 1 Normal: 557*4kB (UME) 636*8kB (UMEH) 345*16kB (UMEH) 291*32kB (UMEH) 68*64kB (UME) 16*128kB (UME) 26*256kB (M) 28*512kB (UME) 10*1024kB (ME) 0*2048kB 0*4096kB = 59780kB [ 1263.190521] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1263.225399] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1263.259350] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1263.326057] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1263.368925] 6317 total pagecache pages [ 1263.382065] 0 pages in swap cache [ 1263.393547] Swap cache stats: add 0, delete 0, find 0/0 [ 1263.407827] Free swap = 0kB [ 1263.414348] Total swap = 0kB [ 1263.420983] 1965979 pages RAM [ 1263.427590] 0 pages HighMem/MovableOnly [ 1263.436388] 338455 pages reserved [ 1263.443362] 0 pages cma reserved [ 1263.450265] Out of memory: Kill process 20390 (syz-executor.1) score 1007 or sacrifice child [ 1263.468060] Killed process 20390 (syz-executor.1) total-vm:75368kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB 19:22:55 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) 19:22:56 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) 19:22:56 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:56 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, 0x0, 0x0) 19:22:56 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f00000002c0)='./bus\x00', 0x0) 19:22:56 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1264.287463] syz-executor.5 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1264.342408] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 1264.360369] CPU: 1 PID: 20539 Comm: syz-executor.5 Not tainted 4.14.182-syzkaller #0 [ 1264.368270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1264.377644] Call Trace: [ 1264.380226] dump_stack+0x1b2/0x283 [ 1264.383836] dump_header+0x178/0x7aa [ 1264.387536] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1264.392548] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1264.397634] ? ___ratelimit+0x2cd/0x522 [ 1264.401593] oom_kill_process.cold+0x10/0xc16 [ 1264.406075] ? lock_downgrade+0x6e0/0x6e0 [ 1264.410215] out_of_memory+0x2d5/0x10f0 [ 1264.414175] ? oom_killer_disable+0x1c0/0x1c0 [ 1264.418674] ? mutex_trylock+0x152/0x1a0 [ 1264.422734] __alloc_pages_nodemask+0x2556/0x2730 [ 1264.427567] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1264.432401] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1264.437223] ? trace_hardirqs_on+0x10/0x10 [ 1264.441485] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1264.446311] ? cache_grow_begin+0x3f/0x410 [ 1264.453136] cache_grow_begin+0x91/0x410 [ 1264.457179] fallback_alloc+0x205/0x2b0 [ 1264.461151] kmem_cache_alloc+0x1e5/0x3c0 [ 1264.465281] getname_flags+0xc8/0x550 [ 1264.469064] user_path_mountpoint_at+0x23/0x40 [ 1264.473626] SyS_umount+0x11b/0xc00 [ 1264.477248] ? lock_downgrade+0x6e0/0x6e0 [ 1264.481375] ? __detach_mounts+0x2e0/0x2e0 [ 1264.485602] ? up_read+0x17/0x30 [ 1264.488949] ? __do_page_fault+0x19a/0xb50 [ 1264.493180] ? do_syscall_64+0x4c/0x640 [ 1264.497148] ? __detach_mounts+0x2e0/0x2e0 [ 1264.501707] do_syscall_64+0x1d5/0x640 [ 1264.505588] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1264.510756] RIP: 0033:0x45f497 [ 1264.513927] RSP: 002b:00007ffe52bc1628 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1264.521618] RAX: ffffffffffffffda RBX: 000000000013499f RCX: 000000000045f497 [ 1264.528912] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe52bc2760 [ 1264.536164] RBP: 0000000000000a8c R08: 0000000000000001 R09: 000000000153d940 [ 1264.543420] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe52bc2760 [ 1264.550673] R13: 00007ffe52bc2750 R14: 0000000000000000 R15: 00007ffe52bc2760 19:22:57 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1265.493602] Mem-Info: [ 1265.496309] active_anon:1296808 inactive_anon:4316 isolated_anon:0 [ 1265.496309] active_file:1075 inactive_file:1225 isolated_file:90 [ 1265.496309] unevictable:0 dirty:1186 writeback:20 unstable:0 [ 1265.496309] slab_reclaimable:16686 slab_unreclaimable:133279 [ 1265.496309] mapped:54110 shmem:4492 pagetables:33357 bounce:0 [ 1265.496309] free:26187 free_pcp:324 free_cma:0 [ 1265.535356] Node 0 active_anon:1910056kB inactive_anon:16112kB active_file:1040kB inactive_file:900kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213672kB dirty:1816kB writeback:4kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 675840kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1265.660021] Node 1 active_anon:3277076kB inactive_anon:1152kB active_file:3708kB inactive_file:2928kB unevictable:0kB isolated(anon):0kB isolated(file):328kB mapped:3768kB dirty:2928kB writeback:76kB shmem:1196kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1265.741061] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1265.784338] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1265.791240] Node 0 DMA32 free:27568kB min:36296kB low:45368kB high:54440kB active_anon:1904640kB inactive_anon:16112kB active_file:1040kB inactive_file:900kB unevictable:0kB writepending:1820kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9696kB pagetables:56304kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1265.827522] lowmem_reserve[]: 0 0 0 0 0 [ 1265.848328] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 19:22:57 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:57 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:57 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) 19:22:57 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, 0x0, 0x0) [ 1265.920786] lowmem_reserve[]: 0 0 0 0 0 [ 1265.972852] Node 1 Normal free:65628kB min:53592kB low:66988kB high:80384kB active_anon:3277868kB inactive_anon:1152kB active_file:4156kB inactive_file:4028kB unevictable:0kB writepending:2924kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33312kB pagetables:77336kB bounce:0kB free_pcp:540kB local_pcp:232kB free_cma:0kB 19:22:58 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:58 executing program 0: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f00000002c0)='./bus\x00', 0x0) [ 1266.092170] lowmem_reserve[]: 0 0 0 0 0 [ 1266.097452] Node 0 DMA: 3*4kB (UME) 6*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1266.174260] Node 0 DMA32: 2376*4kB (UME) 614*8kB (UME) 335*16kB (UME) 187*32kB (UME) 3*64kB (UE) 7*128kB (M) 1*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 27616kB [ 1266.192746] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1266.207469] Node 1 Normal: 183*4kB (UMH) 822*8kB (UMH) 376*16kB (UM) 369*32kB (UMEH) 105*64kB (UMEH) 20*128kB (UMEH) 29*256kB (ME) 27*512kB (MH) 10*1024kB (ME) 0*2048kB 0*4096kB = 65900kB [ 1266.224788] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1266.282387] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1266.304540] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1266.318528] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1266.344732] 7393 total pagecache pages [ 1266.362244] 0 pages in swap cache 19:22:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) creat(&(0x7f00000002c0)='./bus\x00', 0x0) [ 1266.625004] Swap cache stats: add 0, delete 0, find 0/0 [ 1266.651662] Free swap = 0kB [ 1266.664330] Total swap = 0kB 19:22:58 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1266.676219] 1965979 pages RAM [ 1266.689804] 0 pages HighMem/MovableOnly [ 1266.741824] 338455 pages reserved [ 1266.860998] 0 pages cma reserved [ 1266.885830] Out of memory: Kill process 20522 (syz-executor.1) score 1007 or sacrifice child [ 1266.919392] Killed process 20522 (syz-executor.1) total-vm:75368kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB 19:22:59 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 19:22:59 executing program 0: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:59 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:22:59 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0), 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c000780080002000500000008000400ff7f0000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:22:59 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 19:22:59 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:01 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) 19:23:01 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:01 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1270.317648] syz-executor.4 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1270.385551] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 1270.412812] CPU: 1 PID: 6351 Comm: syz-executor.4 Not tainted 4.14.182-syzkaller #0 [ 1270.420999] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1270.430440] Call Trace: [ 1270.433020] dump_stack+0x1b2/0x283 [ 1270.436632] dump_header+0x178/0x7aa [ 1270.440525] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1270.446303] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1270.452212] ? ___ratelimit+0x2cd/0x522 [ 1270.456815] oom_kill_process.cold+0x10/0xc16 [ 1270.462181] ? lock_downgrade+0x6e0/0x6e0 [ 1270.466684] out_of_memory+0x2d5/0x10f0 [ 1270.470646] ? oom_killer_disable+0x1c0/0x1c0 [ 1270.476037] ? mutex_trylock+0x152/0x1a0 [ 1270.480185] __alloc_pages_nodemask+0x2556/0x2730 [ 1270.485651] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1270.490499] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1270.495343] ? trace_hardirqs_on+0x10/0x10 [ 1270.501994] ? __lock_acquire+0x655/0x42a0 [ 1270.507034] ? cache_grow_begin+0x3f/0x410 [ 1270.511270] cache_grow_begin+0x91/0x410 [ 1270.516104] fallback_alloc+0x205/0x2b0 [ 1270.520079] kmem_cache_alloc+0x1e5/0x3c0 [ 1270.524214] getname_flags+0xc8/0x550 [ 1270.527997] ? list_lru_add+0x227/0x490 [ 1270.531953] user_path_at_empty+0x2a/0x50 [ 1270.536097] vfs_statx+0xd1/0x160 [ 1270.539530] ? vfs_statx_fd+0x90/0x90 [ 1270.543309] ? lock_downgrade+0x6e0/0x6e0 [ 1270.547445] SyS_newlstat+0x83/0xe0 [ 1270.551057] ? SyS_newstat+0xe0/0xe0 [ 1270.554749] ? SyS_umount+0x180/0xc00 [ 1270.558541] ? do_rmdir+0x340/0x340 [ 1270.562148] ? __detach_mounts+0x2e0/0x2e0 [ 1270.566362] ? __do_page_fault+0x19a/0xb50 [ 1270.570767] ? do_syscall_64+0x4c/0x640 [ 1270.574721] ? SyS_newstat+0xe0/0xe0 [ 1270.578412] do_syscall_64+0x1d5/0x640 [ 1270.583154] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1270.588324] RIP: 0033:0x45be85 [ 1270.591492] RSP: 002b:00007fff6e714a38 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 1270.599527] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045be85 [ 1270.606790] RDX: 00007fff6e714a50 RSI: 00007fff6e714a50 RDI: 00007fff6e714ae0 [ 1270.615257] RBP: 0000000000001a69 R08: 0000000000000000 R09: 0000000000000011 [ 1270.622506] R10: 000000000000000a R11: 0000000000000246 R12: 00007fff6e715b70 [ 1270.629755] R13: 0000000002989940 R14: 0000000000000000 R15: 00007fff6e715b70 [ 1271.159386] Mem-Info: [ 1271.165301] active_anon:1299584 inactive_anon:4317 isolated_anon:0 [ 1271.165301] active_file:1134 inactive_file:1181 isolated_file:96 [ 1271.165301] unevictable:0 dirty:1198 writeback:0 unstable:0 [ 1271.165301] slab_reclaimable:16806 slab_unreclaimable:132559 [ 1271.165301] mapped:54351 shmem:4492 pagetables:33451 bounce:0 [ 1271.165301] free:24054 free_pcp:45 free_cma:0 [ 1271.376278] Node 0 active_anon:1904588kB inactive_anon:16120kB active_file:972kB inactive_file:852kB unevictable:0kB isolated(anon):0kB isolated(file):112kB mapped:213700kB dirty:1844kB writeback:0kB shmem:16780kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 663552kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1271.499997] Node 1 active_anon:3296552kB inactive_anon:1148kB active_file:1324kB inactive_file:2860kB unevictable:0kB isolated(anon):0kB isolated(file):368kB mapped:1512kB dirty:2948kB writeback:0kB shmem:1188kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1271.582226] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1271.644436] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1271.658634] Node 0 DMA32 free:32176kB min:36296kB low:45368kB high:54440kB active_anon:1899172kB inactive_anon:16120kB active_file:1064kB inactive_file:728kB unevictable:0kB writepending:1832kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9728kB pagetables:56312kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1271.743454] lowmem_reserve[]: 0 0 0 0 0 [ 1271.753869] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1271.811524] lowmem_reserve[]: 0 0 0 0 0 [ 1271.821551] Node 1 Normal free:54560kB min:53592kB low:66988kB high:80384kB active_anon:3296272kB inactive_anon:1148kB active_file:2012kB inactive_file:1332kB unevictable:0kB writepending:2896kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33248kB pagetables:77468kB bounce:0kB free_pcp:712kB local_pcp:68kB free_cma:0kB [ 1271.894308] lowmem_reserve[]: 0 0 0 0 0 [ 1271.906825] Node 0 DMA: 3*4kB (UME) 6*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1271.948929] Node 0 DMA32: 2408*4kB (UME) 654*8kB (UME) 357*16kB (UME) 195*32kB (UME) 5*64kB (UME) 2*128kB (M) 1*256kB (M) 1*512kB (M) 0*1024kB 2*2048kB (M) 0*4096kB = 32256kB [ 1271.997235] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1272.023471] Node 1 Normal: 128*4kB (UME) 338*8kB (UMH) 454*16kB (UME) 244*32kB (UM) 42*64kB (UME) 16*128kB (UM) 30*256kB (UME) 27*512kB (UM) 10*1024kB (ME) 0*2048kB 0*4096kB = 54768kB [ 1272.071046] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1272.124618] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1272.145678] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1272.155072] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1272.164264] 5787 total pagecache pages [ 1272.168917] 0 pages in swap cache [ 1272.172751] Swap cache stats: add 0, delete 0, find 0/0 [ 1272.178680] Free swap = 0kB [ 1272.182352] Total swap = 0kB [ 1272.186407] 1965979 pages RAM [ 1272.189678] 0 pages HighMem/MovableOnly [ 1272.193733] 338455 pages reserved [ 1272.197263] 0 pages cma reserved [ 1272.200674] Out of memory: Kill process 21969 (syz-executor.5) score 1007 or sacrifice child 19:23:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) 19:23:03 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1282.503713] systemd-udevd invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=-1000 [ 1282.525005] systemd-udevd cpuset=/ mems_allowed=0-1 [ 1282.530205] CPU: 0 PID: 3641 Comm: systemd-udevd Not tainted 4.14.182-syzkaller #0 [ 1282.538527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1282.548209] Call Trace: [ 1282.551002] dump_stack+0x1b2/0x283 [ 1282.554727] dump_header+0x178/0x7aa [ 1282.558723] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1282.563918] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1282.569215] ? ___ratelimit+0x2cd/0x522 [ 1282.573192] oom_kill_process.cold+0x10/0xc16 [ 1282.577708] ? lock_downgrade+0x6e0/0x6e0 [ 1282.582288] out_of_memory+0x2d5/0x10f0 [ 1282.586264] ? oom_killer_disable+0x1c0/0x1c0 [ 1282.590753] ? mutex_trylock+0x152/0x1a0 [ 1282.594809] __alloc_pages_nodemask+0x2556/0x2730 [ 1282.599662] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1282.604498] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1282.609331] ? trace_hardirqs_on+0x10/0x10 [ 1282.613592] ? cache_grow_begin+0x3f/0x410 [ 1282.617825] cache_grow_begin+0x91/0x410 [ 1282.621881] fallback_alloc+0x205/0x2b0 [ 1282.625868] kmem_cache_alloc+0x1e5/0x3c0 [ 1282.630013] getname_flags+0xc8/0x550 [ 1282.633809] user_path_at_empty+0x2a/0x50 [ 1282.637952] vfs_statx+0xd1/0x160 [ 1282.641399] ? vfs_statx_fd+0x90/0x90 [ 1282.645193] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1282.649943] SyS_newlstat+0x83/0xe0 [ 1282.653561] ? SyS_newstat+0xe0/0xe0 [ 1282.657585] ? __secure_computing+0xe5/0x3e0 [ 1282.661992] ? syscall_trace_enter+0x486/0xc20 [ 1282.666574] ? syscall_slow_exit_work+0x560/0x560 [ 1282.671415] ? do_syscall_64+0x4c/0x640 [ 1282.675382] ? SyS_newstat+0xe0/0xe0 [ 1282.679088] do_syscall_64+0x1d5/0x640 [ 1282.682974] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1282.688162] RIP: 0033:0x7f04fa294335 [ 1282.691862] RSP: 002b:00007ffc616a4bd8 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 1282.699567] RAX: ffffffffffffffda RBX: 000055fc7dd36ed0 RCX: 00007f04fa294335 [ 1282.706828] RDX: 00007ffc616a4c10 RSI: 00007ffc616a4c10 RDI: 000055fc7dd35ed0 [ 1282.714089] RBP: 00007ffc616a4cd0 R08: 00007f04fa553178 R09: 0000000000001010 [ 1282.721349] R10: 00007f04fa552b58 R11: 0000000000000246 R12: 000055fc7dd35ed0 [ 1282.728726] R13: 000055fc7dd35edc R14: 000055fc7dc82505 R15: 000055fc7dc8250c [ 1282.911439] Mem-Info: [ 1282.919947] active_anon:1300301 inactive_anon:4317 isolated_anon:0 [ 1282.919947] active_file:650 inactive_file:577 isolated_file:92 [ 1282.919947] unevictable:0 dirty:1189 writeback:2 unstable:0 [ 1282.919947] slab_reclaimable:16801 slab_unreclaimable:132402 [ 1282.919947] mapped:53449 shmem:4492 pagetables:33498 bounce:0 [ 1282.919947] free:24600 free_pcp:121 free_cma:0 [ 1282.971307] Node 0 active_anon:1904588kB inactive_anon:16120kB active_file:988kB inactive_file:856kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213624kB dirty:1828kB writeback:4kB shmem:16780kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 663552kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1283.038381] Node 1 active_anon:3292588kB inactive_anon:1148kB active_file:2028kB inactive_file:2084kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:648kB dirty:2972kB writeback:0kB shmem:1188kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1283.073962] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1283.130799] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1283.175863] Node 0 DMA32 free:31852kB min:36296kB low:45368kB high:54440kB active_anon:1899168kB inactive_anon:16120kB active_file:1108kB inactive_file:964kB unevictable:0kB writepending:1828kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9728kB pagetables:56312kB bounce:0kB free_pcp:336kB local_pcp:216kB free_cma:0kB [ 1283.221674] lowmem_reserve[]: 0 0 0 0 0 [ 1283.245519] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1283.373491] lowmem_reserve[]: 0 0 0 0 0 [ 1283.382015] Node 1 Normal free:54004kB min:53592kB low:66988kB high:80384kB active_anon:3292572kB inactive_anon:1148kB active_file:3212kB inactive_file:5068kB unevictable:0kB writepending:2936kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33216kB pagetables:77656kB bounce:0kB free_pcp:1300kB local_pcp:624kB free_cma:0kB 19:23:15 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) [ 1283.520252] lowmem_reserve[]: 0 0 0 0 0 [ 1283.524288] Node 0 DMA: 3*4kB (UME) 6*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1283.600265] Node 0 DMA32: 2259*4kB (UMEH) 651*8kB (UME) 352*16kB (UME) 194*32kB (UME) 5*64kB (UME) 2*128kB (M) 1*256kB (M) 1*512kB (M) 0*1024kB 2*2048kB (M) 0*4096kB = 31524kB [ 1283.681682] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1283.704858] Node 1 Normal: 265*4kB (UM) 303*8kB (UM) 430*16kB (UME) 253*32kB (UM) 46*64kB (UME) 17*128kB (UM) 29*256kB (UM) 27*512kB (UM) 10*1024kB (ME) 0*2048kB 0*4096kB = 55068kB [ 1283.734041] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1283.745869] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1283.755002] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1283.763848] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1283.777310] 6703 total pagecache pages [ 1283.781291] 0 pages in swap cache [ 1283.785059] Swap cache stats: add 0, delete 0, find 0/0 [ 1283.790645] Free swap = 0kB [ 1283.793656] Total swap = 0kB [ 1283.797098] 1965979 pages RAM [ 1283.800206] 0 pages HighMem/MovableOnly [ 1283.804171] 338455 pages reserved [ 1283.808396] 0 pages cma reserved [ 1283.811998] Out of memory: Kill process 11354 (syz-executor.3) score 1007 or sacrifice child [ 1283.821011] Killed process 11354 (syz-executor.3) total-vm:75236kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB [ 1283.904560] oom_reaper: reaped process 11354 (syz-executor.3), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:23:15 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:16 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:16 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:16 executing program 0: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:16 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) [ 1284.873458] systemd-udevd invoked oom-killer: gfp_mask=0x14201ca(GFP_HIGHUSER_MOVABLE|__GFP_COLD), nodemask=(null), order=0, oom_score_adj=-1000 [ 1284.908419] systemd-udevd cpuset=/ mems_allowed=0-1 [ 1284.935320] CPU: 1 PID: 3641 Comm: systemd-udevd Not tainted 4.14.182-syzkaller #0 [ 1284.943204] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1284.952556] Call Trace: [ 1284.955146] dump_stack+0x1b2/0x283 [ 1284.958769] dump_header+0x178/0x7aa [ 1284.962461] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1284.967458] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1284.972568] ? ___ratelimit+0x2cd/0x522 [ 1284.976525] oom_kill_process.cold+0x10/0xc16 [ 1284.980998] ? lock_downgrade+0x6e0/0x6e0 [ 1284.985152] out_of_memory+0x2d5/0x10f0 [ 1284.989120] ? oom_killer_disable+0x1c0/0x1c0 [ 1284.993604] ? mutex_trylock+0x152/0x1a0 [ 1284.997646] __alloc_pages_nodemask+0x2556/0x2730 [ 1285.002487] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1285.007307] ? trace_hardirqs_on+0x10/0x10 [ 1285.011522] ? find_get_entry+0x31b/0x660 [ 1285.015659] alloc_pages_current+0xe7/0x1e0 [ 1285.019967] __page_cache_alloc+0x243/0x3c0 [ 1285.024268] filemap_fault+0xd42/0x18f0 [ 1285.028226] ext4_filemap_fault+0x84/0xb0 [ 1285.032351] __do_fault+0xfa/0x380 [ 1285.035869] __handle_mm_fault+0x2055/0x3700 [ 1285.040256] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1285.044997] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1285.049738] handle_mm_fault+0x306/0x794 [ 1285.053792] __do_page_fault+0x578/0xb50 [ 1285.057836] ? mm_fault_error+0x2c0/0x2c0 [ 1285.061965] ? do_page_fault+0x60/0x4f2 [ 1285.066022] ? page_fault+0x2f/0x50 [ 1285.069671] page_fault+0x45/0x50 [ 1285.073123] RIP: ffffff9c:0x7ffc616a4ce0 19:23:17 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:17 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:23:17 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) 19:23:17 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) 19:23:17 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={0x0, 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1285.077169] RSP: 7dc73980:0000000000000064 EFLAGS: 55fc7dc73a70 [ 1285.170309] Mem-Info: [ 1285.180347] active_anon:1295198 inactive_anon:4317 isolated_anon:0 [ 1285.180347] active_file:1048 inactive_file:2091 isolated_file:79 [ 1285.180347] unevictable:0 dirty:1203 writeback:0 unstable:0 [ 1285.180347] slab_reclaimable:16862 slab_unreclaimable:132779 [ 1285.180347] mapped:54850 shmem:4492 pagetables:33440 bounce:0 [ 1285.180347] free:26904 free_pcp:592 free_cma:0 [ 1285.250488] Node 0 active_anon:1888380kB inactive_anon:16120kB active_file:3704kB inactive_file:7776kB unevictable:0kB isolated(anon):0kB isolated(file):324kB mapped:220828kB dirty:1856kB writeback:0kB shmem:16780kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 647168kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1285.282192] Node 1 active_anon:3292412kB inactive_anon:1148kB active_file:1012kB inactive_file:1864kB unevictable:0kB isolated(anon):0kB isolated(file):236kB mapped:172kB dirty:2956kB writeback:0kB shmem:1188kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1285.366659] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1285.395404] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1285.400970] Node 0 DMA32 free:36128kB min:36296kB low:45368kB high:54440kB active_anon:1883464kB inactive_anon:16120kB active_file:4368kB inactive_file:6532kB unevictable:0kB writepending:1856kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9824kB pagetables:56396kB bounce:0kB free_pcp:744kB local_pcp:260kB free_cma:0kB [ 1285.717421] lowmem_reserve[]: 0 0 0 0 0 [ 1285.737070] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1285.893476] lowmem_reserve[]: 0 0 0 0 0 [ 1285.901885] Node 1 Normal free:40104kB min:53592kB low:66988kB high:80384kB active_anon:3314304kB inactive_anon:1148kB active_file:1768kB inactive_file:1756kB unevictable:0kB writepending:2956kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33440kB pagetables:77488kB bounce:0kB free_pcp:24kB local_pcp:0kB free_cma:0kB [ 1285.996435] lowmem_reserve[]: 0 0 0 0 0 [ 1286.005720] Node 0 DMA: 3*4kB (UME) 6*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1286.041273] Node 0 DMA32: 2149*4kB (UME) 637*8kB (UME) 362*16kB (UME) 197*32kB (UME) 4*64kB (UME) 1*128kB (M) 0*256kB 1*512kB (M) 2*1024kB (M) 1*2048kB (M) 0*4096kB = 30780kB [ 1286.077772] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1286.118433] Node 1 Normal: 96*4kB (UME) 126*8kB (UME) 137*16kB (UME) 95*32kB (UME) 36*64kB (UM) 14*128kB (UM) 19*256kB (UM) 28*512kB (UM) 10*1024kB (ME) 0*2048kB 0*4096kB = 40160kB [ 1286.222250] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1286.254373] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1286.263021] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1286.294926] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1286.303583] 6174 total pagecache pages [ 1286.336100] 0 pages in swap cache [ 1286.341704] Swap cache stats: add 0, delete 0, find 0/0 [ 1286.354518] Free swap = 0kB [ 1286.357628] Total swap = 0kB [ 1286.360641] 1965979 pages RAM [ 1286.363737] 0 pages HighMem/MovableOnly [ 1286.376291] 338455 pages reserved [ 1286.379760] 0 pages cma reserved [ 1286.383120] Out of memory: Kill process 13861 (syz-executor.4) score 1007 or sacrifice child [ 1286.414402] Killed process 13861 (syz-executor.4) total-vm:75236kB, anon-rss:16556kB, file-rss:34816kB, shmem-rss:0kB 19:23:18 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) 19:23:19 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:19 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={0x0, 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:19 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) 19:23:19 executing program 0: prlimit64(0x0, 0x0, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:19 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) [ 1287.492662] syz-executor.1 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1287.580579] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 1287.603458] CPU: 0 PID: 6353 Comm: syz-executor.1 Not tainted 4.14.182-syzkaller #0 [ 1287.611281] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1287.620634] Call Trace: [ 1287.623228] dump_stack+0x1b2/0x283 [ 1287.626861] dump_header+0x178/0x7aa [ 1287.630554] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1287.635550] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1287.640648] ? ___ratelimit+0x2cd/0x522 [ 1287.644621] oom_kill_process.cold+0x10/0xc16 [ 1287.649106] ? lock_downgrade+0x6e0/0x6e0 [ 1287.653238] out_of_memory+0x2d5/0x10f0 [ 1287.657210] ? oom_killer_disable+0x1c0/0x1c0 [ 1287.661688] ? mutex_trylock+0x152/0x1a0 [ 1287.665751] __alloc_pages_nodemask+0x2556/0x2730 [ 1287.670583] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1287.675425] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1287.680250] ? trace_hardirqs_on+0x10/0x10 [ 1287.684473] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1287.689404] ? cache_grow_begin+0x3f/0x410 [ 1287.693623] cache_grow_begin+0x91/0x410 [ 1287.697670] fallback_alloc+0x205/0x2b0 [ 1287.701629] kmem_cache_alloc+0x1e5/0x3c0 [ 1287.705759] getname_flags+0xc8/0x550 [ 1287.709542] user_path_mountpoint_at+0x23/0x40 [ 1287.714112] SyS_umount+0x11b/0xc00 [ 1287.717720] ? lock_downgrade+0x6e0/0x6e0 [ 1287.721850] ? __detach_mounts+0x2e0/0x2e0 [ 1287.726065] ? up_read+0x17/0x30 [ 1287.729411] ? __do_page_fault+0x19a/0xb50 [ 1287.733624] ? do_syscall_64+0x4c/0x640 [ 1287.737589] ? __detach_mounts+0x2e0/0x2e0 [ 1287.741815] do_syscall_64+0x1d5/0x640 [ 1287.745948] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1287.751116] RIP: 0033:0x45f497 [ 1287.754289] RSP: 002b:00007ffe15f67618 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1287.761975] RAX: ffffffffffffffda RBX: 000000000013a4ec RCX: 000000000045f497 [ 1287.769231] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe15f68750 [ 1287.776489] RBP: 00000000000012ae R08: 0000000000000001 R09: 00000000017b1940 [ 1287.783738] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe15f68750 [ 1287.790986] R13: 00007ffe15f68740 R14: 0000000000000000 R15: 00007ffe15f68750 [ 1287.852023] Mem-Info: [ 1287.863490] active_anon:1299133 inactive_anon:4311 isolated_anon:0 [ 1287.863490] active_file:922 inactive_file:1124 isolated_file:53 [ 1287.863490] unevictable:0 dirty:1210 writeback:1 unstable:0 [ 1287.863490] slab_reclaimable:17024 slab_unreclaimable:131902 [ 1287.863490] mapped:54355 shmem:4492 pagetables:33586 bounce:0 [ 1287.863490] free:24823 free_pcp:450 free_cma:0 [ 1287.935314] Node 0 active_anon:1890884kB inactive_anon:16112kB active_file:2600kB inactive_file:2536kB unevictable:0kB isolated(anon):0kB isolated(file):548kB mapped:216944kB dirty:1864kB writeback:0kB shmem:16780kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 651264kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1288.075089] Node 1 active_anon:3294496kB inactive_anon:1132kB active_file:1472kB inactive_file:1500kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:2968kB writeback:0kB shmem:1188kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1288.209762] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1288.294248] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1288.299316] Node 0 DMA32 free:41096kB min:36296kB low:45368kB high:54440kB active_anon:1885300kB inactive_anon:16112kB active_file:1612kB inactive_file:1824kB unevictable:0kB writepending:1856kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9760kB pagetables:56288kB bounce:0kB free_pcp:640kB local_pcp:356kB free_cma:0kB [ 1288.424183] lowmem_reserve[]: 0 0 0 0 0 [ 1288.428211] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1288.459453] lowmem_reserve[]: 0 0 0 0 0 [ 1288.472981] Node 1 Normal free:61512kB min:53592kB low:66988kB high:80384kB active_anon:3294496kB inactive_anon:1132kB active_file:1320kB inactive_file:1904kB unevictable:0kB writepending:2968kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33312kB pagetables:77900kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 1288.553724] lowmem_reserve[]: 0 0 0 0 0 [ 1288.562989] Node 0 DMA: 3*4kB (UME) 6*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1288.644215] Node 0 DMA32: 1821*4kB (UM) 606*8kB (UME) 402*16kB (UME) 234*32kB (UME) 16*64kB (UME) 10*128kB (M) 1*256kB (M) 3*512kB (M) 4*1024kB (M) 1*2048kB (M) 1*4096kB (M) = 40388kB [ 1288.704296] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1288.732004] Node 1 Normal: 831*4kB (UME) 587*8kB (UME) 442*16kB (UM) 262*32kB (UMEH) 57*64kB (UMEH) 27*128kB (UMH) 28*256kB (UME) 29*512kB (UME) 9*1024kB (M) 0*2048kB 0*4096kB = 61812kB 19:23:20 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) 19:23:20 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:20 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) [ 1288.840288] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1288.929960] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1288.963260] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1288.990425] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1289.017289] 6863 total pagecache pages 19:23:21 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={0x0, 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1289.049271] 0 pages in swap cache [ 1289.072598] Swap cache stats: add 0, delete 0, find 0/0 [ 1289.110355] Free swap = 0kB [ 1289.121608] Total swap = 0kB [ 1289.133387] 1965979 pages RAM [ 1289.144913] 0 pages HighMem/MovableOnly [ 1289.159263] 338455 pages reserved [ 1289.185087] 0 pages cma reserved [ 1289.310903] Out of memory: Kill process 22048 (syz-executor.1) score 1007 or sacrifice child [ 1289.455543] Killed process 22048 (syz-executor.1) total-vm:75368kB, anon-rss:16552kB, file-rss:34844kB, shmem-rss:0kB [ 1289.554687] oom_reaper: reaped process 22048 (syz-executor.1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:23:21 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:23:21 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:22 executing program 0: prlimit64(0x0, 0x0, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:22 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) 19:23:22 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:22 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:22 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:22 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) 19:23:22 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1291.270588] systemd-udevd invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1291.304182] systemd-udevd cpuset=/ mems_allowed=0-1 [ 1291.309256] CPU: 0 PID: 14436 Comm: systemd-udevd Not tainted 4.14.182-syzkaller #0 [ 1291.317051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1291.326476] Call Trace: [ 1291.329050] dump_stack+0x1b2/0x283 [ 1291.332657] dump_header+0x178/0x7aa [ 1291.336350] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1291.341345] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1291.346432] ? ___ratelimit+0x2cd/0x522 [ 1291.350503] oom_kill_process.cold+0x10/0xc16 [ 1291.354982] ? lock_acquire+0x170/0x3f0 [ 1291.359371] ? lock_downgrade+0x6e0/0x6e0 [ 1291.363500] out_of_memory+0x2d5/0x10f0 [ 1291.367461] ? oom_killer_disable+0x1c0/0x1c0 [ 1291.371937] ? mutex_trylock+0x152/0x1a0 [ 1291.375981] __alloc_pages_nodemask+0x2556/0x2730 [ 1291.380824] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1291.385651] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1291.390473] ? trace_hardirqs_on+0x10/0x10 [ 1291.394687] ? __lock_acquire+0x655/0x42a0 [ 1291.398903] ? cache_grow_begin+0x3f/0x410 [ 1291.403122] cache_grow_begin+0x91/0x410 [ 1291.407174] fallback_alloc+0x205/0x2b0 [ 1291.411128] kmem_cache_alloc+0x1e5/0x3c0 [ 1291.415258] getname_flags+0xc8/0x550 [ 1291.419038] do_sys_open+0x202/0x3e0 [ 1291.422727] ? filp_open+0x60/0x60 [ 1291.426246] ? do_syscall_64+0x4c/0x640 [ 1291.430195] ? do_sys_open+0x3e0/0x3e0 [ 1291.434063] do_syscall_64+0x1d5/0x640 [ 1291.437931] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1291.443097] RIP: 0033:0x7f04fa2946f0 [ 1291.446784] RSP: 002b:00007ffc616a4af8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 1291.454472] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f04fa2946f0 [ 1291.461717] RDX: 0000000000000180 RSI: 00000000000800c2 RDI: 000055fc7dc484b0 [ 1291.468966] RBP: 000000000003a2f8 R08: 000000000000feff R09: 0000000000000030 [ 1291.476212] R10: 0000000000000000 R11: 0000000000000246 R12: 000055fc7dc484c7 [ 1291.483459] R13: 8421084210842109 R14: 00000000000800c2 R15: 00007f04fa322540 [ 1291.676061] Mem-Info: [ 1291.678548] active_anon:1301917 inactive_anon:4313 isolated_anon:0 [ 1291.678548] active_file:800 inactive_file:792 isolated_file:74 [ 1291.678548] unevictable:0 dirty:1216 writeback:0 unstable:0 [ 1291.678548] slab_reclaimable:17184 slab_unreclaimable:131704 [ 1291.678548] mapped:53838 shmem:4492 pagetables:33602 bounce:0 [ 1291.678548] free:22650 free_pcp:100 free_cma:0 [ 1291.723961] Node 0 active_anon:1897304kB inactive_anon:16112kB active_file:1712kB inactive_file:1740kB unevictable:0kB isolated(anon):0kB isolated(file):196kB mapped:215100kB dirty:1892kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 645120kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1291.838074] Node 1 active_anon:3297240kB inactive_anon:1140kB active_file:1488kB inactive_file:1528kB unevictable:0kB isolated(anon):0kB isolated(file):100kB mapped:152kB dirty:2972kB writeback:0kB shmem:1192kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1291.874685] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1291.916018] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1291.922095] Node 0 DMA32 free:35808kB min:36296kB low:45368kB high:54440kB active_anon:1888788kB inactive_anon:16112kB active_file:800kB inactive_file:1644kB unevictable:0kB writepending:1892kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9792kB pagetables:56480kB bounce:0kB free_pcp:1480kB local_pcp:740kB free_cma:0kB [ 1292.011313] lowmem_reserve[]: 0 0 0 0 0 [ 1292.018326] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1292.083121] lowmem_reserve[]: 0 0 0 0 0 [ 1292.087227] Node 1 Normal free:59416kB min:53592kB low:66988kB high:80384kB active_anon:3297248kB inactive_anon:1144kB active_file:2432kB inactive_file:2040kB unevictable:0kB writepending:2980kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33184kB pagetables:77696kB bounce:0kB free_pcp:260kB local_pcp:84kB free_cma:0kB [ 1292.162581] lowmem_reserve[]: 0 0 0 0 0 [ 1292.178133] Node 0 DMA: 3*4kB (UME) 6*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1292.248684] Node 0 DMA32: 1708*4kB (UME) 691*8kB (UME) 356*16kB (UME) 198*32kB (UME) 6*64kB (UME) 3*128kB (M) 1*256kB (M) 3*512kB (M) 3*1024kB (M) 1*2048kB (M) 1*4096kB (M) = 36168kB [ 1292.282913] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1292.306155] Node 1 Normal: 187*4kB (UM) 438*8kB (UM) 439*16kB (UME) 268*32kB (UME) 65*64kB (UM) 33*128kB (UME) 29*256kB (UM) 31*512kB (UME) 9*1024kB (M) 0*2048kB 0*4096kB = 60748kB [ 1292.393941] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1292.402815] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1292.436902] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1292.456973] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1292.530689] 7163 total pagecache pages [ 1292.564109] 0 pages in swap cache [ 1292.567596] Swap cache stats: add 0, delete 0, find 0/0 [ 1292.613029] Free swap = 0kB [ 1292.616620] Total swap = 0kB [ 1292.619641] 1965979 pages RAM [ 1292.622743] 0 pages HighMem/MovableOnly [ 1292.653945] 338455 pages reserved [ 1292.657420] 0 pages cma reserved [ 1292.660777] Out of memory: Kill process 22117 (syz-executor.1) score 1007 or sacrifice child [ 1292.713922] Killed process 22117 (syz-executor.1) total-vm:75368kB, anon-rss:16552kB, file-rss:34832kB, shmem-rss:0kB [ 1292.771282] oom_reaper: reaped process 22117 (syz-executor.1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:23:25 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) 19:23:25 executing program 0: prlimit64(0x0, 0x0, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:25 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:25 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) 19:23:25 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00'], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:26 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:26 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1294.066315] kworker/u4:2 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1294.150281] kworker/u4:2 cpuset=/ mems_allowed=0-1 [ 1294.177162] CPU: 1 PID: 22197 Comm: kworker/u4:2 Not tainted 4.14.182-syzkaller #0 [ 1294.184911] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1294.194283] Call Trace: [ 1294.196880] dump_stack+0x1b2/0x283 [ 1294.200509] dump_header+0x178/0x7aa [ 1294.204220] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1294.209236] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1294.214338] ? ___ratelimit+0x2cd/0x522 [ 1294.218313] oom_kill_process.cold+0x10/0xc16 [ 1294.222824] ? lock_downgrade+0x6e0/0x6e0 [ 1294.226974] out_of_memory+0x2d5/0x10f0 [ 1294.230955] ? oom_killer_disable+0x1c0/0x1c0 [ 1294.235447] ? mutex_trylock+0x152/0x1a0 [ 1294.239518] __alloc_pages_nodemask+0x2556/0x2730 [ 1294.244379] ? __schedule+0x8ae/0x1d70 [ 1294.248292] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1294.253160] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1294.257923] ? retint_kernel+0x2d/0x2d [ 1294.261829] cache_grow_begin+0x91/0x410 [ 1294.265890] fallback_alloc+0x205/0x2b0 [ 1294.269866] kmem_cache_alloc+0x1e5/0x3c0 [ 1294.274012] getname_kernel+0x4e/0x340 [ 1294.277900] call_usermodehelper_exec_async+0x27b/0x4c0 [ 1294.283256] ? umh_complete+0x80/0x80 [ 1294.287056] ret_from_fork+0x24/0x30 19:23:26 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) [ 1294.522572] Mem-Info: [ 1294.529388] active_anon:1294628 inactive_anon:4316 isolated_anon:0 [ 1294.529388] active_file:1113 inactive_file:1158 isolated_file:97 [ 1294.529388] unevictable:0 dirty:1246 writeback:0 unstable:0 [ 1294.529388] slab_reclaimable:17299 slab_unreclaimable:131736 [ 1294.529388] mapped:54245 shmem:4492 pagetables:33610 bounce:0 [ 1294.529388] free:29030 free_pcp:267 free_cma:0 19:23:26 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) [ 1294.564052] Node 0 active_anon:1879860kB inactive_anon:16120kB active_file:3928kB inactive_file:3108kB unevictable:0kB isolated(anon):0kB isolated(file):260kB mapped:217572kB dirty:1980kB writeback:0kB shmem:16784kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 641024kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1294.634574] Node 1 active_anon:3298752kB inactive_anon:1144kB active_file:1596kB inactive_file:1456kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:3004kB writeback:0kB shmem:1184kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1294.734113] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1294.765499] lowmem_reserve[]: 0 2559 2559 2559 2559 19:23:26 executing program 0: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1294.814279] Node 0 DMA32 free:42288kB min:36296kB low:45368kB high:54440kB active_anon:1876144kB inactive_anon:16120kB active_file:4020kB inactive_file:4160kB unevictable:0kB writepending:1980kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9824kB pagetables:56704kB bounce:0kB free_pcp:836kB local_pcp:536kB free_cma:0kB [ 1294.929614] lowmem_reserve[]: 0 0 0 0 0 [ 1294.944588] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 19:23:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1295.014166] lowmem_reserve[]: 0 0 0 0 0 [ 1295.036965] Node 1 Normal free:57800kB min:53592kB low:66988kB high:80384kB active_anon:3298668kB inactive_anon:1144kB active_file:1504kB inactive_file:1396kB unevictable:0kB writepending:3008kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33504kB pagetables:77696kB bounce:0kB free_pcp:748kB local_pcp:664kB free_cma:0kB 19:23:27 executing program 0: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:27 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1295.172356] lowmem_reserve[]: 0 0 0 0 0 [ 1295.178071] Node 0 DMA: 3*4kB (UME) 6*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB 19:23:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1295.259704] Node 0 DMA32: 1243*4kB (UME) 420*8kB (UE) 245*16kB (UM) 162*32kB (UE) 4*64kB (UME) 0*128kB 1*256kB (M) 1*512kB (M) 1*1024kB (M) 4*2048kB (M) 3*4096kB (M) = 39964kB [ 1295.277891] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 19:23:27 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) [ 1295.334036] Node 1 Normal: 430*4kB (UME) 362*8kB (UMEH) 288*16kB (UME) 233*32kB (UMEH) 69*64kB (UME) 36*128kB (UME) 31*256kB (UME) 31*512kB (UM) 9*1024kB (M) 0*2048kB 0*4096kB = 58728kB [ 1295.368222] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB 19:23:27 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1295.446722] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1295.468606] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1295.514357] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1295.532930] 7017 total pagecache pages [ 1295.537042] 0 pages in swap cache [ 1295.540498] Swap cache stats: add 0, delete 0, find 0/0 [ 1295.573782] Free swap = 0kB [ 1295.576860] Total swap = 0kB [ 1295.579872] 1965979 pages RAM [ 1295.582966] 0 pages HighMem/MovableOnly [ 1295.603997] 338455 pages reserved [ 1295.611436] 0 pages cma reserved [ 1295.625327] Out of memory: Kill process 14291 (syz-executor.4) score 1007 or sacrifice child [ 1295.648756] Killed process 14291 (syz-executor.4) total-vm:75236kB, anon-rss:16556kB, file-rss:34816kB, shmem-rss:0kB [ 1295.711517] oom_reaper: reaped process 14291 (syz-executor.4), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:23:30 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) 19:23:30 executing program 0: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:30 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:30 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:30 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) 19:23:30 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:30 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:30 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:31 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:36 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) 19:23:37 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:42 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r1, &(0x7f0000000080)={0x10}, 0x10) 19:23:44 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, 0x0, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:47 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1319.100991] syz-executor.3 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1319.113162] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 1319.118304] CPU: 0 PID: 6354 Comm: syz-executor.3 Not tainted 4.14.182-syzkaller #0 [ 1319.126091] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1319.135446] Call Trace: [ 1319.138045] dump_stack+0x1b2/0x283 [ 1319.141675] dump_header+0x178/0x7aa [ 1319.145385] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1319.150397] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1319.155498] ? ___ratelimit+0x2cd/0x522 [ 1319.159477] oom_kill_process.cold+0x10/0xc16 [ 1319.163971] ? lock_downgrade+0x6e0/0x6e0 [ 1319.168119] out_of_memory+0x2d5/0x10f0 [ 1319.172094] ? oom_killer_disable+0x1c0/0x1c0 [ 1319.176582] ? mutex_trylock+0x152/0x1a0 [ 1319.180641] __alloc_pages_nodemask+0x2556/0x2730 [ 1319.185494] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1319.190333] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1319.195172] ? trace_hardirqs_on+0x10/0x10 [ 1319.199404] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1319.204247] ? cache_grow_begin+0x3f/0x410 [ 1319.208481] cache_grow_begin+0x91/0x410 [ 1319.212539] fallback_alloc+0x205/0x2b0 [ 1319.216509] kmem_cache_alloc+0x1e5/0x3c0 [ 1319.220655] getname_flags+0xc8/0x550 [ 1319.224458] user_path_mountpoint_at+0x23/0x40 [ 1319.229033] SyS_umount+0x11b/0xc00 [ 1319.232653] ? lock_downgrade+0x6e0/0x6e0 [ 1319.236793] ? __detach_mounts+0x2e0/0x2e0 [ 1319.241049] ? up_read+0x17/0x30 [ 1319.244407] ? __do_page_fault+0x19a/0xb50 [ 1319.248635] ? do_syscall_64+0x4c/0x640 [ 1319.252601] ? __detach_mounts+0x2e0/0x2e0 [ 1319.256829] do_syscall_64+0x1d5/0x640 [ 1319.260715] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1319.265894] RIP: 0033:0x45f497 [ 1319.269072] RSP: 002b:00007ffe89bda278 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1319.276779] RAX: ffffffffffffffda RBX: 0000000000141729 RCX: 000000000045f497 [ 1319.284042] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe89bdb3b0 [ 1319.291307] RBP: 00000000000014f9 R08: 0000000000000001 R09: 000000000272a940 [ 1319.298575] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe89bdb3b0 [ 1319.305844] R13: 00007ffe89bdb3a0 R14: 0000000000000000 R15: 00007ffe89bdb3b0 [ 1319.352628] Mem-Info: [ 1319.376628] active_anon:1300201 inactive_anon:4316 isolated_anon:0 [ 1319.376628] active_file:632 inactive_file:635 isolated_file:64 [ 1319.376628] unevictable:0 dirty:1233 writeback:0 unstable:0 [ 1319.376628] slab_reclaimable:17258 slab_unreclaimable:131377 [ 1319.376628] mapped:53499 shmem:4492 pagetables:33682 bounce:0 [ 1319.376628] free:24961 free_pcp:101 free_cma:0 [ 1319.417576] Node 0 active_anon:1895024kB inactive_anon:16144kB active_file:1128kB inactive_file:872kB unevictable:0kB isolated(anon):0kB isolated(file):112kB mapped:213796kB dirty:1932kB writeback:0kB shmem:16808kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 634880kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1319.450992] Node 1 active_anon:3305780kB inactive_anon:1120kB active_file:1636kB inactive_file:1868kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:300kB dirty:3000kB writeback:0kB shmem:1160kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1319.538776] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1319.593838] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1319.601141] Node 0 DMA32 free:35856kB min:36296kB low:45368kB high:54440kB active_anon:1889608kB inactive_anon:16144kB active_file:1016kB inactive_file:856kB unevictable:0kB writepending:1932kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9824kB pagetables:56892kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1319.668888] lowmem_reserve[]: 0 0 0 0 0 [ 1319.675708] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1319.768042] lowmem_reserve[]: 0 0 0 0 0 [ 1319.794010] Node 1 Normal free:53860kB min:53592kB low:66988kB high:80384kB active_anon:3305780kB inactive_anon:1120kB active_file:1392kB inactive_file:1892kB unevictable:0kB writepending:3000kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33408kB pagetables:77812kB bounce:0kB free_pcp:296kB local_pcp:236kB free_cma:0kB [ 1319.884893] lowmem_reserve[]: 0 0 0 0 0 [ 1319.888957] Node 0 DMA: 3*4kB (UME) 6*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1319.931347] Node 0 DMA32: 1855*4kB (UME) 710*8kB (UME) 344*16kB (UME) 204*32kB (UME) 11*64kB (UM) 3*128kB (M) 0*256kB 1*512kB (M) 1*1024kB (M) 0*2048kB 2*4096kB (ME) = 35948kB [ 1319.951850] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1319.966600] Node 1 Normal: 9*4kB (UME) 602*8kB (UM) 185*16kB (UME) 202*32kB (UM) 29*64kB (ME) 36*128kB (UME) 32*256kB (UME) 31*512kB (UM) 9*1024kB (M) 0*2048kB 0*4096kB = 54020kB [ 1319.987304] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1319.997101] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1320.112587] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1320.121465] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1320.177965] 6721 total pagecache pages [ 1320.243013] 0 pages in swap cache [ 1320.278248] Swap cache stats: add 0, delete 0, find 0/0 [ 1320.309250] Free swap = 0kB [ 1320.320061] Total swap = 0kB [ 1320.342304] 1965979 pages RAM [ 1320.392234] 0 pages HighMem/MovableOnly [ 1320.396225] 338455 pages reserved [ 1320.399670] 0 pages cma reserved [ 1320.433960] Out of memory: Kill process 14458 (syz-executor.4) score 1007 or sacrifice child [ 1320.467232] Killed process 14458 (syz-executor.4) total-vm:75236kB, anon-rss:16556kB, file-rss:34816kB, shmem-rss:0kB 19:23:52 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r1, &(0x7f0000000080)={0x10}, 0x10) 19:23:52 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) 19:23:52 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:53 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a310000000024000780080001000600000008000400010000000800010004000000080002"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:53 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:53 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r1, &(0x7f0000000080)={0x10}, 0x10) [ 1321.468136] syz-executor.5 invoked oom-killer: gfp_mask=0x15080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=1000 [ 1321.591837] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 1321.616979] CPU: 0 PID: 22375 Comm: syz-executor.5 Not tainted 4.14.182-syzkaller #0 [ 1321.626107] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1321.635466] Call Trace: [ 1321.638062] dump_stack+0x1b2/0x283 [ 1321.641692] dump_header+0x178/0x7aa [ 1321.645385] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1321.650384] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1321.655488] ? ___ratelimit+0x2cd/0x522 [ 1321.660068] oom_kill_process.cold+0x10/0xc16 [ 1321.664546] ? lock_downgrade+0x6e0/0x6e0 [ 1321.668676] out_of_memory+0x2d5/0x10f0 [ 1321.672635] ? oom_killer_disable+0x1c0/0x1c0 [ 1321.677228] ? mutex_trylock+0x152/0x1a0 [ 1321.681277] __alloc_pages_nodemask+0x2556/0x2730 [ 1321.686128] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1321.690967] ? lock_downgrade+0x6e0/0x6e0 [ 1321.695165] ? drop_futex_key_refs.isra.0+0x17/0x80 [ 1321.700166] ? futex_wake+0x11b/0x3d0 [ 1321.703956] alloc_pages_current+0xe7/0x1e0 [ 1321.708265] pte_alloc_one+0x15/0x100 [ 1321.712052] __pte_alloc+0x21/0x280 [ 1321.715661] do_anonymous_page+0xdb1/0x17d0 [ 1321.719967] ? ___preempt_schedule+0x16/0x18 [ 1321.724361] ? finish_fault+0x290/0x290 [ 1321.728334] ? trace_hardirqs_on+0x10/0x10 [ 1321.732576] ? trace_hardirqs_on+0x10/0x10 [ 1321.736807] __handle_mm_fault+0x1c49/0x3700 [ 1321.741211] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1321.745956] handle_mm_fault+0x306/0x794 [ 1321.749998] __do_page_fault+0x578/0xb50 [ 1321.754041] ? mm_fault_error+0x2c0/0x2c0 [ 1321.758177] ? do_page_fault+0x60/0x4f2 [ 1321.762137] ? page_fault+0x2f/0x50 [ 1321.765744] page_fault+0x45/0x50 [ 1321.769193] RIP: 0000:0x863 [ 1321.772101] RSP: 78bf0c:000000000078bf00 EFLAGS: 00000064 [ 1322.196262] Mem-Info: [ 1322.208084] active_anon:1298560 inactive_anon:4314 isolated_anon:0 [ 1322.208084] active_file:1157 inactive_file:1311 isolated_file:29 [ 1322.208084] unevictable:0 dirty:1242 writeback:0 unstable:0 [ 1322.208084] slab_reclaimable:17217 slab_unreclaimable:132248 [ 1322.208084] mapped:54503 shmem:4492 pagetables:33678 bounce:0 [ 1322.208084] free:24839 free_pcp:7 free_cma:0 [ 1322.268220] Node 0 active_anon:1887428kB inactive_anon:16116kB active_file:3312kB inactive_file:2772kB unevictable:0kB isolated(anon):0kB isolated(file):420kB mapped:217812kB dirty:1936kB writeback:0kB shmem:16780kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 624640kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1322.359838] Node 1 active_anon:3306812kB inactive_anon:1140kB active_file:1516kB inactive_file:1500kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:3032kB writeback:0kB shmem:1188kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1322.448152] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1322.494556] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1322.499742] Node 0 DMA32 free:41392kB min:36296kB low:45368kB high:54440kB active_anon:1882012kB inactive_anon:16116kB active_file:1552kB inactive_file:1668kB unevictable:0kB writepending:1936kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9824kB pagetables:56944kB bounce:0kB free_pcp:128kB local_pcp:0kB free_cma:0kB [ 1322.543549] lowmem_reserve[]: 0 0 0 0 0 [ 1322.548075] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 19:23:54 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1322.633995] lowmem_reserve[]: 0 0 0 0 0 [ 1322.638023] Node 1 Normal free:50884kB min:53592kB low:66988kB high:80384kB active_anon:3306812kB inactive_anon:1140kB active_file:1520kB inactive_file:1476kB unevictable:0kB writepending:3032kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33344kB pagetables:77744kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1322.715866] lowmem_reserve[]: 0 0 0 0 0 [ 1322.719957] Node 0 DMA: 3*4kB (UME) 6*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1322.761099] Node 0 DMA32: 1786*4kB (UME) 718*8kB (UME) 378*16kB (UME) 230*32kB (UME) 31*64kB (UM) 12*128kB (M) 4*256kB (M) 1*512kB (M) 1*1024kB (M) 1*2048kB (M) 2*4096kB (ME) = 42616kB [ 1322.786384] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1322.810101] Node 1 Normal: 375*4kB (UME) 451*8kB (UMEH) 179*16kB (UMEH) 136*32kB (UMEH) 30*64kB (UM) 36*128kB (UMEH) 32*256kB (UME) 31*512kB (UM) 9*1024kB (M) 0*2048kB 0*4096kB = 52132kB [ 1322.845958] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1322.891725] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1322.900331] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1322.921822] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1322.930426] 6171 total pagecache pages [ 1322.934423] 0 pages in swap cache [ 1322.937870] Swap cache stats: add 0, delete 0, find 0/0 [ 1322.943549] Free swap = 0kB [ 1322.946580] Total swap = 0kB [ 1322.959314] 1965979 pages RAM [ 1322.971739] 0 pages HighMem/MovableOnly [ 1322.975730] 338455 pages reserved [ 1322.979173] 0 pages cma reserved [ 1322.988548] Out of memory: Kill process 22379 (syz-executor.1) score 1007 or sacrifice child [ 1323.011749] Killed process 22379 (syz-executor.1) total-vm:75368kB, anon-rss:15916kB, file-rss:34840kB, shmem-rss:0kB [ 1323.106201] oom_reaper: reaped process 22379 (syz-executor.1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:23:54 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:54 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:55 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:23:55 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a310000000024000780080001000600000008000400010000000800010004000000080002"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:56 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:23:56 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:56 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a310000000024000780080001000600000008000400010000000800010004000000080002"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:56 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:23:56 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:23:57 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r1, &(0x7f0000000080)={0x10}, 0x10) 19:23:57 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:23:57 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1329.069615] syz-executor.2 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1329.093394] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 1329.098567] CPU: 0 PID: 22431 Comm: syz-executor.2 Not tainted 4.14.182-syzkaller #0 [ 1329.106447] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1329.115893] Call Trace: [ 1329.118493] dump_stack+0x1b2/0x283 [ 1329.122118] dump_header+0x178/0x7aa [ 1329.125830] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1329.131894] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1329.136993] ? ___ratelimit+0x2cd/0x522 [ 1329.140965] oom_kill_process.cold+0x10/0xc16 [ 1329.145460] ? lock_downgrade+0x6e0/0x6e0 [ 1329.149695] out_of_memory+0x2d5/0x10f0 [ 1329.153674] ? oom_killer_disable+0x1c0/0x1c0 [ 1329.158169] ? mutex_trylock+0x152/0x1a0 [ 1329.162247] __alloc_pages_nodemask+0x2556/0x2730 [ 1329.167104] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1329.172474] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1329.178189] ? trace_hardirqs_on+0x10/0x10 [ 1329.182424] ? lock_acquire+0x170/0x3f0 [ 1329.186403] ? cache_grow_begin+0x3f/0x410 [ 1329.191328] cache_grow_begin+0x91/0x410 [ 1329.195388] fallback_alloc+0x205/0x2b0 [ 1329.199361] kmem_cache_alloc+0x1e5/0x3c0 [ 1329.203507] getname_flags+0xc8/0x550 [ 1329.207304] SyS_symlinkat+0x6d/0x1f0 [ 1329.211103] ? SyS_unlink+0x20/0x20 [ 1329.214724] ? __do_page_fault+0x19a/0xb50 [ 1329.219048] ? do_syscall_64+0x4c/0x640 [ 1329.223018] ? SyS_symlinkat+0x1f0/0x1f0 [ 1329.227162] do_syscall_64+0x1d5/0x640 [ 1329.231136] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1329.236316] RIP: 0033:0x45c7f7 [ 1329.239498] RSP: 002b:00007ffe569b9998 EFLAGS: 00000202 ORIG_RAX: 0000000000000058 [ 1329.247201] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045c7f7 [ 1329.254483] RDX: 00007ffe569b9a33 RSI: 00000000004c25b8 RDI: 00007ffe569b9a20 [ 1329.261759] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000013 [ 1329.269218] R10: 0000000000000075 R11: 0000000000000202 R12: 0000000000000000 [ 1329.277977] R13: 00007ffe569b99d0 R14: 0000000000000000 R15: 00007ffe569b99e0 [ 1329.293243] Mem-Info: [ 1329.295699] active_anon:1300483 inactive_anon:4317 isolated_anon:0 [ 1329.295699] active_file:717 inactive_file:577 isolated_file:32 [ 1329.295699] unevictable:0 dirty:1249 writeback:0 unstable:0 [ 1329.295699] slab_reclaimable:17176 slab_unreclaimable:131691 [ 1329.295699] mapped:53464 shmem:4492 pagetables:33815 bounce:0 [ 1329.295699] free:24569 free_pcp:0 free_cma:0 [ 1329.333838] Node 0 active_anon:1894912kB inactive_anon:16136kB active_file:1092kB inactive_file:856kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213856kB dirty:1968kB writeback:0kB shmem:16796kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 628736kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1329.367594] Node 1 active_anon:3307020kB inactive_anon:1132kB active_file:1724kB inactive_file:1484kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:3028kB writeback:0kB shmem:1172kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1329.395571] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1329.438174] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1329.443301] Node 0 DMA32 free:34480kB min:36296kB low:45368kB high:54440kB active_anon:1889496kB inactive_anon:16136kB active_file:1188kB inactive_file:872kB unevictable:0kB writepending:1968kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:9888kB pagetables:57020kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1329.477930] lowmem_reserve[]: 0 0 0 0 0 [ 1329.482049] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1329.507379] lowmem_reserve[]: 0 0 0 0 0 [ 1329.511417] Node 1 Normal free:53400kB min:53592kB low:66988kB high:80384kB active_anon:3307020kB inactive_anon:1132kB active_file:1656kB inactive_file:1516kB unevictable:0kB writepending:3028kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33504kB pagetables:78216kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1329.553723] lowmem_reserve[]: 0 0 0 0 0 [ 1329.557761] Node 0 DMA: 3*4kB (UME) 6*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1329.575966] Node 0 DMA32: 1467*4kB (UME) 503*8kB (UME) 341*16kB (UME) 232*32kB (UME) 27*64kB (UM) 15*128kB (M) 1*256kB (M) 1*512kB (M) 1*1024kB (M) 1*2048kB (M) 1*4096kB (E) = 34356kB [ 1329.593429] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1329.604210] Node 1 Normal: 52*4kB (UME) 215*8kB (UME) 289*16kB (UME) 216*32kB (UME) 30*64kB (UM) 37*128kB (UME) 32*256kB (UME) 31*512kB (UM) 9*1024kB (M) 0*2048kB 0*4096kB = 53400kB [ 1329.620852] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1329.629782] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1329.639375] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1329.648272] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1329.657066] 5762 total pagecache pages [ 1329.661515] 0 pages in swap cache [ 1329.664986] Swap cache stats: add 0, delete 0, find 0/0 [ 1329.670786] Free swap = 0kB [ 1329.673967] Total swap = 0kB [ 1329.677068] 1965979 pages RAM [ 1329.680172] 0 pages HighMem/MovableOnly [ 1329.699797] 338455 pages reserved [ 1329.704528] 0 pages cma reserved [ 1329.708602] Out of memory: Kill process 15621 (syz-executor.2) score 1007 or sacrifice child [ 1329.721811] Killed process 15621 (syz-executor.2) total-vm:75368kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB 19:24:02 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r1, &(0x7f0000000080)={0x10}, 0x10) 19:24:02 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:02 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:02 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:02 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:24:02 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:24:02 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:02 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:02 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r1, &(0x7f0000000080)={0x10}, 0x10) 19:24:02 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:24:02 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:02 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:02 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c000400"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) [ 1334.935396] syz-executor.3 invoked oom-killer: gfp_mask=0x14280ca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=1000 [ 1334.948692] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 1334.957477] CPU: 1 PID: 22494 Comm: syz-executor.3 Not tainted 4.14.182-syzkaller #0 [ 1334.965385] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1334.974738] Call Trace: [ 1334.978114] dump_stack+0x1b2/0x283 [ 1334.981741] dump_header+0x178/0x7aa [ 1334.985464] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1334.990488] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1334.996195] ? ___ratelimit+0x2cd/0x522 [ 1335.000176] oom_kill_process.cold+0x10/0xc16 [ 1335.004672] ? lock_downgrade+0x6e0/0x6e0 [ 1335.008832] out_of_memory+0x2d5/0x10f0 [ 1335.012810] ? oom_killer_disable+0x1c0/0x1c0 [ 1335.018169] ? mutex_trylock+0x152/0x1a0 [ 1335.022229] __alloc_pages_nodemask+0x2556/0x2730 [ 1335.027179] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1335.032806] ? __anon_vma_prepare+0x172/0x370 [ 1335.037313] ? anon_vma_interval_tree_insert+0x20a/0x3c0 [ 1335.042766] alloc_pages_vma+0xc1/0x4b0 [ 1335.046749] do_anonymous_page+0x6cd/0x17d0 [ 1335.051083] ? finish_fault+0x290/0x290 [ 1335.055053] ? trace_hardirqs_on+0x10/0x10 [ 1335.059386] ? trace_hardirqs_on+0x10/0x10 [ 1335.063711] __handle_mm_fault+0x1c49/0x3700 [ 1335.068125] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1335.072892] handle_mm_fault+0x306/0x794 [ 1335.076952] __do_page_fault+0x578/0xb50 [ 1335.081014] ? mm_fault_error+0x2c0/0x2c0 [ 1335.087417] ? do_page_fault+0x60/0x4f2 [ 1335.091390] ? page_fault+0x2f/0x50 [ 1335.095011] page_fault+0x45/0x50 [ 1335.098468] RIP: 559c3700:0xc7e [ 1335.101737] RSP: 20000:00007ffe89bdb1a0 EFLAGS: 7ffe89bdb2a0 [ 1335.115142] Mem-Info: [ 1335.123564] active_anon:1301555 inactive_anon:4317 isolated_anon:0 [ 1335.123564] active_file:713 inactive_file:604 isolated_file:32 [ 1335.123564] unevictable:0 dirty:1259 writeback:0 unstable:0 [ 1335.123564] slab_reclaimable:17282 slab_unreclaimable:131641 [ 1335.123564] mapped:53472 shmem:4492 pagetables:33926 bounce:0 [ 1335.123564] free:23226 free_pcp:38 free_cma:0 [ 1335.165761] Node 0 active_anon:1899368kB inactive_anon:16136kB active_file:1132kB inactive_file:904kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213888kB dirty:1980kB writeback:0kB shmem:16796kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 634880kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1335.196927] Node 1 active_anon:3306852kB inactive_anon:1132kB active_file:1628kB inactive_file:1500kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:3056kB writeback:0kB shmem:1172kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1335.226793] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1335.255491] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1335.260533] Node 0 DMA32 free:28960kB min:36296kB low:45368kB high:54440kB active_anon:1893952kB inactive_anon:16136kB active_file:1132kB inactive_file:940kB unevictable:0kB writepending:1980kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10016kB pagetables:56960kB bounce:0kB free_pcp:116kB local_pcp:8kB free_cma:0kB [ 1335.291283] lowmem_reserve[]: 0 0 0 0 0 [ 1335.295733] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1335.321918] lowmem_reserve[]: 0 0 0 0 0 [ 1335.326286] Node 1 Normal free:53548kB min:53592kB low:66988kB high:80384kB active_anon:3306852kB inactive_anon:1132kB active_file:1628kB inactive_file:1500kB unevictable:0kB writepending:3056kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33408kB pagetables:78720kB bounce:0kB free_pcp:32kB local_pcp:32kB free_cma:0kB [ 1335.366992] lowmem_reserve[]: 0 0 0 0 0 [ 1335.385191] Node 0 DMA: 3*4kB (UME) 6*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1335.409923] Node 0 DMA32: 1406*4kB (UME) 1375*8kB (UME) 289*16kB (UME) 167*32kB (UME) 3*64kB (UM) 3*128kB (M) 1*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 28960kB [ 1335.437065] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1335.455222] Node 1 Normal: 35*4kB (UME) 148*8kB (UME) 92*16kB (UME) 171*32kB (UME) 38*64kB (UM) 47*128kB (UME) 40*256kB (UME) 32*512kB (UM) 10*1024kB (M) 0*2048kB 0*4096kB = 53580kB [ 1335.483417] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1335.497764] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1335.508166] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1335.529174] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1335.542963] 5777 total pagecache pages [ 1335.547636] 0 pages in swap cache [ 1335.553515] Swap cache stats: add 0, delete 0, find 0/0 [ 1335.559885] Free swap = 0kB [ 1335.563854] Total swap = 0kB [ 1335.566971] 1965979 pages RAM [ 1335.570252] 0 pages HighMem/MovableOnly [ 1335.578225] 338455 pages reserved [ 1335.581816] 0 pages cma reserved [ 1335.585459] Out of memory: Kill process 18082 (syz-executor.4) score 1007 or sacrifice child [ 1335.607716] Killed process 18082 (syz-executor.4) total-vm:75236kB, anon-rss:16556kB, file-rss:34816kB, shmem-rss:0kB 19:24:08 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c000400"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1342.876705] syz-fuzzer invoked oom-killer: gfp_mask=0x14201ca(GFP_HIGHUSER_MOVABLE|__GFP_COLD), nodemask=(null), order=0, oom_score_adj=0 [ 1342.896279] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1342.904031] CPU: 1 PID: 6326 Comm: syz-fuzzer Not tainted 4.14.182-syzkaller #0 [ 1342.911924] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1342.929277] Call Trace: [ 1342.931922] dump_stack+0x1b2/0x283 [ 1342.935568] dump_header+0x178/0x7aa [ 1342.939288] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1342.944315] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1342.949431] ? ___ratelimit+0x2cd/0x522 [ 1342.953526] oom_kill_process.cold+0x10/0xc16 [ 1342.958047] ? lock_downgrade+0x6e0/0x6e0 [ 1342.962206] out_of_memory+0x2d5/0x10f0 [ 1342.966191] ? oom_killer_disable+0x1c0/0x1c0 [ 1342.970703] ? mutex_trylock+0x152/0x1a0 [ 1342.974879] __alloc_pages_nodemask+0x2556/0x2730 [ 1342.979740] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1342.984587] ? trace_hardirqs_on+0x10/0x10 [ 1342.988831] ? find_get_entry+0x31b/0x660 [ 1342.992997] alloc_pages_current+0xe7/0x1e0 [ 1342.997327] __page_cache_alloc+0x243/0x3c0 [ 1343.001657] filemap_fault+0xd42/0x18f0 [ 1343.005644] ext4_filemap_fault+0x84/0xb0 [ 1343.009884] __do_fault+0xfa/0x380 [ 1343.013430] __handle_mm_fault+0x2055/0x3700 [ 1343.017972] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1343.022931] handle_mm_fault+0x306/0x794 [ 1343.026998] __do_page_fault+0x578/0xb50 [ 1343.031069] ? mm_fault_error+0x2c0/0x2c0 [ 1343.035367] ? do_page_fault+0x60/0x4f2 [ 1343.039353] ? page_fault+0x2f/0x50 [ 1343.043050] page_fault+0x45/0x50 [ 1343.046615] RIP: 1682b80:0x137b7d6f6b8 [ 1343.050641] RSP: 031b:00007ffd5e5b1a80 EFLAGS: 00000003 [ 1343.068434] Mem-Info: [ 1343.081021] active_anon:1299941 inactive_anon:4314 isolated_anon:0 [ 1343.081021] active_file:650 inactive_file:624 isolated_file:32 [ 1343.081021] unevictable:0 dirty:1266 writeback:0 unstable:0 [ 1343.081021] slab_reclaimable:17300 slab_unreclaimable:131708 [ 1343.081021] mapped:53473 shmem:4492 pagetables:33943 bounce:0 [ 1343.081021] free:24682 free_pcp:59 free_cma:0 [ 1343.119440] Node 0 active_anon:1891928kB inactive_anon:16132kB active_file:1036kB inactive_file:996kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:213892kB dirty:2008kB writeback:0kB shmem:16800kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 632832kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1343.153029] Node 1 active_anon:3307836kB inactive_anon:1124kB active_file:1672kB inactive_file:1484kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:3056kB writeback:0kB shmem:1168kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1343.193635] Node 0 DMA free:10396kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1343.225081] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1343.230153] Node 0 DMA32 free:34764kB min:36296kB low:45368kB high:54440kB active_anon:1886512kB inactive_anon:16132kB active_file:1072kB inactive_file:976kB unevictable:0kB writepending:2008kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10048kB pagetables:57048kB bounce:0kB free_pcp:232kB local_pcp:112kB free_cma:0kB [ 1343.264981] lowmem_reserve[]: 0 0 0 0 0 [ 1343.269023] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1343.298634] lowmem_reserve[]: 0 0 0 0 0 [ 1343.303636] Node 1 Normal free:53568kB min:53592kB low:66988kB high:80384kB active_anon:3307836kB inactive_anon:1124kB active_file:1600kB inactive_file:1556kB unevictable:0kB writepending:3056kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33536kB pagetables:78700kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1343.338768] lowmem_reserve[]: 0 0 0 0 0 [ 1343.342882] Node 0 DMA: 3*4kB (UME) 6*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10396kB [ 1343.363095] Node 0 DMA32: 1161*4kB (UME) 1479*8kB (UME) 383*16kB (UME) 194*32kB (UM) 3*64kB (UM) 15*128kB (M) 3*256kB (ME) 2*512kB (ME) 2*1024kB (ME) 0*2048kB 0*4096kB = 34764kB [ 1343.385853] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1343.396701] Node 1 Normal: 106*4kB (UME) 180*8kB (UME) 87*16kB (UME) 151*32kB (UME) 40*64kB (UM) 47*128kB (UME) 40*256kB (UME) 32*512kB (UM) 10*1024kB (M) 0*2048kB 0*4096kB = 53528kB [ 1343.417719] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1343.428862] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1343.441468] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1343.453012] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1343.474668] 5792 total pagecache pages [ 1343.478592] 0 pages in swap cache [ 1343.482119] Swap cache stats: add 0, delete 0, find 0/0 [ 1343.487593] Free swap = 0kB [ 1343.490705] Total swap = 0kB [ 1343.493882] 1965979 pages RAM [ 1343.497136] 0 pages HighMem/MovableOnly [ 1343.501305] 338455 pages reserved [ 1343.504847] 0 pages cma reserved [ 1343.508212] Out of memory: Kill process 18121 (syz-executor.4) score 1007 or sacrifice child [ 1343.516892] Killed process 18121 (syz-executor.4) total-vm:75236kB, anon-rss:16556kB, file-rss:34816kB, shmem-rss:0kB 19:24:09 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:09 executing program 5: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) 19:24:09 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:09 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:24:15 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c000400"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:15 executing program 5: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) 19:24:15 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:15 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:15 executing program 5: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) 19:24:16 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:16 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff000000000000009400048009000100"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:16 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:16 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:24:16 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, 0x0, 0x0) 19:24:16 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:16 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:16 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff000000000000009400048009000100"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:16 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, 0x0, 0x0) 19:24:17 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:17 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:17 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) [ 1345.121366] loop2: p1 p2 < > p3 p4 < p5 > [ 1345.125666] loop2: partition table partially beyond EOD, truncated [ 1345.150602] loop2: p1 size 11290111 extends beyond EOD, truncated [ 1345.706833] kworker/u4:8 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1345.765549] kworker/u4:8 cpuset=/ mems_allowed=0-1 [ 1345.780602] CPU: 0 PID: 20256 Comm: kworker/u4:8 Not tainted 4.14.182-syzkaller #0 [ 1345.788659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1345.798195] Workqueue: events_unbound call_usermodehelper_exec_work [ 1345.804691] Call Trace: [ 1345.807279] dump_stack+0x1b2/0x283 [ 1345.811074] dump_header+0x178/0x7aa [ 1345.814873] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1345.819934] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1345.825112] ? ___ratelimit+0x2cd/0x522 [ 1345.829126] oom_kill_process.cold+0x10/0xc16 [ 1345.833619] ? lock_downgrade+0x6e0/0x6e0 [ 1345.837760] out_of_memory+0x2d5/0x10f0 [ 1345.841940] ? oom_killer_disable+0x1c0/0x1c0 [ 1345.846428] ? mutex_trylock+0x152/0x1a0 [ 1345.850614] __alloc_pages_nodemask+0x2556/0x2730 [ 1345.855716] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1345.860764] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1345.865697] ? trace_hardirqs_on+0x10/0x10 [ 1345.870462] ? mark_held_locks+0xa6/0xf0 [ 1345.874742] ? cache_grow_begin+0x3f/0x410 [ 1345.879742] cache_grow_begin+0x91/0x410 [ 1345.884003] fallback_alloc+0x205/0x2b0 [ 1345.888779] kmem_cache_alloc_node+0xe3/0x400 [ 1345.893986] copy_process.part.0+0x17d5/0x6fa0 [ 1345.898739] ? __lock_acquire+0x655/0x42a0 [ 1345.907043] ? trace_hardirqs_on+0x10/0x10 [ 1345.911625] ? static_obj+0x50/0x50 [ 1345.915985] ? trace_hardirqs_on+0x10/0x10 [ 1345.920214] ? __lock_acquire+0x655/0x42a0 [ 1345.925065] ? umh_complete+0x80/0x80 [ 1345.928988] ? __cleanup_sighand+0x40/0x40 [ 1345.933407] ? umh_complete+0x80/0x80 [ 1345.937529] _do_fork+0x180/0xc80 [ 1345.941071] ? lock_downgrade+0x6e0/0x6e0 [ 1345.945659] ? fork_idle+0x270/0x270 [ 1345.950284] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1345.956800] ? debug_object_deactivate+0x1cc/0x350 [ 1345.962826] ? process_one_work+0x6ec/0x14c0 [ 1345.968881] ? umh_complete+0x80/0x80 [ 1345.974289] kernel_thread+0x2f/0x40 [ 1345.979311] call_usermodehelper_exec_work+0x193/0x210 [ 1345.985146] ? call_usermodehelper_exec_async+0x4c0/0x4c0 [ 1345.991269] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1345.996726] process_one_work+0x7c0/0x14c0 [ 1346.001139] ? pwq_dec_nr_in_flight+0x2b0/0x2b0 [ 1346.007064] ? worker_thread+0x163/0x1080 [ 1346.011430] ? _raw_spin_unlock_irq+0x24/0x90 [ 1346.017750] worker_thread+0x5d7/0x1080 [ 1346.022348] ? process_one_work+0x14c0/0x14c0 [ 1346.027750] kthread+0x30d/0x420 [ 1346.031722] ? kthread_create_on_node+0xd0/0xd0 [ 1346.037647] ret_from_fork+0x24/0x30 19:24:18 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff000000000000009400048009000100"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:18 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1346.096924] Mem-Info: [ 1346.146564] active_anon:1297622 inactive_anon:4315 isolated_anon:0 [ 1346.146564] active_file:1525 inactive_file:1943 isolated_file:88 [ 1346.146564] unevictable:0 dirty:1275 writeback:0 unstable:0 [ 1346.146564] slab_reclaimable:17368 slab_unreclaimable:131453 [ 1346.146564] mapped:55268 shmem:4492 pagetables:33949 bounce:0 [ 1346.146564] free:24649 free_pcp:295 free_cma:0 [ 1346.261320] Node 0 active_anon:1896200kB inactive_anon:16132kB active_file:1552kB inactive_file:1752kB unevictable:0kB isolated(anon):0kB isolated(file):224kB mapped:215276kB dirty:2016kB writeback:0kB shmem:16792kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 632832kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1346.552227] Node 1 active_anon:3302288kB inactive_anon:1128kB active_file:2220kB inactive_file:4116kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:1896kB dirty:3084kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 19:24:18 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007800800"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1346.618539] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5412kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1346.839045] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1346.849574] Node 0 DMA32 free:27972kB min:36296kB low:45368kB high:54440kB active_anon:1891708kB inactive_anon:16132kB active_file:1572kB inactive_file:1380kB unevictable:0kB writepending:2016kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10112kB pagetables:56864kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1346.984870] lowmem_reserve[]: 0 0 0 0 0 [ 1346.994643] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1347.122385] lowmem_reserve[]: 0 0 0 0 0 [ 1347.133957] Node 1 Normal free:59768kB min:53592kB low:66988kB high:80384kB active_anon:3302284kB inactive_anon:1132kB active_file:1448kB inactive_file:3544kB unevictable:0kB writepending:3084kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33280kB pagetables:78824kB bounce:0kB free_pcp:316kB local_pcp:288kB free_cma:0kB [ 1347.250240] lowmem_reserve[]: 0 0 0 0 0 [ 1347.263581] Node 0 DMA: 2*4kB (UE) 7*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB 19:24:19 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1347.323580] Node 0 DMA32: 951*4kB (UME) 1289*8kB (UME) 223*16kB (UME) 152*32kB (UME) 3*64kB (UE) 18*128kB (M) 2*256kB (M) 2*512kB (ME) 2*1024kB (ME) 0*2048kB 0*4096kB = 28628kB [ 1347.389082] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1347.429461] Node 1 Normal: 172*4kB (UME) 227*8kB (UME) 105*16kB (UME) 97*32kB (UME) 80*64kB (UM) 81*128kB (UME) 44*256kB (UME) 33*512kB (UM) 10*1024kB (M) 0*2048kB 0*4096kB = 61176kB [ 1347.472904] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1347.516502] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1347.547652] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1347.571680] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1347.593206] 5841 total pagecache pages [ 1347.604673] 0 pages in swap cache [ 1347.608223] Swap cache stats: add 0, delete 0, find 0/0 [ 1347.613755] Free swap = 0kB [ 1347.616840] Total swap = 0kB [ 1347.624161] 1965979 pages RAM [ 1347.627355] 0 pages HighMem/MovableOnly [ 1347.631441] 338455 pages reserved [ 1347.634950] 0 pages cma reserved [ 1347.638376] Out of memory: Kill process 14093 (syz-executor.0) score 1007 or sacrifice child [ 1347.652032] Killed process 14093 (syz-executor.0) total-vm:75368kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB [ 1347.735002] oom_reaper: reaped process 14093 (syz-executor.0), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1347.890200] loop2: p3 start 4293001441 is beyond EOD, truncated 19:24:20 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:20 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) [ 1348.033840] loop2: p5 size 11290111 extends beyond EOD, truncated 19:24:20 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:24:20 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, 0x0, 0x0) 19:24:20 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1348.678014] loop2: p1 p2 < > p3 p4 < p5 > [ 1348.862897] loop2: partition table partially beyond EOD, truncated [ 1348.931639] loop2: p1 size 11290111 extends beyond EOD, truncated [ 1349.303053] loop2: p3 start 4293001441 is beyond EOD, truncated [ 1349.352781] loop2: p5 size 11290111 extends beyond EOD, truncated 19:24:21 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:24:21 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007800800"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:21 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, 0x0, 0x0) 19:24:21 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:21 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:21 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:21 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0) write$FUSE_INTERRUPT(r0, &(0x7f0000000080)={0x10}, 0x10) 19:24:21 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) 19:24:21 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1350.111609] syz-executor.2 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1350.185733] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 1350.203572] CPU: 0 PID: 6352 Comm: syz-executor.2 Not tainted 4.14.182-syzkaller #0 [ 1350.211493] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1350.220842] Call Trace: [ 1350.223432] dump_stack+0x1b2/0x283 [ 1350.227038] dump_header+0x178/0x7aa [ 1350.230728] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1350.235723] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1350.240804] ? ___ratelimit+0x2cd/0x522 [ 1350.244757] oom_kill_process.cold+0x10/0xc16 [ 1350.249233] ? lock_downgrade+0x6e0/0x6e0 [ 1350.253364] out_of_memory+0x2d5/0x10f0 [ 1350.257407] ? oom_killer_disable+0x1c0/0x1c0 [ 1350.261883] ? mutex_trylock+0x152/0x1a0 [ 1350.265938] __alloc_pages_nodemask+0x2556/0x2730 [ 1350.270778] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1350.275602] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1350.280613] ? retint_kernel+0x2d/0x2d [ 1350.284486] cache_grow_begin+0x91/0x410 [ 1350.292523] fallback_alloc+0x205/0x2b0 [ 1350.296479] kmem_cache_alloc+0x1e5/0x3c0 [ 1350.300613] getname_flags+0xc8/0x550 [ 1350.304395] user_path_mountpoint_at+0x23/0x40 [ 1350.308960] SyS_umount+0x11b/0xc00 [ 1350.315887] ? lock_downgrade+0x6e0/0x6e0 [ 1350.320022] ? __detach_mounts+0x2e0/0x2e0 [ 1350.324237] ? up_read+0x17/0x30 [ 1350.327590] ? __do_page_fault+0x19a/0xb50 [ 1350.331808] ? do_syscall_64+0x4c/0x640 [ 1350.335765] ? __detach_mounts+0x2e0/0x2e0 [ 1350.339980] do_syscall_64+0x1d5/0x640 [ 1350.343874] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1350.349047] RIP: 0033:0x45f497 [ 1350.352222] RSP: 002b:00007ffe569b88a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1350.360011] RAX: ffffffffffffffda RBX: 0000000000149939 RCX: 000000000045f497 [ 1350.367261] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe569b99e0 [ 1350.374510] RBP: 0000000000000fed R08: 0000000000000001 R09: 0000000002c93940 [ 1350.381757] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe569b99e0 [ 1350.389027] R13: 00007ffe569b99d0 R14: 0000000000000000 R15: 00007ffe569b99e0 19:24:22 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1350.792957] Mem-Info: [ 1350.795709] active_anon:1298823 inactive_anon:4316 isolated_anon:0 [ 1350.795709] active_file:1468 inactive_file:1356 isolated_file:174 [ 1350.795709] unevictable:0 dirty:1297 writeback:0 unstable:0 [ 1350.795709] slab_reclaimable:17433 slab_unreclaimable:130932 [ 1350.795709] mapped:54963 shmem:4492 pagetables:34054 bounce:0 [ 1350.795709] free:24296 free_pcp:314 free_cma:0 19:24:22 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1351.053528] Node 0 active_anon:1897992kB inactive_anon:16132kB active_file:1056kB inactive_file:1056kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214208kB dirty:2020kB writeback:0kB shmem:16792kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 632832kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1351.170346] Node 1 active_anon:3308440kB inactive_anon:1132kB active_file:3468kB inactive_file:3192kB unevictable:0kB isolated(anon):0kB isolated(file):488kB mapped:3816kB dirty:3128kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1351.219750] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5412kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1351.300177] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1351.305376] Node 0 DMA32 free:27540kB min:36296kB low:45368kB high:54440kB active_anon:1892580kB inactive_anon:16132kB active_file:1056kB inactive_file:1056kB unevictable:0kB writepending:2020kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10176kB pagetables:56904kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1351.393333] lowmem_reserve[]: 0 0 0 0 0 [ 1351.397360] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1351.475338] lowmem_reserve[]: 0 0 0 0 0 [ 1351.484158] Node 1 Normal free:69344kB min:53592kB low:66988kB high:80384kB active_anon:3292128kB inactive_anon:1132kB active_file:1948kB inactive_file:2884kB unevictable:0kB writepending:3128kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33440kB pagetables:79196kB bounce:0kB free_pcp:876kB local_pcp:636kB free_cma:0kB 19:24:23 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1351.553072] lowmem_reserve[]: 0 0 0 0 0 [ 1351.557992] Node 0 DMA: 2*4kB (UE) 7*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1351.818112] Node 0 DMA32: 745*4kB (UME) 1251*8kB (UM) 195*16kB (UM) 150*32kB (UM) 4*64kB (UME) 18*128kB (M) 2*256kB (M) 2*512kB (ME) 2*1024kB (ME) 0*2048kB 0*4096kB = 27052kB [ 1351.907423] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1351.944364] Node 1 Normal: 357*4kB (UME) 400*8kB (UMH) 139*16kB (UME) 125*32kB (UMEH) 139*64kB (UMH) 76*128kB (UME) 44*256kB (UME) 33*512kB (UM) 10*1024kB (M) 0*2048kB 0*4096kB = 67876kB [ 1351.999973] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1352.068953] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 19:24:24 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007800800"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1352.122561] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1352.169622] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1352.204895] 7726 total pagecache pages 19:24:24 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) [ 1352.226522] 0 pages in swap cache [ 1352.244319] Swap cache stats: add 0, delete 0, find 0/0 19:24:24 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007800800"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1352.279330] Free swap = 0kB [ 1352.295350] Total swap = 0kB [ 1352.308691] 1965979 pages RAM [ 1352.316515] 0 pages HighMem/MovableOnly [ 1352.324934] 338455 pages reserved 19:24:24 executing program 3: openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) [ 1352.328723] 0 pages cma reserved [ 1352.333357] Out of memory: Kill process 22691 (syz-executor.4) score 1007 or sacrifice child 19:24:24 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff000000000000009400048009000100"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1352.646077] loop2: p1 p2 < > p3 p4 < p5 > [ 1352.650755] loop2: partition table partially beyond EOD, truncated [ 1352.698612] loop2: p1 size 11290111 extends beyond EOD, truncated 19:24:25 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1352.976879] loop2: p3 start 4293001441 is beyond EOD, truncated 19:24:25 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff000000000000009400048009000100"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:25 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007800800"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1353.017359] loop2: p5 size 11290111 extends beyond EOD, truncated [ 1353.066513] systemd-journal invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1353.128118] systemd-journal cpuset=/ mems_allowed=0-1 [ 1353.144888] CPU: 0 PID: 3619 Comm: systemd-journal Not tainted 4.14.182-syzkaller #0 [ 1353.152801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1353.162151] Call Trace: [ 1353.164740] dump_stack+0x1b2/0x283 [ 1353.168354] dump_header+0x178/0x7aa [ 1353.172048] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1353.177044] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1353.182130] ? ___ratelimit+0x2cd/0x522 [ 1353.186084] oom_kill_process.cold+0x10/0xc16 [ 1353.190562] ? lock_downgrade+0x6e0/0x6e0 [ 1353.194693] out_of_memory+0x2d5/0x10f0 [ 1353.198661] ? oom_killer_disable+0x1c0/0x1c0 [ 1353.203133] ? mutex_trylock+0x152/0x1a0 [ 1353.207173] __alloc_pages_nodemask+0x2556/0x2730 [ 1353.212010] ? kmemdup+0x23/0x50 [ 1353.215377] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1353.220198] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1353.225020] ? trace_hardirqs_on+0x10/0x10 [ 1353.229241] ? cache_grow_begin+0x3f/0x410 [ 1353.233473] cache_grow_begin+0x91/0x410 [ 1353.237600] fallback_alloc+0x205/0x2b0 [ 1353.241556] kmem_cache_alloc+0x1e5/0x3c0 [ 1353.245685] getname_flags+0xc8/0x550 [ 1353.249466] user_path_at_empty+0x2a/0x50 [ 1353.253598] SyS_faccessat+0x21b/0x680 [ 1353.257467] ? SyS_fallocate+0x80/0x80 [ 1353.261346] ? do_syscall_64+0x4c/0x640 [ 1353.265310] ? SyS_faccessat+0x680/0x680 [ 1353.269354] do_syscall_64+0x1d5/0x640 [ 1353.273231] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1353.278402] RIP: 0033:0x7f9c599119c7 [ 1353.282093] RSP: 002b:00007fff58675eb8 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 [ 1353.289784] RAX: ffffffffffffffda RBX: 00007fff58678dd0 RCX: 00007f9c599119c7 [ 1353.297035] RDX: 00007f9c5a382a00 RSI: 0000000000000000 RDI: 00005605e17df9a3 [ 1353.304294] RBP: 00007fff58675ef0 R08: 0000000000000000 R09: 0000000000000000 [ 1353.311545] R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 [ 1353.318810] R13: 0000000000000000 R14: 00007fff58678dd0 R15: 00007fff586763e0 [ 1353.394643] Mem-Info: [ 1353.397783] active_anon:1297532 inactive_anon:4316 isolated_anon:0 [ 1353.397783] active_file:1012 inactive_file:882 isolated_file:91 [ 1353.397783] unevictable:0 dirty:1292 writeback:9 unstable:0 [ 1353.397783] slab_reclaimable:17504 slab_unreclaimable:130671 [ 1353.397783] mapped:54077 shmem:4492 pagetables:34113 bounce:0 [ 1353.397783] free:27011 free_pcp:244 free_cma:0 [ 1353.545894] Node 0 active_anon:1897960kB inactive_anon:16132kB active_file:1204kB inactive_file:956kB unevictable:0kB isolated(anon):0kB isolated(file):24kB mapped:214408kB dirty:2012kB writeback:0kB shmem:16792kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 632832kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1353.588207] Node 1 active_anon:3292168kB inactive_anon:1132kB active_file:2800kB inactive_file:3912kB unevictable:0kB isolated(anon):0kB isolated(file):424kB mapped:2800kB dirty:3156kB writeback:36kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1353.880085] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5412kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1353.981159] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1353.986257] Node 0 DMA32 free:27396kB min:36296kB low:45368kB high:54440kB active_anon:1892544kB inactive_anon:16132kB active_file:1192kB inactive_file:1036kB unevictable:0kB writepending:2016kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10176kB pagetables:56900kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1354.062671] lowmem_reserve[]: 0 0 0 0 0 [ 1354.066682] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1354.103001] lowmem_reserve[]: 0 0 0 0 0 [ 1354.110173] Node 1 Normal free:72124kB min:53592kB low:66988kB high:80384kB active_anon:3292000kB inactive_anon:1132kB active_file:1836kB inactive_file:2588kB unevictable:0kB writepending:3196kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33248kB pagetables:78968kB bounce:0kB free_pcp:592kB local_pcp:480kB free_cma:0kB [ 1354.145574] lowmem_reserve[]: 0 0 0 0 0 [ 1354.179608] Node 0 DMA: 2*4kB (UE) 7*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1354.209584] Node 0 DMA32: 733*4kB (UME) 1254*8kB (UME) 200*16kB (UME) 151*32kB (UME) 4*64kB (UME) 18*128kB (M) 2*256kB (M) 2*512kB (ME) 2*1024kB (ME) 0*2048kB 0*4096kB = 27140kB [ 1354.262165] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 19:24:26 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff000000000000009400048009000100"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:26 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, 0x0, 0x0) 19:24:26 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:26 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff000000000000009400048009000100"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1354.535436] Node 1 Normal: 2*4kB (ME) 48*8kB (UMEH) 77*16kB (UH) 32*32kB (UMH) 49*64kB (UME) 77*128kB (UMEH) 44*256kB (UMEH) 32*512kB (UME) 10*1024kB (ME) 0*2048kB 0*4096kB = 53528kB 19:24:26 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1354.669592] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1354.678565] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1354.729540] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1354.738404] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1354.781621] 6716 total pagecache pages [ 1354.790490] 0 pages in swap cache [ 1354.793960] Swap cache stats: add 0, delete 0, find 0/0 [ 1354.810912] Free swap = 0kB [ 1354.813955] Total swap = 0kB [ 1354.816987] 1965979 pages RAM [ 1354.821041] 0 pages HighMem/MovableOnly [ 1354.825021] 338455 pages reserved [ 1354.828462] 0 pages cma reserved [ 1354.831873] Out of memory: Kill process 16378 (syz-executor.2) score 1007 or sacrifice child [ 1354.853768] Killed process 16378 (syz-executor.2) total-vm:75368kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB [ 1354.918927] oom_reaper: reaped process 16378 (syz-executor.2), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:24:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, 0x0, 0x0) 19:24:27 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:27 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:27 executing program 3: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, 0x0, 0x0) 19:24:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:28 executing program 5: r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r0, 0x0, 0x0) 19:24:28 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:28 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:28 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1357.489249] syz-executor.1 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1357.573473] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 1357.600888] CPU: 0 PID: 6353 Comm: syz-executor.1 Not tainted 4.14.182-syzkaller #0 [ 1357.608720] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1357.618076] Call Trace: [ 1357.620671] dump_stack+0x1b2/0x283 [ 1357.624292] dump_header+0x178/0x7aa [ 1357.627997] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1357.633007] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1357.638090] ? ___ratelimit+0x2cd/0x522 [ 1357.642055] oom_kill_process.cold+0x10/0xc16 [ 1357.646534] ? lock_downgrade+0x6e0/0x6e0 [ 1357.650675] out_of_memory+0x2d5/0x10f0 [ 1357.654642] ? oom_killer_disable+0x1c0/0x1c0 [ 1357.659116] ? mutex_trylock+0x152/0x1a0 [ 1357.663160] __alloc_pages_nodemask+0x2556/0x2730 [ 1357.668171] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1357.672997] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1357.677852] ? trace_hardirqs_on+0x10/0x10 [ 1357.682070] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1357.686895] ? cache_grow_begin+0x3f/0x410 [ 1357.691110] cache_grow_begin+0x91/0x410 [ 1357.695153] fallback_alloc+0x205/0x2b0 [ 1357.699126] kmem_cache_alloc+0x1e5/0x3c0 [ 1357.703264] getname_flags+0xc8/0x550 [ 1357.707053] user_path_mountpoint_at+0x23/0x40 [ 1357.711617] SyS_umount+0x11b/0xc00 [ 1357.715230] ? lock_downgrade+0x6e0/0x6e0 [ 1357.719375] ? __detach_mounts+0x2e0/0x2e0 [ 1357.723604] ? up_read+0x17/0x30 [ 1357.726952] ? __do_page_fault+0x19a/0xb50 [ 1357.731168] ? do_syscall_64+0x4c/0x640 [ 1357.735122] ? __detach_mounts+0x2e0/0x2e0 [ 1357.739339] do_syscall_64+0x1d5/0x640 [ 1357.743214] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1357.748388] RIP: 0033:0x45f497 [ 1357.751568] RSP: 002b:00007ffe15f67618 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1357.759265] RAX: ffffffffffffffda RBX: 000000000014b63b RCX: 000000000045f497 [ 1357.766552] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe15f68750 [ 1357.773816] RBP: 0000000000001353 R08: 0000000000000001 R09: 00000000017b1940 [ 1357.781077] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe15f68750 [ 1357.788548] R13: 00007ffe15f68740 R14: 0000000000000000 R15: 00007ffe15f68750 [ 1358.016068] Mem-Info: [ 1358.018596] active_anon:1299439 inactive_anon:4316 isolated_anon:0 [ 1358.018596] active_file:680 inactive_file:655 isolated_file:31 [ 1358.018596] unevictable:0 dirty:1296 writeback:0 unstable:0 [ 1358.018596] slab_reclaimable:17581 slab_unreclaimable:130713 [ 1358.018596] mapped:53593 shmem:4492 pagetables:34108 bounce:0 [ 1358.018596] free:25262 free_pcp:469 free_cma:0 [ 1358.059606] Node 0 active_anon:1897956kB inactive_anon:16132kB active_file:1124kB inactive_file:1064kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214292kB dirty:2012kB writeback:0kB shmem:16792kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 632832kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1358.090433] Node 1 active_anon:3299800kB inactive_anon:1132kB active_file:1760kB inactive_file:1496kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:80kB dirty:3172kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1358.184113] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5412kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1358.266383] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1358.277234] Node 0 DMA32 free:27160kB min:36296kB low:45368kB high:54440kB active_anon:1892544kB inactive_anon:16132kB active_file:868kB inactive_file:1096kB unevictable:0kB writepending:2012kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10176kB pagetables:56900kB bounce:0kB free_pcp:300kB local_pcp:120kB free_cma:0kB 19:24:30 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:30 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1358.362957] lowmem_reserve[]: 0 0 0 0 0 [ 1358.374104] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1358.496887] lowmem_reserve[]: 0 0 0 0 0 [ 1358.507277] Node 1 Normal free:64268kB min:53592kB low:66988kB high:80384kB active_anon:3299800kB inactive_anon:1132kB active_file:1520kB inactive_file:2792kB unevictable:0kB writepending:3172kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33472kB pagetables:79508kB bounce:0kB free_pcp:532kB local_pcp:208kB free_cma:0kB [ 1358.587221] lowmem_reserve[]: 0 0 0 0 0 [ 1358.610874] Node 0 DMA: 2*4kB (UE) 7*8kB (UME) 4*16kB (UM) 3*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1358.673616] Node 0 DMA32: 721*4kB (UME) 1257*8kB (UM) 198*16kB (UME) 152*32kB (UME) 4*64kB (UME) 18*128kB (M) 2*256kB (M) 2*512kB (ME) 2*1024kB (ME) 0*2048kB 0*4096kB = 27116kB [ 1358.981688] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1359.020023] Node 1 Normal: 214*4kB (UME) 280*8kB (UME) 18*16kB (UME) 37*32kB (UMEH) 3*64kB (U) 15*128kB (U) 46*256kB (UME) 34*512kB (UME) 10*1024kB (ME) 0*2048kB 0*4096kB = 46104kB [ 1359.042031] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1359.070775] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1359.090563] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1359.121384] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1359.140299] 6090 total pagecache pages [ 1359.148422] 0 pages in swap cache [ 1359.158141] Swap cache stats: add 0, delete 0, find 0/0 [ 1359.169307] Free swap = 0kB [ 1359.175499] Total swap = 0kB [ 1359.181977] 1965979 pages RAM [ 1359.189394] 0 pages HighMem/MovableOnly [ 1359.197580] 338455 pages reserved [ 1359.205248] 0 pages cma reserved [ 1359.211826] Out of memory: Kill process 22872 (syz-executor.4) score 1007 or sacrifice child [ 1359.266535] kworker/u4:6 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1359.309005] kworker/u4:6 cpuset=/ mems_allowed=0-1 [ 1359.325804] CPU: 1 PID: 7633 Comm: kworker/u4:6 Not tainted 4.14.182-syzkaller #0 [ 1359.333452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1359.342818] Workqueue: events_unbound call_usermodehelper_exec_work [ 1359.349229] Call Trace: [ 1359.351827] dump_stack+0x1b2/0x283 [ 1359.355461] dump_header+0x178/0x7aa [ 1359.359182] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1359.364201] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1359.369322] ? ___ratelimit+0x2cd/0x522 [ 1359.373297] oom_kill_process.cold+0x10/0xc16 [ 1359.377804] ? lock_downgrade+0x6e0/0x6e0 [ 1359.381958] out_of_memory+0x2d5/0x10f0 [ 1359.385937] ? oom_killer_disable+0x1c0/0x1c0 [ 1359.390428] ? mutex_trylock+0x152/0x1a0 [ 1359.394490] __alloc_pages_nodemask+0x2556/0x2730 [ 1359.399346] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1359.404190] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1359.409030] ? trace_hardirqs_on+0x10/0x10 [ 1359.413265] ? kthread+0x30d/0x420 [ 1359.416804] ? mark_held_locks+0xa6/0xf0 [ 1359.420860] ? cache_grow_begin+0x3f/0x410 [ 1359.425094] cache_grow_begin+0x91/0x410 [ 1359.429150] fallback_alloc+0x205/0x2b0 [ 1359.433126] kmem_cache_alloc_node+0xe3/0x400 [ 1359.437622] copy_process.part.0+0x17d5/0x6fa0 [ 1359.442206] ? __lock_acquire+0x655/0x42a0 [ 1359.446454] ? umh_complete+0x80/0x80 [ 1359.450260] ? __cleanup_sighand+0x40/0x40 [ 1359.454494] ? umh_complete+0x80/0x80 [ 1359.458291] _do_fork+0x180/0xc80 [ 1359.461742] ? fork_idle+0x270/0x270 [ 1359.465451] ? mark_held_locks+0xa6/0xf0 [ 1359.469509] ? _raw_spin_unlock_irq+0x24/0x90 [ 1359.474003] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1359.479014] ? _raw_spin_unlock_irq+0x5a/0x90 [ 1359.483506] ? kernel_sigaction+0x13b/0x200 [ 1359.487846] ? flush_sigqueue_mask.isra.0+0x340/0x340 [ 1359.493032] ? umh_complete+0x80/0x80 [ 1359.496831] kernel_thread+0x2f/0x40 [ 1359.500546] call_usermodehelper_exec_work+0x97/0x210 [ 1359.505733] ? call_usermodehelper_exec_async+0x4c0/0x4c0 [ 1359.511275] ? rcu_lockdep_current_cpu_online+0xed/0x140 [ 1359.516722] process_one_work+0x7c0/0x14c0 [ 1359.520959] ? pwq_dec_nr_in_flight+0x2b0/0x2b0 [ 1359.525620] ? worker_thread+0x163/0x1080 [ 1359.529770] ? _raw_spin_unlock_irq+0x24/0x90 [ 1359.534263] worker_thread+0x5d7/0x1080 [ 1359.538241] ? process_one_work+0x14c0/0x14c0 [ 1359.542732] kthread+0x30d/0x420 [ 1359.546097] ? kthread_create_on_node+0xd0/0xd0 [ 1359.550764] ret_from_fork+0x24/0x30 19:24:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:31 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1359.865328] Mem-Info: [ 1359.871257] active_anon:1299690 inactive_anon:4316 isolated_anon:0 [ 1359.871257] active_file:1129 inactive_file:1282 isolated_file:108 [ 1359.871257] unevictable:0 dirty:1302 writeback:1 unstable:0 [ 1359.871257] slab_reclaimable:17584 slab_unreclaimable:130358 [ 1359.871257] mapped:54486 shmem:4492 pagetables:34094 bounce:0 [ 1359.871257] free:24417 free_pcp:228 free_cma:0 [ 1359.986244] Node 0 active_anon:1897956kB inactive_anon:16132kB active_file:1040kB inactive_file:1004kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214116kB dirty:2012kB writeback:8kB shmem:16792kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 632832kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1360.037250] Node 1 active_anon:3299636kB inactive_anon:1132kB active_file:3220kB inactive_file:3096kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:2812kB dirty:3176kB writeback:28kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1360.205001] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5412kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 19:24:32 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1360.303790] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1360.322224] Node 0 DMA32 free:27552kB min:36296kB low:45368kB high:54440kB active_anon:1892544kB inactive_anon:16132kB active_file:1024kB inactive_file:964kB unevictable:0kB writepending:2020kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10176kB pagetables:56900kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 19:24:32 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1360.495026] lowmem_reserve[]: 0 0 0 0 0 [ 1360.516206] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1360.623159] lowmem_reserve[]: 0 0 0 0 0 [ 1360.634742] Node 1 Normal free:60100kB min:53592kB low:66988kB high:80384kB active_anon:3299728kB inactive_anon:1132kB active_file:4428kB inactive_file:4572kB unevictable:0kB writepending:3204kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33376kB pagetables:79324kB bounce:0kB free_pcp:748kB local_pcp:388kB free_cma:0kB [ 1360.853677] lowmem_reserve[]: 0 0 0 0 0 [ 1360.857710] Node 0 DMA: 2*4kB (UE) 6*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10408kB [ 1360.879216] Node 0 DMA32: 731*4kB (UM) 1265*8kB (UM) 200*16kB (UME) 152*32kB (UME) 4*64kB (UME) 18*128kB (M) 2*256kB (M) 2*512kB (ME) 2*1024kB (ME) 0*2048kB 0*4096kB = 27252kB [ 1360.900681] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1360.923165] Node 1 Normal: 278*4kB (ME) 352*8kB (UME) 90*16kB (UME) 56*32kB (UMEH) 62*64kB (UM) 75*128kB (UM) 50*256kB (UME) 34*512kB (UME) 10*1024kB (ME) 0*2048kB 0*4096kB = 61176kB [ 1360.958452] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1360.968129] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1361.027378] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1361.041691] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1361.153687] 7144 total pagecache pages [ 1361.157623] 0 pages in swap cache [ 1361.169103] Swap cache stats: add 0, delete 0, find 0/0 [ 1361.174577] Free swap = 0kB [ 1361.177589] Total swap = 0kB [ 1361.219082] 1965979 pages RAM [ 1361.222218] 0 pages HighMem/MovableOnly [ 1361.226183] 338455 pages reserved [ 1361.260573] 0 pages cma reserved [ 1361.270691] Out of memory: Kill process 11130 (syz-executor.1) score 1007 or sacrifice child [ 1361.298828] Killed process 11130 (syz-executor.1) total-vm:75236kB, anon-rss:16552kB, file-rss:34816kB, shmem-rss:0kB 19:24:33 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:33 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x6100) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:34 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:34 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:34 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:35 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1363.169771] modprobe invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1363.212628] modprobe cpuset=/ mems_allowed=0-1 [ 1363.227451] CPU: 1 PID: 22930 Comm: modprobe Not tainted 4.14.182-syzkaller #0 [ 1363.234840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1363.244278] Call Trace: [ 1363.246855] dump_stack+0x1b2/0x283 [ 1363.250465] dump_header+0x178/0x7aa [ 1363.254156] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1363.259149] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1363.264235] ? ___ratelimit+0x2cd/0x522 [ 1363.268199] oom_kill_process.cold+0x10/0xc16 [ 1363.272679] ? lock_downgrade+0x6e0/0x6e0 [ 1363.276821] out_of_memory+0x2d5/0x10f0 [ 1363.280781] ? oom_killer_disable+0x1c0/0x1c0 [ 1363.285262] ? mutex_trylock+0x152/0x1a0 [ 1363.289338] __alloc_pages_nodemask+0x2556/0x2730 [ 1363.294172] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1363.299022] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1363.303845] ? trace_hardirqs_on+0x10/0x10 [ 1363.308607] ? cache_grow_begin+0x3f/0x410 [ 1363.312846] cache_grow_begin+0x91/0x410 [ 1363.316895] fallback_alloc+0x205/0x2b0 [ 1363.320857] kmem_cache_alloc+0x1e5/0x3c0 [ 1363.324992] getname_flags+0xc8/0x550 [ 1363.328787] user_path_at_empty+0x2a/0x50 [ 1363.332926] vfs_statx+0xd1/0x160 [ 1363.336381] ? vfs_statx_fd+0x90/0x90 [ 1363.340163] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1363.344898] SyS_newstat+0x83/0xe0 [ 1363.348415] ? SyS_fstat+0xd0/0xd0 [ 1363.351945] ? lock_downgrade+0x6e0/0x6e0 [ 1363.356072] ? up_read+0x17/0x30 [ 1363.360123] ? __do_page_fault+0x19a/0xb50 [ 1363.364339] ? do_syscall_64+0x4c/0x640 [ 1363.368307] ? SyS_fstat+0xd0/0xd0 [ 1363.371839] do_syscall_64+0x1d5/0x640 [ 1363.375709] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1363.380889] RIP: 0033:0x7f28e46da295 [ 1363.384578] RSP: 002b:00007ffe2a1fedc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000004 [ 1363.392274] RAX: ffffffffffffffda RBX: 000055e82063d090 RCX: 00007f28e46da295 [ 1363.399522] RDX: 00007ffe2a1fee90 RSI: 00007ffe2a1fee90 RDI: 000055e81f754e99 [ 1363.406771] RBP: 000055e81f754e99 R08: 0000000000000003 R09: 0000000000000020 [ 1363.414018] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1363.421276] R13: 0000000000000000 R14: 000055e81f95c068 R15: 0000000000000000 [ 1364.414150] Mem-Info: [ 1364.416749] active_anon:1303637 inactive_anon:4312 isolated_anon:0 [ 1364.416749] active_file:1533 inactive_file:1244 isolated_file:83 [ 1364.416749] unevictable:0 dirty:1314 writeback:0 unstable:0 [ 1364.416749] slab_reclaimable:17607 slab_unreclaimable:130538 [ 1364.416749] mapped:54703 shmem:4488 pagetables:34235 bounce:0 [ 1364.416749] free:19802 free_pcp:0 free_cma:0 [ 1364.469087] Node 0 active_anon:1891900kB inactive_anon:16116kB active_file:3320kB inactive_file:2596kB unevictable:0kB isolated(anon):0kB isolated(file):204kB mapped:217224kB dirty:2028kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 616448kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1364.571399] Node 1 active_anon:3322648kB inactive_anon:1132kB active_file:2308kB inactive_file:2128kB unevictable:0kB isolated(anon):0kB isolated(file):232kB mapped:1288kB dirty:3228kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1364.696030] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1364.747985] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1364.775221] Node 0 DMA32 free:38300kB min:36296kB low:45368kB high:54440kB active_anon:1877504kB inactive_anon:16116kB active_file:2676kB inactive_file:2332kB unevictable:0kB writepending:2028kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10176kB pagetables:56780kB bounce:0kB free_pcp:804kB local_pcp:184kB free_cma:0kB [ 1364.889473] lowmem_reserve[]: 0 0 0 0 0 [ 1364.893688] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1364.956113] lowmem_reserve[]: 0 0 0 0 0 [ 1364.965155] Node 1 Normal free:49080kB min:53592kB low:66988kB high:80384kB active_anon:3315864kB inactive_anon:1132kB active_file:1980kB inactive_file:1892kB unevictable:0kB writepending:3244kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33728kB pagetables:80008kB bounce:0kB free_pcp:80kB local_pcp:0kB free_cma:0kB 19:24:37 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:37 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:37 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1365.085839] lowmem_reserve[]: 0 0 0 0 0 [ 1365.098083] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1365.157074] Node 0 DMA32: 792*4kB (UME) 1322*8kB (UME) 207*16kB (UME) 191*32kB (UME) 23*64kB (UME) 10*128kB (ME) 5*256kB (ME) 3*512kB (M) 2*1024kB (ME) 2*2048kB (M) 1*4096kB (M) = 38976kB [ 1365.184522] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1365.198688] Node 1 Normal: 623*4kB (UME) 412*8kB (UME) 112*16kB (UME) 55*32kB (UME) 22*64kB (UME) 13*128kB (UME) 38*256kB (UM) 34*512kB (UME) 10*1024kB (ME) 0*2048kB 0*4096kB = 49788kB [ 1365.220529] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1365.231350] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1365.246639] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1365.287106] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1365.348495] 6010 total pagecache pages [ 1365.365518] 0 pages in swap cache [ 1365.380061] Swap cache stats: add 0, delete 0, find 0/0 [ 1365.385456] Free swap = 0kB [ 1365.388496] Total swap = 0kB [ 1365.424496] 1965979 pages RAM [ 1365.427640] 0 pages HighMem/MovableOnly [ 1365.443279] 338455 pages reserved [ 1365.462428] 0 pages cma reserved [ 1365.465828] Out of memory: Kill process 22938 (syz-executor.3) score 1007 or sacrifice child [ 1365.535289] syz-executor.5 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1365.558401] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 1365.563673] CPU: 0 PID: 20539 Comm: syz-executor.5 Not tainted 4.14.182-syzkaller #0 [ 1365.571554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1365.580906] Call Trace: [ 1365.583499] dump_stack+0x1b2/0x283 [ 1365.587134] dump_header+0x178/0x7aa [ 1365.590848] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1365.595864] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1365.600989] ? ___ratelimit+0x2cd/0x522 [ 1365.605073] oom_kill_process.cold+0x10/0xc16 [ 1365.609568] ? lock_acquire+0x170/0x3f0 [ 1365.613542] ? lock_downgrade+0x6e0/0x6e0 [ 1365.617688] out_of_memory+0x2d5/0x10f0 [ 1365.621665] ? oom_killer_disable+0x1c0/0x1c0 [ 1365.626185] ? mutex_trylock+0x152/0x1a0 [ 1365.630319] __alloc_pages_nodemask+0x2556/0x2730 [ 1365.635174] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1365.640014] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1365.644850] ? trace_hardirqs_on+0x10/0x10 [ 1365.649086] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1365.653929] ? cache_grow_begin+0x3f/0x410 [ 1365.658161] cache_grow_begin+0x91/0x410 [ 1365.662218] fallback_alloc+0x205/0x2b0 [ 1365.666192] kmem_cache_alloc+0x1e5/0x3c0 [ 1365.670339] getname_flags+0xc8/0x550 [ 1365.674140] user_path_mountpoint_at+0x23/0x40 [ 1365.678717] SyS_umount+0x11b/0xc00 [ 1365.682340] ? lock_downgrade+0x6e0/0x6e0 [ 1365.686486] ? __detach_mounts+0x2e0/0x2e0 [ 1365.690716] ? up_read+0x17/0x30 [ 1365.694073] ? __do_page_fault+0x19a/0xb50 [ 1365.698310] ? do_syscall_64+0x4c/0x640 [ 1365.702289] ? __detach_mounts+0x2e0/0x2e0 [ 1365.706535] do_syscall_64+0x1d5/0x640 [ 1365.710432] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1365.715616] RIP: 0033:0x45f497 [ 1365.718801] RSP: 002b:00007ffe52bc1628 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1365.726513] RAX: ffffffffffffffda RBX: 000000000014d352 RCX: 000000000045f497 [ 1365.733782] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe52bc2760 [ 1365.741051] RBP: 0000000000000b0e R08: 0000000000000001 R09: 000000000153d940 [ 1365.748663] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe52bc2760 [ 1365.755915] R13: 00007ffe52bc2750 R14: 0000000000000000 R15: 00007ffe52bc2760 [ 1365.773509] Mem-Info: [ 1365.776061] active_anon:1299586 inactive_anon:4312 isolated_anon:0 [ 1365.776061] active_file:754 inactive_file:726 isolated_file:32 [ 1365.776061] unevictable:0 dirty:1318 writeback:0 unstable:0 [ 1365.776061] slab_reclaimable:17588 slab_unreclaimable:130551 [ 1365.776061] mapped:53616 shmem:4488 pagetables:34219 bounce:0 [ 1365.776061] free:25261 free_pcp:48 free_cma:0 [ 1365.810938] Node 0 active_anon:1882912kB inactive_anon:16116kB active_file:1188kB inactive_file:1468kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:214464kB dirty:2044kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 616448kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1365.843340] Node 1 active_anon:3315432kB inactive_anon:1132kB active_file:1668kB inactive_file:1528kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:3228kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1365.877224] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1365.936578] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1365.943182] Node 0 DMA32 free:40412kB min:36296kB low:45368kB high:54440kB active_anon:1877496kB inactive_anon:16116kB active_file:1416kB inactive_file:1892kB unevictable:0kB writepending:2044kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10176kB pagetables:56836kB bounce:0kB free_pcp:132kB local_pcp:132kB free_cma:0kB [ 1365.980489] lowmem_reserve[]: 0 0 0 0 0 [ 1365.985012] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1366.026980] lowmem_reserve[]: 0 0 0 0 0 [ 1366.035581] Node 1 Normal free:49988kB min:53592kB low:66988kB high:80384kB active_anon:3315432kB inactive_anon:1132kB active_file:1720kB inactive_file:1548kB unevictable:0kB writepending:3228kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33568kB pagetables:80016kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1366.198764] lowmem_reserve[]: 0 0 0 0 0 [ 1366.202796] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1366.248726] Node 0 DMA32: 572*4kB (UE) 1321*8kB (UME) 233*16kB (UME) 168*32kB (UME) 37*64kB (UME) 16*128kB (ME) 5*256kB (ME) 3*512kB (M) 2*1024kB (ME) 2*2048kB (M) 1*4096kB (M) = 39432kB [ 1366.276621] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1366.299222] Node 1 Normal: 626*4kB (UME) 430*8kB (UME) 113*16kB (UME) 57*32kB (UME) 22*64kB (UME) 13*128kB (UME) 38*256kB (UM) 34*512kB (UME) 10*1024kB (ME) 0*2048kB 0*4096kB = 50024kB [ 1366.349010] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1366.358460] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1366.411520] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1366.422012] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1366.436882] 6105 total pagecache pages [ 1366.441349] 0 pages in swap cache [ 1366.445408] Swap cache stats: add 0, delete 0, find 0/0 [ 1366.451245] Free swap = 0kB [ 1366.455446] Total swap = 0kB [ 1366.458524] 1965979 pages RAM [ 1366.462458] 0 pages HighMem/MovableOnly [ 1366.466942] 338455 pages reserved [ 1366.472283] 0 pages cma reserved [ 1366.475653] Out of memory: Kill process 11191 (syz-executor.1) score 1007 or sacrifice child [ 1366.488568] Killed process 11191 (syz-executor.1) total-vm:75236kB, anon-rss:16552kB, file-rss:34816kB, shmem-rss:0kB [ 1366.538357] oom_reaper: reaped process 11191 (syz-executor.1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1366.638553] syz-executor.3 invoked oom-killer: gfp_mask=0x15080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0 [ 1366.662030] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 1366.668429] CPU: 1 PID: 6354 Comm: syz-executor.3 Not tainted 4.14.182-syzkaller #0 [ 1366.676331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1366.686043] Call Trace: [ 1366.688666] dump_stack+0x1b2/0x283 [ 1366.693008] dump_header+0x178/0x7aa [ 1366.697415] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1366.702454] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1366.707560] ? ___ratelimit+0x2cd/0x522 [ 1366.711542] oom_kill_process.cold+0x10/0xc16 [ 1366.716039] ? lock_acquire+0x170/0x3f0 [ 1366.720012] ? lock_downgrade+0x6e0/0x6e0 [ 1366.724165] out_of_memory+0x2d5/0x10f0 [ 1366.728137] ? oom_killer_disable+0x1c0/0x1c0 [ 1366.732634] ? mutex_trylock+0x152/0x1a0 [ 1366.736785] __alloc_pages_nodemask+0x2556/0x2730 [ 1366.741648] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1366.746483] ? alloc_set_pte+0xc07/0x1550 [ 1366.750640] ? rcu_read_lock_sched_held+0x10a/0x130 [ 1366.755658] ? kmem_cache_alloc_node+0x387/0x400 [ 1366.760418] copy_process.part.0+0x26a/0x6fa0 [ 1366.764914] ? trace_hardirqs_on+0x10/0x10 [ 1366.769152] ? trace_hardirqs_on+0x10/0x10 [ 1366.773387] ? lock_downgrade+0x6e0/0x6e0 [ 1366.777538] ? trace_hardirqs_on+0x10/0x10 [ 1366.781776] ? __cleanup_sighand+0x40/0x40 [ 1366.786003] ? lock_downgrade+0x6e0/0x6e0 [ 1366.790154] _do_fork+0x180/0xc80 [ 1366.794295] ? put_timespec64+0xaa/0xf0 [ 1366.798271] ? fork_idle+0x270/0x270 [ 1366.802593] ? SyS_clock_gettime+0xf5/0x180 [ 1366.806912] ? SyS_clock_settime+0x1a0/0x1a0 [ 1366.811319] ? do_syscall_64+0x4c/0x640 [ 1366.815288] ? sys_vfork+0x20/0x20 [ 1366.818828] do_syscall_64+0x1d5/0x640 [ 1366.823673] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1366.829126] RIP: 0033:0x45b09a [ 1366.832337] RSP: 002b:00007ffe89bdb320 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1366.840040] RAX: ffffffffffffffda RBX: 00007ffe89bdb320 RCX: 000000000045b09a [ 1366.847302] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1366.855607] RBP: 00007ffe89bdb360 R08: 0000000000000001 R09: 000000000272a940 [ 1366.863565] R10: 000000000272ac10 R11: 0000000000000246 R12: 0000000000000001 [ 1366.871099] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe89bdb3b0 [ 1367.041893] Mem-Info: [ 1367.044354] active_anon:1295424 inactive_anon:4312 isolated_anon:0 [ 1367.044354] active_file:791 inactive_file:841 isolated_file:0 [ 1367.044354] unevictable:0 dirty:1314 writeback:0 unstable:0 [ 1367.044354] slab_reclaimable:17581 slab_unreclaimable:130390 [ 1367.044354] mapped:53713 shmem:4488 pagetables:34160 bounce:0 [ 1367.044354] free:29608 free_pcp:77 free_cma:0 [ 1367.079071] Node 0 active_anon:1866332kB inactive_anon:16116kB active_file:1412kB inactive_file:1324kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214552kB dirty:2032kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 600064kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1367.109078] Node 1 active_anon:3315364kB inactive_anon:1132kB active_file:1608kB inactive_file:1584kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:3224kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1367.245425] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1367.308378] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1367.328686] Node 0 DMA32 free:56928kB min:36296kB low:45368kB high:54440kB active_anon:1860916kB inactive_anon:16116kB active_file:1504kB inactive_file:1460kB unevictable:0kB writepending:2032kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10144kB pagetables:56696kB bounce:0kB free_pcp:288kB local_pcp:120kB free_cma:0kB [ 1367.400844] lowmem_reserve[]: 0 0 0 0 0 [ 1367.406895] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1367.448864] lowmem_reserve[]: 0 0 0 0 0 [ 1367.452985] Node 1 Normal free:51100kB min:53592kB low:66988kB high:80384kB active_anon:3315364kB inactive_anon:1132kB active_file:1528kB inactive_file:1392kB unevictable:0kB writepending:3224kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33536kB pagetables:79920kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1367.526831] lowmem_reserve[]: 0 0 0 0 0 [ 1367.536182] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1367.568687] Node 0 DMA32: 421*4kB (UME) 1259*8kB (UE) 221*16kB (UME) 209*32kB (UME) 35*64kB (UME) 15*128kB (ME) 5*256kB (ME) 4*512kB (M) 2*1024kB (ME) 4*2048kB (M) 4*4096kB (M) = 56092kB [ 1367.596907] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1367.607727] Node 1 Normal: 665*4kB (UME) 534*8kB (UME) 115*16kB (UME) 59*32kB (UME) 22*64kB (UME) 13*128kB (UME) 38*256kB (UM) 34*512kB (UME) 10*1024kB (ME) 0*2048kB 0*4096kB = 51108kB [ 1367.626715] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1367.661630] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1367.711621] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1367.737795] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1367.748465] 5914 total pagecache pages [ 1367.762315] 0 pages in swap cache [ 1367.768425] Swap cache stats: add 0, delete 0, find 0/0 [ 1367.774093] Free swap = 0kB [ 1367.777286] Total swap = 0kB [ 1367.780778] 1965979 pages RAM [ 1367.784287] 0 pages HighMem/MovableOnly [ 1367.788686] 338455 pages reserved [ 1367.792517] 0 pages cma reserved [ 1367.795885] Out of memory: Kill process 11298 (syz-executor.1) score 1007 or sacrifice child [ 1367.804974] Killed process 11298 (syz-executor.1) total-vm:75236kB, anon-rss:16552kB, file-rss:34816kB, shmem-rss:0kB [ 1367.845827] oom_reaper: reaped process 11298 (syz-executor.1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:24:40 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:40 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1368.201290] loop2: p1 p2 < > p3 p4 < p5 > [ 1368.224543] loop2: partition table partially beyond EOD, truncated [ 1368.423861] loop2: p1 size 11290111 extends beyond EOD, truncated 19:24:42 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x6100) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:49 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:49 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1377.434300] loop2: p3 start 4293001441 is beyond EOD, truncated [ 1377.466308] loop2: p5 size 11290111 extends beyond EOD, truncated 19:24:49 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:49 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:49 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r2, 0x4, 0x6100) write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:50 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:50 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1378.125178] syz-executor.5 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1378.185655] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 1378.222368] CPU: 0 PID: 20539 Comm: syz-executor.5 Not tainted 4.14.182-syzkaller #0 [ 1378.230285] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1378.239654] Call Trace: [ 1378.242251] dump_stack+0x1b2/0x283 [ 1378.245881] dump_header+0x178/0x7aa [ 1378.249592] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1378.254611] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1378.260931] ? ___ratelimit+0x2cd/0x522 [ 1378.264907] oom_kill_process.cold+0x10/0xc16 [ 1378.269401] ? lock_acquire+0x170/0x3f0 [ 1378.273397] ? lock_downgrade+0x6e0/0x6e0 [ 1378.277543] out_of_memory+0x2d5/0x10f0 [ 1378.281518] ? oom_killer_disable+0x1c0/0x1c0 [ 1378.286359] ? mutex_trylock+0x152/0x1a0 [ 1378.290544] __alloc_pages_nodemask+0x2556/0x2730 [ 1378.296273] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1378.301122] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1378.305988] ? trace_hardirqs_on+0x10/0x10 [ 1378.310233] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1378.315095] ? cache_grow_begin+0x3f/0x410 [ 1378.319331] cache_grow_begin+0x91/0x410 [ 1378.323392] fallback_alloc+0x205/0x2b0 [ 1378.327366] kmem_cache_alloc+0x1e5/0x3c0 [ 1378.331521] getname_flags+0xc8/0x550 [ 1378.335333] user_path_mountpoint_at+0x23/0x40 [ 1378.340354] SyS_umount+0x11b/0xc00 [ 1378.343981] ? lock_downgrade+0x6e0/0x6e0 [ 1378.348134] ? __detach_mounts+0x2e0/0x2e0 [ 1378.352452] ? up_read+0x17/0x30 [ 1378.355817] ? __do_page_fault+0x19a/0xb50 [ 1378.360054] ? do_syscall_64+0x4c/0x640 [ 1378.364027] ? __detach_mounts+0x2e0/0x2e0 [ 1378.369132] do_syscall_64+0x1d5/0x640 [ 1378.373046] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1378.380262] RIP: 0033:0x45f497 [ 1378.383532] RSP: 002b:00007ffe52bc1628 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1378.391349] RAX: ffffffffffffffda RBX: 000000000014e203 RCX: 000000000045f497 [ 1378.398856] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe52bc2760 [ 1378.406818] RBP: 0000000000000b14 R08: 0000000000000001 R09: 000000000153d940 [ 1378.414104] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe52bc2760 [ 1378.422467] R13: 00007ffe52bc2750 R14: 0000000000000000 R15: 00007ffe52bc2760 [ 1378.465611] Mem-Info: [ 1378.468860] active_anon:1299578 inactive_anon:4312 isolated_anon:0 [ 1378.468860] active_file:664 inactive_file:1196 isolated_file:64 [ 1378.468860] unevictable:0 dirty:1348 writeback:0 unstable:0 [ 1378.468860] slab_reclaimable:17573 slab_unreclaimable:130315 [ 1378.468860] mapped:54035 shmem:4488 pagetables:34215 bounce:0 [ 1378.468860] free:24778 free_pcp:365 free_cma:0 [ 1378.510266] Node 0 active_anon:1876908kB inactive_anon:16116kB active_file:1616kB inactive_file:1920kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:215640kB dirty:2156kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 608256kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1378.546436] Node 1 active_anon:3321404kB inactive_anon:1132kB active_file:1640kB inactive_file:1648kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:3236kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1378.581952] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1378.621434] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1378.626660] Node 0 DMA32 free:40656kB min:36296kB low:45368kB high:54440kB active_anon:1871492kB inactive_anon:16116kB active_file:1248kB inactive_file:1332kB unevictable:0kB writepending:2156kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10176kB pagetables:57012kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1378.660726] lowmem_reserve[]: 0 0 0 0 0 [ 1378.664849] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1378.695561] lowmem_reserve[]: 0 0 0 0 0 [ 1378.720502] Node 1 Normal free:50956kB min:53592kB low:66988kB high:80384kB active_anon:3321812kB inactive_anon:1132kB active_file:1764kB inactive_file:1464kB unevictable:0kB writepending:3236kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33696kB pagetables:79824kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1378.812788] lowmem_reserve[]: 0 0 0 0 0 [ 1378.838228] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1378.962107] Node 0 DMA32: 2*4kB (U) 763*8kB (UE) 190*16kB (UME) 201*32kB (UM) 30*64kB (UM) 3*128kB (ME) 4*256kB (ME) 0*512kB 1*1024kB (E) 2*2048kB (M) 3*4096kB (M) = 36320kB [ 1378.985397] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1378.996756] Node 1 Normal: 491*4kB (UME) 929*8kB (UME) 141*16kB (UME) 53*32kB (UME) 9*64kB (ME) 11*128kB (UE) 34*256kB (UM) 34*512kB (UME) 10*1024kB (ME) 0*2048kB 0*4096kB = 51684kB [ 1379.045580] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1379.078877] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1379.131570] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1379.162947] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1379.186605] 6047 total pagecache pages [ 1379.196359] 0 pages in swap cache [ 1379.232858] Swap cache stats: add 0, delete 0, find 0/0 [ 1379.247175] Free swap = 0kB [ 1379.261109] Total swap = 0kB [ 1379.267181] 1965979 pages RAM [ 1379.286103] 0 pages HighMem/MovableOnly [ 1379.325076] 338455 pages reserved [ 1379.328690] 0 pages cma reserved [ 1379.332058] Out of memory: Kill process 23029 (syz-executor.4) score 1007 or sacrifice child [ 1379.351433] Killed process 23029 (syz-executor.4) total-vm:75368kB, anon-rss:16564kB, file-rss:34816kB, shmem-rss:0kB 19:24:53 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:53 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:24:54 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:24:54 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6100) write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:24:55 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:24:55 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) [ 1387.837055] syz-executor.4 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1387.912336] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 1387.936587] CPU: 1 PID: 6351 Comm: syz-executor.4 Not tainted 4.14.182-syzkaller #0 [ 1387.947202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1387.956558] Call Trace: [ 1387.959155] dump_stack+0x1b2/0x283 [ 1387.962790] dump_header+0x178/0x7aa [ 1387.967041] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1387.972183] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1387.977479] ? ___ratelimit+0x2cd/0x522 [ 1387.981456] oom_kill_process.cold+0x10/0xc16 [ 1387.986912] ? lock_downgrade+0x6e0/0x6e0 [ 1387.991154] out_of_memory+0x2d5/0x10f0 [ 1387.995138] ? oom_killer_disable+0x1c0/0x1c0 [ 1388.000242] ? mutex_trylock+0x152/0x1a0 [ 1388.004311] __alloc_pages_nodemask+0x2556/0x2730 [ 1388.009167] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1388.014042] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1388.018886] ? trace_hardirqs_on+0x10/0x10 [ 1388.023126] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1388.028970] ? cache_grow_begin+0x3f/0x410 [ 1388.033211] cache_grow_begin+0x91/0x410 [ 1388.037275] fallback_alloc+0x205/0x2b0 [ 1388.041252] kmem_cache_alloc+0x1e5/0x3c0 [ 1388.045399] getname_flags+0xc8/0x550 [ 1388.049202] user_path_mountpoint_at+0x23/0x40 [ 1388.053788] SyS_umount+0x11b/0xc00 [ 1388.057412] ? lock_downgrade+0x6e0/0x6e0 [ 1388.061563] ? __detach_mounts+0x2e0/0x2e0 [ 1388.065824] ? up_read+0x17/0x30 [ 1388.069191] ? __do_page_fault+0x19a/0xb50 [ 1388.073424] ? do_syscall_64+0x4c/0x640 [ 1388.077414] ? __detach_mounts+0x2e0/0x2e0 [ 1388.081654] do_syscall_64+0x1d5/0x640 [ 1388.085550] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1388.090738] RIP: 0033:0x45f497 [ 1388.093925] RSP: 002b:00007fff6e714a38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1388.101641] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045f497 [ 1388.108917] RDX: 00000000004031d8 RSI: 0000000000000002 RDI: 00007fff6e714ae0 [ 1388.116194] RBP: 0000000000001b4a R08: 0000000000000000 R09: 000000000000001f [ 1388.123467] R10: 0000000000000018 R11: 0000000000000246 R12: 00007fff6e715b70 [ 1388.130739] R13: 0000000002989940 R14: 0000000000000000 R15: 00007fff6e715b70 [ 1388.380812] Mem-Info: [ 1388.383344] active_anon:1304064 inactive_anon:4312 isolated_anon:0 [ 1388.383344] active_file:716 inactive_file:674 isolated_file:0 [ 1388.383344] unevictable:0 dirty:1343 writeback:0 unstable:0 [ 1388.383344] slab_reclaimable:17665 slab_unreclaimable:129950 [ 1388.383344] mapped:53546 shmem:4488 pagetables:34335 bounce:0 [ 1388.383344] free:21488 free_pcp:0 free_cma:0 [ 1388.427889] Node 0 active_anon:1888984kB inactive_anon:16116kB active_file:1008kB inactive_file:1008kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:214160kB dirty:2140kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 614400kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1388.536462] Node 1 active_anon:3327272kB inactive_anon:1132kB active_file:1676kB inactive_file:1660kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:3232kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1388.574323] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1388.618007] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1388.623082] Node 0 DMA32 free:27360kB min:36296kB low:45368kB high:54440kB active_anon:1883568kB inactive_anon:16116kB active_file:1188kB inactive_file:1016kB unevictable:0kB writepending:2140kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10240kB pagetables:57076kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1388.680483] lowmem_reserve[]: 0 0 0 0 0 [ 1388.684563] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1388.888084] lowmem_reserve[]: 0 0 0 0 0 [ 1388.892132] Node 1 Normal free:48176kB min:53592kB low:66988kB high:80384kB active_anon:3327272kB inactive_anon:1132kB active_file:1732kB inactive_file:1264kB unevictable:0kB writepending:3232kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33536kB pagetables:80240kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1388.927416] lowmem_reserve[]: 0 0 0 0 0 [ 1388.931446] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1388.947171] Node 0 DMA32: 9*4kB (ME) 631*8kB (UME) 116*16kB (UME) 190*32kB (UME) 27*64kB (UM) 5*128kB (ME) 2*256kB (M) 2*512kB (M) 2*1024kB (ME) 0*2048kB 2*4096kB (M) = 27164kB [ 1388.972650] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1388.985671] Node 1 Normal: 182*4kB (UM) 874*8kB (UME) 188*16kB (UME) 16*32kB (UME) 2*64kB (ME) 11*128kB (UE) 31*256kB (UM) 34*512kB (UME) 10*1024kB (ME) 0*2048kB 0*4096kB = 48360kB [ 1389.014995] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1389.036600] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1389.065526] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1389.086181] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1389.096577] 5865 total pagecache pages [ 1389.104260] 0 pages in swap cache [ 1389.107803] Swap cache stats: add 0, delete 0, find 0/0 [ 1389.113181] Free swap = 0kB [ 1389.116211] Total swap = 0kB [ 1389.132951] 1965979 pages RAM [ 1389.136109] 0 pages HighMem/MovableOnly [ 1389.142060] 338455 pages reserved [ 1389.145537] 0 pages cma reserved [ 1389.152457] Out of memory: Kill process 22998 (syz-executor.5) score 1007 or sacrifice child [ 1389.165005] Killed process 22998 (syz-executor.5) total-vm:75236kB, anon-rss:16564kB, file-rss:34816kB, shmem-rss:0kB [ 1389.273884] oom_reaper: reaped process 22998 (syz-executor.5), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1389.325622] oom_reaper: reaped process 23070 (syz-executor.0), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1389.410282] syz-executor.2 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1389.468147] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 1389.473303] CPU: 0 PID: 23071 Comm: syz-executor.2 Not tainted 4.14.182-syzkaller #0 [ 1389.490647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1389.500010] Call Trace: [ 1389.502602] dump_stack+0x1b2/0x283 [ 1389.506230] dump_header+0x178/0x7aa [ 1389.510305] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1389.518973] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1389.524686] ? ___ratelimit+0x2cd/0x522 [ 1389.528663] oom_kill_process.cold+0x10/0xc16 [ 1389.533158] ? lock_downgrade+0x6e0/0x6e0 [ 1389.537307] out_of_memory+0x2d5/0x10f0 [ 1389.541283] ? oom_killer_disable+0x1c0/0x1c0 [ 1389.545808] ? mutex_trylock+0x152/0x1a0 [ 1389.549873] __alloc_pages_nodemask+0x2556/0x2730 [ 1389.554724] ? kasan_kmalloc.part.0+0xa6/0xd0 [ 1389.559227] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1389.564067] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1389.569008] ? trace_hardirqs_on+0x10/0x10 [ 1389.573252] ? cache_grow_begin+0x3f/0x410 [ 1389.578306] cache_grow_begin+0x91/0x410 [ 1389.582461] fallback_alloc+0x205/0x2b0 [ 1389.586439] kmem_cache_alloc+0x1e5/0x3c0 [ 1389.591797] getname_flags+0xc8/0x550 [ 1389.595600] SyS_symlinkat+0xa2/0x1f0 [ 1389.599399] ? SyS_unlink+0x20/0x20 [ 1389.603056] ? __do_page_fault+0x19a/0xb50 [ 1389.607314] ? do_syscall_64+0x4c/0x640 [ 1389.611280] ? SyS_symlinkat+0x1f0/0x1f0 [ 1389.616222] do_syscall_64+0x1d5/0x640 [ 1389.620111] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1389.625292] RIP: 0033:0x45c7f7 [ 1389.628474] RSP: 002b:00007ffe569b9998 EFLAGS: 00000202 ORIG_RAX: 0000000000000058 [ 1389.636205] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045c7f7 [ 1389.643468] RDX: 00007ffe569b9a33 RSI: 00000000004c25c5 RDI: 00007ffe569b9a20 [ 1389.650734] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000013 [ 1389.658003] R10: 0000000000000075 R11: 0000000000000202 R12: 0000000000000000 [ 1389.665268] R13: 00007ffe569b99d0 R14: 0000000000000000 R15: 00007ffe569b99e0 [ 1389.705005] Mem-Info: [ 1389.708607] active_anon:1299946 inactive_anon:4312 isolated_anon:0 [ 1389.708607] active_file:733 inactive_file:621 isolated_file:64 [ 1389.708607] unevictable:0 dirty:1343 writeback:0 unstable:0 [ 1389.708607] slab_reclaimable:17665 slab_unreclaimable:129999 [ 1389.708607] mapped:53522 shmem:4488 pagetables:34298 bounce:0 [ 1389.708607] free:25428 free_pcp:142 free_cma:0 [ 1389.779760] Node 0 active_anon:1872512kB inactive_anon:16116kB active_file:2032kB inactive_file:1968kB unevictable:0kB isolated(anon):0kB isolated(file):372kB mapped:215764kB dirty:2140kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 614400kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1389.817151] Node 1 active_anon:3327272kB inactive_anon:1132kB active_file:1712kB inactive_file:1504kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:24kB dirty:3232kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1389.856174] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1389.939500] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1389.945134] Node 0 DMA32 free:42692kB min:36296kB low:45368kB high:54440kB active_anon:1867052kB inactive_anon:16116kB active_file:1376kB inactive_file:1256kB unevictable:0kB writepending:2136kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10208kB pagetables:56944kB bounce:0kB free_pcp:20kB local_pcp:20kB free_cma:0kB [ 1389.991540] lowmem_reserve[]: 0 0 0 0 0 [ 1389.995592] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1390.085715] lowmem_reserve[]: 0 0 0 0 0 [ 1390.098793] Node 1 Normal free:48708kB min:53592kB low:66988kB high:80384kB active_anon:3327204kB inactive_anon:1132kB active_file:1616kB inactive_file:1560kB unevictable:0kB writepending:3232kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33504kB pagetables:80140kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1390.137721] lowmem_reserve[]: 0 0 0 0 0 [ 1390.145213] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1390.188154] Node 0 DMA32: 58*4kB (UME) 634*8kB (UME) 154*16kB (UM) 185*32kB (UME) 33*64kB (UM) 8*128kB (ME) 2*256kB (M) 2*512kB (M) 2*1024kB (ME) 5*2048kB (M) 3*4096kB (M) = 42936kB [ 1390.231198] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1390.257592] Node 1 Normal: 215*4kB (UM) 893*8kB (UME) 188*16kB (UME) 18*32kB (UME) 2*64kB (ME) 11*128kB (UE) 31*256kB (UM) 34*512kB (UME) 10*1024kB (ME) 0*2048kB 0*4096kB = 48708kB [ 1390.292096] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1390.312189] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1390.321410] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1390.356828] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1390.367173] 6008 total pagecache pages [ 1390.371082] 0 pages in swap cache [ 1390.374526] Swap cache stats: add 0, delete 0, find 0/0 [ 1390.386817] Free swap = 0kB [ 1390.397211] Total swap = 0kB [ 1390.400269] 1965979 pages RAM [ 1390.424361] 0 pages HighMem/MovableOnly [ 1390.428532] 338455 pages reserved [ 1390.431978] 0 pages cma reserved [ 1390.435400] Out of memory: Kill process 16325 (syz-executor.1) score 1007 or sacrifice child [ 1390.458358] Killed process 16325 (syz-executor.1) total-vm:75236kB, anon-rss:16552kB, file-rss:34816kB, shmem-rss:0kB [ 1390.626578] loop2: p1 p2 < > p3 p4 < p5 > [ 1390.631759] loop2: partition table partially beyond EOD, truncated [ 1390.651051] loop2: p1 size 11290111 extends beyond EOD, truncated [ 1390.690110] loop2: p3 start 4293001441 is beyond EOD, truncated [ 1390.717692] loop2: p5 size 11290111 extends beyond EOD, truncated [ 1391.174673] loop2: p1 p2 < > p3 p4 < p5 > [ 1391.183530] loop2: partition table partially beyond EOD, truncated [ 1391.190933] loop2: p1 size 11290111 extends beyond EOD, truncated [ 1391.203891] loop2: p3 start 4293001441 is beyond EOD, truncated [ 1391.213082] loop2: p5 size 11290111 extends beyond EOD, truncated 19:25:04 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6100) write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1393.604098] systemd-udevd invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=-1000 [ 1393.685422] systemd-udevd cpuset=/ mems_allowed=0-1 [ 1393.713538] CPU: 1 PID: 3641 Comm: systemd-udevd Not tainted 4.14.182-syzkaller #0 [ 1393.721290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1393.730646] Call Trace: [ 1393.740196] dump_stack+0x1b2/0x283 [ 1393.743837] dump_header+0x178/0x7aa [ 1393.747557] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1393.752583] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1393.757689] ? ___ratelimit+0x2cd/0x522 [ 1393.761666] oom_kill_process.cold+0x10/0xc16 [ 1393.766172] ? lock_downgrade+0x6e0/0x6e0 [ 1393.770324] out_of_memory+0x2d5/0x10f0 [ 1393.774302] ? oom_killer_disable+0x1c0/0x1c0 [ 1393.778796] ? mutex_trylock+0x152/0x1a0 [ 1393.782882] __alloc_pages_nodemask+0x2556/0x2730 [ 1393.787812] ? kmemdup+0x23/0x50 [ 1393.791184] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1393.796018] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1393.800855] ? trace_hardirqs_on+0x10/0x10 [ 1393.805098] ? cache_grow_begin+0x3f/0x410 [ 1393.809330] cache_grow_begin+0x91/0x410 [ 1393.813391] fallback_alloc+0x205/0x2b0 [ 1393.817363] kmem_cache_alloc+0x1e5/0x3c0 [ 1393.821508] getname_flags+0xc8/0x550 [ 1393.825307] user_path_at_empty+0x2a/0x50 [ 1393.829451] SyS_faccessat+0x21b/0x680 [ 1393.833333] ? SyS_fallocate+0x80/0x80 [ 1393.837233] ? do_syscall_64+0x4c/0x640 [ 1393.841199] ? SyS_faccessat+0x680/0x680 [ 1393.845364] do_syscall_64+0x1d5/0x640 [ 1393.849262] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1393.854551] RIP: 0033:0x7f04fa2949c7 [ 1393.858260] RSP: 002b:00007ffc616a4be8 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 [ 1393.865967] RAX: ffffffffffffffda RBX: 000055fc7dc84eb0 RCX: 00007f04fa2949c7 [ 1393.873242] RDX: 00746e657665752f RSI: 0000000000000000 RDI: 00007ffc616a4bf0 [ 1393.880553] RBP: 00007ffc616a4c70 R08: 0000000000004400 R09: 0000000000001010 [ 1393.887820] R10: 00007f04fa552b58 R11: 0000000000000246 R12: 000055fc7c97b856 [ 1393.895106] R13: 000055fc7dc5ba10 R14: 00007ffc616a4bf0 R15: 000055fc7dc9d060 [ 1394.296874] Mem-Info: [ 1394.300536] active_anon:1302695 inactive_anon:4312 isolated_anon:0 [ 1394.300536] active_file:1163 inactive_file:1076 isolated_file:32 [ 1394.300536] unevictable:0 dirty:2233 writeback:0 unstable:0 [ 1394.300536] slab_reclaimable:17631 slab_unreclaimable:131257 [ 1394.300536] mapped:53603 shmem:4488 pagetables:34285 bounce:0 [ 1394.300536] free:20713 free_pcp:0 free_cma:0 [ 1394.342197] Node 0 active_anon:1888644kB inactive_anon:16116kB active_file:1252kB inactive_file:948kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214356kB dirty:2164kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 612352kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1394.381769] Node 1 active_anon:3322136kB inactive_anon:1132kB active_file:3228kB inactive_file:3260kB unevictable:0kB isolated(anon):0kB isolated(file):384kB mapped:56kB dirty:6768kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1394.435415] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1394.469512] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1394.474609] Node 0 DMA32 free:27580kB min:36296kB low:45368kB high:54440kB active_anon:1883228kB inactive_anon:16116kB active_file:1148kB inactive_file:992kB unevictable:0kB writepending:2164kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10240kB pagetables:56976kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1394.504171] lowmem_reserve[]: 0 0 0 0 0 [ 1394.508231] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1394.533842] lowmem_reserve[]: 0 0 0 0 0 [ 1394.541944] Node 1 Normal free:44872kB min:53592kB low:66988kB high:80384kB active_anon:3322136kB inactive_anon:1132kB active_file:3224kB inactive_file:3424kB unevictable:0kB writepending:6768kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33472kB pagetables:80140kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1394.575398] lowmem_reserve[]: 0 0 0 0 0 [ 1394.579468] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1394.601857] Node 0 DMA32: 191*4kB (UME) 650*8kB (UME) 113*16kB (UE) 162*32kB (UME) 8*64kB (UM) 3*128kB (ME) 2*256kB (M) 2*512kB (M) 2*1024kB (ME) 1*2048kB (M) 2*4096kB (M) = 27676kB [ 1394.622270] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1394.633086] Node 1 Normal: 195*4kB (UME) 334*8kB (UME) 80*16kB (UME) 52*32kB (UME) 9*64kB (ME) 13*128kB (UME) 9*256kB (UM) 41*512kB (UME) 11*1024kB (ME) 1*2048kB (M) 0*4096kB = 45244kB [ 1394.653602] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1394.662606] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1394.675932] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1394.684868] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1394.697451] 6785 total pagecache pages [ 1394.701374] 0 pages in swap cache [ 1394.704816] Swap cache stats: add 0, delete 0, find 0/0 [ 1394.713537] Free swap = 0kB [ 1394.716558] Total swap = 0kB [ 1394.726739] 1965979 pages RAM [ 1394.735855] 0 pages HighMem/MovableOnly [ 1394.740580] 338455 pages reserved [ 1394.744042] 0 pages cma reserved [ 1394.763534] Out of memory: Kill process 19641 (syz-executor.0) score 1007 or sacrifice child [ 1394.774246] Killed process 19641 (syz-executor.0) total-vm:75104kB, anon-rss:16556kB, file-rss:34816kB, shmem-rss:0kB [ 1402.277158] syz-fuzzer invoked oom-killer: gfp_mask=0x14201ca(GFP_HIGHUSER_MOVABLE|__GFP_COLD), nodemask=(null), order=0, oom_score_adj=0 [ 1402.289820] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1402.294593] CPU: 0 PID: 6326 Comm: syz-fuzzer Not tainted 4.14.182-syzkaller #0 [ 1402.302035] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1402.311388] Call Trace: [ 1402.313978] dump_stack+0x1b2/0x283 [ 1402.317607] dump_header+0x178/0x7aa [ 1402.321317] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1402.326332] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1402.331436] ? ___ratelimit+0x2cd/0x522 [ 1402.335411] oom_kill_process.cold+0x10/0xc16 [ 1402.339917] ? lock_downgrade+0x6e0/0x6e0 [ 1402.344068] out_of_memory+0x2d5/0x10f0 [ 1402.348048] ? oom_killer_disable+0x1c0/0x1c0 [ 1402.352543] ? mutex_trylock+0x152/0x1a0 [ 1402.356606] __alloc_pages_nodemask+0x2556/0x2730 [ 1402.361543] ? __schedule+0x8ae/0x1d70 [ 1402.365442] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1402.370287] ? trace_hardirqs_on+0x10/0x10 [ 1402.374519] ? find_get_entry+0x31b/0x660 [ 1402.378674] alloc_pages_current+0xe7/0x1e0 [ 1402.382998] __page_cache_alloc+0x243/0x3c0 [ 1402.387321] filemap_fault+0xd42/0x18f0 [ 1402.391298] ext4_filemap_fault+0x84/0xb0 [ 1402.395444] __do_fault+0xfa/0x380 [ 1402.399067] __handle_mm_fault+0x2055/0x3700 [ 1402.403474] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1402.408246] ? setup_sigcontext+0x820/0x820 [ 1402.412563] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1402.417604] handle_mm_fault+0x306/0x794 [ 1402.421666] __do_page_fault+0x578/0xb50 [ 1402.425726] ? mm_fault_error+0x2c0/0x2c0 [ 1402.429868] ? do_page_fault+0x60/0x4f2 [ 1402.433876] ? page_fault+0x2f/0x50 [ 1402.437673] page_fault+0x45/0x50 [ 1402.441118] RIP: 01b4:0x200 [ 1402.444038] RSP: 0360:000000c000009878 EFLAGS: 000001b5 [ 1402.480357] Mem-Info: [ 1402.488223] active_anon:1298566 inactive_anon:4312 isolated_anon:0 [ 1402.488223] active_file:1175 inactive_file:1099 isolated_file:0 [ 1402.488223] unevictable:0 dirty:2233 writeback:0 unstable:0 [ 1402.488223] slab_reclaimable:17591 slab_unreclaimable:131420 [ 1402.488223] mapped:53578 shmem:4488 pagetables:34252 bounce:0 [ 1402.488223] free:24829 free_pcp:45 free_cma:0 [ 1402.530081] Node 0 active_anon:1879364kB inactive_anon:16116kB active_file:1204kB inactive_file:1048kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214312kB dirty:2164kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 612352kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1402.564347] Node 1 active_anon:3314900kB inactive_anon:1132kB active_file:3480kB inactive_file:3324kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:6768kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1402.598930] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1402.630633] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1402.635706] Node 0 DMA32 free:36280kB min:36296kB low:45368kB high:54440kB active_anon:1873948kB inactive_anon:16116kB active_file:1176kB inactive_file:1064kB unevictable:0kB writepending:2164kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10240kB pagetables:56856kB bounce:0kB free_pcp:180kB local_pcp:64kB free_cma:0kB [ 1402.665795] lowmem_reserve[]: 0 0 0 0 0 [ 1402.683758] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1402.716090] lowmem_reserve[]: 0 0 0 0 0 [ 1402.720159] Node 1 Normal free:52636kB min:53592kB low:66988kB high:80384kB active_anon:3314900kB inactive_anon:1132kB active_file:3392kB inactive_file:3304kB unevictable:0kB writepending:6768kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33440kB pagetables:80128kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1402.766492] lowmem_reserve[]: 0 0 0 0 0 [ 1402.770495] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1402.786686] Node 0 DMA32: 724*4kB (ME) 891*8kB (UME) 225*16kB (UME) 196*32kB (UME) 16*64kB (UM) 4*128kB (ME) 4*256kB (M) 3*512kB (M) 2*1024kB (ME) 1*2048kB (M) 2*4096kB (M) = 36280kB [ 1402.803332] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1402.814571] Node 1 Normal: 289*4kB (UME) 455*8kB (UME) 184*16kB (UME) 106*32kB (UME) 38*64kB (ME) 19*128kB (UME) 9*256kB (UM) 41*512kB (UME) 11*1024kB (ME) 1*2048kB (M) 0*4096kB = 52604kB [ 1402.839578] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1402.854208] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1402.862846] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1402.871763] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1402.880465] 6753 total pagecache pages [ 1402.884434] 0 pages in swap cache [ 1402.887933] Swap cache stats: add 0, delete 0, find 0/0 [ 1402.893321] Free swap = 0kB [ 1402.917309] Total swap = 0kB [ 1402.920346] 1965979 pages RAM [ 1402.923441] 0 pages HighMem/MovableOnly [ 1402.940877] 338455 pages reserved [ 1402.944433] 0 pages cma reserved [ 1402.949319] Out of memory: Kill process 26184 (syz-executor.4) score 1007 or sacrifice child [ 1402.967032] Killed process 26184 (syz-executor.4) total-vm:75368kB, anon-rss:16552kB, file-rss:34816kB, shmem-rss:0kB [ 1403.063422] oom_reaper: reaped process 26184 (syz-executor.4), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:25:04 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:25:17 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:25:18 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:25:18 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:25:18 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a3100000000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1416.565456] syz-executor.4 invoked oom-killer: gfp_mask=0x15080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0 [ 1416.583053] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 1416.588783] CPU: 1 PID: 6351 Comm: syz-executor.4 Not tainted 4.14.182-syzkaller #0 [ 1416.596669] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1416.606029] Call Trace: [ 1416.608628] dump_stack+0x1b2/0x283 [ 1416.612261] dump_header+0x178/0x7aa [ 1416.615977] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1416.621082] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1416.626187] ? ___ratelimit+0x2cd/0x522 [ 1416.630511] oom_kill_process.cold+0x10/0xc16 [ 1416.636502] ? lock_downgrade+0x6e0/0x6e0 [ 1416.640741] out_of_memory+0x2d5/0x10f0 [ 1416.644725] ? oom_killer_disable+0x1c0/0x1c0 [ 1416.649217] ? mutex_trylock+0x152/0x1a0 [ 1416.653296] __alloc_pages_nodemask+0x2556/0x2730 [ 1416.658163] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1416.663100] ? alloc_set_pte+0xc07/0x1550 [ 1416.667265] ? rcu_read_lock_sched_held+0x10a/0x130 [ 1416.672285] ? kmem_cache_alloc_node+0x387/0x400 [ 1416.677057] copy_process.part.0+0x26a/0x6fa0 [ 1416.681570] ? trace_hardirqs_on+0x10/0x10 [ 1416.685804] ? trace_hardirqs_on+0x10/0x10 [ 1416.690036] ? lock_downgrade+0x6e0/0x6e0 [ 1416.694183] ? trace_hardirqs_on+0x10/0x10 [ 1416.698418] ? __cleanup_sighand+0x40/0x40 [ 1416.702645] ? lock_downgrade+0x6e0/0x6e0 [ 1416.706796] _do_fork+0x180/0xc80 [ 1416.710506] ? put_timespec64+0xaa/0xf0 [ 1416.714472] ? fork_idle+0x270/0x270 [ 1416.718184] ? SyS_clock_gettime+0xf5/0x180 [ 1416.722497] ? SyS_clock_settime+0x1a0/0x1a0 [ 1416.726903] ? do_syscall_64+0x4c/0x640 [ 1416.730867] ? sys_vfork+0x20/0x20 [ 1416.734398] do_syscall_64+0x1d5/0x640 [ 1416.738284] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1416.743462] RIP: 0033:0x45b09a [ 1416.746644] RSP: 002b:00007fff6e715ae0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1416.754363] RAX: ffffffffffffffda RBX: 00007fff6e715ae0 RCX: 000000000045b09a [ 1416.761624] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1416.768884] RBP: 00007fff6e715b20 R08: 0000000000000001 R09: 0000000002988940 [ 1416.776147] R10: 0000000002988c10 R11: 0000000000000246 R12: 0000000000000001 [ 1416.783408] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff6e715b70 [ 1416.806361] Mem-Info: [ 1416.808808] active_anon:1294439 inactive_anon:4312 isolated_anon:0 [ 1416.808808] active_file:1147 inactive_file:1089 isolated_file:64 [ 1416.808808] unevictable:0 dirty:2246 writeback:0 unstable:0 [ 1416.808808] slab_reclaimable:17512 slab_unreclaimable:131847 [ 1416.808808] mapped:53628 shmem:4488 pagetables:34218 bounce:0 [ 1416.808808] free:28396 free_pcp:283 free_cma:0 [ 1416.843722] Node 0 active_anon:1862884kB inactive_anon:16116kB active_file:1300kB inactive_file:1224kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214512kB dirty:2216kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 612352kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1416.872834] Node 1 active_anon:3314872kB inactive_anon:1132kB active_file:3524kB inactive_file:3328kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:6768kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1416.902241] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1416.990818] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1417.012791] Node 0 DMA32 free:47252kB min:36296kB low:45368kB high:54440kB active_anon:1857468kB inactive_anon:16116kB active_file:1308kB inactive_file:1052kB unevictable:0kB writepending:2216kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10240kB pagetables:56720kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1417.042518] lowmem_reserve[]: 0 0 0 0 0 [ 1417.046562] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1417.071925] lowmem_reserve[]: 0 0 0 0 0 [ 1417.085390] Node 1 Normal free:56956kB min:53592kB low:66988kB high:80384kB active_anon:3314872kB inactive_anon:1132kB active_file:3364kB inactive_file:3292kB unevictable:0kB writepending:6768kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33408kB pagetables:80128kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1417.209732] lowmem_reserve[]: 0 0 0 0 0 [ 1417.213755] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1417.260177] Node 0 DMA32: 886*4kB (UME) 683*8kB (UME) 328*16kB (UME) 317*32kB (UME) 73*64kB (UME) 11*128kB (ME) 4*256kB (M) 3*512kB (M) 2*1024kB (ME) 1*2048kB (M) 2*4096kB (M) = 45328kB [ 1417.313385] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1417.355804] Node 1 Normal: 327*4kB (UME) 792*8kB (UME) 254*16kB (UME) 110*32kB (UME) 40*64kB (UME) 18*128kB (UME) 10*256kB (UM) 41*512kB (UME) 11*1024kB (ME) 1*2048kB (M) 0*4096kB = 56956kB [ 1417.400668] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1417.420084] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1417.429281] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1417.438719] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1417.448314] 6865 total pagecache pages [ 1417.452659] 0 pages in swap cache [ 1417.456904] Swap cache stats: add 0, delete 0, find 0/0 [ 1417.463637] Free swap = 0kB [ 1417.467455] Total swap = 0kB [ 1417.471335] 1965979 pages RAM [ 1417.475056] 0 pages HighMem/MovableOnly [ 1417.479533] 338455 pages reserved [ 1417.483882] 0 pages cma reserved [ 1417.488174] Out of memory: Kill process 3938 (syz-executor.3) score 1007 or sacrifice child [ 1417.497835] Killed process 3938 (syz-executor.3) total-vm:75368kB, anon-rss:16556kB, file-rss:34816kB, shmem-rss:0kB [ 1417.676665] loop2: p1 p2 < > p3 p4 < p5 > [ 1417.691884] loop2: partition table partially beyond EOD, truncated [ 1417.712831] loop2: p1 size 11290111 extends beyond EOD, truncated [ 1417.741769] loop2: p3 start 4293001441 is beyond EOD, truncated [ 1417.772118] loop2: p5 size 11290111 extends beyond EOD, truncated 19:25:30 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:25:31 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:25:31 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x0, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:25:31 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6100) write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1425.098646] syz-executor.5 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1425.218023] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 1425.232493] CPU: 0 PID: 20539 Comm: syz-executor.5 Not tainted 4.14.182-syzkaller #0 [ 1425.240408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1425.249775] Call Trace: [ 1425.252365] dump_stack+0x1b2/0x283 [ 1425.255993] dump_header+0x178/0x7aa [ 1425.259705] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1425.264719] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1425.269820] ? ___ratelimit+0x2cd/0x522 [ 1425.273795] oom_kill_process.cold+0x10/0xc16 [ 1425.278290] ? lock_downgrade+0x6e0/0x6e0 [ 1425.282438] out_of_memory+0x2d5/0x10f0 [ 1425.286409] ? oom_killer_disable+0x1c0/0x1c0 [ 1425.290897] ? mutex_trylock+0x152/0x1a0 [ 1425.294954] __alloc_pages_nodemask+0x2556/0x2730 [ 1425.299808] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1425.307006] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1425.312022] ? trace_hardirqs_on+0x10/0x10 [ 1425.316256] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1425.321096] ? cache_grow_begin+0x3f/0x410 [ 1425.325326] cache_grow_begin+0x91/0x410 [ 1425.329385] fallback_alloc+0x205/0x2b0 [ 1425.333357] kmem_cache_alloc+0x1e5/0x3c0 [ 1425.337503] getname_flags+0xc8/0x550 [ 1425.341304] user_path_mountpoint_at+0x23/0x40 [ 1425.345882] SyS_umount+0x11b/0xc00 [ 1425.349501] ? lock_downgrade+0x6e0/0x6e0 [ 1425.353643] ? __detach_mounts+0x2e0/0x2e0 [ 1425.357867] ? up_read+0x17/0x30 [ 1425.361227] ? __do_page_fault+0x19a/0xb50 [ 1425.365454] ? do_syscall_64+0x4c/0x640 [ 1425.369418] ? __detach_mounts+0x2e0/0x2e0 [ 1425.373647] do_syscall_64+0x1d5/0x640 [ 1425.377542] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1425.382722] RIP: 0033:0x45f497 [ 1425.385923] RSP: 002b:00007ffe52bc1628 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1425.393629] RAX: ffffffffffffffda RBX: 000000000015a9e2 RCX: 000000000045f497 [ 1425.400981] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe52bc2760 [ 1425.408254] RBP: 0000000000000b38 R08: 0000000000000001 R09: 000000000153d940 [ 1425.415521] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe52bc2760 [ 1425.422785] R13: 00007ffe52bc2750 R14: 0000000000000000 R15: 00007ffe52bc2760 [ 1425.477296] Mem-Info: [ 1425.479744] active_anon:1298609 inactive_anon:4312 isolated_anon:0 [ 1425.479744] active_file:2748 inactive_file:2701 isolated_file:64 [ 1425.479744] unevictable:0 dirty:5473 writeback:0 unstable:0 [ 1425.479744] slab_reclaimable:17756 slab_unreclaimable:132057 [ 1425.479744] mapped:53578 shmem:4488 pagetables:34282 bounce:0 [ 1425.479744] free:20742 free_pcp:70 free_cma:0 [ 1425.513946] Node 0 active_anon:1879864kB inactive_anon:16116kB active_file:2412kB inactive_file:2204kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214312kB dirty:4572kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 614400kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1425.542474] Node 1 active_anon:3314572kB inactive_anon:1132kB active_file:8648kB inactive_file:8728kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:17320kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1425.579310] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1425.716868] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1425.721948] Node 0 DMA32 free:27344kB min:36296kB low:45368kB high:54440kB active_anon:1874448kB inactive_anon:16116kB active_file:2232kB inactive_file:2180kB unevictable:0kB writepending:4572kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10240kB pagetables:56768kB bounce:0kB free_pcp:280kB local_pcp:116kB free_cma:0kB [ 1425.751877] lowmem_reserve[]: 0 0 0 0 0 [ 1425.755910] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1425.790618] lowmem_reserve[]: 0 0 0 0 0 [ 1425.794658] Node 1 Normal free:45224kB min:53592kB low:66988kB high:80384kB active_anon:3314572kB inactive_anon:1132kB active_file:8548kB inactive_file:8600kB unevictable:0kB writepending:17320kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33504kB pagetables:80336kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1425.958352] lowmem_reserve[]: 0 0 0 0 0 [ 1425.962389] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1425.985349] Node 0 DMA32: 84*4kB (UME) 56*8kB (UME) 39*16kB (UE) 221*32kB (UME) 73*64kB (UME) 11*128kB (ME) 4*256kB (M) 3*512kB (M) 2*1024kB (ME) 2*2048kB (M) 1*4096kB (M) = 27360kB [ 1426.091873] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1426.134790] Node 1 Normal: 682*4kB (UME) 363*8kB (UME) 200*16kB (UM) 40*32kB (UM) 4*64kB (UM) 8*128kB (UE) 6*256kB (UM) 37*512kB (UME) 11*1024kB (ME) 1*2048kB (M) 0*4096kB = 45184kB [ 1426.179518] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1426.194798] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1426.262973] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1426.274532] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1426.283180] 9981 total pagecache pages [ 1426.324770] 0 pages in swap cache [ 1426.329123] Swap cache stats: add 0, delete 0, find 0/0 [ 1426.334481] Free swap = 0kB [ 1426.464752] Total swap = 0kB [ 1426.468158] 1965979 pages RAM [ 1426.471255] 0 pages HighMem/MovableOnly [ 1426.496894] 338455 pages reserved [ 1426.500458] 0 pages cma reserved [ 1426.503813] Out of memory: Kill process 23140 (syz-executor.5) score 1007 or sacrifice child [ 1426.543122] Killed process 23140 (syz-executor.5) total-vm:75236kB, anon-rss:16564kB, file-rss:34816kB, shmem-rss:0kB [ 1426.613804] oom_reaper: reaped process 23140 (syz-executor.5), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1434.448732] syz-executor.4 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1434.471349] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 1434.480825] CPU: 1 PID: 6351 Comm: syz-executor.4 Not tainted 4.14.182-syzkaller #0 [ 1434.493030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1434.502563] Call Trace: [ 1434.505160] dump_stack+0x1b2/0x283 [ 1434.509230] dump_header+0x178/0x7aa [ 1434.512964] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1434.518720] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1434.523839] ? ___ratelimit+0x2cd/0x522 [ 1434.527904] oom_kill_process.cold+0x10/0xc16 [ 1434.532716] ? lock_downgrade+0x6e0/0x6e0 [ 1434.536865] out_of_memory+0x2d5/0x10f0 [ 1434.540838] ? oom_killer_disable+0x1c0/0x1c0 [ 1434.545352] ? mutex_trylock+0x152/0x1a0 [ 1434.549439] __alloc_pages_nodemask+0x2556/0x2730 [ 1434.554311] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1434.559169] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1434.564012] ? trace_hardirqs_on+0x10/0x10 [ 1434.568259] ? cache_grow_begin+0x3f/0x410 [ 1434.572492] cache_grow_begin+0x91/0x410 [ 1434.576554] fallback_alloc+0x205/0x2b0 [ 1434.580532] kmem_cache_alloc+0x1e5/0x3c0 [ 1434.584678] getname_flags+0xc8/0x550 [ 1434.588494] ? SyS_unlinkat+0x70/0x70 [ 1434.592290] do_unlinkat+0x9e/0x5c0 [ 1434.595915] ? do_rmdir+0x340/0x340 [ 1434.599543] ? __do_page_fault+0x19a/0xb50 [ 1434.603798] ? do_syscall_64+0x4c/0x640 [ 1434.609081] ? SyS_unlinkat+0x70/0x70 [ 1434.612888] do_syscall_64+0x1d5/0x640 [ 1434.617193] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1434.623246] RIP: 0033:0x45c817 [ 1434.626433] RSP: 002b:00007fff6e714a38 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 1434.634153] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045c817 [ 1434.641416] RDX: 00007fff6e714a50 RSI: 00007fff6e714a50 RDI: 00007fff6e714ae0 [ 1434.648766] RBP: 0000000000001b50 R08: 0000000000000000 R09: 000000000000000d [ 1434.657345] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fff6e715b70 [ 1434.664824] R13: 0000000002989940 R14: 0000000000000000 R15: 00007fff6e715b70 [ 1434.817915] Mem-Info: [ 1434.820385] active_anon:1294455 inactive_anon:4312 isolated_anon:0 [ 1434.820385] active_file:2795 inactive_file:2703 isolated_file:0 [ 1434.820385] unevictable:0 dirty:5472 writeback:0 unstable:0 [ 1434.820385] slab_reclaimable:17726 slab_unreclaimable:132296 [ 1434.820385] mapped:53578 shmem:4488 pagetables:34241 bounce:0 [ 1434.820385] free:24735 free_pcp:64 free_cma:0 [ 1434.854924] Node 0 active_anon:1867276kB inactive_anon:16116kB active_file:2424kB inactive_file:2160kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214312kB dirty:4572kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 612352kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1434.989280] Node 1 active_anon:3310544kB inactive_anon:1132kB active_file:8684kB inactive_file:8536kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:0kB dirty:17316kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1435.161923] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1435.197058] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1435.202147] Node 0 DMA32 free:36160kB min:36296kB low:45368kB high:54440kB active_anon:1861860kB inactive_anon:16116kB active_file:2344kB inactive_file:2280kB unevictable:0kB writepending:4572kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10240kB pagetables:56732kB bounce:0kB free_pcp:264kB local_pcp:92kB free_cma:0kB [ 1435.340265] lowmem_reserve[]: 0 0 0 0 0 [ 1435.344442] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1435.378039] lowmem_reserve[]: 0 0 0 0 0 [ 1435.382152] Node 1 Normal free:52396kB min:53592kB low:66988kB high:80384kB active_anon:3310544kB inactive_anon:1132kB active_file:8620kB inactive_file:8552kB unevictable:0kB writepending:17316kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33440kB pagetables:80208kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1435.512231] lowmem_reserve[]: 0 0 0 0 0 [ 1435.519788] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1435.540365] Node 0 DMA32: 862*4kB (ME) 575*8kB (ME) 173*16kB (UME) 138*32kB (UME) 73*64kB (UME) 11*128kB (ME) 4*256kB (M) 3*512kB (M) 2*1024kB (ME) 1*2048kB (M) 2*4096kB (M) = 36160kB [ 1435.560971] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1435.669493] Node 1 Normal: 721*4kB (UME) 712*8kB (UME) 417*16kB (UME) 49*32kB (UM) 7*64kB (UM) 8*128kB (UE) 7*256kB (UM) 37*512kB (UME) 11*1024kB (ME) 1*2048kB (M) 0*4096kB = 52340kB [ 1435.714149] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1435.723017] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1435.735041] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1435.743921] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1435.757944] 9983 total pagecache pages [ 1435.761852] 0 pages in swap cache [ 1435.786857] Swap cache stats: add 0, delete 0, find 0/0 [ 1435.824168] Free swap = 0kB [ 1435.827210] Total swap = 0kB [ 1435.830221] 1965979 pages RAM [ 1435.833319] 0 pages HighMem/MovableOnly [ 1435.901593] 338455 pages reserved [ 1435.912810] 0 pages cma reserved [ 1435.919852] Out of memory: Kill process 23174 (syz-executor.5) score 1007 or sacrifice child [ 1435.930310] Killed process 23174 (syz-executor.5) total-vm:75236kB, anon-rss:16564kB, file-rss:34816kB, shmem-rss:0kB [ 1436.087257] oom_reaper: reaped process 23174 (syz-executor.5), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:25:48 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a3100000000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:25:48 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:25:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:25:48 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:25:48 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r1, 0x4, 0x6100) write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:25:48 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a3100000000"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:25:48 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:25:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:25:49 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x2, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:25:49 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1444.463053] syz-executor.1 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1444.479145] syz-executor.1 cpuset=/ mems_allowed=0-1 [ 1444.492229] CPU: 1 PID: 6353 Comm: syz-executor.1 Not tainted 4.14.182-syzkaller #0 [ 1444.500472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1444.509824] Call Trace: [ 1444.512414] dump_stack+0x1b2/0x283 [ 1444.516038] dump_header+0x178/0x7aa [ 1444.519750] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1444.524765] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1444.529863] ? ___ratelimit+0x2cd/0x522 [ 1444.533843] oom_kill_process.cold+0x10/0xc16 [ 1444.538337] ? lock_acquire+0x170/0x3f0 [ 1444.542302] ? lock_downgrade+0x6e0/0x6e0 [ 1444.546449] out_of_memory+0x2d5/0x10f0 [ 1444.550422] ? oom_killer_disable+0x1c0/0x1c0 [ 1444.554914] ? mutex_trylock+0x152/0x1a0 [ 1444.558973] __alloc_pages_nodemask+0x2556/0x2730 [ 1444.563824] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1444.568664] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1444.573502] ? trace_hardirqs_on+0x10/0x10 [ 1444.577756] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1444.582597] ? cache_grow_begin+0x3f/0x410 [ 1444.586853] cache_grow_begin+0x91/0x410 [ 1444.590907] fallback_alloc+0x205/0x2b0 [ 1444.594882] kmem_cache_alloc+0x1e5/0x3c0 [ 1444.599028] getname_flags+0xc8/0x550 [ 1444.602827] user_path_mountpoint_at+0x23/0x40 [ 1444.607410] SyS_umount+0x11b/0xc00 [ 1444.611029] ? lock_downgrade+0x6e0/0x6e0 [ 1444.615190] ? __detach_mounts+0x2e0/0x2e0 [ 1444.619424] ? up_read+0x17/0x30 [ 1444.622788] ? __do_page_fault+0x19a/0xb50 [ 1444.627018] ? do_syscall_64+0x4c/0x640 [ 1444.630985] ? __detach_mounts+0x2e0/0x2e0 [ 1444.635215] do_syscall_64+0x1d5/0x640 [ 1444.639102] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1444.644291] RIP: 0033:0x45f497 [ 1444.647485] RSP: 002b:00007ffe15f67618 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1444.655186] RAX: ffffffffffffffda RBX: 000000000015ee9e RCX: 000000000045f497 [ 1444.662449] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe15f68750 [ 1444.669890] RBP: 0000000000001380 R08: 0000000000000001 R09: 00000000017b1940 [ 1444.677623] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe15f68750 [ 1444.685284] R13: 00007ffe15f68740 R14: 0000000000000000 R15: 00007ffe15f68750 [ 1445.029838] Mem-Info: [ 1445.032311] active_anon:1294880 inactive_anon:4313 isolated_anon:0 [ 1445.032311] active_file:4776 inactive_file:4702 isolated_file:142 [ 1445.032311] unevictable:0 dirty:9581 writeback:0 unstable:0 [ 1445.032311] slab_reclaimable:17987 slab_unreclaimable:131781 [ 1445.032311] mapped:53585 shmem:4488 pagetables:34357 bounce:0 [ 1445.032311] free:20317 free_pcp:55 free_cma:0 [ 1445.358264] Node 0 active_anon:1869464kB inactive_anon:16116kB active_file:4588kB inactive_file:4512kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214340kB dirty:9072kB writeback:0kB shmem:16776kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 614400kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1445.577358] Node 1 active_anon:3310056kB inactive_anon:1136kB active_file:14552kB inactive_file:14436kB unevictable:0kB isolated(anon):0kB isolated(file):384kB mapped:0kB dirty:29252kB writeback:0kB shmem:1176kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1445.783561] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1445.899511] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1445.918553] Node 0 DMA32 free:28236kB min:36296kB low:45368kB high:54440kB active_anon:1864048kB inactive_anon:16116kB active_file:4632kB inactive_file:4484kB unevictable:0kB writepending:9072kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10336kB pagetables:56888kB bounce:0kB free_pcp:204kB local_pcp:60kB free_cma:0kB [ 1446.193491] lowmem_reserve[]: 0 0 0 0 0 [ 1446.197522] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1446.331502] lowmem_reserve[]: 0 0 0 0 0 [ 1446.349164] Node 1 Normal free:42640kB min:53592kB low:66988kB high:80384kB active_anon:3310056kB inactive_anon:1136kB active_file:14716kB inactive_file:14328kB unevictable:0kB writepending:29252kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33472kB pagetables:80516kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1446.581534] lowmem_reserve[]: 0 0 0 0 0 [ 1446.602364] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1446.718225] Node 0 DMA32: 203*4kB (UME) 95*8kB (UME) 254*16kB (UME) 125*32kB (UME) 73*64kB (UME) 11*128kB (ME) 5*256kB (UM) 4*512kB (UM) 3*1024kB (UME) 1*2048kB (U) 1*4096kB (M) = 28260kB [ 1446.841123] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1446.921438] Node 1 Normal: 504*4kB (UM) 288*8kB (UM) 346*16kB (UME) 50*32kB (UME) 5*64kB (UE) 11*128kB (UME) 9*256kB (UME) 29*512kB (UME) 10*1024kB (M) 1*2048kB (M) 0*4096kB = 42624kB [ 1447.025472] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1447.065744] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1447.115988] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1447.223259] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1447.283413] 14089 total pagecache pages [ 1447.287456] 0 pages in swap cache [ 1447.290898] Swap cache stats: add 0, delete 0, find 0/0 [ 1447.339607] Free swap = 0kB [ 1447.342648] Total swap = 0kB [ 1447.353554] 1965979 pages RAM [ 1447.372593] 0 pages HighMem/MovableOnly [ 1447.390544] 338455 pages reserved [ 1447.420673] 0 pages cma reserved [ 1447.453395] Out of memory: Kill process 4294 (syz-executor.4) score 1007 or sacrifice child [ 1447.461975] Killed process 4294 (syz-executor.4) total-vm:75368kB, anon-rss:16552kB, file-rss:34816kB, shmem-rss:0kB [ 1447.747440] oom_reaper: reaped process 4294 (syz-executor.4), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:26:01 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:01 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:01 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:01 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:01 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c00"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:01 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:01 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:01 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:01 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:01 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) getpid() vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:02 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:02 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:02 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:02 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c00"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1450.760337] syz-executor.2 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=1000 [ 1450.835550] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 1450.862235] CPU: 1 PID: 23299 Comm: syz-executor.2 Not tainted 4.14.182-syzkaller #0 [ 1450.870408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1450.880638] Call Trace: [ 1450.883275] dump_stack+0x1b2/0x283 [ 1450.886913] dump_header+0x178/0x7aa [ 1450.890636] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1450.896094] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1450.901207] ? ___ratelimit+0x2cd/0x522 [ 1450.905192] oom_kill_process.cold+0x10/0xc16 [ 1450.909700] ? lock_downgrade+0x6e0/0x6e0 [ 1450.913860] out_of_memory+0x2d5/0x10f0 [ 1450.917868] ? oom_killer_disable+0x1c0/0x1c0 [ 1450.922451] ? mutex_trylock+0x152/0x1a0 [ 1450.926609] __alloc_pages_nodemask+0x2556/0x2730 [ 1450.931520] ? check_preemption_disabled+0x35/0x240 [ 1450.936559] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1450.941438] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1450.946290] ? trace_hardirqs_on+0x10/0x10 [ 1450.950536] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1450.955589] ? cache_grow_begin+0x3f/0x410 [ 1450.959855] cache_grow_begin+0x91/0x410 [ 1450.963931] fallback_alloc+0x205/0x2b0 [ 1450.967911] kmem_cache_alloc_node+0xe3/0x400 [ 1450.972412] copy_process.part.0+0x17d5/0x6fa0 [ 1450.976996] ? _raw_spin_unlock+0x3b/0x40 [ 1450.981140] ? do_anonymous_page+0x62d/0x17d0 [ 1450.985636] ? finish_fault+0x290/0x290 [ 1450.989609] ? trace_hardirqs_on+0x10/0x10 [ 1450.993852] ? __cleanup_sighand+0x40/0x40 [ 1450.998085] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1451.002847] _do_fork+0x180/0xc80 [ 1451.006302] ? fork_idle+0x270/0x270 [ 1451.010017] ? up_read+0x17/0x30 [ 1451.013380] ? __do_page_fault+0x19a/0xb50 [ 1451.017623] ? do_syscall_64+0x4c/0x640 [ 1451.021600] ? sys_vfork+0x20/0x20 [ 1451.025141] do_syscall_64+0x1d5/0x640 [ 1451.029055] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1451.034241] RIP: 0033:0x45f439 [ 1451.037421] RSP: 002b:00007ffe569b96a8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1451.045125] RAX: ffffffffffffffda RBX: 00007f7db34ad700 RCX: 000000000045f439 [ 1451.052392] RDX: 00007f7db34ad9d0 RSI: 00007f7db34acdb0 RDI: 00000000003d0f00 [ 1451.059685] RBP: 00007ffe569b98d0 R08: 00007f7db34ad700 R09: 00007f7db34ad700 [ 1451.066955] R10: 00007f7db34ad9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1451.074226] R13: 00007ffe569b975f R14: 00007f7db34ad9c0 R15: 000000000078bfac [ 1451.381402] Mem-Info: [ 1451.384149] active_anon:1295769 inactive_anon:4313 isolated_anon:0 [ 1451.384149] active_file:1168 inactive_file:1179 isolated_file:140 [ 1451.384149] unevictable:0 dirty:1401 writeback:0 unstable:0 [ 1451.384149] slab_reclaimable:18005 slab_unreclaimable:133303 [ 1451.384149] mapped:54456 shmem:4488 pagetables:34585 bounce:0 [ 1451.384149] free:24436 free_pcp:39 free_cma:0 [ 1451.424153] Node 0 active_anon:1877132kB inactive_anon:16112kB active_file:1140kB inactive_file:1240kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214764kB dirty:2252kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 618496kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 19:26:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:03 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(0x0, 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:03 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:03 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c00"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1451.519712] Node 1 active_anon:3305944kB inactive_anon:1140kB active_file:4436kB inactive_file:5392kB unevictable:0kB isolated(anon):0kB isolated(file):412kB mapped:5160kB dirty:3452kB writeback:0kB shmem:1180kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1451.697125] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1451.727766] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1451.734109] Node 0 DMA32 free:27812kB min:36296kB low:45368kB high:54440kB active_anon:1871716kB inactive_anon:16112kB active_file:1240kB inactive_file:1188kB unevictable:0kB writepending:2252kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10464kB pagetables:57024kB bounce:0kB free_pcp:8kB local_pcp:0kB free_cma:0kB [ 1451.814124] lowmem_reserve[]: 0 0 0 0 0 [ 1451.847570] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 19:26:04 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:04 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1452.138065] lowmem_reserve[]: 0 0 0 0 0 [ 1452.156548] Node 1 Normal free:55592kB min:53592kB low:66988kB high:80384kB active_anon:3306292kB inactive_anon:1140kB active_file:4940kB inactive_file:5428kB unevictable:0kB writepending:3396kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33696kB pagetables:81488kB bounce:0kB free_pcp:648kB local_pcp:520kB free_cma:0kB 19:26:04 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) [ 1452.286850] lowmem_reserve[]: 0 0 0 0 0 [ 1452.304557] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1452.329063] Node 0 DMA32: 94*4kB (UME) 518*8kB (UME) 281*16kB (UME) 135*32kB (UME) 72*64kB (UME) 12*128kB (UME) 4*256kB (M) 4*512kB (UM) 3*1024kB (UME) 1*2048kB (U) 0*4096kB = 27672kB 19:26:04 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(0x0, 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1452.490128] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1452.549883] Node 1 Normal: 442*4kB (UME) 293*8kB (UME) 345*16kB (UME) 214*32kB (UME) 97*64kB (UME) 45*128kB (UM) 8*256kB (ME) 30*512kB (UME) 10*1024kB (M) 0*2048kB 0*4096kB = 56096kB [ 1452.592497] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1452.602811] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1452.612811] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1452.850091] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB 19:26:04 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1452.901741] 7716 total pagecache pages [ 1452.905844] 0 pages in swap cache [ 1452.911712] Swap cache stats: add 0, delete 0, find 0/0 [ 1452.921911] Free swap = 0kB [ 1452.955712] Total swap = 0kB [ 1452.965712] 1965979 pages RAM [ 1452.976698] 0 pages HighMem/MovableOnly [ 1452.989657] 338455 pages reserved [ 1453.002219] 0 pages cma reserved [ 1453.013122] Out of memory: Kill process 23291 (syz-executor.4) score 1007 or sacrifice child 19:26:05 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:05 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:05 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) [ 1453.735142] syz-executor.0 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1453.796887] syz-executor.0 cpuset=/ mems_allowed=0-1 [ 1453.819152] CPU: 0 PID: 6349 Comm: syz-executor.0 Not tainted 4.14.182-syzkaller #0 [ 1453.827405] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1453.836790] Call Trace: [ 1453.839395] dump_stack+0x1b2/0x283 [ 1453.843024] dump_header+0x178/0x7aa [ 1453.846733] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1453.851748] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1453.856853] ? ___ratelimit+0x2cd/0x522 [ 1453.860830] oom_kill_process.cold+0x10/0xc16 [ 1453.865330] ? lock_downgrade+0x6e0/0x6e0 [ 1453.870092] out_of_memory+0x2d5/0x10f0 [ 1453.874069] ? oom_killer_disable+0x1c0/0x1c0 [ 1453.878563] ? mutex_trylock+0x152/0x1a0 [ 1453.882621] __alloc_pages_nodemask+0x2556/0x2730 [ 1453.887475] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1453.892311] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1453.897135] ? trace_hardirqs_on+0x10/0x10 [ 1453.901353] ? avc_has_extended_perms+0xbe0/0xbe0 [ 1453.906180] ? cache_grow_begin+0x3f/0x410 [ 1453.910411] cache_grow_begin+0x91/0x410 [ 1453.914464] fallback_alloc+0x205/0x2b0 [ 1453.918423] kmem_cache_alloc+0x1e5/0x3c0 [ 1453.922556] getname_flags+0xc8/0x550 [ 1453.926344] user_path_mountpoint_at+0x23/0x40 [ 1453.930931] SyS_umount+0x11b/0xc00 [ 1453.934544] ? do_rmdir+0x340/0x340 [ 1453.938169] ? __detach_mounts+0x2e0/0x2e0 [ 1453.942409] ? __do_page_fault+0x19a/0xb50 [ 1453.946632] ? do_syscall_64+0x4c/0x640 [ 1453.950602] ? __detach_mounts+0x2e0/0x2e0 [ 1453.954816] do_syscall_64+0x1d5/0x640 [ 1453.958701] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1453.963894] RIP: 0033:0x45f497 [ 1453.967068] RSP: 002b:00007ffc27b5d0a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1453.974752] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045f497 [ 1453.981999] RDX: 00000000004031d8 RSI: 0000000000000002 RDI: 00007ffc27b5d150 [ 1453.989245] RBP: 00000000000018a1 R08: 0000000000000000 R09: 0000000000000011 [ 1453.996489] R10: 000000000000000a R11: 0000000000000246 R12: 00007ffc27b5e1e0 [ 1454.003737] R13: 0000000002a10940 R14: 0000000000000000 R15: 00007ffc27b5e1e0 [ 1454.236082] Mem-Info: [ 1454.238773] active_anon:1297699 inactive_anon:4315 isolated_anon:0 [ 1454.238773] active_file:870 inactive_file:869 isolated_file:64 [ 1454.238773] unevictable:0 dirty:1410 writeback:0 unstable:0 [ 1454.238773] slab_reclaimable:17946 slab_unreclaimable:134007 [ 1454.238773] mapped:54006 shmem:4492 pagetables:34630 bounce:0 [ 1454.238773] free:22314 free_pcp:360 free_cma:0 [ 1454.331124] Node 0 active_anon:1877200kB inactive_anon:16112kB active_file:1224kB inactive_file:1176kB unevictable:0kB isolated(anon):0kB isolated(file):28kB mapped:214716kB dirty:2252kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 618496kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1454.391937] Node 1 active_anon:3313696kB inactive_anon:1148kB active_file:1268kB inactive_file:2432kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:408kB dirty:3388kB writeback:0kB shmem:1196kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1454.442516] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1454.473740] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1454.479109] Node 0 DMA32 free:27576kB min:36296kB low:45368kB high:54440kB active_anon:1871784kB inactive_anon:16112kB active_file:1192kB inactive_file:1060kB unevictable:0kB writepending:2252kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10560kB pagetables:57080kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1454.527714] lowmem_reserve[]: 0 0 0 0 0 [ 1454.536385] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1454.667898] lowmem_reserve[]: 0 0 0 0 0 [ 1454.683678] Node 1 Normal free:61536kB min:53592kB low:66988kB high:80384kB active_anon:3306576kB inactive_anon:1148kB active_file:2504kB inactive_file:2944kB unevictable:0kB writepending:3388kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33536kB pagetables:81416kB bounce:0kB free_pcp:848kB local_pcp:308kB free_cma:0kB [ 1454.739015] lowmem_reserve[]: 0 0 0 0 0 [ 1454.770381] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1454.827766] Node 0 DMA32: 103*4kB (UME) 526*8kB (UME) 263*16kB (UME) 134*32kB (ME) 72*64kB (UME) 12*128kB (UME) 4*256kB (M) 4*512kB (UM) 3*1024kB (UME) 1*2048kB (U) 0*4096kB = 27452kB [ 1454.897505] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1455.145113] Node 1 Normal: 389*4kB (UMEH) 321*8kB (UMEH) 26*16kB (UMEH) 55*32kB (MEH) 105*64kB (MEH) 44*128kB (M) 9*256kB (MEH) 29*512kB (ME) 9*1024kB (M) 0*2048kB 0*4096kB = 45020kB [ 1455.213806] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1455.263094] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1455.288502] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1455.320348] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1455.336832] 6386 total pagecache pages [ 1455.354010] 0 pages in swap cache [ 1455.357654] Swap cache stats: add 0, delete 0, find 0/0 [ 1455.366716] Free swap = 0kB [ 1455.370036] Total swap = 0kB [ 1455.375482] 1965979 pages RAM [ 1455.382208] 0 pages HighMem/MovableOnly [ 1455.396906] 338455 pages reserved [ 1455.407774] 0 pages cma reserved [ 1455.416477] Out of memory: Kill process 17122 (syz-executor.4) score 1007 or sacrifice child [ 1455.438181] Killed process 17122 (syz-executor.4) total-vm:75368kB, anon-rss:16552kB, file-rss:34816kB, shmem-rss:0kB 19:26:07 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:07 executing program 2: sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:07 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:07 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:07 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(0x0, 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:07 executing program 2: sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:08 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:08 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:08 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:08 executing program 2: sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:08 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:08 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB, @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:09 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:09 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:09 executing program 2: prlimit64(0x0, 0x0, &(0x7f0000000280)={0xa, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:09 executing program 2: prlimit64(0x0, 0x0, &(0x7f0000000280)={0xa, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:09 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1457.968482] syz-executor.2 invoked oom-killer: gfp_mask=0x15080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=0, oom_score_adj=0 [ 1458.028685] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 1458.044078] CPU: 0 PID: 23480 Comm: syz-executor.2 Not tainted 4.14.182-syzkaller #0 [ 1458.051989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1458.061345] Call Trace: [ 1458.063948] dump_stack+0x1b2/0x283 [ 1458.067580] dump_header+0x178/0x7aa [ 1458.071291] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1458.076308] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1458.081516] ? ___ratelimit+0x2cd/0x522 [ 1458.085497] oom_kill_process.cold+0x10/0xc16 [ 1458.089994] ? lock_downgrade+0x6e0/0x6e0 [ 1458.094148] out_of_memory+0x2d5/0x10f0 [ 1458.098344] ? oom_killer_disable+0x1c0/0x1c0 [ 1458.102840] ? mutex_trylock+0x152/0x1a0 [ 1458.106907] __alloc_pages_nodemask+0x2556/0x2730 [ 1458.111757] ? finish_task_switch+0x178/0x610 [ 1458.116257] ? finish_task_switch+0x14d/0x610 [ 1458.120759] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1458.125601] ? mark_held_locks+0xa6/0xf0 [ 1458.129758] ? retint_kernel+0x2d/0x2d [ 1458.133654] ? trace_hardirqs_on_thunk+0x1a/0x1c [ 1458.138426] alloc_pages_current+0xe7/0x1e0 [ 1458.142755] pte_alloc_one+0x15/0x100 [ 1458.146558] __handle_mm_fault+0x29f2/0x3700 [ 1458.150973] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1458.155747] handle_mm_fault+0x306/0x794 [ 1458.159810] __do_page_fault+0x578/0xb50 [ 1458.163873] ? mm_fault_error+0x2c0/0x2c0 [ 1458.168136] ? do_page_fault+0x60/0x4f2 [ 1458.172107] ? page_fault+0x2f/0x50 [ 1458.175729] page_fault+0x45/0x50 [ 1458.179171] RIP: 0000: (null) [ 1458.183055] RSP: 569b9950:00007ffe569b9990 EFLAGS: 00000001 [ 1458.265315] Mem-Info: 19:26:10 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:10 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) [ 1458.346322] active_anon:1291795 inactive_anon:4315 isolated_anon:0 [ 1458.346322] active_file:1418 inactive_file:1602 isolated_file:91 [ 1458.346322] unevictable:0 dirty:1416 writeback:0 unstable:0 [ 1458.346322] slab_reclaimable:17945 slab_unreclaimable:133586 [ 1458.346322] mapped:54821 shmem:4492 pagetables:34721 bounce:0 [ 1458.346322] free:27666 free_pcp:118 free_cma:0 [ 1458.412019] Node 0 active_anon:1877152kB inactive_anon:16112kB active_file:1260kB inactive_file:1168kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214828kB dirty:2256kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 618496kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1458.443731] Node 1 active_anon:3290028kB inactive_anon:1148kB active_file:4412kB inactive_file:5612kB unevictable:0kB isolated(anon):0kB isolated(file):364kB mapped:4856kB dirty:3408kB writeback:0kB shmem:1196kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1458.473496] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1458.504930] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1458.527713] Node 0 DMA32 free:27748kB min:36296kB low:45368kB high:54440kB active_anon:1871736kB inactive_anon:16112kB active_file:1244kB inactive_file:1168kB unevictable:0kB writepending:2256kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10528kB pagetables:57052kB bounce:0kB free_pcp:164kB local_pcp:76kB free_cma:0kB [ 1458.562592] lowmem_reserve[]: 0 0 0 0 0 [ 1458.574179] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1458.602491] lowmem_reserve[]: 0 0 0 0 0 [ 1458.906509] Node 1 Normal free:49944kB min:53592kB low:66988kB high:80384kB active_anon:3309472kB inactive_anon:1148kB active_file:5612kB inactive_file:6900kB unevictable:0kB writepending:3572kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33856kB pagetables:81600kB bounce:0kB free_pcp:836kB local_pcp:212kB free_cma:0kB [ 1459.070813] lowmem_reserve[]: 0 0 0 0 0 [ 1459.094487] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1459.225473] Node 0 DMA32: 170*4kB (UME) 519*8kB (UME) 264*16kB (UME) 135*32kB (ME) 71*64kB (UME) 12*128kB (UME) 4*256kB (M) 4*512kB (UM) 3*1024kB (UME) 1*2048kB (U) 0*4096kB = 27648kB [ 1459.280048] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB 19:26:11 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB, @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:11 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:11 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:11 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r2, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1459.388545] Node 1 Normal: 99*4kB (UME) 704*8kB (UMEH) 493*16kB (UME) 250*32kB (UME) 107*64kB (UME) 69*128kB (M) 19*256kB (ME) 30*512kB (UME) 8*1024kB (M) 0*2048kB 0*4096kB = 66012kB 19:26:11 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(0xffffffffffffffff, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1459.549335] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1459.561264] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1459.617835] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1459.656303] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1459.684611] 7764 total pagecache pages [ 1459.689503] 0 pages in swap cache [ 1459.697286] Swap cache stats: add 0, delete 0, find 0/0 [ 1459.706083] Free swap = 0kB [ 1459.709602] Total swap = 0kB [ 1459.716901] 1965979 pages RAM [ 1459.720483] 0 pages HighMem/MovableOnly [ 1459.727737] 338455 pages reserved [ 1459.731994] 0 pages cma reserved 19:26:12 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB, @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:12 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:12 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1460.005551] Out of memory: Kill process 23460 (syz-executor.3) score 1007 or sacrifice child 19:26:12 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x0) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:12 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:12 executing program 2: prlimit64(0x0, 0x0, &(0x7f0000000280)={0xa, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:12 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:12 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:12 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:12 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:12 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:12 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:12 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x0) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:12 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:13 executing program 2: prlimit64(0x0, 0xe, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:13 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x0) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:13 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:13 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:13 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:13 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:13 executing program 2: prlimit64(0x0, 0xe, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:14 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:14 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:14 executing program 2: prlimit64(0x0, 0xe, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:14 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:14 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:14 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:15 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:15 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:15 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1464.380134] syz-executor.4 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1464.392522] syz-executor.4 cpuset=/ mems_allowed=0-1 [ 1464.397943] CPU: 1 PID: 23702 Comm: syz-executor.4 Not tainted 4.14.182-syzkaller #0 [ 1464.406025] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1464.415377] Call Trace: [ 1464.417968] dump_stack+0x1b2/0x283 [ 1464.421605] dump_header+0x178/0x7aa [ 1464.425321] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1464.430327] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1464.435410] ? ___ratelimit+0x2cd/0x522 [ 1464.439364] oom_kill_process.cold+0x10/0xc16 [ 1464.443854] ? lock_downgrade+0x6e0/0x6e0 [ 1464.447996] out_of_memory+0x2d5/0x10f0 [ 1464.451953] ? oom_killer_disable+0x1c0/0x1c0 [ 1464.456430] ? mutex_trylock+0x152/0x1a0 [ 1464.460469] __alloc_pages_nodemask+0x2556/0x2730 [ 1464.465298] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1464.470119] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1464.474946] ? trace_hardirqs_on+0x10/0x10 [ 1464.479257] ? __lock_acquire+0x655/0x42a0 [ 1464.483471] ? _raw_spin_unlock+0x29/0x40 [ 1464.487617] ? cache_grow_begin+0x3f/0x410 [ 1464.491831] cache_grow_begin+0x91/0x410 [ 1464.495872] fallback_alloc+0x205/0x2b0 [ 1464.499826] kmem_cache_alloc+0x1e5/0x3c0 [ 1464.503952] getname_flags+0xc8/0x550 [ 1464.507731] ? SyS_access+0x20/0x20 [ 1464.511337] user_path_at_empty+0x2a/0x50 [ 1464.515461] SyS_chdir+0x7e/0x1a0 [ 1464.518890] ? SyS_access+0x20/0x20 [ 1464.522493] ? __do_page_fault+0x19a/0xb50 [ 1464.526718] ? do_syscall_64+0x4c/0x640 [ 1464.530670] ? SyS_access+0x20/0x20 [ 1464.534276] do_syscall_64+0x1d5/0x640 [ 1464.538153] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1464.543322] RIP: 0033:0x45c0b7 [ 1464.546489] RSP: 002b:00007fff6e715b28 EFLAGS: 00000246 ORIG_RAX: 0000000000000050 [ 1464.554175] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045c0b7 [ 1464.561512] RDX: 0000000000000001 RSI: 0000000000741e70 RDI: 00007fff6e715b70 [ 1464.568765] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000002988940 [ 1464.576012] R10: 0000000002988c10 R11: 0000000000000246 R12: 0000000000000000 [ 1464.583259] R13: 00007fff6e715b60 R14: 0000000000000000 R15: 00007fff6e715b70 [ 1464.614474] Mem-Info: [ 1464.616931] active_anon:1297168 inactive_anon:4315 isolated_anon:0 [ 1464.616931] active_file:725 inactive_file:1235 isolated_file:64 [ 1464.616931] unevictable:0 dirty:1437 writeback:0 unstable:0 [ 1464.616931] slab_reclaimable:17949 slab_unreclaimable:133572 [ 1464.616931] mapped:54074 shmem:4492 pagetables:34875 bounce:0 [ 1464.616931] free:22977 free_pcp:94 free_cma:0 [ 1464.702397] Node 0 active_anon:1877208kB inactive_anon:16112kB active_file:1268kB inactive_file:1084kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214664kB dirty:2268kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 618496kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1464.736838] Node 1 active_anon:3311464kB inactive_anon:1148kB active_file:1732kB inactive_file:1808kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:132kB dirty:3480kB writeback:0kB shmem:1196kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1464.769216] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1464.803262] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1464.808376] Node 0 DMA32 free:27756kB min:36296kB low:45368kB high:54440kB active_anon:1871792kB inactive_anon:16112kB active_file:1268kB inactive_file:1076kB unevictable:0kB writepending:2268kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10592kB pagetables:57052kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1464.842216] lowmem_reserve[]: 0 0 0 0 0 [ 1464.846294] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1464.876439] lowmem_reserve[]: 0 0 0 0 0 [ 1464.880564] Node 1 Normal free:55912kB min:53592kB low:66988kB high:80384kB active_anon:3310964kB inactive_anon:1148kB active_file:1732kB inactive_file:2216kB unevictable:0kB writepending:3480kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33920kB pagetables:82424kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1464.916963] lowmem_reserve[]: 0 0 0 0 0 [ 1464.921044] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1464.943173] Node 0 DMA32: 225*4kB (UME) 522*8kB (UME) 264*16kB (UME) 139*32kB (UME) 72*64kB (UME) 12*128kB (UME) 5*256kB (UM) 3*512kB (M) 3*1024kB (UME) 1*2048kB (U) 0*4096kB = 27828kB [ 1464.964193] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1464.976778] Node 1 Normal: 788*4kB (UME) 569*8kB (UME) 72*16kB (UME) 164*32kB (UME) 120*64kB (UME) 71*128kB (UM) 20*256kB (UME) 28*512kB (ME) 6*1024kB (M) 0*2048kB 0*4096kB = 56472kB [ 1465.003750] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1465.015913] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1465.024573] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1465.049328] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1465.061916] 6052 total pagecache pages [ 1465.097818] 0 pages in swap cache [ 1465.121798] Swap cache stats: add 0, delete 0, find 0/0 [ 1465.139025] Free swap = 0kB [ 1465.142075] Total swap = 0kB [ 1465.146491] 1965979 pages RAM [ 1465.149619] 0 pages HighMem/MovableOnly [ 1465.156021] 338455 pages reserved [ 1465.159570] 0 pages cma reserved [ 1465.174890] Out of memory: Kill process 17243 (syz-executor.4) score 1007 or sacrifice child [ 1465.191752] Killed process 17243 (syz-executor.4) total-vm:75368kB, anon-rss:16552kB, file-rss:34816kB, shmem-rss:0kB [ 1465.365964] oom_reaper: reaped process 17243 (syz-executor.4), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:26:17 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:17 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:17 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1477.165642] syz-executor.3 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1477.224949] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 1477.231162] CPU: 1 PID: 6354 Comm: syz-executor.3 Not tainted 4.14.182-syzkaller #0 [ 1477.239847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1477.249728] Call Trace: [ 1477.252772] dump_stack+0x1b2/0x283 [ 1477.256493] dump_header+0x178/0x7aa [ 1477.260207] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1477.265354] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1477.270872] ? ___ratelimit+0x2cd/0x522 [ 1477.275636] oom_kill_process.cold+0x10/0xc16 [ 1477.280496] ? lock_downgrade+0x6e0/0x6e0 [ 1477.284647] out_of_memory+0x2d5/0x10f0 [ 1477.288630] ? oom_killer_disable+0x1c0/0x1c0 [ 1477.293135] ? mutex_trylock+0x152/0x1a0 [ 1477.297204] __alloc_pages_nodemask+0x2556/0x2730 [ 1477.302093] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1477.306936] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1477.312128] ? trace_hardirqs_on+0x10/0x10 [ 1477.316369] ? cache_grow_begin+0x3f/0x410 [ 1477.320598] cache_grow_begin+0x91/0x410 [ 1477.324662] fallback_alloc+0x205/0x2b0 [ 1477.328636] kmem_cache_alloc+0x1e5/0x3c0 [ 1477.332786] getname_flags+0xc8/0x550 [ 1477.336607] ? SyS_unlinkat+0x70/0x70 [ 1477.340400] do_unlinkat+0x9e/0x5c0 [ 1477.344022] ? do_rmdir+0x340/0x340 [ 1477.347656] ? __do_page_fault+0x19a/0xb50 [ 1477.351886] ? do_syscall_64+0x4c/0x640 [ 1477.355866] ? SyS_unlinkat+0x70/0x70 [ 1477.361575] do_syscall_64+0x1d5/0x640 [ 1477.365462] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1477.370643] RIP: 0033:0x45c817 [ 1477.373830] RSP: 002b:00007ffe89bda278 EFLAGS: 00000246 ORIG_RAX: 0000000000000057 [ 1477.381534] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045c817 [ 1477.388802] RDX: 00007ffe89bda290 RSI: 00007ffe89bda290 RDI: 00007ffe89bda320 [ 1477.396072] RBP: 00000000000015b5 R08: 0000000000000000 R09: 0000000000000011 [ 1477.403386] R10: 000000000000000a R11: 0000000000000246 R12: 00007ffe89bdb3b0 [ 1477.410659] R13: 000000000272b940 R14: 0000000000000000 R15: 00007ffe89bdb3b0 [ 1477.532880] Mem-Info: [ 1477.541668] active_anon:1296904 inactive_anon:4311 isolated_anon:0 [ 1477.541668] active_file:757 inactive_file:713 isolated_file:64 [ 1477.541668] unevictable:0 dirty:1431 writeback:0 unstable:0 [ 1477.541668] slab_reclaimable:17917 slab_unreclaimable:134109 [ 1477.541668] mapped:53715 shmem:4489 pagetables:34991 bounce:0 [ 1477.541668] free:22471 free_pcp:100 free_cma:0 [ 1477.586508] Node 0 active_anon:1877212kB inactive_anon:16112kB active_file:1204kB inactive_file:976kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214620kB dirty:2264kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 618496kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1477.643468] Node 1 active_anon:3310404kB inactive_anon:1132kB active_file:1844kB inactive_file:1952kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:240kB dirty:3460kB writeback:0kB shmem:1184kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1477.773608] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1477.800702] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1477.805886] Node 0 DMA32 free:25192kB min:36296kB low:45368kB high:54440kB active_anon:1871796kB inactive_anon:16112kB active_file:1292kB inactive_file:1020kB unevictable:0kB writepending:2264kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10560kB pagetables:57052kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1477.845574] lowmem_reserve[]: 0 0 0 0 0 [ 1477.849596] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1477.912252] lowmem_reserve[]: 0 0 0 0 0 [ 1477.916493] Node 1 Normal free:54024kB min:53592kB low:66988kB high:80384kB active_anon:3310404kB inactive_anon:1132kB active_file:1632kB inactive_file:1844kB unevictable:0kB writepending:3460kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33920kB pagetables:82888kB bounce:0kB free_pcp:348kB local_pcp:108kB free_cma:0kB [ 1477.951885] lowmem_reserve[]: 0 0 0 0 0 [ 1477.956079] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1478.018780] Node 0 DMA32: 297*4kB (UME) 543*8kB (UME) 265*16kB (UME) 142*32kB (UME) 71*64kB (UME) 12*128kB (UME) 5*256kB (UM) 3*512kB (M) 2*1024kB (ME) 0*2048kB 0*4096kB = 25260kB [ 1478.064518] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1478.076800] Node 1 Normal: 864*4kB (UME) 412*8kB (UME) 14*16kB (ME) 11*32kB (UME) 137*64kB (ME) 79*128kB (UM) 33*256kB (ME) 28*512kB (ME) 5*1024kB (M) 0*2048kB 0*4096kB = 54112kB [ 1478.100769] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1478.116377] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1478.125072] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1478.138994] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1478.148251] 6094 total pagecache pages [ 1478.157963] 0 pages in swap cache [ 1478.168384] Swap cache stats: add 0, delete 0, find 0/0 [ 1478.210456] Free swap = 0kB [ 1478.216957] Total swap = 0kB [ 1478.219987] 1965979 pages RAM [ 1478.228301] 0 pages HighMem/MovableOnly [ 1478.239665] 338455 pages reserved [ 1478.250563] 0 pages cma reserved [ 1478.254735] Out of memory: Kill process 18477 (syz-executor.1) score 1007 or sacrifice child [ 1478.263398] Killed process 18477 (syz-executor.1) total-vm:75368kB, anon-rss:16552kB, file-rss:34816kB, shmem-rss:0kB [ 1478.417330] oom_reaper: reaped process 18477 (syz-executor.1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:26:30 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:30 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:30 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(0xffffffffffffffff, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:30 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:30 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) sched_setattr(0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:30 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:32 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:36 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) sched_setattr(0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:40 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:40 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) write$FUSE_INTERRUPT(0xffffffffffffffff, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:40 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1491.577712] syz-executor.3 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1491.618650] syz-executor.3 cpuset=/ mems_allowed=0-1 [ 1491.642621] CPU: 1 PID: 23763 Comm: syz-executor.3 Not tainted 4.14.182-syzkaller #0 [ 1491.651358] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1491.662974] Call Trace: [ 1491.666251] dump_stack+0x1b2/0x283 [ 1491.670365] dump_header+0x178/0x7aa [ 1491.674674] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1491.680603] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1491.686512] ? ___ratelimit+0x2cd/0x522 [ 1491.690502] oom_kill_process.cold+0x10/0xc16 [ 1491.695185] ? lock_downgrade+0x6e0/0x6e0 [ 1491.699462] out_of_memory+0x2d5/0x10f0 [ 1491.704043] ? oom_killer_disable+0x1c0/0x1c0 [ 1491.708547] ? mutex_trylock+0x152/0x1a0 [ 1491.712619] __alloc_pages_nodemask+0x2556/0x2730 [ 1491.717512] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1491.723352] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1491.728528] ? trace_hardirqs_on+0x10/0x10 [ 1491.733113] ? cache_grow_begin+0x3f/0x410 [ 1491.737355] cache_grow_begin+0x91/0x410 [ 1491.741426] fallback_alloc+0x205/0x2b0 [ 1491.746801] kmem_cache_alloc+0x1e5/0x3c0 [ 1491.751843] getname_flags+0xc8/0x550 [ 1491.763116] SyS_symlinkat+0x6d/0x1f0 [ 1491.766950] ? SyS_unlink+0x20/0x20 [ 1491.770586] ? __do_page_fault+0x19a/0xb50 [ 1491.774830] ? do_syscall_64+0x4c/0x640 [ 1491.782541] ? SyS_symlinkat+0x1f0/0x1f0 [ 1491.788526] do_syscall_64+0x1d5/0x640 [ 1491.794385] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1491.801025] RIP: 0033:0x45c7f7 [ 1491.804577] RSP: 002b:00007ffe89bdb368 EFLAGS: 00000202 ORIG_RAX: 0000000000000058 [ 1491.813648] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045c7f7 [ 1491.823281] RDX: 00007ffe89bdb403 RSI: 00000000004c25c5 RDI: 00007ffe89bdb3f0 [ 1491.831672] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000013 [ 1491.840608] R10: 0000000000000075 R11: 0000000000000202 R12: 0000000000000000 [ 1491.850626] R13: 00007ffe89bdb3a0 R14: 0000000000000000 R15: 00007ffe89bdb3b0 [ 1491.872618] Mem-Info: [ 1491.875848] active_anon:1297703 inactive_anon:4311 isolated_anon:0 [ 1491.875848] active_file:764 inactive_file:663 isolated_file:64 [ 1491.875848] unevictable:0 dirty:1446 writeback:0 unstable:0 [ 1491.875848] slab_reclaimable:17860 slab_unreclaimable:134273 [ 1491.875848] mapped:53707 shmem:4488 pagetables:35042 bounce:0 [ 1491.875848] free:21359 free_pcp:43 free_cma:0 [ 1491.934225] Node 0 active_anon:1877196kB inactive_anon:16112kB active_file:1208kB inactive_file:1104kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214668kB dirty:2264kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 618496kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1491.976918] Node 1 active_anon:3313712kB inactive_anon:1132kB active_file:1660kB inactive_file:1856kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:4kB dirty:3492kB writeback:0kB shmem:1180kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1492.018909] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1492.058316] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1492.068108] Node 0 DMA32 free:25288kB min:36296kB low:45368kB high:54440kB active_anon:1871780kB inactive_anon:16112kB active_file:1316kB inactive_file:1056kB unevictable:0kB writepending:2264kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10560kB pagetables:57052kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1492.111372] lowmem_reserve[]: 0 0 0 0 0 [ 1492.117620] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1492.149566] lowmem_reserve[]: 0 0 0 0 0 [ 1492.153943] Node 1 Normal free:50448kB min:53592kB low:66988kB high:80384kB active_anon:3313712kB inactive_anon:1132kB active_file:1720kB inactive_file:2180kB unevictable:0kB writepending:3492kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33952kB pagetables:83100kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1492.186183] lowmem_reserve[]: 0 0 0 0 0 [ 1492.190206] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1492.205971] Node 0 DMA32: 250*4kB (UME) 553*8kB (UME) 266*16kB (UME) 146*32kB (UME) 71*64kB (UME) 12*128kB (UME) 5*256kB (UM) 3*512kB (M) 2*1024kB (ME) 0*2048kB 0*4096kB = 25296kB [ 1492.223146] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1492.247296] Node 1 Normal: 593*4kB (UME) 346*8kB (UME) 10*16kB (UME) 3*32kB (UME) 168*64kB (UME) 87*128kB (UM) 35*256kB (ME) 26*512kB (ME) 1*1024kB (U) 0*2048kB 0*4096kB = 50580kB [ 1492.284311] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1492.317927] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1492.355136] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1492.382610] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1492.414072] 5952 total pagecache pages [ 1492.418198] 0 pages in swap cache [ 1492.438578] Swap cache stats: add 0, delete 0, find 0/0 [ 1492.446428] Free swap = 0kB [ 1492.449480] Total swap = 0kB [ 1492.452684] 1965979 pages RAM [ 1492.455786] 0 pages HighMem/MovableOnly [ 1492.459758] 338455 pages reserved [ 1492.477450] 0 pages cma reserved [ 1492.481015] Out of memory: Kill process 20869 (syz-executor.4) score 1007 or sacrifice child [ 1492.489725] Killed process 20869 (syz-executor.4) total-vm:75368kB, anon-rss:16552kB, file-rss:34816kB, shmem-rss:0kB [ 1492.583875] oom_reaper: reaped process 20869 (syz-executor.4), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:26:44 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, 0x0, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:26:49 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:26:49 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) sched_setattr(0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:26:51 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1501.982121] syz-executor.5 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1502.039012] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 1502.056563] CPU: 1 PID: 20539 Comm: syz-executor.5 Not tainted 4.14.182-syzkaller #0 [ 1502.064479] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1502.073936] Call Trace: [ 1502.076532] dump_stack+0x1b2/0x283 [ 1502.080247] dump_header+0x178/0x7aa [ 1502.083959] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1502.088976] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1502.094080] ? ___ratelimit+0x2cd/0x522 [ 1502.098065] oom_kill_process.cold+0x10/0xc16 [ 1502.102573] ? lock_downgrade+0x6e0/0x6e0 [ 1502.106726] out_of_memory+0x2d5/0x10f0 [ 1502.110720] ? oom_killer_disable+0x1c0/0x1c0 [ 1502.116259] ? mutex_trylock+0x152/0x1a0 [ 1502.120362] __alloc_pages_nodemask+0x2556/0x2730 [ 1502.125217] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1502.130066] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1502.134922] ? trace_hardirqs_on+0x10/0x10 [ 1502.139170] ? cache_grow_begin+0x3f/0x410 [ 1502.143407] cache_grow_begin+0x91/0x410 [ 1502.147463] fallback_alloc+0x205/0x2b0 [ 1502.151435] kmem_cache_alloc+0x1e5/0x3c0 [ 1502.155580] getname_flags+0xc8/0x550 [ 1502.159377] user_path_at_empty+0x2a/0x50 [ 1502.163521] vfs_statx+0xd1/0x160 [ 1502.167071] ? vfs_statx_fd+0x90/0x90 [ 1502.170871] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1502.175638] SyS_newlstat+0x83/0xe0 [ 1502.179264] ? SyS_newstat+0xe0/0xe0 [ 1502.182974] ? lock_downgrade+0x6e0/0x6e0 [ 1502.187116] ? up_read+0x17/0x30 [ 1502.190480] ? __do_page_fault+0x19a/0xb50 [ 1502.194709] ? do_syscall_64+0x4c/0x640 [ 1502.198672] ? SyS_newstat+0xe0/0xe0 [ 1502.202376] do_syscall_64+0x1d5/0x640 [ 1502.206262] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1502.211617] RIP: 0033:0x45be85 [ 1502.214795] RSP: 002b:00007ffe52bc1628 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 1502.222494] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045be85 [ 1502.229756] RDX: 00007ffe52bc1640 RSI: 00007ffe52bc1640 RDI: 00007ffe52bc16d0 [ 1502.237021] RBP: 0000000000000b8c R08: 0000000000000000 R09: 0000000000000010 [ 1502.244285] R10: 000000000000000a R11: 0000000000000246 R12: 00007ffe52bc2760 [ 1502.251809] R13: 000000000153e940 R14: 0000000000000000 R15: 00007ffe52bc2760 [ 1502.307105] Mem-Info: [ 1502.309593] active_anon:1293595 inactive_anon:4311 isolated_anon:0 [ 1502.309593] active_file:697 inactive_file:885 isolated_file:64 [ 1502.309593] unevictable:0 dirty:1443 writeback:0 unstable:0 [ 1502.309593] slab_reclaimable:17849 slab_unreclaimable:135111 [ 1502.309593] mapped:53737 shmem:4488 pagetables:34987 bounce:0 [ 1502.309593] free:24811 free_pcp:74 free_cma:0 [ 1502.356518] Node 0 active_anon:1868516kB inactive_anon:16112kB active_file:1304kB inactive_file:1048kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214648kB dirty:2264kB writeback:0kB shmem:16772kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 614400kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1502.395148] Node 1 active_anon:3305864kB inactive_anon:1132kB active_file:1916kB inactive_file:1736kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:100kB dirty:3508kB writeback:0kB shmem:1180kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1502.468465] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1502.504005] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1502.509124] Node 0 DMA32 free:33920kB min:36296kB low:45368kB high:54440kB active_anon:1863100kB inactive_anon:16112kB active_file:1184kB inactive_file:1012kB unevictable:0kB writepending:2264kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10560kB pagetables:56928kB bounce:0kB free_pcp:120kB local_pcp:120kB free_cma:0kB [ 1502.578721] lowmem_reserve[]: 0 0 0 0 0 [ 1502.582796] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1502.636598] lowmem_reserve[]: 0 0 0 0 0 [ 1502.649203] Node 1 Normal free:54356kB min:53592kB low:66988kB high:80384kB active_anon:3305864kB inactive_anon:1132kB active_file:1656kB inactive_file:1736kB unevictable:0kB writepending:3508kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33888kB pagetables:82996kB bounce:0kB free_pcp:216kB local_pcp:112kB free_cma:0kB [ 1502.776003] lowmem_reserve[]: 0 0 0 0 0 [ 1502.786968] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1502.809359] Node 0 DMA32: 318*4kB (UME) 598*8kB (UME) 306*16kB (UME) 198*32kB (UME) 98*64kB (UME) 12*128kB (UME) 5*256kB (UM) 3*512kB (M) 2*1024kB (ME) 2*2048kB (M) 0*4096kB = 34056kB [ 1502.876640] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1502.887579] Node 1 Normal: 1035*4kB (UME) 658*8kB (ME) 58*16kB (UME) 2*32kB (M) 166*64kB (M) 86*128kB (M) 35*256kB (UM) 26*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 54300kB [ 1502.919435] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1502.933533] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1502.943424] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1502.985392] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1503.062759] 5977 total pagecache pages [ 1503.066688] 0 pages in swap cache [ 1503.079932] Swap cache stats: add 0, delete 0, find 0/0 [ 1503.085352] Free swap = 0kB [ 1503.088356] Total swap = 0kB [ 1503.125175] 1965979 pages RAM [ 1503.128314] 0 pages HighMem/MovableOnly [ 1503.139764] 338455 pages reserved [ 1503.143275] 0 pages cma reserved [ 1503.159892] Out of memory: Kill process 20937 (syz-executor.5) score 1007 or sacrifice child [ 1503.168533] Killed process 20937 (syz-executor.5) total-vm:75368kB, anon-rss:16548kB, file-rss:34816kB, shmem-rss:0kB [ 1503.242406] oom_reaper: reaped process 20937 (syz-executor.5), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:27:04 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:27:05 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:27:06 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:27:06 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}}, 0x0) 19:27:06 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:27:07 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}}, 0x0) 19:27:07 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1516.121979] syz-fuzzer invoked oom-killer: gfp_mask=0x14201ca(GFP_HIGHUSER_MOVABLE|__GFP_COLD), nodemask=(null), order=0, oom_score_adj=0 [ 1516.169464] syz-fuzzer cpuset=/ mems_allowed=0-1 [ 1516.174431] CPU: 1 PID: 6339 Comm: syz-fuzzer Not tainted 4.14.182-syzkaller #0 [ 1516.182225] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1516.191577] Call Trace: [ 1516.194188] dump_stack+0x1b2/0x283 [ 1516.200525] dump_header+0x178/0x7aa [ 1516.204237] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1516.209255] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1516.214360] ? ___ratelimit+0x2cd/0x522 [ 1516.218345] oom_kill_process.cold+0x10/0xc16 [ 1516.222848] ? lock_downgrade+0x6e0/0x6e0 [ 1516.226997] out_of_memory+0x2d5/0x10f0 [ 1516.230979] ? oom_killer_disable+0x1c0/0x1c0 [ 1516.235480] ? mutex_trylock+0x152/0x1a0 [ 1516.239549] __alloc_pages_nodemask+0x2556/0x2730 [ 1516.244384] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1516.250963] ? trace_hardirqs_on+0x10/0x10 [ 1516.255185] ? find_get_entry+0x31b/0x660 [ 1516.259327] alloc_pages_current+0xe7/0x1e0 [ 1516.263650] __page_cache_alloc+0x243/0x3c0 [ 1516.267961] filemap_fault+0xd42/0x18f0 [ 1516.271924] ext4_filemap_fault+0x84/0xb0 [ 1516.276504] __do_fault+0xfa/0x380 [ 1516.280027] __handle_mm_fault+0x2055/0x3700 [ 1516.284530] ? vm_insert_mixed_mkwrite+0x30/0x30 [ 1516.289616] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1516.295237] handle_mm_fault+0x306/0x794 [ 1516.299307] __do_page_fault+0x578/0xb50 [ 1516.303452] ? mm_fault_error+0x2c0/0x2c0 [ 1516.307777] ? do_page_fault+0x60/0x4f2 [ 1516.315218] ? page_fault+0x2f/0x50 [ 1516.318841] page_fault+0x45/0x50 [ 1516.323419] RIP: acc00:0x160eddca0b8 [ 1516.327140] RSP: 7f4bc2:000000c00031f928 EFLAGS: 00000003 [ 1516.344043] Mem-Info: [ 1516.353371] active_anon:1293623 inactive_anon:4312 isolated_anon:0 [ 1516.353371] active_file:889 inactive_file:895 isolated_file:79 [ 1516.353371] unevictable:0 dirty:1452 writeback:0 unstable:0 [ 1516.353371] slab_reclaimable:17894 slab_unreclaimable:135223 [ 1516.353371] mapped:54031 shmem:4488 pagetables:35017 bounce:0 [ 1516.353371] free:24036 free_pcp:282 free_cma:0 [ 1516.388185] Node 0 active_anon:1861616kB inactive_anon:16120kB active_file:1824kB inactive_file:1840kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:216028kB dirty:2284kB writeback:0kB shmem:16780kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 606208kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1516.417554] Node 1 active_anon:3312876kB inactive_anon:1128kB active_file:1732kB inactive_file:1740kB unevictable:0kB isolated(anon):0kB isolated(file):60kB mapped:96kB dirty:3524kB writeback:0kB shmem:1172kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1516.449810] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1516.476700] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1516.481801] Node 0 DMA32 free:32428kB min:36296kB low:45368kB high:54440kB active_anon:1856200kB inactive_anon:16120kB active_file:1608kB inactive_file:1684kB unevictable:0kB writepending:2284kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10560kB pagetables:57128kB bounce:0kB free_pcp:1120kB local_pcp:472kB free_cma:0kB [ 1516.522278] lowmem_reserve[]: 0 0 0 0 0 [ 1516.526292] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1516.582080] lowmem_reserve[]: 0 0 0 0 0 [ 1516.586121] Node 1 Normal free:53416kB min:53592kB low:66988kB high:80384kB active_anon:3312876kB inactive_anon:1128kB active_file:1756kB inactive_file:1724kB unevictable:0kB writepending:3524kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33952kB pagetables:82916kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1516.697761] lowmem_reserve[]: 0 0 0 0 0 [ 1516.704246] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1516.739108] Node 0 DMA32: 285*4kB (UME) 424*8kB (UME) 120*16kB (UME) 171*32kB (ME) 100*64kB (ME) 12*128kB (ME) 7*256kB (UM) 5*512kB (UM) 5*1024kB (UME) 2*2048kB (M) 0*4096kB = 33428kB [ 1516.771841] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1516.783839] Node 1 Normal: 800*4kB (UME) 729*8kB (UME) 157*16kB (UME) 21*32kB (UM) 133*64kB (M) 86*128kB (M) 34*256kB (M) 26*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 53752kB [ 1516.808828] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1516.838266] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1516.847000] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1516.869117] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1516.877783] 6015 total pagecache pages [ 1516.881813] 0 pages in swap cache [ 1516.885262] Swap cache stats: add 0, delete 0, find 0/0 [ 1516.904671] Free swap = 0kB [ 1516.907752] Total swap = 0kB [ 1516.910865] 1965979 pages RAM [ 1516.913989] 0 pages HighMem/MovableOnly [ 1516.917975] 338455 pages reserved [ 1516.930574] 0 pages cma reserved [ 1516.933970] Out of memory: Kill process 23817 (syz-executor.1) score 1007 or sacrifice child [ 1516.942655] Killed process 23817 (syz-executor.1) total-vm:75368kB, anon-rss:16552kB, file-rss:34816kB, shmem-rss:0kB [ 1517.019285] oom_reaper: reaped process 23817 (syz-executor.1), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:27:09 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:27:09 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) sched_setattr(0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:27:09 executing program 1: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, 0x0}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYBLOB="00042cbd7000ffdbdf25090000003400028008000200090000001c000380080001009c000000080002000800000008000200bc400000040004000800010004010000400004800900010073797a31000000002400078008000100060000000800040001000000080001000400000008000200000000000900010073797a31000000000c0002800800010001000000300007800c000300001000000000000008000200cf0f00000c00040003000000000000000c000400ff00000000000000940004800900010073797a31000000004c0007"], 0x1d0}}, 0x0) 19:27:09 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, 0x0, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:27:09 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:27:10 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:27:10 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(0x0) [ 1518.165207] syz-executor.5 invoked oom-killer: gfp_mask=0x15080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0 [ 1518.226475] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 1518.246484] CPU: 0 PID: 20539 Comm: syz-executor.5 Not tainted 4.14.182-syzkaller #0 [ 1518.254427] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1518.263779] Call Trace: [ 1518.266376] dump_stack+0x1b2/0x283 [ 1518.270094] dump_header+0x178/0x7aa [ 1518.273806] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1518.278819] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1518.283922] ? ___ratelimit+0x2cd/0x522 [ 1518.287898] oom_kill_process.cold+0x10/0xc16 [ 1518.292389] ? lock_acquire+0x170/0x3f0 [ 1518.296364] ? lock_downgrade+0x6e0/0x6e0 [ 1518.300511] out_of_memory+0x2d5/0x10f0 [ 1518.304487] ? oom_killer_disable+0x1c0/0x1c0 [ 1518.308972] ? mutex_trylock+0x152/0x1a0 [ 1518.313029] __alloc_pages_nodemask+0x2556/0x2730 [ 1518.317874] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1518.322716] ? _raw_spin_unlock+0x29/0x40 [ 1518.326867] ? rcu_read_lock_sched_held+0x10a/0x130 [ 1518.331878] ? kmem_cache_alloc_node+0x387/0x400 [ 1518.336634] copy_process.part.0+0x26a/0x6fa0 [ 1518.341127] ? trace_hardirqs_on+0x10/0x10 [ 1518.345359] ? trace_hardirqs_on+0x10/0x10 [ 1518.349589] ? do_wp_page+0x24c/0x1dc0 [ 1518.353476] ? __handle_mm_fault+0x18e8/0x3700 [ 1518.358057] ? finish_mkwrite_fault+0x5e0/0x5e0 [ 1518.362766] ? __cleanup_sighand+0x40/0x40 [ 1518.367004] ? lock_downgrade+0x6e0/0x6e0 [ 1518.371179] _do_fork+0x180/0xc80 [ 1518.374723] ? put_timespec64+0xaa/0xf0 [ 1518.378725] ? fork_idle+0x270/0x270 [ 1518.382543] ? SyS_clock_gettime+0xf5/0x180 [ 1518.389258] ? SyS_clock_settime+0x1a0/0x1a0 [ 1518.393671] ? do_syscall_64+0x4c/0x640 [ 1518.397644] ? sys_vfork+0x20/0x20 [ 1518.401189] do_syscall_64+0x1d5/0x640 [ 1518.405086] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1518.410276] RIP: 0033:0x45b09a [ 1518.413458] RSP: 002b:00007ffe52bc26d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1518.421168] RAX: ffffffffffffffda RBX: 00007ffe52bc26d0 RCX: 000000000045b09a [ 1518.428419] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1518.435667] RBP: 00007ffe52bc2710 R08: 0000000000000001 R09: 000000000153d940 [ 1518.442919] R10: 000000000153dc10 R11: 0000000000000246 R12: 0000000000000001 [ 1518.450182] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe52bc2760 [ 1518.737583] Mem-Info: [ 1518.740139] active_anon:1289521 inactive_anon:4312 isolated_anon:0 [ 1518.740139] active_file:793 inactive_file:745 isolated_file:0 [ 1518.740139] unevictable:0 dirty:1459 writeback:0 unstable:0 [ 1518.740139] slab_reclaimable:17906 slab_unreclaimable:135530 [ 1518.740139] mapped:53714 shmem:4488 pagetables:35011 bounce:0 [ 1518.740139] free:28131 free_pcp:261 free_cma:0 [ 1518.832791] Node 0 active_anon:1852676kB inactive_anon:16120kB active_file:3044kB inactive_file:5080kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:218920kB dirty:2296kB writeback:0kB shmem:16780kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 602112kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 19:27:11 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) [ 1519.078813] Node 1 active_anon:3306936kB inactive_anon:1128kB active_file:1768kB inactive_file:1920kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:4kB dirty:3552kB writeback:0kB shmem:1172kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1519.217041] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1519.332673] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1519.337750] Node 0 DMA32 free:29592kB min:36296kB low:45368kB high:54440kB active_anon:1856560kB inactive_anon:16120kB active_file:2104kB inactive_file:2308kB unevictable:0kB writepending:2344kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10560kB pagetables:57204kB bounce:0kB free_pcp:1396kB local_pcp:736kB free_cma:0kB [ 1519.381784] lowmem_reserve[]: 0 0 0 0 0 [ 1519.385811] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1519.415380] lowmem_reserve[]: 0 0 0 0 0 [ 1519.419898] Node 1 Normal free:53792kB min:53592kB low:66988kB high:80384kB active_anon:3306936kB inactive_anon:1128kB active_file:4156kB inactive_file:3984kB unevictable:0kB writepending:3552kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33952kB pagetables:82912kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1519.528398] lowmem_reserve[]: 0 0 0 0 0 [ 1519.537683] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1519.587283] Node 0 DMA32: 344*4kB (UME) 404*8kB (UME) 66*16kB (UME) 148*32kB (UME) 100*64kB (UME) 14*128kB (UME) 7*256kB (UM) 4*512kB (M) 4*1024kB (ME) 3*2048kB (M) 0*4096kB = 32672kB [ 1519.653386] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1519.676867] Node 1 Normal: 891*4kB (UME) 838*8kB (UME) 296*16kB (UME) 14*32kB (UM) 169*64kB (UM) 87*128kB (UM) 35*256kB (UM) 25*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 59164kB [ 1519.717985] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1519.756519] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1519.800428] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1519.825457] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1519.846076] 6133 total pagecache pages [ 1519.850071] 0 pages in swap cache [ 1519.854453] Swap cache stats: add 0, delete 0, find 0/0 [ 1519.865796] Free swap = 0kB [ 1519.875610] Total swap = 0kB [ 1519.878664] 1965979 pages RAM [ 1519.884975] 0 pages HighMem/MovableOnly [ 1519.897200] 338455 pages reserved [ 1519.904716] 0 pages cma reserved [ 1519.912751] Out of memory: Kill process 21062 (syz-executor.5) score 1007 or sacrifice child [ 1519.935150] Killed process 21062 (syz-executor.5) total-vm:75368kB, anon-rss:16548kB, file-rss:34816kB, shmem-rss:0kB [ 1520.036121] oom_reaper: reaped process 21062 (syz-executor.5), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:27:14 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) [ 1526.957172] syz-executor.5 invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1527.028987] syz-executor.5 cpuset=/ mems_allowed=0-1 [ 1527.036358] CPU: 0 PID: 20539 Comm: syz-executor.5 Not tainted 4.14.182-syzkaller #0 [ 1527.044287] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1527.053638] Call Trace: [ 1527.056228] dump_stack+0x1b2/0x283 [ 1527.059861] dump_header+0x178/0x7aa [ 1527.063567] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1527.068583] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1527.073736] ? ___ratelimit+0x2cd/0x522 [ 1527.077709] oom_kill_process.cold+0x10/0xc16 [ 1527.082223] ? lock_acquire+0x170/0x3f0 [ 1527.086210] ? lock_downgrade+0x6e0/0x6e0 [ 1527.090455] out_of_memory+0x2d5/0x10f0 [ 1527.094439] ? oom_killer_disable+0x1c0/0x1c0 [ 1527.098933] ? mutex_trylock+0x152/0x1a0 [ 1527.102996] __alloc_pages_nodemask+0x2556/0x2730 [ 1527.107848] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1527.112689] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1527.117540] ? trace_hardirqs_on+0x10/0x10 [ 1527.121797] ? cache_grow_begin+0x3f/0x410 [ 1527.126030] cache_grow_begin+0x91/0x410 [ 1527.130092] fallback_alloc+0x205/0x2b0 [ 1527.134072] kmem_cache_alloc+0x1e5/0x3c0 [ 1527.138228] getname_flags+0xc8/0x550 [ 1527.142024] do_sys_open+0x202/0x3e0 [ 1527.145734] ? filp_open+0x60/0x60 [ 1527.149270] ? __do_page_fault+0x19a/0xb50 [ 1527.153497] ? do_syscall_64+0x4c/0x640 [ 1527.157461] ? do_sys_open+0x3e0/0x3e0 [ 1527.161358] do_syscall_64+0x1d5/0x640 [ 1527.165251] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1527.170432] RIP: 0033:0x45aa40 [ 1527.173610] RSP: 002b:00007ffe52bc2670 EFLAGS: 00000202 ORIG_RAX: 0000000000000002 [ 1527.181319] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045aa40 [ 1527.188583] RDX: 0000000000000000 RSI: 0000000000090800 RDI: 00000000004c15fb [ 1527.195845] RBP: 0000000000000ba9 R08: 0000000000000001 R09: 000000000153d940 [ 1527.203281] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000000000 [ 1527.210544] R13: 00007ffe52bc2750 R14: 000000000017354e R15: 00007ffe52bc2760 [ 1527.252344] Mem-Info: [ 1527.255179] active_anon:1291782 inactive_anon:4312 isolated_anon:0 [ 1527.255179] active_file:731 inactive_file:781 isolated_file:32 [ 1527.255179] unevictable:0 dirty:1469 writeback:0 unstable:0 [ 1527.255179] slab_reclaimable:17912 slab_unreclaimable:135911 [ 1527.255179] mapped:53690 shmem:4488 pagetables:35056 bounce:0 [ 1527.255179] free:25692 free_pcp:55 free_cma:0 [ 1527.326875] Node 0 active_anon:1860076kB inactive_anon:16120kB active_file:1248kB inactive_file:1092kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214660kB dirty:2308kB writeback:0kB shmem:16780kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 602112kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1527.377055] Node 1 active_anon:3307052kB inactive_anon:1128kB active_file:2332kB inactive_file:2024kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:800kB dirty:3568kB writeback:0kB shmem:1172kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1527.406526] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1527.436352] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1527.441482] Node 0 DMA32 free:34976kB min:36296kB low:45368kB high:54440kB active_anon:1854660kB inactive_anon:16120kB active_file:1216kB inactive_file:1164kB unevictable:0kB writepending:2308kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10560kB pagetables:57192kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1527.471249] lowmem_reserve[]: 0 0 0 0 0 [ 1527.475313] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1527.518417] lowmem_reserve[]: 0 0 0 0 0 [ 1527.522439] Node 1 Normal free:57496kB min:53592kB low:66988kB high:80384kB active_anon:3307052kB inactive_anon:1128kB active_file:1724kB inactive_file:1884kB unevictable:0kB writepending:3568kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33984kB pagetables:83008kB bounce:0kB free_pcp:112kB local_pcp:0kB free_cma:0kB [ 1527.561264] lowmem_reserve[]: 0 0 0 0 0 [ 1527.572444] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1527.612253] Node 0 DMA32: 341*4kB (UME) 343*8kB (UME) 62*16kB (UME) 162*32kB (UME) 105*64kB (UME) 17*128kB (UME) 8*256kB (UM) 5*512kB (M) 5*1024kB (UME) 3*2048kB (UM) 0*4096kB = 35052kB [ 1527.675012] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1527.686377] Node 1 Normal: 902*4kB (UME) 761*8kB (ME) 211*16kB (UME) 13*32kB (UM) 169*64kB (UM) 87*128kB (UM) 35*256kB (UM) 25*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 57200kB [ 1527.755761] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1527.806242] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1527.852574] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1527.924194] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1527.933026] 6012 total pagecache pages [ 1527.936914] 0 pages in swap cache [ 1527.947802] Swap cache stats: add 0, delete 0, find 0/0 [ 1527.953348] Free swap = 0kB [ 1527.956378] Total swap = 0kB [ 1527.963189] 1965979 pages RAM [ 1527.966296] 0 pages HighMem/MovableOnly [ 1527.982834] 338455 pages reserved [ 1527.986329] 0 pages cma reserved [ 1527.999957] Out of memory: Kill process 21198 (syz-executor.5) score 1007 or sacrifice child [ 1528.008655] Killed process 21198 (syz-executor.5) total-vm:75368kB, anon-rss:16548kB, file-rss:34816kB, shmem-rss:0kB [ 1528.058563] oom_reaper: reaped process 21198 (syz-executor.5), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1529.430875] syz-executor.2 invoked oom-killer: gfp_mask=0x15080c0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), nodemask=(null), order=3, oom_score_adj=0 [ 1529.450957] syz-executor.2 cpuset=/ mems_allowed=0-1 [ 1529.456131] CPU: 0 PID: 6352 Comm: syz-executor.2 Not tainted 4.14.182-syzkaller #0 [ 1529.463922] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1529.473270] Call Trace: [ 1529.475857] dump_stack+0x1b2/0x283 [ 1529.479480] dump_header+0x178/0x7aa [ 1529.483187] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1529.488204] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1529.493309] ? ___ratelimit+0x2cd/0x522 [ 1529.498411] oom_kill_process.cold+0x10/0xc16 [ 1529.502995] ? lock_downgrade+0x6e0/0x6e0 [ 1529.507401] out_of_memory+0x2d5/0x10f0 [ 1529.511383] ? oom_killer_disable+0x1c0/0x1c0 [ 1529.515869] ? mutex_trylock+0x152/0x1a0 [ 1529.519930] __alloc_pages_nodemask+0x2556/0x2730 [ 1529.524782] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1529.529621] ? alloc_set_pte+0xc07/0x1550 [ 1529.533777] ? rcu_read_lock_sched_held+0x10a/0x130 [ 1529.539659] ? kmem_cache_alloc_node+0x387/0x400 [ 1529.544417] copy_process.part.0+0x26a/0x6fa0 [ 1529.548908] ? trace_hardirqs_on+0x10/0x10 [ 1529.553143] ? trace_hardirqs_on+0x10/0x10 [ 1529.557374] ? lock_downgrade+0x6e0/0x6e0 [ 1529.561515] ? trace_hardirqs_on+0x10/0x10 [ 1529.565746] ? __cleanup_sighand+0x40/0x40 [ 1529.570010] ? lock_downgrade+0x6e0/0x6e0 [ 1529.574160] _do_fork+0x180/0xc80 [ 1529.577611] ? put_timespec64+0xaa/0xf0 [ 1529.581584] ? fork_idle+0x270/0x270 [ 1529.585297] ? SyS_clock_gettime+0xf5/0x180 [ 1529.589614] ? SyS_clock_settime+0x1a0/0x1a0 [ 1529.594715] ? do_syscall_64+0x4c/0x640 [ 1529.598777] ? sys_vfork+0x20/0x20 [ 1529.602314] do_syscall_64+0x1d5/0x640 [ 1529.606230] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1529.612504] RIP: 0033:0x45b09a [ 1529.615689] RSP: 002b:00007ffe569b9950 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1529.623494] RAX: ffffffffffffffda RBX: 00007ffe569b9950 RCX: 000000000045b09a [ 1529.630765] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1529.639078] RBP: 00007ffe569b9990 R08: 0000000000000001 R09: 0000000002c93940 [ 1529.646522] R10: 0000000002c93c10 R11: 0000000000000246 R12: 0000000000000001 [ 1529.656521] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe569b99e0 [ 1529.684583] Mem-Info: [ 1529.687127] active_anon:1287651 inactive_anon:4312 isolated_anon:0 [ 1529.687127] active_file:810 inactive_file:716 isolated_file:0 [ 1529.687127] unevictable:0 dirty:1471 writeback:0 unstable:0 [ 1529.687127] slab_reclaimable:17909 slab_unreclaimable:136203 [ 1529.687127] mapped:53665 shmem:4488 pagetables:35023 bounce:0 [ 1529.687127] free:29691 free_pcp:24 free_cma:0 [ 1529.723010] Node 0 active_anon:1843552kB inactive_anon:16120kB active_file:1264kB inactive_file:1172kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214660kB dirty:2304kB writeback:0kB shmem:16780kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 587776kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1529.753867] Node 1 active_anon:3307052kB inactive_anon:1128kB active_file:1932kB inactive_file:1740kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:3580kB writeback:0kB shmem:1172kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1529.801380] Node 0 DMA free:10400kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1529.833481] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1529.844471] Node 0 DMA32 free:50528kB min:36296kB low:45368kB high:54440kB active_anon:1838136kB inactive_anon:16120kB active_file:1212kB inactive_file:1200kB unevictable:0kB writepending:2304kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10528kB pagetables:57060kB bounce:0kB free_pcp:236kB local_pcp:0kB free_cma:0kB [ 1529.878093] lowmem_reserve[]: 0 0 0 0 0 [ 1529.882654] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1529.926549] lowmem_reserve[]: 0 0 0 0 0 [ 1529.949957] Node 1 Normal free:57484kB min:53592kB low:66988kB high:80384kB active_anon:3307052kB inactive_anon:1128kB active_file:1872kB inactive_file:1764kB unevictable:0kB writepending:3580kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:33984kB pagetables:83008kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1530.017759] lowmem_reserve[]: 0 0 0 0 0 [ 1530.034377] Node 0 DMA: 2*4kB (ME) 5*8kB (UME) 3*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10400kB [ 1530.061218] Node 0 DMA32: 213*4kB (ME) 295*8kB (ME) 45*16kB (ME) 156*32kB (ME) 106*64kB (UME) 18*128kB (UME) 9*256kB (UM) 6*512kB (M) 6*1024kB (UME) 4*2048kB (UM) 3*4096kB (M) = 50012kB [ 1530.083890] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1530.096019] Node 1 Normal: 975*4kB (UME) 766*8kB (UME) 206*16kB (UME) 14*32kB (UM) 169*64kB (UM) 87*128kB (UM) 35*256kB (UM) 25*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 57484kB [ 1530.116251] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1530.143714] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1530.207072] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1530.231420] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1530.255572] 6068 total pagecache pages [ 1530.273357] 0 pages in swap cache [ 1530.287667] Swap cache stats: add 0, delete 0, find 0/0 [ 1530.331184] Free swap = 0kB [ 1530.334246] Total swap = 0kB [ 1530.349994] 1965979 pages RAM [ 1530.353170] 0 pages HighMem/MovableOnly [ 1530.357142] 338455 pages reserved [ 1530.382692] 0 pages cma reserved [ 1530.386188] Out of memory: Kill process 21231 (syz-executor.5) score 1007 or sacrifice child [ 1530.416563] Killed process 21231 (syz-executor.5) total-vm:75368kB, anon-rss:16548kB, file-rss:34816kB, shmem-rss:0kB [ 1530.498133] oom_reaper: reaped process 21231 (syz-executor.5), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB 19:27:23 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:27:24 executing program 4: mkdir(&(0x7f00000001c0)='./file0\x00', 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) mkdir(&(0x7f0000000040)='./file1\x00', 0x0) r0 = inotify_init1(0x0) inotify_add_watch(r0, &(0x7f0000000280)='.\x00', 0x2a4) r1 = syz_open_procfs(0x0, &(0x7f00000005c0)='net/netfilter\x00') getdents(r1, 0x0, 0x0) getdents(r1, 0x0, 0x0) getdents(0xffffffffffffffff, 0x0, 0x0) getdents(0xffffffffffffffff, 0x0, 0x0) sendfile(r1, 0xffffffffffffffff, &(0x7f0000000140)=0x3, 0x8aa3) r2 = inotify_init() inotify_add_watch(r2, &(0x7f0000000000)='.\x00', 0x80000000) mount$overlay(0x40000a, &(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)='overlay\x00', 0x0, &(0x7f0000000100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './file1'}, 0x5c}], [], 0xf603000000000000}) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000240)='cgroup2\x00', 0x0, 0x0) 19:27:24 executing program 1: prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff) clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000140)="66aed12f0000001500ae47a825d86800278dcff47d010000805acf4f8f36460234432479aed75d492b415bcee00a06dc9d8e99adaf81dcfc6afd983f79e65199615607676f8f9fc0ebf8b0b1", 0x4c}], 0x4, 0x0) ptrace$setopts(0x4206, r0, 0x0, 0x0) tkill(r0, 0x3c) ptrace$cont(0x18, r0, 0x0, 0x0) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x20, r0, 0x0, 0x0) 19:27:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) sched_setattr(0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1533.106382] loop2: p1 p2 < > p3 p4 < p5 > [ 1533.110983] loop2: partition table partially beyond EOD, truncated [ 1533.165549] loop2: p1 size 11290111 extends beyond EOD, truncated 19:27:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) sched_setattr(0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') [ 1533.256587] loop2: p3 start 4293001441 is beyond EOD, truncated [ 1533.282787] overlayfs: workdir and upperdir must reside under the same mount [ 1533.297858] loop2: p5 size 11290111 extends beyond EOD, truncated 19:27:25 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:27:25 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:27:25 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r3, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:27:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) sched_setattr(0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:27:26 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:27:26 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:27:26 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:27:26 executing program 1: 19:27:26 executing program 4: 19:27:26 executing program 1: 19:27:26 executing program 5: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r2, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r3, 0x4, 0x6100) write$cgroup_type(r3, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:27:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) sched_setattr(0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:27:26 executing program 0: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x40000000011, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={0x0}}, 0x0) sendmsg$TIPC_NL_LINK_SET(r4, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB='\x00\x00\x00', @ANYRES16, @ANYBLOB], 0x1d0}, 0x1, 0x0, 0x0, 0x20000010}, 0x0) 19:27:26 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r3, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r4, 0x4, 0x6100) write$cgroup_type(r4, &(0x7f0000000200)='threaded\x00', 0x175d900f) 19:27:27 executing program 1: 19:27:27 executing program 1: 19:27:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) sched_setattr(0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:27:27 executing program 1: 19:27:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280), 0x0) sched_setattr(0x0, 0x0, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r0, 0x4, 0x6100) write$cgroup_type(r0, &(0x7f0000000200)='threaded\x00', 0x175d900f) syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00') 19:27:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f0000000280)={0xa, 0x8d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002700)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x8}, 0x0) r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuacct.usage_percpu_sys\x00', 0x275a, 0x0) write$FUSE_INTERRUPT(r4, &(0x7f0000000080)={0x10}, 0x10) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7fffff, 0x10, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = creat(&(0x7f00000002c0)='./bus\x00', 0x0) fcntl$setstatus(r5, 0x4, 0x6100) write$cgroup_type(r5, &(0x7f0000000200)='threaded\x00', 0x175d900f) [ 1560.235325] systemd-udevd invoked oom-killer: gfp_mask=0x14040c0(GFP_KERNEL|__GFP_COMP), nodemask=(null), order=1, oom_score_adj=0 [ 1560.251371] systemd-udevd cpuset=/ mems_allowed=0-1 [ 1560.258376] CPU: 0 PID: 14436 Comm: systemd-udevd Not tainted 4.14.182-syzkaller #0 [ 1560.266179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1560.275526] Call Trace: [ 1560.278114] dump_stack+0x1b2/0x283 [ 1560.281740] dump_header+0x178/0x7aa [ 1560.285445] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1560.290455] ? _raw_spin_unlock_irqrestore+0x66/0xe0 [ 1560.295553] ? ___ratelimit+0x2cd/0x522 [ 1560.299523] oom_kill_process.cold+0x10/0xc16 [ 1560.304013] ? lock_downgrade+0x6e0/0x6e0 [ 1560.308158] out_of_memory+0x2d5/0x10f0 [ 1560.312129] ? oom_killer_disable+0x1c0/0x1c0 [ 1560.316614] ? mutex_trylock+0x152/0x1a0 [ 1560.320672] __alloc_pages_nodemask+0x2556/0x2730 [ 1560.325522] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1560.330361] ? gfp_pfmemalloc_allowed+0x150/0x150 [ 1560.335197] ? trace_hardirqs_on+0x10/0x10 [ 1560.339434] ? cache_grow_begin+0x3f/0x410 [ 1560.343689] cache_grow_begin+0x91/0x410 [ 1560.347764] fallback_alloc+0x205/0x2b0 [ 1560.351750] kmem_cache_alloc+0x1e5/0x3c0 [ 1560.355895] getname_flags+0xc8/0x550 [ 1560.359692] user_path_at_empty+0x2a/0x50 [ 1560.363927] path_setxattr+0x84/0x130 [ 1560.371848] ? setxattr+0x300/0x300 [ 1560.375570] SyS_lsetxattr+0x33/0x40 [ 1560.379284] ? SyS_setxattr+0x50/0x50 [ 1560.383082] do_syscall_64+0x1d5/0x640 [ 1560.386980] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1560.392162] RIP: 0033:0x7f04fa2a061a [ 1560.395864] RSP: 002b:00007ffc616a42c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000bd [ 1560.403568] RAX: ffffffffffffffda RBX: 000055fc7dc48860 RCX: 00007f04fa2a061a [ 1560.410831] RDX: 000055fc7dc48860 RSI: 00007f04fa99b262 RDI: 00007ffc616a4e80 [ 1560.418109] RBP: 000055fc7db8d030 R08: 0000000000000000 R09: 0000000000000030 [ 1560.425371] R10: 000000000000001e R11: 0000000000000246 R12: 00007ffc616a4e80 [ 1560.432634] R13: 0000000000000000 R14: 00007ffc616a48a0 R15: 00007ffc616a4e8f [ 1560.452624] Mem-Info: [ 1560.494815] active_anon:1281292 inactive_anon:4310 isolated_anon:0 [ 1560.494815] active_file:803 inactive_file:1939 isolated_file:0 [ 1560.494815] unevictable:0 dirty:1488 writeback:0 unstable:0 [ 1560.494815] slab_reclaimable:17556 slab_unreclaimable:140561 [ 1560.494815] mapped:54587 shmem:4488 pagetables:35428 bounce:0 [ 1560.494815] free:30204 free_pcp:68 free_cma:0 [ 1560.614739] Node 0 active_anon:1819812kB inactive_anon:16124kB active_file:1300kB inactive_file:1180kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:214948kB dirty:2380kB writeback:0kB shmem:16796kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 569344kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1560.704227] Node 1 active_anon:3305356kB inactive_anon:1116kB active_file:1788kB inactive_file:1732kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:3572kB writeback:0kB shmem:1156kB shmem_thp: 0kB shmem_pmdmapped: 0kB anon_thp: 6144kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1560.780814] Node 0 DMA free:10412kB min:220kB low:272kB high:324kB active_anon:5416kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15908kB mlocked:0kB kernel_stack:0kB pagetables:24kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1560.813481] lowmem_reserve[]: 0 2559 2559 2559 2559 [ 1560.820664] Node 0 DMA32 free:59992kB min:36296kB low:45368kB high:54440kB active_anon:1814396kB inactive_anon:16124kB active_file:1512kB inactive_file:1560kB unevictable:0kB writepending:2380kB present:3129332kB managed:2623996kB mlocked:0kB kernel_stack:10848kB pagetables:58776kB bounce:0kB free_pcp:368kB local_pcp:80kB free_cma:0kB [ 1560.855431] lowmem_reserve[]: 0 0 0 0 0 [ 1560.860648] Node 0 Normal free:0kB min:0kB low:0kB high:0kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:786432kB managed:0kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1560.892894] lowmem_reserve[]: 0 0 0 0 0 [ 1560.911531] Node 1 Normal free:55208kB min:53592kB low:66988kB high:80384kB active_anon:3305356kB inactive_anon:1116kB active_file:1788kB inactive_file:1752kB unevictable:0kB writepending:3572kB present:3932160kB managed:3870192kB mlocked:0kB kernel_stack:34080kB pagetables:82912kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 1560.946881] lowmem_reserve[]: 0 0 0 0 0 [ 1560.951415] Node 0 DMA: 3*4kB (UME) 4*8kB (UME) 4*16kB (UM) 4*32kB (UE) 3*64kB (UME) 4*128kB (UME) 5*256kB (UME) 4*512kB (UME) 4*1024kB (UME) 1*2048kB (U) 0*4096kB = 10412kB [ 1560.972196] Node 0 DMA32: 25*4kB (UE) 94*8kB (UME) 203*16kB (UME) 141*32kB (UME) 103*64kB (ME) 18*128kB (UME) 11*256kB (UM) 8*512kB (UM) 7*1024kB (UME) 6*2048kB (M) 3*4096kB (M) = 56164kB [ 1560.994836] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB [ 1561.010962] Node 1 Normal: 1976*4kB (UME) 1099*8kB (UME) 258*16kB (UME) 41*32kB (ME) 173*64kB (UME) 82*128kB (UM) 29*256kB (M) 7*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 54712kB [ 1561.029561] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1561.059227] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1561.068982] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 1561.082989] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB [ 1561.097844] 7043 total pagecache pages [ 1561.111549] 0 pages in swap cache [ 1561.121640] Swap cache stats: add 0, delete 0, find 0/0 [ 1561.132141] Free swap = 0kB [ 1561.139579] Total swap = 0kB [ 1561.164702] 1965979 pages RAM [ 1561.188846] 0 pages HighMem/MovableOnly [ 1561.217395] 338455 pages reserved [ 1561.222076] 0 pages cma reserved [ 1561.234938] Out of memory: Kill process 21254 (syz-executor.5) score 1007 or sacrifice child [ 1561.259380] Killed process 21254 (syz-executor.5) total-vm:75368kB, anon-rss:16548kB, file-rss:34816kB, shmem-rss:0kB [ 1561.371330] oom_reaper: reaped process 21254 (syz-executor.5), now anon-rss:0kB, file-rss:0kB, shmem-rss:0kB [ 1718.077567] INFO: task syz-executor.4:6351 blocked for more than 140 seconds. [ 1718.084873] Not tainted 4.14.182-syzkaller #0 [ 1718.098797] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1718.106787] syz-executor.4 D25104 6351 1 0x00000004 [ 1718.115837] Call Trace: [ 1718.120534] __schedule+0x8a6/0x1d70 [ 1718.124257] ? trace_hardirqs_on_caller+0x3a8/0x580 [ 1718.131331] ? firmware_map_remove+0x18f/0x18f [ 1718.136929] schedule+0x8d/0x1b0 [ 1718.142352] wb_wait_for_completion+0x118/0x170 [ 1718.147026] ? wb_queue_work+0x470/0x470 [ 1718.154270] ? trace_hardirqs_on+0x10/0x10 [ 1718.164960] ? wait_woken+0x240/0x240 [ 1718.171976] ? mark_held_locks+0xa6/0xf0 [ 1718.179921] ? check_preemption_disabled+0x35/0x240 [ 1718.185770] __writeback_inodes_sb_nr+0x168/0x1d0 [ 1718.195161] ? bdi_split_work_to_wbs+0xd30/0xd30 [ 1718.204811] ? _find_next_bit+0xdb/0x100 [ 1718.213313] sync_filesystem+0x8c/0x230 [ 1718.223625] ovl_sync_fs+0xa8/0xe0 [ 1718.229375] ? ovl_statfs+0x1b0/0x1b0 [ 1718.233264] sync_filesystem+0x185/0x230 [ 1718.245573] generic_shutdown_super+0x70/0x370 [ 1718.253935] kill_anon_super+0x38/0x50 [ 1718.260720] deactivate_locked_super+0x6c/0xd0 [ 1718.265808] deactivate_super+0x7f/0xa0 [ 1718.281464] cleanup_mnt+0xad/0x140 [ 1718.285127] task_work_run+0x113/0x190 [ 1718.293871] exit_to_usermode_loop+0x1ad/0x200 [ 1718.303401] do_syscall_64+0x4a3/0x640 [ 1718.308123] entry_SYSCALL_64_after_hwframe+0x46/0xbb [ 1718.313401] RIP: 0033:0x45f497 [ 1718.316588] RSP: 002b:00007fff6e714a38 EFLAGS: 00000202 ORIG_RAX: 00000000000000a6 [ 1718.330363] RAX: 0000000000000000 RBX: 0000000000176571 RCX: 000000000045f497 [ 1718.338773] RDX: 00000000004031d8 RSI: 0000000000000002 RDI: 00007fff6e714ae0 [ 1718.346214] RBP: 0000000000001bc7 R08: 0000000000000000 R09: 000000000000000c [ 1718.360725] R10: 0000000000000005 R11: 0000000000000202 R12: 00007fff6e715b70 [ 1718.368749] R13: 0000000002989940 R14: 0000000000000000 R15: 00007fff6e715b70 [ 1718.382684] [ 1718.382684] Showing all locks held in the system: [ 1718.389145] 1 lock held by khungtaskd/1057: [ 1718.393883] #0: (tasklist_lock){.+.+}, at: [] debug_show_all_locks+0x7c/0x21a [ 1718.403254] 2 locks held by syz-executor.4/6351: [ 1718.408045] #0: (&type->s_umount_key#64){+.+.}, at: [] deactivate_super+0x77/0xa0 [ 1718.417459] #1: (&type->s_umount_key#47){++++}, at: [] ovl_sync_fs+0xa0/0xe0 [ 1718.426698] [ 1718.428369] ============================================= [ 1718.428369] [ 1718.444302] NMI backtrace for cpu 0 [ 1718.448017] CPU: 0 PID: 1057 Comm: khungtaskd Not tainted 4.14.182-syzkaller #0 [ 1718.455463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1718.464819] Call Trace: [ 1718.467416] dump_stack+0x1b2/0x283 [ 1718.471051] nmi_cpu_backtrace.cold+0x57/0x93 [ 1718.475556] ? irq_force_complete_move.cold+0x7b/0x7b [ 1718.481621] nmi_trigger_cpumask_backtrace+0x13a/0x17f [ 1718.486907] watchdog+0x5e2/0xb80 [ 1718.490367] ? hungtask_pm_notify+0x50/0x50 [ 1718.494692] kthread+0x30d/0x420 [ 1718.498066] ? kthread_create_on_node+0xd0/0xd0 [ 1718.502738] ret_from_fork+0x24/0x30 [ 1718.506719] Sending NMI from CPU 0 to CPUs 1: [ 1718.511577] NMI backtrace for cpu 1 [ 1718.511581] CPU: 1 PID: 6114 Comm: kworker/u4:3 Not tainted 4.14.182-syzkaller #0 [ 1718.511585] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1718.511587] Workqueue: writeback wb_workfn (flush-8:0) [ 1718.511593] task: ffff88809ea98000 task.stack: ffff88820e240000 [ 1718.511596] RIP: 0010:__sanitizer_cov_trace_pc+0x23/0x50 [ 1718.511598] RSP: 0018:ffff88820e247a18 EFLAGS: 00000246 [ 1718.511602] RAX: ffff88809ea98000 RBX: ffff888215474440 RCX: 1ffff1100a5f0b2e [ 1718.511606] RDX: 0000000000000000 RSI: ffff88820e247aa8 RDI: ffff888067389218 [ 1718.511609] RBP: dffffc0000000000 R08: 0000000000000d3e R09: ffffffff89e5b330 [ 1718.511612] R10: ffff88809ea988d8 R11: ffff88809ea98000 R12: ffff8880a18f8b70 [ 1718.511615] R13: ffff88820e247bc0 R14: ffff888215474440 R15: ffff88820e247aa8 [ 1718.511618] FS: 0000000000000000(0000) GS:ffff8880aed00000(0000) knlGS:0000000000000000 [ 1718.511621] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 1718.511625] CR2: 00007f149b4ff4a0 CR3: 0000000007a6a000 CR4: 00000000001406e0 [ 1718.511628] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 1718.511631] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 1718.511633] Call Trace: [ 1718.511635] move_expired_inodes+0x294/0x870 [ 1718.511638] ? locked_inode_to_wb_and_lock_list+0x7e0/0x7e0 [ 1718.511640] ? wb_writeback+0x123/0xba0 [ 1718.511642] queue_io+0x18e/0x4b0 [ 1718.511644] wb_writeback+0x7ed/0xba0 [ 1718.511647] ? writeback_inodes_wb.constprop.0+0x160/0x160 [ 1718.511648] wb_workfn+0x2a8/0xe70 [ 1718.511651] ? inode_wait_for_writeback+0x30/0x30 [ 1718.511653] ? lock_acquire+0x170/0x3f0 [ 1718.511655] process_one_work+0x7c0/0x14c0 [ 1718.511657] ? pwq_dec_nr_in_flight+0x2b0/0x2b0 [ 1718.511659] ? worker_thread+0x163/0x1080 [ 1718.511661] ? _raw_spin_unlock_irq+0x24/0x90 [ 1718.511663] worker_thread+0x5d7/0x1080 [ 1718.511665] ? process_one_work+0x14c0/0x14c0 [ 1718.511667] kthread+0x30d/0x420 [ 1718.511669] ? kthread_create_on_node+0xd0/0xd0 [ 1718.511671] ret_from_fork+0x24/0x30 [ 1718.511673] Code: 00 00 e9 be ed ff ff 90 65 48 8b 04 25 40 ee 01 00 48 85 c0 74 1a 65 8b 15 4b 48 a7 7e 81 e2 00 01 1f 00 75 0b 8b 90 58 13 00 00 <83> fa 01 74 01 c3 48 8b 34 24 48 8b 88 60 13 00 00 8b 80 5c 13 [ 1718.734984] Kernel panic - not syncing: hung_task: blocked tasks [ 1718.741326] CPU: 0 PID: 1057 Comm: khungtaskd Not tainted 4.14.182-syzkaller #0 [ 1718.748774] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1718.758128] Call Trace: [ 1718.760725] dump_stack+0x1b2/0x283 [ 1718.764353] panic+0x1f9/0x42d [ 1718.767547] ? add_taint.cold+0x16/0x16 [ 1718.771563] ? irq_force_complete_move.cold+0x7b/0x7b [ 1718.776813] watchdog+0x5f3/0xb80 [ 1718.780265] ? hungtask_pm_notify+0x50/0x50 [ 1718.784611] kthread+0x30d/0x420 [ 1718.787995] ? kthread_create_on_node+0xd0/0xd0 [ 1718.792663] ret_from_fork+0x24/0x30 [ 1718.797753] Kernel Offset: disabled [ 1718.801372] Rebooting in 86400 seconds..