7] 318830 pages reserved [ 3217.376592][ T247] 0 pages cma reserved [ 3217.380781][ T247] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=3040,uid=0 [ 3217.395325][ T247] Out of memory: Killed process 3040 (syz-executor.4) total-vm:75232kB, anon-rss:16568kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3217.422929][ T23] oom_reaper: reaped process 3040 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 3217.450565][ T414] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 3217.461784][ T414] CPU: 0 PID: 414 Comm: syz-executor.0 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3217.471764][ T414] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3217.481860][ T414] Call Trace: [ 3217.485171][ T414] dump_stack+0x14a/0x1ce [ 3217.489513][ T414] ? devkmsg_release+0x11c/0x11c [ 3217.494478][ T414] ? show_regs_print_info+0x12/0x12 [ 3217.499677][ T414] ? radix_tree_cpu_dead+0x160/0x160 [ 3217.504980][ T414] ? _raw_spin_lock+0xa1/0x170 [ 3217.509863][ T414] ? _raw_spin_trylock_bh+0x190/0x190 [ 3217.515242][ T414] dump_header+0xdb/0x700 [ 3217.519569][ T414] oom_kill_process+0xd3/0x280 [ 3217.524415][ T414] out_of_memory+0x5b6/0x890 [ 3217.529002][ T414] ? unregister_oom_notifier+0x20/0x20 [ 3217.534467][ T414] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3217.540030][ T414] ? get_page_from_freelist+0x7c0/0x7c0 [ 3217.545581][ T414] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3217.550965][ T414] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3217.556517][ T414] pagecache_get_page+0x50f/0x880 [ 3217.561556][ T414] filemap_fault+0x1474/0x19d0 [ 3217.566338][ T414] ? generic_file_read_iter+0x20b0/0x20b0 [ 3217.572219][ T414] ext4_filemap_fault+0x7b/0x90 [ 3217.577063][ T414] handle_mm_fault+0x2837/0x40a0 [ 3217.582007][ T414] ? finish_fault+0x230/0x230 [ 3217.586785][ T414] ? put_timespec64+0x109/0x150 [ 3217.591710][ T414] ? __up_read+0x1b0/0x1b0 [ 3217.596103][ T414] ? vmacache_update+0x9f/0xf0 [ 3217.600864][ T414] do_user_addr_fault+0x48a/0x9f0 [ 3217.605883][ T414] page_fault+0x2f/0x40 [ 3217.610032][ T414] RIP: 0033:0x4103ae [ 3217.614478][ T414] Code: Bad RIP value. [ 3217.618528][ T414] RSP: 002b:00007fff085a5c00 EFLAGS: 00010202 [ 3217.624614][ T414] RAX: 0000000000311427 RBX: 0000000000311306 RCX: 0000000000311280 [ 3217.632587][ T414] RDX: 0000001b2d420000 RSI: 0000000000000000 RDI: 0000000000000001 [ 3217.641147][ T414] RBP: 0000000000004c88 R08: 0000000000000001 R09: 0000000001393940 [ 3217.649109][ T414] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000006 [ 3217.657070][ T414] R13: 00007fff085a5c30 R14: 00000000003112cc R15: 00007fff085a5c40 [ 3217.665701][ T414] Mem-Info: [ 3217.671762][ T414] active_anon:1407536 inactive_anon:10799 isolated_anon:0 [ 3217.671762][ T414] active_file:0 inactive_file:109 isolated_file:38 [ 3217.671762][ T414] unevictable:0 dirty:18 writeback:0 unstable:0 [ 3217.671762][ T414] slab_reclaimable:10913 slab_unreclaimable:86886 [ 3217.671762][ T414] mapped:56217 shmem:14896 pagetables:30349 bounce:0 [ 3217.671762][ T414] free:16998 free_pcp:155 free_cma:0 [ 3217.711659][ T414] Node 0 active_anon:5630144kB inactive_anon:43196kB active_file:148kB inactive_file:320kB unevictable:0kB isolated(anon):0kB isolated(file):152kB mapped:224968kB dirty:72kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3217.736270][ T414] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3217.762553][ T414] lowmem_reserve[]: 0 2912 6416 6416 [ 3217.768345][ T414] DMA32 free:29108kB min:4644kB low:7624kB high:10604kB active_anon:2801432kB inactive_anon:2728kB active_file:100kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:9888kB pagetables:20252kB bounce:0kB free_pcp:1392kB local_pcp:0kB free_cma:0kB [ 3217.798007][ T414] lowmem_reserve[]: 0 0 3504 3504 [ 3217.803551][ T414] Normal free:36740kB min:5592kB low:9180kB high:12768kB active_anon:2809384kB inactive_anon:40468kB active_file:248kB inactive_file:668kB unevictable:0kB writepending:12kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27488kB pagetables:101144kB bounce:0kB free_pcp:784kB local_pcp:320kB free_cma:0kB [ 3217.834070][ T414] lowmem_reserve[]: 0 0 0 0 [ 3217.838778][ T414] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3217.852646][ T414] DMA32: 187*4kB (UEH) 416*8kB (UMH) 920*16kB (UEH) 233*32kB (UEH) 46*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 29196kB [ 3217.867762][ T414] Normal: 382*4kB (UME) 207*8kB (UME) 407*16kB (UMEH) 80*32kB (UMEH) 44*64kB (UMH) 24*128kB (UMH) 8*256kB (UMH) 3*512kB (UM) 5*1024kB (MH) 3*2048kB (M) 1*4096kB (M) = 37088kB [ 3217.885532][ T414] 15442 total pagecache pages [ 3217.890475][ T414] 0 pages in swap cache [ 3217.895362][ T414] Swap cache stats: add 0, delete 0, find 0/0 [ 3217.901541][ T414] Free swap = 0kB [ 3217.905450][ T414] Total swap = 0kB [ 3217.909274][ T414] 1965979 pages RAM [ 3217.921879][ T414] 0 pages HighMem/MovableOnly [ 3217.929675][ T414] 318830 pages reserved [ 3217.938466][ T414] 0 pages cma reserved 01:19:10 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:10 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) socketpair(0x1, 0xa, 0x1ff, &(0x7f0000000100)={0xffffffffffffffff}) getsockopt$IP_SET_OP_GET_BYNAME(r4, 0x1, 0x53, &(0x7f0000000180)={0x6, 0x7, 'syz0\x00'}, &(0x7f0000000200)=0x28) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r5 = open(0x0, 0x141042, 0x0) connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r6, &(0x7f0000000500), 0x37d, 0x0) 01:19:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:19:10 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() socket$inet6_icmp_raw(0xa, 0x3, 0x3a) wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000140)=ANY=[@ANYBLOB="1d440da45d1bee4a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d3b2dc560d52aaefe6e7bfa420179766388a7d1050b0669572032e227351a7314ecbabfa0000", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x61, 0xffffffffffffffd6, 0x400004}, 0x20) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 3217.988068][ T414] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=1989,uid=0 [ 3218.002993][ T414] Out of memory: Killed process 1989 (syz-executor.5) total-vm:75364kB, anon-rss:16568kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3218.026819][ T23] oom_reaper: reaped process 1989 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:19:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:10 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xffefff7f) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:10 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000000480), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) open(0x0, 0x141042, 0x0) ioctl$USBDEVFS_RESETEP(0xffffffffffffffff, 0x80045503, &(0x7f0000000100)={0xd}) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') r5 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f0000000400)={'syz'}, &(0x7f0000000000)='\x00', 0x1, 0xfffffffffffffffd) keyctl$revoke(0x3, r5) keyctl$KEYCTL_PKEY_QUERY(0x18, r5, 0x0, &(0x7f0000000140)='\x00', &(0x7f0000000180)) preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:10 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:10 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, 0x0, 0x0) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, 0x0, 0x0) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:10 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3218.766173][ T421] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 3218.841646][ T421] CPU: 0 PID: 421 Comm: syz-executor.1 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3218.852893][ T421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3218.863210][ T421] Call Trace: [ 3218.866520][ T421] dump_stack+0x14a/0x1ce [ 3218.870875][ T421] ? devkmsg_release+0x11c/0x11c [ 3218.875832][ T421] ? show_regs_print_info+0x12/0x12 [ 3218.881049][ T421] ? radix_tree_cpu_dead+0x160/0x160 [ 3218.886346][ T421] ? _raw_spin_lock+0xa1/0x170 [ 3218.891124][ T421] ? _raw_spin_trylock_bh+0x190/0x190 [ 3218.896509][ T421] dump_header+0xdb/0x700 [ 3218.900867][ T421] oom_kill_process+0xd3/0x280 [ 3218.905628][ T421] out_of_memory+0x5b6/0x890 [ 3218.910219][ T421] ? unregister_oom_notifier+0x20/0x20 [ 3218.915676][ T421] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3218.921226][ T421] ? get_page_from_freelist+0x7c0/0x7c0 [ 3218.926792][ T421] ? __zone_watermark_ok+0x91/0x280 [ 3218.931999][ T421] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3218.937377][ T421] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3218.942918][ T421] ? lockref_get+0x1c2/0x2b0 [ 3218.947509][ T421] ? blk_crypto_keyslot_evict+0x160/0x160 [ 3218.953248][ T421] ? find_inode_fast+0x3f9/0x4b0 [ 3218.958194][ T421] __get_free_pages+0xa/0x30 [ 3218.962779][ T421] inode_doinit_with_dentry+0x950/0x10e0 [ 3218.968441][ T421] ? __wake_up_bit+0x180/0x180 [ 3218.973207][ T421] ? sb_finish_set_opts+0x7e0/0x7e0 [ 3218.978417][ T421] ? current_time+0x1be/0x2f0 [ 3218.983093][ T421] ? atime_needs_update+0x570/0x570 [ 3218.988292][ T421] security_d_instantiate+0x90/0xf0 [ 3218.993522][ T421] d_splice_alias+0x71/0x590 [ 3218.998120][ T421] kernfs_iop_lookup+0x17a/0x1f0 [ 3219.003057][ T421] __lookup_slow+0x312/0x490 [ 3219.007649][ T421] ? lookup_one_len2+0x2d0/0x2d0 [ 3219.012938][ T421] path_mountpoint+0x2ac/0x7a0 [ 3219.017712][ T421] ? success_walk_trace+0x430/0x430 [ 3219.022915][ T421] filename_mountpoint+0x239/0x680 [ 3219.028031][ T421] ? user_path_mountpoint_at+0x40/0x40 [ 3219.033501][ T421] ? getname_flags+0x20d/0x610 [ 3219.038277][ T421] ksys_umount+0x167/0xff0 [ 3219.042699][ T421] ? namespace_unlock+0x4e0/0x4e0 [ 3219.047727][ T421] ? fillonedir+0x260/0x260 [ 3219.052229][ T421] ? do_user_addr_fault+0x55c/0x9f0 [ 3219.057426][ T421] __x64_sys_umount+0x56/0x60 [ 3219.062101][ T421] do_syscall_64+0xcb/0x150 [ 3219.066603][ T421] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3219.072496][ T421] RIP: 0033:0x45f257 [ 3219.076396][ T421] Code: 64 89 04 25 d0 02 00 00 58 5f ff d0 48 89 c7 e8 8f be ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3219.096132][ T421] RSP: 002b:00007fff52221c48 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 3219.104542][ T421] RAX: ffffffffffffffda RBX: 0000000000311baa RCX: 000000000045f257 [ 3219.112511][ T421] RDX: 0000000000402ff8 RSI: 0000000000000002 RDI: 00007fff52221cf0 [ 3219.120490][ T421] RBP: 0000000000003670 R08: 0000000000000000 R09: 000000000000000d [ 3219.128465][ T421] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fff52222d80 [ 3219.136438][ T421] R13: 0000000002705940 R14: 0000000000000000 R15: 00007fff52222d80 [ 3219.275543][ T421] Mem-Info: [ 3219.279022][ T421] active_anon:1404952 inactive_anon:10799 isolated_anon:0 [ 3219.279022][ T421] active_file:492 inactive_file:335 isolated_file:46 [ 3219.279022][ T421] unevictable:0 dirty:23 writeback:0 unstable:0 [ 3219.279022][ T421] slab_reclaimable:10949 slab_unreclaimable:87310 [ 3219.279022][ T421] mapped:56852 shmem:14896 pagetables:30399 bounce:0 [ 3219.279022][ T421] free:18243 free_pcp:302 free_cma:0 [ 3219.318190][ T421] Node 0 active_anon:5619812kB inactive_anon:43196kB active_file:2224kB inactive_file:1164kB unevictable:0kB isolated(anon):0kB isolated(file):28kB mapped:227372kB dirty:24kB writeback:44kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3219.343064][ T421] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3219.369851][ T421] lowmem_reserve[]: 0 2912 6416 6416 [ 3219.375287][ T421] DMA32 free:29468kB min:4644kB low:7624kB high:10604kB active_anon:2801528kB inactive_anon:2728kB active_file:84kB inactive_file:52kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10272kB pagetables:20380kB bounce:0kB free_pcp:120kB local_pcp:0kB free_cma:0kB [ 3219.406000][ T421] lowmem_reserve[]: 0 0 3504 3504 [ 3219.467016][ T421] Normal free:28204kB min:24744kB low:28332kB high:31920kB active_anon:2815668kB inactive_anon:40468kB active_file:1792kB inactive_file:992kB unevictable:0kB writepending:468kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27200kB pagetables:101216kB bounce:0kB free_pcp:2892kB local_pcp:1356kB free_cma:0kB [ 3219.499074][ T421] lowmem_reserve[]: 0 0 0 0 01:19:11 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:11 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xffffff7f) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) [ 3219.504543][ T421] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3219.532658][ T421] DMA32: 335*4kB (UMEH) 467*8kB (UMEH) 944*16kB (UMH) 215*32kB (UMEH) 48*64kB (UEH) 1*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 30260kB [ 3219.555297][ T421] Normal: 512*4kB (UME) 456*8kB (UME) 914*16kB (UMEH) 162*32kB (UMEH) 40*64kB (UMEH) 11*128kB (MH) 4*256kB (UMH) 0*512kB 1*1024kB (H) 0*2048kB 0*4096kB = 31520kB [ 3219.572202][ T421] 16164 total pagecache pages [ 3219.577179][ T421] 0 pages in swap cache [ 3219.590893][ T421] Swap cache stats: add 0, delete 0, find 0/0 [ 3219.597323][ T421] Free swap = 0kB [ 3219.601924][ T421] Total swap = 0kB [ 3219.605932][ T421] 1965979 pages RAM [ 3219.609735][ T421] 0 pages HighMem/MovableOnly [ 3219.614466][ T421] 318830 pages reserved [ 3219.618628][ T421] 0 pages cma reserved [ 3219.622691][ T421] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=30805,uid=0 01:19:13 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x8000) r5 = socket$tipc(0x1e, 0x5, 0x0) fcntl$dupfd(r4, 0x406, r5) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0) 01:19:13 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, 0x0, 0x0) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:13 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:13 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:13 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x7ffffffff000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:13 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="1d440da45d1bee4a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d3b2dc560d52aaefe6e7bfa420172e227351a7314ecbabfa0000", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x61, 0xffffffffffffffd6, 0x400004}, 0x20) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) madvise(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0xa) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:19:13 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:19:13 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:13 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:19:13 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) [ 3222.136173][ T390] syz-fuzzer invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 3222.147156][ T390] CPU: 0 PID: 390 Comm: syz-fuzzer Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3222.156791][ T390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3222.166845][ T390] Call Trace: [ 3222.170142][ T390] dump_stack+0x14a/0x1ce [ 3222.174492][ T390] ? devkmsg_release+0x11c/0x11c [ 3222.179522][ T390] ? show_regs_print_info+0x12/0x12 [ 3222.184718][ T390] ? radix_tree_cpu_dead+0x160/0x160 [ 3222.189996][ T390] ? _raw_spin_lock+0xa1/0x170 [ 3222.194770][ T390] ? _raw_spin_trylock_bh+0x190/0x190 [ 3222.200140][ T390] dump_header+0xdb/0x700 [ 3222.204472][ T390] oom_kill_process+0xd3/0x280 [ 3222.209252][ T390] out_of_memory+0x5b6/0x890 [ 3222.213857][ T390] ? unregister_oom_notifier+0x20/0x20 [ 3222.219317][ T390] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3222.224875][ T390] ? get_page_from_freelist+0x7c0/0x7c0 [ 3222.230432][ T390] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3222.235810][ T390] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3222.241364][ T390] pagecache_get_page+0x50f/0x880 [ 3222.246399][ T390] filemap_fault+0x1474/0x19d0 [ 3222.251179][ T390] ? generic_file_read_iter+0x20b0/0x20b0 [ 3222.256898][ T390] ? ___preempt_schedule+0x16/0x20 [ 3222.262025][ T390] ext4_filemap_fault+0x7b/0x90 [ 3222.266884][ T390] handle_mm_fault+0x2837/0x40a0 [ 3222.271851][ T390] ? finish_fault+0x230/0x230 [ 3222.276530][ T390] ? __up_read+0x1b0/0x1b0 [ 3222.280963][ T390] ? vmacache_find+0x205/0x4b0 [ 3222.285740][ T390] do_user_addr_fault+0x48a/0x9f0 [ 3222.290771][ T390] page_fault+0x2f/0x40 [ 3222.294931][ T390] RIP: 0033:0x40b1e1 [ 3222.298819][ T390] Code: 48 89 6c 24 38 48 8d 6c 24 38 48 8b 44 24 50 48 85 c0 0f 84 ec 02 00 00 0f b6 48 08 f6 c1 04 0f 85 c4 02 00 00 48 8b 4c 24 48 <48> 8b 59 30 48 8b 5b 18 48 8b 13 8b 58 0c 48 89 5c 24 08 48 8d 5c [ 3222.318429][ T390] RSP: 002b:000000c42e60da10 EFLAGS: 00010246 [ 3222.324493][ T390] RAX: 000000c42ebd2ed0 RBX: 0000000000000003 RCX: 00000000008214a0 [ 3222.332464][ T390] RDX: 000000c431c2d020 RSI: 0000000000000002 RDI: 0000000000000000 [ 3222.340433][ T390] RBP: 000000c42e60da48 R08: 000000c42002a1d0 R09: 0000000000000006 [ 3222.348405][ T390] R10: 000000c42002a070 R11: 0000000000000004 R12: 0000000000000000 [ 3222.356403][ T390] R13: 0000000000000020 R14: 0000000000000013 R15: 0000000000000100 [ 3222.375261][ T390] Mem-Info: [ 3222.383733][ T390] active_anon:1404976 inactive_anon:10799 isolated_anon:0 [ 3222.383733][ T390] active_file:467 inactive_file:486 isolated_file:37 [ 3222.383733][ T390] unevictable:0 dirty:17 writeback:0 unstable:0 [ 3222.383733][ T390] slab_reclaimable:10995 slab_unreclaimable:87428 [ 3222.383733][ T390] mapped:56990 shmem:14896 pagetables:30398 bounce:0 [ 3222.383733][ T390] free:18144 free_pcp:93 free_cma:0 [ 3222.448165][ T390] Node 0 active_anon:5619904kB inactive_anon:43196kB active_file:2344kB inactive_file:2308kB unevictable:0kB isolated(anon):0kB isolated(file):56kB mapped:228152kB dirty:68kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3222.472847][ T390] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3222.500456][ T390] lowmem_reserve[]: 0 2912 6416 6416 [ 3222.510588][ T390] DMA32 free:30468kB min:20548kB low:23528kB high:26508kB active_anon:2801876kB inactive_anon:2728kB active_file:104kB inactive_file:0kB unevictable:0kB writepending:12kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10016kB pagetables:20500kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3222.548400][ T390] lowmem_reserve[]: 0 0 3504 3504 [ 3222.554238][ T390] Normal free:26748kB min:24744kB low:28332kB high:31920kB active_anon:2818904kB inactive_anon:40468kB active_file:1704kB inactive_file:2144kB unevictable:0kB writepending:56kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27168kB pagetables:101092kB bounce:0kB free_pcp:384kB local_pcp:380kB free_cma:0kB [ 3222.584849][ T390] lowmem_reserve[]: 0 0 0 0 [ 3222.589843][ T390] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3222.603732][ T390] DMA32: 307*4kB (UMEH) 467*8kB (UMH) 942*16kB (UMH) 241*32kB (UMEH) 51*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 31012kB [ 3222.619044][ T390] Normal: 658*4kB (UME) 691*8kB (UME) 564*16kB (UME) 96*32kB (UMEH) 35*64kB (MEH) 19*128kB (MEH) 1*256kB (H) 0*512kB 1*1024kB (H) 0*2048kB 0*4096kB = 26208kB [ 3222.635619][ T390] 15808 total pagecache pages [ 3222.641616][ T390] 0 pages in swap cache [ 3222.646375][ T390] Swap cache stats: add 0, delete 0, find 0/0 [ 3222.653079][ T390] Free swap = 0kB [ 3222.657875][ T390] Total swap = 0kB [ 3222.662021][ T390] 1965979 pages RAM [ 3222.673561][ T390] 0 pages HighMem/MovableOnly [ 3222.686002][ T390] 318830 pages reserved [ 3222.690775][ T390] 0 pages cma reserved [ 3222.695074][ T390] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=30868,uid=0 01:19:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:14 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:14 executing program 0: prlimit64(0x0, 0x3, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, 0x0, 0xfffffffffffffee6}, 0xaf2a}], 0x1, 0x20, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) fcntl$F_GET_RW_HINT(r3, 0x40b, &(0x7f0000000180)) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r7, &(0x7f0000000500), 0x14a, 0x0) 01:19:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:14 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="1d440da45d1bee4a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d3b2dc560d52aaefe6e7bfa420172e227351a7314ecbabfa0000", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x61, 0xffffffffffffffd6, 0x400004}, 0x20) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) keyctl$chown(0x4, 0x0, 0x0, 0x0) keyctl$instantiate(0xc, 0x0, &(0x7f0000000280)=@encrypted_load={'load ', 'ecryptfs', 0x20, 'trusted:', '&', 0x20, 0x800000, 0x20, [0x66, 0x0, 0x32, 0x30, 0x61, 0x64]}, 0x34, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xe8, 0xe8, 0x7, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0xf, 0x4}]}, @typedef={0x5, 0x0, 0x0, 0x8, 0x4}, @struct={0xe, 0x5, 0x0, 0x4, 0x1, 0x48, [{0x9, 0x3, 0xfffffda9}, {0x10, 0x0, 0x3}, {0x9, 0x3, 0xc2e9}, {0x9, 0x4, 0x8}, {0x0, 0x5, 0x2}]}, @func_proto={0x0, 0x2, 0x0, 0xd, 0x0, [{0xd, 0x3}, {0xf, 0x5}]}, @struct={0x10, 0x4, 0x0, 0x4, 0x0, 0x6, [{0xa, 0x1}, {0xb, 0x0, 0x72a}, {0x8, 0x1, 0xffffff01}, {0xd, 0x2, 0x4}]}, @fwd={0x2}, @int={0x10, 0x0, 0x0, 0x1, 0x0, 0x5f, 0x0, 0x42, 0x3}, @typedef={0xf, 0x0, 0x0, 0x8, 0x3}]}, {0x0, [0x0, 0x61, 0x0, 0x30, 0x0]}}, &(0x7f0000000140)=""/34, 0x107, 0x22, 0x1}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$PPPIOCCONNECT(r2, 0x4004743a, &(0x7f0000000200)) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) ioctl$sock_SIOCGIFVLAN_GET_VLAN_VID_CMD(0xffffffffffffffff, 0x8982, &(0x7f00000002c0)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:19:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:14 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x10000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:14 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:14 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:19:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:14 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) r3 = dup2(r1, r2) write$P9_RLOCK(r3, &(0x7f0000000140)={0x8, 0x35, 0x2, 0x1}, 0x8) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="1d440da45d1be64a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d3b2dc560d52aaefe6e7bfa420172e227351a7314ecbabfa0000", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x61, 0xffffffffffffffd6, 0x400004}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) setsockopt$IP_VS_SO_SET_EDITDEST(r5, 0x0, 0x489, &(0x7f0000000180)={{0x45, @multicast1, 0x4e20, 0x1, 'fo\x00', 0x4, 0x6, 0x56}, {@multicast2, 0x4e21, 0x4, 0x40, 0x40, 0xbd2}}, 0x44) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 3223.046892][T30950] syz-executor.4 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 3223.060193][T30950] CPU: 0 PID: 30950 Comm: syz-executor.4 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3223.070343][T30950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3223.080406][T30950] Call Trace: [ 3223.083727][T30950] dump_stack+0x14a/0x1ce [ 3223.088068][T30950] ? devkmsg_release+0x11c/0x11c [ 3223.093015][T30950] ? show_regs_print_info+0x12/0x12 [ 3223.098222][T30950] ? radix_tree_cpu_dead+0x160/0x160 [ 3223.103498][T30950] ? _raw_spin_lock+0xa1/0x170 [ 3223.108272][T30950] ? _raw_spin_trylock_bh+0x190/0x190 [ 3223.113640][T30950] dump_header+0xdb/0x700 [ 3223.117968][T30950] oom_kill_process+0xd3/0x280 [ 3223.122741][T30950] out_of_memory+0x5b6/0x890 [ 3223.127335][T30950] ? unregister_oom_notifier+0x20/0x20 [ 3223.132794][T30950] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3223.138349][T30950] ? get_page_from_freelist+0x7c0/0x7c0 [ 3223.143894][T30950] ? flush_tlb_func_common+0x45/0x570 [ 3223.149275][T30950] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3223.154650][T30950] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3223.160195][T30950] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 3223.165915][T30950] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 3223.171719][T30950] ? __lru_cache_add+0x1a1/0x1f0 [ 3223.176653][T30950] wp_page_copy+0x1cb/0x1120 [ 3223.181241][T30950] ? add_mm_rss_vec+0x270/0x270 [ 3223.186086][T30950] ? __pv_queued_spin_lock_slowpath+0x842/0xc40 [ 3223.192331][T30950] ? plist_check_list+0x22b/0x240 [ 3223.197354][T30950] ? vm_normal_page+0x1c9/0x1d0 [ 3223.202201][T30950] do_wp_page+0x4c1/0x1530 [ 3223.206617][T30950] ? _raw_spin_lock+0xa1/0x170 [ 3223.211377][T30950] ? do_swap_page+0x1560/0x1560 [ 3223.216243][T30950] handle_mm_fault+0x1354/0x40a0 [ 3223.221176][T30950] ? switch_mm_irqs_off+0x509/0xa10 [ 3223.226830][T30950] ? finish_fault+0x230/0x230 [ 3223.231524][T30950] ? __up_read+0x1b0/0x1b0 [ 3223.235946][T30950] ? vmacache_find+0x47a/0x4b0 [ 3223.240716][T30950] do_user_addr_fault+0x48a/0x9f0 [ 3223.245756][T30950] page_fault+0x2f/0x40 [ 3223.250008][T30950] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 3223.256602][T30950] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 3223.276215][T30950] RSP: 0018:ffff88810952f888 EFLAGS: 00010206 [ 3223.282312][T30950] RAX: ffffffff81f75001 RBX: 0000000020371500 RCX: 0000000000000500 [ 3223.290297][T30950] RDX: 0000000000001000 RSI: ffff88818dc2eb00 RDI: 0000000020371000 [ 3223.298270][T30950] RBP: ffff88810952fda8 R08: dffffc0000000000 R09: ffffed1031b85e00 [ 3223.306235][T30950] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 3223.314210][T30950] R13: 0000000000001000 R14: ffff88818dc2e000 R15: 0000000020370500 [ 3223.322366][T30950] ? copyout+0x1/0xb0 [ 3223.326352][T30950] copyout+0x8e/0xb0 [ 3223.330251][T30950] copy_page_to_iter+0x393/0xbd0 [ 3223.335198][T30950] pipe_to_user+0xa3/0x130 [ 3223.339629][T30950] __splice_from_pipe+0x2d3/0x870 [ 3223.344652][T30950] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 3223.350198][T30950] do_vmsplice+0x252/0xee0 [ 3223.354627][T30950] ? avc_ss_reset+0x3a0/0x3a0 [ 3223.359305][T30950] ? write_pipe_buf+0x1d0/0x1d0 [ 3223.364259][T30950] ? __rcu_read_lock+0x50/0x50 [ 3223.369032][T30950] ? check_stack_object+0x5a/0x90 [ 3223.374068][T30950] ? _copy_from_user+0xa4/0xe0 [ 3223.378845][T30950] ? rw_copy_check_uvector+0x2b3/0x310 [ 3223.384329][T30950] ? import_iovec+0x1c2/0x380 [ 3223.389011][T30950] ? dup_iter+0x110/0x110 [ 3223.393340][T30950] ? do_vfs_ioctl+0x780/0x1750 [ 3223.398103][T30950] __se_sys_vmsplice+0x1fb/0x300 [ 3223.403051][T30950] ? __x64_sys_vmsplice+0xa0/0xa0 [ 3223.408071][T30950] ? put_timespec64+0x109/0x150 [ 3223.412922][T30950] ? __x64_sys_clock_gettime+0x20d/0x260 [ 3223.418560][T30950] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 3223.424988][T30950] do_syscall_64+0xcb/0x150 [ 3223.429498][T30950] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3223.435392][T30950] RIP: 0033:0x45c829 [ 3223.439291][T30950] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3223.458889][T30950] RSP: 002b:00007f67d72f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 3223.467296][T30950] RAX: ffffffffffffffda RBX: 0000000000509d00 RCX: 000000000045c829 [ 3223.475303][T30950] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004 [ 3223.483291][T30950] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 3223.491262][T30950] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3223.499230][T30950] R13: 0000000000000c49 R14: 00000000004ce70e R15: 00007f67d72f76d4 [ 3223.507446][T30950] Mem-Info: [ 3223.510587][T30950] active_anon:1407708 inactive_anon:10799 isolated_anon:0 [ 3223.510587][T30950] active_file:771 inactive_file:777 isolated_file:122 [ 3223.510587][T30950] unevictable:0 dirty:56 writeback:0 unstable:0 [ 3223.510587][T30950] slab_reclaimable:11014 slab_unreclaimable:87287 [ 3223.510587][T30950] mapped:57768 shmem:14896 pagetables:30492 bounce:0 [ 3223.510587][T30950] free:13791 free_pcp:890 free_cma:0 [ 3223.548929][T30950] Node 0 active_anon:5630832kB inactive_anon:43196kB active_file:2976kB inactive_file:2996kB unevictable:0kB isolated(anon):0kB isolated(file):488kB mapped:230972kB dirty:224kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3223.573533][T30950] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3223.599686][T30950] lowmem_reserve[]: 0 2912 6416 6416 [ 3223.605064][T30950] DMA32 free:28480kB min:20548kB low:23528kB high:26508kB active_anon:2801684kB inactive_anon:2728kB active_file:424kB inactive_file:92kB unevictable:0kB writepending:48kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10368kB pagetables:20496kB bounce:0kB free_pcp:832kB local_pcp:660kB free_cma:0kB [ 3223.634772][T30950] lowmem_reserve[]: 0 0 3504 3504 [ 3223.639834][T30950] Normal free:8044kB min:9688kB low:13276kB high:16864kB active_anon:2833224kB inactive_anon:40468kB active_file:2352kB inactive_file:2932kB unevictable:0kB writepending:176kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27072kB pagetables:101472kB bounce:0kB free_pcp:2076kB local_pcp:1420kB free_cma:0kB [ 3223.669919][T30950] lowmem_reserve[]: 0 0 0 0 [ 3223.674468][T30950] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3223.687814][T30950] DMA32: 151*4kB (UMH) 394*8kB (UH) 944*16kB (UEH) 207*32kB (UH) 52*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28812kB [ 3223.702109][T30950] Normal: 2*4kB (UM) 1*8kB (E) 378*16kB (UME) 8*32kB (UME) 1*64kB (H) 1*128kB (H) 1*256kB (H) 0*512kB 1*1024kB (H) 0*2048kB 0*4096kB = 7792kB [ 3223.716711][T30950] 15919 total pagecache pages [ 3223.721390][T30950] 0 pages in swap cache [ 3223.725561][T30950] Swap cache stats: add 0, delete 0, find 0/0 [ 3223.731627][T30950] Free swap = 0kB [ 3223.735359][T30950] Total swap = 0kB [ 3223.739091][T30950] 1965979 pages RAM [ 3223.742904][T30950] 0 pages HighMem/MovableOnly [ 3223.747573][T30950] 318830 pages reserved [ 3223.751717][T30950] 0 pages cma reserved [ 3223.755805][T30950] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=24622,uid=0 [ 3223.769952][T30950] Out of memory: Killed process 24622 (syz-executor.4) total-vm:75232kB, anon-rss:16568kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3223.800654][ T23] oom_reaper: reaped process 24622 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 3223.998114][ T205] systemd-journal invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 3224.055099][ T205] CPU: 0 PID: 205 Comm: systemd-journal Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3224.065190][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3224.075244][ T205] Call Trace: [ 3224.078539][ T205] dump_stack+0x14a/0x1ce [ 3224.082859][ T205] ? devkmsg_release+0x11c/0x11c [ 3224.087814][ T205] ? show_regs_print_info+0x12/0x12 [ 3224.093089][ T205] ? radix_tree_cpu_dead+0x160/0x160 [ 3224.098359][ T205] ? _raw_spin_lock+0xa1/0x170 [ 3224.103111][ T205] ? _raw_spin_trylock_bh+0x190/0x190 [ 3224.108580][ T205] dump_header+0xdb/0x700 [ 3224.112900][ T205] oom_kill_process+0xd3/0x280 [ 3224.117675][ T205] out_of_memory+0x5b6/0x890 [ 3224.122274][ T205] ? unregister_oom_notifier+0x20/0x20 [ 3224.127735][ T205] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3224.133284][ T205] ? get_page_from_freelist+0x7c0/0x7c0 [ 3224.138830][ T205] ? __zone_watermark_ok+0x91/0x280 [ 3224.144026][ T205] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3224.149418][ T205] ? __kasan_kmalloc+0x12c/0x1c0 [ 3224.154354][ T205] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3224.159914][ T205] alloc_slab_page+0x3a/0x3a0 [ 3224.164608][ T205] new_slab+0x408/0x450 [ 3224.168769][ T205] ? should_fail+0x18e/0x860 [ 3224.173362][ T205] ___slab_alloc+0x2e0/0x450 [ 3224.177957][ T205] ? getname_flags+0xb8/0x610 [ 3224.182666][ T205] ? getname_flags+0xb8/0x610 [ 3224.187445][ T205] kmem_cache_alloc+0x23f/0x260 [ 3224.192914][ T205] getname_flags+0xb8/0x610 [ 3224.197443][ T205] ? security_prepare_creds+0x197/0x220 [ 3224.202991][ T205] user_path_at_empty+0x28/0x50 [ 3224.207842][ T205] do_faccessat+0x306/0x800 [ 3224.212335][ T205] ? __ia32_sys_fallocate+0x100/0x100 [ 3224.217704][ T205] do_syscall_64+0xcb/0x150 [ 3224.222201][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3224.228087][ T205] RIP: 0033:0x7fa7e5eaa9c7 [ 3224.232493][ T205] Code: 83 c4 08 48 3d 01 f0 ff ff 73 01 c3 48 8b 0d c8 d4 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 b8 15 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d a1 d4 2b 00 f7 d8 64 89 01 48 [ 3224.252101][ T205] RSP: 002b:00007ffdfd580298 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 [ 3224.260518][ T205] RAX: ffffffffffffffda RBX: 00007ffdfd5831b0 RCX: 00007fa7e5eaa9c7 [ 3224.268510][ T205] RDX: 00007fa7e691ba00 RSI: 0000000000000000 RDI: 0000555ed725a9a3 [ 3224.276486][ T205] RBP: 00007ffdfd5802d0 R08: 0000000000000000 R09: 0000000000000000 [ 3224.284452][ T205] R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 [ 3224.292430][ T205] R13: 0000000000000000 R14: 00007ffdfd5831b0 R15: 00007ffdfd5807c0 [ 3224.336192][ T205] Mem-Info: [ 3224.342504][ T205] active_anon:1408094 inactive_anon:10799 isolated_anon:0 [ 3224.342504][ T205] active_file:242 inactive_file:233 isolated_file:22 [ 3224.342504][ T205] unevictable:0 dirty:71 writeback:8 unstable:0 [ 3224.342504][ T205] slab_reclaimable:11024 slab_unreclaimable:87343 [ 3224.342504][ T205] mapped:56549 shmem:14896 pagetables:30524 bounce:0 [ 3224.342504][ T205] free:15287 free_pcp:1 free_cma:0 [ 3224.390037][ T205] Node 0 active_anon:5632428kB inactive_anon:43196kB active_file:900kB inactive_file:872kB unevictable:0kB isolated(anon):0kB isolated(file):116kB mapped:226068kB dirty:256kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3224.414716][ T205] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3224.441025][ T205] lowmem_reserve[]: 0 2912 6416 6416 [ 3224.446762][ T205] DMA32 free:29056kB min:4644kB low:7624kB high:10604kB active_anon:2802376kB inactive_anon:2728kB active_file:36kB inactive_file:0kB unevictable:0kB writepending:60kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10400kB pagetables:20496kB bounce:0kB free_pcp:20kB local_pcp:0kB free_cma:0kB [ 3224.476332][ T205] lowmem_reserve[]: 0 0 3504 3504 [ 3224.481845][ T205] Normal free:16288kB min:5592kB low:9180kB high:12768kB active_anon:2830068kB inactive_anon:40468kB active_file:700kB inactive_file:1040kB unevictable:0kB writepending:192kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27200kB pagetables:101488kB bounce:0kB free_pcp:572kB local_pcp:16kB free_cma:0kB [ 3224.512561][ T205] lowmem_reserve[]: 0 0 0 0 [ 3224.517546][ T205] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3224.531989][ T205] DMA32: 232*4kB (UMH) 437*8kB (UMEH) 947*16kB (UMEH) 208*32kB (UH) 52*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 29560kB [ 3224.547107][ T205] Normal: 873*4kB (UM) 292*8kB (UM) 405*16kB (UME) 16*32kB (UMEH) 10*64kB (UMH) 44*128kB (UM) 5*256kB (UMH) 1*512kB (U) 1*1024kB (H) 0*2048kB 0*4096kB = 21908kB [ 3224.579985][ T205] 15425 total pagecache pages [ 3224.591732][ T205] 0 pages in swap cache [ 3224.605202][ T205] Swap cache stats: add 0, delete 0, find 0/0 [ 3224.633418][ T205] Free swap = 0kB [ 3224.637357][ T205] Total swap = 0kB [ 3224.641976][ T205] 1965979 pages RAM [ 3224.646612][ T205] 0 pages HighMem/MovableOnly [ 3224.652528][ T205] 318830 pages reserved [ 3224.661505][ T205] 0 pages cma reserved 01:19:16 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xf0ff7f00000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:16 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) prctl$PR_GET_THP_DISABLE(0x2a) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:19:16 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:16 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:16 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:19:16 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x7) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="1d440da45d1bee4a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d3b2dc560d52aaefe6e7bfa420172e227351a7314ecbabfa0000", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x61, 0xffffffffffffffd6, 0x400004}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$TCSETAF(r2, 0x5408, &(0x7f0000000040)={0x7f, 0x7ff, 0xffff, 0xbd3, 0xb, "08a041b7ff317df5"}) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:19:16 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:16 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="1d440da45d1bee4a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d3b2dc560d52aaefe6e7bfa420172e227351a7314ecbabfa0000", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x61, 0xffffffffffffffd6, 0x400004}, 0x20) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) [ 3224.685417][ T205] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.1,pid=28531,uid=0 [ 3224.699930][ T205] Out of memory: Killed process 28531 (syz-executor.1) total-vm:75232kB, anon-rss:16568kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 3224.721932][ T23] oom_reaper: reaped process 28531 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:19:16 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3225.419809][T30980] syz-executor.3 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 3225.439005][T30980] CPU: 1 PID: 30980 Comm: syz-executor.3 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3225.449175][T30980] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3225.459242][T30980] Call Trace: [ 3225.462543][T30980] dump_stack+0x14a/0x1ce [ 3225.466867][T30980] ? devkmsg_release+0x11c/0x11c [ 3225.471805][T30980] ? show_regs_print_info+0x12/0x12 [ 3225.477007][T30980] ? radix_tree_cpu_dead+0x160/0x160 [ 3225.482375][T30980] ? _raw_spin_lock+0xa1/0x170 [ 3225.487146][T30980] ? _raw_spin_trylock_bh+0x190/0x190 [ 3225.492531][T30980] dump_header+0xdb/0x700 [ 3225.496872][T30980] oom_kill_process+0xd3/0x280 [ 3225.501641][T30980] out_of_memory+0x5b6/0x890 [ 3225.506229][T30980] ? unregister_oom_notifier+0x20/0x20 [ 3225.511687][T30980] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3225.517235][T30980] ? get_page_from_freelist+0x7c0/0x7c0 [ 3225.522786][T30980] ? __zone_watermark_ok+0x91/0x280 [ 3225.527990][T30980] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3225.533368][T30980] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3225.538912][T30980] ? copy_page_from_iter+0x3f3/0x660 [ 3225.544194][T30980] pipe_write+0x4da/0xe40 [ 3225.548519][T30980] __vfs_write+0x59d/0x720 [ 3225.552923][T30980] ? __kernel_write+0x340/0x340 [ 3225.557771][T30980] ? security_file_permission+0x128/0x300 [ 3225.563483][T30980] vfs_write+0x217/0x4f0 [ 3225.567721][T30980] ksys_write+0x18c/0x2c0 [ 3225.572037][T30980] ? __ia32_sys_read+0x80/0x80 [ 3225.576795][T30980] do_syscall_64+0xcb/0x150 [ 3225.581293][T30980] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3225.587192][T30980] RIP: 0033:0x45c829 [ 3225.591094][T30980] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3225.610779][T30980] RSP: 002b:00007fa8ee2bfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 3225.619198][T30980] RAX: ffffffffffffffda RBX: 0000000000509e40 RCX: 000000000045c829 [ 3225.627181][T30980] RDX: 0000000041395527 RSI: 0000000020000340 RDI: 0000000000000005 [ 3225.635150][T30980] RBP: 000000000078bf00 R08: 0000000000000000 R09: 0000000000000000 [ 3225.643119][T30980] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3225.651083][T30980] R13: 0000000000000c4e R14: 00000000004ca088 R15: 00007fa8ee2c06d4 [ 3225.699629][T30980] Mem-Info: [ 3225.702853][T30980] active_anon:1408592 inactive_anon:10799 isolated_anon:0 [ 3225.702853][T30980] active_file:188 inactive_file:175 isolated_file:8 [ 3225.702853][T30980] unevictable:0 dirty:3 writeback:0 unstable:0 [ 3225.702853][T30980] slab_reclaimable:11061 slab_unreclaimable:87226 [ 3225.702853][T30980] mapped:56578 shmem:14896 pagetables:30525 bounce:0 [ 3225.702853][T30980] free:14770 free_pcp:283 free_cma:0 [ 3225.740763][T30980] Node 0 active_anon:5634368kB inactive_anon:43196kB active_file:852kB inactive_file:700kB unevictable:0kB isolated(anon):0kB isolated(file):160kB mapped:226212kB dirty:12kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3225.765141][T30980] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3225.791900][T30980] lowmem_reserve[]: 0 2912 6416 6416 [ 3225.797334][T30980] DMA32 free:28372kB min:8740kB low:11720kB high:14700kB active_anon:2803136kB inactive_anon:2728kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10304kB pagetables:20412kB bounce:0kB free_pcp:656kB local_pcp:0kB free_cma:0kB [ 3225.826219][T30980] lowmem_reserve[]: 0 0 3504 3504 [ 3225.831295][T30980] Normal free:14092kB min:5592kB low:9180kB high:12768kB active_anon:2831248kB inactive_anon:40468kB active_file:792kB inactive_file:692kB unevictable:0kB writepending:12kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27424kB pagetables:101688kB bounce:0kB free_pcp:1160kB local_pcp:268kB free_cma:0kB [ 3225.861328][T30980] lowmem_reserve[]: 0 0 0 0 [ 3225.865874][T30980] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3225.879214][T30980] DMA32: 65*4kB (UH) 435*8kB (UMEH) 958*16kB (UEH) 192*32kB (UEH) 54*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28668kB [ 3225.893807][T30980] Normal: 585*4kB (UME) 230*8kB (UME) 485*16kB (UMEH) 20*32kB (UME) 7*64kB (M) 3*128kB (M) 1*256kB (H) 0*512kB 1*1024kB (H) 0*2048kB 0*4096kB = 14692kB [ 3225.909278][T30980] 15060 total pagecache pages [ 3225.914098][T30980] 0 pages in swap cache [ 3225.918616][T30980] Swap cache stats: add 0, delete 0, find 0/0 [ 3225.924711][T30980] Free swap = 0kB [ 3225.928423][T30980] Total swap = 0kB [ 3225.932140][T30980] 1965979 pages RAM [ 3225.935965][T30980] 0 pages HighMem/MovableOnly [ 3225.940630][T30980] 318830 pages reserved [ 3225.944833][T30980] 0 pages cma reserved [ 3225.948916][T30980] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.3,pid=16346,uid=0 [ 3225.963065][T30980] Out of memory: Killed process 16346 (syz-executor.3) total-vm:75364kB, anon-rss:16568kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 3225.984531][ T23] oom_reaper: reaped process 16346 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:19:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, 0x0, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:18 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) setsockopt$inet_tcp_TCP_ULP(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000140)='tls\x00', 0x4) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="1d440da45d1bee4a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d3b2dc560d52aaefe6e7bfa420172e227351a7314ecbabfa0000", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x8, 0x0, 0x400005}, 0x20) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000540)="a1069ade97bdbb3f14fbfeef0629c4266dbeb80340813538552dcaece319c7a6d5995b4aa3fd3183dd53a97aa06e169e9a3defddc76c9b04ad11114ea5e69e85b41ada522cc631493291814e0a71caa90db4b9bc3fa4c01449d614c64e1640d0327aa598f860ac3ac93dfa0e4c5aa8a4dc70c320294f153d60e7c603878126b0ad00ba1391a823fc13214015caf2fc2095a743264bbf54a3c953893f3a7e31133200000000000084287317ba1e058dcf8a530afe7d373c7dbfceb37aa1487043e7ed3e58fe093979f4777f1d8d45c00166b6d0090baa27c4570957821cb66cd375614c99abed425a2a1876b41f7348bd54aac4e4de034c4047b73519c75e0d130007afc8fa613bcf46e878605399c8dbf40de8f52dde140641223935f96adf2632e11f939f18c60c0f01c6fa29a6892e716c8536d00ace2987c468db99ac162b70cea99bed1ff6cb8c1f1a6a457827e67a7374133aa8b576fe0c7280efd00e0f694d26b22d2f76b9432a00bd8e595d83d29888f5adb03f586b9ae840a08f550866af4313c64f7775c1008da0c6cfb71ca628592c9f7d8b8508ed092b3bd7e317e47f004e7d6025c5") ptrace$cont(0x7, r0, 0x0, 0x0) 01:19:18 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xf0ffffff7f0000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:18 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = add_key$user(&(0x7f0000000080)='user\x00', &(0x7f0000000400)={'syz'}, &(0x7f0000000000)='\x00', 0x1, 0xfffffffffffffffd) keyctl$revoke(0x3, r0) keyctl$get_keyring_id(0x0, r0, 0x3) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r2 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r2, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r5 = open(0x0, 0x141042, 0x0) connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r6, &(0x7f0000000500), 0x37d, 0x0) 01:19:18 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x10000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:18 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3226.830253][T31041] syz-executor.1 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 3226.843610][T31041] CPU: 1 PID: 31041 Comm: syz-executor.1 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3226.853885][T31041] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3226.863968][T31041] Call Trace: [ 3226.867284][T31041] dump_stack+0x14a/0x1ce [ 3226.871628][T31041] ? devkmsg_release+0x11c/0x11c [ 3226.876583][T31041] ? show_regs_print_info+0x12/0x12 [ 3226.881796][T31041] ? radix_tree_cpu_dead+0x160/0x160 [ 3226.887079][T31041] ? _raw_spin_lock+0xa1/0x170 [ 3226.891860][T31041] ? _raw_spin_trylock_bh+0x190/0x190 [ 3226.897237][T31041] dump_header+0xdb/0x700 [ 3226.901572][T31041] oom_kill_process+0xd3/0x280 [ 3226.906343][T31041] out_of_memory+0x5b6/0x890 [ 3226.910950][T31041] ? unregister_oom_notifier+0x20/0x20 [ 3226.916574][T31041] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3226.922258][T31041] ? get_page_from_freelist+0x7c0/0x7c0 [ 3226.927816][T31041] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3226.933192][T31041] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3226.938833][T31041] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 3226.944580][T31041] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 3226.950383][T31041] ? page_remove_rmap+0xff/0x1c0 [ 3226.955321][T31041] wp_page_copy+0x1cb/0x1120 [ 3226.960084][T31041] ? futex_exit_release+0xc0/0xc0 [ 3226.965128][T31041] ? add_mm_rss_vec+0x270/0x270 [ 3226.969991][T31041] ? vm_normal_page+0x1c9/0x1d0 [ 3226.974910][T31041] do_wp_page+0x4c1/0x1530 [ 3226.979337][T31041] ? _raw_spin_lock+0xa1/0x170 [ 3226.984213][T31041] ? do_swap_page+0x1560/0x1560 [ 3226.989084][T31041] handle_mm_fault+0x1354/0x40a0 [ 3226.994037][T31041] ? _copy_from_user+0xa4/0xe0 [ 3226.998807][T31041] ? finish_fault+0x230/0x230 [ 3227.003502][T31041] ? put_timespec64+0x109/0x150 [ 3227.008354][T31041] ? __up_read+0x1b0/0x1b0 [ 3227.012768][T31041] ? vmacache_find+0x205/0x4b0 [ 3227.017533][T31041] do_user_addr_fault+0x48a/0x9f0 [ 3227.022585][T31041] page_fault+0x2f/0x40 [ 3227.026757][T31041] RIP: 0033:0x400684 [ 3227.030672][T31041] Code: 01 e9 c9 00 00 00 48 8b 44 24 10 48 0b 44 24 28 be 08 00 00 00 48 8b 14 24 75 17 48 8b 7c 24 20 e8 71 58 00 00 48 8b 4c 24 08 <48> 89 01 e9 9d 00 00 00 48 8b 44 24 08 48 8b 38 e8 57 58 00 00 8a [ 3227.050402][T31041] RSP: 002b:00007fff52222b40 EFLAGS: 00010202 [ 3227.056469][T31041] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000020001580 [ 3227.064540][T31041] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000000 [ 3227.072507][T31041] RBP: 0000000000790690 R08: 0000000000000000 R09: 0000000000000000 [ 3227.080478][T31041] R10: 00007fff52222c60 R11: 0000000000000246 R12: 0000000000790698 [ 3227.088541][T31041] R13: 0000000000313a8e R14: fffffffffffffffe R15: 000000000078bfac [ 3227.097787][T31041] Mem-Info: [ 3227.104370][T31041] active_anon:1408685 inactive_anon:10799 isolated_anon:0 [ 3227.104370][T31041] active_file:237 inactive_file:249 isolated_file:35 [ 3227.104370][T31041] unevictable:0 dirty:47 writeback:5 unstable:0 [ 3227.104370][T31041] slab_reclaimable:11073 slab_unreclaimable:87173 [ 3227.104370][T31041] mapped:56662 shmem:14896 pagetables:30609 bounce:0 [ 3227.104370][T31041] free:14828 free_pcp:27 free_cma:0 [ 3227.187854][T31041] Node 0 active_anon:5634740kB inactive_anon:43196kB active_file:556kB inactive_file:580kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:225848kB dirty:188kB writeback:20kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3227.212493][T31041] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3227.262669][T31041] lowmem_reserve[]: 0 2912 6416 6416 [ 3227.268537][T31041] DMA32 free:29544kB min:4644kB low:7624kB high:10604kB active_anon:2800652kB inactive_anon:2728kB active_file:756kB inactive_file:564kB unevictable:0kB writepending:92kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10624kB pagetables:20512kB bounce:0kB free_pcp:348kB local_pcp:68kB free_cma:0kB [ 3227.298190][T31041] lowmem_reserve[]: 0 0 3504 3504 [ 3227.303297][T31041] Normal free:12696kB min:5592kB low:9180kB high:12768kB active_anon:2834088kB inactive_anon:40468kB active_file:192kB inactive_file:432kB unevictable:0kB writepending:116kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27264kB pagetables:101924kB bounce:0kB free_pcp:740kB local_pcp:44kB free_cma:0kB [ 3227.333205][T31041] lowmem_reserve[]: 0 0 0 0 [ 3227.337709][T31041] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3227.351015][T31041] DMA32: 408*4kB (UMH) 449*8kB (UMEH) 1001*16kB (UMEH) 139*32kB (UMEH) 61*64kB (UMEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 29592kB [ 3227.365880][T31041] Normal: 350*4kB (UME) 195*8kB (UME) 510*16kB (UMH) 19*32kB (UMEH) 0*64kB 0*128kB 1*256kB (H) 0*512kB 1*1024kB (H) 0*2048kB 0*4096kB = 13008kB [ 3227.380630][T31041] 15300 total pagecache pages [ 3227.385413][T31041] 0 pages in swap cache [ 3227.389602][T31041] Swap cache stats: add 0, delete 0, find 0/0 [ 3227.395753][T31041] Free swap = 0kB [ 3227.399525][T31041] Total swap = 0kB [ 3227.403349][T31041] 1965979 pages RAM [ 3227.407213][T31041] 0 pages HighMem/MovableOnly [ 3227.412074][T31041] 318830 pages reserved [ 3227.416332][T31041] 0 pages cma reserved [ 3227.427822][T31041] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=21010,uid=0 [ 3227.448651][T31041] Out of memory: Killed process 21010 (syz-executor.2) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 01:19:19 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:19 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x100000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:19 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:19 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x10000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:19 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3227.934633][ T404] syz-fuzzer invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 3227.960863][ T404] CPU: 1 PID: 404 Comm: syz-fuzzer Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3227.970713][ T404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3227.980853][ T404] Call Trace: [ 3227.984143][ T404] dump_stack+0x14a/0x1ce [ 3227.988477][ T404] ? devkmsg_release+0x11c/0x11c [ 3227.993418][ T404] ? show_regs_print_info+0x12/0x12 [ 3227.998610][ T404] ? radix_tree_cpu_dead+0x160/0x160 [ 3228.004023][ T404] ? _raw_spin_lock+0xa1/0x170 [ 3228.008784][ T404] ? _raw_spin_trylock_bh+0x190/0x190 [ 3228.014169][ T404] dump_header+0xdb/0x700 [ 3228.018516][ T404] oom_kill_process+0xd3/0x280 [ 3228.023280][ T404] out_of_memory+0x5b6/0x890 [ 3228.027862][ T404] ? unregister_oom_notifier+0x20/0x20 [ 3228.033317][ T404] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3228.038866][ T404] ? get_page_from_freelist+0x7c0/0x7c0 [ 3228.044548][ T404] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3228.049927][ T404] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3228.055484][ T404] pagecache_get_page+0x50f/0x880 [ 3228.060511][ T404] filemap_fault+0x1474/0x19d0 [ 3228.065271][ T404] ? generic_file_read_iter+0x20b0/0x20b0 [ 3228.070980][ T404] ext4_filemap_fault+0x7b/0x90 [ 3228.075937][ T404] handle_mm_fault+0x2837/0x40a0 [ 3228.080878][ T404] ? finish_fault+0x230/0x230 [ 3228.085550][ T404] ? __up_read+0x1b0/0x1b0 [ 3228.089967][ T404] ? vmacache_find+0x47a/0x4b0 [ 3228.094734][ T404] do_user_addr_fault+0x48a/0x9f0 [ 3228.099782][ T404] page_fault+0x2f/0x40 [ 3228.103939][ T404] RIP: 0033:0x715330 [ 3228.107826][ T404] Code: b8 db ff 48 8b 44 24 58 48 8b 08 48 8b 54 24 20 48 8b 58 38 48 8b 71 50 48 8b 49 58 48 39 ca 0f 83 d4 00 00 00 48 89 54 24 38 <48> 8b 04 d6 48 89 44 24 10 48 8d 05 80 c2 10 00 48 89 04 24 48 89 [ 3228.127739][ T404] RSP: 002b:000000c43854fc60 EFLAGS: 00010287 [ 3228.133806][ T404] RAX: 000000c4301d0080 RBX: 000000c430b3a030 RCX: 0000000000000d15 [ 3228.141783][ T404] RDX: 00000000000000e7 RSI: 000000000168e5c0 RDI: 000000c42bb66860 [ 3228.149838][ T404] RBP: 000000c43854fca8 R08: 0000000000000000 R09: 0000000000000000 [ 3228.157813][ T404] R10: 00000000009f1ef2 R11: 0000000000000004 R12: 0000000000000000 [ 3228.165787][ T404] R13: 0000000000000020 R14: 0000000000000013 R15: 0000000000000100 [ 3228.243174][ T404] Mem-Info: [ 3228.252295][ T404] active_anon:1407110 inactive_anon:10799 isolated_anon:0 [ 3228.252295][ T404] active_file:303 inactive_file:307 isolated_file:52 [ 3228.252295][ T404] unevictable:0 dirty:61 writeback:0 unstable:0 [ 3228.252295][ T404] slab_reclaimable:11091 slab_unreclaimable:87234 [ 3228.252295][ T404] mapped:56780 shmem:14896 pagetables:30578 bounce:0 [ 3228.252295][ T404] free:16289 free_pcp:0 free_cma:0 [ 3228.302964][ T404] Node 0 active_anon:5628440kB inactive_anon:43196kB active_file:1088kB inactive_file:1000kB unevictable:0kB isolated(anon):0kB isolated(file):208kB mapped:226920kB dirty:244kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3228.334876][ T404] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3228.403958][ T404] lowmem_reserve[]: 0 2912 6416 6416 [ 3228.415530][ T404] DMA32 free:28572kB min:20548kB low:23528kB high:26508kB active_anon:2802752kB inactive_anon:2728kB active_file:152kB inactive_file:36kB unevictable:0kB writepending:32kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10528kB pagetables:20500kB bounce:0kB free_pcp:20kB local_pcp:0kB free_cma:0kB [ 3228.480962][ T404] lowmem_reserve[]: 0 0 3504 3504 [ 3228.491317][ T404] Normal free:21644kB min:24744kB low:28332kB high:31920kB active_anon:2825732kB inactive_anon:40468kB active_file:740kB inactive_file:524kB unevictable:0kB writepending:136kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27136kB pagetables:101812kB bounce:0kB free_pcp:148kB local_pcp:24kB free_cma:0kB [ 3228.552406][ T404] lowmem_reserve[]: 0 0 0 0 [ 3228.584410][ T404] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3228.625002][ T404] DMA32: 1124*4kB (UMH) 598*8kB (UMEH) 1143*16kB (UMEH) 143*32kB (UMEH) 58*64kB (UMEH) 4*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 36368kB [ 3228.667490][ T404] Normal: 411*4kB (UM) 281*8kB (UM) 399*16kB (UME) 36*32kB (UMEH) 20*64kB (M) 7*128kB (M) 4*256kB (MH) 3*512kB (M) 4*1024kB (MH) 2*2048kB (M) 0*4096kB = 24356kB [ 3228.698823][ T404] 15730 total pagecache pages [ 3228.705346][ T404] 0 pages in swap cache [ 3228.710267][ T404] Swap cache stats: add 0, delete 0, find 0/0 [ 3228.717253][ T404] Free swap = 0kB [ 3228.722072][ T404] Total swap = 0kB [ 3228.759601][ T404] 1965979 pages RAM [ 3228.782844][ T404] 0 pages HighMem/MovableOnly [ 3228.793017][ T404] 318830 pages reserved [ 3228.797199][ T404] 0 pages cma reserved 01:19:20 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x40000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) [ 3228.835912][ T404] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=31073,uid=0 [ 3228.851455][ T404] Out of memory: Killed process 31073 (syz-executor.0) total-vm:75628kB, anon-rss:16592kB, file-rss:34660kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3228.870251][ T23] oom_reaper: reaped process 31073 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:19:21 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:21 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x200000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:21 executing program 0: r0 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000340)={0x6, {{0xa, 0x4e21, 0xd2da, @remote}}, 0x0, 0x2, [{{0xa, 0x4e23, 0x1f, @private2, 0xad6}}, {{0xa, 0x4e24, 0x8, @private2, 0x4}}]}, 0x190) prlimit64(0x0, 0xe, &(0x7f0000000180)={0xb69, 0x400000008d}, 0x0) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r2 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r2, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000100)="e82db7508bd9e5047c53fdf2777273be33a526bf239a56504ec8878c6b2406a32fd8fd46c152", 0x26}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) r5 = socket$key(0xf, 0x3, 0x2) fstatfs(r5, &(0x7f0000000200)=""/121) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r6, &(0x7f0000000500), 0x37d, 0x0) 01:19:21 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) ioctl$USBDEVFS_IOCTL(r2, 0xc0105512, &(0x7f0000000180)=@usbdevfs_driver={0x4, 0xc9c000, &(0x7f0000000140)="03627fc535e6f415f8236d62705d15b28ad3a830cc41258036b8c5472bb1bbd12357ea4e"}) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f00000003c0)=ANY=[@ANYBLOB="1d440de528d0104a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d38000000052aaefe6e7bfa420172e225c32a226f8c06854c296e3d382ee119827265b51e60300"/93, @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x8, 0x0, 0x400004}, 0x20) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:19:21 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:21 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x0, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:21 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) prctl$PR_GET_DUMPABLE(0x3) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="1d440da45d1bee4a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d3b2dc560d52aaefe6e7bfa420172e227351a7314ecbabfa0000", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x61, 0xffffffffffffffd6, 0x400004}, 0x20) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:19:21 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() r1 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) ioctl$USBDEVFS_CONTROL(r1, 0xc0185500, &(0x7f0000000200)={0x4, 0xd, 0xd5, 0xffff, 0x40, 0x4e7, &(0x7f00000001c0)="6792da9181ceb55cbf015fa3d7667ff5f3bccfb2fed9ea8b861bbbf549b316fa5185fbef4be223dac0a3423efca75aab2a2d6f23331515cc37311e565bbd9c1f"}) wait4(0x0, 0x0, 0x80000002, 0x0) r2 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x0, 0x0) ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f00000000c0)={{}, 'syz0\x00'}) ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x12) ioctl$UI_DEV_SETUP(r2, 0x5501, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000400)=ANY=[@ANYBLOB="1d440da45d1bee4a9b07660b5dcb71037cbe41c95d250000000000007a1f0c64f622000000fb2e227351a7314ecbabfa0000ef260154267ed5b3b5dab9caf8d53682a458d6ca276b094d42e40c0b28b52ce09b87c02f7b4e101fb16a2e40c67bab107acaf2bc", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x61, 0xffffffffffffffd6, 0x400004}, 0x20) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r3) getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000140), &(0x7f0000000180)=0xc) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000380)="436152368c3d551b51f546222000a215b4c884cc379607fb457054a2cfd2d2b3599c2fe4574de6bcebd53df0536e5571b776f8c360468af25ec61c436b1c1a4e1fa037f70abc00000000e2b50000eeeefe0c21716fd6bed0e13b48ef2222e22176f2d64e0924e660affc00"/120) ptrace$cont(0x7, r0, 0x0, 0x0) 01:19:21 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:21 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3229.442658][T31123] input: syz0 as /devices/virtual/input/input48 01:19:21 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="1d440da45d1bee4a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d3b2dc560d52aaefe6e7bfa420172e227351a7314ecbabfa0000", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x61, 0xffffffffffffffd6, 0x400004}, 0x20) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x33) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) getsockopt$sock_int(r3, 0x1, 0x29, &(0x7f0000000180), &(0x7f00000001c0)=0x4) fstat(r3, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0}) setsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000380)={{{@in6=@private1, @in6=@empty, 0x4e23, 0x0, 0x4e20, 0x0, 0xa, 0x20, 0xa0, 0x6, 0x0, r4}, {0x3, 0x0, 0x4, 0x7, 0x784, 0x0, 0x0, 0x7fff}, {0x101, 0x0, 0x8, 0x3f}, 0x1ff, 0x6e6bb3, 0x0, 0x0, 0x3, 0x2}, {{@in6=@mcast1, 0x4d4, 0x3c}, 0xa, @in6=@private2, 0x3504, 0x7, 0x0, 0x74, 0x2, 0x1, 0x2}}, 0xe8) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:19:21 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:21 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x40000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:22 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x300000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:22 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:22 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:19:22 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:22 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x0, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:22 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:22 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:22 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x1f00000000000000) 01:19:22 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3231.203041][T31179] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 3231.214531][T31179] CPU: 0 PID: 31179 Comm: syz-executor.0 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3231.224691][T31179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3231.236336][T31179] Call Trace: [ 3231.239796][T31179] dump_stack+0x14a/0x1ce [ 3231.244144][T31179] ? devkmsg_release+0x11c/0x11c [ 3231.249083][T31179] ? show_regs_print_info+0x12/0x12 [ 3231.254273][T31179] ? radix_tree_cpu_dead+0x160/0x160 [ 3231.259558][T31179] ? _raw_spin_lock+0xa1/0x170 [ 3231.264327][T31179] ? _raw_spin_trylock_bh+0x190/0x190 [ 3231.269710][T31179] dump_header+0xdb/0x700 [ 3231.274071][T31179] oom_kill_process+0xd3/0x280 [ 3231.278851][T31179] out_of_memory+0x5b6/0x890 [ 3231.283465][T31179] ? unregister_oom_notifier+0x20/0x20 [ 3231.288955][T31179] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3231.294567][T31179] ? get_page_from_freelist+0x7c0/0x7c0 [ 3231.300136][T31179] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3231.306542][T31179] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3231.312104][T31179] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 3231.317860][T31179] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 3231.323690][T31179] ? page_remove_rmap+0xff/0x1c0 [ 3231.328667][T31179] wp_page_copy+0x1fe/0x1120 [ 3231.333277][T31179] ? futex_exit_release+0xc0/0xc0 [ 3231.338315][T31179] ? add_mm_rss_vec+0x270/0x270 [ 3231.343188][T31179] do_wp_page+0x68b/0x1530 [ 3231.347614][T31179] ? do_swap_page+0x1560/0x1560 [ 3231.352486][T31179] ? import_iovec+0x1c2/0x380 [ 3231.357188][T31179] handle_mm_fault+0x1354/0x40a0 [ 3231.362157][T31179] ? finish_fault+0x230/0x230 [ 3231.366875][T31179] ? put_timespec64+0x109/0x150 [ 3231.371749][T31179] ? __up_read+0x1b0/0x1b0 [ 3231.376174][T31179] ? vmacache_find+0x205/0x4b0 [ 3231.381061][T31179] do_user_addr_fault+0x48a/0x9f0 [ 3231.386195][T31179] page_fault+0x2f/0x40 [ 3231.390356][T31179] RIP: 0033:0x4051ed [ 3231.394231][T31179] Code: 24 0f 84 36 02 00 00 80 3d a0 d4 89 00 00 0f 85 81 03 00 00 4c 89 eb 48 c1 e3 06 48 81 c3 c0 8a 4d 00 e8 46 1e 01 00 49 89 c7 00 00 00 00 00 48 8b 43 38 48 85 c0 0f 84 20 01 00 00 48 8b 55 [ 3231.413821][T31179] RSP: 002b:00007f5f7dae8c90 EFLAGS: 00010207 [ 3231.419870][T31179] RAX: 00007f5f7dae96d4 RBX: 00000000004f9240 RCX: 0000000000521aa7 [ 3231.428046][T31179] RDX: 000000000030647e RSI: 0000000020000300 RDI: 000000000078c0c8 [ 3231.436205][T31179] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 3231.444173][T31179] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3231.452279][T31179] R13: 000000000000081e R14: 0000000000521aa7 R15: 00007f5f7dae96d4 [ 3231.460436][T31179] Mem-Info: [ 3231.463601][T31179] active_anon:1408763 inactive_anon:10799 isolated_anon:0 [ 3231.463601][T31179] active_file:1034 inactive_file:749 isolated_file:14 [ 3231.463601][T31179] unevictable:0 dirty:39 writeback:0 unstable:0 [ 3231.463601][T31179] slab_reclaimable:11178 slab_unreclaimable:86337 [ 3231.463601][T31179] mapped:57818 shmem:14896 pagetables:30675 bounce:0 [ 3231.463601][T31179] free:13496 free_pcp:649 free_cma:0 [ 3231.505830][T31179] Node 0 active_anon:5635052kB inactive_anon:43196kB active_file:3952kB inactive_file:4972kB unevictable:0kB isolated(anon):0kB isolated(file):56kB mapped:232372kB dirty:156kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3231.530309][T31179] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3231.556392][T31179] lowmem_reserve[]: 0 2912 6416 6416 [ 3231.561733][T31179] DMA32 free:28796kB min:20548kB low:23528kB high:26508kB active_anon:2803448kB inactive_anon:2728kB active_file:8kB inactive_file:384kB unevictable:0kB writepending:28kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10528kB pagetables:20736kB bounce:0kB free_pcp:924kB local_pcp:264kB free_cma:0kB [ 3231.591621][T31179] lowmem_reserve[]: 0 0 3504 3504 [ 3231.596722][T31179] Normal free:9640kB min:17880kB low:21468kB high:25056kB active_anon:2831604kB inactive_anon:40468kB active_file:3636kB inactive_file:2740kB unevictable:0kB writepending:128kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27264kB pagetables:101964kB bounce:0kB free_pcp:2124kB local_pcp:776kB free_cma:0kB [ 3231.626898][T31179] lowmem_reserve[]: 0 0 0 0 [ 3231.631431][T31179] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3231.644800][T31179] DMA32: 594*4kB (UH) 418*8kB (UEH) 1057*16kB (UEH) 70*32kB (UEH) 55*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28392kB [ 3231.659198][T31179] Normal: 604*4kB (UME) 38*8kB (UM) 369*16kB (UMEH) 4*32kB (ME) 1*64kB (H) 2*128kB (EH) 0*256kB 0*512kB 1*1024kB (H) 0*2048kB 0*4096kB = 10096kB [ 3231.673964][T31179] 16469 total pagecache pages [ 3231.678775][T31179] 0 pages in swap cache [ 3231.682980][T31179] Swap cache stats: add 0, delete 0, find 0/0 [ 3231.689046][T31179] Free swap = 0kB [ 3231.692793][T31179] Total swap = 0kB [ 3231.696508][T31179] 1965979 pages RAM [ 3231.700360][T31179] 0 pages HighMem/MovableOnly [ 3231.705074][T31179] 318830 pages reserved [ 3231.709229][T31179] 0 pages cma reserved [ 3231.713349][T31179] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=31162,uid=0 [ 3231.727650][T31179] Out of memory: Killed process 31179 (syz-executor.0) total-vm:75364kB, anon-rss:16560kB, file-rss:35516kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3231.749353][ T23] oom_reaper: reaped process 31179 (syz-executor.0), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB 01:19:24 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:24 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:24 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x1f00000000000000) 01:19:24 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x400000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:24 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) setsockopt$inet_mtu(r3, 0x0, 0xa, &(0x7f0000000100)=0x1, 0x4) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:19:24 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000540)=ANY=[@ANYBLOB="1201000039542f108c07021047e6000000010902240001000000000904db00010a04c80009210003000000810009050a00000000000003f0afdc0a5c1aa7f091e22771a776868238520ff38068566d29acd233134c457404ff87031d268946bd4d3812510e552cd7281c524591cf13749cef7a636fe8333aa3375bf73d4ee75a0b57df80d54a41c91aac5b35faeac55c28029add48809faaf8606f4036a77ed0dd9c176a4385f895830e01b7a7f7c646eb507fbef7047e1d3fc6fe92a51a2fb09f6643068290caedb6bdfc4083058eb55131379791bdf1b6a88eb1c88b0d368bf8507d4e384a38d7f16eae524a39600300608258e1f5132f1b2c62626161e749a2dacc4a070000001d671b3ffee0224776b16f00000000000000000000000400000000cb930d7f893121e267923d55655e1d4c033452c0ca23928d855c3640e9a0604b3079917a163f5d3f26853cd07e73efb1b5d8927ed5999a6a0b27efb43ac36a868ed8ec74bbf68a321ab8a9992244c7e8e85066cc09dc434fad748c4f0f236e648673cd8d58c3c4fcdae52a0cfd5de91f1883b016d7f1b0d3c04e46b5b3cf030c3b32642e626412f1cf884bdeaf4a54c56f5e2f72736d12822330ac7fcd8212cdaf3e0a757f380ec685c2b5d08bdf674b7e82d015c34720d32ee97cd5a253b5b20548b51eb0a50193a135f76a9dab4e2355073d467f14d20ab629d701cee051157b31147c9dd514e600c747c6ee97ab1fac669f3fb0f0"], 0x0) syz_usb_control_io$printer(r0, &(0x7f0000000200)={0x14, &(0x7f0000000240)={0x0, 0x0, 0x81, {0x81, 0x0, "1d590f93a9f54f1700000000b5f7965ac04f7492e940fd5c17a9d5a93587e49723be67a78f6ffe8c658998e1d9b513a377bed593b62cd4d43d84f183a024fb2e5cd865898a278f639c25faf4fa05000000c34266fc1612612d4a8238b07762aca67afdb73bec3d27c29d2be65a3b3dcbcdbc28b806dd114d83de9a9df3938e"}}, 0x0}, 0x0) syz_usb_control_io$printer(0xffffffffffffffff, &(0x7f00000000c0)={0x14, &(0x7f0000000140)={0x40, 0x21, 0x75, {0x75, 0x31, "28c69bc6653441afca8f14131b68113c434403c41b98392de3e8884d63641a2981f9b5ac050dd421d79b0e7e7d4c65ecb0b7e324f4848d2278f39edd6d0b1f31f32819e4494bb98943e6b3711fdae11b028cbc79e4726640605aa8716df650ce1c8d3a1b8a8c5930b8d28f9ec9c90c3e08b949"}}, &(0x7f00000001c0)={0x0, 0x3, 0xa5, @string={0xa5, 0x3, "359d9c46b0214d3aa94e98da559c37562d862cc986738b22954e6eddc9d1321590a4a0201fc220c1d3f36e4e8f5eddbb9653fa834572769a68f70a86dce602dc063a06070586c2b1f05105c44b8764f69a304e83be777b14f9992aaabfe047218d1cabb1d7d6313884ecfc00a58a5f16edf10e38c08f7d7b74df92e368f0fe51b13f4022246b41de95323b91d5c212af4f598bfada65ccb3bb079d443121f124e2d9de"}}}, &(0x7f0000000480)={0x34, &(0x7f0000000280)={0x20, 0x3, 0x21, "90bfa475684e4bfabb2bc813801218a9ad0fb17ffbe1d2091a07be1245a2d04e4c"}, &(0x7f00000002c0)={0x0, 0xa, 0x1, 0x1}, &(0x7f0000000300)={0x0, 0x8, 0x1, 0x1}, &(0x7f0000000340)={0x20, 0x0, 0x8f, {0x8d, "d7f4b1bccf2d29b675d53398a5396c5df7bee5fed707db333cc80ec66b18e13137b82fd8c57c88899b5380e3bf5f0702974846388f7e493ae5a2af121a62957eb0a1ea7fac79d067fa8a66b6e3cdfda3f0b0ed34a2f0be27bbef64ff61fe56174a5a3978e43a25fa0988f9c0a67fc0773e644c26aaa5e6a1fa4f8090d8d091ab47209f702ce79b13768f4d8937"}}, &(0x7f0000000400)={0x20, 0x1, 0x1, 0xe0}, &(0x7f0000000440)={0x20, 0x0, 0x1, 0xbd}}) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ptrace$setopts(0x4206, r1, 0x0, 0x0) r2 = gettid() ptrace$setopts(0x4206, r2, 0x0, 0x0) getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, &(0x7f0000000180), &(0x7f00000001c0)=0x4) vmsplice(0xffffffffffffffff, &(0x7f0000000980)=[{&(0x7f00000004c0)="d1f0c73f78770e012e3d0d8680e5f1c29d5ee0f2af14b67b8157485a9461881328ee5b69e5a92cebc28387e4e888c5ea42a8cee15faecd8b24fc36b099e1d8fabc600aa45fc3817e42afca9691b2fe263b0a54cf297cf8a7418adb4752638cb0240c", 0x62}, {&(0x7f0000000780)="2743dfc38d4ce8aa05a768463e152efe4cf7d8ba9e8621321f0a4a9f83c5208fd832c0851764529befeb41a39d2747181713555685134def1533b82949aea1e0aff111fbc7008d7e01c61b93501456df3a30430a34fca3044c60382ba2e6119b7b30a5e0afeb1bb689067484f8a9699ec904b8012a6225fabab2b80657812b5debef5ee55444547374a90773ee1946795d90d5b5c5a551e8c30e0563bc8f4c5c82f978a57e2fe2d3d8323d452d8e69db", 0xb0}, {&(0x7f0000000840)="f8d4ee8be904bfed6a2bd86d7b7e0bbacb1b71f39f304104b8cc58390edd4adb598f37bb41feaf0c1768bf34b1561c7a36a9247dd879605cb221b9df6a68703cf56f957d363241c193fab9a76ec2d808743768c377da89a06af67e7acd36577687afefb8cbc8f5e0f3a2ab82094dde1a9d375ad5d10d0d833f6351f1e120b09ea6f762646757f77483b788c27a", 0x8d}, {&(0x7f0000000900)="23817e494cb2eafa5a328643", 0xc}, {&(0x7f0000000940)="0108661286b16f", 0x7}], 0x5, 0x3) tkill(r2, 0x33) ptrace$setregs(0xd, r2, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r2, 0x0, 0x0) tkill(r2, 0x39) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r1, 0x33) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) 01:19:24 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:24 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3233.092815][T23565] usb 6-1: new high-speed USB device number 33 using dummy_hcd [ 3233.232918][T23565] usb 6-1: Using ep0 maxpacket: 16 [ 3233.344140][T31233] syz-executor.4 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 3233.357430][T31233] CPU: 1 PID: 31233 Comm: syz-executor.4 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3233.367589][T31233] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3233.377650][T31233] Call Trace: [ 3233.380952][T31233] dump_stack+0x14a/0x1ce [ 3233.385313][T31233] ? devkmsg_release+0x11c/0x11c [ 3233.390355][T31233] ? show_regs_print_info+0x12/0x12 [ 3233.395599][T31233] ? radix_tree_cpu_dead+0x160/0x160 [ 3233.400898][T31233] ? _raw_spin_lock+0xa1/0x170 [ 3233.405669][T31233] ? _raw_spin_trylock_bh+0x190/0x190 [ 3233.411056][T31233] dump_header+0xdb/0x700 [ 3233.415392][T31233] oom_kill_process+0xd3/0x280 [ 3233.420334][T31233] out_of_memory+0x5b6/0x890 [ 3233.424926][T31233] ? unregister_oom_notifier+0x20/0x20 [ 3233.430392][T31233] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3233.436050][T31233] ? get_page_from_freelist+0x7c0/0x7c0 [ 3233.441601][T31233] ? flush_tlb_func_common+0x45/0x570 [ 3233.446997][T31233] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3233.452415][T31233] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3233.457967][T31233] ? pagevec_lru_move_fn+0x193/0x210 [ 3233.463306][T31233] ? __pagevec_release+0x130/0x130 [ 3233.468425][T31233] ? __lru_cache_add+0x1a1/0x1f0 [ 3233.473368][T31233] wp_page_copy+0x1cb/0x1120 [ 3233.478103][T31233] ? add_mm_rss_vec+0x270/0x270 [ 3233.482978][T31233] ? find_lowest_rq+0x162/0x3f0 [ 3233.487840][T31233] ? vm_normal_page+0x1c9/0x1d0 [ 3233.492733][T31233] do_wp_page+0x4c1/0x1530 [ 3233.497167][T31233] ? _raw_spin_lock+0xa1/0x170 [ 3233.501949][T31233] ? do_swap_page+0x1560/0x1560 [ 3233.506823][T31233] handle_mm_fault+0x1354/0x40a0 [ 3233.511770][T31233] ? switch_mm_irqs_off+0x329/0xa10 [ 3233.516975][T31233] ? finish_fault+0x230/0x230 [ 3233.521660][T31233] ? __up_read+0x1b0/0x1b0 [ 3233.526181][T31233] ? vmacache_find+0x3a2/0x4b0 [ 3233.530955][T31233] do_user_addr_fault+0x48a/0x9f0 [ 3233.536015][T31233] page_fault+0x2f/0x40 [ 3233.540178][T31233] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 3233.546767][T31233] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 3233.566373][T31233] RSP: 0018:ffff88803f45f888 EFLAGS: 00010206 [ 3233.572449][T31233] RAX: ffffffff81f75001 RBX: 0000000020c83500 RCX: 0000000000000500 [ 3233.580507][T31233] RDX: 0000000000001000 RSI: ffff88803706fb00 RDI: 0000000020c83000 [ 3233.588479][T31233] RBP: ffff88803f45fda8 R08: dffffc0000000000 R09: ffffed1006e0e000 [ 3233.596458][T31233] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 3233.604609][T31233] R13: 0000000000001000 R14: ffff88803706f000 R15: 0000000020c82500 [ 3233.612687][T31233] ? copyout+0x1/0xb0 [ 3233.616689][T31233] copyout+0x8e/0xb0 [ 3233.620601][T31233] copy_page_to_iter+0x393/0xbd0 [ 3233.626196][T31233] pipe_to_user+0xa3/0x130 [ 3233.630628][T31233] __splice_from_pipe+0x2d3/0x870 [ 3233.635848][T31233] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 3233.641398][T31233] do_vmsplice+0x252/0xee0 [ 3233.645821][T31233] ? avc_ss_reset+0x3a0/0x3a0 [ 3233.650588][T31233] ? write_pipe_buf+0x1d0/0x1d0 [ 3233.655442][T31233] ? __rcu_read_lock+0x50/0x50 [ 3233.660217][T31233] ? check_stack_object+0x5a/0x90 [ 3233.665248][T31233] ? _copy_from_user+0xa4/0xe0 [ 3233.670026][T31233] ? rw_copy_check_uvector+0x2b3/0x310 [ 3233.675512][T31233] ? import_iovec+0x1c2/0x380 [ 3233.680199][T31233] ? dup_iter+0x110/0x110 [ 3233.684545][T31233] ? do_vfs_ioctl+0x780/0x1750 [ 3233.689313][T31233] __se_sys_vmsplice+0x1fb/0x300 [ 3233.694280][T31233] ? __x64_sys_vmsplice+0xa0/0xa0 [ 3233.699312][T31233] ? put_timespec64+0x109/0x150 [ 3233.704172][T31233] ? __x64_sys_clock_gettime+0x20d/0x260 [ 3233.709809][T31233] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 3233.715534][T31233] do_syscall_64+0xcb/0x150 [ 3233.720042][T31233] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3233.725932][T31233] RIP: 0033:0x45c829 [ 3233.729819][T31233] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3233.749941][T31233] RSP: 002b:00007f67d72f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 3233.758379][T31233] RAX: ffffffffffffffda RBX: 0000000000509d00 RCX: 000000000045c829 [ 3233.766472][T31233] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004 [ 3233.774726][T31233] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 3233.782697][T31233] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3233.790665][T31233] R13: 0000000000000c49 R14: 00000000004ce70e R15: 00007f67d72f76d4 [ 3233.798899][T31233] Mem-Info: [ 3233.802050][T31233] active_anon:1410200 inactive_anon:10799 isolated_anon:0 [ 3233.802050][T31233] active_file:49 inactive_file:20 isolated_file:52 [ 3233.802050][T31233] unevictable:0 dirty:36 writeback:0 unstable:0 [ 3233.802050][T31233] slab_reclaimable:11229 slab_unreclaimable:86190 [ 3233.802050][T31233] mapped:56296 shmem:14896 pagetables:30757 bounce:0 [ 3233.802050][T31233] free:13617 free_pcp:820 free_cma:0 [ 3233.840409][T31233] Node 0 active_anon:5640800kB inactive_anon:43196kB active_file:80kB inactive_file:776kB unevictable:0kB isolated(anon):0kB isolated(file):80kB mapped:225084kB dirty:144kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3233.864881][T31233] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3233.890946][T31233] lowmem_reserve[]: 0 2912 6416 6416 [ 3233.896268][T31233] DMA32 free:28620kB min:4644kB low:7624kB high:10604kB active_anon:2802872kB inactive_anon:2728kB active_file:440kB inactive_file:424kB unevictable:0kB writepending:132kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10816kB pagetables:21336kB bounce:0kB free_pcp:1116kB local_pcp:764kB free_cma:0kB [ 3233.926056][T31233] lowmem_reserve[]: 0 0 3504 3504 [ 3233.931084][T31233] Normal free:9120kB min:5592kB low:9180kB high:12768kB active_anon:2837328kB inactive_anon:40468kB active_file:0kB inactive_file:1244kB unevictable:0kB writepending:212kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27328kB pagetables:101780kB bounce:0kB free_pcp:1516kB local_pcp:728kB free_cma:0kB [ 3233.960735][T31233] lowmem_reserve[]: 0 0 0 0 [ 3233.965384][T31233] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3233.978825][T31233] DMA32: 685*4kB (UH) 489*8kB (UEH) 1016*16kB (UEH) 75*32kB (UEH) 43*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28060kB [ 3233.993244][T31233] Normal: 266*4kB (UM) 65*8kB (UM) 375*16kB (UMH) 16*32kB (UMH) 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (H) 0*2048kB 0*4096kB = 9120kB [ 3234.007743][T31233] 15274 total pagecache pages [ 3234.012422][T31233] 0 pages in swap cache [ 3234.016702][T31233] Swap cache stats: add 0, delete 0, find 0/0 [ 3234.022782][T31233] Free swap = 0kB [ 3234.026516][T31233] Total swap = 0kB [ 3234.030225][T31233] 1965979 pages RAM [ 3234.034029][T31233] 0 pages HighMem/MovableOnly [ 3234.038681][T31233] 318830 pages reserved [ 3234.042824][T31233] 0 pages cma reserved [ 3234.047312][T31233] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=20976,uid=0 [ 3234.062881][T31233] Out of memory: Killed process 20976 (syz-executor.2) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 3234.123552][ T23] oom_reaper: reaped process 20976 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 3234.703058][T23565] usb 6-1: config 0 has an invalid interface number: 219 but max is 0 [ 3234.711511][T23565] usb 6-1: config 0 has no interface number 0 [ 3234.718091][T23565] usb 6-1: config 0 interface 219 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0 [ 3234.728702][T23565] usb 6-1: New USB device found, idVendor=078c, idProduct=1002, bcdDevice=e6.47 01:19:26 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x1f00000000000000) 01:19:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:26 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4, 0x8000000001}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:19:26 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3234.747368][T23565] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 01:19:26 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x500000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) [ 3234.793518][T23565] usb 6-1: config 0 descriptor?? 01:19:26 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:26 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3235.838063][ T422] syz-executor.2 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 3235.849177][ T422] CPU: 1 PID: 422 Comm: syz-executor.2 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3235.859149][ T422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3235.869291][ T422] Call Trace: [ 3235.872589][ T422] dump_stack+0x14a/0x1ce [ 3235.876922][ T422] ? devkmsg_release+0x11c/0x11c [ 3235.881857][ T422] ? show_regs_print_info+0x12/0x12 [ 3235.887149][ T422] ? radix_tree_cpu_dead+0x160/0x160 [ 3235.892415][ T422] ? _raw_spin_lock+0xa1/0x170 [ 3235.897174][ T422] ? _raw_spin_trylock_bh+0x190/0x190 [ 3235.902535][ T422] dump_header+0xdb/0x700 [ 3235.906845][ T422] oom_kill_process+0xd3/0x280 [ 3235.911583][ T422] out_of_memory+0x5b6/0x890 [ 3235.916194][ T422] ? unregister_oom_notifier+0x20/0x20 [ 3235.921685][ T422] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3235.927219][ T422] ? get_page_from_freelist+0x7c0/0x7c0 [ 3235.932764][ T422] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3235.938194][ T422] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3235.943837][ T422] pagecache_get_page+0x50f/0x880 [ 3235.948845][ T422] filemap_fault+0x1474/0x19d0 [ 3235.953592][ T422] ? generic_file_read_iter+0x20b0/0x20b0 [ 3235.959309][ T422] ? atime_needs_update+0x1e9/0x570 [ 3235.964672][ T422] ext4_filemap_fault+0x7b/0x90 [ 3235.969505][ T422] handle_mm_fault+0x2837/0x40a0 [ 3235.974423][ T422] ? finish_fault+0x230/0x230 [ 3235.979078][ T422] ? __up_read+0x1b0/0x1b0 [ 3235.983469][ T422] ? vmacache_find+0x205/0x4b0 [ 3235.988215][ T422] do_user_addr_fault+0x48a/0x9f0 [ 3235.993216][ T422] page_fault+0x2f/0x40 [ 3235.997459][ T422] RIP: 0033:0x44a7e0 [ 3236.001335][ T422] Code: Bad RIP value. [ 3236.005391][ T422] RSP: 002b:00007fffeefa2e88 EFLAGS: 00010206 [ 3236.011433][ T422] RAX: 0000000000000006 RBX: 000000000221d970 RCX: 0000000000000982 [ 3236.019419][ T422] RDX: 0000000000000007 RSI: 000000000221d982 RDI: 000000000221d983 [ 3236.027369][ T422] RBP: 0000000000000020 R08: 0000000000000001 R09: 000000000221c940 [ 3236.035315][ T422] R10: 0000000000000000 R11: 0000000000000206 R12: 000000000221da00 [ 3236.043278][ T422] R13: 0000000000000090 R14: 000000000221d982 R15: 000000000000000a [ 3236.055026][ T422] Mem-Info: [ 3236.058220][ T422] active_anon:1411328 inactive_anon:10799 isolated_anon:0 [ 3236.058220][ T422] active_file:34 inactive_file:23 isolated_file:32 [ 3236.058220][ T422] unevictable:0 dirty:3 writeback:0 unstable:0 [ 3236.058220][ T422] slab_reclaimable:11267 slab_unreclaimable:85986 [ 3236.058220][ T422] mapped:56264 shmem:14896 pagetables:30764 bounce:0 [ 3236.058220][ T422] free:12964 free_pcp:408 free_cma:0 [ 3236.097347][T23565] gtco 6-1:0.219: Failed to get HID Report Descriptor of size: 129 [ 3236.105309][ T422] Node 0 active_anon:5645312kB inactive_anon:43196kB active_file:96kB inactive_file:92kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:225056kB dirty:12kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3236.105363][T23565] gtco: probe of 6-1:0.219 failed with error -5 [ 3236.129335][ T422] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3236.137612][T23565] usb 6-1: USB disconnect, device number 33 [ 3236.161815][ T422] lowmem_reserve[]: 0 2912 6416 6416 [ 3236.175270][ T422] DMA32 free:28760kB min:20548kB low:23528kB high:26508kB active_anon:2804696kB inactive_anon:2724kB active_file:0kB inactive_file:140kB unevictable:0kB writepending:8kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10464kB pagetables:20836kB bounce:0kB free_pcp:220kB local_pcp:0kB free_cma:0kB [ 3236.204710][ T422] lowmem_reserve[]: 0 0 3504 3504 [ 3236.209760][ T422] Normal free:7684kB min:24744kB low:28332kB high:31920kB active_anon:2840616kB inactive_anon:40472kB active_file:36kB inactive_file:100kB unevictable:0kB writepending:4kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27552kB pagetables:102220kB bounce:0kB free_pcp:804kB local_pcp:248kB free_cma:0kB [ 3236.239297][ T422] lowmem_reserve[]: 0 0 0 0 [ 3236.243809][ T422] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3236.257117][ T422] DMA32: 573*4kB (UH) 524*8kB (UEH) 1033*16kB (UEH) 61*32kB (UEH) 45*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 27844kB [ 3236.271902][ T422] Normal: 10*4kB (U) 34*8kB (UE) 380*16kB (UE) 1*32kB (U) 1*64kB (H) 0*128kB 0*256kB 0*512kB 1*1024kB (H) 0*2048kB 0*4096kB = 7512kB [ 3236.285694][ T422] 14953 total pagecache pages [ 3236.290348][ T422] 0 pages in swap cache [ 3236.294739][ T422] Swap cache stats: add 0, delete 0, find 0/0 [ 3236.300803][ T422] Free swap = 0kB [ 3236.304672][ T422] Total swap = 0kB [ 3236.308387][ T422] 1965979 pages RAM [ 3236.312178][ T422] 0 pages HighMem/MovableOnly [ 3236.316860][ T422] 318830 pages reserved [ 3236.320992][ T422] 0 pages cma reserved [ 3236.325239][ T422] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=20227,uid=0 [ 3236.339483][ T422] Out of memory: Killed process 20227 (syz-executor.0) total-vm:75232kB, anon-rss:16564kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3236.357922][ T23] oom_reaper: reaped process 20227 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 3236.679765][T31277] syz-executor.0 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 3236.691498][T31277] CPU: 0 PID: 31277 Comm: syz-executor.0 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3236.701865][T31277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3236.712041][T31277] Call Trace: [ 3236.715341][T31277] dump_stack+0x14a/0x1ce [ 3236.719673][T31277] ? devkmsg_release+0x11c/0x11c [ 3236.724615][T31277] ? show_regs_print_info+0x12/0x12 [ 3236.729823][T31277] ? radix_tree_cpu_dead+0x160/0x160 [ 3236.735120][T31277] ? _raw_spin_lock+0xa1/0x170 [ 3236.739890][T31277] ? _raw_spin_trylock_bh+0x190/0x190 [ 3236.745291][T31277] dump_header+0xdb/0x700 [ 3236.749895][T31277] oom_kill_process+0xd3/0x280 [ 3236.754678][T31277] out_of_memory+0x5b6/0x890 [ 3236.759367][T31277] ? unregister_oom_notifier+0x20/0x20 [ 3236.764857][T31277] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3236.770513][T31277] ? get_page_from_freelist+0x7c0/0x7c0 [ 3236.776085][T31277] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3236.781470][T31277] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3236.787026][T31277] ? page_cache_prev_miss+0x3f0/0x3f0 [ 3236.792405][T31277] wp_page_copy+0x1fe/0x1120 [ 3236.797608][T31277] ? rwsem_spin_on_owner+0x35/0x280 [ 3236.802810][T31277] ? add_mm_rss_vec+0x270/0x270 [ 3236.807674][T31277] do_wp_page+0x68b/0x1530 [ 3236.812192][T31277] ? rwsem_optimistic_spin+0x670/0x670 [ 3236.817794][T31277] ? do_swap_page+0x1560/0x1560 [ 3236.822646][T31277] ? rwsem_down_read_slowpath+0x337/0xb80 [ 3236.828755][T31277] handle_mm_fault+0x1354/0x40a0 [ 3236.833709][T31277] ? finish_fault+0x230/0x230 [ 3236.838391][T31277] ? __init_rwsem+0x120/0x120 [ 3236.843061][T31277] ? vmacache_update+0x9f/0xf0 [ 3236.847835][T31277] do_user_addr_fault+0x48a/0x9f0 [ 3236.852861][T31277] page_fault+0x2f/0x40 [ 3236.857009][T31277] RIP: 0033:0x4052a4 [ 3236.860905][T31277] Code: 80 3d df d3 89 00 00 c6 85 84 00 00 00 00 74 0f 8b 05 cc d3 89 00 39 45 24 0f 84 6f 02 00 00 44 8b a5 80 00 00 00 48 8b 5d 78 d7 e2 ff ff 48 2b 05 58 2d 36 00 8b 75 00 4c 89 f1 45 89 e1 49 [ 3236.880606][T31277] RSP: 002b:00007f5f7dac7c90 EFLAGS: 00010246 [ 3236.886673][T31277] RAX: 00007f5f7f52c000 RBX: 0000000000000000 RCX: 0000000000000000 [ 3236.894729][T31277] RDX: 000000000003ffff RSI: 00000000004051ea RDI: 0000000000000000 [ 3236.902831][T31277] RBP: 000000000078c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 3236.910920][T31277] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 3236.918919][T31277] R13: 0000000000022e80 R14: 00000000004cb660 R15: 00007f5f7dac86d4 [ 3236.930112][T31277] Mem-Info: [ 3236.933310][T31277] active_anon:1409623 inactive_anon:10799 isolated_anon:0 [ 3236.933310][T31277] active_file:713 inactive_file:725 isolated_file:55 [ 3236.933310][T31277] unevictable:0 dirty:0 writeback:0 unstable:0 [ 3236.933310][T31277] slab_reclaimable:11267 slab_unreclaimable:85452 [ 3236.933310][T31277] mapped:57665 shmem:14896 pagetables:30727 bounce:0 [ 3236.933310][T31277] free:13863 free_pcp:222 free_cma:0 [ 3236.971573][T31277] Node 0 active_anon:5638528kB inactive_anon:43196kB active_file:2880kB inactive_file:2780kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:230512kB dirty:84kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3236.996528][T31277] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3237.022619][T31277] lowmem_reserve[]: 0 2912 6416 6416 [ 3237.028038][T31277] DMA32 free:29348kB min:20548kB low:23528kB high:26508kB active_anon:2805460kB inactive_anon:2724kB active_file:0kB inactive_file:8kB unevictable:0kB writepending:12kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10400kB pagetables:20832kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 3237.057074][T31277] lowmem_reserve[]: 0 0 3504 3504 [ 3237.062134][T31277] Normal free:12776kB min:24744kB low:28332kB high:31920kB active_anon:2833108kB inactive_anon:40472kB active_file:2072kB inactive_file:2792kB unevictable:0kB writepending:164kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27456kB pagetables:101980kB bounce:0kB free_pcp:700kB local_pcp:112kB free_cma:0kB [ 3237.092665][T31277] lowmem_reserve[]: 0 0 0 0 [ 3237.106354][T31277] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3237.120790][T31277] DMA32: 812*4kB (UMH) 535*8kB (UEH) 1042*16kB (UEH) 69*32kB (UEH) 46*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 29352kB [ 3237.136560][T31277] Normal: 893*4kB (UME) 197*8kB (UME) 420*16kB (UME) 3*32kB (EH) 2*64kB (EH) 2*128kB (ME) 0*256kB 0*512kB 1*1024kB (H) 0*2048kB 0*4096kB = 13372kB [ 3237.153807][T31277] 15601 total pagecache pages [ 3237.158504][T31277] 0 pages in swap cache [ 3237.162654][T31277] Swap cache stats: add 0, delete 0, find 0/0 [ 3237.168774][T31277] Free swap = 0kB [ 3237.172506][T31277] Total swap = 0kB [ 3237.176254][T31277] 1965979 pages RAM [ 3237.180058][T31277] 0 pages HighMem/MovableOnly [ 3237.184888][T31277] 318830 pages reserved [ 3237.189039][T31277] 0 pages cma reserved [ 3237.193129][T31277] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=19650,uid=0 [ 3237.208089][T31277] Out of memory: Killed process 19650 (syz-executor.2) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 01:19:29 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="1d440da45d1bee4a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d3b2dc560d52aaefe6e7bfa420172e227351a7314ecbabfa0000", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x61, 0xffffffffffffffd6, 0x400004}, 0x20) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:19:29 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:19:29 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:29 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x4000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) [ 3237.310952][ T23] oom_reaper: reaped process 19650 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:19:29 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x600000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:29 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) sendmsg$NFQNL_MSG_VERDICT(r6, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000180)={&(0x7f0000000340)={0x170, 0x1, 0x3, 0x401, 0x0, 0x0, {0xc, 0x0, 0x8}, [@NFQA_MARK={0x8, 0x3, 0x1, 0x0, 0x9}, @NFQA_VLAN={0x14, 0x13, 0x0, 0x1, [@NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x88a8}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x1}]}, @NFQA_VLAN={0x34, 0x13, 0x0, 0x1, [@NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x1}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0xf2}, @NFQA_VLAN_TCI={0x6, 0x2, 0x1, 0x0, 0x1ff}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}, @NFQA_VLAN_PROTO={0x6, 0x1, 0x1, 0x0, 0x8100}]}, @NFQA_VERDICT_HDR={0xc, 0x2, {0xfffffffffffffffe, 0xe2f}}, @NFQA_EXP={0x100, 0xf, 0x0, 0x1, [@CTA_EXPECT_FLAGS={0x8}, @CTA_EXPECT_TUPLE={0xec, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private1}, {0x14, 0x4, @initdev={0xfe, 0x88, [], 0x0, 0x0}}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @empty}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3c}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @remote}, {0x14, 0x4, @rand_addr=' \x01\x00'}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @multicast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}]}, @CTA_EXPECT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x2}]}]}, 0x170}, 0x1, 0x0, 0x0, 0x4004001}, 0x4000008) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0) 01:19:29 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3237.819645][T31295] syz-executor.5 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 3237.837777][T31295] CPU: 1 PID: 31295 Comm: syz-executor.5 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3237.847960][T31295] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3237.861732][T31295] Call Trace: [ 3237.865021][T31295] dump_stack+0x14a/0x1ce [ 3237.869392][T31295] ? devkmsg_release+0x11c/0x11c [ 3237.874319][T31295] ? show_regs_print_info+0x12/0x12 [ 3237.879501][T31295] ? radix_tree_cpu_dead+0x160/0x160 [ 3237.884772][T31295] ? _raw_spin_lock+0xa1/0x170 [ 3237.889617][T31295] ? _raw_spin_trylock_bh+0x190/0x190 [ 3237.895002][T31295] dump_header+0xdb/0x700 [ 3237.899317][T31295] oom_kill_process+0xd3/0x280 [ 3237.904085][T31295] out_of_memory+0x5b6/0x890 [ 3237.908657][T31295] ? unregister_oom_notifier+0x20/0x20 [ 3237.914094][T31295] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3237.919641][T31295] ? get_page_from_freelist+0x7c0/0x7c0 [ 3237.925176][T31295] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3237.930527][T31295] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3237.936119][T31295] handle_mm_fault+0x1689/0x40a0 [ 3237.941060][T31295] ? finish_fault+0x230/0x230 [ 3237.945725][T31295] ? do_mmap+0x9ad/0x1060 [ 3237.950067][T31295] ? up_read+0x10/0x10 [ 3237.954134][T31295] ? __up_read+0x1b0/0x1b0 [ 3237.958659][T31295] ? vmacache_update+0x9f/0xf0 [ 3237.963424][T31295] do_user_addr_fault+0x48a/0x9f0 [ 3237.968437][T31295] page_fault+0x2f/0x40 [ 3237.972582][T31295] RIP: 0033:0x41407f [ 3237.976483][T31295] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 3237.996785][T31295] RSP: 002b:00007ffc86121e90 EFLAGS: 00010206 [ 3238.002840][T31295] RAX: 00007f0c794f7000 RBX: 0000000000020000 RCX: 000000000045c87a [ 3238.010859][T31295] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 3238.018822][T31295] RBP: 00007ffc86121f70 R08: ffffffffffffffff R09: 0000000000000000 [ 3238.026874][T31295] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc86122070 [ 3238.034886][T31295] R13: 00007f0c79517700 R14: 0000000000000b87 R15: 000000000078c04c [ 3238.044296][T31295] Mem-Info: [ 3238.047579][T31295] active_anon:1408056 inactive_anon:10799 isolated_anon:0 [ 3238.047579][T31295] active_file:435 inactive_file:426 isolated_file:75 [ 3238.047579][T31295] unevictable:0 dirty:84 writeback:5 unstable:0 [ 3238.047579][T31295] slab_reclaimable:11289 slab_unreclaimable:85742 [ 3238.047579][T31295] mapped:57067 shmem:14896 pagetables:30751 bounce:0 [ 3238.047579][T31295] free:15813 free_pcp:112 free_cma:0 [ 3238.091666][T31295] Node 0 active_anon:5632200kB inactive_anon:43196kB active_file:1456kB inactive_file:1676kB unevictable:0kB isolated(anon):0kB isolated(file):232kB mapped:228004kB dirty:336kB writeback:20kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3238.140742][T31295] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3238.233701][T31295] lowmem_reserve[]: 0 2912 6416 6416 [ 3238.244649][T31295] DMA32 free:28988kB min:20548kB low:23528kB high:26508kB active_anon:2804104kB inactive_anon:2724kB active_file:8kB inactive_file:0kB unevictable:0kB writepending:12kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10848kB pagetables:20828kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3238.274512][T31295] lowmem_reserve[]: 0 0 3504 3504 [ 3238.279671][T31295] Normal free:18516kB min:24744kB low:28332kB high:31920kB active_anon:2829128kB inactive_anon:40472kB active_file:1468kB inactive_file:1244kB unevictable:0kB writepending:388kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27200kB pagetables:102084kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3238.317282][T31295] lowmem_reserve[]: 0 0 0 0 [ 3238.325443][T31295] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3238.340505][T31295] DMA32: 909*4kB (UMH) 565*8kB (UEH) 1048*16kB (UEH) 35*32kB (UEH) 50*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 29244kB [ 3238.359143][T31295] Normal: 1336*4kB (UME) 568*8kB (UM) 714*16kB (UM) 169*32kB (UMEH) 56*64kB (MEH) 12*128kB (ME) 0*256kB 0*512kB 1*1024kB (H) 0*2048kB 0*4096kB = 32864kB [ 3238.376576][T31295] 15287 total pagecache pages [ 3238.382466][T31295] 0 pages in swap cache [ 3238.387355][T31295] Swap cache stats: add 0, delete 0, find 0/0 [ 3238.413093][T31295] Free swap = 0kB [ 3238.421924][T31295] Total swap = 0kB [ 3238.427771][T31295] 1965979 pages RAM [ 3238.468817][T31295] 0 pages HighMem/MovableOnly [ 3238.474708][T31295] 318830 pages reserved [ 3238.487999][T31295] 0 pages cma reserved [ 3238.492359][T31295] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.3,pid=31297,uid=0 01:19:30 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x700000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:30 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:30 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:19:30 executing program 3: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:30 executing program 0: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') keyctl$set_reqkey_keyring(0xe, 0x2) preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:19:30 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000280)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRESOCT, @ANYRESOCT, @ANYRESHEX=r0]], 0x0, 0x8, 0x0, 0x400007}, 0x20) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x33) r1 = gettid() ptrace$setopts(0x4206, r1, 0x0, 0x0) tkill(r1, 0x33) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) ptrace$setregs(0xf, r1, 0x2, &(0x7f00000001c0)="561d435a890d2eb403c189827c1549dbf33e9113c9385bef226da35c1498bb7d5521970660df79e5d6e6ff35264334d8e9cd08480c6b6cda11ff4d86abd89a9d6033e21896b4a8699dff04b9e5a4660a90734ac196d8792b90fd458f36b90b") ptrace$cont(0x7, r0, 0x0, 0x0) ptrace$setopts(0x4206, 0x0, 0x4, 0x20) tkill(0x0, 0x33) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) rt_tgsigqueueinfo(0x0, 0x0, 0x25, &(0x7f0000000140)={0x8, 0x80, 0x2}) 01:19:30 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) ioctl$BLKRESETZONE(0xffffffffffffffff, 0x40101283, &(0x7f0000000140)={0x1, 0x9}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) accept$packet(r4, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14) setsockopt$inet6_mreq(r2, 0x29, 0x14, &(0x7f0000000280)={@private0={0xfc, 0x0, [], 0x1}, r5}, 0x14) connect$inet6(r2, &(0x7f0000000180)={0xa, 0x4e22, 0x6, @local, 0x10001}, 0x1c) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="1d440da45d1bee4a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d3b2dc560d52aaefe6e7bfa420172e227351a7314ecbabfa0000", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x61, 0xffffffffffffffd6, 0x400004}, 0x20) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:19:30 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:30 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:19:30 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000380)='/dev/bsg\x00', 0xb4a00, 0x0) sendmsg$IPCTNL_MSG_CT_GET_STATS(r0, &(0x7f0000000480)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000400)={0x14, 0x5, 0x1, 0x201, 0x0, 0x0, {0x0, 0x0, 0x6}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x4) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) getsockopt$sock_int(r2, 0x1, 0x29, &(0x7f0000000180), &(0x7f00000001c0)=0x4) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(r3) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup(0xffffffffffffffff) r6 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) write$P9_RATTACH(r6, &(0x7f00000002c0)={0x14, 0x69, 0x1, {0x20, 0x0, 0x4}}, 0x14) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f00000004c0)=ANY=[@ANYRESDEC=r2, @ANYRES16, @ANYPTR64=&(0x7f0000000200)=ANY=[@ANYRESDEC=r4, @ANYRESOCT], @ANYRES32, @ANYPTR, @ANYRES64=r5, @ANYRESHEX, @ANYRES32, @ANYRESOCT, @ANYRES32]], 0x0, 0x8, 0x0, 0x400004}, 0x20) process_vm_writev(0x0, &(0x7f0000000300)=[{0x0, 0x2a}, {0x0}, {&(0x7f0000000000)=""/5, 0x2}], 0xffffffffffffc7d, 0x0, 0x0, 0x0) ioctl$RTC_VL_CLR(0xffffffffffffffff, 0x7014) ptrace$setregs(0xd, r1, 0x4c, &(0x7f0000000140)="d24b07e259d543c4b1c59f6d42dd4411bed13ac053fcfe1406266c3141caaa9be038cdd43973f5ce349158f6dc100e3398d030b00bca9d71a6f80be1959d7b3876796120a9e03a222283b7a0b9b69acfc0b3ae2ba7d6192c80df841beba4aced507a1302acd01f0b74d624bba497c531a20a00208ec802d94c6b67615676656b2ebb0de5b25b7e0565e8a4b156de14aabb59cf7824b53a66c92a28046db7e40c33c22962b2c6d61b40eb26") ptrace$cont(0x7, r1, 0x800000, 0x0) 01:19:30 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:30 executing program 3: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3239.314092][ T390] syz-fuzzer invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 3239.331155][ T390] CPU: 1 PID: 390 Comm: syz-fuzzer Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3239.340958][ T390] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3239.351196][ T390] Call Trace: [ 3239.354508][ T390] dump_stack+0x14a/0x1ce [ 3239.358878][ T390] ? devkmsg_release+0x11c/0x11c [ 3239.363821][ T390] ? show_regs_print_info+0x12/0x12 [ 3239.369144][ T390] ? radix_tree_cpu_dead+0x160/0x160 [ 3239.374432][ T390] ? _raw_spin_lock+0xa1/0x170 [ 3239.379208][ T390] ? _raw_spin_trylock_bh+0x190/0x190 [ 3239.384596][ T390] dump_header+0xdb/0x700 [ 3239.388939][ T390] oom_kill_process+0xd3/0x280 [ 3239.393717][ T390] out_of_memory+0x5b6/0x890 [ 3239.398308][ T390] ? unregister_oom_notifier+0x20/0x20 [ 3239.403792][ T390] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3239.409377][ T390] ? get_page_from_freelist+0x7c0/0x7c0 [ 3239.414936][ T390] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3239.420314][ T390] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3239.425875][ T390] pagecache_get_page+0x50f/0x880 [ 3239.430933][ T390] filemap_fault+0x1474/0x19d0 [ 3239.435721][ T390] ? generic_file_read_iter+0x20b0/0x20b0 [ 3239.442160][ T390] ext4_filemap_fault+0x7b/0x90 [ 3239.447257][ T390] handle_mm_fault+0x2837/0x40a0 [ 3239.452405][ T390] ? finish_fault+0x230/0x230 [ 3239.457177][ T390] ? __up_read+0x1b0/0x1b0 [ 3239.461596][ T390] ? vmacache_find+0x47a/0x4b0 [ 3239.466478][ T390] do_user_addr_fault+0x48a/0x9f0 [ 3239.471689][ T390] page_fault+0x2f/0x40 [ 3239.476121][ T390] RIP: 0033:0x41d194 [ 3239.480504][ T390] Code: 48 83 c6 08 49 83 f8 08 0f 8d e7 00 00 00 48 39 de 0f 83 de 00 00 00 0f ba e2 00 0f 83 ca 00 00 00 4c 8b 4c 24 78 4e 8d 14 0e <4d> 8b 12 4d 85 d2 74 c9 4c 39 d0 77 c4 49 39 ca 73 bf 4c 89 44 24 [ 3239.501191][ T390] RSP: 002b:000000c42016be00 EFLAGS: 00010283 [ 3239.507255][ T390] RAX: 000000c420000000 RBX: 0000000000040000 RCX: 000000c43c630000 [ 3239.515568][ T390] RDX: 0000000000000099 RSI: 000000000001a780 RDI: 00007f0d087a7000 [ 3239.523536][ T390] RBP: 000000c42016be68 R08: 0000000000000000 R09: 0000000000cdd880 [ 3239.531512][ T390] R10: 0000000000cf8000 R11: 0000000000000ca6 R12: 0000000000000000 [ 3239.540355][ T390] R13: 0000000000000018 R14: 0000000000000013 R15: 0000000000000100 [ 3239.590240][ T390] Mem-Info: [ 3239.601629][ T390] active_anon:1408180 inactive_anon:10799 isolated_anon:0 [ 3239.601629][ T390] active_file:147 inactive_file:179 isolated_file:0 [ 3239.601629][ T390] unevictable:0 dirty:41 writeback:29 unstable:0 [ 3239.601629][ T390] slab_reclaimable:11314 slab_unreclaimable:85580 [ 3239.601629][ T390] mapped:56497 shmem:14896 pagetables:30752 bounce:0 [ 3239.601629][ T390] free:16394 free_pcp:207 free_cma:0 [ 3239.640805][ T390] Node 0 active_anon:5634020kB inactive_anon:43196kB active_file:688kB inactive_file:1416kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:226288kB dirty:164kB writeback:16kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3239.666474][ T390] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3239.711377][ T390] lowmem_reserve[]: 0 2912 6416 6416 [ 3239.726037][ T390] DMA32 free:30588kB min:4644kB low:7624kB high:10604kB active_anon:2804608kB inactive_anon:2724kB active_file:20kB inactive_file:4kB unevictable:0kB writepending:4kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10368kB pagetables:20828kB bounce:0kB free_pcp:92kB local_pcp:76kB free_cma:0kB [ 3239.756209][ T390] lowmem_reserve[]: 0 0 3504 3504 [ 3239.761628][ T390] Normal free:9072kB min:5592kB low:9180kB high:12768kB active_anon:2836372kB inactive_anon:40472kB active_file:420kB inactive_file:2048kB unevictable:0kB writepending:276kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27488kB pagetables:102180kB bounce:0kB free_pcp:1140kB local_pcp:520kB free_cma:0kB [ 3239.801002][ T390] lowmem_reserve[]: 0 0 0 0 [ 3239.806481][ T390] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3239.838311][ T390] DMA32: 190*4kB (UH) 564*8kB (UEH) 1000*16kB (UEH) 70*32kB (UEH) 51*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26776kB [ 3239.857056][ T390] Normal: 103*4kB (UE) 49*8kB (UME) 414*16kB (UME) 68*32kB (MEH) 40*64kB (MH) 13*128kB (M) 8*256kB (M) 5*512kB (M) 3*1024kB (MH) 0*2048kB 0*4096kB = 21508kB [ 3239.873574][ T390] 16615 total pagecache pages [ 3239.878674][ T390] 0 pages in swap cache [ 3239.883171][ T390] Swap cache stats: add 0, delete 0, find 0/0 [ 3239.889843][ T390] Free swap = 0kB [ 3239.893710][ T390] Total swap = 0kB [ 3239.897426][ T390] 1965979 pages RAM [ 3239.901215][ T390] 0 pages HighMem/MovableOnly [ 3239.905958][ T390] 318830 pages reserved [ 3239.910312][ T390] 0 pages cma reserved [ 3239.914411][ T390] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=17323,uid=0 [ 3239.929058][ T390] Out of memory: Killed process 17323 (syz-executor.0) total-vm:75232kB, anon-rss:16564kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 01:19:32 executing program 3: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:32 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, 0x0, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:32 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x800000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:32 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, 0x0, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:32 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) symlinkat(&(0x7f00000006c0)='./file0\x00', r4, &(0x7f0000000700)='./file0\x00') fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) syz_usb_connect$cdc_ncm(0x3, 0xb2, &(0x7f0000000200)={{0x12, 0x1, 0x200, 0x2, 0x0, 0x0, 0xff, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0xa0, 0x2, 0x1, 0x4, 0xa0, 0xff, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x6, 0x24, 0x6, 0x0, 0x1, ')'}, {0x5, 0x24, 0x0, 0x3}, {0xd, 0x24, 0xf, 0x1, 0x2, 0x1, 0xff, 0x1e}, {0x6, 0x24, 0x1a, 0x200, 0x1}, [@country_functional={0xa, 0x24, 0x7, 0x0, 0x7, [0x6, 0x0]}, @mdlm={0x15, 0x24, 0x12, 0x2}, @mbim_extended={0x8, 0x24, 0x1c, 0x0, 0x81, 0xff}, @network_terminal={0x7, 0x24, 0xa, 0xa0, 0x8, 0x9f, 0x1}, @mdlm={0x15, 0x24, 0x12, 0xb32c}]}, {{0x9, 0x5, 0x81, 0x3, 0x20, 0x8, 0x3, 0x5}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x20, 0x81, 0x3, 0x6}}, {{0x9, 0x5, 0x3, 0x2, 0x400, 0x4, 0x4, 0x80}}}}}}}]}}, &(0x7f0000000640)=ANY=[@ANYBLOB='\n\x00\x00\x00', @ANYPTR=&(0x7f0000000100)=ANY=[@ANYBLOB="0a0601020009f210f000"], @ANYBLOB="b6000000", @ANYPTR=&(0x7f0000000340)=ANY=[@ANYBLOB="050fb6000577100a42ef6c18939e411ecae5b42275773c70027423e74d5e485e57c382306d3696c74fecd03dd8be52edfff3dccdadff5fe9a707b289375ce91d243685191f550a125a288131259385319bb49ed617a09d800e07fc7f6f93004c130b64c64c6c753e6485fc0822f00ca33b9ab45f02f12d0f0a68dd221c100acae47f000000ff81003f3fff004ffe0000c00000003f00ff0003100b1410048059e9f177f890feb95e42bd35fba5cec907100202732000"], @ANYBLOB="0500000004000000", @ANYPTR=&(0x7f0000000180)=ANY=[@ANYBLOB="04030c0c"], @ANYBLOB="b1000000", @ANYPTR=&(0x7f0000000400)=ANY=[@ANYBLOB="b103fd77cb12aefffef73fd13a28f0f5144566006e285223d7ddbec436d4009e75f0bb629b337d0852f68d5d2a72ee1917edb3fb218b129e269978b981a7a76d451a362590dfe98da7794938f940e84c82e03f682693196be0c38c0bf0458a93a3f7c64d8c3924d3cbd5aef1a13542f4a09129afb2357ab31e1c8bf2768cbf2a4d0a5f7f0719e355992aa5ece114a62204b23a88e4544e2b5145b0b60c7d55983604aa3422cc3503d248d91b84f22f7460"], @ANYBLOB="8a000000", @ANYPTR=&(0x7f00000004c0)=ANY=[@ANYBLOB="8a034d29ad90e5914d53d1a8c4024bc6cacf756af222bf046848bb9d5cd9d17cd6a87e33b73fcd4edfe7707fb90fe2961c99474ed2e3e94a6feaf10f46af669d16edc18713eb614b5063d6c641a71ca0eb5b7f83d06878d0efd3d9046d8e25b3353458cd8791b50a32279f373ef4dc829f0b6d42b27117111fc65c4a0234f7bfcc46b958cd4fa1bcb1a6"], @ANYBLOB="04400000", @ANYPTR=&(0x7f00000002c0)=ANY=[@ANYBLOB="04031104"], @ANYBLOB="9f000000", @ANYPTR=&(0x7f0000000740)=ANY=[@ANYBLOB="9f03f6f1a91b902c67946eef37ac0fd7e780cfc090d41cbfb9febb13930c47ae708c6bd9ec91462c2f2336aa5e5a58e4f503fbb4906b75d2b7bc34e4d02f52f4332c8ff69bc627cd79f27f532ceeb9607712611f792c1f0cd52b95888fe8e0b147a2e41c87bd7558bf3ff9bf05942fb7d68bfdfec8d8d56cfbf6a4c02cc7bc8807e1481150ef2b5725d2ea78244d55ddee7a8cf8b53f69b877b2e582a612f3"]]) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r5 = open(0x0, 0x141042, 0x0) connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r6, &(0x7f0000000500), 0x37d, 0x0) 01:19:32 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3240.500231][T31418] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 01:19:33 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, 0x0, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:33 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, 0x0, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:33 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:33 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x900000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:33 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, 0x0, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:33 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:33 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, 0x0, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3241.836522][ T419] syz-executor.3 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 3241.861921][ T419] CPU: 0 PID: 419 Comm: syz-executor.3 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3241.871933][ T419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3241.881989][ T419] Call Trace: [ 3241.885282][ T419] dump_stack+0x14a/0x1ce [ 3241.889634][ T419] ? devkmsg_release+0x11c/0x11c [ 3241.894571][ T419] ? show_regs_print_info+0x12/0x12 [ 3241.899854][ T419] ? radix_tree_cpu_dead+0x160/0x160 [ 3241.905133][ T419] ? _raw_spin_lock+0xa1/0x170 [ 3241.909903][ T419] ? _raw_spin_trylock_bh+0x190/0x190 [ 3241.915276][ T419] dump_header+0xdb/0x700 [ 3241.919619][ T419] oom_kill_process+0xd3/0x280 [ 3241.924404][ T419] out_of_memory+0x5b6/0x890 [ 3241.929094][ T419] ? unregister_oom_notifier+0x20/0x20 [ 3241.935607][ T419] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3241.941271][ T419] ? get_page_from_freelist+0x7c0/0x7c0 [ 3241.947014][ T419] ? __zone_watermark_ok+0x91/0x280 [ 3241.952334][ T419] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3241.957913][ T419] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3241.963563][ T419] alloc_slab_page+0x3a/0x3a0 [ 3241.968245][ T419] new_slab+0x408/0x450 [ 3241.972692][ T419] ___slab_alloc+0x2e0/0x450 [ 3241.977287][ T419] ? getname_flags+0xb8/0x610 [ 3241.982086][ T419] ? getname_flags+0xb8/0x610 [ 3241.986768][ T419] kmem_cache_alloc+0x23f/0x260 [ 3241.991637][ T419] ? getname_flags+0x20d/0x610 [ 3241.996941][ T419] getname_flags+0xb8/0x610 [ 3242.001457][ T419] do_sys_open+0x33d/0x7d0 [ 3242.005897][ T419] ? __down_read+0x240/0x240 [ 3242.010575][ T419] ? file_open_root+0x450/0x450 [ 3242.015443][ T419] ? do_user_addr_fault+0x55c/0x9f0 [ 3242.020660][ T419] do_syscall_64+0xcb/0x150 [ 3242.025162][ T419] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3242.031046][ T419] RIP: 0033:0x45a800 [ 3242.034932][ T419] Code: 31 c0 e9 45 ff ff ff 0f 1f 00 80 3f 00 0f 84 f7 00 00 00 55 53 b9 02 00 00 00 be 00 08 09 00 89 c8 48 81 ec 98 00 00 00 0f 05 <48> 3d 00 f0 ff ff 48 89 c3 0f 87 e9 00 00 00 85 db 0f 88 2f 01 00 [ 3242.054539][ T419] RSP: 002b:00007ffe0c13b020 EFLAGS: 00000202 ORIG_RAX: 0000000000000002 [ 3242.062951][ T419] RAX: ffffffffffffffda RBX: 00000000003175fe RCX: 000000000045a800 [ 3242.070924][ T419] RDX: 000000000000000c RSI: 0000000000090800 RDI: 00007ffe0c13c200 [ 3242.078890][ T419] RBP: 0000000000004783 R08: 0000000000000001 R09: 000000000183d940 [ 3242.087142][ T419] R10: 0000000000000000 R11: 0000000000000202 R12: 00007ffe0c13c200 [ 3242.095207][ T419] R13: 00007ffe0c13c1f0 R14: 0000000000000000 R15: 00007ffe0c13c200 [ 3242.165957][ T419] Mem-Info: [ 3242.169398][ T419] active_anon:1409861 inactive_anon:10799 isolated_anon:0 [ 3242.169398][ T419] active_file:596 inactive_file:1045 isolated_file:20 [ 3242.169398][ T419] unevictable:0 dirty:9 writeback:0 unstable:0 [ 3242.169398][ T419] slab_reclaimable:11335 slab_unreclaimable:85841 [ 3242.169398][ T419] mapped:57624 shmem:14896 pagetables:30754 bounce:0 [ 3242.169398][ T419] free:12975 free_pcp:462 free_cma:0 [ 3242.207942][ T419] Node 0 active_anon:5639544kB inactive_anon:43196kB active_file:2584kB inactive_file:3388kB unevictable:0kB isolated(anon):0kB isolated(file):208kB mapped:230196kB dirty:36kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3242.232826][ T419] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3242.259073][ T419] lowmem_reserve[]: 0 2912 6416 6416 [ 3242.264663][ T419] DMA32 free:28396kB min:20548kB low:23528kB high:26508kB active_anon:2806304kB inactive_anon:2724kB active_file:100kB inactive_file:16kB unevictable:0kB writepending:24kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10624kB pagetables:20824kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3242.294037][ T419] lowmem_reserve[]: 0 0 3504 3504 [ 3242.300810][ T419] Normal free:8608kB min:5592kB low:9180kB high:12768kB active_anon:2832672kB inactive_anon:40472kB active_file:2592kB inactive_file:3152kB unevictable:0kB writepending:212kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27168kB pagetables:102192kB bounce:0kB free_pcp:492kB local_pcp:248kB free_cma:0kB [ 3242.335174][ T419] lowmem_reserve[]: 0 0 0 0 [ 3242.370912][ T419] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3242.386110][ T419] DMA32: 541*4kB (UMEH) 563*8kB (UEH) 1017*16kB (UEH) 79*32kB (UEH) 52*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28796kB [ 3242.419759][ T419] Normal: 292*4kB (UM) 105*8kB (UM) 323*16kB (UMEH) 10*32kB (MEH) 5*64kB (MH) 1*128kB (H) 1*256kB (H) 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 8712kB [ 3242.435095][ T419] 15976 total pagecache pages [ 3242.439870][ T419] 0 pages in swap cache [ 3242.444108][ T419] Swap cache stats: add 0, delete 0, find 0/0 [ 3242.450266][ T419] Free swap = 0kB [ 3242.454169][ T419] Total swap = 0kB [ 3242.457967][ T419] 1965979 pages RAM [ 3242.461839][ T419] 0 pages HighMem/MovableOnly [ 3242.466620][ T419] 318830 pages reserved [ 3242.470858][ T419] 0 pages cma reserved [ 3242.475016][ T419] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=17313,uid=0 [ 3242.489300][ T419] Out of memory: Killed process 17313 (syz-executor.2) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 3242.520247][ T23] oom_reaper: reaped process 17313 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:19:34 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) preadv(0xffffffffffffffff, &(0x7f0000000500), 0x37d, 0x0) 01:19:34 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, 0x0}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:34 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, 0x0}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:35 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, 0x0}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:35 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xa00000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, 0x0}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:35 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) preadv(0xffffffffffffffff, &(0x7f0000000500), 0x37d, 0x0) 01:19:35 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00') sendmsg$TIPC_CMD_RESET_LINK_STATS(r4, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000240)={&(0x7f0000000200)=ANY=[@ANYBLOB, @ANYRES16=r5, @ANYBLOB="000425bd7000fddbdf2501000000000000000c410000000c001473797a3000000000"], 0x28}, 0x1, 0x0, 0x0, 0x4000}, 0x40800) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0) 01:19:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, 0x0}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:35 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) preadv(0xffffffffffffffff, &(0x7f0000000500), 0x37d, 0x0) 01:19:35 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, 0x0}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:35 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:35 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:36 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:36 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xb00000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:36 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {0x0}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:36 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:36 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) getuid() socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8983, &(0x7f0000000100)={0x3, 'batadv_slave_0\x00', {0x1}, 0xffff}) 01:19:36 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {0x0}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3244.964402][ T422] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0 [ 3244.989317][ T422] CPU: 1 PID: 422 Comm: syz-executor.2 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3244.999318][ T422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3245.014346][ T422] Call Trace: [ 3245.017647][ T422] dump_stack+0x14a/0x1ce [ 3245.021987][ T422] ? devkmsg_release+0x11c/0x11c [ 3245.026949][ T422] ? show_regs_print_info+0x12/0x12 [ 3245.032253][ T422] ? radix_tree_cpu_dead+0x160/0x160 [ 3245.037553][ T422] ? _raw_spin_lock+0xa1/0x170 [ 3245.042420][ T422] ? _raw_spin_trylock_bh+0x190/0x190 [ 3245.047819][ T422] dump_header+0xdb/0x700 [ 3245.052153][ T422] oom_kill_process+0xd3/0x280 [ 3245.056934][ T422] out_of_memory+0x5b6/0x890 [ 3245.061526][ T422] ? unregister_oom_notifier+0x20/0x20 [ 3245.066994][ T422] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3245.072550][ T422] ? get_page_from_freelist+0x7c0/0x7c0 [ 3245.078097][ T422] ? __zone_watermark_ok+0x91/0x280 [ 3245.083297][ T422] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3245.088668][ T422] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3245.094210][ T422] ? preempt_schedule+0x110/0x130 [ 3245.099254][ T422] ? _raw_spin_lock+0xa1/0x170 [ 3245.104025][ T422] ? _raw_spin_trylock_bh+0x190/0x190 [ 3245.109409][ T422] __pmd_alloc+0x3a/0x1f0 [ 3245.113745][ T422] copy_page_range+0x1568/0x1710 [ 3245.118706][ T422] ? print_bad_pte+0x650/0x650 [ 3245.123557][ T422] ? init_admin_reserve+0xc0/0xc0 [ 3245.128586][ T422] ? vma_gap_callbacks_rotate+0x1d5/0x210 [ 3245.134307][ T422] dup_mmap+0x870/0xc00 [ 3245.138700][ T422] ? __delayed_free_task+0x20/0x20 [ 3245.143819][ T422] ? mm_init+0x5c6/0x720 [ 3245.148093][ T422] dup_mm+0x98/0x300 [ 3245.152878][ T422] copy_process+0x2052/0x5110 [ 3245.157570][ T422] ? fork_idle+0x290/0x290 [ 3245.162596][ T422] ? memset+0x1f/0x40 [ 3245.166573][ T422] ? handle_mm_fault+0xb16/0x40a0 [ 3245.171593][ T422] _do_fork+0x196/0x920 [ 3245.175742][ T422] ? dup_mm+0x300/0x300 [ 3245.179886][ T422] ? ktime_get_raw+0x130/0x130 [ 3245.184644][ T422] __x64_sys_clone+0x25f/0x2c0 [ 3245.189423][ T422] ? __ia32_sys_vfork+0x110/0x110 [ 3245.194460][ T422] ? __x64_sys_clock_gettime+0x20d/0x260 [ 3245.200112][ T422] ? do_user_addr_fault+0x55c/0x9f0 [ 3245.205311][ T422] do_syscall_64+0xcb/0x150 [ 3245.210447][ T422] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3245.216348][ T422] RIP: 0033:0x45ae5a [ 3245.220270][ T422] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 3245.240058][ T422] RSP: 002b:00007fffeefa3fa0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3245.248547][ T422] RAX: ffffffffffffffda RBX: 00007fffeefa3fa0 RCX: 000000000045ae5a [ 3245.256554][ T422] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3245.264551][ T422] RBP: 00007fffeefa3fe0 R08: 0000000000000001 R09: 000000000221c940 [ 3245.272534][ T422] R10: 000000000221cc10 R11: 0000000000000246 R12: 0000000000000001 [ 3245.280507][ T422] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fffeefa4030 [ 3245.293165][ T422] Mem-Info: [ 3245.296754][ T422] active_anon:1409304 inactive_anon:10799 isolated_anon:0 [ 3245.296754][ T422] active_file:227 inactive_file:235 isolated_file:34 [ 3245.296754][ T422] unevictable:0 dirty:4 writeback:0 unstable:0 [ 3245.296754][ T422] slab_reclaimable:11355 slab_unreclaimable:86056 [ 3245.296754][ T422] mapped:56685 shmem:14896 pagetables:30783 bounce:0 [ 3245.296754][ T422] free:14718 free_pcp:125 free_cma:0 [ 3245.387824][ T422] Node 0 active_anon:5637216kB inactive_anon:43196kB active_file:784kB inactive_file:996kB unevictable:0kB isolated(anon):0kB isolated(file):252kB mapped:226540kB dirty:16kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3245.414767][ T422] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3245.440831][ T422] lowmem_reserve[]: 0 2912 6416 6416 [ 3245.457218][ T422] DMA32 free:29528kB min:20548kB low:23528kB high:26508kB active_anon:2807704kB inactive_anon:2724kB active_file:32kB inactive_file:4kB unevictable:0kB writepending:12kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10368kB pagetables:20948kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3245.487035][ T422] lowmem_reserve[]: 0 0 3504 3504 [ 3245.492486][ T422] Normal free:23292kB min:5592kB low:9180kB high:12768kB active_anon:2816912kB inactive_anon:40472kB active_file:920kB inactive_file:844kB unevictable:0kB writepending:204kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27424kB pagetables:102184kB bounce:0kB free_pcp:2260kB local_pcp:572kB free_cma:0kB [ 3245.532876][ T422] lowmem_reserve[]: 0 0 0 0 [ 3245.537475][ T422] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3245.550963][ T422] DMA32: 273*4kB (UMEH) 563*8kB (UMH) 1005*16kB (UEH) 140*32kB (UEH) 56*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 29740kB [ 3245.565862][ T422] Normal: 768*4kB (UM) 494*8kB (UME) 607*16kB (UMEH) 146*32kB (UMEH) 44*64kB (UME) 17*128kB (UMEH) 1*256kB (H) 2*512kB (EH) 0*1024kB 0*2048kB 0*4096kB = 27680kB [ 3245.582012][ T422] 15339 total pagecache pages [ 3245.587000][ T422] 0 pages in swap cache [ 3245.591242][ T422] Swap cache stats: add 0, delete 0, find 0/0 [ 3245.597635][ T422] Free swap = 0kB [ 3245.601469][ T422] Total swap = 0kB [ 3245.605318][ T422] 1965979 pages RAM [ 3245.609249][ T422] 0 pages HighMem/MovableOnly [ 3245.614053][ T422] 318830 pages reserved [ 3245.618228][ T422] 0 pages cma reserved [ 3245.622301][ T422] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=17032,uid=0 [ 3245.636558][ T422] Out of memory: Killed process 17032 (syz-executor.2) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 3245.684767][ T23] oom_reaper: reaped process 17032 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:19:37 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:37 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {0x0}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:37 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xc00000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:37 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:37 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) getsockopt$sock_int(r6, 0x1, 0x29, &(0x7f0000000180), &(0x7f00000001c0)=0x4) setsockopt$SO_BINDTODEVICE_wg(r6, 0x1, 0x19, &(0x7f0000000100)='wg0\x00', 0x4) preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:19:37 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r2 = dup(r1) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000300)={0x0, @multicast1, @private}, &(0x7f0000000340)=0xc) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket(0x11, 0x800000003, 0x0) bind(r5, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80) getsockname$packet(r5, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14) sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@getstats={0x1c, 0x5e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r6, 0x3}}, 0x1c}}, 0x0) sendmsg$TEAM_CMD_NOOP(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10800}, 0xc, &(0x7f0000000480)={&(0x7f0000000380)={0x100, 0x0, 0x100, 0x70bd28, 0x25dfdbfc, {}, [{{0x8}, {0x50, 0x2, 0x0, 0x1, [{0x4c, 0x1, @lb_tx_method={{0x24, 0x1, 'lb_tx_method\x00'}, {0x5}, {0x19, 0x4, 'hash_to_port_mapping\x00'}}}]}}, {{0x8}, {0x40, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24, 0x1, 'enabled\x00'}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r3}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @priority={{{0x24, 0x1, 'priority\x00'}, {0x5}, {0x8, 0x4, 0x4}}, {0x8, 0x6, r6}}}]}}]}, 0x100}, 0x1, 0x0, 0x0, 0x4000010}, 0x4) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000140)=ANY=[@ANYBLOB="1d440da45d1bee4a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d3b2dc560d52aaefe6e7bfa420172e227351a7314ecbabfa0000", @ANYRES64=0x0, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x8, 0x0, 0x400004}, 0x20) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:19:37 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3246.463009][ T422] syz-executor.2 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 3246.474246][ T422] CPU: 0 PID: 422 Comm: syz-executor.2 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3246.484415][ T422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3246.494499][ T422] Call Trace: [ 3246.497797][ T422] dump_stack+0x14a/0x1ce [ 3246.502129][ T422] ? devkmsg_release+0x11c/0x11c [ 3246.507075][ T422] ? show_regs_print_info+0x12/0x12 [ 3246.512283][ T422] ? radix_tree_cpu_dead+0x160/0x160 [ 3246.517571][ T422] ? _raw_spin_lock+0xa1/0x170 [ 3246.522332][ T422] ? _raw_spin_trylock_bh+0x190/0x190 [ 3246.527706][ T422] dump_header+0xdb/0x700 [ 3246.532050][ T422] oom_kill_process+0xd3/0x280 [ 3246.536905][ T422] out_of_memory+0x5b6/0x890 [ 3246.541500][ T422] ? unregister_oom_notifier+0x20/0x20 [ 3246.546971][ T422] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3246.552537][ T422] ? get_page_from_freelist+0x7c0/0x7c0 [ 3246.558096][ T422] ? __zone_watermark_ok+0x91/0x280 [ 3246.563301][ T422] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3246.568774][ T422] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3246.574337][ T422] ? avc_has_perm_noaudit+0x30c/0x400 [ 3246.579714][ T422] ? avc_denied+0x1c0/0x1c0 [ 3246.584353][ T422] alloc_slab_page+0x3a/0x3a0 [ 3246.589195][ T422] new_slab+0x408/0x450 [ 3246.593354][ T422] ? should_fail+0x18e/0x860 [ 3246.597943][ T422] ___slab_alloc+0x2e0/0x450 [ 3246.602550][ T422] ? _raw_spin_unlock+0x5/0x20 [ 3246.607312][ T422] ? handle_mm_fault+0xb16/0x40a0 [ 3246.612331][ T422] ? getname_flags+0xb8/0x610 [ 3246.617004][ T422] ? getname_flags+0xb8/0x610 [ 3246.621785][ T422] kmem_cache_alloc+0x23f/0x260 [ 3246.626647][ T422] getname_flags+0xb8/0x610 [ 3246.631168][ T422] user_path_mountpoint_at+0x22/0x40 [ 3246.636468][ T422] ksys_umount+0x167/0xff0 [ 3246.640977][ T422] ? namespace_unlock+0x4e0/0x4e0 [ 3246.646035][ T422] ? __fpregs_load_activate+0x2d3/0x390 [ 3246.651585][ T422] ? switch_fpu_return+0x10/0x10 [ 3246.656527][ T422] ? do_user_addr_fault+0x521/0x9f0 [ 3246.661814][ T422] __x64_sys_umount+0x56/0x60 [ 3246.666497][ T422] do_syscall_64+0xcb/0x150 [ 3246.671105][ T422] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3246.677002][ T422] RIP: 0033:0x45f257 [ 3246.680886][ T422] Code: 64 89 04 25 d0 02 00 00 58 5f ff d0 48 89 c7 e8 8f be ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3246.700502][ T422] RSP: 002b:00007fffeefa2ef8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 3246.708921][ T422] RAX: ffffffffffffffda RBX: 0000000000318756 RCX: 000000000045f257 [ 3246.716902][ T422] RDX: 0000000000402ff8 RSI: 0000000000000002 RDI: 00007fffeefa2fa0 [ 3246.724881][ T422] RBP: 0000000000005974 R08: 0000000000000000 R09: 000000000000000d [ 3246.732870][ T422] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fffeefa4030 [ 3246.741556][ T422] R13: 000000000221d940 R14: 0000000000000000 R15: 00007fffeefa4030 [ 3246.752853][ T422] Mem-Info: [ 3246.756759][ T422] active_anon:1409379 inactive_anon:10799 isolated_anon:0 [ 3246.756759][ T422] active_file:443 inactive_file:1084 isolated_file:36 [ 3246.756759][ T422] unevictable:0 dirty:17 writeback:0 unstable:0 [ 3246.756759][ T422] slab_reclaimable:11366 slab_unreclaimable:86308 [ 3246.756759][ T422] mapped:57573 shmem:14896 pagetables:30813 bounce:0 [ 3246.756759][ T422] free:13128 free_pcp:285 free_cma:0 [ 3246.795728][ T422] Node 0 active_anon:5637416kB inactive_anon:43196kB active_file:1856kB inactive_file:2780kB unevictable:0kB isolated(anon):0kB isolated(file):412kB mapped:229492kB dirty:68kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3246.821127][ T422] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3246.847577][ T422] lowmem_reserve[]: 0 2912 6416 6416 [ 3246.852932][ T422] DMA32 free:29532kB min:20548kB low:23528kB high:26508kB active_anon:2806892kB inactive_anon:2724kB active_file:44kB inactive_file:468kB unevictable:0kB writepending:4kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10848kB pagetables:20964kB bounce:0kB free_pcp:20kB local_pcp:0kB free_cma:0kB [ 3246.882267][ T422] lowmem_reserve[]: 0 0 3504 3504 [ 3246.887695][ T422] Normal free:11644kB min:13784kB low:17372kB high:20960kB active_anon:2830508kB inactive_anon:40472kB active_file:864kB inactive_file:1028kB unevictable:0kB writepending:80kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27104kB pagetables:102184kB bounce:0kB free_pcp:588kB local_pcp:0kB free_cma:0kB [ 3246.918066][ T422] lowmem_reserve[]: 0 0 0 0 [ 3246.945840][ T422] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3246.972980][ T422] DMA32: 165*4kB (UH) 561*8kB (UEH) 1012*16kB (UEH) 110*32kB (UEH) 58*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28572kB [ 3246.996979][ T422] Normal: 0*4kB 2*8kB (UE) 193*16kB (UME) 18*32kB (UMH) 6*64kB (ME) 3*128kB (MEH) 1*256kB (H) 2*512kB (EH) 0*1024kB 0*2048kB 0*4096kB = 5728kB [ 3247.022157][ T422] 15308 total pagecache pages [ 3247.027194][ T422] 0 pages in swap cache [ 3247.031483][ T422] Swap cache stats: add 0, delete 0, find 0/0 [ 3247.038151][ T422] Free swap = 0kB [ 3247.043187][ T422] Total swap = 0kB [ 3247.047533][ T422] 1965979 pages RAM [ 3247.053085][ T422] 0 pages HighMem/MovableOnly [ 3247.057795][ T422] 318830 pages reserved [ 3247.062464][ T422] 0 pages cma reserved [ 3247.083868][ T422] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=31565,uid=0 01:19:39 executing program 5: r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000140)='/dev/bsg\x00', 0x80201, 0x0) setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, &(0x7f0000000180)=0x6, 0x4) clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="1d440da45d1bee4a9b07660b5dcb71037cbe41c95de298a3eb4b070000000000007a1f0c64f98083d3b2dc560d52aaefe6e7bfa420172e227351a7314ecbabfa0000", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x61, 0xffffffffffffffd6, 0x400004}, 0x20) ptrace$setopts(0x4206, r1, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r1, 0x33) ptrace$setregs(0xd, r1, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r1, 0x0, 0x0) 01:19:39 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:19:39 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:39 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xd00000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:39 executing program 5: clone(0x80000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = gettid() wait4(0x0, 0x0, 0x80000002, 0x0) vmsplice(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000040)="0f34", 0x2}], 0x1, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYPTR=&(0x7f0000000300)=ANY=[@ANYBLOB="1d440da45da0c5df27076e0b5dcb71037cbe41c95daa18a3eb4b070000000000fc791f0c64f98083d3a420172e227351a7314ecbabfa0000", @ANYRES16, @ANYRES32=0x0, @ANYRESOCT, @ANYRESDEC]], 0x0, 0x61, 0xffffffffffffffd6, 0x400004}, 0x20) ptrace$setopts(0x4206, r0, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000080)=[{0x0}, {0x0}, {&(0x7f0000000000)=""/2, 0x2}], 0x3, 0x0, 0x0, 0x0) tkill(r0, 0x33) ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, r0, 0x0, 0x0) 01:19:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:39 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {0x0}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {0x0}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3247.695732][ T421] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0 [ 3247.728670][ T421] CPU: 1 PID: 421 Comm: syz-executor.1 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3247.738682][ T421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3247.749299][ T421] Call Trace: [ 3247.752618][ T421] dump_stack+0x14a/0x1ce [ 3247.757119][ T421] ? devkmsg_release+0x11c/0x11c [ 3247.762084][ T421] ? show_regs_print_info+0x12/0x12 [ 3247.767406][ T421] ? radix_tree_cpu_dead+0x160/0x160 [ 3247.772701][ T421] ? _raw_spin_lock+0xa1/0x170 [ 3247.777479][ T421] ? _raw_spin_trylock_bh+0x190/0x190 [ 3247.782870][ T421] dump_header+0xdb/0x700 [ 3247.789246][ T421] oom_kill_process+0xd3/0x280 [ 3247.794034][ T421] out_of_memory+0x5b6/0x890 [ 3247.798659][ T421] ? unregister_oom_notifier+0x20/0x20 [ 3247.804229][ T421] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3247.810157][ T421] ? get_page_from_freelist+0x7c0/0x7c0 [ 3247.815714][ T421] ? __zone_watermark_ok+0x91/0x280 [ 3247.820939][ T421] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3247.826508][ T421] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3247.832074][ T421] ? psi_ttwu_dequeue+0x320/0x320 [ 3247.837101][ T421] get_zeroed_page+0x15/0x40 [ 3247.841701][ T421] __pud_alloc+0x33/0x180 [ 3247.846046][ T421] copy_page_range+0x160b/0x1710 [ 3247.851067][ T421] ? wake_up_q+0x84/0xb0 [ 3247.856461][ T421] ? print_bad_pte+0x650/0x650 [ 3247.861222][ T421] ? memset+0x1f/0x40 [ 3247.865219][ T421] ? init_admin_reserve+0xc0/0xc0 [ 3247.870245][ T421] dup_mmap+0x870/0xc00 [ 3247.874396][ T421] ? __delayed_free_task+0x20/0x20 [ 3247.879512][ T421] ? mm_init+0x5c6/0x720 [ 3247.883757][ T421] dup_mm+0x98/0x300 [ 3247.887653][ T421] copy_process+0x2052/0x5110 [ 3247.892323][ T421] ? fork_idle+0x290/0x290 [ 3247.896728][ T421] _do_fork+0x196/0x920 [ 3247.900880][ T421] ? switch_mm+0x100/0x100 [ 3247.905284][ T421] ? dup_mm+0x300/0x300 [ 3247.909431][ T421] __x64_sys_clone+0x25f/0x2c0 [ 3247.914196][ T421] ? __ia32_sys_vfork+0x110/0x110 [ 3247.919207][ T421] ? __fpregs_load_activate+0x2d3/0x390 [ 3247.924746][ T421] do_syscall_64+0xcb/0x150 [ 3247.929250][ T421] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3247.935156][ T421] RIP: 0033:0x45ae5a [ 3247.939043][ T421] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 3247.959857][ T421] RSP: 002b:00007fff52222cf0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3247.968272][ T421] RAX: ffffffffffffffda RBX: 00007fff52222cf0 RCX: 000000000045ae5a [ 3247.976239][ T421] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3247.984203][ T421] RBP: 00007fff52222d30 R08: 0000000000000001 R09: 0000000002704940 [ 3247.992190][ T421] R10: 0000000002704c10 R11: 0000000000000246 R12: 0000000000000001 [ 3248.000173][ T421] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff52222d80 [ 3248.062897][ T421] Mem-Info: [ 3248.066516][ T421] active_anon:1409737 inactive_anon:10799 isolated_anon:0 [ 3248.066516][ T421] active_file:247 inactive_file:230 isolated_file:66 [ 3248.066516][ T421] unevictable:0 dirty:13 writeback:1 unstable:0 [ 3248.066516][ T421] slab_reclaimable:11380 slab_unreclaimable:86586 [ 3248.066516][ T421] mapped:56791 shmem:14896 pagetables:30888 bounce:0 [ 3248.066516][ T421] free:13514 free_pcp:226 free_cma:0 [ 3248.105555][ T421] Node 0 active_anon:5639048kB inactive_anon:43196kB active_file:988kB inactive_file:920kB unevictable:0kB isolated(anon):0kB isolated(file):264kB mapped:227164kB dirty:52kB writeback:4kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3248.130706][ T421] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3248.157693][ T421] lowmem_reserve[]: 0 2912 6416 6416 [ 3248.163602][ T421] DMA32 free:29112kB min:20548kB low:23528kB high:26508kB active_anon:2807092kB inactive_anon:2724kB active_file:16kB inactive_file:20kB unevictable:0kB writepending:4kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10752kB pagetables:20964kB bounce:0kB free_pcp:28kB local_pcp:16kB free_cma:0kB [ 3248.226625][ T421] lowmem_reserve[]: 0 0 3504 3504 [ 3248.252178][ T421] Normal free:8008kB min:9688kB low:13276kB high:16864kB active_anon:2833072kB inactive_anon:40472kB active_file:628kB inactive_file:724kB unevictable:0kB writepending:52kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27392kB pagetables:102588kB bounce:0kB free_pcp:868kB local_pcp:12kB free_cma:0kB [ 3248.282180][ T421] lowmem_reserve[]: 0 0 0 0 [ 3248.286967][ T421] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3248.300661][ T421] DMA32: 487*4kB (UMEH) 561*8kB (UMH) 1011*16kB (UEH) 83*32kB (UMEH) 61*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 29172kB [ 3248.320396][ T421] Normal: 145*4kB (UM) 78*8kB (UM) 283*16kB (UMEH) 45*32kB (UMEH) 3*64kB (MH) 2*128kB (M) 1*256kB (H) 2*512kB (MH) 0*1024kB 0*2048kB 0*4096kB = 8900kB [ 3248.337040][ T421] 15090 total pagecache pages [ 3248.342360][ T421] 0 pages in swap cache [ 3248.347485][ T421] Swap cache stats: add 0, delete 0, find 0/0 [ 3248.354024][ T421] Free swap = 0kB [ 3248.358521][ T421] Total swap = 0kB [ 3248.362255][ T421] 1965979 pages RAM [ 3248.366270][ T421] 0 pages HighMem/MovableOnly [ 3248.370930][ T421] 318830 pages reserved [ 3248.375103][ T421] 0 pages cma reserved [ 3248.379257][ T421] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=16216,uid=0 [ 3248.393424][ T421] Out of memory: Killed process 16216 (syz-executor.5) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3248.413751][ T23] oom_reaper: reaped process 16216 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:19:40 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:19:40 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xe00000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:40 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {0x0}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:40 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:40 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x28, 0x0, 0x9, 0x8, 0xfffffffffffffffd}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) tkill(0x0, 0x33) ptrace$setregs(0xd, 0x0, 0x0, &(0x7f0000000080)) ptrace$cont(0x7, 0x0, 0x0, 0x0) ptrace$setsig(0x4203, 0x0, 0x9, &(0x7f0000000200)={0x15, 0x7, 0x3}) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:19:40 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {0x0}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:40 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:40 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {0x0}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:40 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {0x0}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:40 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:40 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:40 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3249.205557][ T422] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 3249.249450][ T422] CPU: 1 PID: 422 Comm: syz-executor.2 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3249.259466][ T422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3249.269518][ T422] Call Trace: [ 3249.272811][ T422] dump_stack+0x14a/0x1ce [ 3249.277156][ T422] ? devkmsg_release+0x11c/0x11c [ 3249.282108][ T422] ? show_regs_print_info+0x12/0x12 [ 3249.287300][ T422] ? radix_tree_cpu_dead+0x160/0x160 [ 3249.292713][ T422] ? _raw_spin_lock+0xa1/0x170 [ 3249.297479][ T422] ? _raw_spin_trylock_bh+0x190/0x190 [ 3249.302860][ T422] dump_header+0xdb/0x700 [ 3249.307195][ T422] oom_kill_process+0xd3/0x280 [ 3249.311963][ T422] out_of_memory+0x5b6/0x890 [ 3249.316546][ T422] ? unregister_oom_notifier+0x20/0x20 [ 3249.321997][ T422] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3249.327554][ T422] ? get_page_from_freelist+0x7c0/0x7c0 [ 3249.333092][ T422] ? __zone_watermark_ok+0x91/0x280 [ 3249.338285][ T422] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3249.343669][ T422] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3249.349219][ T422] ? copy_process+0x5a4/0x5110 [ 3249.353969][ T422] ? copy_process+0x5a4/0x5110 [ 3249.358719][ T422] ? kmem_cache_alloc+0x1d5/0x260 [ 3249.363730][ T422] copy_process+0x5f3/0x5110 [ 3249.368319][ T422] ? do_wp_page+0xb1b/0x1530 [ 3249.373428][ T422] ? do_swap_page+0x1560/0x1560 [ 3249.378271][ T422] ? fork_idle+0x290/0x290 [ 3249.382702][ T422] ? memset+0x1f/0x40 [ 3249.386687][ T422] ? handle_mm_fault+0xb16/0x40a0 [ 3249.391717][ T422] _do_fork+0x196/0x920 [ 3249.395863][ T422] ? dup_mm+0x300/0x300 [ 3249.400025][ T422] ? ktime_get_raw+0x130/0x130 [ 3249.404783][ T422] __x64_sys_clone+0x25f/0x2c0 [ 3249.409615][ T422] ? __ia32_sys_vfork+0x110/0x110 [ 3249.414652][ T422] ? __x64_sys_clock_gettime+0x20d/0x260 [ 3249.421164][ T422] ? do_user_addr_fault+0x55c/0x9f0 [ 3249.426484][ T422] do_syscall_64+0xcb/0x150 [ 3249.430983][ T422] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3249.436863][ T422] RIP: 0033:0x45ae5a [ 3249.440744][ T422] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 3249.460520][ T422] RSP: 002b:00007fffeefa3fa0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3249.468941][ T422] RAX: ffffffffffffffda RBX: 00007fffeefa3fa0 RCX: 000000000045ae5a [ 3249.476908][ T422] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3249.485007][ T422] RBP: 00007fffeefa3fe0 R08: 0000000000000001 R09: 000000000221c940 [ 3249.493067][ T422] R10: 000000000221cc10 R11: 0000000000000246 R12: 0000000000000001 [ 3249.501129][ T422] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fffeefa4030 [ 3249.525516][ T422] Mem-Info: [ 3249.577497][ T422] active_anon:1409699 inactive_anon:10799 isolated_anon:0 [ 3249.577497][ T422] active_file:312 inactive_file:445 isolated_file:89 [ 3249.577497][ T422] unevictable:0 dirty:45 writeback:0 unstable:0 [ 3249.577497][ T422] slab_reclaimable:11387 slab_unreclaimable:86714 [ 3249.577497][ T422] mapped:56781 shmem:14896 pagetables:30968 bounce:0 [ 3249.577497][ T422] free:12513 free_pcp:663 free_cma:0 [ 3249.636884][ T422] Node 0 active_anon:5638796kB inactive_anon:43196kB active_file:1416kB inactive_file:1868kB unevictable:0kB isolated(anon):0kB isolated(file):212kB mapped:227324kB dirty:80kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3249.684915][ T422] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3249.724878][ T422] lowmem_reserve[]: 0 2912 6416 6416 [ 3249.747238][ T422] DMA32 free:36380kB min:16452kB low:19432kB high:22412kB active_anon:2794592kB inactive_anon:2724kB active_file:624kB inactive_file:964kB unevictable:0kB writepending:88kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10944kB pagetables:21172kB bounce:0kB free_pcp:984kB local_pcp:336kB free_cma:0kB [ 3249.818038][ T422] lowmem_reserve[]: 0 0 3504 3504 [ 3249.823447][ T422] Normal free:19732kB min:9688kB low:13276kB high:16864kB active_anon:2819604kB inactive_anon:40472kB active_file:1048kB inactive_file:1036kB unevictable:0kB writepending:192kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27136kB pagetables:102700kB bounce:0kB free_pcp:2616kB local_pcp:1320kB free_cma:0kB [ 3249.853880][ T422] lowmem_reserve[]: 0 0 0 0 [ 3249.858581][ T422] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3249.872546][ T422] DMA32: 965*4kB (UMEH) 909*8kB (UMEH) 1140*16kB (UMEH) 170*32kB (UMEH) 83*64kB (UMEH) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 40252kB [ 3249.888190][ T422] Normal: 771*4kB (UM) 338*8kB (UM) 389*16kB (UMH) 111*32kB (UMH) 38*64kB (MH) 12*128kB (ME) 2*256kB (EH) 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 20556kB [ 3249.903878][ T422] 15982 total pagecache pages [ 3249.908684][ T422] 0 pages in swap cache [ 3249.913264][ T422] Swap cache stats: add 0, delete 0, find 0/0 [ 3249.919341][ T422] Free swap = 0kB [ 3249.923427][ T422] Total swap = 0kB [ 3249.927415][ T422] 1965979 pages RAM [ 3249.931318][ T422] 0 pages HighMem/MovableOnly [ 3249.937702][ T422] 318830 pages reserved [ 3249.942104][ T422] 0 pages cma reserved [ 3249.946640][ T422] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=16056,uid=0 01:19:41 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:41 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:41 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x1000000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:41 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:41 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) getuid() socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r2, 0x8983, &(0x7f0000000100)={0x3, 'batadv_slave_0\x00', {0x1}, 0xffff}) 01:19:41 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x10, 0x46d, 0xc51b, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xff, 0xc0, 0x7f, [{{0x9, 0x4, 0x0, 0x40, 0x2, 0x3, 0x1, 0x27fa407e68ab9109, 0x81, {0x9, 0x21, 0xfff7, 0xeb, 0x1, {0x22, 0x46c}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x8, 0x7f, 0x7a}}}}}]}}]}}, &(0x7f0000000400)={0xa, &(0x7f0000000180)={0xa, 0x6, 0x300, 0x3, 0xe, 0x1, 0x10, 0xff}, 0x46, &(0x7f0000000200)={0x5, 0xf, 0x46, 0x5, [@ptm_cap={0x3}, @ss_container_id={0x14, 0x10, 0x4, 0xf9, "205ed1ad4e3c9c069c8bf482a5166e1b"}, @ext_cap={0x7, 0x10, 0x2, 0x2, 0x4, 0x4, 0x3}, @ssp_cap={0x20, 0x10, 0xa, 0x6, 0x5, 0x8005, 0xf00, 0x4, [0xff81cf, 0xc0, 0x30, 0x3f00, 0x30]}, @ptm_cap={0x3}]}, 0x2, [{0x67, &(0x7f0000000440)=@string={0x67, 0x3, "2fc699a07e07802a5a645014b3d6f4deaadae6580c77dc58c32bfb6b95383158ad20be39e6dc1ca43f1b92d753c976eb51520d7d74f9a312c059be7e0cdfdc3d8bb6880b8b2b3c6bea4722e4a9bb19c2691fd3b81704dc6b3442273a35b5965b0262b3a82e"}}, {0x81, &(0x7f0000000340)=@string={0x81, 0x3, "3c4b9cb1f5a03811ade3c95135b9bd03a6a548f071039cfd17cfb67793fc33a5fc9b986b56d218fd5518a7c1a430d3ece3c5b00e9e181dab1a4b7b701bb2fb26265db9695c2c8e62d9cc91c96cd0d6fe65f782a93ee73750d6a7edf464720ae89d5b2e72c4de431d0732388134b21c979faba3aaa6a76dbf75a6716ae04b50"}}]}) preadv(r5, &(0x7f0000000500), 0x37d, 0x0) [ 3249.961188][ T422] Out of memory: Killed process 16056 (syz-executor.5) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3249.984390][ T23] oom_reaper: reaped process 16056 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:19:42 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3250.267141][T31739] misc raw-gadget: fail, usb_gadget_probe_driver returned -16 01:19:42 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:42 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3250.443019][ T205] systemd-journal invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=0 [ 3250.463545][ T205] CPU: 1 PID: 205 Comm: systemd-journal Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3250.473670][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3250.483727][ T205] Call Trace: [ 3250.487030][ T205] dump_stack+0x14a/0x1ce [ 3250.491380][ T205] ? devkmsg_release+0x11c/0x11c [ 3250.496635][ T205] ? show_regs_print_info+0x12/0x12 [ 3250.501941][ T205] ? radix_tree_cpu_dead+0x160/0x160 [ 3250.507244][ T205] ? _raw_spin_lock+0xa1/0x170 [ 3250.512026][ T205] ? _raw_spin_trylock_bh+0x190/0x190 [ 3250.517400][ T205] dump_header+0xdb/0x700 [ 3250.521737][ T205] oom_kill_process+0xd3/0x280 [ 3250.526507][ T205] out_of_memory+0x5b6/0x890 [ 3250.531099][ T205] ? unregister_oom_notifier+0x20/0x20 [ 3250.536564][ T205] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3250.542128][ T205] ? get_page_from_freelist+0x7c0/0x7c0 [ 3250.547697][ T205] ? __zone_watermark_ok+0x91/0x280 [ 3250.553116][ T205] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3250.558512][ T205] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3250.564149][ T205] ? lockref_get+0x1c2/0x2b0 [ 3250.568861][ T205] ? blk_crypto_keyslot_evict+0x160/0x160 [ 3250.574682][ T205] ? find_inode_fast+0x3f9/0x4b0 [ 3250.579626][ T205] __get_free_pages+0xa/0x30 [ 3250.584321][ T205] inode_doinit_with_dentry+0x950/0x10e0 [ 3250.589971][ T205] ? __wake_up_bit+0x180/0x180 [ 3250.594742][ T205] ? sb_finish_set_opts+0x7e0/0x7e0 [ 3250.600033][ T205] ? current_time+0x1be/0x2f0 [ 3250.604715][ T205] ? atime_needs_update+0x570/0x570 [ 3250.609913][ T205] security_d_instantiate+0x90/0xf0 [ 3250.615127][ T205] d_splice_alias+0x71/0x590 [ 3250.619722][ T205] kernfs_iop_lookup+0x17a/0x1f0 [ 3250.624664][ T205] __lookup_slow+0x312/0x490 [ 3250.629253][ T205] ? lookup_one_len2+0x2d0/0x2d0 [ 3250.634192][ T205] walk_component+0x3ee/0x970 [ 3250.638887][ T205] ? follow_managed+0x950/0x950 [ 3250.643746][ T205] ? generic_permission+0x13a/0x4a0 [ 3250.648955][ T205] ? security_inode_permission+0xda/0x110 [ 3250.654771][ T205] link_path_walk+0x72b/0x1500 [ 3250.659544][ T205] ? path_init+0x887/0x1220 [ 3250.664155][ T205] ? path_init+0x1220/0x1220 [ 3250.668743][ T205] ? path_init+0x962/0x1220 [ 3250.673257][ T205] path_lookupat+0xd2/0xa60 [ 3250.677959][ T205] ? kmem_cache_alloc+0x1d5/0x260 [ 3250.683002][ T205] ? getname_flags+0xb8/0x610 [ 3250.687682][ T205] ? user_path_at_empty+0x28/0x50 [ 3250.692727][ T205] ? do_readlinkat+0x119/0x3c0 [ 3250.697480][ T205] ? __x64_sys_readlinkat+0x96/0xb0 [ 3250.702668][ T205] ? do_syscall_64+0xcb/0x150 [ 3250.707346][ T205] ? entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3250.713418][ T205] ? filename_lookup+0x6e0/0x6e0 [ 3250.718360][ T205] filename_lookup+0x254/0x6e0 [ 3250.723133][ T205] ? hashlen_string+0x120/0x120 [ 3250.727991][ T205] ? getname_flags+0x20d/0x610 [ 3250.732758][ T205] do_readlinkat+0x119/0x3c0 [ 3250.737877][ T205] ? cp_old_stat+0x8a0/0x8a0 [ 3250.742468][ T205] ? do_syscall_64+0x150/0x150 [ 3250.747240][ T205] ? __fpregs_load_activate+0x2d3/0x390 [ 3250.752792][ T205] __x64_sys_readlinkat+0x96/0xb0 [ 3250.757837][ T205] do_syscall_64+0xcb/0x150 [ 3250.762349][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3250.768254][ T205] RIP: 0033:0x7fa7e5eac0ba [ 3250.772669][ T205] Code: 48 8b 0d e1 bd 2b 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 49 89 ca b8 0b 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d ae bd 2b 00 f7 d8 64 89 01 48 [ 3250.792569][ T205] RSP: 002b:00007ffdfd57f4f8 EFLAGS: 00000202 ORIG_RAX: 000000000000010b [ 3250.800986][ T205] RAX: ffffffffffffffda RBX: 0000555ed763c320 RCX: 00007fa7e5eac0ba [ 3250.809406][ T205] RDX: 0000555ed763c320 RSI: 00007ffdfd57f620 RDI: 00000000ffffff9c [ 3250.817395][ T205] RBP: 0000000000000064 R08: 00007fa7e68f0940 R09: 0000000000000070 [ 3250.825453][ T205] R10: 0000000000000063 R11: 0000000000000202 R12: 00007ffdfd57f620 [ 3250.833420][ T205] R13: 00000000ffffff9c R14: 00007ffdfd57f550 R15: 0000000000000063 [ 3250.912872][ T205] Mem-Info: [ 3250.944949][ T205] active_anon:1409180 inactive_anon:10799 isolated_anon:0 [ 3250.944949][ T205] active_file:350 inactive_file:331 isolated_file:52 [ 3250.944949][ T205] unevictable:0 dirty:77 writeback:0 unstable:0 [ 3250.944949][ T205] slab_reclaimable:11395 slab_unreclaimable:86848 [ 3250.944949][ T205] mapped:56954 shmem:14896 pagetables:30992 bounce:0 [ 3250.944949][ T205] free:13522 free_pcp:17 free_cma:0 [ 3251.001495][ T205] Node 0 active_anon:5636720kB inactive_anon:43196kB active_file:1252kB inactive_file:1324kB unevictable:0kB isolated(anon):0kB isolated(file):72kB mapped:227616kB dirty:308kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3251.030985][ T205] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3251.064177][ T205] lowmem_reserve[]: 0 2912 6416 6416 [ 3251.076534][ T205] DMA32 free:28776kB min:20548kB low:23528kB high:26508kB active_anon:2805072kB inactive_anon:2724kB active_file:612kB inactive_file:168kB unevictable:0kB writepending:84kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11008kB pagetables:21316kB bounce:0kB free_pcp:124kB local_pcp:4kB free_cma:0kB [ 3251.110397][ T205] lowmem_reserve[]: 0 0 3504 3504 [ 3251.121747][ T205] Normal free:9408kB min:9688kB low:13276kB high:16864kB active_anon:2831652kB inactive_anon:40472kB active_file:1036kB inactive_file:1316kB unevictable:0kB writepending:224kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27104kB pagetables:102652kB bounce:0kB free_pcp:680kB local_pcp:288kB free_cma:0kB [ 3251.152233][ T205] lowmem_reserve[]: 0 0 0 0 [ 3251.157173][ T205] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3251.171242][ T205] DMA32: 836*4kB (UMEH) 584*8kB (UMEH) 1010*16kB (UMEH) 44*32kB (UMEH) 55*64kB (UMEH) 2*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 29360kB [ 3251.190862][ T205] Normal: 268*4kB (UME) 113*8kB (UM) 343*16kB (UMEH) 31*32kB (UMEH) 6*64kB (MH) 2*128kB (M) 2*256kB (MH) 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 10120kB [ 3251.207521][ T205] 15338 total pagecache pages [ 3251.212587][ T205] 0 pages in swap cache [ 3251.217237][ T205] Swap cache stats: add 0, delete 0, find 0/0 [ 3251.223579][ T205] Free swap = 0kB [ 3251.227391][ T205] Total swap = 0kB [ 3251.231224][ T205] 1965979 pages RAM [ 3251.248717][ T205] 0 pages HighMem/MovableOnly [ 3251.253666][ T205] 318830 pages reserved [ 3251.257909][ T205] 0 pages cma reserved [ 3251.262039][ T205] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=2083,uid=0 [ 3251.276862][ T205] Out of memory: Killed process 2083 (syz-executor.5) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3251.338212][ T23] oom_reaper: reaped process 2083 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:19:43 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {0x0}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:43 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:43 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x1100000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:43 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:43 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {0x0}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:43 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {0x0}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:43 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {0x0}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {0x0}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x1200000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {0x0}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 5: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:45 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3253.681119][T31827] syz-executor.5 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3253.735378][T31827] CPU: 0 PID: 31827 Comm: syz-executor.5 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3253.745577][T31827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3253.755642][T31827] Call Trace: [ 3253.758963][T31827] dump_stack+0x14a/0x1ce [ 3253.763297][T31827] ? devkmsg_release+0x11c/0x11c [ 3253.768231][T31827] ? show_regs_print_info+0x12/0x12 [ 3253.773430][T31827] ? radix_tree_cpu_dead+0x160/0x160 [ 3253.778828][T31827] ? _raw_spin_lock+0xa1/0x170 [ 3253.783598][T31827] ? _raw_spin_trylock_bh+0x190/0x190 [ 3253.789221][T31827] dump_header+0xdb/0x700 [ 3253.793561][T31827] oom_kill_process+0xd3/0x280 [ 3253.798318][T31827] out_of_memory+0x5b6/0x890 [ 3253.802904][T31827] ? unregister_oom_notifier+0x20/0x20 [ 3253.808546][T31827] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3253.814085][T31827] ? unwind_get_return_address+0x48/0x90 [ 3253.819740][T31827] ? get_page_from_freelist+0x7c0/0x7c0 [ 3253.825295][T31827] ? __zone_watermark_ok+0x91/0x280 [ 3253.830507][T31827] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3253.835886][T31827] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3253.841576][T31827] ? copy_process+0x5a4/0x5110 [ 3253.846349][T31827] ? kmem_cache_alloc+0x1d5/0x260 [ 3253.851392][T31827] copy_process+0x5f3/0x5110 [ 3253.855997][T31827] ? get_mem_cgroup_from_mm+0x27b/0x2c0 [ 3253.861544][T31827] ? _raw_spin_lock+0xa1/0x170 [ 3253.866320][T31827] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 3253.872134][T31827] ? fork_idle+0x290/0x290 [ 3253.876552][T31827] ? _raw_spin_unlock+0x5/0x20 [ 3253.881339][T31827] ? handle_mm_fault+0xb16/0x40a0 [ 3253.886371][T31827] _do_fork+0x196/0x920 [ 3253.890531][T31827] ? dup_mm+0x300/0x300 [ 3253.894678][T31827] ? do_mmap+0x9ad/0x1060 [ 3253.899019][T31827] __x64_sys_clone+0x25f/0x2c0 [ 3253.903785][T31827] ? __ia32_sys_vfork+0x110/0x110 [ 3253.908941][T31827] ? do_user_addr_fault+0x55c/0x9f0 [ 3253.914136][T31827] do_syscall_64+0xcb/0x150 [ 3253.918635][T31827] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3253.924541][T31827] RIP: 0033:0x45f1f9 [ 3253.928599][T31827] Code: ff 48 85 f6 0f 84 37 8d fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 0e 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 3253.948293][T31827] RSP: 002b:00007ffc86121e48 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 3253.957936][T31827] RAX: ffffffffffffffda RBX: 00007f0c794d5700 RCX: 000000000045f1f9 [ 3253.966022][T31827] RDX: 00007f0c794d59d0 RSI: 00007f0c794d4db0 RDI: 00000000003d0f00 [ 3253.974003][T31827] RBP: 00007ffc86122070 R08: 00007f0c794d5700 R09: 00007f0c794d5700 [ 3253.981998][T31827] R10: 00007f0c794d59d0 R11: 0000000000000202 R12: 0000000000000000 [ 3253.989965][T31827] R13: 00007ffc86121eff R14: 00007f0c794d59c0 R15: 000000000078c18c [ 3254.123048][T31827] Mem-Info: [ 3254.126470][T31827] active_anon:1408638 inactive_anon:10799 isolated_anon:0 [ 3254.126470][T31827] active_file:237 inactive_file:229 isolated_file:35 [ 3254.126470][T31827] unevictable:0 dirty:29 writeback:11 unstable:0 [ 3254.126470][T31827] slab_reclaimable:11399 slab_unreclaimable:86985 [ 3254.126470][T31827] mapped:56677 shmem:14896 pagetables:31013 bounce:0 [ 3254.126470][T31827] free:13770 free_pcp:54 free_cma:0 [ 3254.165577][T31827] Node 0 active_anon:5634552kB inactive_anon:43196kB active_file:948kB inactive_file:916kB unevictable:0kB isolated(anon):0kB isolated(file):140kB mapped:226708kB dirty:116kB writeback:44kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3254.190617][T31827] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3254.218227][T31827] lowmem_reserve[]: 0 2912 6416 6416 [ 3254.227073][T31827] DMA32 free:28924kB min:20548kB low:23528kB high:26508kB active_anon:2804344kB inactive_anon:2724kB active_file:788kB inactive_file:716kB unevictable:0kB writepending:72kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11104kB pagetables:21524kB bounce:0kB free_pcp:232kB local_pcp:16kB free_cma:0kB [ 3254.257154][T31827] lowmem_reserve[]: 0 0 3504 3504 [ 3254.262599][T31827] Normal free:11268kB min:13784kB low:17372kB high:20960kB active_anon:2829460kB inactive_anon:40472kB active_file:660kB inactive_file:564kB unevictable:0kB writepending:88kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27232kB pagetables:102528kB bounce:0kB free_pcp:328kB local_pcp:252kB free_cma:0kB [ 3254.292967][T31827] lowmem_reserve[]: 0 0 0 0 [ 3254.297927][T31827] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3254.314447][T31827] DMA32: 673*4kB (UMH) 539*8kB (UMEH) 1017*16kB (UMEH) 61*32kB (UMEH) 64*64kB (UMEH) 3*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 29708kB [ 3254.330033][T31827] Normal: 301*4kB (UME) 46*8kB (UME) 123*16kB (UMEH) 9*32kB (UMEH) 51*64kB (MEH) 27*128kB (ME) 2*256kB (ME) 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 11572kB [ 3254.346400][T31827] 15260 total pagecache pages [ 3254.351518][T31827] 0 pages in swap cache [ 3254.356110][T31827] Swap cache stats: add 0, delete 0, find 0/0 [ 3254.363753][T31827] Free swap = 0kB [ 3254.375454][T31827] Total swap = 0kB [ 3254.384989][T31827] 1965979 pages RAM [ 3254.393696][T31827] 0 pages HighMem/MovableOnly [ 3254.404409][T31827] 318830 pages reserved [ 3254.419829][T31827] 0 pages cma reserved [ 3254.423962][T31827] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=31790,uid=0 [ 3254.438187][T31827] Out of memory: Killed process 31791 (syz-executor.0) total-vm:75364kB, anon-rss:16572kB, file-rss:35012kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3254.458444][ T23] oom_reaper: reaped process 31791 (syz-executor.0), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB 01:19:46 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {0x0}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:46 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x2500000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:46 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9, 0x0, 0x0, 0x0, 0xffffffff}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) setsockopt$TIPC_MCAST_BROADCAST(r4, 0x10f, 0x85) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000100)=[{&(0x7f0000000200)="1dcbc81b6114a6c7802a67aa7d2c82bab45eb7d1f4c36dfd586e6b956907893d6f8c1b5ec7bd80bb955358cb685b8d6e564eec5fb9e7c0008f194fbb20c07bc1e91c42d52a69f63f2bd3a47cc1d636674900678d3b3788921cf0f16d6549505512ac", 0x62}, {&(0x7f0000000340)="de09d0f83df70180701221572769a2e5c1206e5d2805e172a158c70b875ac7c524dde49b521e5a4dde655ae9ffd585b69a3454de54dd765087cab0a481d90132bfdb789cb19c5ce85dfb1a4021b9937f4da6552dc09a12766475ff06f7d62b204ea16ccb844e0a08194c7ae639f8fc6fb426248517f990347f20ca54137faf7bec55e72943159ef0b77220fd8300b2da491cd87a64bb0a6a7a59a60976b5fae71085f44bb8d7dfb095f234e0dd98d57f28b5e7e299ee763ef0a35dceb39ee896efb33a9c8b18b4e605090ee3e3c8985445195a70c6241f535bdc5aab8c840463d53b7312979278149364be9f644dc4b1c81fb8", 0xf3}, {&(0x7f0000000280)="92da8bed7b5389bd96b687db1b2af54bfd8ab09ecce43b5b50b72d18d85fa1559dc207b9649f9a388e340e6468f38b2833d23d7c74c93ab5a882db04213cbd5b708a34ae60902538e74508fc9a65b0794259d5b54bfd136d15f63d3acb18b2b7a5be15f336ba6b80aa803ad52885767d44fd25824bd9a8230c1789f525c8cf", 0x7f}, {&(0x7f0000000000)="3ab522a876f03a9f64e70bf16dfbc74ce1564f4fa87b635f720a8e6e577a381196c9ba", 0x23}], 0x4, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') ioctl$sock_SIOCOUTQ(r5, 0x5411, &(0x7f0000000180)) preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:19:46 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:46 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:46 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:46 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {0x0}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:46 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:46 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:47 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {0x0}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:47 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x0, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:47 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x4000000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:47 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:47 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {0x0}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:47 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:47 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) write$P9_RREADLINK(r1, &(0x7f0000000100)={0x10, 0x17, 0x2, {0x7, './file0'}}, 0x10) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r3 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r3, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0) 01:19:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:47 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:48 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {0x0}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:48 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {0x0}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:48 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:19:48 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:48 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:19:48 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xcf00000000000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:48 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x7fffefff) 01:19:48 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x6) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x3) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000200)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x145540, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$BLKPG(r6, 0x1269, &(0x7f0000000180)={0x1, 0x77, 0x2b, &(0x7f0000000240)="00705c0f1fe1a04da35496d4f61e8e2bfbcd62da3f73d90ae22f7461918c2a2ee69bb7725d88b681312305"}) clone(0x8080, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f0000000100)='net/snmp\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0) 01:19:49 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {0x0}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:49 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) [ 3259.534841][ T407] syz-fuzzer invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 3259.545941][ T407] CPU: 1 PID: 407 Comm: syz-fuzzer Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3259.555579][ T407] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3259.565628][ T407] Call Trace: [ 3259.568920][ T407] dump_stack+0x14a/0x1ce [ 3259.573241][ T407] ? devkmsg_release+0x11c/0x11c [ 3259.578182][ T407] ? show_regs_print_info+0x12/0x12 [ 3259.583389][ T407] ? radix_tree_cpu_dead+0x160/0x160 [ 3259.588660][ T407] ? _raw_spin_lock+0xa1/0x170 [ 3259.593420][ T407] ? _raw_spin_trylock_bh+0x190/0x190 [ 3259.598799][ T407] dump_header+0xdb/0x700 [ 3259.603112][ T407] oom_kill_process+0xd3/0x280 [ 3259.607857][ T407] out_of_memory+0x5b6/0x890 [ 3259.612435][ T407] ? unregister_oom_notifier+0x20/0x20 [ 3259.617881][ T407] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3259.623425][ T407] ? get_page_from_freelist+0x7c0/0x7c0 [ 3259.628952][ T407] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3259.634304][ T407] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3259.639845][ T407] pagecache_get_page+0x50f/0x880 [ 3259.644860][ T407] filemap_fault+0x1474/0x19d0 [ 3259.649612][ T407] ? generic_file_read_iter+0x20b0/0x20b0 [ 3259.655312][ T407] ext4_filemap_fault+0x7b/0x90 [ 3259.660161][ T407] handle_mm_fault+0x2837/0x40a0 [ 3259.665079][ T407] ? finish_fault+0x230/0x230 [ 3259.669750][ T407] ? __up_read+0x1b0/0x1b0 [ 3259.674250][ T407] ? vmacache_find+0x47a/0x4b0 [ 3259.678993][ T407] do_user_addr_fault+0x48a/0x9f0 [ 3259.684001][ T407] page_fault+0x2f/0x40 [ 3259.688147][ T407] RIP: 0033:0x6f7284 [ 3259.692152][ T407] Code: Bad RIP value. [ 3259.696225][ T407] RSP: 002b:000000c42e60f150 EFLAGS: 00010206 [ 3259.702288][ T407] RAX: 0000000000000000 RBX: 000000c42bf66ab0 RCX: 0000000000a267a0 [ 3259.711286][ T407] RDX: 000000000088cea0 RSI: 0000000000000020 RDI: 000000c42faf76e0 [ 3259.719242][ T407] RBP: 000000c42e60f248 R08: 0000000000000000 R09: 0000000000000000 [ 3259.727350][ T407] R10: 00000000009f1ef2 R11: 0000000000000004 R12: 0000000000000000 [ 3259.735599][ T407] R13: 0000000000000020 R14: 0000000000000013 R15: 0000000000000100 [ 3259.744201][ T407] Mem-Info: [ 3259.747626][ T407] active_anon:1410571 inactive_anon:10799 isolated_anon:0 [ 3259.747626][ T407] active_file:16 inactive_file:91 isolated_file:0 [ 3259.747626][ T407] unevictable:0 dirty:0 writeback:0 unstable:0 [ 3259.747626][ T407] slab_reclaimable:11443 slab_unreclaimable:87287 [ 3259.747626][ T407] mapped:56341 shmem:14896 pagetables:31097 bounce:0 [ 3259.747626][ T407] free:11854 free_pcp:125 free_cma:0 [ 3259.785694][ T407] Node 0 active_anon:5642284kB inactive_anon:43196kB active_file:164kB inactive_file:16kB unevictable:0kB isolated(anon):0kB isolated(file):108kB mapped:225364kB dirty:0kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3259.810380][ T407] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3259.836747][ T407] lowmem_reserve[]: 0 2912 6416 6416 [ 3259.842409][ T407] DMA32 free:26252kB min:4644kB low:7624kB high:10604kB active_anon:2807704kB inactive_anon:2724kB active_file:96kB inactive_file:568kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10880kB pagetables:21304kB bounce:0kB free_pcp:368kB local_pcp:0kB free_cma:0kB [ 3259.871838][ T407] lowmem_reserve[]: 0 0 3504 3504 [ 3259.877328][ T407] Normal free:4892kB min:5592kB low:9180kB high:12768kB active_anon:2834580kB inactive_anon:40472kB active_file:60kB inactive_file:0kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27392kB pagetables:103084kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3259.906433][ T407] lowmem_reserve[]: 0 0 0 0 [ 3259.911236][ T407] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3259.925091][ T407] DMA32: 284*4kB (UH) 472*8kB (UH) 926*16kB (UEH) 62*32kB (UEH) 74*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26448kB [ 3259.939759][ T407] Normal: 138*4kB (UME) 38*8kB (UME) 53*16kB (UME) 19*32kB (UME) 8*64kB (ME) 16*128kB (MEH) 1*256kB (H) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5128kB [ 3259.955321][ T407] 14933 total pagecache pages [ 3259.960066][ T407] 0 pages in swap cache [ 3259.964337][ T407] Swap cache stats: add 0, delete 0, find 0/0 [ 3259.970835][ T407] Free swap = 0kB [ 3259.974879][ T407] Total swap = 0kB [ 3259.978666][ T407] 1965979 pages RAM [ 3259.982984][ T407] 0 pages HighMem/MovableOnly [ 3259.987809][ T407] 318830 pages reserved [ 3259.992026][ T407] 0 pages cma reserved [ 3259.996241][ T407] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=715,uid=0 [ 3260.010615][ T407] Out of memory: Killed process 715 (syz-executor.5) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 01:19:52 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {0x0}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:52 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:52 executing program 5: prlimit64(0x0, 0x0, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:52 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xffefff7f00000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:52 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:52 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9, 0x0, 0x0, 0x1}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) symlink(&(0x7f00000000c0)='..', &(0x7f0000000040)='./file0\x00') mount$bpf(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000019c0)='bpf\x00', 0x0, 0x0) clone(0x20002004ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) exit_group(0x0) mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000200)='cgroup2\x00', 0x0, 0x0) stat(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) 01:19:52 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {0x0}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:52 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:52 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {0x0}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:52 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:52 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3260.802361][T32034] syz-executor.5 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 3260.863645][T32034] CPU: 0 PID: 32034 Comm: syz-executor.5 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3260.873845][T32034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3260.884019][T32034] Call Trace: [ 3260.887316][T32034] dump_stack+0x14a/0x1ce [ 3260.891658][T32034] ? devkmsg_release+0x11c/0x11c [ 3260.896613][T32034] ? show_regs_print_info+0x12/0x12 [ 3260.901822][T32034] ? radix_tree_cpu_dead+0x160/0x160 [ 3260.907248][T32034] ? _raw_spin_lock+0xa1/0x170 [ 3260.912040][T32034] ? _raw_spin_trylock_bh+0x190/0x190 [ 3260.917416][T32034] dump_header+0xdb/0x700 [ 3260.921753][T32034] oom_kill_process+0xd3/0x280 [ 3260.926649][T32034] out_of_memory+0x5b6/0x890 [ 3260.931253][T32034] ? unregister_oom_notifier+0x20/0x20 [ 3260.936711][T32034] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3260.942263][T32034] ? get_page_from_freelist+0x7c0/0x7c0 [ 3260.947920][T32034] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3260.953296][T32034] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3260.958852][T32034] handle_mm_fault+0x1689/0x40a0 [ 3260.963804][T32034] ? finish_fault+0x230/0x230 [ 3260.968510][T32034] ? do_mmap+0x9ad/0x1060 [ 3260.972836][T32034] ? up_read+0x10/0x10 [ 3260.977029][T32034] ? __up_read+0x1b0/0x1b0 [ 3260.981453][T32034] ? vmacache_update+0x9f/0xf0 [ 3260.986315][T32034] do_user_addr_fault+0x48a/0x9f0 [ 3260.991346][T32034] page_fault+0x2f/0x40 [ 3260.995505][T32034] RIP: 0033:0x41407f [ 3260.999420][T32034] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 3261.019040][T32034] RSP: 002b:00007ffc86121e90 EFLAGS: 00010206 [ 3261.025101][T32034] RAX: 00007f0c79518000 RBX: 0000000000020000 RCX: 000000000045c87a [ 3261.033065][T32034] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 3261.041032][T32034] RBP: 00007ffc86121f70 R08: ffffffffffffffff R09: 0000000000000000 [ 3261.049012][T32034] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc86122070 [ 3261.056974][T32034] R13: 00007f0c79538700 R14: 0000000000000c49 R15: 000000000078bfac [ 3261.142840][T32034] Mem-Info: [ 3261.146346][T32034] active_anon:1409785 inactive_anon:10799 isolated_anon:0 [ 3261.146346][T32034] active_file:234 inactive_file:220 isolated_file:34 [ 3261.146346][T32034] unevictable:0 dirty:47 writeback:1 unstable:0 [ 3261.146346][T32034] slab_reclaimable:11454 slab_unreclaimable:87302 [ 3261.146346][T32034] mapped:56713 shmem:14896 pagetables:31172 bounce:0 [ 3261.146346][T32034] free:12248 free_pcp:25 free_cma:0 [ 3261.185691][T32034] Node 0 active_anon:5639140kB inactive_anon:43196kB active_file:808kB inactive_file:780kB unevictable:0kB isolated(anon):0kB isolated(file):136kB mapped:226852kB dirty:188kB writeback:4kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3261.210700][T32034] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3261.237424][T32034] lowmem_reserve[]: 0 2912 6416 6416 [ 3261.243242][T32034] DMA32 free:28732kB min:20548kB low:23528kB high:26508kB active_anon:2806004kB inactive_anon:2724kB active_file:24kB inactive_file:264kB unevictable:0kB writepending:28kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11168kB pagetables:21512kB bounce:0kB free_pcp:148kB local_pcp:0kB free_cma:0kB [ 3261.273223][T32034] lowmem_reserve[]: 0 0 3504 3504 [ 3261.291734][T32034] Normal free:4860kB min:5592kB low:9180kB high:12768kB active_anon:2832844kB inactive_anon:40472kB active_file:456kB inactive_file:892kB unevictable:0kB writepending:164kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27296kB pagetables:103176kB bounce:0kB free_pcp:176kB local_pcp:84kB free_cma:0kB [ 3261.331015][T32034] lowmem_reserve[]: 0 0 0 0 [ 3261.348240][T32034] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3261.382700][T32034] DMA32: 228*4kB (UH) 506*8kB (UEH) 916*16kB (UH) 51*32kB (UEH) 82*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26496kB [ 3261.423709][T32034] Normal: 254*4kB (UME) 77*8kB (UME) 43*16kB (UMEH) 19*32kB (UMEH) 4*64kB (MEH) 9*128kB (ME) 4*256kB (MH) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5360kB [ 3261.472832][T32034] 15040 total pagecache pages [ 3261.477644][T32034] 0 pages in swap cache [ 3261.481960][T32034] Swap cache stats: add 0, delete 0, find 0/0 [ 3261.492863][T32034] Free swap = 0kB [ 3261.496813][T32034] Total swap = 0kB [ 3261.500827][T32034] 1965979 pages RAM [ 3261.505017][T32034] 0 pages HighMem/MovableOnly [ 3261.510045][T32034] 318830 pages reserved [ 3261.514900][T32034] 0 pages cma reserved [ 3261.519888][T32034] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=437,uid=0 [ 3261.535225][T32034] Out of memory: Killed process 437 (syz-executor.5) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3261.601159][ T23] oom_reaper: reaped process 437 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:19:53 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xffffff7f00000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:53 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:53 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) ioctl$RTC_AIE_OFF(r4, 0x7002) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:19:53 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xffefff7f00000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:53 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:54 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3263.478078][ T404] syz-fuzzer invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 3263.489506][ T404] CPU: 0 PID: 404 Comm: syz-fuzzer Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3263.499329][ T404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3263.509476][ T404] Call Trace: [ 3263.512784][ T404] dump_stack+0x14a/0x1ce [ 3263.517125][ T404] ? devkmsg_release+0x11c/0x11c [ 3263.522150][ T404] ? show_regs_print_info+0x12/0x12 [ 3263.527342][ T404] ? radix_tree_cpu_dead+0x160/0x160 [ 3263.532617][ T404] ? _raw_spin_lock+0xa1/0x170 [ 3263.537380][ T404] ? _raw_spin_trylock_bh+0x190/0x190 [ 3263.542748][ T404] dump_header+0xdb/0x700 [ 3263.547079][ T404] oom_kill_process+0xd3/0x280 [ 3263.551857][ T404] out_of_memory+0x5b6/0x890 [ 3263.556437][ T404] ? unregister_oom_notifier+0x20/0x20 [ 3263.561881][ T404] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3263.567416][ T404] ? get_page_from_freelist+0x7c0/0x7c0 [ 3263.572965][ T404] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3263.578339][ T404] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3263.583979][ T404] pagecache_get_page+0x50f/0x880 [ 3263.588994][ T404] filemap_fault+0x1474/0x19d0 [ 3263.593742][ T404] ? generic_file_read_iter+0x20b0/0x20b0 [ 3263.599444][ T404] ext4_filemap_fault+0x7b/0x90 [ 3263.604291][ T404] handle_mm_fault+0x2837/0x40a0 [ 3263.609232][ T404] ? finish_fault+0x230/0x230 [ 3263.613897][ T404] ? __up_read+0x1b0/0x1b0 [ 3263.618297][ T404] ? vmacache_find+0x205/0x4b0 [ 3263.623081][ T404] do_user_addr_fault+0x48a/0x9f0 [ 3263.628094][ T404] page_fault+0x2f/0x40 [ 3263.632247][ T404] RIP: 0033:0x49155b [ 3263.637171][ T404] Code: Bad RIP value. [ 3263.641222][ T404] RSP: 002b:000000c42e60cf90 EFLAGS: 00010206 [ 3263.647273][ T404] RAX: 0000000000000001 RBX: 000000000042c72a RCX: 00007f0d0876b498 [ 3263.655232][ T404] RDX: 0000000000000000 RSI: 0000000000000002 RDI: 000000c420085b30 [ 3263.663189][ T404] RBP: 000000c42e60cfb0 R08: 0000000000000000 R09: 00007ffdd299f0b8 [ 3263.671145][ T404] R10: 0000000000095356 R11: 0000000000000cbf R12: 000000c42f35c750 [ 3263.679283][ T404] R13: 0000000000000001 R14: 000000c428d0e1e0 R15: 0000000000000001 [ 3263.689762][ T404] Mem-Info: [ 3263.693420][ T404] active_anon:1410304 inactive_anon:10799 isolated_anon:0 [ 3263.693420][ T404] active_file:38 inactive_file:100 isolated_file:32 [ 3263.693420][ T404] unevictable:0 dirty:0 writeback:0 unstable:0 [ 3263.693420][ T404] slab_reclaimable:11454 slab_unreclaimable:87513 [ 3263.693420][ T404] mapped:56458 shmem:14896 pagetables:31145 bounce:0 [ 3263.693420][ T404] free:11718 free_pcp:55 free_cma:0 [ 3263.736087][ T404] Node 0 active_anon:5641716kB inactive_anon:43196kB active_file:352kB inactive_file:208kB unevictable:0kB isolated(anon):0kB isolated(file):112kB mapped:225832kB dirty:0kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3263.760498][ T404] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3263.786831][ T404] lowmem_reserve[]: 0 2912 6416 6416 [ 3263.792303][ T404] DMA32 free:26612kB min:4644kB low:7624kB high:10604kB active_anon:2807332kB inactive_anon:2724kB active_file:8kB inactive_file:8kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11104kB pagetables:21316kB bounce:0kB free_pcp:220kB local_pcp:36kB free_cma:0kB [ 3263.833097][ T404] lowmem_reserve[]: 0 0 3504 3504 [ 3263.838285][ T404] Normal free:3668kB min:5592kB low:9180kB high:12768kB active_anon:2834892kB inactive_anon:40472kB active_file:48kB inactive_file:76kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27424kB pagetables:103264kB bounce:0kB free_pcp:356kB local_pcp:248kB free_cma:0kB [ 3263.873806][ T404] lowmem_reserve[]: 0 0 0 0 [ 3263.878444][ T404] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3263.891858][ T404] DMA32: 393*4kB (UMH) 511*8kB (UEH) 927*16kB (UEH) 20*32kB (UEH) 87*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26700kB [ 3263.906252][ T404] Normal: 80*4kB (UME) 30*8kB (UME) 17*16kB (UE) 14*32kB (UEH) 4*64kB (UMEH) 3*128kB (UEH) 2*256kB (UM) 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 3968kB [ 3263.922200][ T404] 14929 total pagecache pages [ 3263.926969][ T404] 0 pages in swap cache [ 3263.931193][ T404] Swap cache stats: add 0, delete 0, find 0/0 [ 3263.937376][ T404] Free swap = 0kB [ 3263.941097][ T404] Total swap = 0kB [ 3263.945262][ T404] 1965979 pages RAM [ 3263.949081][ T404] 0 pages HighMem/MovableOnly [ 3263.963880][ T404] 318830 pages reserved [ 3263.968183][ T404] 0 pages cma reserved [ 3263.972378][ T404] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=372,uid=0 [ 3263.992412][ T404] Out of memory: Killed process 372 (syz-executor.5) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3264.026186][ T23] oom_reaper: reaped process 372 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:19:56 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:56 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {0x0}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:56 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:56 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0xffffffff00000000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:56 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {0x0}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:56 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x5, 0x0, 0x10, 0x9, 0xfffff7ffffffffff, 0x0, 0x3, 0x9, 0x7}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f00000006c0)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/55, 0x37}, {&(0x7f0000000740)=""/18, 0x12}], 0x2, &(0x7f0000000240)=""/143, 0x8f}, 0x10000}, {{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000480)=""/18, 0x12}, {&(0x7f0000000780)=""/224, 0xe0}, {&(0x7f00000005c0)=""/143, 0x8f}], 0x3}}], 0x2, 0x12120, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TIOCGSERIAL(r3, 0x541e, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/129}) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) preadv(0xffffffffffffffff, &(0x7f0000000500), 0x37d, 0x0) 01:19:56 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:56 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {0x0}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:56 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:56 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:57 executing program 5: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3265.484333][ T1] systemd invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 3265.499572][ T1] CPU: 0 PID: 1 Comm: systemd Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3265.508821][ T1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3265.518885][ T1] Call Trace: [ 3265.522186][ T1] dump_stack+0x14a/0x1ce [ 3265.526529][ T1] ? devkmsg_release+0x11c/0x11c [ 3265.531478][ T1] ? show_regs_print_info+0x12/0x12 [ 3265.536682][ T1] ? radix_tree_cpu_dead+0x160/0x160 [ 3265.541973][ T1] ? _raw_spin_lock+0xa1/0x170 [ 3265.546744][ T1] ? _raw_spin_trylock_bh+0x190/0x190 [ 3265.552148][ T1] dump_header+0xdb/0x700 [ 3265.556501][ T1] oom_kill_process+0xd3/0x280 [ 3265.561278][ T1] out_of_memory+0x5b6/0x890 [ 3265.565884][ T1] ? unregister_oom_notifier+0x20/0x20 [ 3265.571358][ T1] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3265.576947][ T1] ? get_page_from_freelist+0x7c0/0x7c0 [ 3265.582506][ T1] ? __zone_watermark_ok+0x91/0x280 [ 3265.587736][ T1] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3265.593120][ T1] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3265.598674][ T1] ? filemap_map_pages+0x10ca/0x1140 [ 3265.603980][ T1] ? filemap_fault+0x19d0/0x19d0 [ 3265.608931][ T1] alloc_slab_page+0x3a/0x3a0 [ 3265.613643][ T1] new_slab+0x408/0x450 [ 3265.617811][ T1] ? getname_flags+0xb8/0x610 [ 3265.622496][ T1] ___slab_alloc+0x2e0/0x450 [ 3265.627113][ T1] ? getname_flags+0xb8/0x610 [ 3265.631927][ T1] ? getname_flags+0xb8/0x610 [ 3265.636625][ T1] kmem_cache_alloc+0x23f/0x260 [ 3265.641499][ T1] getname_flags+0xb8/0x610 [ 3265.646021][ T1] do_sys_open+0x33d/0x7d0 [ 3265.650448][ T1] ? file_open_root+0x450/0x450 [ 3265.655299][ T1] ? __fpregs_load_activate+0x2d3/0x390 [ 3265.660845][ T1] ? do_user_addr_fault+0x521/0x9f0 [ 3265.666047][ T1] do_syscall_64+0xcb/0x150 [ 3265.670563][ T1] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3265.676579][ T1] RIP: 0033:0x7f268087370d [ 3265.681010][ T1] Code: Bad RIP value. [ 3265.685081][ T1] RSP: 002b:00007fff1a11c4d0 EFLAGS: 00000293 ORIG_RAX: 0000000000000002 [ 3265.693497][ T1] RAX: ffffffffffffffda RBX: 000055e5920f7950 RCX: 00007f268087370d [ 3265.701481][ T1] RDX: 00000000000001b6 RSI: 0000000000080000 RDI: 00007fff1a11c5b0 [ 3265.709465][ T1] RBP: 0000000000000008 R08: 0000000000000008 R09: 0000000000000001 [ 3265.717452][ T1] R10: 0000000000080000 R11: 0000000000000293 R12: 00007f2681fad7b4 [ 3265.725477][ T1] R13: 0000000000000001 R14: 000055e5920f6780 R15: 00007fff1a11c5b0 [ 3265.760599][ T1] Mem-Info: [ 3265.763831][ T1] active_anon:1409739 inactive_anon:10799 isolated_anon:0 [ 3265.763831][ T1] active_file:24 inactive_file:5 isolated_file:32 [ 3265.763831][ T1] unevictable:0 dirty:0 writeback:4 unstable:0 [ 3265.763831][ T1] slab_reclaimable:11471 slab_unreclaimable:87619 [ 3265.763831][ T1] mapped:56413 shmem:14896 pagetables:31227 bounce:0 [ 3265.763831][ T1] free:12136 free_pcp:162 free_cma:0 [ 3265.801681][ T1] Node 0 active_anon:5639156kB inactive_anon:43196kB active_file:196kB inactive_file:20kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:225652kB dirty:0kB writeback:16kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3265.825855][ T1] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3265.852038][ T1] lowmem_reserve[]: 0 2912 6416 6416 [ 3265.857402][ T1] DMA32 free:27080kB min:4644kB low:7624kB high:10604kB active_anon:2808184kB inactive_anon:2724kB active_file:308kB inactive_file:36kB unevictable:0kB writepending:48kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10784kB pagetables:21312kB bounce:0kB free_pcp:644kB local_pcp:244kB free_cma:0kB [ 3265.942620][ T1] lowmem_reserve[]: 0 0 3504 3504 [ 3265.948923][ T1] Normal free:18636kB min:5592kB low:9180kB high:12768kB active_anon:2815532kB inactive_anon:40472kB active_file:372kB inactive_file:188kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27424kB pagetables:103316kB bounce:0kB free_pcp:2324kB local_pcp:1536kB free_cma:0kB [ 3265.978672][ T1] lowmem_reserve[]: 0 0 0 0 [ 3265.983271][ T1] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3265.996738][ T1] DMA32: 176*4kB (UMEH) 496*8kB (UMH) 918*16kB (UEH) 71*32kB (UEH) 90*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 27392kB [ 3266.018710][ T1] Normal: 978*4kB (UM) 171*8kB (UM) 122*16kB (UME) 98*32kB (UMH) 29*64kB (UMH) 13*128kB (MEH) 4*256kB (M) 4*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 16960kB [ 3266.047089][ T1] 15479 total pagecache pages [ 3266.051890][ T1] 0 pages in swap cache [ 3266.071592][ T1] Swap cache stats: add 0, delete 0, find 0/0 [ 3266.088643][ T1] Free swap = 0kB [ 3266.092396][ T1] Total swap = 0kB [ 3266.096263][ T1] 1965979 pages RAM [ 3266.105027][ T1] 0 pages HighMem/MovableOnly [ 3266.109810][ T1] 318830 pages reserved [ 3266.114028][ T1] 0 pages cma reserved [ 3266.118103][ T1] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=28937,uid=0 01:19:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:19:58 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:19:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) [ 3266.133700][ T1] Out of memory: Killed process 28937 (syz-executor.5) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3266.158569][ T23] oom_reaper: reaped process 28937 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:19:58 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:19:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:58 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {0x0}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:19:58 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) dup(0xffffffffffffffff) 01:19:58 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {0x0}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:19:58 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x700) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:19:58 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3267.821735][ T404] syz-fuzzer invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 3267.832548][ T404] CPU: 1 PID: 404 Comm: syz-fuzzer Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3267.842182][ T404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3267.852248][ T404] Call Trace: [ 3267.855549][ T404] dump_stack+0x14a/0x1ce [ 3267.859898][ T404] ? devkmsg_release+0x11c/0x11c [ 3267.864925][ T404] ? show_regs_print_info+0x12/0x12 [ 3267.870139][ T404] ? radix_tree_cpu_dead+0x160/0x160 [ 3267.875425][ T404] ? _raw_spin_lock+0xa1/0x170 [ 3267.880206][ T404] ? _raw_spin_trylock_bh+0x190/0x190 [ 3267.885581][ T404] dump_header+0xdb/0x700 [ 3267.890370][ T404] oom_kill_process+0xd3/0x280 [ 3267.895138][ T404] out_of_memory+0x5b6/0x890 [ 3267.899745][ T404] ? unregister_oom_notifier+0x20/0x20 [ 3267.905217][ T404] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3267.911565][ T404] ? get_page_from_freelist+0x7c0/0x7c0 [ 3267.917134][ T404] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3267.922605][ T404] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3267.928161][ T404] pagecache_get_page+0x50f/0x880 [ 3267.933195][ T404] filemap_fault+0x1474/0x19d0 [ 3267.937977][ T404] ? generic_file_read_iter+0x20b0/0x20b0 [ 3267.943715][ T404] ext4_filemap_fault+0x7b/0x90 [ 3267.948579][ T404] handle_mm_fault+0x2837/0x40a0 [ 3267.953531][ T404] ? finish_fault+0x230/0x230 [ 3267.958215][ T404] ? __up_read+0x1b0/0x1b0 [ 3267.962648][ T404] ? vmacache_find+0x205/0x4b0 [ 3267.967439][ T404] do_user_addr_fault+0x48a/0x9f0 [ 3267.972646][ T404] page_fault+0x2f/0x40 [ 3267.976809][ T404] RIP: 0033:0x4571c6 [ 3267.980835][ T404] Code: Bad RIP value. [ 3267.984895][ T404] RSP: 002b:000000c420413fd0 EFLAGS: 00010206 [ 3267.990980][ T404] RAX: 000000c420084180 RBX: 000000c42015b000 RCX: 000000c420084180 [ 3267.999052][ T404] RDX: 00000000009c2b88 RSI: 000000c420085380 RDI: 00000000009c2b88 [ 3268.007020][ T404] RBP: 000000c420038f20 R08: 00007ffdd299f080 R09: 00007ffdd299f0b8 [ 3268.015631][ T404] R10: 000000000009566a R11: 0000000000000cc3 R12: 00000306622e3840 [ 3268.023608][ T404] R13: 0000000000000001 R14: 000000c428d0e4e0 R15: 0000000000000001 [ 3268.032467][ T404] Mem-Info: [ 3268.045092][ T404] active_anon:1409920 inactive_anon:10799 isolated_anon:0 [ 3268.045092][ T404] active_file:24 inactive_file:96 isolated_file:15 [ 3268.045092][ T404] unevictable:0 dirty:0 writeback:0 unstable:0 [ 3268.045092][ T404] slab_reclaimable:11448 slab_unreclaimable:87964 [ 3268.045092][ T404] mapped:56421 shmem:14896 pagetables:31198 bounce:0 [ 3268.045092][ T404] free:11645 free_pcp:404 free_cma:0 [ 3268.084057][ T404] Node 0 active_anon:5639680kB inactive_anon:43196kB active_file:96kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):60kB mapped:225484kB dirty:0kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 3268.108904][ T404] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3268.134879][ T404] lowmem_reserve[]: 0 2912 6416 6416 [ 3268.140171][ T404] DMA32 free:26392kB min:4644kB low:7624kB high:10604kB active_anon:2809116kB inactive_anon:2724kB active_file:8kB inactive_file:168kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10912kB pagetables:21376kB bounce:0kB free_pcp:1152kB local_pcp:172kB free_cma:0kB [ 3268.169538][ T404] lowmem_reserve[]: 0 0 3504 3504 [ 3268.174747][ T404] Normal free:3764kB min:5592kB low:9180kB high:12768kB active_anon:2830372kB inactive_anon:40472kB active_file:88kB inactive_file:72kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27424kB pagetables:103416kB bounce:0kB free_pcp:1068kB local_pcp:496kB free_cma:0kB [ 3268.204223][ T404] lowmem_reserve[]: 0 0 0 0 [ 3268.208715][ T404] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3268.222047][ T404] DMA32: 47*4kB (MH) 478*8kB (UH) 891*16kB (UH) 77*32kB (UEH) 90*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26492kB [ 3268.236248][ T404] Normal: 6*4kB (UME) 2*8kB (UM) 14*16kB (UME) 7*32kB (E) 2*64kB (EH) 8*128kB (MH) 3*256kB (M) 2*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 3432kB [ 3268.250787][ T404] 14920 total pagecache pages [ 3268.255472][ T404] 0 pages in swap cache [ 3268.259616][ T404] Swap cache stats: add 0, delete 0, find 0/0 [ 3268.265710][ T404] Free swap = 0kB [ 3268.269428][ T404] Total swap = 0kB [ 3268.273137][ T404] 1965979 pages RAM [ 3268.276916][ T404] 0 pages HighMem/MovableOnly [ 3268.281716][ T404] 318830 pages reserved [ 3268.286283][ T404] 0 pages cma reserved [ 3268.290399][ T404] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=19162,uid=0 [ 3268.305047][ T404] Out of memory: Killed process 19162 (syz-executor.5) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3268.332591][ T23] oom_reaper: reaped process 19162 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:20:00 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {0x0}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:00 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:00 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:00 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:00 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x16, 0x1000, 0x9, 0x0, 0x2000000000000, 0x0, 0x0, 0x4}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) setsockopt$sock_timeval(0xffffffffffffffff, 0x1, 0x14, &(0x7f00000000c0)={0x0, 0x2710}, 0x10) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:00 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {0x0}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:00 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x2, 0x1, 0x1000000000000, 0x0, 0x0, 0x2}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r5) ioprio_set$uid(0x0, r5, 0x1) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4, 0x4000000000000}, 0x0) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(0xffffffffffffffff, &(0x7f0000000500), 0x0, 0xffffffffffffffff) 01:20:00 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:00 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:01 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:01 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:01 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3269.259855][T32238] syz-executor.4 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 3269.322872][T32238] CPU: 0 PID: 32238 Comm: syz-executor.4 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3269.333406][T32238] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3269.343465][T32238] Call Trace: [ 3269.347056][T32238] dump_stack+0x14a/0x1ce [ 3269.351573][T32238] ? devkmsg_release+0x11c/0x11c [ 3269.356548][T32238] ? show_regs_print_info+0x12/0x12 [ 3269.361761][T32238] ? radix_tree_cpu_dead+0x160/0x160 [ 3269.367058][T32238] ? _raw_spin_lock+0xa1/0x170 [ 3269.371944][T32238] ? _raw_spin_trylock_bh+0x190/0x190 [ 3269.377330][T32238] dump_header+0xdb/0x700 [ 3269.381761][T32238] oom_kill_process+0xd3/0x280 [ 3269.386657][T32238] out_of_memory+0x5b6/0x890 [ 3269.391290][T32238] ? unregister_oom_notifier+0x20/0x20 [ 3269.398868][T32238] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3269.404445][T32238] ? get_page_from_freelist+0x7c0/0x7c0 [ 3269.410208][T32238] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3269.415597][T32238] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3269.421198][T32238] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 3269.426962][T32238] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 3269.432791][T32238] ? __lru_cache_add+0x1a1/0x1f0 [ 3269.437760][T32238] wp_page_copy+0x1cb/0x1120 [ 3269.442354][T32238] ? __rcu_read_lock+0x50/0x50 [ 3269.447138][T32238] ? add_mm_rss_vec+0x270/0x270 [ 3269.451996][T32238] ? update_load_avg+0x410/0x8f0 [ 3269.456942][T32238] ? vm_normal_page+0x1c9/0x1d0 [ 3269.461795][T32238] do_wp_page+0x4c1/0x1530 [ 3269.466234][T32238] ? _raw_spin_lock+0xa1/0x170 [ 3269.471008][T32238] ? do_swap_page+0x1560/0x1560 [ 3269.475875][T32238] handle_mm_fault+0x1354/0x40a0 [ 3269.480835][T32238] ? switch_mm_irqs_off+0x329/0xa10 [ 3269.486054][T32238] ? finish_fault+0x230/0x230 [ 3269.491186][T32238] ? __up_read+0x1b0/0x1b0 [ 3269.495621][T32238] ? vmacache_find+0x2d2/0x4b0 [ 3269.500391][T32238] do_user_addr_fault+0x48a/0x9f0 [ 3269.505417][T32238] page_fault+0x2f/0x40 [ 3269.509579][T32238] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 3269.516170][T32238] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 3269.535867][T32238] RSP: 0018:ffff88811ead7888 EFLAGS: 00010206 [ 3269.541929][T32238] RAX: ffffffff81f75001 RBX: 0000000020633500 RCX: 0000000000000500 [ 3269.549896][T32238] RDX: 0000000000001000 RSI: ffff8880a7836b00 RDI: 0000000020633000 [ 3269.557865][T32238] RBP: ffff88811ead7da8 R08: dffffc0000000000 R09: ffffed1014f06e00 [ 3269.566005][T32238] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 3269.574061][T32238] R13: 0000000000001000 R14: ffff8880a7836000 R15: 0000000020632500 [ 3269.582053][T32238] ? copyout+0x1/0xb0 [ 3269.586225][T32238] copyout+0x8e/0xb0 [ 3269.590212][T32238] copy_page_to_iter+0x393/0xbd0 [ 3269.595253][T32238] pipe_to_user+0xa3/0x130 [ 3269.599796][T32238] __splice_from_pipe+0x2d3/0x870 [ 3269.604839][T32238] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 3269.610589][T32238] do_vmsplice+0x252/0xee0 [ 3269.615025][T32238] ? is_mmconf_reserved+0x410/0x410 [ 3269.620385][T32238] ? write_pipe_buf+0x1d0/0x1d0 [ 3269.625516][T32238] ? __rcu_read_lock+0x50/0x50 [ 3269.630461][T32238] ? preempt_schedule+0x110/0x130 [ 3269.635507][T32238] ? check_stack_object+0x5a/0x90 [ 3269.640537][T32238] ? _copy_from_user+0xa4/0xe0 [ 3269.645310][T32238] ? rw_copy_check_uvector+0x2b3/0x310 [ 3269.650775][T32238] ? import_iovec+0x1c2/0x380 [ 3269.655583][T32238] ? dup_iter+0x110/0x110 [ 3269.659966][T32238] ? do_vfs_ioctl+0x780/0x1750 [ 3269.664736][T32238] __se_sys_vmsplice+0x1fb/0x300 [ 3269.669799][T32238] ? __x64_sys_vmsplice+0xa0/0xa0 [ 3269.674823][T32238] ? put_timespec64+0x109/0x150 [ 3269.679698][T32238] ? __x64_sys_clock_gettime+0x20d/0x260 [ 3269.685363][T32238] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 3269.691270][T32238] do_syscall_64+0xcb/0x150 [ 3269.695780][T32238] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3269.702213][T32238] RIP: 0033:0x45c829 [ 3269.706106][T32238] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3269.725972][T32238] RSP: 002b:00007f67d72f6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 3269.734380][T32238] RAX: ffffffffffffffda RBX: 0000000000509d00 RCX: 000000000045c829 [ 3269.742366][T32238] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004 [ 3269.750781][T32238] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 3269.759347][T32238] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3269.767620][T32238] R13: 0000000000000c49 R14: 00000000004ce70e R15: 00007f67d72f76d4 [ 3269.833983][T32238] Mem-Info: [ 3269.837531][T32238] active_anon:1408218 inactive_anon:10799 isolated_anon:0 [ 3269.837531][T32238] active_file:362 inactive_file:261 isolated_file:47 [ 3269.837531][T32238] unevictable:0 dirty:43 writeback:0 unstable:0 [ 3269.837531][T32238] slab_reclaimable:11052 slab_unreclaimable:88544 [ 3269.837531][T32238] mapped:56904 shmem:14896 pagetables:31298 bounce:0 [ 3269.837531][T32238] free:12506 free_pcp:8 free_cma:0 [ 3269.876013][T32238] Node 0 active_anon:5632872kB inactive_anon:43196kB active_file:1340kB inactive_file:1044kB unevictable:0kB isolated(anon):0kB isolated(file):184kB mapped:227616kB dirty:172kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3269.901470][T32238] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3269.936317][T32238] lowmem_reserve[]: 0 2912 6416 6416 [ 3269.942217][T32238] DMA32 free:26116kB min:20548kB low:23528kB high:26508kB active_anon:2808844kB inactive_anon:2724kB active_file:68kB inactive_file:188kB unevictable:0kB writepending:12kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10912kB pagetables:21480kB bounce:0kB free_pcp:32kB local_pcp:0kB free_cma:0kB [ 3269.972329][T32238] lowmem_reserve[]: 0 0 3504 3504 [ 3269.977870][T32238] Normal free:8720kB min:9688kB low:13276kB high:16864kB active_anon:2824136kB inactive_anon:40472kB active_file:1304kB inactive_file:748kB unevictable:0kB writepending:176kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27648kB pagetables:103788kB bounce:0kB free_pcp:84kB local_pcp:0kB free_cma:0kB [ 3270.008025][T32238] lowmem_reserve[]: 0 0 0 0 [ 3270.015136][T32238] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3270.028976][T32238] DMA32: 273*4kB (UMH) 466*8kB (UMEH) 900*16kB (UEH) 34*32kB (UH) 91*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26132kB [ 3270.043882][T32238] Normal: 171*4kB (UME) 80*8kB (UME) 88*16kB (UME) 24*32kB (UME) 7*64kB (UE) 33*128kB (MEH) 4*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9196kB [ 3270.076315][T32238] 15256 total pagecache pages [ 3270.084940][T32238] 0 pages in swap cache [ 3270.089532][T32238] Swap cache stats: add 0, delete 0, find 0/0 [ 3270.096049][T32238] Free swap = 0kB [ 3270.100111][T32238] Total swap = 0kB [ 3270.104197][T32238] 1965979 pages RAM [ 3270.108476][T32238] 0 pages HighMem/MovableOnly [ 3270.113565][T32238] 318830 pages reserved [ 3270.118656][T32238] 0 pages cma reserved [ 3270.123217][T32238] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.3,pid=16767,uid=0 [ 3270.141042][T32238] Out of memory: Killed process 16767 (syz-executor.3) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 3270.162228][ T23] oom_reaper: reaped process 16767 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:20:02 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:02 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000180)=0x0) sched_setattr(r4, &(0x7f0000000080)={0x38, 0x2, 0x1000002b, 0x0, 0x3, 0x0, 0x3, 0x0, 0x0, 0xfffffffc}, 0x0) r5 = open(0x0, 0x141042, 0x0) connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') lstat(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)) preadv(r6, &(0x7f0000000500), 0x37d, 0x0) 01:20:02 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:02 executing program 4: prlimit64(0x0, 0x1, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() pipe2(&(0x7f00000000c0)={0xffffffffffffffff}, 0x84800) ioctl$LOOP_CTL_GET_FREE(r1, 0x4c82) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x27, 0x9}, 0x0) r2 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r2, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500)}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x41, 0x0, 0x3, 0x0, 0x0, 0x0, 0xd12}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f0000000200)='oom_score\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x5, 0x0, &(0x7f0000000180)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x642) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:02 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3270.768632][ T424] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 3270.801661][ T424] CPU: 0 PID: 424 Comm: syz-executor.4 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3270.812124][ T424] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3270.822186][ T424] Call Trace: [ 3270.825610][ T424] dump_stack+0x14a/0x1ce [ 3270.829953][ T424] ? devkmsg_release+0x11c/0x11c [ 3270.834898][ T424] ? show_regs_print_info+0x12/0x12 [ 3270.840193][ T424] ? radix_tree_cpu_dead+0x160/0x160 [ 3270.845833][ T424] ? _raw_spin_lock+0xa1/0x170 [ 3270.850612][ T424] ? _raw_spin_trylock_bh+0x190/0x190 [ 3270.856024][ T424] dump_header+0xdb/0x700 [ 3270.860464][ T424] oom_kill_process+0xd3/0x280 [ 3270.865250][ T424] out_of_memory+0x5b6/0x890 [ 3270.870053][ T424] ? unregister_oom_notifier+0x20/0x20 [ 3270.875527][ T424] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3270.881093][ T424] ? get_page_from_freelist+0x7c0/0x7c0 [ 3270.887495][ T424] ? __zone_watermark_ok+0x91/0x280 [ 3270.892825][ T424] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3270.898199][ T424] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3270.903986][ T424] ? copy_process+0x5a4/0x5110 [ 3270.908735][ T424] ? kmem_cache_alloc+0x1d5/0x260 [ 3270.913852][ T424] copy_process+0x5f3/0x5110 [ 3270.918470][ T424] ? do_wp_page+0xb1b/0x1530 [ 3270.923050][ T424] ? do_swap_page+0x1560/0x1560 [ 3270.927924][ T424] ? fork_idle+0x290/0x290 [ 3270.932769][ T424] ? memset+0x1f/0x40 [ 3270.936748][ T424] ? handle_mm_fault+0xb16/0x40a0 [ 3270.941759][ T424] _do_fork+0x196/0x920 [ 3270.945990][ T424] ? dup_mm+0x300/0x300 [ 3270.950143][ T424] ? ktime_get_raw+0x130/0x130 [ 3270.954991][ T424] __x64_sys_clone+0x25f/0x2c0 [ 3270.959793][ T424] ? __ia32_sys_vfork+0x110/0x110 [ 3270.964815][ T424] ? __x64_sys_clock_gettime+0x20d/0x260 [ 3270.970441][ T424] ? do_user_addr_fault+0x55c/0x9f0 [ 3270.975624][ T424] do_syscall_64+0xcb/0x150 [ 3270.980114][ T424] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3270.985990][ T424] RIP: 0033:0x45ae5a [ 3270.989890][ T424] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 3271.009684][ T424] RSP: 002b:00007ffc9dd74f40 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3271.018381][ T424] RAX: ffffffffffffffda RBX: 00007ffc9dd74f40 RCX: 000000000045ae5a [ 3271.026353][ T424] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3271.034399][ T424] RBP: 00007ffc9dd74f80 R08: 0000000000000001 R09: 00000000011c4940 [ 3271.042369][ T424] R10: 00000000011c4c10 R11: 0000000000000246 R12: 0000000000000001 [ 3271.050327][ T424] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffc9dd74fd0 [ 3271.059157][ T424] Mem-Info: [ 3271.139757][ T424] active_anon:1405183 inactive_anon:10799 isolated_anon:0 [ 3271.139757][ T424] active_file:434 inactive_file:822 isolated_file:36 [ 3271.139757][ T424] unevictable:0 dirty:27 writeback:0 unstable:0 [ 3271.139757][ T424] slab_reclaimable:11023 slab_unreclaimable:89233 [ 3271.139757][ T424] mapped:57296 shmem:14896 pagetables:31288 bounce:0 [ 3271.139757][ T424] free:13528 free_pcp:965 free_cma:0 01:20:03 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{0x0}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3271.191099][ T424] Node 0 active_anon:5616232kB inactive_anon:43196kB active_file:2636kB inactive_file:2996kB unevictable:0kB isolated(anon):0kB isolated(file):160kB mapped:229384kB dirty:108kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 01:20:03 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) [ 3271.223074][ T424] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3271.291878][ T424] lowmem_reserve[]: 0 2912 6416 6416 [ 3271.298374][ T424] DMA32 free:26484kB min:20548kB low:23528kB high:26508kB active_anon:2804556kB inactive_anon:2724kB active_file:1248kB inactive_file:752kB unevictable:0kB writepending:68kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10880kB pagetables:21564kB bounce:0kB free_pcp:64kB local_pcp:0kB free_cma:0kB [ 3271.396608][ T424] lowmem_reserve[]: 0 0 3504 3504 [ 3271.405834][ T424] Normal free:13812kB min:17880kB low:21468kB high:25056kB active_anon:2814020kB inactive_anon:40472kB active_file:2220kB inactive_file:2720kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27520kB pagetables:103588kB bounce:0kB free_pcp:1612kB local_pcp:592kB free_cma:0kB [ 3271.449652][ T424] lowmem_reserve[]: 0 0 0 0 [ 3271.454296][ T424] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3271.467874][ T424] DMA32: 602*4kB (UMEH) 554*8kB (UMH) 938*16kB (UMEH) 35*32kB (UMH) 67*64kB (UMEH) 5*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 27896kB [ 3271.483496][ T424] Normal: 587*4kB (UMEH) 362*8kB (UME) 241*16kB (UME) 58*32kB (UMEH) 41*64kB (UME) 28*128kB (UME) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17164kB [ 3271.499774][ T424] 15703 total pagecache pages [ 3271.504504][ T424] 0 pages in swap cache [ 3271.508664][ T424] Swap cache stats: add 0, delete 0, find 0/0 [ 3271.515291][ T424] Free swap = 0kB [ 3271.519015][ T424] Total swap = 0kB [ 3271.522728][ T424] 1965979 pages RAM [ 3271.526731][ T424] 0 pages HighMem/MovableOnly [ 3271.531412][ T424] 318830 pages reserved [ 3271.535608][ T424] 0 pages cma reserved [ 3271.539795][ T424] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.3,pid=16179,uid=0 [ 3271.554033][ T424] Out of memory: Killed process 16179 (syz-executor.3) total-vm:75232kB, anon-rss:16560kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 01:20:03 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = gettid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x81, 0x7f, 0x49, 0x1, 0x0, 0x5, 0x226b0, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x5, 0x0, @perf_bp={&(0x7f0000000180), 0x4}, 0x2200, 0x400, 0x4, 0x4, 0x400, 0x0, 0x4}, r1, 0xd, 0xffffffffffffffff, 0x3) r3 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r3, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) write$P9_RLERRORu(0xffffffffffffffff, &(0x7f0000000100)={0x19, 0x7, 0x2, {{0xc, 'net/netlink\x00'}, 0x6}}, 0x19) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0) 01:20:03 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {0x0}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:03 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{0x0}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:03 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:20:03 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {0x0}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:03 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{0x0}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:03 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) [ 3272.003868][ T419] syz-executor.3 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 3272.152297][ T419] CPU: 0 PID: 419 Comm: syz-executor.3 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3272.162305][ T419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3272.172449][ T419] Call Trace: [ 3272.175761][ T419] dump_stack+0x14a/0x1ce [ 3272.180085][ T419] ? devkmsg_release+0x11c/0x11c [ 3272.185028][ T419] ? show_regs_print_info+0x12/0x12 [ 3272.190228][ T419] ? radix_tree_cpu_dead+0x160/0x160 [ 3272.196467][ T419] ? _raw_spin_lock+0xa1/0x170 [ 3272.201229][ T419] ? _raw_spin_trylock_bh+0x190/0x190 [ 3272.206607][ T419] dump_header+0xdb/0x700 [ 3272.210953][ T419] oom_kill_process+0xd3/0x280 [ 3272.215720][ T419] out_of_memory+0x5b6/0x890 [ 3272.220318][ T419] ? unregister_oom_notifier+0x20/0x20 [ 3272.225799][ T419] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3272.231355][ T419] ? get_page_from_freelist+0x7c0/0x7c0 [ 3272.236918][ T419] ? __zone_watermark_ok+0x91/0x280 [ 3272.242125][ T419] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3272.247503][ T419] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3272.253058][ T419] ? avc_has_perm_noaudit+0x30c/0x400 [ 3272.258427][ T419] ? avc_denied+0x1c0/0x1c0 [ 3272.262930][ T419] alloc_slab_page+0x3a/0x3a0 [ 3272.267605][ T419] new_slab+0x408/0x450 [ 3272.271755][ T419] ? should_fail+0x18e/0x860 [ 3272.276338][ T419] ___slab_alloc+0x2e0/0x450 [ 3272.280945][ T419] ? handle_mm_fault+0xb16/0x40a0 [ 3272.285977][ T419] ? getname_flags+0xb8/0x610 [ 3272.291535][ T419] ? getname_flags+0xb8/0x610 [ 3272.296220][ T419] kmem_cache_alloc+0x23f/0x260 [ 3272.302739][ T419] getname_flags+0xb8/0x610 [ 3272.307255][ T419] user_path_mountpoint_at+0x22/0x40 [ 3272.312556][ T419] ksys_umount+0x167/0xff0 [ 3272.316975][ T419] ? namespace_unlock+0x4e0/0x4e0 [ 3272.321996][ T419] ? __fpregs_load_activate+0x2d3/0x390 [ 3272.327559][ T419] ? switch_fpu_return+0x10/0x10 [ 3272.332501][ T419] ? do_user_addr_fault+0x55c/0x9f0 [ 3272.337700][ T419] __x64_sys_umount+0x56/0x60 [ 3272.342368][ T419] do_syscall_64+0xcb/0x150 [ 3272.346866][ T419] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3272.352755][ T419] RIP: 0033:0x45f257 [ 3272.356644][ T419] Code: 64 89 04 25 d0 02 00 00 58 5f ff d0 48 89 c7 e8 8f be ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3272.376423][ T419] RSP: 002b:00007ffe0c13b0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 3272.384832][ T419] RAX: ffffffffffffffda RBX: 000000000031eb8a RCX: 000000000045f257 [ 3272.392981][ T419] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffe0c13c200 [ 3272.400956][ T419] RBP: 0000000000004828 R08: 0000000000000001 R09: 000000000183d940 [ 3272.409029][ T419] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffe0c13c200 [ 3272.417012][ T419] R13: 00007ffe0c13c1f0 R14: 0000000000000000 R15: 00007ffe0c13c200 [ 3272.434093][ T419] Mem-Info: [ 3272.442838][ T419] active_anon:1405359 inactive_anon:10799 isolated_anon:0 [ 3272.442838][ T419] active_file:210 inactive_file:188 isolated_file:32 [ 3272.442838][ T419] unevictable:0 dirty:65 writeback:18 unstable:0 [ 3272.442838][ T419] slab_reclaimable:10937 slab_unreclaimable:89725 [ 3272.442838][ T419] mapped:56738 shmem:14896 pagetables:31290 bounce:0 [ 3272.442838][ T419] free:14451 free_pcp:34 free_cma:0 [ 3272.522825][ T419] Node 0 active_anon:5621436kB inactive_anon:43196kB active_file:484kB inactive_file:488kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:226252kB dirty:260kB writeback:72kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3272.550693][ T419] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3272.576846][ T419] lowmem_reserve[]: 0 2912 6416 6416 [ 3272.582644][ T419] DMA32 free:32796kB min:20548kB low:23528kB high:26508kB active_anon:2797348kB inactive_anon:2724kB active_file:692kB inactive_file:388kB unevictable:0kB writepending:108kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11072kB pagetables:21836kB bounce:0kB free_pcp:112kB local_pcp:0kB free_cma:0kB [ 3272.612414][ T419] lowmem_reserve[]: 0 0 3504 3504 [ 3272.618367][ T419] Normal free:10616kB min:5592kB low:9180kB high:12768kB active_anon:2823332kB inactive_anon:40472kB active_file:668kB inactive_file:508kB unevictable:0kB writepending:224kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27392kB pagetables:103324kB bounce:0kB free_pcp:452kB local_pcp:260kB free_cma:0kB [ 3272.648682][ T419] lowmem_reserve[]: 0 0 0 0 [ 3272.660738][ T419] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3272.681282][ T419] DMA32: 788*4kB (UMEH) 684*8kB (UMEH) 1084*16kB (UMEH) 101*32kB (UMH) 54*64kB (UMEH) 1*128kB (M) 2*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 33296kB [ 3272.697956][ T419] Normal: 416*4kB (UME) 60*8kB (UME) 44*16kB (UME) 78*32kB (UME) 43*64kB (UME) 28*128kB (UME) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 11680kB [ 3272.713141][ T419] 15081 total pagecache pages [ 3272.717933][ T419] 0 pages in swap cache [ 3272.722188][ T419] Swap cache stats: add 0, delete 0, find 0/0 [ 3272.728914][ T419] Free swap = 0kB [ 3272.732730][ T419] Total swap = 0kB [ 3272.736654][ T419] 1965979 pages RAM [ 3272.740516][ T419] 0 pages HighMem/MovableOnly [ 3272.745413][ T419] 318830 pages reserved [ 3272.749782][ T419] 0 pages cma reserved [ 3272.753924][ T419] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=32284,uid=0 [ 3272.768232][ T419] Out of memory: Killed process 32284 (syz-executor.0) total-vm:75364kB, anon-rss:16572kB, file-rss:34664kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 01:20:05 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:05 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {0x0}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:05 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:20:05 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:05 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) r4 = open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r5 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) sendmsg$TIPC_NL_UDP_GET_REMOTEIP(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYBLOB="030b000000000000000013000000"], 0x14}}, 0x0) sendmsg$TIPC_NL_MON_GET(r4, &(0x7f0000000280)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4880a800}, 0xc, &(0x7f0000000180)={&(0x7f0000000200)={0x58, 0x0, 0x300, 0x70bd2c, 0x25dfdbfe, {}, [@TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x3}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x80000001}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x5}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7ff}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0xfffffff7}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x401}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xffffffff}]}]}, 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x14000) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r6 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x0) ioctl$PPPIOCATTACH(r6, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:05 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:20:05 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:05 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:05 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) r5 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000040)='IPVS\x00') sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000f80)={0x128, r5, 0x2, 0x70bd2b, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8}]}, @IPVS_CMD_ATTR_SERVICE={0x2c, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x78}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x2}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x8000}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e21}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0xfffffff9}, @IPVS_CMD_ATTR_DAEMON={0x18, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @mcast1}]}, @IPVS_CMD_ATTR_DAEMON={0x30, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_MCAST_GROUP={0x8, 0x5, @empty}, @IPVS_DAEMON_ATTR_MCAST_GROUP6={0x14, 0x6, @private0={0xfc, 0x0, [], 0x1}}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x6, 0x4, 0x6}, @IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}]}, @IPVS_CMD_ATTR_DEST={0x44, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x2b}, @IPVS_DEST_ATTR_TUN_PORT={0x6, 0xe, 0x4e21}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8}, @IPVS_DEST_ATTR_TUN_TYPE={0x5, 0xd, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x141}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x10001}]}, @IPVS_CMD_ATTR_SERVICE={0x34, 0x1, 0x0, 0x1, [@IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x3}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x3b, 0x20}}, @IPVS_SVC_ATTR_PORT={0x6, 0x4, 0x4e24}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@initdev={0xfe, 0x88, [], 0x0, 0x0}}]}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, 0x0, 0x1, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x2}]}]}, 0x128}}, 0x40000) sendmsg$IPVS_CMD_GET_CONFIG(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000200)={&(0x7f0000000180)={0x40, r5, 0x400, 0x70bd2c, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0x2c, 0x2, 0x0, 0x1, [@IPVS_DEST_ATTR_TUN_FLAGS={0x6, 0xf, 0xfff}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e22}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}, @IPVS_DEST_ATTR_PORT={0x6, 0x2, 0x4e22}]}]}, 0x40}, 0x1, 0x0, 0x0, 0x40400b4}, 0x20000000) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r6, &(0x7f0000000500), 0x37d, 0x0) 01:20:05 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:20:05 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3273.556413][ T422] syz-executor.2 invoked oom-killer: gfp_mask=0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), order=0, oom_score_adj=0 [ 3273.570486][ T422] CPU: 1 PID: 422 Comm: syz-executor.2 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3273.580471][ T422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3273.590534][ T422] Call Trace: [ 3273.593930][ T422] dump_stack+0x14a/0x1ce [ 3273.598286][ T422] ? devkmsg_release+0x11c/0x11c [ 3273.603321][ T422] ? show_regs_print_info+0x12/0x12 [ 3273.608626][ T422] ? radix_tree_cpu_dead+0x160/0x160 [ 3273.614079][ T422] ? _raw_spin_lock+0xa1/0x170 [ 3273.619327][ T422] ? _raw_spin_trylock_bh+0x190/0x190 [ 3273.624898][ T422] dump_header+0xdb/0x700 [ 3273.629251][ T422] oom_kill_process+0xd3/0x280 [ 3273.634167][ T422] out_of_memory+0x5b6/0x890 [ 3273.643392][ T422] ? retint_kernel+0x1b/0x1b [ 3273.647991][ T422] ? unregister_oom_notifier+0x20/0x20 [ 3273.653743][ T422] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3273.659503][ T422] ? get_page_from_freelist+0x7c0/0x7c0 [ 3273.665108][ T422] ? ip_getsockopt+0x13c/0x230 [ 3273.669968][ T422] ? __zone_watermark_ok+0x91/0x280 [ 3273.675182][ T422] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3273.680604][ T422] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3273.686184][ T422] ? __vmalloc_node_range+0x439/0x7b0 [ 3273.692106][ T422] ? __kmalloc+0xf7/0x2d0 [ 3273.696446][ T422] ? __vmalloc_node_range+0x439/0x7b0 [ 3273.701983][ T422] __vmalloc_node_range+0x360/0x7b0 [ 3273.707214][ T422] vzalloc+0x70/0x80 [ 3273.711119][ T422] ? alloc_counters+0x66/0x520 [ 3273.715891][ T422] alloc_counters+0x66/0x520 [ 3273.720623][ T422] ? xt_find_table_lock+0x1b0/0x350 [ 3273.725858][ T422] do_arpt_get_ctl+0x5b9/0xa10 [ 3273.730639][ T422] ? alloc_file+0x81/0x4a0 [ 3273.735059][ T422] ? compat_do_arpt_set_ctl+0x24f0/0x24f0 [ 3273.740912][ T422] ? memcpy+0x38/0x50 [ 3273.744902][ T422] ? mutex_lock+0xa6/0x110 [ 3273.749319][ T422] ? __module_get+0x130/0x130 [ 3273.754017][ T422] ? memset+0x1f/0x40 [ 3273.758018][ T422] ? selinux_socket_getsockopt+0x122/0x340 [ 3273.763830][ T422] nf_getsockopt+0x2c1/0x2f0 [ 3273.768462][ T422] ip_getsockopt+0x13c/0x230 [ 3273.773169][ T422] ? compat_ip_setsockopt+0x100/0x100 [ 3273.778566][ T422] ? tcp_getsockopt+0x66/0xd0 [ 3273.783700][ T422] __sys_getsockopt+0x240/0x2b0 [ 3273.788567][ T422] __x64_sys_getsockopt+0xb1/0xc0 [ 3273.793598][ T422] do_syscall_64+0xcb/0x150 [ 3273.798102][ T422] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3273.804097][ T422] RIP: 0033:0x45f33a [ 3273.807984][ T422] Code: b8 34 01 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ed 8b fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ca 8b fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 3273.827675][ T422] RSP: 002b:00007fffeefa3898 EFLAGS: 00000212 ORIG_RAX: 0000000000000037 [ 3273.836189][ T422] RAX: ffffffffffffffda RBX: 00007fffeefa39a0 RCX: 000000000045f33a [ 3273.844160][ T422] RDX: 0000000000000061 RSI: 0000000000000000 RDI: 0000000000000003 [ 3273.852148][ T422] RBP: 0000000000000003 R08: 00007fffeefa38ac R09: 000000000000000a [ 3273.860121][ T422] R10: 00007fffeefa39a0 R11: 0000000000000212 R12: 0000000000000000 [ 3273.868088][ T422] R13: 00007fffeefa4020 R14: 000000000031f0e8 R15: 00007fffeefa4030 [ 3273.884386][ T422] Mem-Info: [ 3273.914392][ T422] active_anon:1407184 inactive_anon:10799 isolated_anon:0 [ 3273.914392][ T422] active_file:578 inactive_file:805 isolated_file:88 [ 3273.914392][ T422] unevictable:0 dirty:44 writeback:1 unstable:0 [ 3273.914392][ T422] slab_reclaimable:10679 slab_unreclaimable:90197 [ 3273.914392][ T422] mapped:57700 shmem:14896 pagetables:31297 bounce:0 [ 3273.914392][ T422] free:11374 free_pcp:29 free_cma:0 [ 3274.008084][ T422] Node 0 active_anon:5628736kB inactive_anon:43196kB active_file:2168kB inactive_file:2160kB unevictable:0kB isolated(anon):0kB isolated(file):232kB mapped:229300kB dirty:176kB writeback:4kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3274.110788][ T422] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3274.176262][ T422] lowmem_reserve[]: 0 2912 6416 6416 [ 3274.182941][ T422] DMA32 free:35196kB min:20548kB low:23528kB high:26508kB active_anon:2792588kB inactive_anon:2724kB active_file:272kB inactive_file:644kB unevictable:0kB writepending:20kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11072kB pagetables:21812kB bounce:0kB free_pcp:44kB local_pcp:44kB free_cma:0kB [ 3274.214149][ T422] lowmem_reserve[]: 0 0 3504 3504 [ 3274.222728][ T422] Normal free:9928kB min:9688kB low:13276kB high:16864kB active_anon:2822148kB inactive_anon:40472kB active_file:1576kB inactive_file:2568kB unevictable:0kB writepending:160kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27328kB pagetables:103376kB bounce:0kB free_pcp:956kB local_pcp:436kB free_cma:0kB [ 3274.263567][ T422] lowmem_reserve[]: 0 0 0 0 [ 3274.270798][ T422] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3274.300965][ T422] DMA32: 881*4kB (UMEH) 644*8kB (UMEH) 1169*16kB (UMEH) 166*32kB (UMH) 52*64kB (UMEH) 20*128kB (M) 2*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 39092kB 01:20:06 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:06 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) preadv(0xffffffffffffffff, &(0x7f0000000500), 0x37d, 0x0) [ 3274.319554][ T422] Normal: 633*4kB (UMEH) 278*8kB (UME) 224*16kB (UMEH) 105*32kB (UMEH) 23*64kB (UME) 7*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 14068kB [ 3274.336428][ T422] 16531 total pagecache pages [ 3274.347962][ T422] 0 pages in swap cache [ 3274.352170][ T422] Swap cache stats: add 0, delete 0, find 0/0 [ 3274.362283][ T422] Free swap = 0kB [ 3274.387692][ T422] Total swap = 0kB [ 3274.391463][ T422] 1965979 pages RAM [ 3274.402841][ T422] 0 pages HighMem/MovableOnly [ 3274.407565][ T422] 318830 pages reserved [ 3274.411714][ T422] 0 pages cma reserved 01:20:06 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x1, 0x0, 0x3, 0x6, 0x4, 0xfffffffffffffffe}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:20:06 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x5, 0x1, 0x0, 0x3, 0x0, 0x0, 0x0, 0xfffffffd}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000001540)=[{&(0x7f0000000200)=""/81, 0x51}, {&(0x7f0000000340)=""/228, 0xe4}, {&(0x7f0000000440)=""/4082, 0xff2}, {&(0x7f00000000c0)=""/33, 0x21}, {&(0x7f0000000180)}, {&(0x7f0000000280)=""/48, 0x30}, {&(0x7f00000015c0)=""/206, 0xce}], 0x7, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) r6 = syz_open_dev$evdev(&(0x7f0000000180)='/dev/input/event#\x00', 0x7, 0x400000) ioctl$EVIOCGABS3F(r6, 0x8018457f, &(0x7f0000001440)=""/71) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) [ 3274.425463][ T422] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=32346,uid=0 01:20:06 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:20:06 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x0, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3274.796393][T32395] syz-executor.5 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 3274.832385][T32395] CPU: 1 PID: 32395 Comm: syz-executor.5 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3274.842576][T32395] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3274.852633][T32395] Call Trace: [ 3274.855945][T32395] dump_stack+0x14a/0x1ce [ 3274.860291][T32395] ? devkmsg_release+0x11c/0x11c [ 3274.865231][T32395] ? show_regs_print_info+0x12/0x12 [ 3274.870520][T32395] ? radix_tree_cpu_dead+0x160/0x160 [ 3274.875925][T32395] ? _raw_spin_lock+0xa1/0x170 [ 3274.880715][T32395] ? _raw_spin_trylock_bh+0x190/0x190 [ 3274.886108][T32395] dump_header+0xdb/0x700 [ 3274.890448][T32395] oom_kill_process+0xd3/0x280 [ 3274.895240][T32395] out_of_memory+0x5b6/0x890 [ 3274.899840][T32395] ? unregister_oom_notifier+0x20/0x20 [ 3274.905394][T32395] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3274.911213][T32395] ? get_page_from_freelist+0x7c0/0x7c0 [ 3274.916784][T32395] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3274.922177][T32395] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3274.927756][T32395] handle_mm_fault+0x1689/0x40a0 [ 3274.932725][T32395] ? finish_fault+0x230/0x230 [ 3274.937406][T32395] ? do_mmap+0x9ad/0x1060 [ 3274.941729][T32395] ? up_read+0x10/0x10 [ 3274.945818][T32395] ? __up_read+0x1b0/0x1b0 [ 3274.950243][T32395] ? vmacache_update+0x9f/0xf0 [ 3274.955122][T32395] do_user_addr_fault+0x48a/0x9f0 [ 3274.960151][T32395] page_fault+0x2f/0x40 [ 3274.964438][T32395] RIP: 0033:0x41407f [ 3274.968329][T32395] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 3274.988021][T32395] RSP: 002b:00007ffc86121e90 EFLAGS: 00010206 [ 3274.994090][T32395] RAX: 00007f0c794f7000 RBX: 0000000000020000 RCX: 000000000045c87a [ 3275.002067][T32395] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 3275.010211][T32395] RBP: 00007ffc86121f70 R08: ffffffffffffffff R09: 0000000000000000 [ 3275.018198][T32395] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc86122070 [ 3275.026189][T32395] R13: 00007f0c79517700 R14: 00000000000008ba R15: 000000000078c04c [ 3275.077484][T32395] Mem-Info: [ 3275.080766][T32395] active_anon:1408780 inactive_anon:10799 isolated_anon:0 [ 3275.080766][T32395] active_file:518 inactive_file:509 isolated_file:52 [ 3275.080766][T32395] unevictable:0 dirty:39 writeback:0 unstable:0 [ 3275.080766][T32395] slab_reclaimable:10566 slab_unreclaimable:90315 [ 3275.080766][T32395] mapped:57348 shmem:14896 pagetables:31373 bounce:0 [ 3275.080766][T32395] free:10100 free_pcp:31 free_cma:0 [ 3275.132511][T32395] Node 0 active_anon:5635120kB inactive_anon:43196kB active_file:1548kB inactive_file:1464kB unevictable:0kB isolated(anon):0kB isolated(file):80kB mapped:228692kB dirty:156kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3275.157204][T32395] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3275.192752][T32395] lowmem_reserve[]: 0 2912 6416 6416 [ 3275.204082][T32395] DMA32 free:20044kB min:8740kB low:11720kB high:14700kB active_anon:2806764kB inactive_anon:2724kB active_file:180kB inactive_file:276kB unevictable:0kB writepending:8kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11072kB pagetables:21828kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3275.253006][T32395] lowmem_reserve[]: 0 0 3504 3504 [ 3275.258676][T32395] Normal free:6976kB min:9688kB low:13276kB high:16864kB active_anon:2827588kB inactive_anon:40472kB active_file:1072kB inactive_file:976kB unevictable:0kB writepending:148kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27552kB pagetables:103672kB bounce:0kB free_pcp:232kB local_pcp:0kB free_cma:0kB [ 3275.288990][T32395] lowmem_reserve[]: 0 0 0 0 [ 3275.294000][T32395] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3275.307796][T32395] DMA32: 302*4kB (UMEH) 449*8kB (UMH) 890*16kB (UMEH) 17*32kB (H) 5*64kB (MEH) 2*128kB (M) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20416kB [ 3275.330942][T32395] Normal: 620*4kB (UME) 277*8kB (UME) 46*16kB (UME) 41*32kB (UME) 8*64kB (ME) 3*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 7640kB [ 3275.372762][T32395] 15223 total pagecache pages [ 3275.378014][T32395] 0 pages in swap cache [ 3275.382669][T32395] Swap cache stats: add 0, delete 0, find 0/0 [ 3275.389227][T32395] Free swap = 0kB [ 3275.393426][T32395] Total swap = 0kB [ 3275.397746][T32395] 1965979 pages RAM [ 3275.405999][T32395] 0 pages HighMem/MovableOnly [ 3275.410845][T32395] 318830 pages reserved [ 3275.415156][T32395] 0 pages cma reserved [ 3275.419361][T32395] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=31554,uid=0 [ 3275.433829][T32395] Out of memory: Killed process 31554 (syz-executor.0) total-vm:75364kB, anon-rss:16572kB, file-rss:34692kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3275.754195][T32408] syz-executor.5 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 3275.779129][T32408] CPU: 0 PID: 32408 Comm: syz-executor.5 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3275.789306][T32408] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3275.799476][T32408] Call Trace: [ 3275.802777][T32408] dump_stack+0x14a/0x1ce [ 3275.807114][T32408] ? devkmsg_release+0x11c/0x11c [ 3275.812051][T32408] ? show_regs_print_info+0x12/0x12 [ 3275.817250][T32408] ? radix_tree_cpu_dead+0x160/0x160 [ 3275.822544][T32408] ? _raw_spin_lock+0xa1/0x170 [ 3275.827304][T32408] ? _raw_spin_trylock_bh+0x190/0x190 [ 3275.832673][T32408] dump_header+0xdb/0x700 [ 3275.837016][T32408] oom_kill_process+0xd3/0x280 [ 3275.841798][T32408] out_of_memory+0x5b6/0x890 [ 3275.846389][T32408] ? unregister_oom_notifier+0x20/0x20 [ 3275.851862][T32408] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3275.857412][T32408] ? get_page_from_freelist+0x7c0/0x7c0 [ 3275.862963][T32408] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3275.868336][T32408] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3275.873877][T32408] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 3275.879588][T32408] ? ___preempt_schedule+0x16/0x20 [ 3275.884688][T32408] ? __lru_cache_add+0x198/0x1f0 [ 3275.889617][T32408] wp_page_copy+0x1cb/0x1120 [ 3275.894224][T32408] ? __rcu_read_lock+0x50/0x50 [ 3275.899016][T32408] ? add_mm_rss_vec+0x270/0x270 [ 3275.903892][T32408] ? update_load_avg+0x410/0x8f0 [ 3275.908827][T32408] ? vm_normal_page+0x1c9/0x1d0 [ 3275.913686][T32408] do_wp_page+0x4c1/0x1530 [ 3275.918110][T32408] ? _raw_spin_lock+0xa1/0x170 [ 3275.922866][T32408] ? do_swap_page+0x1560/0x1560 [ 3275.927710][T32408] handle_mm_fault+0x1354/0x40a0 [ 3275.932729][T32408] ? finish_fault+0x230/0x230 [ 3275.937578][T32408] ? find_next_bit+0xf7/0x120 [ 3275.942269][T32408] ? __up_read+0x1b0/0x1b0 [ 3275.946681][T32408] ? vmacache_find+0x205/0x4b0 [ 3275.951438][T32408] do_user_addr_fault+0x48a/0x9f0 [ 3275.956471][T32408] page_fault+0x2f/0x40 [ 3275.960627][T32408] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 3275.967211][T32408] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 3275.987245][T32408] RSP: 0018:ffff888074277888 EFLAGS: 00010206 [ 3275.993329][T32408] RAX: ffffffff81f75001 RBX: 00000000200b9500 RCX: 0000000000000500 [ 3276.001312][T32408] RDX: 0000000000001000 RSI: ffff8881d41a1b00 RDI: 00000000200b9000 [ 3276.009282][T32408] RBP: ffff888074277da8 R08: dffffc0000000000 R09: ffffed103a834400 [ 3276.017355][T32408] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 3276.025516][T32408] R13: 0000000000001000 R14: ffff8881d41a1000 R15: 00000000200b8500 [ 3276.033506][T32408] ? copyout+0x1/0xb0 [ 3276.037513][T32408] copyout+0x8e/0xb0 [ 3276.041437][T32408] copy_page_to_iter+0x393/0xbd0 [ 3276.046382][T32408] pipe_to_user+0xa3/0x130 [ 3276.050792][T32408] __splice_from_pipe+0x2d3/0x870 [ 3276.055827][T32408] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 3276.061373][T32408] do_vmsplice+0x252/0xee0 [ 3276.065791][T32408] ? preempt_schedule_notrace+0x130/0x130 [ 3276.071517][T32408] ? write_pipe_buf+0x1d0/0x1d0 [ 3276.076369][T32408] ? check_stack_object+0x5a/0x90 [ 3276.081399][T32408] ? _copy_from_user+0xa4/0xe0 [ 3276.086167][T32408] ? rw_copy_check_uvector+0x2b3/0x310 [ 3276.091653][T32408] ? import_iovec+0x1c2/0x380 [ 3276.096332][T32408] ? dup_iter+0x110/0x110 [ 3276.100661][T32408] ? perf_pmu_sched_task+0x370/0x370 [ 3276.105953][T32408] __se_sys_vmsplice+0x1fb/0x300 [ 3276.110897][T32408] ? __x64_sys_vmsplice+0xa0/0xa0 [ 3276.115921][T32408] ? __fpregs_load_activate+0x2d3/0x390 [ 3276.121600][T32408] ? switch_fpu_return+0x10/0x10 [ 3276.126553][T32408] do_syscall_64+0xcb/0x150 [ 3276.131083][T32408] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3276.137193][T32408] RIP: 0033:0x45c829 [ 3276.141093][T32408] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3276.160690][T32408] RSP: 002b:00007f0c79537c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 3276.169112][T32408] RAX: ffffffffffffffda RBX: 0000000000509d00 RCX: 000000000045c829 [ 3276.177085][T32408] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004 [ 3276.185141][T32408] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 3276.193112][T32408] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3276.201084][T32408] R13: 0000000000000c49 R14: 00000000004ce70e R15: 00007f0c795386d4 [ 3276.234894][T32408] Mem-Info: [ 3276.239043][T32408] active_anon:1409779 inactive_anon:10799 isolated_anon:0 [ 3276.239043][T32408] active_file:31 inactive_file:63 isolated_file:24 [ 3276.239043][T32408] unevictable:0 dirty:0 writeback:0 unstable:0 [ 3276.239043][T32408] slab_reclaimable:10566 slab_unreclaimable:90317 [ 3276.239043][T32408] mapped:56441 shmem:14896 pagetables:31345 bounce:0 [ 3276.239043][T32408] free:10241 free_pcp:218 free_cma:0 [ 3276.277704][T32408] Node 0 active_anon:5639116kB inactive_anon:43196kB active_file:124kB inactive_file:76kB unevictable:0kB isolated(anon):0kB isolated(file):96kB mapped:225764kB dirty:0kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3276.302592][T32408] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3276.329100][T32408] lowmem_reserve[]: 0 2912 6416 6416 [ 3276.335471][T32408] DMA32 free:19044kB min:20548kB low:23528kB high:26508kB active_anon:2807268kB inactive_anon:2724kB active_file:12kB inactive_file:448kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11008kB pagetables:21828kB bounce:0kB free_pcp:1228kB local_pcp:252kB free_cma:0kB [ 3276.373007][T32408] lowmem_reserve[]: 0 0 3504 3504 [ 3276.378436][T32408] Normal free:12064kB min:5592kB low:9180kB high:12768kB active_anon:2823784kB inactive_anon:40472kB active_file:12kB inactive_file:8kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27520kB pagetables:103552kB bounce:0kB free_pcp:1784kB local_pcp:1592kB free_cma:0kB [ 3276.408334][T32408] lowmem_reserve[]: 0 0 0 0 [ 3276.413102][T32408] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3276.426626][T32408] DMA32: 84*4kB (UMH) 440*8kB (UMH) 893*16kB (UMEH) 22*32kB (UMH) 5*64kB (MEH) 1*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 19296kB [ 3276.441458][T32408] Normal: 837*4kB (UME) 256*8kB (UMEH) 169*16kB (UME) 73*32kB (UME) 16*64kB (ME) 3*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 11844kB [ 3276.463306][T32408] 15172 total pagecache pages [ 3276.468115][T32408] 0 pages in swap cache [ 3276.472337][T32408] Swap cache stats: add 0, delete 0, find 0/0 [ 3276.478546][T32408] Free swap = 0kB [ 3276.482383][T32408] Total swap = 0kB [ 3276.486242][T32408] 1965979 pages RAM [ 3276.490129][T32408] 0 pages HighMem/MovableOnly [ 3276.494901][T32408] 318830 pages reserved [ 3276.499271][T32408] 0 pages cma reserved [ 3276.503455][T32408] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=32389,uid=0 01:20:09 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:20:09 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x6, 0x10001}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x401}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x3, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r3 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r4 = dup2(0xffffffffffffffff, 0xffffffffffffffff) ioctl$KDFONTOP_COPY(r4, 0x4b72, &(0x7f00000000c0)={0x3, 0x0, 0x19, 0x14, 0x14, &(0x7f0000000340)}) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:09 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3277.525681][T32422] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3277.552196][T32422] CPU: 1 PID: 32422 Comm: syz-executor.4 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3277.562419][T32422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3277.572484][T32422] Call Trace: [ 3277.575818][T32422] dump_stack+0x14a/0x1ce [ 3277.580154][T32422] ? devkmsg_release+0x11c/0x11c [ 3277.585096][T32422] ? show_regs_print_info+0x12/0x12 [ 3277.591250][T32422] ? radix_tree_cpu_dead+0x160/0x160 [ 3277.596533][T32422] ? _raw_spin_lock+0xa1/0x170 [ 3277.601300][T32422] ? _raw_spin_trylock_bh+0x190/0x190 [ 3277.606673][T32422] dump_header+0xdb/0x700 [ 3277.611032][T32422] oom_kill_process+0xd3/0x280 [ 3277.615807][T32422] out_of_memory+0x5b6/0x890 [ 3277.620406][T32422] ? unregister_oom_notifier+0x20/0x20 [ 3277.625878][T32422] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3277.631433][T32422] ? unwind_get_return_address+0x48/0x90 [ 3277.637095][T32422] ? get_page_from_freelist+0x7c0/0x7c0 [ 3277.642650][T32422] ? __zone_watermark_ok+0x91/0x280 [ 3277.648105][T32422] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3277.653486][T32422] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3277.659052][T32422] ? copy_process+0x5a4/0x5110 [ 3277.663817][T32422] ? kmem_cache_alloc+0x1d5/0x260 [ 3277.668851][T32422] copy_process+0x5f3/0x5110 [ 3277.673455][T32422] ? get_mem_cgroup_from_mm+0x27b/0x2c0 [ 3277.679015][T32422] ? _raw_spin_lock+0xa1/0x170 [ 3277.683799][T32422] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 3277.689601][T32422] ? fork_idle+0x290/0x290 [ 3277.694006][T32422] ? _raw_spin_unlock+0x5/0x20 [ 3277.698769][T32422] ? handle_mm_fault+0xb16/0x40a0 [ 3277.703788][T32422] _do_fork+0x196/0x920 [ 3277.707959][T32422] ? dup_mm+0x300/0x300 [ 3277.712113][T32422] ? do_mmap+0x9ad/0x1060 [ 3277.716450][T32422] __x64_sys_clone+0x25f/0x2c0 [ 3277.721235][T32422] ? __ia32_sys_vfork+0x110/0x110 [ 3277.726276][T32422] ? do_user_addr_fault+0x55c/0x9f0 [ 3277.731494][T32422] do_syscall_64+0xcb/0x150 [ 3277.736010][T32422] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3277.741927][T32422] RIP: 0033:0x45f1f9 [ 3277.745834][T32422] Code: ff 48 85 f6 0f 84 37 8d fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 0e 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 3277.765522][T32422] RSP: 002b:00007ffc9dd74c98 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 3277.773943][T32422] RAX: ffffffffffffffda RBX: 00007f67d72f7700 RCX: 000000000045f1f9 [ 3277.781910][T32422] RDX: 00007f67d72f79d0 RSI: 00007f67d72f6db0 RDI: 00000000003d0f00 [ 3277.789898][T32422] RBP: 00007ffc9dd74ec0 R08: 00007f67d72f7700 R09: 00007f67d72f7700 [ 3277.797863][T32422] R10: 00007f67d72f79d0 R11: 0000000000000202 R12: 0000000000000000 [ 3277.805832][T32422] R13: 00007ffc9dd74d4f R14: 00007f67d72f79c0 R15: 000000000078c04c [ 3277.832214][T32422] Mem-Info: [ 3277.838975][T32422] active_anon:1405564 inactive_anon:10799 isolated_anon:0 [ 3277.838975][T32422] active_file:335 inactive_file:1009 isolated_file:64 [ 3277.838975][T32422] unevictable:0 dirty:2 writeback:1 unstable:0 [ 3277.838975][T32422] slab_reclaimable:10566 slab_unreclaimable:90085 [ 3277.838975][T32422] mapped:57374 shmem:14896 pagetables:31282 bounce:0 [ 3277.838975][T32422] free:13116 free_pcp:553 free_cma:0 [ 3277.879861][T32422] Node 0 active_anon:5622256kB inactive_anon:43196kB active_file:1340kB inactive_file:4536kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:229796kB dirty:8kB writeback:4kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3277.905368][T32422] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3277.932408][T32422] lowmem_reserve[]: 0 2912 6416 6416 [ 3277.943790][T32422] DMA32 free:24856kB min:20548kB low:23528kB high:26508kB active_anon:2800724kB inactive_anon:2724kB active_file:276kB inactive_file:292kB unevictable:0kB writepending:8kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10912kB pagetables:21880kB bounce:0kB free_pcp:1712kB local_pcp:1372kB free_cma:0kB 01:20:09 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) preadv(0xffffffffffffffff, &(0x7f0000000500), 0x37d, 0x0) 01:20:09 executing program 3: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3277.984101][T32422] lowmem_reserve[]: 0 0 3504 3504 [ 3277.989283][T32422] Normal free:9488kB min:5592kB low:9180kB high:12768kB active_anon:2821592kB inactive_anon:40472kB active_file:2776kB inactive_file:3672kB unevictable:0kB writepending:96kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27488kB pagetables:103252kB bounce:0kB free_pcp:64kB local_pcp:0kB free_cma:0kB [ 3278.047826][T32422] lowmem_reserve[]: 0 0 0 0 [ 3278.052423][T32422] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3278.066163][T32422] DMA32: 634*4kB (UMH) 591*8kB (UMH) 1009*16kB (UMEH) 69*32kB (UMH) 17*64kB (UMEH) 1*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26832kB [ 3278.081729][T32422] Normal: 238*4kB (UME) 102*8kB (UME) 86*16kB (ME) 83*32kB (UMEH) 14*64kB (UME) 4*128kB (ME) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 7208kB [ 3278.096733][T32422] 17114 total pagecache pages [ 3278.101414][T32422] 0 pages in swap cache [ 3278.105848][T32422] Swap cache stats: add 0, delete 0, find 0/0 [ 3278.111960][T32422] Free swap = 0kB [ 3278.120891][T32422] Total swap = 0kB [ 3278.132833][T32422] 1965979 pages RAM [ 3278.136886][T32422] 0 pages HighMem/MovableOnly [ 3278.141683][T32422] 318830 pages reserved [ 3278.156633][T32422] 0 pages cma reserved [ 3278.172360][T32422] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=31553,uid=0 01:20:10 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) [ 3278.196957][T32422] Out of memory: Killed process 31553 (syz-executor.0) total-vm:75364kB, anon-rss:16572kB, file-rss:34692kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 01:20:10 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {0x0}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x0, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:10 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) preadv(0xffffffffffffffff, &(0x7f0000000500), 0x37d, 0x0) 01:20:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x0, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:10 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {0x0}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:10 executing program 3: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:10 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r4 = gettid() ptrace$setopts(0x4206, r4, 0x0, 0x0) sched_setattr(r4, &(0x7f0000000080)={0x38, 0x2, 0x21, 0x0, 0x3, 0xfffffffffffffffc}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r5 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r6 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x0) ioctl$PPPIOCATTACH(r6, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:10 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {0x0}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:10 executing program 3: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3279.245146][ T404] syz-fuzzer invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 3279.256155][ T404] CPU: 0 PID: 404 Comm: syz-fuzzer Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3279.265804][ T404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3279.275870][ T404] Call Trace: [ 3279.279517][ T404] dump_stack+0x14a/0x1ce [ 3279.284004][ T404] ? devkmsg_release+0x11c/0x11c [ 3279.288949][ T404] ? show_regs_print_info+0x12/0x12 [ 3279.295801][ T404] ? radix_tree_cpu_dead+0x160/0x160 [ 3279.301080][ T404] ? _raw_spin_lock+0xa1/0x170 [ 3279.305837][ T404] ? _raw_spin_trylock_bh+0x190/0x190 [ 3279.311312][ T404] dump_header+0xdb/0x700 [ 3279.315666][ T404] oom_kill_process+0xd3/0x280 [ 3279.320453][ T404] out_of_memory+0x5b6/0x890 [ 3279.325143][ T404] ? unregister_oom_notifier+0x20/0x20 [ 3279.330718][ T404] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3279.336276][ T404] ? get_page_from_freelist+0x7c0/0x7c0 [ 3279.341842][ T404] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3279.347240][ T404] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3279.352997][ T404] pagecache_get_page+0x50f/0x880 [ 3279.358464][ T404] filemap_fault+0x1474/0x19d0 [ 3279.363233][ T404] ? generic_file_read_iter+0x20b0/0x20b0 [ 3279.368963][ T404] ext4_filemap_fault+0x7b/0x90 [ 3279.373821][ T404] handle_mm_fault+0x2837/0x40a0 [ 3279.378765][ T404] ? finish_fault+0x230/0x230 [ 3279.383447][ T404] ? __up_read+0x1b0/0x1b0 [ 3279.387891][ T404] ? vmacache_find+0x2d2/0x4b0 [ 3279.392670][ T404] do_user_addr_fault+0x48a/0x9f0 [ 3279.397703][ T404] page_fault+0x2f/0x40 [ 3279.401866][ T404] RIP: 0033:0x730d95 [ 3279.406057][ T404] Code: cc cc cc cc cc 48 8b 44 24 08 84 00 48 89 44 24 08 c6 44 24 10 00 e9 3a 3b ff ff cc cc cc cc cc cc cc cc cc cc 48 8b 44 24 08 <84> 00 48 89 44 24 08 48 c7 44 24 10 00 00 00 00 e9 26 3b ff ff cc [ 3279.426983][ T404] RSP: 002b:000000c4338c3848 EFLAGS: 00010206 [ 3279.433148][ T404] RAX: 000000000130b080 RBX: 000000c438a425a0 RCX: 0000000000730d90 [ 3279.441315][ T404] RDX: 000000003c84c8af RSI: 0000000000000020 RDI: 000000c42e999dc0 [ 3279.449635][ T404] RBP: 000000c4338c3860 R08: 0000000000000000 R09: 0000000000000000 [ 3279.457628][ T404] R10: 00000000009f1ef2 R11: 0000000000000004 R12: 0000000000000000 [ 3279.465622][ T404] R13: 0000000000000020 R14: 0000000000000013 R15: 0000000000000100 [ 3279.474619][ T404] Mem-Info: [ 3279.477928][ T404] active_anon:1408517 inactive_anon:10799 isolated_anon:0 [ 3279.477928][ T404] active_file:377 inactive_file:427 isolated_file:32 [ 3279.477928][ T404] unevictable:0 dirty:13 writeback:0 unstable:0 [ 3279.477928][ T404] slab_reclaimable:10537 slab_unreclaimable:90067 [ 3279.477928][ T404] mapped:57105 shmem:14896 pagetables:31338 bounce:0 [ 3279.477928][ T404] free:11092 free_pcp:0 free_cma:0 [ 3279.527297][ T404] Node 0 active_anon:5634068kB inactive_anon:43196kB active_file:1328kB inactive_file:1320kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:228120kB dirty:52kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3279.552273][ T404] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3279.599488][ T404] lowmem_reserve[]: 0 2912 6416 6416 [ 3279.610692][ T404] DMA32 free:20988kB min:20548kB low:23528kB high:26508kB active_anon:2804916kB inactive_anon:2724kB active_file:308kB inactive_file:724kB unevictable:0kB writepending:32kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10976kB pagetables:21784kB bounce:0kB free_pcp:236kB local_pcp:4kB free_cma:0kB [ 3279.644987][ T404] lowmem_reserve[]: 0 0 3504 3504 [ 3279.650261][ T404] Normal free:8644kB min:9688kB low:13276kB high:16864kB active_anon:2828708kB inactive_anon:40472kB active_file:956kB inactive_file:564kB unevictable:0kB writepending:120kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27552kB pagetables:103568kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3279.688227][ T404] lowmem_reserve[]: 0 0 0 0 [ 3279.692959][ T404] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3279.716293][ T404] DMA32: 417*4kB (UMEH) 455*8kB (UMEH) 893*16kB (UMEH) 34*32kB (UMH) 13*64kB (MEH) 4*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 22028kB [ 3279.748541][ T404] Normal: 749*4kB (UME) 144*8kB (UME) 53*16kB (UMEH) 48*32kB (UMEH) 23*64kB (UMEH) 6*128kB (UEH) 2*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9284kB [ 3279.780184][ T404] 15122 total pagecache pages [ 3279.790758][ T404] 0 pages in swap cache [ 3279.799613][ T404] Swap cache stats: add 0, delete 0, find 0/0 [ 3279.806418][ T404] Free swap = 0kB [ 3279.812783][ T404] Total swap = 0kB [ 3279.816998][ T404] 1965979 pages RAM [ 3279.822098][ T404] 0 pages HighMem/MovableOnly [ 3279.827707][ T404] 318830 pages reserved 01:20:11 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x0, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:11 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3279.832328][ T404] 0 pages cma reserved [ 3279.864503][ T404] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=32481,uid=0 [ 3279.880065][ T404] Out of memory: Killed process 32481 (syz-executor.4) total-vm:75364kB, anon-rss:16560kB, file-rss:34720kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 01:20:11 executing program 3: prlimit64(0x0, 0x0, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:11 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:11 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000100)={'veth1_to_batadv\x00', 0x10}) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0) 01:20:11 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x11, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:12 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x0, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:12 executing program 3: prlimit64(0x0, 0x0, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:12 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3280.219228][T32526] syz-executor.5 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 3280.243576][T32526] CPU: 1 PID: 32526 Comm: syz-executor.5 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3280.253769][T32526] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3280.263827][T32526] Call Trace: [ 3280.267133][T32526] dump_stack+0x14a/0x1ce [ 3280.271472][T32526] ? devkmsg_release+0x11c/0x11c [ 3280.276428][T32526] ? show_regs_print_info+0x12/0x12 [ 3280.281643][T32526] ? radix_tree_cpu_dead+0x160/0x160 [ 3280.287052][T32526] ? _raw_spin_lock+0xa1/0x170 [ 3280.291827][T32526] ? _raw_spin_trylock_bh+0x190/0x190 [ 3280.297221][T32526] dump_header+0xdb/0x700 [ 3280.301571][T32526] oom_kill_process+0xd3/0x280 [ 3280.306356][T32526] out_of_memory+0x5b6/0x890 [ 3280.310964][T32526] ? unregister_oom_notifier+0x20/0x20 [ 3280.316466][T32526] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3280.322168][T32526] ? get_page_from_freelist+0x7c0/0x7c0 [ 3280.327758][T32526] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3280.333148][T32526] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3280.338700][T32526] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 3280.344771][T32526] ? __perf_event_task_sched_in+0x4f7/0x560 [ 3280.350701][T32526] wp_page_copy+0x1cb/0x1120 [ 3280.355330][T32526] ? add_mm_rss_vec+0x270/0x270 [ 3280.360214][T32526] ? __schedule+0x920/0xef0 [ 3280.364753][T32526] ? vm_normal_page+0x1c9/0x1d0 [ 3280.369633][T32526] do_wp_page+0x4c1/0x1530 [ 3280.374059][T32526] ? _raw_spin_lock+0xa1/0x170 [ 3280.378848][T32526] ? do_swap_page+0x1560/0x1560 [ 3280.383734][T32526] handle_mm_fault+0x1354/0x40a0 [ 3280.388678][T32526] ? finish_fault+0x230/0x230 [ 3280.393353][T32526] ? __up_read+0x1b0/0x1b0 [ 3280.397768][T32526] ? vmacache_find+0x3a2/0x4b0 [ 3280.402545][T32526] do_user_addr_fault+0x48a/0x9f0 [ 3280.407602][T32526] page_fault+0x2f/0x40 [ 3280.413854][T32526] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 3280.420439][T32526] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 3280.440222][T32526] RSP: 0018:ffff888108317888 EFLAGS: 00010206 [ 3280.446401][T32526] RAX: ffffffff81f75001 RBX: 0000000020446500 RCX: 0000000000000500 [ 3280.454376][T32526] RDX: 0000000000001000 RSI: ffff88811c4d7b00 RDI: 0000000020446000 [ 3280.462365][T32526] RBP: ffff888108317da8 R08: dffffc0000000000 R09: ffffed102389b000 [ 3280.470354][T32526] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 3280.478325][T32526] R13: 0000000000001000 R14: ffff88811c4d7000 R15: 0000000020445500 [ 3280.486308][T32526] ? copyout+0x1/0xb0 [ 3280.490294][T32526] copyout+0x8e/0xb0 [ 3280.494284][T32526] copy_page_to_iter+0x393/0xbd0 [ 3280.499229][T32526] pipe_to_user+0xa3/0x130 [ 3280.503653][T32526] __splice_from_pipe+0x2d3/0x870 [ 3280.508686][T32526] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 3280.514226][T32526] do_vmsplice+0x252/0xee0 [ 3280.518668][T32526] ? avc_ss_reset+0x3a0/0x3a0 [ 3280.523343][T32526] ? write_pipe_buf+0x1d0/0x1d0 [ 3280.528198][T32526] ? __rcu_read_lock+0x50/0x50 [ 3280.532964][T32526] ? check_stack_object+0x5a/0x90 [ 3280.538091][T32526] ? _copy_from_user+0xa4/0xe0 [ 3280.542880][T32526] ? rw_copy_check_uvector+0x2b3/0x310 [ 3280.548386][T32526] ? import_iovec+0x1c2/0x380 [ 3280.553070][T32526] ? dup_iter+0x110/0x110 [ 3280.557397][T32526] ? do_vfs_ioctl+0x780/0x1750 [ 3280.562159][T32526] __se_sys_vmsplice+0x1fb/0x300 [ 3280.567098][T32526] ? __x64_sys_vmsplice+0xa0/0xa0 [ 3280.572128][T32526] ? put_timespec64+0x109/0x150 [ 3280.577074][T32526] ? __x64_sys_clock_gettime+0x20d/0x260 [ 3280.582725][T32526] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 3280.588467][T32526] do_syscall_64+0xcb/0x150 [ 3280.593063][T32526] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3280.598966][T32526] RIP: 0033:0x45c829 [ 3280.602887][T32526] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3280.622574][T32526] RSP: 002b:00007f0c79537c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 3280.631005][T32526] RAX: ffffffffffffffda RBX: 0000000000509d00 RCX: 000000000045c829 [ 3280.638983][T32526] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004 [ 3280.646969][T32526] RBP: 000000000078bfa0 R08: 0000000000000000 R09: 0000000000000000 [ 3280.654937][T32526] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3280.662918][T32526] R13: 0000000000000c49 R14: 00000000004ce70e R15: 00007f0c795386d4 [ 3280.680743][T32526] Mem-Info: [ 3280.703824][T32526] active_anon:1408165 inactive_anon:10799 isolated_anon:0 [ 3280.703824][T32526] active_file:298 inactive_file:306 isolated_file:32 [ 3280.703824][T32526] unevictable:0 dirty:41 writeback:0 unstable:0 [ 3280.703824][T32526] slab_reclaimable:10534 slab_unreclaimable:90147 [ 3280.703824][T32526] mapped:57009 shmem:14896 pagetables:31336 bounce:0 [ 3280.703824][T32526] free:11091 free_pcp:74 free_cma:0 [ 3280.801803][T32526] Node 0 active_anon:5632660kB inactive_anon:43196kB active_file:768kB inactive_file:760kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:227336kB dirty:164kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3280.832879][T32526] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3280.859785][T32526] lowmem_reserve[]: 0 2912 6416 6416 [ 3280.865823][T32526] DMA32 free:21324kB min:8740kB low:11720kB high:14700kB active_anon:2804500kB inactive_anon:2724kB active_file:424kB inactive_file:192kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11040kB pagetables:22116kB bounce:0kB free_pcp:92kB local_pcp:0kB free_cma:0kB [ 3280.896111][T32526] lowmem_reserve[]: 0 0 3504 3504 [ 3280.901808][T32526] Normal free:9252kB min:9688kB low:13276kB high:16864kB active_anon:2827456kB inactive_anon:40472kB active_file:428kB inactive_file:704kB unevictable:0kB writepending:20kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27680kB pagetables:103480kB bounce:0kB free_pcp:24kB local_pcp:0kB free_cma:0kB [ 3280.938848][T32526] lowmem_reserve[]: 0 0 0 0 [ 3280.943932][T32526] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3280.970824][T32526] DMA32: 413*4kB (UMEH) 489*8kB (UMEH) 884*16kB (UMEH) 29*32kB (UMH) 11*64kB (UMEH) 4*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 21852kB [ 3280.987379][T32526] Normal: 728*4kB (UME) 193*8kB (UME) 66*16kB (UME) 35*32kB (UMEH) 24*64kB (UMEH) 8*128kB (UMEH) 2*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9704kB [ 3281.004134][T32526] 15067 total pagecache pages [ 3281.014686][T32526] 0 pages in swap cache [ 3281.023650][T32526] Swap cache stats: add 0, delete 0, find 0/0 [ 3281.036728][T32526] Free swap = 0kB [ 3281.045204][T32526] Total swap = 0kB [ 3281.054863][T32526] 1965979 pages RAM [ 3281.063403][T32526] 0 pages HighMem/MovableOnly [ 3281.073891][T32526] 318830 pages reserved [ 3281.083002][T32526] 0 pages cma reserved [ 3281.093770][T32526] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=5140,uid=0 [ 3281.108774][T32526] Out of memory: Killed process 5140 (syz-executor.5) total-vm:75232kB, anon-rss:16436kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3281.311276][ T404] syz-fuzzer invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 3281.322201][ T404] CPU: 0 PID: 404 Comm: syz-fuzzer Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3281.331836][ T404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3281.341898][ T404] Call Trace: [ 3281.345214][ T404] dump_stack+0x14a/0x1ce [ 3281.349546][ T404] ? devkmsg_release+0x11c/0x11c [ 3281.354494][ T404] ? show_regs_print_info+0x12/0x12 [ 3281.359698][ T404] ? radix_tree_cpu_dead+0x160/0x160 [ 3281.364987][ T404] ? _raw_spin_lock+0xa1/0x170 [ 3281.369767][ T404] ? _raw_spin_trylock_bh+0x190/0x190 [ 3281.375154][ T404] dump_header+0xdb/0x700 [ 3281.379494][ T404] oom_kill_process+0xd3/0x280 [ 3281.384266][ T404] out_of_memory+0x5b6/0x890 [ 3281.388869][ T404] ? unregister_oom_notifier+0x20/0x20 [ 3281.394340][ T404] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3281.400160][ T404] ? get_page_from_freelist+0x7c0/0x7c0 [ 3281.405723][ T404] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3281.411108][ T404] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3281.416667][ T404] pagecache_get_page+0x50f/0x880 [ 3281.421705][ T404] filemap_fault+0x1474/0x19d0 [ 3281.426489][ T404] ? generic_file_read_iter+0x20b0/0x20b0 [ 3281.432221][ T404] ext4_filemap_fault+0x7b/0x90 [ 3281.437085][ T404] handle_mm_fault+0x2837/0x40a0 [ 3281.442038][ T404] ? finish_fault+0x230/0x230 [ 3281.446737][ T404] ? security_file_permission+0x128/0x300 [ 3281.452500][ T404] ? __up_read+0x1b0/0x1b0 [ 3281.457285][ T404] ? vmacache_find+0x205/0x4b0 [ 3281.462246][ T404] do_user_addr_fault+0x48a/0x9f0 [ 3281.467294][ T404] page_fault+0x2f/0x40 [ 3281.471464][ T404] RIP: 0033:0x44911b [ 3281.475381][ T404] Code: Bad RIP value. [ 3281.479467][ T404] RSP: 002b:000000c420038f60 EFLAGS: 00010202 [ 3281.485573][ T404] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000000000000 [ 3281.493693][ T404] RDX: 00000000009c3060 RSI: 00000000007f8760 RDI: 000000c42fdd2280 [ 3281.501674][ T404] RBP: 000000c420038f58 R08: 0000000000000000 R09: 0000000000000003 [ 3281.509786][ T404] R10: 000003099b847317 R11: 0000000000000001 R12: 000003099b847317 [ 3281.517777][ T404] R13: 0000000000000001 R14: 0000000000000013 R15: 0000000000000100 [ 3281.530750][ T404] Mem-Info: [ 3281.534089][ T404] active_anon:1409762 inactive_anon:10799 isolated_anon:0 [ 3281.534089][ T404] active_file:22 inactive_file:17 isolated_file:22 [ 3281.534089][ T404] unevictable:0 dirty:0 writeback:4 unstable:0 [ 3281.534089][ T404] slab_reclaimable:10532 slab_unreclaimable:90227 [ 3281.534089][ T404] mapped:56458 shmem:14896 pagetables:31409 bounce:0 [ 3281.534089][ T404] free:10052 free_pcp:285 free_cma:0 [ 3281.572920][ T404] Node 0 active_anon:5639048kB inactive_anon:43196kB active_file:88kB inactive_file:68kB unevictable:0kB isolated(anon):0kB isolated(file):88kB mapped:225832kB dirty:0kB writeback:16kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3281.597096][ T404] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3281.624395][ T404] lowmem_reserve[]: 0 2912 6416 6416 [ 3281.629851][ T404] DMA32 free:20508kB min:4644kB low:7624kB high:10604kB active_anon:2806516kB inactive_anon:2724kB active_file:12kB inactive_file:16kB unevictable:0kB writepending:4kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10976kB pagetables:22120kB bounce:0kB free_pcp:496kB local_pcp:128kB free_cma:0kB [ 3281.661650][ T404] lowmem_reserve[]: 0 0 3504 3504 [ 3281.667615][ T404] Normal free:3796kB min:5592kB low:9180kB high:12768kB active_anon:2832420kB inactive_anon:40472kB active_file:0kB inactive_file:24kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27744kB pagetables:103516kB bounce:0kB free_pcp:1012kB local_pcp:0kB free_cma:0kB [ 3281.697019][ T404] lowmem_reserve[]: 0 0 0 0 [ 3281.701536][ T404] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3281.714859][ T404] DMA32: 281*4kB (UH) 447*8kB (UEH) 877*16kB (UEH) 27*32kB (UH) 4*64kB (EH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 19852kB [ 3281.728957][ T404] Normal: 227*4kB (UME) 39*8kB (UME) 44*16kB (UMEH) 24*32kB (UMEH) 9*64kB (UME) 3*128kB (UEH) 0*256kB 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 4164kB [ 3281.744212][ T404] 14953 total pagecache pages [ 3281.748945][ T404] 0 pages in swap cache [ 3281.753135][ T404] Swap cache stats: add 0, delete 0, find 0/0 [ 3281.759214][ T404] Free swap = 0kB [ 3281.762973][ T404] Total swap = 0kB [ 3281.766790][ T404] 1965979 pages RAM [ 3281.770612][ T404] 0 pages HighMem/MovableOnly [ 3281.776921][ T404] 318830 pages reserved [ 3281.781556][ T404] 0 pages cma reserved [ 3281.793016][ T404] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=30205,uid=0 [ 3281.807298][ T404] Out of memory: Killed process 30205 (syz-executor.0) total-vm:75628kB, anon-rss:16592kB, file-rss:34664kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 01:20:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x0, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:14 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) r4 = open(0x0, 0x20e440, 0x9) socket$key(0xf, 0x3, 0x2) r5 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r6 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x0) ioctl$PPPIOCATTACH(r6, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:14 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4, 0x0, 0x6, 0x501}, 0x0) r4 = open(0x0, 0x143142, 0x110) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff}) preadv(r5, &(0x7f0000000280)=[{&(0x7f00000002c0)=""/25, 0x19}], 0x1, 0xfffffffffffffffe) write$binfmt_misc(r2, &(0x7f0000000200)={'syz0', "4ce5c8aa95afbfaae84d79b03583126ec58343782c2dbeaa92a5e8b2c51ecea01dd2b55e3ab4aa35267a111087362efc1519d3ccf3eafada166b9fd109a4bcb22f77f833e203a8f2f01e052eea283e14f3f8e61b9a15d89fdd284b90fbe4ee2be602c624f15553da6887305ed4b8f4fa3f1dc2db7498a115b204"}, 0x7e) 01:20:14 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x0, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:14 executing program 3: prlimit64(0x0, 0x0, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:14 executing program 3: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:14 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x6}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x0, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3282.532778][ T421] syz-executor.1 invoked oom-killer: gfp_mask=0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), order=0, oom_score_adj=0 [ 3282.548211][ T421] CPU: 0 PID: 421 Comm: syz-executor.1 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3282.558229][ T421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3282.568287][ T421] Call Trace: [ 3282.571624][ T421] dump_stack+0x14a/0x1ce [ 3282.575943][ T421] ? devkmsg_release+0x11c/0x11c [ 3282.580871][ T421] ? show_regs_print_info+0x12/0x12 [ 3282.586101][ T421] ? radix_tree_cpu_dead+0x160/0x160 [ 3282.591382][ T421] ? _raw_spin_lock+0xa1/0x170 [ 3282.596136][ T421] ? _raw_spin_trylock_bh+0x190/0x190 [ 3282.601500][ T421] dump_header+0xdb/0x700 [ 3282.605830][ T421] oom_kill_process+0xd3/0x280 [ 3282.610599][ T421] out_of_memory+0x5b6/0x890 [ 3282.615293][ T421] ? unregister_oom_notifier+0x20/0x20 [ 3282.620752][ T421] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3282.626314][ T421] ? get_page_from_freelist+0x7c0/0x7c0 [ 3282.631864][ T421] ? ip_getsockopt+0x13c/0x230 [ 3282.636657][ T421] ? __zone_watermark_ok+0x91/0x280 [ 3282.641984][ T421] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3282.647407][ T421] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3282.654134][ T421] ? __vmalloc_node_range+0x439/0x7b0 [ 3282.659516][ T421] ? __kmalloc+0xf7/0x2d0 [ 3282.663864][ T421] ? __vmalloc_node_range+0x439/0x7b0 [ 3282.669321][ T421] __vmalloc_node_range+0x360/0x7b0 [ 3282.674689][ T421] vzalloc+0x70/0x80 [ 3282.678590][ T421] ? alloc_counters+0x66/0x520 [ 3282.683347][ T421] alloc_counters+0x66/0x520 [ 3282.687930][ T421] ? xt_find_table_lock+0x1b0/0x350 [ 3282.693145][ T421] do_arpt_get_ctl+0x5b9/0xa10 [ 3282.697902][ T421] ? compat_do_arpt_set_ctl+0x24f0/0x24f0 [ 3282.703650][ T421] ? preempt_schedule_irq+0xe7/0x140 [ 3282.708937][ T421] ? mutex_lock+0xa6/0x110 [ 3282.713340][ T421] ? __module_get+0x130/0x130 [ 3282.717997][ T421] ? memset+0x1f/0x40 [ 3282.721972][ T421] ? selinux_socket_getsockopt+0x122/0x340 [ 3282.727839][ T421] nf_getsockopt+0x2c1/0x2f0 [ 3282.732444][ T421] ip_getsockopt+0x13c/0x230 [ 3282.737027][ T421] ? compat_ip_setsockopt+0x100/0x100 [ 3282.742579][ T421] ? tcp_getsockopt+0x66/0xd0 [ 3282.747303][ T421] __sys_getsockopt+0x240/0x2b0 [ 3282.752171][ T421] __x64_sys_getsockopt+0xb1/0xc0 [ 3282.757216][ T421] do_syscall_64+0xcb/0x150 [ 3282.761743][ T421] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3282.767642][ T421] RIP: 0033:0x45f33a [ 3282.771534][ T421] Code: b8 34 01 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 ed 8b fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 49 89 ca b8 37 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ca 8b fb ff c3 66 0f 1f 84 00 00 00 00 00 [ 3282.791151][ T421] RSP: 002b:00007fff522225e8 EFLAGS: 00000212 ORIG_RAX: 0000000000000037 [ 3282.799553][ T421] RAX: ffffffffffffffda RBX: 00007fff522226f0 RCX: 000000000045f33a [ 3282.807528][ T421] RDX: 0000000000000061 RSI: 0000000000000000 RDI: 0000000000000003 [ 3282.815514][ T421] RBP: 0000000000000003 R08: 00007fff522225fc R09: 000000000000000a [ 3282.823584][ T421] R10: 00007fff522226f0 R11: 0000000000000212 R12: 0000000000000000 [ 3282.831545][ T421] R13: 00007fff52222d70 R14: 000000000032140f R15: 00007fff52222d80 [ 3282.850856][ T421] Mem-Info: [ 3282.854093][ T421] active_anon:1407494 inactive_anon:10799 isolated_anon:0 [ 3282.854093][ T421] active_file:621 inactive_file:620 isolated_file:79 [ 3282.854093][ T421] unevictable:0 dirty:21 writeback:0 unstable:0 [ 3282.854093][ T421] slab_reclaimable:10525 slab_unreclaimable:90369 [ 3282.854093][ T421] mapped:57556 shmem:14896 pagetables:31393 bounce:0 [ 3282.854093][ T421] free:11062 free_pcp:0 free_cma:0 [ 3282.892327][ T421] Node 0 active_anon:5629976kB inactive_anon:43196kB active_file:2352kB inactive_file:2332kB unevictable:0kB isolated(anon):0kB isolated(file):176kB mapped:230024kB dirty:84kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3282.917942][ T421] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3282.944139][ T421] lowmem_reserve[]: 0 2912 6416 6416 [ 3282.957710][ T421] DMA32 free:21828kB min:20548kB low:23528kB high:26508kB active_anon:2805168kB inactive_anon:2724kB active_file:440kB inactive_file:252kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10880kB pagetables:21924kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3283.003746][ T421] lowmem_reserve[]: 0 0 3504 3504 [ 3283.008891][ T421] Normal free:6976kB min:9688kB low:13276kB high:16864kB active_anon:2825844kB inactive_anon:40472kB active_file:1524kB inactive_file:1688kB unevictable:0kB writepending:40kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27840kB pagetables:103740kB bounce:0kB free_pcp:548kB local_pcp:48kB free_cma:0kB [ 3283.038790][ T421] lowmem_reserve[]: 0 0 0 0 [ 3283.043462][ T421] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3283.056856][ T421] DMA32: 396*4kB (UMH) 486*8kB (UMEH) 891*16kB (UMEH) 50*32kB (UMH) 7*64kB (UMEH) 1*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 21904kB [ 3283.071826][ T421] Normal: 230*4kB (UEH) 45*8kB (UEH) 44*16kB (UMEH) 24*32kB (UME) 3*64kB (E) 17*128kB (ME) 5*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 6912kB [ 3283.089611][ T421] 15617 total pagecache pages [ 3283.094545][ T421] 0 pages in swap cache [ 3283.098743][ T421] Swap cache stats: add 0, delete 0, find 0/0 [ 3283.117997][ T421] Free swap = 0kB [ 3283.121973][ T421] Total swap = 0kB [ 3283.129998][ T421] 1965979 pages RAM [ 3283.133912][ T421] 0 pages HighMem/MovableOnly [ 3283.138591][ T421] 318830 pages reserved [ 3283.142867][ T421] 0 pages cma reserved [ 3283.146935][ T421] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=31592,uid=0 [ 3283.161278][ T421] Out of memory: Killed process 31592 (syz-executor.0) total-vm:75364kB, anon-rss:16572kB, file-rss:34680kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3283.682383][ T422] syz-executor.2 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 3283.694191][ T422] CPU: 1 PID: 422 Comm: syz-executor.2 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3283.704179][ T422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3283.714235][ T422] Call Trace: [ 3283.717540][ T422] dump_stack+0x14a/0x1ce [ 3283.721892][ T422] ? devkmsg_release+0x11c/0x11c [ 3283.726845][ T422] ? show_regs_print_info+0x12/0x12 [ 3283.732079][ T422] ? radix_tree_cpu_dead+0x160/0x160 [ 3283.737506][ T422] ? _raw_spin_lock+0xa1/0x170 [ 3283.742312][ T422] ? _raw_spin_trylock_bh+0x190/0x190 [ 3283.747703][ T422] dump_header+0xdb/0x700 [ 3283.752053][ T422] oom_kill_process+0xd3/0x280 [ 3283.756840][ T422] out_of_memory+0x5b6/0x890 [ 3283.761448][ T422] ? unregister_oom_notifier+0x20/0x20 [ 3283.766914][ T422] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3283.772472][ T422] ? get_page_from_freelist+0x7c0/0x7c0 [ 3283.778124][ T422] ? __schedule+0x920/0xef0 [ 3283.782629][ T422] ? __zone_watermark_ok+0x91/0x280 [ 3283.787832][ T422] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3283.793204][ T422] ? wait_on_page_bit_common+0x8ce/0x9e0 [ 3283.798844][ T422] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3283.804400][ T422] ? __rcu_read_lock+0x50/0x50 [ 3283.809171][ T422] alloc_slab_page+0x3a/0x3a0 [ 3283.813879][ T422] new_slab+0x408/0x450 [ 3283.818042][ T422] ? should_fail+0x18e/0x860 [ 3283.822623][ T422] ___slab_alloc+0x2e0/0x450 [ 3283.827299][ T422] ? getname_flags+0xb8/0x610 [ 3283.831974][ T422] ? getname_flags+0xb8/0x610 [ 3283.836657][ T422] kmem_cache_alloc+0x23f/0x260 [ 3283.841528][ T422] getname_flags+0xb8/0x610 [ 3283.846159][ T422] ? __rcu_read_lock+0x50/0x50 [ 3283.850950][ T422] user_path_at_empty+0x28/0x50 [ 3283.855806][ T422] __se_sys_newlstat+0xe4/0x8b0 [ 3283.860657][ T422] ? __x64_sys_newlstat+0x60/0x60 [ 3283.865682][ T422] ? finish_fault+0x230/0x230 [ 3283.870361][ T422] ? dput+0x518/0x5e0 [ 3283.874377][ T422] ? switch_fpu_return+0x10/0x10 [ 3283.879312][ T422] ? do_user_addr_fault+0x521/0x9f0 [ 3283.884509][ T422] do_syscall_64+0xcb/0x150 [ 3283.889017][ T422] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3283.894905][ T422] RIP: 0033:0x45bc45 [ 3283.898812][ T422] Code: Bad RIP value. [ 3283.902879][ T422] RSP: 002b:00007fffeefa2ef8 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 3283.911313][ T422] RAX: ffffffffffffffda RBX: 000000000032149e RCX: 000000000045bc45 [ 3283.920426][ T422] RDX: 00007fffeefa2f10 RSI: 00007fffeefa2f10 RDI: 00007fffeefa2fa0 [ 3283.928409][ T422] RBP: 0000000000005a35 R08: 0000000000000000 R09: 000000000000000d [ 3283.936392][ T422] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fffeefa4030 [ 3283.944368][ T422] R13: 000000000221d940 R14: 0000000000000000 R15: 00007fffeefa4030 [ 3283.962908][ T422] Mem-Info: [ 3283.966105][ T422] active_anon:1408421 inactive_anon:10799 isolated_anon:0 [ 3283.966105][ T422] active_file:34 inactive_file:82 isolated_file:37 [ 3283.966105][ T422] unevictable:0 dirty:4 writeback:2 unstable:0 [ 3283.966105][ T422] slab_reclaimable:10526 slab_unreclaimable:90472 [ 3283.966105][ T422] mapped:56551 shmem:14896 pagetables:31391 bounce:0 [ 3283.966105][ T422] free:11138 free_pcp:396 free_cma:0 [ 3284.004354][ T422] Node 0 active_anon:5633684kB inactive_anon:43196kB active_file:136kB inactive_file:428kB unevictable:0kB isolated(anon):0kB isolated(file):20kB mapped:226204kB dirty:16kB writeback:8kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3284.031701][ T422] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3284.066040][ T422] lowmem_reserve[]: 0 2912 6416 6416 [ 3284.071803][ T422] DMA32 free:21560kB min:4644kB low:7624kB high:10604kB active_anon:2806204kB inactive_anon:2724kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:4kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10880kB pagetables:21928kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3284.101789][ T422] lowmem_reserve[]: 0 0 3504 3504 [ 3284.107733][ T422] Normal free:5828kB min:5592kB low:9180kB high:12768kB active_anon:2827996kB inactive_anon:40472kB active_file:252kB inactive_file:188kB unevictable:0kB writepending:20kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27808kB pagetables:103640kB bounce:0kB free_pcp:1480kB local_pcp:448kB free_cma:0kB [ 3284.157303][ T422] lowmem_reserve[]: 0 0 0 0 [ 3284.161981][ T422] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3284.180129][ T422] DMA32: 338*4kB (UEH) 457*8kB (UMEH) 875*16kB (UEH) 48*32kB (UH) 6*64kB (UEH) 1*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 21056kB [ 3284.201951][ T422] Normal: 124*4kB (UE) 52*8kB (UEH) 28*16kB (UE) 24*32kB (UMEH) 3*64kB (E) 8*128kB (ME) 5*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 5136kB [ 3284.219331][ T422] 15082 total pagecache pages [ 3284.224563][ T422] 0 pages in swap cache [ 3284.229397][ T422] Swap cache stats: add 0, delete 0, find 0/0 [ 3284.235504][ T422] Free swap = 0kB [ 3284.239224][ T422] Total swap = 0kB [ 3284.242963][ T422] 1965979 pages RAM [ 3284.246761][ T422] 0 pages HighMem/MovableOnly [ 3284.251454][ T422] 318830 pages reserved [ 3284.255749][ T422] 0 pages cma reserved [ 3284.259824][ T422] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=32551,uid=0 [ 3284.301475][ T422] syz-executor.2 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 3284.312769][ T422] CPU: 1 PID: 422 Comm: syz-executor.2 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3284.323020][ T422] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3284.333067][ T422] Call Trace: [ 3284.336371][ T422] dump_stack+0x14a/0x1ce [ 3284.340707][ T422] ? devkmsg_release+0x11c/0x11c [ 3284.346869][ T422] ? show_regs_print_info+0x12/0x12 [ 3284.352059][ T422] ? radix_tree_cpu_dead+0x160/0x160 [ 3284.357335][ T422] ? _raw_spin_lock+0xa1/0x170 [ 3284.362086][ T422] ? _raw_spin_trylock_bh+0x190/0x190 [ 3284.367469][ T422] dump_header+0xdb/0x700 [ 3284.371810][ T422] oom_kill_process+0xd3/0x280 [ 3284.376606][ T422] out_of_memory+0x5b6/0x890 [ 3284.381205][ T422] ? unregister_oom_notifier+0x20/0x20 [ 3284.386668][ T422] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3284.392269][ T422] ? get_page_from_freelist+0x7c0/0x7c0 [ 3284.397814][ T422] ? __schedule+0x920/0xef0 [ 3284.402484][ T422] ? __zone_watermark_ok+0x91/0x280 [ 3284.408431][ T422] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3284.413802][ T422] ? wait_on_page_bit_common+0x8ce/0x9e0 [ 3284.419525][ T422] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3284.425085][ T422] ? __rcu_read_lock+0x50/0x50 [ 3284.429847][ T422] alloc_slab_page+0x3a/0x3a0 [ 3284.434507][ T422] new_slab+0x408/0x450 [ 3284.439350][ T422] ? should_fail+0x18e/0x860 [ 3284.443965][ T422] ___slab_alloc+0x2e0/0x450 [ 3284.448577][ T422] ? getname_flags+0xb8/0x610 [ 3284.453264][ T422] ? getname_flags+0xb8/0x610 [ 3284.457947][ T422] kmem_cache_alloc+0x23f/0x260 [ 3284.462809][ T422] getname_flags+0xb8/0x610 [ 3284.467315][ T422] ? __rcu_read_lock+0x50/0x50 [ 3284.472079][ T422] user_path_at_empty+0x28/0x50 [ 3284.476938][ T422] __se_sys_newlstat+0xe4/0x8b0 [ 3284.481779][ T422] ? __x64_sys_newlstat+0x60/0x60 [ 3284.486810][ T422] ? finish_fault+0x230/0x230 [ 3284.491488][ T422] ? dput+0x518/0x5e0 [ 3284.495480][ T422] ? switch_fpu_return+0x10/0x10 [ 3284.500511][ T422] ? do_user_addr_fault+0x521/0x9f0 [ 3284.505700][ T422] do_syscall_64+0xcb/0x150 [ 3284.510351][ T422] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3284.516234][ T422] RIP: 0033:0x45bc45 [ 3284.520144][ T422] Code: Bad RIP value. [ 3284.524446][ T422] RSP: 002b:00007fffeefa2ef8 EFLAGS: 00000246 ORIG_RAX: 0000000000000006 [ 3284.532950][ T422] RAX: ffffffffffffffda RBX: 000000000032149e RCX: 000000000045bc45 [ 3284.540916][ T422] RDX: 00007fffeefa2f10 RSI: 00007fffeefa2f10 RDI: 00007fffeefa2fa0 [ 3284.548967][ T422] RBP: 0000000000005a35 R08: 0000000000000000 R09: 000000000000000d [ 3284.556923][ T422] R10: 0000000000000006 R11: 0000000000000246 R12: 00007fffeefa4030 [ 3284.564906][ T422] R13: 000000000221d940 R14: 0000000000000000 R15: 00007fffeefa4030 [ 3284.573197][ T422] Mem-Info: [ 3284.576439][ T422] active_anon:1409112 inactive_anon:10799 isolated_anon:0 [ 3284.576439][ T422] active_file:82 inactive_file:146 isolated_file:19 [ 3284.576439][ T422] unevictable:0 dirty:4 writeback:0 unstable:0 [ 3284.576439][ T422] slab_reclaimable:10526 slab_unreclaimable:90473 [ 3284.576439][ T422] mapped:56607 shmem:14896 pagetables:31392 bounce:0 [ 3284.576439][ T422] free:10592 free_pcp:46 free_cma:0 [ 3284.614389][ T422] Node 0 active_anon:5636448kB inactive_anon:43196kB active_file:388kB inactive_file:376kB unevictable:0kB isolated(anon):0kB isolated(file):76kB mapped:226428kB dirty:16kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3284.638842][ T422] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3284.664900][ T422] lowmem_reserve[]: 0 2912 6416 6416 [ 3284.670663][ T422] DMA32 free:21256kB min:4644kB low:7624kB high:10604kB active_anon:2806504kB inactive_anon:2724kB active_file:0kB inactive_file:16kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10880kB pagetables:21932kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3284.715622][ T422] lowmem_reserve[]: 0 0 3504 3504 [ 3284.722976][ T422] Normal free:5140kB min:5592kB low:9180kB high:12768kB active_anon:2830004kB inactive_anon:40472kB active_file:612kB inactive_file:572kB unevictable:0kB writepending:24kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27744kB pagetables:103764kB bounce:0kB free_pcp:320kB local_pcp:152kB free_cma:0kB [ 3284.755656][ T422] lowmem_reserve[]: 0 0 0 0 [ 3284.760184][ T422] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3284.773540][ T422] DMA32: 299*4kB (UH) 456*8kB (UEH) 867*16kB (UEH) 71*32kB (UH) 6*64kB (UEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 21372kB [ 3284.787973][ T422] Normal: 278*4kB (UEH) 59*8kB (UMEH) 26*16kB (UEH) 21*32kB (UE) 5*64kB (UME) 2*128kB (UE) 4*256kB (UM) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 4784kB [ 3284.803686][ T422] 15208 total pagecache pages [ 3284.808530][ T422] 0 pages in swap cache [ 3284.812848][ T422] Swap cache stats: add 0, delete 0, find 0/0 [ 3284.819020][ T422] Free swap = 0kB [ 3284.822856][ T422] Total swap = 0kB [ 3284.826677][ T422] 1965979 pages RAM [ 3284.830638][ T422] 0 pages HighMem/MovableOnly [ 3284.840378][ T422] 318830 pages reserved [ 3284.844802][ T422] 0 pages cma reserved [ 3284.848985][ T422] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=32584,uid=0 [ 3284.863275][ T422] Out of memory: Killed process 32584 (syz-executor.0) total-vm:75496kB, anon-rss:16580kB, file-rss:34648kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3284.884867][ T23] oom_reaper: reaped process 32584 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 3285.200020][ T205] systemd-journal invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 3285.211782][ T205] CPU: 1 PID: 205 Comm: systemd-journal Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3285.221836][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3285.231885][ T205] Call Trace: [ 3285.235184][ T205] dump_stack+0x14a/0x1ce [ 3285.239495][ T205] ? devkmsg_release+0x11c/0x11c [ 3285.244426][ T205] ? show_regs_print_info+0x12/0x12 [ 3285.249621][ T205] ? radix_tree_cpu_dead+0x160/0x160 [ 3285.254892][ T205] ? _raw_spin_lock+0xa1/0x170 [ 3285.259640][ T205] ? _raw_spin_trylock_bh+0x190/0x190 [ 3285.265011][ T205] dump_header+0xdb/0x700 [ 3285.269331][ T205] oom_kill_process+0xd3/0x280 [ 3285.274187][ T205] out_of_memory+0x5b6/0x890 [ 3285.278806][ T205] ? unregister_oom_notifier+0x20/0x20 [ 3285.284388][ T205] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3285.289929][ T205] ? get_page_from_freelist+0x7c0/0x7c0 [ 3285.295483][ T205] ? __zone_watermark_ok+0x91/0x280 [ 3285.300687][ T205] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3285.306049][ T205] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3285.311688][ T205] ? __secure_computing+0x250/0x250 [ 3285.316889][ T205] alloc_slab_page+0x3a/0x3a0 [ 3285.321573][ T205] new_slab+0x408/0x450 [ 3285.325734][ T205] ___slab_alloc+0x2e0/0x450 [ 3285.331292][ T205] ? slab_free_freelist_hook+0xd0/0x150 [ 3285.336838][ T205] ? getname_flags+0xb8/0x610 [ 3285.341509][ T205] ? getname_flags+0xb8/0x610 [ 3285.346194][ T205] kmem_cache_alloc+0x23f/0x260 [ 3285.351063][ T205] ? __secure_computing+0x1b6/0x250 [ 3285.356260][ T205] getname_flags+0xb8/0x610 [ 3285.360762][ T205] do_mkdirat+0xa1/0x310 [ 3285.365006][ T205] ? do_syscall_64+0x150/0x150 [ 3285.369772][ T205] ? vfs_mkdir+0x30/0x30 [ 3285.374026][ T205] do_syscall_64+0xcb/0x150 [ 3285.378530][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3285.384429][ T205] RIP: 0033:0x7fa7e5eaa687 [ 3285.388861][ T205] Code: Bad RIP value. [ 3285.392916][ T205] RSP: 002b:00007ffdfd580148 EFLAGS: 00000293 ORIG_RAX: 0000000000000053 [ 3285.401344][ T205] RAX: ffffffffffffffda RBX: 00007ffdfd5831b0 RCX: 00007fa7e5eaa687 [ 3285.409318][ T205] RDX: 0000000000000000 RSI: 00000000000001ed RDI: 0000555ed76328c0 [ 3285.417983][ T205] RBP: 00007ffdfd580180 R08: 0000555ed72503e5 R09: 0000000000000018 [ 3285.426073][ T205] R10: 0000000000000069 R11: 0000000000000293 R12: 0000000000000000 [ 3285.434055][ T205] R13: 0000000000000001 R14: 0000555ed76328c0 R15: 00007ffdfd5807c0 [ 3285.446038][ T205] Mem-Info: [ 3285.451463][ T205] active_anon:1400733 inactive_anon:10799 isolated_anon:0 [ 3285.451463][ T205] active_file:62 inactive_file:322 isolated_file:1 [ 3285.451463][ T205] unevictable:0 dirty:0 writeback:13 unstable:0 [ 3285.451463][ T205] slab_reclaimable:10500 slab_unreclaimable:90489 [ 3285.451463][ T205] mapped:56626 shmem:14896 pagetables:31326 bounce:0 [ 3285.451463][ T205] free:18493 free_pcp:659 free_cma:0 [ 3285.494275][ T205] Node 0 active_anon:5602932kB inactive_anon:43196kB active_file:656kB inactive_file:1372kB unevictable:0kB isolated(anon):0kB isolated(file):124kB mapped:227104kB dirty:0kB writeback:52kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3285.520429][ T205] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3285.549208][ T205] lowmem_reserve[]: 0 2912 6416 6416 [ 3285.558661][ T205] DMA32 free:24316kB min:4644kB low:7624kB high:10604kB active_anon:2801676kB inactive_anon:2724kB active_file:0kB inactive_file:8kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10880kB pagetables:21912kB bounce:0kB free_pcp:732kB local_pcp:0kB free_cma:0kB [ 3285.588237][ T205] lowmem_reserve[]: 0 0 3504 3504 01:20:17 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:17 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x4, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:20:17 executing program 3: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:17 executing program 4: prlimit64(0x0, 0x4, &(0x7f00000000c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000200)="72774e817aae564c8ae838caacbad00368e82dd4bd6847af006bb95abefe19a2cc997aad188db05803ddca0975e13611cbd03b56b9c5f5cff4e22643854ee3cb4e1b1dae4343d205366714e125d5d6af9ded9cd559d6e3f2bfb05037384b533c6fcf1e1ae114d159f72fdcc5ee21bc4dbbb7090218f2d9b7e296c5b0faed9340cca28fe76c46c504f4e39484ae933037761b84708e51b05d99", 0x99}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) [ 3285.594644][ T205] Normal free:34072kB min:5592kB low:9180kB high:12768kB active_anon:2801460kB inactive_anon:40472kB active_file:584kB inactive_file:568kB unevictable:0kB writepending:52kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27424kB pagetables:103392kB bounce:0kB free_pcp:1836kB local_pcp:1408kB free_cma:0kB [ 3285.624902][ T205] lowmem_reserve[]: 0 0 0 0 [ 3285.629434][ T205] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3285.642800][ T205] DMA32: 617*4kB (UMEH) 591*8kB (UMEH) 921*16kB (UMEH) 54*32kB (UMH) 13*64kB (UMEH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 24492kB [ 3285.657554][ T205] Normal: 217*4kB (MEH) 547*8kB (UMEH) 345*16kB (UMEH) 178*32kB (UMEH) 53*64kB (UMEH) 27*128kB (UME) 4*256kB (UM) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 24844kB [ 3285.674335][ T205] 17575 total pagecache pages [ 3285.686911][ T205] 0 pages in swap cache [ 3285.691104][ T205] Swap cache stats: add 0, delete 0, find 0/0 [ 3285.734668][ T205] Free swap = 0kB [ 3285.738434][ T205] Total swap = 0kB [ 3285.742153][ T205] 1965979 pages RAM [ 3285.765794][ T205] 0 pages HighMem/MovableOnly [ 3285.770717][ T205] 318830 pages reserved [ 3285.790582][ T205] 0 pages cma reserved [ 3285.831187][ T205] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=31333,uid=0 [ 3285.862853][ T205] Out of memory: Killed process 31333 (syz-executor.0) total-vm:75628kB, anon-rss:16592kB, file-rss:34628kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 01:20:18 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{0x0}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x0, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 3: prlimit64(0x0, 0xe, 0x0, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x0, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{0x0}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x0, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x0, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x0, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x0, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{0x0}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(r0, &(0x7f0000000080)={0x38, 0x2, 0x1000002a, 0x6e, 0x3, 0x0, 0x4, 0x0, 0xfffffffc}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x0, 0x2) 01:20:18 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x0, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f00000000c0)='\x00\x00', 0x2) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) r6 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_group_source_req(r6, 0x0, 0x2c, &(0x7f0000000340)={0x8, {{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1b}}}, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x12}}}}, 0x108) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:18 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:18 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:19 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:19 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:19 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:19 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:19 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x3, 0x0, 0x200000000, 0x0, 0x2}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:19 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$TIPC_CMD_SET_NETID(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x24, 0x0, 0x10, 0x70bd29, 0x25dfdbff, {{}, {}, {0x8, 0x2, 0x40}}, ["", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x20008810}, 0x40004) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) getsockopt$IP6T_SO_GET_REVISION_MATCH(r7, 0x29, 0x44, &(0x7f0000000100)={'TPROXY\x00'}, &(0x7f0000000180)=0x1e) 01:20:19 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:20:19 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:19 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) [ 3288.218365][T32732] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3288.262836][T32732] CPU: 0 PID: 32732 Comm: syz-executor.0 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3288.273014][T32732] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3288.283211][T32732] Call Trace: [ 3288.286506][T32732] dump_stack+0x14a/0x1ce [ 3288.290838][T32732] ? devkmsg_release+0x11c/0x11c [ 3288.295780][T32732] ? show_regs_print_info+0x12/0x12 [ 3288.300986][T32732] ? radix_tree_cpu_dead+0x160/0x160 [ 3288.306278][T32732] ? _raw_spin_lock+0xa1/0x170 [ 3288.311049][T32732] ? _raw_spin_trylock_bh+0x190/0x190 [ 3288.316421][T32732] dump_header+0xdb/0x700 [ 3288.320750][T32732] oom_kill_process+0xd3/0x280 [ 3288.325520][T32732] out_of_memory+0x5b6/0x890 [ 3288.330109][T32732] ? unregister_oom_notifier+0x20/0x20 [ 3288.335565][T32732] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3288.341124][T32732] ? get_page_from_freelist+0x7c0/0x7c0 [ 3288.346688][T32732] ? __zone_watermark_ok+0x91/0x280 [ 3288.351894][T32732] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3288.357277][T32732] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3288.362849][T32732] ? copy_process+0x5a4/0x5110 [ 3288.367612][T32732] ? copy_process+0x5a4/0x5110 [ 3288.372400][T32732] ? kmem_cache_alloc+0x1d5/0x260 [ 3288.377424][T32732] copy_process+0x5f3/0x5110 [ 3288.382038][T32732] ? __pagevec_lru_add_fn+0x5cc/0x760 [ 3288.387439][T32732] ? pagevec_lru_move_fn+0x193/0x210 [ 3288.392732][T32732] ? __pagevec_release+0x130/0x130 [ 3288.397847][T32732] ? fork_idle+0x290/0x290 [ 3288.402287][T32732] ? _raw_spin_unlock+0x5/0x20 [ 3288.407055][T32732] ? handle_mm_fault+0xb16/0x40a0 [ 3288.412081][T32732] _do_fork+0x196/0x920 [ 3288.416246][T32732] ? dup_mm+0x300/0x300 [ 3288.420402][T32732] ? do_mmap+0x9ad/0x1060 [ 3288.424757][T32732] __x64_sys_clone+0x25f/0x2c0 [ 3288.429524][T32732] ? __ia32_sys_vfork+0x110/0x110 [ 3288.434546][T32732] ? __fpregs_load_activate+0x2d3/0x390 [ 3288.440097][T32732] ? do_user_addr_fault+0x55c/0x9f0 [ 3288.445303][T32732] do_syscall_64+0xcb/0x150 [ 3288.449817][T32732] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3288.456663][T32732] RIP: 0033:0x45f1f9 [ 3288.460559][T32732] Code: ff 48 85 f6 0f 84 37 8d fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 0e 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 3288.481322][T32732] RSP: 002b:00007fff085a5908 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 3288.489737][T32732] RAX: ffffffffffffffda RBX: 00007f5f7db0a700 RCX: 000000000045f1f9 [ 3288.498502][T32732] RDX: 00007f5f7db0a9d0 RSI: 00007f5f7db09db0 RDI: 00000000003d0f00 [ 3288.506491][T32732] RBP: 00007fff085a5b30 R08: 00007f5f7db0a700 R09: 00007f5f7db0a700 [ 3288.514464][T32732] R10: 00007f5f7db0a9d0 R11: 0000000000000202 R12: 0000000000000000 [ 3288.522553][T32732] R13: 00007fff085a59bf R14: 00007f5f7db0a9c0 R15: 000000000078bfac [ 3288.538622][T32732] Mem-Info: [ 3288.541916][T32732] active_anon:1407828 inactive_anon:10799 isolated_anon:0 [ 3288.541916][T32732] active_file:169 inactive_file:383 isolated_file:32 [ 3288.541916][T32732] unevictable:0 dirty:2 writeback:0 unstable:0 [ 3288.541916][T32732] slab_reclaimable:10457 slab_unreclaimable:90367 [ 3288.541916][T32732] mapped:56792 shmem:14896 pagetables:31532 bounce:0 [ 3288.541916][T32732] free:11557 free_pcp:31 free_cma:0 [ 3288.580184][T32732] Node 0 active_anon:5631312kB inactive_anon:43196kB active_file:676kB inactive_file:1812kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:227432kB dirty:8kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3288.620277][T32732] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3288.692847][T32732] lowmem_reserve[]: 0 2912 6416 6416 [ 3288.699632][T32732] DMA32 free:20260kB min:4644kB low:7624kB high:10604kB active_anon:2805664kB inactive_anon:2724kB active_file:28kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11104kB pagetables:22336kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3288.730142][T32732] lowmem_reserve[]: 0 0 3504 3504 [ 3288.736488][T32732] Normal free:8004kB min:5592kB low:9180kB high:12768kB active_anon:2826152kB inactive_anon:40472kB active_file:804kB inactive_file:1064kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27616kB pagetables:103792kB bounce:0kB free_pcp:1536kB local_pcp:304kB free_cma:0kB [ 3288.767371][T32732] lowmem_reserve[]: 0 0 0 0 [ 3288.772847][T32732] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3288.811557][T32732] DMA32: 449*4kB (UMH) 489*8kB (UMEH) 872*16kB (UM) 18*32kB (UH) 4*64kB (MH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20492kB [ 3288.826929][T32732] Normal: 320*4kB (UMEH) 80*8kB (UE) 41*16kB (UE) 46*32kB (UE) 11*64kB (UME) 5*128kB (UME) 6*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6928kB [ 3288.874678][T32732] 15968 total pagecache pages [ 3288.891035][T32732] 0 pages in swap cache [ 3288.895456][T32732] Swap cache stats: add 0, delete 0, find 0/0 [ 3288.901607][T32732] Free swap = 0kB [ 3288.912990][T32732] Total swap = 0kB [ 3288.920087][T32732] 1965979 pages RAM 01:20:20 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:20 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f00000000c0)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0xffffffffffffffff}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r2 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r3 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0) ioctl$PPPIOCATTACH(r3, 0x4004743d, &(0x7f0000000100)=0x4) [ 3288.933464][T32732] 0 pages HighMem/MovableOnly [ 3288.938247][T32732] 318830 pages reserved [ 3288.942478][T32732] 0 pages cma reserved [ 3288.946741][T32732] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=32716,uid=0 [ 3288.961062][T32732] Out of memory: Killed process 32716 (syz-executor.0) total-vm:75232kB, anon-rss:16564kB, file-rss:34656kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 01:20:20 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:20:21 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:20:21 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:21 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:21 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:21 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) ioctl$FIONREAD(r5, 0x541b, &(0x7f0000000100)) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0) 01:20:21 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:21 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:21 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3289.718603][ T323] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3289.738965][ T323] CPU: 0 PID: 323 Comm: syz-executor.3 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3289.748976][ T323] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3289.759037][ T323] Call Trace: [ 3289.762321][ T323] dump_stack+0x14a/0x1ce [ 3289.766644][ T323] ? devkmsg_release+0x11c/0x11c [ 3289.772275][ T323] ? show_regs_print_info+0x12/0x12 [ 3289.777499][ T323] ? radix_tree_cpu_dead+0x160/0x160 [ 3289.782830][ T323] ? _raw_spin_lock+0xa1/0x170 [ 3289.787960][ T323] ? _raw_spin_trylock_bh+0x190/0x190 [ 3289.793391][ T323] dump_header+0xdb/0x700 [ 3289.797719][ T323] oom_kill_process+0xd3/0x280 [ 3289.802474][ T323] out_of_memory+0x5b6/0x890 [ 3289.807070][ T323] ? unregister_oom_notifier+0x20/0x20 [ 3289.812571][ T323] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3289.818163][ T323] ? get_page_from_freelist+0x7c0/0x7c0 [ 3289.823717][ T323] ? __zone_watermark_ok+0x91/0x280 [ 3289.828938][ T323] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3289.834336][ T323] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3289.839880][ T323] ? copy_process+0x5a4/0x5110 [ 3289.844637][ T323] ? kmem_cache_alloc+0x1d5/0x260 [ 3289.849673][ T323] copy_process+0x5f3/0x5110 [ 3289.854292][ T323] ? get_mem_cgroup_from_mm+0x27b/0x2c0 [ 3289.859845][ T323] ? _raw_spin_lock+0xa1/0x170 [ 3289.864719][ T323] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 3289.870550][ T323] ? fork_idle+0x290/0x290 [ 3289.874984][ T323] ? _raw_spin_unlock+0x5/0x20 [ 3289.879901][ T323] ? handle_mm_fault+0xb16/0x40a0 [ 3289.885019][ T323] _do_fork+0x196/0x920 [ 3289.889186][ T323] ? dup_mm+0x300/0x300 [ 3289.893350][ T323] ? do_mmap+0x9ad/0x1060 [ 3289.898288][ T323] __x64_sys_clone+0x25f/0x2c0 [ 3289.903094][ T323] ? __ia32_sys_vfork+0x110/0x110 [ 3289.908115][ T323] ? do_user_addr_fault+0x55c/0x9f0 [ 3289.913308][ T323] do_syscall_64+0xcb/0x150 [ 3289.917825][ T323] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3289.923720][ T323] RIP: 0033:0x45f1f9 [ 3289.927605][ T323] Code: ff 48 85 f6 0f 84 37 8d fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 0e 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 3289.948000][ T323] RSP: 002b:00007ffe0c13bec8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 3289.956430][ T323] RAX: ffffffffffffffda RBX: 00007fa8ee29f700 RCX: 000000000045f1f9 [ 3289.964669][ T323] RDX: 00007fa8ee29f9d0 RSI: 00007fa8ee29edb0 RDI: 00000000003d0f00 [ 3289.972995][ T323] RBP: 00007ffe0c13c0f0 R08: 00007fa8ee29f700 R09: 00007fa8ee29f700 [ 3289.980996][ T323] R10: 00007fa8ee29f9d0 R11: 0000000000000202 R12: 0000000000000000 [ 3289.988963][ T323] R13: 00007ffe0c13bf7f R14: 00007fa8ee29f9c0 R15: 000000000078bfac [ 3290.010645][ T323] Mem-Info: [ 3290.037578][ T323] active_anon:1408200 inactive_anon:10799 isolated_anon:0 [ 3290.037578][ T323] active_file:220 inactive_file:379 isolated_file:64 [ 3290.037578][ T323] unevictable:0 dirty:9 writeback:0 unstable:0 [ 3290.037578][ T323] slab_reclaimable:10432 slab_unreclaimable:90332 [ 3290.037578][ T323] mapped:56924 shmem:14896 pagetables:31615 bounce:0 [ 3290.037578][ T323] free:10851 free_pcp:434 free_cma:0 [ 3290.076701][ T323] Node 0 active_anon:5632800kB inactive_anon:43196kB active_file:880kB inactive_file:1516kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:227696kB dirty:36kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3290.101592][ T323] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3290.128300][ T323] lowmem_reserve[]: 0 2912 6416 6416 [ 3290.136371][ T323] DMA32 free:20476kB min:20548kB low:23528kB high:26508kB active_anon:2804876kB inactive_anon:2724kB active_file:28kB inactive_file:632kB unevictable:0kB writepending:12kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10848kB pagetables:22020kB bounce:0kB free_pcp:688kB local_pcp:216kB free_cma:0kB [ 3290.182474][ T323] lowmem_reserve[]: 0 0 3504 3504 [ 3290.193290][ T323] Normal free:8032kB min:5592kB low:9180kB high:12768kB active_anon:2827924kB inactive_anon:40472kB active_file:1064kB inactive_file:896kB unevictable:0kB writepending:24kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:28032kB pagetables:104440kB bounce:0kB free_pcp:372kB local_pcp:168kB free_cma:0kB [ 3290.223617][ T323] lowmem_reserve[]: 0 0 0 0 [ 3290.228316][ T323] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3290.246057][ T323] DMA32: 459*4kB (UMH) 472*8kB (UMEH) 879*16kB (UM) 23*32kB (UMH) 4*64kB (MH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20668kB [ 3290.269467][ T323] Normal: 302*4kB (UEH) 74*8kB (UMEH) 50*16kB (UMEH) 42*32kB (UMEH) 5*64kB (UEH) 2*128kB (ME) 5*256kB (MH) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5800kB [ 3290.322159][ T323] 15786 total pagecache pages [ 3290.327340][ T323] 0 pages in swap cache [ 3290.331872][ T323] Swap cache stats: add 0, delete 0, find 0/0 [ 3290.338450][ T323] Free swap = 0kB [ 3290.342609][ T323] Total swap = 0kB [ 3290.347897][ T323] 1965979 pages RAM [ 3290.352865][ T323] 0 pages HighMem/MovableOnly [ 3290.357798][ T323] 318830 pages reserved [ 3290.362295][ T323] 0 pages cma reserved [ 3290.373066][ T323] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=320,uid=0 [ 3290.394604][ T323] Out of memory: Killed process 320 (syz-executor.0) total-vm:75232kB, anon-rss:16548kB, file-rss:35136kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3290.414812][ T23] oom_reaper: reaped process 320 (syz-executor.0), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB 01:20:22 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:22 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:22 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:22 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() r0 = gettid() ptrace$setopts(0x4206, r0, 0x0, 0x0) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x3, 0x0, 0x0, 0x3, 0xffffffff7ffffffc, 0x0, 0xffffffffffffffff, 0x7}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:22 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0xfcde, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000)='batadv\x00') sendmsg$BATADV_CMD_GET_MCAST_FLAGS(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000140)=ANY=[@ANYRES16=r5], 0x1}}, 0x0) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000200)={&(0x7f0000000280)={0x4c, r5, 0x1, 0x70bd28, 0x25dfdbfc, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5, 0x2f, 0x1}, @BATADV_ATTR_MESH_IFINDEX={0x8}, @BATADV_ATTR_HARD_IFINDEX={0x8}, @BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5, 0x29, 0x1}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x1}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4c841}, 0x40000) ioctl$TIOCEXCL(0xffffffffffffffff, 0x540c) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r6, &(0x7f0000000500), 0x37d, 0x0) 01:20:22 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:22 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:22 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) [ 3290.889489][ T205] systemd-journal invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 3290.946539][ T205] CPU: 0 PID: 205 Comm: systemd-journal Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3290.956671][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3290.967521][ T205] Call Trace: [ 3290.970820][ T205] dump_stack+0x14a/0x1ce [ 3290.975146][ T205] ? devkmsg_release+0x11c/0x11c [ 3290.980093][ T205] ? show_regs_print_info+0x12/0x12 [ 3290.985305][ T205] ? radix_tree_cpu_dead+0x160/0x160 [ 3290.990635][ T205] ? _raw_spin_lock+0xa1/0x170 [ 3290.995408][ T205] ? _raw_spin_trylock_bh+0x190/0x190 [ 3291.000804][ T205] dump_header+0xdb/0x700 [ 3291.005145][ T205] oom_kill_process+0xd3/0x280 [ 3291.010000][ T205] out_of_memory+0x5b6/0x890 [ 3291.014601][ T205] ? unregister_oom_notifier+0x20/0x20 [ 3291.020077][ T205] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3291.025631][ T205] ? get_page_from_freelist+0x7c0/0x7c0 [ 3291.031201][ T205] ? __zone_watermark_ok+0x91/0x280 [ 3291.036407][ T205] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3291.041786][ T205] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3291.047332][ T205] ? __seccomp_filter+0xa3f/0x1740 [ 3291.052445][ T205] ? kern_path_locked+0x590/0x590 [ 3291.057469][ T205] ? __secure_computing+0x250/0x250 [ 3291.062676][ T205] alloc_slab_page+0x3a/0x3a0 [ 3291.067358][ T205] new_slab+0x408/0x450 [ 3291.071517][ T205] ___slab_alloc+0x2e0/0x450 [ 3291.076143][ T205] ? getname_flags+0xb8/0x610 [ 3291.080824][ T205] ? getname_flags+0xb8/0x610 [ 3291.085498][ T205] kmem_cache_alloc+0x23f/0x260 [ 3291.090353][ T205] getname_flags+0xb8/0x610 [ 3291.094871][ T205] do_sys_open+0x33d/0x7d0 [ 3291.099297][ T205] ? file_open_root+0x450/0x450 [ 3291.104167][ T205] do_syscall_64+0xcb/0x150 [ 3291.108686][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3291.114594][ T205] RIP: 0033:0x7fa7e617e840 [ 3291.119016][ T205] Code: 73 01 c3 48 8b 0d 68 77 20 00 f7 d8 64 89 01 48 83 c8 ff c3 66 0f 1f 44 00 00 83 3d 89 bb 20 00 00 75 10 b8 02 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 31 c3 48 83 ec 08 e8 1e f6 ff ff 48 89 04 24 [ 3291.139287][ T205] RSP: 002b:00007ffdfd57fdf8 EFLAGS: 00000246 ORIG_RAX: 0000000000000002 [ 3291.147698][ T205] RAX: ffffffffffffffda RBX: 00007ffdfd580100 RCX: 00007fa7e617e840 [ 3291.155765][ T205] RDX: 00000000000001a0 RSI: 0000000000080042 RDI: 0000555ed763dd60 [ 3291.163752][ T205] RBP: 000000000000000d R08: 000000000000ffc0 R09: 00000000ffffffff [ 3291.171872][ T205] R10: 0000000000000069 R11: 0000000000000246 R12: 00000000ffffffff [ 3291.179874][ T205] R13: 0000555ed762f060 R14: 00007ffdfd5800c0 R15: 0000555ed763c3c0 [ 3291.250088][ T205] Mem-Info: [ 3291.253633][ T205] active_anon:1406974 inactive_anon:10799 isolated_anon:0 [ 3291.253633][ T205] active_file:251 inactive_file:270 isolated_file:37 [ 3291.253633][ T205] unevictable:0 dirty:9 writeback:4 unstable:0 [ 3291.253633][ T205] slab_reclaimable:10431 slab_unreclaimable:90201 [ 3291.253633][ T205] mapped:56995 shmem:14896 pagetables:31609 bounce:0 [ 3291.253633][ T205] free:12142 free_pcp:314 free_cma:0 [ 3291.292563][ T205] Node 0 active_anon:5627896kB inactive_anon:43196kB active_file:1004kB inactive_file:1080kB unevictable:0kB isolated(anon):0kB isolated(file):148kB mapped:227880kB dirty:36kB writeback:16kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3291.323986][ T205] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3291.382909][ T205] lowmem_reserve[]: 0 2912 6416 6416 [ 3291.388658][ T205] DMA32 free:23484kB min:4644kB low:7624kB high:10604kB active_anon:2802112kB inactive_anon:2724kB active_file:680kB inactive_file:252kB unevictable:0kB writepending:4kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10880kB pagetables:22024kB bounce:0kB free_pcp:660kB local_pcp:432kB free_cma:0kB [ 3291.422931][ T205] lowmem_reserve[]: 0 0 3504 3504 [ 3291.429444][ T205] Normal free:9180kB min:5592kB low:9180kB high:12768kB active_anon:2825784kB inactive_anon:40472kB active_file:1124kB inactive_file:612kB unevictable:0kB writepending:48kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:28000kB pagetables:104412kB bounce:0kB free_pcp:1900kB local_pcp:848kB free_cma:0kB [ 3291.481897][ T205] lowmem_reserve[]: 0 0 0 0 [ 3291.488300][ T205] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3291.568241][ T205] DMA32: 256*4kB (UH) 465*8kB (UH) 875*16kB (U) 39*32kB (UH) 3*64kB (H) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 20184kB [ 3291.602869][ T205] Normal: 349*4kB (UMEH) 72*8kB (UME) 50*16kB (UME) 28*32kB (UME) 4*64kB (UME) 3*128kB (UM) 2*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4820kB [ 3291.625173][ T205] 15578 total pagecache pages [ 3291.634511][ T205] 0 pages in swap cache [ 3291.643324][ T205] Swap cache stats: add 0, delete 0, find 0/0 [ 3291.656340][ T205] Free swap = 0kB [ 3291.664793][ T205] Total swap = 0kB [ 3291.669957][ T205] 1965979 pages RAM [ 3291.677983][ T205] 0 pages HighMem/MovableOnly [ 3291.690717][ T205] 318830 pages reserved [ 3291.695800][ T205] 0 pages cma reserved [ 3291.700097][ T205] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=304,uid=0 [ 3291.716111][ T205] Out of memory: Killed process 304 (syz-executor.0) total-vm:75232kB, anon-rss:16564kB, file-rss:34644kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3291.830105][ T348] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3291.873482][ T348] CPU: 0 PID: 348 Comm: syz-executor.4 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3291.883612][ T348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3291.893760][ T348] Call Trace: [ 3291.897059][ T348] dump_stack+0x14a/0x1ce [ 3291.901400][ T348] ? devkmsg_release+0x11c/0x11c [ 3291.906359][ T348] ? show_regs_print_info+0x12/0x12 [ 3291.911627][ T348] ? radix_tree_cpu_dead+0x160/0x160 [ 3291.916914][ T348] ? _raw_spin_lock+0xa1/0x170 [ 3291.921689][ T348] ? _raw_spin_trylock_bh+0x190/0x190 [ 3291.927069][ T348] dump_header+0xdb/0x700 [ 3291.931402][ T348] oom_kill_process+0xd3/0x280 [ 3291.936198][ T348] out_of_memory+0x5b6/0x890 [ 3291.940821][ T348] ? unregister_oom_notifier+0x20/0x20 [ 3291.946318][ T348] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3291.951883][ T348] ? unwind_get_return_address+0x48/0x90 [ 3291.957528][ T348] ? get_page_from_freelist+0x7c0/0x7c0 [ 3291.963347][ T348] ? __zone_watermark_ok+0x91/0x280 [ 3291.968580][ T348] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3291.975351][ T348] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3291.980899][ T348] ? copy_process+0x5a4/0x5110 [ 3291.985694][ T348] ? kmem_cache_alloc+0x1d5/0x260 [ 3291.990720][ T348] copy_process+0x5f3/0x5110 [ 3291.995328][ T348] ? get_mem_cgroup_from_mm+0x27b/0x2c0 [ 3292.000869][ T348] ? _raw_spin_lock+0xa1/0x170 [ 3292.005626][ T348] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 3292.014298][ T348] ? fork_idle+0x290/0x290 [ 3292.018733][ T348] ? _raw_spin_unlock+0x5/0x20 [ 3292.023499][ T348] ? handle_mm_fault+0xb16/0x40a0 [ 3292.028521][ T348] _do_fork+0x196/0x920 [ 3292.032700][ T348] ? dup_mm+0x300/0x300 [ 3292.036859][ T348] ? do_mmap+0x9ad/0x1060 [ 3292.041191][ T348] __x64_sys_clone+0x25f/0x2c0 [ 3292.045955][ T348] ? __ia32_sys_vfork+0x110/0x110 [ 3292.050986][ T348] ? do_user_addr_fault+0x55c/0x9f0 [ 3292.056195][ T348] do_syscall_64+0xcb/0x150 [ 3292.061943][ T348] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3292.067840][ T348] RIP: 0033:0x45f1f9 [ 3292.071735][ T348] Code: ff 48 85 f6 0f 84 37 8d fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 0e 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 3292.091334][ T348] RSP: 002b:00007ffc9dd74c98 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 3292.099750][ T348] RAX: ffffffffffffffda RBX: 00007f67d72d6700 RCX: 000000000045f1f9 [ 3292.107725][ T348] RDX: 00007f67d72d69d0 RSI: 00007f67d72d5db0 RDI: 00000000003d0f00 [ 3292.115715][ T348] RBP: 00007ffc9dd74ec0 R08: 00007f67d72d6700 R09: 00007f67d72d6700 [ 3292.123706][ T348] R10: 00007f67d72d69d0 R11: 0000000000000202 R12: 0000000000000000 [ 3292.131673][ T348] R13: 00007ffc9dd74d4f R14: 00007f67d72d69c0 R15: 000000000078c0ec [ 3292.202992][ T348] Mem-Info: [ 3292.206699][ T348] active_anon:1408527 inactive_anon:10799 isolated_anon:0 [ 3292.206699][ T348] active_file:31 inactive_file:50 isolated_file:27 [ 3292.206699][ T348] unevictable:0 dirty:3 writeback:1 unstable:0 [ 3292.206699][ T348] slab_reclaimable:10405 slab_unreclaimable:90227 [ 3292.206699][ T348] mapped:56571 shmem:14896 pagetables:31582 bounce:0 [ 3292.206699][ T348] free:11073 free_pcp:212 free_cma:0 [ 3292.245432][ T348] Node 0 active_anon:5634208kB inactive_anon:43196kB active_file:124kB inactive_file:288kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:226084kB dirty:12kB writeback:4kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3292.312849][ T348] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3292.339856][ T348] lowmem_reserve[]: 0 2912 6416 6416 [ 3292.345552][ T348] DMA32 free:21536kB min:4644kB low:7624kB high:10604kB active_anon:2804376kB inactive_anon:2724kB active_file:156kB inactive_file:644kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10848kB pagetables:22136kB bounce:0kB free_pcp:144kB local_pcp:16kB free_cma:0kB [ 3292.374846][ T348] lowmem_reserve[]: 0 0 3504 3504 [ 3292.379879][ T348] Normal free:6448kB min:5592kB low:9180kB high:12768kB active_anon:2830144kB inactive_anon:40472kB active_file:152kB inactive_file:512kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:28032kB pagetables:104200kB bounce:0kB free_pcp:584kB local_pcp:376kB free_cma:0kB [ 3292.420549][ T348] lowmem_reserve[]: 0 0 0 0 [ 3292.425379][ T348] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3292.439431][ T348] DMA32: 311*4kB (UMEH) 502*8kB (UMEH) 880*16kB (UME) 50*32kB (UMH) 4*64kB (MH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 21196kB [ 3292.456165][ T348] Normal: 528*4kB (UMEH) 164*8kB (UMEH) 79*16kB (UMEH) 53*32kB (UMEH) 6*64kB (MEH) 2*128kB (H) 1*256kB (H) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 7280kB [ 3292.472589][ T348] 15107 total pagecache pages [ 3292.478016][ T348] 0 pages in swap cache [ 3292.482903][ T348] Swap cache stats: add 0, delete 0, find 0/0 [ 3292.489711][ T348] Free swap = 0kB [ 3292.496878][ T348] Total swap = 0kB [ 3292.501887][ T348] 1965979 pages RAM [ 3292.506424][ T348] 0 pages HighMem/MovableOnly [ 3292.511734][ T348] 318830 pages reserved [ 3292.516558][ T348] 0 pages cma reserved [ 3292.521133][ T348] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=31250,uid=0 [ 3292.539477][ T348] Out of memory: Killed process 31250 (syz-executor.0) total-vm:75628kB, anon-rss:16592kB, file-rss:34624kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3292.567213][T24516] kworker/u4:3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 3292.580681][T24516] CPU: 1 PID: 24516 Comm: kworker/u4:3 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3292.590691][T24516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3292.601210][T24516] Workqueue: events_unbound call_usermodehelper_exec_work [ 3292.608316][T24516] Call Trace: [ 3292.611693][T24516] dump_stack+0x14a/0x1ce [ 3292.616055][T24516] ? devkmsg_release+0x11c/0x11c [ 3292.621005][T24516] ? show_regs_print_info+0x12/0x12 [ 3292.626227][T24516] ? radix_tree_cpu_dead+0x160/0x160 [ 3292.631602][T24516] ? _raw_spin_lock+0xa1/0x170 [ 3292.636371][T24516] ? _raw_spin_trylock_bh+0x190/0x190 [ 3292.641741][T24516] dump_header+0xdb/0x700 [ 3292.646063][T24516] oom_kill_process+0xd3/0x280 [ 3292.650854][T24516] out_of_memory+0x5b6/0x890 [ 3292.655442][T24516] ? unregister_oom_notifier+0x20/0x20 [ 3292.660949][T24516] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3292.666516][T24516] ? get_page_from_freelist+0x7c0/0x7c0 [ 3292.672050][T24516] ? worker_thread+0xa8f/0x1430 [ 3292.676893][T24516] ? __zone_watermark_ok+0x91/0x280 [ 3292.682085][T24516] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3292.687686][T24516] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3292.693227][T24516] ? copy_process+0x5a4/0x5110 [ 3292.697975][T24516] ? kmem_cache_alloc+0x1d5/0x260 [ 3292.703081][T24516] copy_process+0x5f3/0x5110 [ 3292.707656][T24516] ? find_next_bit+0xd8/0x120 [ 3292.712320][T24516] ? cpumask_next+0xc/0x20 [ 3292.716719][T24516] ? wb_do_writeback+0xa1a/0xb50 [ 3292.722055][T24516] ? fork_idle+0x290/0x290 [ 3292.726717][T24516] ? wb_workfn+0x850/0x850 [ 3292.731125][T24516] ? ptr_to_hashval+0x60/0x60 [ 3292.735784][T24516] _do_fork+0x196/0x920 [ 3292.740154][T24516] ? set_worker_desc+0x1b3/0x1f0 [ 3292.745079][T24516] ? dup_mm+0x300/0x300 [ 3292.749481][T24516] ? _raw_spin_lock_irq+0xa2/0x180 [ 3292.754575][T24516] kernel_thread+0x162/0x1d0 [ 3292.759155][T24516] ? proc_cap_handler+0x580/0x580 [ 3292.764177][T24516] ? legacy_clone_args_valid+0x50/0x50 [ 3292.769627][T24516] ? kernel_sigaction+0x11b/0x200 [ 3292.774760][T24516] ? proc_cap_handler+0x580/0x580 [ 3292.779776][T24516] ? _raw_spin_unlock_irq+0x5/0x20 [ 3292.784870][T24516] ? finish_task_switch+0x235/0x4c0 [ 3292.790048][T24516] call_usermodehelper_exec_work+0xe0/0x350 [ 3292.795927][T24516] ? call_usermodehelper_setup+0x210/0x210 [ 3292.801890][T24516] ? read_word_at_a_time+0xe/0x20 [ 3292.806899][T24516] ? strscpy+0xa6/0x260 [ 3292.811051][T24516] process_one_work+0x777/0xf90 [ 3292.815892][T24516] worker_thread+0xa8f/0x1430 [ 3292.820607][T24516] ? _raw_spin_lock+0x170/0x170 [ 3292.825444][T24516] kthread+0x2df/0x300 [ 3292.829624][T24516] ? process_one_work+0xf90/0xf90 [ 3292.834656][T24516] ? kthread_destroy_worker+0x280/0x280 [ 3292.840898][T24516] ret_from_fork+0x1f/0x30 [ 3292.846042][T24516] Mem-Info: [ 3292.849435][T24516] active_anon:1405350 inactive_anon:10799 isolated_anon:0 [ 3292.849435][T24516] active_file:108 inactive_file:228 isolated_file:32 [ 3292.849435][T24516] unevictable:0 dirty:0 writeback:1 unstable:0 [ 3292.849435][T24516] slab_reclaimable:10405 slab_unreclaimable:90248 [ 3292.849435][T24516] mapped:56593 shmem:14896 pagetables:31552 bounce:0 [ 3292.849435][T24516] free:13536 free_pcp:758 free_cma:0 [ 3292.892183][T24516] Node 0 active_anon:5621400kB inactive_anon:43196kB active_file:608kB inactive_file:6212kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:230172kB dirty:96kB writeback:4kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 3292.923417][T24516] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3292.949680][T24516] lowmem_reserve[]: 0 2912 6416 6416 [ 3292.955171][T24516] DMA32 free:22104kB min:4644kB low:7624kB high:10604kB active_anon:2804212kB inactive_anon:2724kB active_file:24kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10816kB pagetables:22128kB bounce:0kB free_pcp:1132kB local_pcp:368kB free_cma:0kB 01:20:24 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:24 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:24 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, 0x0) preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3293.073745][T24516] lowmem_reserve[]: 0 0 3504 3504 [ 3293.090161][T24516] Normal free:11332kB min:9688kB low:13276kB high:16864kB active_anon:2817944kB inactive_anon:40472kB active_file:3728kB inactive_file:3512kB unevictable:0kB writepending:148kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27936kB pagetables:104080kB bounce:0kB free_pcp:152kB local_pcp:72kB free_cma:0kB [ 3293.200452][T24516] lowmem_reserve[]: 0 0 0 0 [ 3293.210676][T24516] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3293.238876][T24516] DMA32: 574*4kB (UMEH) 495*8kB (UMEH) 879*16kB (UME) 56*32kB (UMH) 3*64kB (H) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 22304kB [ 3293.253661][T24516] Normal: 442*4kB (UMEH) 153*8kB (UMEH) 74*16kB (UMEH) 29*32kB (UMEH) 62*64kB (UMEH) 10*128kB (MH) 4*256kB (UMH) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 11376kB [ 3293.270985][T24516] 15565 total pagecache pages [ 3293.284742][T24516] 0 pages in swap cache [ 3293.292203][T24516] Swap cache stats: add 0, delete 0, find 0/0 [ 3293.302295][T24516] Free swap = 0kB [ 3293.312842][T24516] Total swap = 0kB [ 3293.316678][T24516] 1965979 pages RAM [ 3293.320469][T24516] 0 pages HighMem/MovableOnly [ 3293.357144][T24516] 318830 pages reserved [ 3293.367963][T24516] 0 pages cma reserved [ 3293.389162][T24516] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=379,uid=0 [ 3293.432904][T24516] Out of memory: Killed process 379 (syz-executor.0) total-vm:75628kB, anon-rss:16592kB, file-rss:34676kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 01:20:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, 0x0) preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, 0x0) preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:25 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:25 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, 0x0, 0x0) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:25 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() keyctl$get_security(0x11, 0x0, &(0x7f0000000200)=""/232, 0xe8) sched_setattr(r0, &(0x7f0000000040)={0xffffff26, 0x2, 0x10000000, 0x0, 0xa}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) getsockopt$sock_int(r4, 0x1, 0x29, &(0x7f0000000180), &(0x7f00000001c0)=0x4) fcntl$getownex(r4, 0x10, &(0x7f0000000100)={0x0, 0x0}) sched_setattr(r5, &(0x7f0000000080)={0x38, 0x2, 0x18000019, 0x0, 0x7ff, 0x6, 0x419, 0x0, 0x0, 0xffffffff}, 0x0) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0) 01:20:25 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(0xffffffffffffffff, &(0x7f0000000500), 0x37d, 0x0) 01:20:25 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$TIOCCBRK(0xffffffffffffffff, 0x5428) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:25 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x0, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:25 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(0xffffffffffffffff, &(0x7f0000000500), 0x37d, 0x0) 01:20:25 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:25 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x0, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3294.398005][ T421] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 3294.415453][ T421] CPU: 0 PID: 421 Comm: syz-executor.1 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3294.425463][ T421] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3294.435536][ T421] Call Trace: [ 3294.438829][ T421] dump_stack+0x14a/0x1ce [ 3294.443168][ T421] ? devkmsg_release+0x11c/0x11c [ 3294.448189][ T421] ? show_regs_print_info+0x12/0x12 [ 3294.453398][ T421] ? radix_tree_cpu_dead+0x160/0x160 [ 3294.458767][ T421] ? _raw_spin_lock+0xa1/0x170 [ 3294.463546][ T421] ? _raw_spin_trylock_bh+0x190/0x190 [ 3294.468932][ T421] dump_header+0xdb/0x700 [ 3294.473285][ T421] oom_kill_process+0xd3/0x280 [ 3294.478059][ T421] out_of_memory+0x5b6/0x890 [ 3294.482653][ T421] ? unregister_oom_notifier+0x20/0x20 [ 3294.488198][ T421] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3294.493745][ T421] ? get_page_from_freelist+0x7c0/0x7c0 [ 3294.499301][ T421] ? __zone_watermark_ok+0x91/0x280 [ 3294.504510][ T421] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3294.509883][ T421] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3294.515450][ T421] ? copy_process+0x5a4/0x5110 [ 3294.520820][ T421] ? kmem_cache_alloc+0x1d5/0x260 [ 3294.525846][ T421] copy_process+0x5f3/0x5110 [ 3294.530551][ T421] ? do_wp_page+0xb1b/0x1530 [ 3294.535245][ T421] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 3294.541309][ T421] ? fork_idle+0x290/0x290 [ 3294.545731][ T421] _do_fork+0x196/0x920 [ 3294.549979][ T421] ? switch_mm+0x100/0x100 [ 3294.554383][ T421] ? dup_mm+0x300/0x300 [ 3294.558537][ T421] __x64_sys_clone+0x25f/0x2c0 [ 3294.563296][ T421] ? __ia32_sys_vfork+0x110/0x110 [ 3294.568308][ T421] ? __fpregs_load_activate+0x2d3/0x390 [ 3294.573855][ T421] do_syscall_64+0xcb/0x150 [ 3294.578368][ T421] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3294.584268][ T421] RIP: 0033:0x45ae5a [ 3294.588159][ T421] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 3294.607756][ T421] RSP: 002b:00007fff52222cf0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3294.616159][ T421] RAX: ffffffffffffffda RBX: 00007fff52222cf0 RCX: 000000000045ae5a [ 3294.624145][ T421] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3294.632123][ T421] RBP: 00007fff52222d30 R08: 0000000000000001 R09: 0000000002704940 [ 3294.640121][ T421] R10: 0000000002704c10 R11: 0000000000000246 R12: 0000000000000001 [ 3294.648089][ T421] R13: 0000000000000000 R14: 0000000000000000 R15: 00007fff52222d80 [ 3294.667791][ T421] Mem-Info: [ 3294.670978][ T421] active_anon:1406843 inactive_anon:10799 isolated_anon:0 [ 3294.670978][ T421] active_file:58 inactive_file:697 isolated_file:21 [ 3294.670978][ T421] unevictable:0 dirty:11 writeback:0 unstable:0 [ 3294.670978][ T421] slab_reclaimable:10394 slab_unreclaimable:90510 [ 3294.670978][ T421] mapped:57045 shmem:14896 pagetables:31580 bounce:0 [ 3294.670978][ T421] free:12290 free_pcp:63 free_cma:0 [ 3294.784332][ T421] Node 0 active_anon:5627376kB inactive_anon:43196kB active_file:1352kB inactive_file:1036kB unevictable:0kB isolated(anon):0kB isolated(file):96kB mapped:228328kB dirty:48kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3294.809575][ T421] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3294.837290][ T421] lowmem_reserve[]: 0 2912 6416 6416 [ 3294.843778][ T421] DMA32 free:23216kB min:4644kB low:7624kB high:10604kB active_anon:2805420kB inactive_anon:2724kB active_file:12kB inactive_file:20kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10816kB pagetables:22216kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3294.938380][ T421] lowmem_reserve[]: 0 0 3504 3504 [ 3294.951943][ T421] Normal free:8984kB min:5592kB low:9180kB high:12768kB active_anon:2823544kB inactive_anon:40472kB active_file:656kB inactive_file:1032kB unevictable:0kB writepending:20kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:28032kB pagetables:104108kB bounce:0kB free_pcp:776kB local_pcp:700kB free_cma:0kB [ 3294.982092][ T421] lowmem_reserve[]: 0 0 0 0 [ 3294.987057][ T421] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3295.000944][ T421] DMA32: 199*4kB (UH) 464*8kB (UEH) 879*16kB (UE) 100*32kB (UH) 4*64kB (UH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 22028kB [ 3295.015371][ T421] Normal: 483*4kB (UMEH) 128*8kB (UMEH) 101*16kB (UMEH) 38*32kB (UMEH) 8*64kB (UMEH) 5*128kB (MEH) 3*256kB (H) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 8732kB [ 3295.031578][ T421] 15277 total pagecache pages [ 3295.039282][ T421] 0 pages in swap cache [ 3295.043565][ T421] Swap cache stats: add 0, delete 0, find 0/0 [ 3295.049666][ T421] Free swap = 0kB [ 3295.053451][ T421] Total swap = 0kB [ 3295.057220][ T421] 1965979 pages RAM [ 3295.061079][ T421] 0 pages HighMem/MovableOnly [ 3295.065815][ T421] 318830 pages reserved [ 3295.069990][ T421] 0 pages cma reserved [ 3295.074322][ T421] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=448,uid=0 [ 3295.088348][ T421] Out of memory: Killed process 448 (syz-executor.4) total-vm:75364kB, anon-rss:16564kB, file-rss:34160kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3295.110136][ T23] oom_reaper: reaped process 448 (syz-executor.4), now anon-rss:0kB, file-rss:34204kB, shmem-rss:0kB 01:20:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:27 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) getsockopt$sock_int(r6, 0x1, 0x29, &(0x7f0000000180), &(0x7f00000001c0)=0x4) ioctl$PPPIOCATTACH(0xffffffffffffffff, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(0xffffffffffffffff, &(0x7f0000000500), 0x37d, 0x0) 01:20:27 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x0, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:27 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:27 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) r1 = socket$inet(0x2, 0x6, 0x800) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) fcntl$setlease(r3, 0x400, 0x2) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x0, 0x4) 01:20:27 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, 0x0, 0x0, 0x0) 01:20:27 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, 0x0, 0x0, 0x0) [ 3295.637686][ T521] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3295.697248][ T521] CPU: 1 PID: 521 Comm: syz-executor.0 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3295.707261][ T521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3295.717330][ T521] Call Trace: [ 3295.720627][ T521] dump_stack+0x14a/0x1ce [ 3295.725082][ T521] ? devkmsg_release+0x11c/0x11c [ 3295.730036][ T521] ? show_regs_print_info+0x12/0x12 [ 3295.735263][ T521] ? radix_tree_cpu_dead+0x160/0x160 [ 3295.740553][ T521] ? _raw_spin_lock+0xa1/0x170 [ 3295.745583][ T521] ? _raw_spin_trylock_bh+0x190/0x190 [ 3295.751152][ T521] dump_header+0xdb/0x700 [ 3295.755541][ T521] oom_kill_process+0xd3/0x280 [ 3295.760319][ T521] out_of_memory+0x5b6/0x890 [ 3295.764938][ T521] ? unregister_oom_notifier+0x20/0x20 [ 3295.770429][ T521] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3295.775994][ T521] ? get_page_from_freelist+0x7c0/0x7c0 [ 3295.781559][ T521] ? __zone_watermark_ok+0x91/0x280 [ 3295.786781][ T521] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3295.792160][ T521] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3295.797706][ T521] ? __rcu_read_lock+0x50/0x50 [ 3295.802489][ T521] pte_alloc_one+0x1b/0xb0 [ 3295.806906][ T521] handle_mm_fault+0x1cd6/0x40a0 [ 3295.812042][ T521] ? finish_fault+0x230/0x230 [ 3295.816742][ T521] ? __perf_event_task_sched_in+0x4f7/0x560 [ 3295.822649][ T521] ? __up_read+0x1b0/0x1b0 [ 3295.827176][ T521] ? vmacache_update+0x9f/0xf0 [ 3295.831956][ T521] do_user_addr_fault+0x48a/0x9f0 [ 3295.836996][ T521] page_fault+0x2f/0x40 [ 3295.841166][ T521] RIP: 0033:0x45c829 [ 3295.845077][ T521] Code: Bad RIP value. [ 3295.849159][ T521] RSP: 002b:00007f5f7dae8c78 EFLAGS: 00010246 [ 3295.855224][ T521] RAX: 0000000000000000 RBX: 00000000004da840 RCX: 000000000045c829 [ 3295.863228][ T521] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000000 [ 3295.871206][ T521] RBP: 000000000078c040 R08: ffffffffffffffff R09: 0000000000000000 [ 3295.879180][ T521] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3295.887266][ T521] R13: 0000000000000076 R14: 00000000004c311e R15: 00007f5f7dae96d4 [ 3295.908671][ T521] Mem-Info: [ 3295.912857][ T521] active_anon:1407496 inactive_anon:10799 isolated_anon:0 [ 3295.912857][ T521] active_file:44 inactive_file:99 isolated_file:79 [ 3295.912857][ T521] unevictable:0 dirty:13 writeback:0 unstable:0 [ 3295.912857][ T521] slab_reclaimable:10381 slab_unreclaimable:90413 [ 3295.912857][ T521] mapped:56720 shmem:14896 pagetables:31709 bounce:0 [ 3295.912857][ T521] free:11357 free_pcp:636 free_cma:0 [ 3295.951815][ T521] Node 0 active_anon:5630008kB inactive_anon:43196kB active_file:304kB inactive_file:244kB unevictable:0kB isolated(anon):0kB isolated(file):212kB mapped:226704kB dirty:56kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3295.977859][ T521] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3296.004816][ T521] lowmem_reserve[]: 0 2912 6416 6416 [ 3296.011208][ T521] DMA32 free:22656kB min:4644kB low:7624kB high:10604kB active_anon:2805020kB inactive_anon:2724kB active_file:0kB inactive_file:56kB unevictable:0kB writepending:8kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11104kB pagetables:22236kB bounce:0kB free_pcp:496kB local_pcp:356kB free_cma:0kB [ 3296.044326][ T521] lowmem_reserve[]: 0 0 3504 3504 [ 3296.049997][ T521] Normal free:7624kB min:5592kB low:9180kB high:12768kB active_anon:2824988kB inactive_anon:40472kB active_file:204kB inactive_file:360kB unevictable:0kB writepending:48kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27936kB pagetables:104600kB bounce:0kB free_pcp:1872kB local_pcp:540kB free_cma:0kB [ 3296.080085][ T521] lowmem_reserve[]: 0 0 0 0 [ 3296.084917][ T521] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3296.098644][ T521] DMA32: 368*4kB (UMEH) 484*8kB (UMH) 882*16kB (UME) 92*32kB (UMH) 4*64kB (UH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 22656kB [ 3296.113617][ T521] Normal: 358*4kB (UMEH) 102*8kB (UMEH) 60*16kB (UMEH) 44*32kB (UME) 11*64kB (UMEH) 8*128kB (UMEH) 3*256kB (H) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 7624kB [ 3296.130068][ T521] 14997 total pagecache pages [ 3296.135063][ T521] 0 pages in swap cache [ 3296.139519][ T521] Swap cache stats: add 0, delete 0, find 0/0 [ 3296.145925][ T521] Free swap = 0kB [ 3296.149937][ T521] Total swap = 0kB [ 3296.154889][ T521] 1965979 pages RAM [ 3296.159390][ T521] 0 pages HighMem/MovableOnly [ 3296.171616][ T521] 318830 pages reserved [ 3296.176261][ T521] 0 pages cma reserved [ 3296.180703][ T521] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=490,uid=0 [ 3296.195104][ T521] Out of memory: Killed process 490 (syz-executor.0) total-vm:75496kB, anon-rss:16580kB, file-rss:34644kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3296.219833][ T23] oom_reaper: reaped process 490 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:20:28 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:28 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:28 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004870000000000000bc700000000000009500faff000000008aa1210b29017b83c8e96e6405f7e93dba4d64b5030b3388b0409a814343f1ae341b74efa745a12f5c0685e5261482e31e0cacc902c97e6145201b062261ef48004d26342c94f56a39359ba56724e4535d80ffbd6848d53382c262869ba15d8f0c2211a2b975eb4a9d08501c560001a00000c5d197e50ff28b4a3b05489d1d1245cb774879b0871dd61703ee24fb4a51fe87ff070000000000008cca1a363b2b28add653658171122dc01e0a77d7c44b009fdac91fc827f5797532750d4d4639f11089feb3f25b4695c6dac2cabfa04e2c16fa741bbf5528a601b5934b867f39f7d776ac00a413949b4455b7c6c678de4d9740cfdff6169c664b55ce550fb4e686ae169d9f7abbeb08e02799374ae0091858bdf144d8c7dcec5e43a0e8099e543116b1b7d144b56145cca4798344d82de45f0c1b7d040300000077779123b32d14bc1c3d"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffcf8}, 0x48) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x4, 0x0, 0x0, 0x9, 0xc3, 0x0, 0x0, 0x0, 0x20000}, 0x0) r2 = socket$inet6(0xa, 0x5, 0x3) recvmmsg(r2, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r5 = open(0x0, 0x141042, 0x0) connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r6, &(0x7f0000000500), 0x37d, 0x0) 01:20:28 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000340)={{{@in6=@remote, @in=@private, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@local}, 0x0, @in=@dev}}, &(0x7f00000000c0)=0xe8) setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000440)={{{@in=@multicast1, @in=@multicast2, 0x4e20, 0xff, 0x4e20, 0x400, 0x2, 0x80, 0x80, 0x32, 0x0, r4}, {0xffff, 0x9, 0x9, 0x6, 0xdd5, 0x8, 0x200040000000000, 0x1}, {0x80000000, 0x0, 0x100003f, 0x8}, 0x80000000, 0x6e6bc0, 0x2, 0x1, 0x3, 0x1}, {{@in6=@private0, 0x4d6, 0x3c}, 0xa, @in=@initdev={0xac, 0x1e, 0x1, 0x0}, 0x3504, 0x0, 0x2, 0xfb, 0x0, 0x1, 0x81}}, 0xe8) r5 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r6 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x0) ioctl$PPPIOCATTACH(r6, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:28 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:28 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, 0x0, 0x0, 0x0) 01:20:28 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:28 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3297.353996][T24211] kworker/u4:2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 3297.369301][T24211] CPU: 1 PID: 24211 Comm: kworker/u4:2 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3297.379295][T24211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3297.389366][T24211] Workqueue: events_unbound call_usermodehelper_exec_work [ 3297.396770][T24211] Call Trace: [ 3297.400066][T24211] dump_stack+0x14a/0x1ce [ 3297.404402][T24211] ? devkmsg_release+0x11c/0x11c [ 3297.409366][T24211] ? show_regs_print_info+0x12/0x12 [ 3297.414657][T24211] ? radix_tree_cpu_dead+0x160/0x160 [ 3297.419970][T24211] ? _raw_spin_lock+0xa1/0x170 [ 3297.424736][T24211] ? _raw_spin_trylock_bh+0x190/0x190 [ 3297.430226][T24211] dump_header+0xdb/0x700 [ 3297.434570][T24211] oom_kill_process+0xd3/0x280 [ 3297.439352][T24211] out_of_memory+0x5b6/0x890 [ 3297.443969][T24211] ? unregister_oom_notifier+0x20/0x20 [ 3297.449539][T24211] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3297.455101][T24211] ? get_page_from_freelist+0x7c0/0x7c0 [ 3297.461370][T24211] ? worker_thread+0xa8f/0x1430 [ 3297.466226][T24211] ? __zone_watermark_ok+0x91/0x280 [ 3297.471432][T24211] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3297.476835][T24211] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3297.482553][T24211] ? copy_process+0x5a4/0x5110 [ 3297.487312][T24211] ? copy_process+0x5a4/0x5110 [ 3297.492074][T24211] ? kmem_cache_alloc+0x1d5/0x260 [ 3297.497098][T24211] copy_process+0x5f3/0x5110 [ 3297.501687][T24211] ? check_preempt_wakeup+0x6fc/0xd60 [ 3297.507063][T24211] ? ttwu_do_wakeup+0x154/0x5b0 [ 3297.512003][T24211] ? fork_idle+0x290/0x290 [ 3297.516425][T24211] ? _raw_spin_unlock+0x5/0x20 [ 3297.521195][T24211] ? ttwu_queue+0x2f9/0x480 [ 3297.525811][T24211] _do_fork+0x196/0x920 [ 3297.529963][T24211] ? dup_mm+0x300/0x300 [ 3297.534113][T24211] ? _raw_spin_lock_irq+0xa2/0x180 [ 3297.539226][T24211] kernel_thread+0x162/0x1d0 [ 3297.543817][T24211] ? proc_cap_handler+0x580/0x580 [ 3297.548864][T24211] ? legacy_clone_args_valid+0x50/0x50 [ 3297.554319][T24211] ? kernel_sigaction+0x11b/0x200 [ 3297.559352][T24211] ? proc_cap_handler+0x580/0x580 [ 3297.564393][T24211] ? _raw_spin_unlock_irq+0x5/0x20 [ 3297.569550][T24211] ? finish_task_switch+0x235/0x4c0 [ 3297.574897][T24211] call_usermodehelper_exec_work+0xe0/0x350 [ 3297.580801][T24211] ? call_usermodehelper_setup+0x210/0x210 [ 3297.586632][T24211] ? read_word_at_a_time+0xe/0x20 [ 3297.591673][T24211] ? strscpy+0xa6/0x260 [ 3297.595825][T24211] process_one_work+0x777/0xf90 [ 3297.600667][T24211] worker_thread+0xa8f/0x1430 [ 3297.605326][T24211] kthread+0x2df/0x300 [ 3297.609379][T24211] ? process_one_work+0xf90/0xf90 [ 3297.614503][T24211] ? kthread_destroy_worker+0x280/0x280 [ 3297.620080][T24211] ret_from_fork+0x1f/0x30 [ 3297.626929][T24211] Mem-Info: [ 3297.631218][T24211] active_anon:1406006 inactive_anon:10799 isolated_anon:0 [ 3297.631218][T24211] active_file:148 inactive_file:430 isolated_file:0 [ 3297.631218][T24211] unevictable:0 dirty:3 writeback:0 unstable:0 [ 3297.631218][T24211] slab_reclaimable:10372 slab_unreclaimable:90288 [ 3297.631218][T24211] mapped:56814 shmem:14896 pagetables:31674 bounce:0 [ 3297.631218][T24211] free:12828 free_pcp:460 free_cma:0 [ 3297.671344][T24211] Node 0 active_anon:5624024kB inactive_anon:43196kB active_file:568kB inactive_file:1984kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:227456kB dirty:12kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3297.702913][T24211] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3297.730664][T24211] lowmem_reserve[]: 0 2912 6416 6416 [ 3297.737004][T24211] DMA32 free:24612kB min:20548kB low:23528kB high:26508kB active_anon:2802764kB inactive_anon:2724kB active_file:216kB inactive_file:2508kB unevictable:0kB writepending:36kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10848kB pagetables:22220kB bounce:0kB free_pcp:576kB local_pcp:324kB free_cma:0kB 01:20:29 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3297.863233][T24211] lowmem_reserve[]: 0 0 3504 3504 01:20:29 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000200)={0x38, 0x2, 0x41, 0x0, 0x9, 0x0, 0x0, 0x3, 0x0, 0x8000}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) getsockopt$sock_int(0xffffffffffffffff, 0x1, 0x29, &(0x7f0000000180), &(0x7f00000001c0)=0x4) getsockopt$IP_VS_SO_GET_INFO(0xffffffffffffffff, 0x0, 0x481, &(0x7f00000000c0), &(0x7f0000000180)=0xc) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) [ 3297.899191][T24211] Normal free:17132kB min:5592kB low:9180kB high:12768kB active_anon:2806392kB inactive_anon:40472kB active_file:2676kB inactive_file:4988kB unevictable:0kB writepending:48kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:28032kB pagetables:104316kB bounce:0kB free_pcp:576kB local_pcp:112kB free_cma:0kB 01:20:29 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:29 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() keyctl$get_security(0x11, 0x0, &(0x7f0000000200)=""/232, 0xe8) sched_setattr(r0, &(0x7f0000000040)={0xffffff26, 0x2, 0x10000000, 0x0, 0xa}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) getsockopt$sock_int(r4, 0x1, 0x29, &(0x7f0000000180), &(0x7f00000001c0)=0x4) fcntl$getownex(r4, 0x10, &(0x7f0000000100)={0x0, 0x0}) sched_setattr(r5, &(0x7f0000000080)={0x38, 0x2, 0x18000019, 0x0, 0x7ff, 0x6, 0x419, 0x0, 0x0, 0xffffffff}, 0x0) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0) 01:20:29 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:30 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3298.065709][T24211] lowmem_reserve[]: 0 0 0 0 [ 3298.077776][T24211] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3298.160749][T24211] DMA32: 445*4kB (UMEH) 503*8kB (UMEH) 884*16kB (UMEH) 187*32kB (UMH) 9*64kB (UH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26508kB [ 3298.230410][T24211] Normal: 358*4kB (UMEH) 119*8kB (UMEH) 224*16kB (UMEH) 94*32kB (UMEH) 6*64kB (ME) 4*128kB (UMH) 3*256kB (H) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 10640kB [ 3298.270931][T24211] 15620 total pagecache pages [ 3298.294258][T24211] 0 pages in swap cache [ 3298.302320][T24211] Swap cache stats: add 0, delete 0, find 0/0 [ 3298.309355][T24211] Free swap = 0kB [ 3298.313540][T24211] Total swap = 0kB [ 3298.317460][T24211] 1965979 pages RAM [ 3298.321474][T24211] 0 pages HighMem/MovableOnly [ 3298.328634][T24211] 318830 pages reserved [ 3298.333157][T24211] 0 pages cma reserved [ 3298.337420][T24211] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=538,uid=0 [ 3298.424434][ T419] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 3298.441667][ T419] CPU: 0 PID: 419 Comm: syz-executor.3 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3298.451668][ T419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3298.461718][ T419] Call Trace: [ 3298.465004][ T419] dump_stack+0x14a/0x1ce [ 3298.469337][ T419] ? devkmsg_release+0x11c/0x11c [ 3298.474269][ T419] ? show_regs_print_info+0x12/0x12 [ 3298.479546][ T419] ? radix_tree_cpu_dead+0x160/0x160 [ 3298.484839][ T419] ? _raw_spin_lock+0xa1/0x170 [ 3298.489599][ T419] ? _raw_spin_trylock_bh+0x190/0x190 [ 3298.494974][ T419] dump_header+0xdb/0x700 [ 3298.499298][ T419] oom_kill_process+0xd3/0x280 [ 3298.504052][ T419] out_of_memory+0x5b6/0x890 [ 3298.508641][ T419] ? unregister_oom_notifier+0x20/0x20 [ 3298.514095][ T419] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3298.519663][ T419] ? get_page_from_freelist+0x7c0/0x7c0 [ 3298.525200][ T419] ? __zone_watermark_ok+0x91/0x280 [ 3298.530396][ T419] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3298.535777][ T419] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3298.541372][ T419] ? copy_process+0x5a4/0x5110 [ 3298.546141][ T419] ? kmem_cache_alloc+0x1d5/0x260 [ 3298.551190][ T419] copy_process+0x5f3/0x5110 [ 3298.555802][ T419] ? do_wp_page+0xb1b/0x1530 [ 3298.560398][ T419] ? do_swap_page+0x1560/0x1560 [ 3298.565254][ T419] ? fork_idle+0x290/0x290 [ 3298.569672][ T419] ? memset+0x1f/0x40 [ 3298.573678][ T419] ? handle_mm_fault+0xb16/0x40a0 [ 3298.578725][ T419] _do_fork+0x196/0x920 [ 3298.582879][ T419] ? dup_mm+0x300/0x300 [ 3298.587022][ T419] ? ktime_get_raw+0x130/0x130 [ 3298.591906][ T419] __x64_sys_clone+0x25f/0x2c0 [ 3298.596669][ T419] ? __ia32_sys_vfork+0x110/0x110 [ 3298.601685][ T419] ? __x64_sys_clock_gettime+0x20d/0x260 [ 3298.607327][ T419] ? do_user_addr_fault+0x55c/0x9f0 [ 3298.612516][ T419] do_syscall_64+0xcb/0x150 [ 3298.617016][ T419] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3298.622914][ T419] RIP: 0033:0x45ae5a [ 3298.626811][ T419] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 3298.646533][ T419] RSP: 002b:00007ffe0c13c170 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3298.654937][ T419] RAX: ffffffffffffffda RBX: 00007ffe0c13c170 RCX: 000000000045ae5a [ 3298.662911][ T419] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3298.670900][ T419] RBP: 00007ffe0c13c1b0 R08: 0000000000000001 R09: 000000000183d940 [ 3298.678864][ T419] R10: 000000000183dc10 R11: 0000000000000246 R12: 0000000000000001 [ 3298.686833][ T419] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe0c13c200 [ 3298.698527][ T419] Mem-Info: [ 3298.701837][ T419] active_anon:1406010 inactive_anon:10799 isolated_anon:0 [ 3298.701837][ T419] active_file:134 inactive_file:108 isolated_file:31 [ 3298.701837][ T419] unevictable:0 dirty:14 writeback:1 unstable:0 [ 3298.701837][ T419] slab_reclaimable:10367 slab_unreclaimable:90186 [ 3298.701837][ T419] mapped:56732 shmem:14896 pagetables:31648 bounce:0 [ 3298.701837][ T419] free:13444 free_pcp:17 free_cma:0 [ 3298.740206][ T419] Node 0 active_anon:5624040kB inactive_anon:43196kB active_file:536kB inactive_file:432kB unevictable:0kB isolated(anon):0kB isolated(file):124kB mapped:226928kB dirty:56kB writeback:4kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3298.765659][ T419] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3298.792097][ T419] lowmem_reserve[]: 0 2912 6416 6416 [ 3298.797766][ T419] DMA32 free:27308kB min:20548kB low:23528kB high:26508kB active_anon:2803356kB inactive_anon:2724kB active_file:476kB inactive_file:356kB unevictable:0kB writepending:12kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:10912kB pagetables:22276kB bounce:0kB free_pcp:64kB local_pcp:16kB free_cma:0kB [ 3298.828598][ T419] lowmem_reserve[]: 0 0 3504 3504 [ 3298.833978][ T419] Normal free:10564kB min:9688kB low:13276kB high:16864kB active_anon:2820000kB inactive_anon:40472kB active_file:892kB inactive_file:788kB unevictable:0kB writepending:48kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:28160kB pagetables:104316kB bounce:0kB free_pcp:156kB local_pcp:0kB free_cma:0kB [ 3298.864674][ T419] lowmem_reserve[]: 0 0 0 0 [ 3298.869716][ T419] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3298.884536][ T419] DMA32: 655*4kB (UMEH) 522*8kB (UMEH) 912*16kB (UMEH) 195*32kB (UMH) 10*64kB (UMH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 28268kB [ 3298.900842][ T419] Normal: 396*4kB (UEH) 74*8kB (UEH) 168*16kB (UMEH) 94*32kB (UMEH) 7*64kB (ME) 4*128kB (UMH) 3*256kB (H) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9600kB [ 3298.917278][ T419] 15187 total pagecache pages [ 3298.922514][ T419] 0 pages in swap cache [ 3298.927235][ T419] Swap cache stats: add 0, delete 0, find 0/0 [ 3298.933947][ T419] Free swap = 0kB [ 3298.938124][ T419] Total swap = 0kB [ 3298.942486][ T419] 1965979 pages RAM [ 3298.956034][ T419] 0 pages HighMem/MovableOnly [ 3298.961309][ T419] 318830 pages reserved [ 3298.966521][ T419] 0 pages cma reserved [ 3298.971320][ T419] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=27148,uid=0 [ 3298.986042][ T419] Out of memory: Killed process 27148 (syz-executor.5) total-vm:75628kB, anon-rss:16588kB, file-rss:34624kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 01:20:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:31 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) accept4$packet(r3, 0x0, &(0x7f0000000100), 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500)}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r5 = open(0x0, 0x141042, 0x0) connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r6, &(0x7f0000000500), 0x37d, 0x0) 01:20:31 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:31 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x6}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1000006f, 0x0, 0x20000000, 0x0, 0x5c3a}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) sendmsg$netlink(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000000c0)={0x10, 0x17, 0x2, 0x70bd2b, 0x25dfdbfd}, 0x10}, {&(0x7f0000001c80)={0x2144, 0x26, 0x100, 0x70bd25, 0x25dfdbfe, "", [@typed={0x8, 0x75, 0x0, 0x0, @u32}, @typed={0x14, 0x66, 0x0, 0x0, @ipv6=@private0={0xfc, 0x0, [], 0x2}}, @nested={0x3c, 0x2f, 0x0, 0x1, [@generic, @generic="856fcbe57433cd829f5a60350c73bbda890f8e00369f7a3251e8a4427ae604d09e900886837382ab1b4e3bf1ba60f74b750bdfa234b5e31a"]}, @typed={0x8, 0x3f, 0x0, 0x0, @u32=0x5}, @generic="85f7abf23191b7db4020de84fb28e377d7a36da34ad567f79496ac55afd4e081d691f3b664d6de68c44fc2401bf9be596dd8a3fb34edbc1fd3f53b255e596d340dc56be47d6261231f5282ffe4ac0ca7d3085500fb321236c6d17b204ca720f1fac93ef2b8a05992b61e7151cc6790181265faac82f0a86ae61c52dd6b26dee03520d36a37fb9e8d5bd6c7507ac2a058e6b33fb9e0daddfca08b8d8ff7b50bcf2b3106a962b44d800127797d19c832b66a4b8427e788768dfb2553592de9cd3f930b66177649d2207d79999f1d66", @typed={0x4, 0x41}, @generic="c316c2a9af12bd14347a8ee97c1ef967625274a5c705b33cfaca23ae5ba1c240c6696f2c0f1eca848965c808646837fc46a8aa2cbeb685d1b71ecd689ff0efaaed46a174f1f215069efffef68ffcaf9a8bce980da37b85559d395e9c2b9a966024127ea0c08b21a653504ea6f04294efb09bd6d1429547e8b62ab84d842fbdffdcf3a1410820bc896dcbb558818741f48825832e97de8fe41d7283c85c7202235d3ccbc56640f297ca916fc80cca52019477799fb8b22221181c308e597a4ace272b96d28d51303fff48102aca0b6398b2b7d6208b998096fb02d64ac5587240b049fb3b3f41f5cb44523dcfc40be62aa2aba34b0a37224200687ad834b30f7726d5f76eb0af6d54a8fb50c07ce2a65147765f811ddc8af3a7a5c288c0a5a760ae3c53f1ee5bb2edf0e9ce239b4dd948af914fe45fdda16adfe99ad47b1f42c10cd5a8e0cb39e8d7b95c61484ea3c08e3af6cc24e7749d3055d9f1b956874824a56a70cdc38696bd35aeaaa7295c3b91e73442193af02efa42f533b375763940e2e12c8dac82b6256db1529bc55bd22aa227c809399db668de1c9f96d9571935aaedfb61975c2e5224396c4121ca4aa61e912a87e43a362dbd29ebddfc1990bee512dadbc3d805a420fcc83c362c829fce235ea9085323ac5f4bf0301bc5d4a18a6b582fb241b8f2e8c7696663d8be6cec333aa4a5265e47a9b0781caffa2bb995d9a741d9650ee9927b2b1a311b664f3006afd56b503afbe4a0b15c8fa814adfbaa2aac021f030370c16df43f2af02c8795c5c97fe98005461dd39c632e59406026db2104dd563a09fc5072f120c8493f270efcfb9d6359c78cd1a3ce0dc883a4fc9f7c36a588d2abe4c36ed74feeaa77191038d277c39087595c0549ec9c01fb576151380574b7600afd971cad727fe88d0deb4332536d433b19f28cb506c070439bb9fb4ea35568dc122f9389f1a40343fb9edd1db1cb8b82d598dbb72a6eb89c32ea1306e1897e0bd0dc1f91094059bce31c710ac1bbced84a4d6bf32b5f93706566c9c4dc907715a472b85cba5cc60d99f00e4125d5656b90c6d866fb1ba9b8f9a1e598bd28d9197985e602fbc0310f795ff4fb862606c20984947be98e7ac7d93d269c903944f4ca7c67f340c765d1cab54582b6ff06470b324db16aa17683d0050b74b5c45884ec97a74959fbeb0371e659261f56a384d484250197ee1e3796beac69f20c54174c4e85755f0ffa037ebd58c19930776d6c84137fb09de6ca0bff938464b37a567df75323354c934b3bc02ed96f54a1fbdf78b75e6f7f55906dd8242b090dc9a48468954c4341b63d67832d997ff82f5a9569b7dbae970f7310be2574dae67a362afff4164912a3fab66cdb4101237eb1bf465258d1eb218649909e282f2f6c21740fa93d1ece865b7a9e03802dbbac17ac7ec9d192644ac26f304c3c944a0fd2acb291220c19acd33fdedb1bc57b51c4f6769f77c1e1d20bea3c38f99fa723cfff40b1161bb8b2d870e2914949ef853424e6413b94cb32bd017cf7fd759ec770ad6f0b0b1e57d4b028762b69bc5e75d1a09c91d203eed592454a4c6810b2d2ce9e06a08c50c7f5ce0c020fe664d6ad0673dcf69a225ab924b080dc5cc40af1e461abae03ab3832ab938ae9138aabd04df2e026ac6496736e6d409d85147950f16dd0997fa8aea6638d69768884d0999b4752765ed0e73d56ba9e29b66b2adcf3c86db9a68625b020abe235e905623fd73b73ec9017456a054cee7250f8612e7c48dbf3c5d8b9782f728dc2f295726b861300c4affd8e11221576eda7d69698bf473f07bb7695a845614d4dfe081fcce56a8769bc91c5b6debe52e4bca5438622a11507a8b71b9eb6285c46fab56e806d1c6a33dc75ae28173f3aa76edac1052aa6dc43fb985bd9ccad0fbe1dd3da09573785d50627c70fcd510d0ee9919677ee56879e8d9335fd4ef23946d38e1775dc533282891bca8ecf0b339e9f20a8ca7782dacf3761872c83daf603935bcb51fd17af5d19a521bb02b09eff9ed8e22fbde59a2a80a84f99e454c667bddcb7fd257693d1306ec7e63c2139d26894d9e8e6eacdc7d56dcaebbc14135fc2e6e2974977dbec69436defbc1f3f669a9c7fb9bccf8f9722ddaa90a5c57bc7e1a4995d0df4ff3a62442d4ae60797b8cbff5f17efeea94d08f0b4cc79a5430f6c9f06f02e29ff1bb6528509b80387c128e48256f6e55e9eb3ce35c06c4b9993e5e024f54568f46ed994d9a1e846c784752a228ff47dc6a851abfc0aa3b643bad52987d8b1a870add560e21d48fdfa4c5367e2acb509c8a8e220d39b4fab2d29d364e35b6e64f5fe606f6541e88a2b33e67ab2e6741c04499e41cda3ffb19d7de78fa6ddee5ec416640293452d00d1f47831233bfe6c22ba7b7179d1e478dc07bcfd4db3cf59776d2d6e7de2df2fa12e786fae869b2b161f22f86495f23e3120373e41e05cc3e067e93027ef9c3df16f24ccd8c7f9f526df97a1761982460852f1456dcdac9df53bfbb85019fde66301db5af48bcade8e7fe211eb90d7507e1f3d9c99fb5f4164071ef02e0a8618cff97b967cf9b99be2a6a1db03a5b59b3970c68b2459916ad1efb6f9393a0d5bbeea8c470ea03e215cb946930d08147508b91ae895a8a2f54276a6e0bc1e1f19a3ea906bc14620f1b02b246a09277e964bf8547234c8163d73843aa7d7b259a28feace17eb05fc846c9eb57b0d1c6944d126e954fa2003de50e1bf4d6ae4e239580b57a894d084cba1c0aebfdb60f33dbfefc8523a7a72844129e143814723f286c69952753b0a56f80400636cccd5197674bd8fe48ad9ceada03bed8733a125ddd040e009b962379218c8715caac9924184cbf01ed5dea8523f84b95d78c92145a72ad3742bb246c775e44b52356ec44d20dd93581a025eb0beeeaaf728b21123e6b317847fe52c093a74e9dbeb1e9a7791e05e2ec67094874bea0ecabfc4f402d30d4644e1282001f4cc6089de0088229f8f26a41c953e5bbffe73ddf410ab2dd4b97aff85974b424a675aad36c36328108a975cef70200c667ea973c12b055873ddd7c92aad74dc2753706743fef33575caf30d316ef0f245338f1cf66230c847500be3ef9dca87a18cbb570d9a26f42d34de814679f479762191dd245dee891256abfff0843b2d2349b5dfd0f3511b5a2b7dade3a0ff54587466a45557004d5cef707658a7de174ce1089086e43fa3c55fe7bdf817274df71b5cb78aab9b87b9b5ee2b1c410162ceb0fe8b41f1a62901a47787448529b4f5e4612d31650ff3c5908c1af446197ed2b65240ea66e3315a25f5f8e142c694f36b9bd8782910099c5eb92527bb96741fed60274d05cd46f3187b13f07e1e5cfcac1d7987c46389fefa84b26ffb23be3ed0ea04b5448eca6b7052755fc7fc52603a9665344e925da4a70790158b52c6ae42814f295d65761eff02315a957e6492208caa759fbcdec2bcd9934b52caaa39d84198316b6be9e32fe6b486e4e0402d8249d977263e108599f625a23829209de02ab95cbaa8e6dd858b73152df8bf67cb20683972823bea721683aa670c9e0ad382820d99282636b0ea907937f7bfd7994cec73c03d4afa6ef4b742c3b8e8fcb6f6bcaac76a8b4f0cef699ea1832a44123246af33786dc25419b3919a7e2eb458512e034bdb83b1547417f4c2f3b9b9bf3e86e11044b3723b2eae5b18d5df5d64c746a20b6a94d58c7c8e04cf0ed6f9d94bd8f16e4b7471c78da6c63746944147fe53e74b12846792529eb5cdabe2ace8c812b6c668757e83f5d15b8bd036c74a168184cec6243d02d5cd00aa129eb0bd0c41141d5f39836544e35a7b977331f3aa6babfdc25c6de860f52989ae89a9acb636a9dc993fa25d2f6b4cd1272aa787307f9dda4f4e9a1cf6e695c244909e4654ece562121cc4b44eb5208a0a2013d73364672da8f806dd7f48f19a5a52d29af078e53e626f774294d92e43be994b92f0598799b56b7fd8f03a30363d2e098d941b1a99507ce1fa0be0eed9cea773faf10239004fd2984001fd5391efd6a21bfda7850398377221cacdbed2da409bc150c56b21b3091359f926c58266ccfab91c51f23d922449c4b899d00532dd87f7648cca98984d19e94ed12cf0eb3b79a37530b8f73ed714f4ac47e4ce4b7e99ff28b3799af8c29a737bd6142220c3a163228eab94d86383f627fd89971e328c10e55a47e1645252ff79346278d8941f4e6c31300f87c057f19bcff04c47ec5a93b16b7a37a604b0f5d28e32482488653dec64ce3037f3f6a1ac0c71e889f3d21f967e494ad8311bc6e5a94b9fee9c40a082a803240b6bb5df71ca9abc45932b133222e35127459e5df61abe0e84eb1b956c6880c6aa3a0476fd92735a56da0f3346f0d6c27f2d026d6e210de799357294632a75bb3c3a45afc3ab64602ffaaa259e0a40ad2acfe85cb24404b592b1d9e8aec485a86bad7707113bea7e6a6383f076c7185cc9e231392e573a533077efb93d13c042055aa1329cdf6baa1ea094cbd1787c947af02c890ba009d888043ed7850ac3bd4e6afec921d6efe9017d2869aac59a1528aef000852ccc976e170bd7e9d6c99256d61adfa53f6ca90d19db1ea2547d4293ef52aa90509d9c2ef4d423a56832e2ac2588a6c72e19027fecd27cbf7033945575f6cc6fadb6848639b0df60aa9ba8845c975faa3f24e2121f8feb0b2ea6c581795315d59a544945ee40e149dbfe7c91caa2cdc842ece5392b734c140a42d0144457fa5c9355b7ebf52164202c52e8df43e250238eab1807ac0da5f8cb581db44218c4f7b546bfb202949b9d8448a31da2117c36e088c34edd44c941355d3b13eb866842417228ac74f0170c906068d9abdd3c191c3009faa472e1bc761410159e9ba330f0715b81c1bb9172567c14cbed11f756c972e31824c58f9cf02b77c661c4f7f0e75956b6fb3644bb9c032d397272a89a5532ff75f50f7063b36f61e070bf68b0d12f57e587bc514f5a4cbc1aa8e3fff1741fe81bc7f3fdd61e022aa54798047cdb5039c62150f50b6a050bf7d86c1ec9f845d5b61249953aa78b00fbd65b10940cb8fd76316efc1d3c3d2d86d86befe5c6e79c36a081f14cc413a58141bf755cfb8b116d9f695fb1e23a7ac40be60406cd7bdeabbe14b7e269762b1afb0ac7f96e2d9ab4474d904efcf063886922898f92718b52dd16c7bd81d570e9bbff0897f4ef0caf6a73b132c2fb0775176184fab59cc902bca83707e252df96dc184b5e2703ca3f6c38d60c3132504a5a4d5f4f9450a1552ce6599cb303a7e3b44ac33b5b7f0495f10c7353229997243e69d533da65c4b939ecad0bd4f9cc0f6aaca100d5a8627765ae4d8424f574bc82a25b481c7c4ef879528ecacbeec6ac4731ef9ffa4da7ec599f79079adb5095a410b9da6cc552b7ef8afabaa5802dbae8d9f14a9690b3edc2e9326c033ae2d616b6015000b6c617525010519a7ed11dd982fb3f826216900ac326597fa7c0ca0ae786a375fd0afe3f1b28d0e4778fefbad756b1bd5202175c9e75617e12fb87b15bb4071e513fb9443358bef4c271dcdc7ff724e3dbb77993be5fa3bcfe663b8c89c84a83d9293822b787bb7492104ccd12be17506d88be2420c8645acb3223782c3bd9093f0a774c1231a1644fe792621f4414965403a3eac884dee5572049f53080a4c41fcee2dabb4ea9b05dac82aba6ac17a5021238aa50f83d6b3dd377eca7c6bd30dea206e9466ac498340b135726d24cba78fd10b30bc5e446", @generic="be3e88b812de65ccb1e83b6a3212a2b2599b00a134c37b4eed334697bdd2b9a02c9073477c9505a8fd324de6db641b52957f67d27f589b4dd4a49f6b9d57997901d873705e6a7ede84089a455ba94d08620e6462f4afc42b4e342693d5f06f685cd8a14ef793081461f1d81ded7e0ed1e2c2f0c1c01cc77128405094fc22484947cc65bd0c801157fb840b24b6617fa8fb01e5c3d59546c8a181686af5ef561c33d1198b922e1947d3dc0332da85e52d2d4026a906a4f452c4dd612d91c8d850b4ecaed78621a7e0b9b18506b35540dc49fdc87494d1ce39568bed10a5b8d2c4e42fa162b46e05cee0e258db904bd3af8f3806eec1fb1d0f3fc0539cf6e87e6560b675679c5bce29f70da778e8eec46ffe827ae438177457d9253c5d04ca36e11c2ecfdb06f87db43b9b3f1a9189e2244dcd9148efdf0c6a574ab671dc50219df5f1c7834ece50159f626e6b5a6403e0abf0776ebd0657d77dfe0f3521ac3ff1181ce9d1274667b3b649efcb1303aa57414d2337dfaa80cbfe945edb58d0552487e312f17786331ac13891ea13cd4021cc430be72022101c1b22de8acc772c8a9081a55bc1e09386e4ca524ce285de11f38982d7de954675e5483e8144d60c9788e14844fa465d38851c9c55ef03a4b5cfac1192b33e9b3a9f195542041a90cd6611484b4ebe09f0f0de4662a3b6049fd7a246f1d03c2c2aefa846b2a6c26f4cdcca11102ecc726a227061b7ebde7be184a5cb0bbc9ffeb8f17beb8ccf0938b9a07f273e0406fa4e1228ceecbab04ce288c94674de1930270434d8ab576500cecc138bc12792e6f6b1c20e4fa6e76378c3c83d81fc4cde04206446b54b1418c21e34a98a4d22d309c0b8694247c45f998d19be1d95a29455e7fce1ac9ecda4d7e8b4949fcde5537efe4b7a3a407322eba3eeb6924912d307be61a42f42ad4641f940b36a529e019425b5673934197f8e98f5e49a0b850be2bb0a5d273c51ed3be995d87a6ae6a9a766bd662cff52a7ef5978a30860c2b78678d6b19878384cec8134691d12c59596bfab3d0ca484c28bce4cd41ee19586ab7258493c51fad23871f02ed920e983ff06f2da21378bf09d8c027418b4221f3648839ef37fc32e2fce337c522d6380b76a77829fe210e681b668f4bb0fd24050da003974a58d7530112a2bfae2e3e7100a5c0f68f72b158f06d3014dbd44a225b6045e0537244cc42f3930daddca75d512c8dd2fa30f8417449919e1a1c17aac2efc156d0c7ea57cc85cf4c4151256cff02617733680f2f1a479fd847fda4fabc8b5bd568b621118dd6b7205609a28736a2cccfe93468df23171af7071aa767e9334eb89e6730b98ab81c60be07338c22babd6712be7a92f880dccb725ebb2a83cc599befc55772fd36b691a8e94dc79bf0ac1c565b85a18308d1c894023e2b1b89d350a83d00e520d74a895fe741c6b75c4a52bc2300bc6c1f4c80c6e665e694844731ff74323787fd5476e5f115aa552e4d98ef62478fedcdfc52f90c89e1fd0bfb986b973dd4c92ffb4427919c3302e2062dc2aaa2d4cd2581bfb360f0ed6b9510eb52b6678f15a18e32f1a2fafc49618bc49e3b306d169fb45ec7adb826651fe55ad38dbc924976bd71de89b108cd4fde9d01d59602e450ed1d3de453a5b03c8d26fd8364fbe04303b251765d1016dd704633eefdbd4e01bed6e513f9f49d8b1e11713ac08ac26dafbfc9345b33737fc77324d460c99b1699f5bad75c820bf0d57753ecfbe91e41dac999c7869b0f4b7ffda321f401a1e89feb32d619b9bda63390372acf95359e3f76f2842b8076720d76a23035ea748f10eb41b0a56d775d3ece27db06bf45b996e33f2180ec526ae7073729f337cf122dda7311798d37b047c51c74311f93345fdd8f5265f5dca0ecc5d0a7bfeac99671d95d800c43589775db3d6fde29e3d00323be4ba0f14c9947346411b0304f4ce3197523965f747350c3c0d12e3d404e64d7250fa93edded39d37bd1e5c808c8b27e7ef28ecea8d0d718e5e928a72587008b4b7c55644b81331c99aedc65691067ef86ab98b8706ccdc3c888ab30a0e11f5ca39c715b111b5e0852797c44d453fbb9cbe0df1e1334d6984b1f3c2d4f5a62eb46d0445b846d6808df530c0630be2a22c74ec243265b10e8a3c43371d86918f5e4e55d505c7a661cd49ff9e2ac5085369199ec04b3c52a9bedd2f9b0a280efdef2754cc82834c4417c927dff4012751931ea5c04a8ac06d6dc8eacf06e85b3c6b3c0d9057de3cc9e20a215c418650cf3efbd7d718fa00184f2e19ce0c2041fd1b0af46b3afa2ea31fe3e1c3a392050ca1a2432357593cb46a89649483d93b3d90a9addeb8dc20c302608510bfb3ca16de3bee1964ad985a56aa9b6bef7f40cea001b3591a0befea9c388bde5dca746c3fc3c59c1096c7c85c3012df216f74369827197d21a0c216c0ef8f5c1c0653fd6fa5bc2e67af67631960f0bb5bb81d5da438ce9ac6df1d1d86de112107e2c6790cfaa85f4981194558c445efc4944607b99145ee920969154c79171718387300e19eed9eadb7a9be747a52abc505c004e7aecdd5f747b385f704eac84d73c86aaa65ef748b8fdac183e688b8c312aec1ee0c8855b4018a9b9f8c0804ee8fe60e69cdd7a86bba18403b8f0475b5247ebff880b3de3e39d26a3c538dc016fe2ff5182660cce10ee61120cf4fd61f3d0138ffbab0084a06caaf260abde185a5b7e36ea741815abc58728a46727f4404b1a30b049b4be47279f565d2a94704579cd5a6a1c5e8e39269a3c0991b2a1c5dfdb051f9d3d965a4090d09783417d4efa00c88d18c11c556acfe23d2d263610353c64d6938a90c3a4c9f2037bd7047e7e0054dcc24b927d451ac7b1968837a78eb7a30d251ec175cb2e2e0468b9b81cb123f71721ccdf45ee6a59ed72d2226292d3d39a8b39eb063972fe50b3e9ff105c05dc3f4a0ae0944b03836eac7bfbef4a17cd8afaba7ba621068b7b3a6ebc4a5b4db36da30baba660f15d8e2c3258b7f1f455cbfa2dd70121be5893b2d2e3abd78e8d99641ff1a90e390486cef97e925fb1f1c6cf2e34f2e52fdda47af43d8478e9457a47bfa930a73377710dac3c9e0e2231f7b37985f96863b7daca2b40694d4ef9fe2dbb446e58bc9247ea1b6684554b8df9a0d00e311358887a25dbebc216a9e52941c2a33a25974976d0cb7f1102c30b535b044ede51aaf5fa9e391172c1931023c839c56a495a34abba2adef88b5810600263fc417bfede507f8c54eeee42a3ef56f6182df240f13f326ac0af601aa668aef3e6db674a6952d334a287a269de3f5d61a4e17c6b090d5c799580e626496928f678e26623716470ccfa2846dae77800ef428d4a8692cfca36b800bad6d6c7bc9c2c3247c5b8ff0fadc5dfe8000e34a5d50941ad0905fdce7f334fbc25f96a66c3847ce15da9433343c0bb190a6840ce07e7329efd6e46300725587097ca0dffa30fc1ea612c48015c853b0ef4bf0f724a35377d7c1ca812157d98553cc7053c11aed184fc81cb13eb7b4983b6dde4067ee0ec9235658d6797cfcbd596a59029c6731fd517f7e544e925ca9f49ad7f6b60a014658a5f5d1282796c8cf25369e88680fd09afa75f303a7048c5e5c22cce909d22dba8086003114234b9e362311cfd4068bec2e87470bfb9bab028a7cf39cb49419b597796791944d7c4074061c9fe2559bb6e7e84d460e803813af31bb4bb63cdfd3de517fcb86478dff9e80c86d2651dbb788afb8982437924a1ee08949bd20aac91b32bc1220058b3cbaa897e80eb32c4ab69b9e7bd8f9f45985543655757df7074bc55bf2f230ac2e695530b49be18392a78a8a4fc5180a623f57d19ab4960b337ef488a5a04872f64c0b93d595b56f5d60fdf8b05c15516d2d63b152dbabd0a897340b4828ddb0b758dad124b61c61c7fd9e071a51c38a52b10fd4fd3072a435c990591718723ecc13160f8f16a18781d55198862fbb6ab86e071252cf4d9b99be7916aa6bec59443df62fcccc1b08b64122e4bfee358eeaf1ca403c02775f00839b94fefd0bc8dbb7bf2c38899aafc914405cf8a8c167ae43b18ab9f687ea3e00a28bfb369736b91aaf58fa10cefbccb8e549451a742cb83e94ef29f00676eaca7cd664a31a383cb1a8d0c7b67495505e4966063b9a2c281faf7fb1372579ddda8c6238d3e75b59ef17e39ee39ce02f1d93d12a95779e5ba5e96424dd7089ecbfa32df6cfd0c578cfbb20945dd81367c26eef64039fc872da9669e36ab086ffbd3ce4ebe457d8b104d4cfea99aac0ab3dca694853d96e563c64bb5098e00c37ab619f7a70d9cc07f3900904f94e18b7f94aa6226ac9628abc0b3bb2e28e78494b5673f05fb40f3728c1c92c3fe79d63b66fb8ce5f0328c6237e5d1edb953e5e0f179c60bbac8ff944f367a76d00c8de7fd7ea265ba6ff63b2ae76373acff354bee669838f71908ce4e139f3c8c621e5b4f4a532ffc2f592dce69961cd3d887b53b8175e69661362db5064c42f7cf2a4721187d1004e1cc2b8a545845bd0292cc9c6dafb54b8dba12f3c4f6106d2dc60c527d271b80cfb0b8baa639adac26fbe809d5f577222773ddb6d578b76b827119c773c512d611be4585804ddb507a22f9a7f800f698fdc821b717e779696fa3d9b5cb8bde5d8b05d053a29446791b10c7099bd5c780008d7ac6c1956311b72b3c136b064937a3c0b5ec42abe9b058196ac81ef476adcbfae9550e0d16851ecd9464307cf05b1223c9ad914a4d710903598c2b8e0ac0fba80a0f4a3143a3c5c3cfd1632ee2346fe400818f1971a1135926fd8ef03999972137ac13d8cd9c150c9a6566c993ef92aff94f63308406460e05ecb9e111f590633890bb3657cd5f4c99e37770593f750042d1c8c663b8e7c7540061085ddc929d482e5dece1f0b993d6d25bf83bcbb671f52baf545e9f111dd0351230908efc615bae3a57368d58f27a4cae279cc9fdbb5d1cb974791eca3f18d73dbe06b669ecc8d281fba514a5801780086bcaa95b8fc329a22b69d1074d5c9fe948ca44032a075e9d90de148c0cfa041c352d3175badc01191f6c6ba083157ee2c7f3459f20bc67e588897ae6c44049be6f3e7334f9944ff334b82ee50aa162b2feb27dd62261169c3ad4f98bbcdff010a0cba1a66f7e55c443bf44774079d9c91a2c7ef4df1d1121ceae632c92fdc16fa59ccfb242f1fb5741f1b510b9c201946cc4d4e3152c15d2373f0ddc716501699fd14471f2ab1e7298efabb3303e13a9733b123f095f894c4f967046dfb4d2b2d6b2bdc2cdc82f91c189d135f5724d7a94ef54d484c008cadbe0c0bd7c5d2a98422cbfe82a2fc534572b1f151e3e0bb284bdfdf01b6053590c6c3849116031545dc2e88295672d2ad7b8b7b7721c853fbdb758636e73882fc29887a7139fd9c6f4d989f4bbe4ad884b3d05007416cff9936754b54371b189d07afeecba5a993405ae04f3d4b63cb5c0e903add06c485ab4f82c3b66a0ac376cae17d2bec06cee814c4d83b68613aae2b3f00a42b67bd5e830cc2f11363feb2755667fa363e4d00251c03fbabb6fcd1b8ef68c875b1cc5d65368ba9ba7fff87dc71072b52e027e94c7d708bcb2cd502fa84811260d809f7460dcfc7c01e54fb64cb57f7301a1328bb79b064f9ade92cde0b9d97ddd33c2ec6059ef0a69ebf86f5daeedc06ae9170e8471f4cdc433495ee226dec359071baa37bd2310baeafb9c247a5baef1a58c1bc4330e42fd3929ccc553ffad21c149a22a558"]}, 0x2144}], 0x2, &(0x7f0000000400)=[@rights={{0x28, 0x1, 0x1, [r1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x14, 0x1, 0x1, [r3]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r3]}}, @cred={{0x1c, 0x1, 0x2, {r0}}}, @cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r5]}}], 0xb0, 0x9024}, 0x0) r6 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x0) ioctl$PPPIOCATTACH(r6, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:31 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x0, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:31 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3299.570844][ T419] syz-executor.3 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 3299.610086][ T419] CPU: 0 PID: 419 Comm: syz-executor.3 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3299.620100][ T419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3299.630162][ T419] Call Trace: [ 3299.633479][ T419] dump_stack+0x14a/0x1ce [ 3299.637821][ T419] ? devkmsg_release+0x11c/0x11c [ 3299.642785][ T419] ? show_regs_print_info+0x12/0x12 [ 3299.647988][ T419] ? radix_tree_cpu_dead+0x160/0x160 [ 3299.653293][ T419] ? _raw_spin_lock+0xa1/0x170 [ 3299.658143][ T419] ? _raw_spin_trylock_bh+0x190/0x190 [ 3299.663539][ T419] dump_header+0xdb/0x700 [ 3299.667867][ T419] oom_kill_process+0xd3/0x280 [ 3299.672624][ T419] out_of_memory+0x5b6/0x890 [ 3299.677220][ T419] ? unregister_oom_notifier+0x20/0x20 [ 3299.682697][ T419] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3299.688256][ T419] ? get_page_from_freelist+0x7c0/0x7c0 [ 3299.693980][ T419] ? __zone_watermark_ok+0x91/0x280 [ 3299.699187][ T419] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3299.704581][ T419] ? __kasan_slab_free+0x181/0x230 [ 3299.709714][ T419] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3299.715274][ T419] ? avc_has_perm_noaudit+0x30c/0x400 [ 3299.720666][ T419] ? avc_denied+0x1c0/0x1c0 [ 3299.725181][ T419] alloc_slab_page+0x3a/0x3a0 [ 3299.729865][ T419] new_slab+0x408/0x450 [ 3299.734022][ T419] ? should_fail+0x18e/0x860 [ 3299.738620][ T419] ___slab_alloc+0x2e0/0x450 [ 3299.743235][ T419] ? getname_flags+0xb8/0x610 [ 3299.747908][ T419] ? getname_flags+0xb8/0x610 [ 3299.752595][ T419] kmem_cache_alloc+0x23f/0x260 [ 3299.757579][ T419] getname_flags+0xb8/0x610 [ 3299.763255][ T419] user_path_mountpoint_at+0x22/0x40 [ 3299.768559][ T419] ksys_umount+0x167/0xff0 [ 3299.772966][ T419] ? vfs_unlink+0x30/0x30 [ 3299.777314][ T419] ? namespace_unlock+0x4e0/0x4e0 [ 3299.782870][ T419] ? getname_flags+0x20d/0x610 [ 3299.787625][ T419] __x64_sys_umount+0x56/0x60 [ 3299.792306][ T419] do_syscall_64+0xcb/0x150 [ 3299.796805][ T419] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3299.802692][ T419] RIP: 0033:0x45f257 [ 3299.806592][ T419] Code: 64 89 04 25 d0 02 00 00 58 5f ff d0 48 89 c7 e8 8f be ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 ad 8c fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3299.826403][ T419] RSP: 002b:00007ffe0c13b0c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 3299.834815][ T419] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045f257 [ 3299.842794][ T419] RDX: 0000000000402ff8 RSI: 0000000000000002 RDI: 00007ffe0c13b170 [ 3299.850861][ T419] RBP: 00000000000048bb R08: 0000000000000000 R09: 0000000000000011 [ 3299.858829][ T419] R10: 000000000000000a R11: 0000000000000246 R12: 00007ffe0c13c200 [ 3299.866796][ T419] R13: 000000000183e940 R14: 0000000000000000 R15: 00007ffe0c13c200 [ 3299.943182][ T419] Mem-Info: [ 3299.946513][ T419] active_anon:1405259 inactive_anon:10799 isolated_anon:0 [ 3299.946513][ T419] active_file:299 inactive_file:280 isolated_file:43 [ 3299.946513][ T419] unevictable:0 dirty:12 writeback:15 unstable:0 [ 3299.946513][ T419] slab_reclaimable:10357 slab_unreclaimable:90330 [ 3299.946513][ T419] mapped:57099 shmem:14896 pagetables:31749 bounce:0 [ 3299.946513][ T419] free:13572 free_pcp:84 free_cma:0 [ 3299.985902][ T419] Node 0 active_anon:5621036kB inactive_anon:43196kB active_file:1096kB inactive_file:1020kB unevictable:0kB isolated(anon):0kB isolated(file):172kB mapped:228296kB dirty:48kB writeback:60kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3300.021289][ T419] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3300.066364][ T419] lowmem_reserve[]: 0 2912 6416 6416 [ 3300.072618][ T419] DMA32 free:33900kB min:20548kB low:23528kB high:26508kB active_anon:2794920kB inactive_anon:2724kB active_file:840kB inactive_file:932kB unevictable:0kB writepending:176kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11040kB pagetables:22752kB bounce:0kB free_pcp:80kB local_pcp:0kB free_cma:0kB [ 3300.115211][ T419] lowmem_reserve[]: 0 0 3504 3504 [ 3300.147544][ T419] Normal free:6500kB min:9688kB low:13276kB high:16864kB active_anon:2826116kB inactive_anon:40472kB active_file:240kB inactive_file:116kB unevictable:0kB writepending:32kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27872kB pagetables:104244kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 3300.186356][ T419] lowmem_reserve[]: 0 0 0 0 [ 3300.191265][ T419] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3300.204972][ T419] DMA32: 980*4kB (UMEH) 790*8kB (UMH) 1007*16kB (UMEH) 210*32kB (UMH) 23*64kB (UMH) 2*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 34800kB [ 3300.220242][ T419] Normal: 677*4kB (UMEH) 110*8kB (UMEH) 44*16kB (UMEH) 40*32kB (UMEH) 3*64kB (MEH) 3*128kB (MH) 3*256kB (H) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6916kB [ 3300.235793][ T419] 15020 total pagecache pages [ 3300.240647][ T419] 0 pages in swap cache [ 3300.245065][ T419] Swap cache stats: add 0, delete 0, find 0/0 [ 3300.251379][ T419] Free swap = 0kB [ 3300.255325][ T419] Total swap = 0kB [ 3300.259223][ T419] 1965979 pages RAM [ 3300.263273][ T419] 0 pages HighMem/MovableOnly [ 3300.268118][ T419] 318830 pages reserved [ 3300.272302][ T419] 0 pages cma reserved [ 3300.276399][ T419] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=617,uid=0 [ 3300.290583][ T419] Out of memory: Killed process 617 (syz-executor.0) total-vm:75364kB, anon-rss:16572kB, file-rss:34700kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3300.312490][ T23] oom_reaper: reaped process 617 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:20:32 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:32 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x0, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:32 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() keyctl$get_security(0x11, 0x0, &(0x7f0000000200)=""/232, 0xe8) sched_setattr(r0, &(0x7f0000000040)={0xffffff26, 0x2, 0x10000000, 0x0, 0xa}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) getsockopt$sock_int(r4, 0x1, 0x29, &(0x7f0000000180), &(0x7f00000001c0)=0x4) fcntl$getownex(r4, 0x10, &(0x7f0000000100)={0x0, 0x0}) sched_setattr(r5, &(0x7f0000000080)={0x38, 0x2, 0x18000019, 0x0, 0x7ff, 0x6, 0x419, 0x0, 0x0, 0xffffffff}, 0x0) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0) 01:20:32 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) ioctl$sock_SIOCSIFVLAN_SET_VLAN_EGRESS_PRIORITY_CMD(r1, 0x8983, &(0x7f0000000100)={0x3, 'vcan0\x00', {0x8}, 0x137}) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x1, 0x3, 0x0, 0x4, 0x0, 0x4000000}, 0x0) r4 = open(0x0, 0x141042, 0x124b9b3769242ac2) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) dup(r5) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f0000000180)={0x0, r5, 0x0, 0x1ff, 0x3c4a, 0xfffffffffffffff9}) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r6, &(0x7f0000000500), 0x37d, 0x0) [ 3301.187450][ T625] syz-executor.5 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3301.209993][ T625] CPU: 1 PID: 625 Comm: syz-executor.5 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3301.219985][ T625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3301.230033][ T625] Call Trace: [ 3301.233335][ T625] dump_stack+0x14a/0x1ce [ 3301.237672][ T625] ? devkmsg_release+0x11c/0x11c [ 3301.242618][ T625] ? show_regs_print_info+0x12/0x12 [ 3301.247813][ T625] ? radix_tree_cpu_dead+0x160/0x160 [ 3301.253356][ T625] ? _raw_spin_lock+0xa1/0x170 [ 3301.258361][ T625] ? _raw_spin_trylock_bh+0x190/0x190 [ 3301.263737][ T625] dump_header+0xdb/0x700 [ 3301.268094][ T625] oom_kill_process+0xd3/0x280 [ 3301.273111][ T625] out_of_memory+0x5b6/0x890 [ 3301.277691][ T625] ? unregister_oom_notifier+0x20/0x20 [ 3301.283142][ T625] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3301.288721][ T625] ? get_page_from_freelist+0x7c0/0x7c0 [ 3301.294278][ T625] ? __zone_watermark_ok+0x91/0x280 [ 3301.299473][ T625] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3301.304837][ T625] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3301.310374][ T625] ? copy_process+0x5a4/0x5110 [ 3301.315216][ T625] ? copy_process+0x5a4/0x5110 [ 3301.319968][ T625] ? kmem_cache_alloc+0x1d5/0x260 [ 3301.324999][ T625] copy_process+0x5f3/0x5110 [ 3301.329629][ T625] ? get_mem_cgroup_from_mm+0x27b/0x2c0 [ 3301.335174][ T625] ? _raw_spin_lock+0xa1/0x170 [ 3301.339929][ T625] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 3301.345719][ T625] ? fork_idle+0x290/0x290 [ 3301.350118][ T625] ? _raw_spin_unlock+0x5/0x20 [ 3301.354870][ T625] ? handle_mm_fault+0xb16/0x40a0 [ 3301.359894][ T625] _do_fork+0x196/0x920 [ 3301.364042][ T625] ? dup_mm+0x300/0x300 [ 3301.368185][ T625] ? do_mmap+0x9ad/0x1060 [ 3301.372510][ T625] __x64_sys_clone+0x25f/0x2c0 [ 3301.377286][ T625] ? __ia32_sys_vfork+0x110/0x110 [ 3301.382309][ T625] ? do_user_addr_fault+0x55c/0x9f0 [ 3301.387529][ T625] do_syscall_64+0xcb/0x150 [ 3301.392035][ T625] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3301.397941][ T625] RIP: 0033:0x45f1f9 [ 3301.401831][ T625] Code: ff 48 85 f6 0f 84 37 8d fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 0e 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 3301.421430][ T625] RSP: 002b:00007ffc86121e48 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 3301.429838][ T625] RAX: ffffffffffffffda RBX: 00007f0c79517700 RCX: 000000000045f1f9 [ 3301.437806][ T625] RDX: 00007f0c795179d0 RSI: 00007f0c79516db0 RDI: 00000000003d0f00 [ 3301.445787][ T625] RBP: 00007ffc86122070 R08: 00007f0c79517700 R09: 00007f0c79517700 [ 3301.453861][ T625] R10: 00007f0c795179d0 R11: 0000000000000202 R12: 0000000000000000 [ 3301.463743][ T625] R13: 00007ffc86121eff R14: 00007f0c795179c0 R15: 000000000078c04c [ 3301.528431][ T625] Mem-Info: [ 3301.569206][ T625] active_anon:1402254 inactive_anon:10799 isolated_anon:0 [ 3301.569206][ T625] active_file:638 inactive_file:713 isolated_file:77 [ 3301.569206][ T625] unevictable:0 dirty:11 writeback:0 unstable:0 [ 3301.569206][ T625] slab_reclaimable:10348 slab_unreclaimable:90635 [ 3301.569206][ T625] mapped:57658 shmem:14896 pagetables:31773 bounce:0 [ 3301.569206][ T625] free:15288 free_pcp:334 free_cma:0 [ 3301.705545][ T625] Node 0 active_anon:5613416kB inactive_anon:43196kB active_file:3488kB inactive_file:4328kB unevictable:0kB isolated(anon):0kB isolated(file):360kB mapped:233332kB dirty:44kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3301.751423][ T625] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3301.799200][ T625] lowmem_reserve[]: 0 2912 6416 6416 [ 3301.807913][ T625] DMA32 free:29616kB min:20548kB low:23528kB high:26508kB active_anon:2793724kB inactive_anon:2724kB active_file:2092kB inactive_file:2748kB unevictable:0kB writepending:20kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11168kB pagetables:22624kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3301.899752][ T625] lowmem_reserve[]: 0 0 3504 3504 [ 3301.932010][ T625] Normal free:5964kB min:5592kB low:9180kB high:12768kB active_anon:2825296kB inactive_anon:40472kB active_file:396kB inactive_file:716kB unevictable:0kB writepending:36kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27936kB pagetables:104260kB bounce:0kB free_pcp:796kB local_pcp:428kB free_cma:0kB [ 3301.963115][ T625] lowmem_reserve[]: 0 0 0 0 [ 3301.968715][ T625] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3302.011195][ T625] DMA32: 224*4kB (UMEH) 409*8kB (UMEH) 1095*16kB (UMEH) 231*32kB (UMEH) 22*64kB (UMH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 30488kB [ 3302.030332][ T625] Normal: 456*4kB (UMEH) 70*8kB (UMEH) 27*16kB (UEH) 41*32kB (UMEH) 5*64kB (MEH) 2*128kB (M) 3*256kB (H) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5472kB [ 3302.046875][ T625] 15382 total pagecache pages [ 3302.052355][ T625] 0 pages in swap cache [ 3302.057643][ T625] Swap cache stats: add 0, delete 0, find 0/0 [ 3302.064660][ T625] Free swap = 0kB [ 3302.068746][ T625] Total swap = 0kB [ 3302.072739][ T625] 1965979 pages RAM [ 3302.077025][ T625] 0 pages HighMem/MovableOnly [ 3302.082105][ T625] 318830 pages reserved [ 3302.087408][ T625] 0 pages cma reserved [ 3302.091999][ T625] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=629,uid=0 [ 3302.227748][ T678] syz-executor.2 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 3302.241246][ T678] CPU: 0 PID: 678 Comm: syz-executor.2 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3302.251241][ T678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3302.261342][ T678] Call Trace: [ 3302.264646][ T678] dump_stack+0x14a/0x1ce [ 3302.268982][ T678] ? devkmsg_release+0x11c/0x11c [ 3302.274015][ T678] ? show_regs_print_info+0x12/0x12 [ 3302.279219][ T678] ? radix_tree_cpu_dead+0x160/0x160 [ 3302.284505][ T678] ? _raw_spin_lock+0xa1/0x170 [ 3302.289273][ T678] ? _raw_spin_trylock_bh+0x190/0x190 [ 3302.294663][ T678] dump_header+0xdb/0x700 [ 3302.299015][ T678] oom_kill_process+0xd3/0x280 [ 3302.303770][ T678] out_of_memory+0x5b6/0x890 [ 3302.308368][ T678] ? unregister_oom_notifier+0x20/0x20 [ 3302.313825][ T678] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3302.320602][ T678] ? get_page_from_freelist+0x7c0/0x7c0 [ 3302.326174][ T678] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3302.331719][ T678] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3302.337361][ T678] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 3302.343453][ T678] ? __perf_event_task_sched_in+0x4f7/0x560 [ 3302.349344][ T678] wp_page_copy+0x1cb/0x1120 [ 3302.353934][ T678] ? add_mm_rss_vec+0x270/0x270 [ 3302.358797][ T678] ? __schedule+0x920/0xef0 [ 3302.363298][ T678] ? vm_normal_page+0x1c9/0x1d0 [ 3302.368235][ T678] do_wp_page+0x4c1/0x1530 [ 3302.372670][ T678] ? _raw_spin_lock+0xa1/0x170 [ 3302.377431][ T678] ? do_swap_page+0x1560/0x1560 [ 3302.382279][ T678] handle_mm_fault+0x1354/0x40a0 [ 3302.387218][ T678] ? finish_fault+0x230/0x230 [ 3302.391896][ T678] ? __up_read+0x1b0/0x1b0 [ 3302.396304][ T678] ? vmacache_find+0x47a/0x4b0 [ 3302.401238][ T678] do_user_addr_fault+0x48a/0x9f0 [ 3302.406624][ T678] page_fault+0x2f/0x40 [ 3302.410789][ T678] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 3302.417366][ T678] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 3302.436963][ T678] RSP: 0018:ffff88807f8df888 EFLAGS: 00010206 [ 3302.443043][ T678] RAX: ffffffff81f75001 RBX: 0000000020342500 RCX: 0000000000000500 [ 3302.451375][ T678] RDX: 0000000000001000 RSI: ffff888085878b00 RDI: 0000000020342000 [ 3302.459356][ T678] RBP: ffff88807f8dfda8 R08: dffffc0000000000 R09: ffffed1010b0f200 [ 3302.467415][ T678] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 3302.475481][ T678] R13: 0000000000001000 R14: ffff888085878000 R15: 0000000020341500 [ 3302.483470][ T678] ? copyout+0x1/0xb0 [ 3302.487485][ T678] copyout+0x8e/0xb0 [ 3302.491415][ T678] copy_page_to_iter+0x393/0xbd0 [ 3302.496377][ T678] pipe_to_user+0xa3/0x130 [ 3302.500832][ T678] __splice_from_pipe+0x2d3/0x870 [ 3302.505863][ T678] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 3302.511410][ T678] do_vmsplice+0x252/0xee0 [ 3302.515913][ T678] ? avc_ss_reset+0x3a0/0x3a0 [ 3302.520607][ T678] ? write_pipe_buf+0x1d0/0x1d0 [ 3302.525552][ T678] ? __rcu_read_lock+0x50/0x50 [ 3302.530317][ T678] ? check_stack_object+0x5a/0x90 [ 3302.535344][ T678] ? _copy_from_user+0xa4/0xe0 [ 3302.540110][ T678] ? rw_copy_check_uvector+0x2b3/0x310 [ 3302.545575][ T678] ? import_iovec+0x1c2/0x380 [ 3302.550260][ T678] ? dup_iter+0x110/0x110 [ 3302.554606][ T678] ? do_vfs_ioctl+0x780/0x1750 [ 3302.559368][ T678] __se_sys_vmsplice+0x1fb/0x300 [ 3302.564311][ T678] ? __x64_sys_vmsplice+0xa0/0xa0 [ 3302.569343][ T678] ? put_timespec64+0x109/0x150 [ 3302.574213][ T678] ? __x64_sys_clock_gettime+0x20d/0x260 [ 3302.579869][ T678] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 3302.585684][ T678] do_syscall_64+0xcb/0x150 [ 3302.590198][ T678] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3302.596103][ T678] RIP: 0033:0x45c829 [ 3302.600004][ T678] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3302.619688][ T678] RSP: 002b:00007f4d7fc9bc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 3302.628101][ T678] RAX: ffffffffffffffda RBX: 0000000000509d00 RCX: 000000000045c829 [ 3302.636072][ T678] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004 [ 3302.644042][ T678] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 3302.652031][ T678] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3302.660001][ T678] R13: 0000000000000c49 R14: 00000000004ce70e R15: 00007f4d7fc9c6d4 [ 3302.686470][ T678] Mem-Info: [ 3302.689987][ T678] active_anon:1407375 inactive_anon:10799 isolated_anon:0 [ 3302.689987][ T678] active_file:280 inactive_file:323 isolated_file:72 [ 3302.689987][ T678] unevictable:0 dirty:4 writeback:0 unstable:0 [ 3302.689987][ T678] slab_reclaimable:10349 slab_unreclaimable:90585 [ 3302.689987][ T678] mapped:56878 shmem:14896 pagetables:31727 bounce:0 [ 3302.689987][ T678] free:11295 free_pcp:0 free_cma:0 [ 3302.735227][ T678] Node 0 active_anon:5629700kB inactive_anon:43196kB active_file:1220kB inactive_file:1140kB unevictable:0kB isolated(anon):0kB isolated(file):68kB mapped:227512kB dirty:16kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3302.760273][ T678] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3302.786497][ T678] lowmem_reserve[]: 0 2912 6416 6416 [ 3302.792157][ T678] DMA32 free:23816kB min:4644kB low:7624kB high:10604kB active_anon:2802392kB inactive_anon:2724kB active_file:840kB inactive_file:1192kB unevictable:0kB writepending:80kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11072kB pagetables:22648kB bounce:0kB free_pcp:1064kB local_pcp:0kB free_cma:0kB [ 3302.822991][ T678] lowmem_reserve[]: 0 0 3504 3504 [ 3302.828326][ T678] Normal free:5460kB min:5592kB low:9180kB high:12768kB active_anon:2826808kB inactive_anon:40472kB active_file:396kB inactive_file:208kB unevictable:0kB writepending:36kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27936kB pagetables:104260kB bounce:0kB free_pcp:300kB local_pcp:32kB free_cma:0kB [ 3302.858763][ T678] lowmem_reserve[]: 0 0 0 0 [ 3302.864304][ T678] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3302.878526][ T678] DMA32: 176*4kB (UMH) 436*8kB (UMH) 882*16kB (UMEH) 155*32kB (UMEH) 10*64kB (UH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 23904kB [ 3302.893747][ T678] Normal: 388*4kB (UMEH) 64*8kB (UEH) 27*16kB (UEH) 36*32kB (UMEH) 6*64kB (MEH) 3*128kB (MH) 2*256kB (H) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4928kB [ 3302.909061][ T678] 15282 total pagecache pages [ 3302.913886][ T678] 0 pages in swap cache [ 3302.918166][ T678] Swap cache stats: add 0, delete 0, find 0/0 [ 3302.924838][ T678] Free swap = 0kB [ 3302.928751][ T678] Total swap = 0kB [ 3302.932699][ T678] 1965979 pages RAM [ 3302.936735][ T678] 0 pages HighMem/MovableOnly [ 3302.941549][ T678] 318830 pages reserved [ 3302.954231][ T678] 0 pages cma reserved [ 3302.961811][ T678] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=658,uid=0 [ 3302.975934][ T678] Out of memory: Killed process 663 (syz-executor.0) total-vm:75628kB, anon-rss:16592kB, file-rss:35640kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 3302.994401][ T23] oom_reaper: reaped process 663 (syz-executor.0), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB [ 3303.714262][T24211] kworker/u4:2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 3303.726208][T24211] CPU: 1 PID: 24211 Comm: kworker/u4:2 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3303.736219][T24211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3303.746291][T24211] Workqueue: events_unbound call_usermodehelper_exec_work [ 3303.753398][T24211] Call Trace: [ 3303.756699][T24211] dump_stack+0x14a/0x1ce [ 3303.761123][T24211] ? devkmsg_release+0x11c/0x11c [ 3303.766068][T24211] ? show_regs_print_info+0x12/0x12 [ 3303.771278][T24211] ? radix_tree_cpu_dead+0x160/0x160 [ 3303.776581][T24211] ? _raw_spin_lock+0xa1/0x170 [ 3303.781355][T24211] ? _raw_spin_trylock_bh+0x190/0x190 [ 3303.786741][T24211] dump_header+0xdb/0x700 [ 3303.791080][T24211] oom_kill_process+0xd3/0x280 [ 3303.795847][T24211] out_of_memory+0x5b6/0x890 [ 3303.800444][T24211] ? unregister_oom_notifier+0x20/0x20 [ 3303.805990][T24211] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3303.811540][T24211] ? get_page_from_freelist+0x7c0/0x7c0 [ 3303.817188][T24211] ? worker_thread+0xa8f/0x1430 [ 3303.822047][T24211] ? __zone_watermark_ok+0x91/0x280 [ 3303.827270][T24211] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3303.832641][T24211] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3303.838169][T24211] ? copy_process+0x5a4/0x5110 [ 3303.842914][T24211] ? kmem_cache_alloc+0x1d5/0x260 [ 3303.847918][T24211] copy_process+0x5f3/0x5110 [ 3303.852504][T24211] ? _raw_spin_lock+0x170/0x170 [ 3303.857362][T24211] ? fork_idle+0x290/0x290 [ 3303.861895][T24211] ? wb_workfn+0x850/0x850 [ 3303.866435][T24211] ? ptr_to_hashval+0x60/0x60 [ 3303.871110][T24211] ? __perf_event_task_sched_in+0x4f7/0x560 [ 3303.877003][T24211] _do_fork+0x196/0x920 [ 3303.881161][T24211] ? dup_mm+0x300/0x300 [ 3303.885302][T24211] ? _raw_spin_lock_irq+0xa2/0x180 [ 3303.890477][T24211] kernel_thread+0x162/0x1d0 [ 3303.895118][T24211] ? proc_cap_handler+0x580/0x580 [ 3303.900134][T24211] ? legacy_clone_args_valid+0x50/0x50 [ 3303.905572][T24211] ? kernel_sigaction+0x11b/0x200 [ 3303.910577][T24211] ? proc_cap_handler+0x580/0x580 [ 3303.915694][T24211] ? _raw_spin_unlock_irq+0x5/0x20 [ 3303.920808][T24211] ? finish_task_switch+0x235/0x4c0 [ 3303.926020][T24211] call_usermodehelper_exec_work+0xe0/0x350 [ 3303.931903][T24211] ? call_usermodehelper_setup+0x210/0x210 [ 3303.937696][T24211] ? read_word_at_a_time+0xe/0x20 [ 3303.942725][T24211] ? strscpy+0xa6/0x260 [ 3303.946957][T24211] process_one_work+0x777/0xf90 [ 3303.951799][T24211] worker_thread+0xa8f/0x1430 [ 3303.956483][T24211] kthread+0x2df/0x300 [ 3303.960586][T24211] ? process_one_work+0xf90/0xf90 [ 3303.967108][T24211] ? kthread_destroy_worker+0x280/0x280 [ 3303.972660][T24211] ret_from_fork+0x1f/0x30 [ 3303.977765][T24211] Mem-Info: [ 3303.980893][T24211] active_anon:1408221 inactive_anon:10799 isolated_anon:0 [ 3303.980893][T24211] active_file:1 inactive_file:44 isolated_file:0 [ 3303.980893][T24211] unevictable:0 dirty:0 writeback:8 unstable:0 [ 3303.980893][T24211] slab_reclaimable:10350 slab_unreclaimable:90637 [ 3303.980893][T24211] mapped:56558 shmem:14896 pagetables:31760 bounce:0 [ 3303.980893][T24211] free:11120 free_pcp:78 free_cma:0 [ 3304.018648][T24211] Node 0 active_anon:5632884kB inactive_anon:43196kB active_file:4kB inactive_file:176kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:226232kB dirty:0kB writeback:32kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3304.042578][T24211] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3304.068586][T24211] lowmem_reserve[]: 0 2912 6416 6416 [ 3304.073930][T24211] DMA32 free:22672kB min:4644kB low:7624kB high:10604kB active_anon:2806168kB inactive_anon:2724kB active_file:0kB inactive_file:160kB unevictable:0kB writepending:20kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11072kB pagetables:22652kB bounce:0kB free_pcp:364kB local_pcp:0kB free_cma:0kB [ 3304.109271][T24211] lowmem_reserve[]: 0 0 3504 3504 [ 3304.114405][T24211] Normal free:5368kB min:5592kB low:9180kB high:12768kB active_anon:2826716kB inactive_anon:40472kB active_file:12kB inactive_file:16kB unevictable:0kB writepending:12kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27840kB pagetables:104388kB bounce:0kB free_pcp:116kB local_pcp:0kB free_cma:0kB [ 3304.152978][T24211] lowmem_reserve[]: 0 0 0 0 [ 3304.158488][T24211] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3304.179407][T24211] DMA32: 200*4kB (UME) 367*8kB (UM) 851*16kB (UME) 148*32kB (UME) 10*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 22728kB [ 3304.193907][T24211] Normal: 417*4kB (UME) 59*8kB (UME) 27*16kB (UME) 42*32kB (UME) 6*64kB (UME) 3*128kB (UM) 2*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5196kB [ 3304.208938][T24211] 15308 total pagecache pages [ 3304.213660][T24211] 0 pages in swap cache [ 3304.217814][T24211] Swap cache stats: add 0, delete 0, find 0/0 [ 3304.224066][T24211] Free swap = 0kB [ 3304.227803][T24211] Total swap = 0kB [ 3304.231515][T24211] 1965979 pages RAM [ 3304.235367][T24211] 0 pages HighMem/MovableOnly [ 3304.240048][T24211] 318830 pages reserved [ 3304.244213][T24211] 0 pages cma reserved [ 3304.249323][T24211] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=681,uid=0 [ 3304.263263][T24211] Out of memory: Killed process 681 (syz-executor.0) total-vm:75496kB, anon-rss:16580kB, file-rss:34624kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 01:20:36 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:36 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:36 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) sendmsg$TIPC_CMD_SET_LINK_WINDOW(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="688cac00", @ANYRES16=0x0, @ANYBLOB="0101000000000000000001000000000000000b400000004c00180000000062726f6164636173742d6c696e6b00"/98], 0x68}, 0x1, 0x0, 0x0, 0x40014}, 0x0) sendmsg$TIPC_CMD_SET_LINK_PRI(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="680000009e178114114b6f", @ANYRES16=0x0, @ANYBLOB="20002dbd7000fedbdf25010000000000000008410000004c0018000089cd62726f6164636173742d6c696e6b00"/98], 0x68}, 0x1, 0x0, 0x0, 0x2404c041}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000200)=0x2) 01:20:36 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() keyctl$get_security(0x11, 0x0, &(0x7f0000000200)=""/232, 0xe8) sched_setattr(r0, &(0x7f0000000040)={0xffffff26, 0x2, 0x10000000, 0x0, 0xa}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff}) getsockopt$sock_int(r4, 0x1, 0x29, &(0x7f0000000180), &(0x7f00000001c0)=0x4) fcntl$getownex(r4, 0x10, &(0x7f0000000100)={0x0, 0x0}) sched_setattr(r5, &(0x7f0000000080)={0x38, 0x2, 0x18000019, 0x0, 0x7ff, 0x6, 0x419, 0x0, 0x0, 0xffffffff}, 0x0) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0) [ 3304.524578][ T691] syz-executor.2 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 3304.556646][ T691] CPU: 1 PID: 691 Comm: syz-executor.2 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3304.566657][ T691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3304.576720][ T691] Call Trace: [ 3304.580019][ T691] dump_stack+0x14a/0x1ce [ 3304.584344][ T691] ? devkmsg_release+0x11c/0x11c [ 3304.589509][ T691] ? show_regs_print_info+0x12/0x12 [ 3304.594761][ T691] ? radix_tree_cpu_dead+0x160/0x160 [ 3304.600075][ T691] ? _raw_spin_lock+0xa1/0x170 [ 3304.604855][ T691] ? _raw_spin_trylock_bh+0x190/0x190 [ 3304.610429][ T691] dump_header+0xdb/0x700 [ 3304.614940][ T691] oom_kill_process+0xd3/0x280 [ 3304.619700][ T691] out_of_memory+0x5b6/0x890 [ 3304.625779][ T691] ? unregister_oom_notifier+0x20/0x20 [ 3304.631250][ T691] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3304.636822][ T691] ? get_page_from_freelist+0x7c0/0x7c0 [ 3304.642378][ T691] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3304.648014][ T691] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3304.653593][ T691] handle_mm_fault+0x1689/0x40a0 [ 3304.658544][ T691] ? finish_fault+0x230/0x230 [ 3304.663246][ T691] ? do_mmap+0x9ad/0x1060 [ 3304.667582][ T691] ? up_read+0x10/0x10 [ 3304.671648][ T691] ? __up_read+0x1b0/0x1b0 [ 3304.676061][ T691] ? vmacache_update+0x9f/0xf0 [ 3304.680823][ T691] do_user_addr_fault+0x48a/0x9f0 [ 3304.685845][ T691] page_fault+0x2f/0x40 [ 3304.689992][ T691] RIP: 0033:0x41407f [ 3304.693901][ T691] Code: 0f 84 c8 02 00 00 48 83 bd 78 ff ff ff 00 0f 84 f9 04 00 00 48 8b 95 68 ff ff ff 44 89 95 38 ff ff ff 4c 8d ac 10 00 f7 ff ff <49> 89 85 90 06 00 00 49 8d 85 10 03 00 00 49 89 95 98 06 00 00 41 [ 3304.713583][ T691] RSP: 002b:00007fffeefa3d40 EFLAGS: 00010206 [ 3304.719641][ T691] RAX: 00007f4d7fc9d000 RBX: 0000000000020000 RCX: 000000000045c87a [ 3304.727716][ T691] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 3304.735685][ T691] RBP: 00007fffeefa3e20 R08: ffffffffffffffff R09: 0000000000000000 [ 3304.743656][ T691] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffeefa3f20 [ 3304.751635][ T691] R13: 00007f4d7fcbd700 R14: 000000000000081e R15: 000000000078bfac [ 3304.792870][ T691] Mem-Info: [ 3304.796324][ T691] active_anon:1405596 inactive_anon:10799 isolated_anon:0 [ 3304.796324][ T691] active_file:522 inactive_file:525 isolated_file:66 [ 3304.796324][ T691] unevictable:0 dirty:50 writeback:8 unstable:0 [ 3304.796324][ T691] slab_reclaimable:10350 slab_unreclaimable:90534 [ 3304.796324][ T691] mapped:57633 shmem:14896 pagetables:31760 bounce:0 [ 3304.796324][ T691] free:12378 free_pcp:119 free_cma:0 [ 3304.839767][ T691] Node 0 active_anon:5622384kB inactive_anon:43196kB active_file:2088kB inactive_file:1928kB unevictable:0kB isolated(anon):0kB isolated(file):268kB mapped:230032kB dirty:200kB writeback:32kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3304.864881][ T691] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3304.894638][ T691] lowmem_reserve[]: 0 2912 6416 6416 [ 3304.922900][ T691] DMA32 free:31496kB min:20548kB low:23528kB high:26508kB active_anon:2796076kB inactive_anon:2724kB active_file:1040kB inactive_file:1340kB unevictable:0kB writepending:176kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11168kB pagetables:22940kB bounce:0kB free_pcp:28kB local_pcp:28kB free_cma:0kB [ 3304.985793][ T691] lowmem_reserve[]: 0 0 3504 3504 [ 3304.992304][ T691] Normal free:5564kB min:9688kB low:13276kB high:16864kB active_anon:2826428kB inactive_anon:40472kB active_file:500kB inactive_file:28kB unevictable:0kB writepending:12kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27904kB pagetables:104172kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3305.042681][ T691] lowmem_reserve[]: 0 0 0 0 [ 3305.059039][ T691] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3305.087928][ T691] DMA32: 151*4kB (UME) 763*8kB (UME) 1040*16kB (UME) 175*32kB (UME) 11*64kB (UME) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 29652kB [ 3305.104541][ T691] Normal: 678*4kB (UMEH) 86*8kB (UME) 35*16kB (UME) 41*32kB (UME) 2*64kB (ME) 2*128kB (M) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5912kB [ 3305.142000][ T691] 15072 total pagecache pages [ 3305.153000][ T691] 0 pages in swap cache [ 3305.157361][ T691] Swap cache stats: add 0, delete 0, find 0/0 [ 3305.163692][ T691] Free swap = 0kB [ 3305.167651][ T691] Total swap = 0kB [ 3305.171652][ T691] 1965979 pages RAM [ 3305.175855][ T691] 0 pages HighMem/MovableOnly [ 3305.180770][ T691] 318830 pages reserved [ 3305.185413][ T691] 0 pages cma reserved [ 3305.190331][ T691] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=31960,uid=0 [ 3305.205242][ T691] Out of memory: Killed process 31960 (syz-executor.0) total-vm:75364kB, anon-rss:16572kB, file-rss:34632kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3305.433526][ T205] systemd-journal invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 3305.462148][ T205] CPU: 1 PID: 205 Comm: systemd-journal Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3305.472741][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3305.483825][ T205] Call Trace: [ 3305.487157][ T205] dump_stack+0x14a/0x1ce [ 3305.491531][ T205] ? devkmsg_release+0x11c/0x11c [ 3305.496569][ T205] ? show_regs_print_info+0x12/0x12 [ 3305.501881][ T205] ? radix_tree_cpu_dead+0x160/0x160 [ 3305.507175][ T205] ? _raw_spin_lock+0xa1/0x170 [ 3305.511953][ T205] ? _raw_spin_trylock_bh+0x190/0x190 [ 3305.518155][ T205] dump_header+0xdb/0x700 [ 3305.522499][ T205] oom_kill_process+0xd3/0x280 [ 3305.527278][ T205] out_of_memory+0x5b6/0x890 [ 3305.532110][ T205] ? unregister_oom_notifier+0x20/0x20 [ 3305.537579][ T205] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3305.543157][ T205] ? get_page_from_freelist+0x7c0/0x7c0 [ 3305.548708][ T205] ? __zone_watermark_ok+0x91/0x280 [ 3305.553911][ T205] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3305.559291][ T205] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3305.564835][ T205] ? __secure_computing+0x250/0x250 [ 3305.570299][ T205] alloc_slab_page+0x3a/0x3a0 [ 3305.574984][ T205] new_slab+0x408/0x450 [ 3305.579142][ T205] ___slab_alloc+0x2e0/0x450 [ 3305.583737][ T205] ? slab_free_freelist_hook+0xd0/0x150 [ 3305.589284][ T205] ? getname_flags+0xb8/0x610 [ 3305.593961][ T205] ? getname_flags+0xb8/0x610 [ 3305.598635][ T205] kmem_cache_alloc+0x23f/0x260 [ 3305.603484][ T205] ? __secure_computing+0x1b6/0x250 [ 3305.608696][ T205] getname_flags+0xb8/0x610 [ 3305.613197][ T205] do_mkdirat+0xa1/0x310 [ 3305.617433][ T205] ? do_syscall_64+0x150/0x150 [ 3305.622198][ T205] ? vfs_mkdir+0x30/0x30 [ 3305.626438][ T205] do_syscall_64+0xcb/0x150 [ 3305.631046][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3305.637023][ T205] RIP: 0033:0x7fa7e5eaa687 [ 3305.641434][ T205] Code: 00 b8 ff ff ff ff c3 0f 1f 40 00 48 8b 05 09 d8 2b 00 64 c7 00 5f 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 b8 53 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d e1 d7 2b 00 f7 d8 64 89 01 48 [ 3305.661058][ T205] RSP: 002b:00007ffdfd580298 EFLAGS: 00000293 ORIG_RAX: 0000000000000053 [ 3305.669489][ T205] RAX: ffffffffffffffda RBX: 00007ffdfd5831b0 RCX: 00007fa7e5eaa687 [ 3305.677485][ T205] RDX: 00007fa7e691ba00 RSI: 00000000000001ed RDI: 0000555ed76328c0 [ 3305.685458][ T205] RBP: 00007ffdfd5802d0 R08: 0000000000000000 R09: 0000000000000000 [ 3305.693556][ T205] R10: 0000000000000069 R11: 0000000000000293 R12: 0000000000000000 [ 3305.701791][ T205] R13: 0000000000000000 R14: 00007ffdfd5831b0 R15: 00007ffdfd5807c0 [ 3305.710870][ T205] Mem-Info: [ 3305.729484][ T205] active_anon:1407375 inactive_anon:10799 isolated_anon:0 [ 3305.729484][ T205] active_file:435 inactive_file:530 isolated_file:64 [ 3305.729484][ T205] unevictable:0 dirty:34 writeback:7 unstable:0 [ 3305.729484][ T205] slab_reclaimable:10358 slab_unreclaimable:90535 [ 3305.729484][ T205] mapped:57499 shmem:14896 pagetables:31782 bounce:0 [ 3305.729484][ T205] free:10926 free_pcp:359 free_cma:0 [ 3305.777635][ T205] Node 0 active_anon:5629500kB inactive_anon:43196kB active_file:1400kB inactive_file:2020kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:229496kB dirty:136kB writeback:28kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3305.802880][ T205] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3305.834431][ T205] lowmem_reserve[]: 0 2912 6416 6416 [ 3305.852597][ T205] DMA32 free:24712kB min:4644kB low:7624kB high:10604kB active_anon:2801704kB inactive_anon:2724kB active_file:952kB inactive_file:1412kB unevictable:0kB writepending:248kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11296kB pagetables:23080kB bounce:0kB free_pcp:332kB local_pcp:288kB free_cma:0kB [ 3305.882911][ T205] lowmem_reserve[]: 0 0 3504 3504 [ 3305.888348][ T205] Normal free:4832kB min:5592kB low:9180kB high:12768kB active_anon:2827520kB inactive_anon:40472kB active_file:424kB inactive_file:0kB unevictable:0kB writepending:4kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27904kB pagetables:104048kB bounce:0kB free_pcp:132kB local_pcp:100kB free_cma:0kB [ 3305.925347][ T205] lowmem_reserve[]: 0 0 0 0 [ 3305.936293][ T205] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3305.966149][ T205] DMA32: 206*4kB (UM) 350*8kB (UM) 846*16kB (UME) 154*32kB (UE) 8*64kB (UE) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 22600kB [ 3305.983808][ T205] Normal: 519*4kB (UMEH) 89*8kB (UME) 30*16kB (UME) 42*32kB (UME) 2*64kB (ME) 1*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4868kB [ 3306.009740][ T205] 15147 total pagecache pages [ 3306.032829][ T205] 0 pages in swap cache [ 3306.037039][ T205] Swap cache stats: add 0, delete 0, find 0/0 [ 3306.052827][ T205] Free swap = 0kB [ 3306.056585][ T205] Total swap = 0kB [ 3306.060307][ T205] 1965979 pages RAM [ 3306.070017][ T205] 0 pages HighMem/MovableOnly [ 3306.099908][ T205] 318830 pages reserved [ 3306.112912][ T205] 0 pages cma reserved [ 3306.117031][ T205] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=31393,uid=0 [ 3306.152901][ T205] Out of memory: Killed process 31393 (syz-executor.0) total-vm:75496kB, anon-rss:16580kB, file-rss:34624kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 01:20:38 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x0, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:38 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:38 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@getstats={0x1c, 0x5e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}}, 0x1c}}, 0x0) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'batadv0\x00', 0x0}) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000001400)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000013c0)={&(0x7f0000001c80)=@newtfilter={0x1464, 0x2c, 0x300, 0x70bd2a, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x9, 0x10}, {0xe, 0x2}, {0x10, 0xd}}, [@filter_kind_options=@f_matchall={{0xd, 0x1, 'matchall\x00'}, {0x780, 0x2, [@TCA_MATCHALL_CLASSID={0x8, 0x1, {0xd, 0x5}}, @TCA_MATCHALL_ACT={0x650, 0x2, [@m_tunnel_key={0xf8, 0x1b, 0x0, 0x0, {{0xf, 0x1, 'tunnel_key\x00'}, {0x44, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV4_DST={0x8, 0x4, @dev={0xac, 0x14, 0x14, 0x35}}, @TCA_TUNNEL_KEY_NO_CSUM={0x5, 0xa, 0x1}, @TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x2, 0x401, 0x0, 0x2, 0x7fff}, 0x2}}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @ipv4={[], [], @empty}}]}, {0xa0, 0x6, "0c0d7e988d8fbc9750ce67641055a26c093e1fc25c3821162c27fd51a5e22466b2729e1ca9532461045c0e118cba45fc5830dcf4f598def276c9c064e83fe60805591374b97e683753a30272929e07b6be14444753c3a641d9fd981e1b9ff18e7a1c782f4c23dc64e029f415a966afea2edb05e67edd43972b22164f507f8995b305e1d134dc85b318b97bedba4b108fd852b0794bbe342fad38af4d"}}}, @m_skbedit={0xa8, 0x1f, 0x0, 0x0, {{0xc, 0x1, 'skbedit\x00'}, {0x64, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_MARK={0x8, 0x5, 0x5}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0xff}, @TCA_SKBEDIT_PARMS={0x18, 0x2, {0xfffffff7, 0x401, 0xffffffffffffffff, 0x94c, 0xc8}}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x7}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0x4}, @TCA_SKBEDIT_MARK={0x8}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0xf270}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x9}, @TCA_SKBEDIT_QUEUE_MAPPING={0x6, 0x4, 0xd5}, @TCA_SKBEDIT_MARK={0x8, 0x5, 0x8000}]}, {0x33, 0x6, "b3c65643bff64ada1de35c90a26f3c2d8b12ea32cdb818ebec59a77035eb83acb1bbd794989f785f6847602d7bad59"}}}, @m_ipt={0x158, 0x19, 0x0, 0x0, {{0x8, 0x1, 'ipt\x00'}, {0xf4, 0x2, 0x0, 0x1, [@TCA_IPT_HOOK={0x8, 0x2, 0x4}, @TCA_IPT_INDEX={0x8, 0x3, 0x3f}, @TCA_IPT_TARG={0xb3, 0x6, {0x6, 'nat\x00', 0x0, 0x1ff, "bb4ee68bc47715574c679898a42a8595dd9490c2dd8c847ab08b40c686beeb12865dcd0b1be8ab18e8940b706587630f9789c484871a82ba005b19b20579ef625d968cd8ea2bb935acd29a12891816dcbd11ecf2b3fde0094e80b3a0ffe5c4024ac7f6eafdfa992c025e4e89bf85d002595ba1016308c57372277f981c3b3f4d3618b5d64fb1ccd157"}}, @TCA_IPT_TABLE={0x24, 0x1, 'filter\x00'}, @TCA_IPT_HOOK={0x8}]}, {0x55, 0x6, "6c3e6eda2018f02112d3c0885fde240f22ee9301912665fc063aea52ac79acec30a399cca6a554ac6a8a1ede831034ac86de00d4f0ea12fe287884d1c09e9e09eb306ce3f8c3b30fde922577594a2b9531"}}}, @m_gact={0x138, 0x4, 0x0, 0x0, {{0x9, 0x1, 'gact\x00'}, {0x88, 0x2, 0x0, 0x1, [@TCA_GACT_PROB={0xc, 0x3, {0x1, 0x2564, 0x8}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x9cb, 0xfffffffffffffff7}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0xb21, 0x5}}, @TCA_GACT_PARMS={0x18, 0x2, {0x2, 0x4, 0x20000001, 0x10000}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0xf, 0x5}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0xa77, 0x1}}, @TCA_GACT_PARMS={0x18, 0x2, {0x10000, 0x200, 0xffffffffffffffff, 0xa7, 0xfffffff8}}, @TCA_GACT_PROB={0xc, 0x3, {0x1, 0x9e6, 0x20000000}}, @TCA_GACT_PROB={0xc, 0x3, {0x2, 0x1df6, 0x5}}]}, {0x9d, 0x6, "5e82c3d22c93dde2c19430f26a3c652a4273dcb3b19b9bf5e2c2a4e96837509405b314eead0f598210e9096185abafdfc20c32b20c50034f17dee44436e2b9fc853d01492bf07ba9d337dc83c511054c5f0cc58a7fce39ed998b5c94be900eef48029efb6454d944d73d63dbae6cc363883b88e9e38d1d67c8f09f72a76eab031d423a201a1d3789a15a309bbbffc2d627f7485be6cbacada6"}}}, @m_mpls={0x9c, 0x2, 0x0, 0x0, {{0x9, 0x1, 'mpls\x00'}, {0xc, 0x2, 0x0, 0x1, [@TCA_MPLS_TC={0x5, 0x6, 0x1}]}, {0x7f, 0x6, "dfa2910e6aff5e3b2e693799723a18b3866d53649bab48cdb34a84b82a152d81d6ee23be039aa5cfe34ff202951c360c502b5041ded11ef0a8dd40b99e32eb811ab1e6e7a46b763310a2d1efb91fc4e7ef614ddfb30662f19d0912ebd80648768a1317b79780e2b7d4c98bbc07b6822d48475c60b7f3461680d474"}}}, @m_simple={0x180, 0x13, 0x0, 0x0, {{0xb, 0x1, 'simple\x00'}, {0x98, 0x2, 0x0, 0x1, [@TCA_DEF_PARMS={0x18, 0x2, {0x3, 0x0, 0x1, 0xc2e, 0x8}}, @TCA_DEF_DATA={0x10, 0x3, 'net/netlink\x00'}, @TCA_DEF_DATA={0x51, 0x3, '%$@security\\self)mime_typemime_typenodev)]]eth0keyring%cpusetwlan1cgroupuser\x00'}, @TCA_DEF_PARMS={0x18, 0x2, {0xedd, 0x3000, 0x2, 0x1, 0x2}}]}, {0xd5, 0x6, "320fb5cf6201519cd46ce5efb96b5c2f9ad23d025cdfb4ecb04d8cf5abf06635fd0f2d5694fea1189bf717bebef9dc0daf2b83e8490d07807f5bd65b9a0b1fb13be61b6b6fcdb9c258531ecad929969a6352af119f6d46acddc67bf1b5b824bd04552b254cfa22f431ad34cfe3e4ec25b96475db2ac07182969ff31efd879dc3f9e075e746366a6917f8c40e013f26e9aa8ff38214442a431e37640b7014190b3e9dc15636c8cd1a402d472044af15ed825404f07046e3f405fe0f297479c8cc452819bebf506c9f6913b386803ee921a7"}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x4}, @TCA_MATCHALL_ACT={0x114, 0x2, [@m_connmark={0x110, 0x1d, 0x0, 0x0, {{0xd, 0x1, 'connmark\x00'}, {0x20, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0x6, 0x3, 0x81, 0x7ff}, 0x40}}]}, {0xda, 0x6, "d40251631da269cc12f1d02565f73fd157d005c432561a02d3efa7c7aa94a8c43ad87e9fbd958346853c71b819ce10744d928c04a081c6b33c800347117d33f75aff84be22554ab66f51969fdf5c9827c108500d4634fc433da3ff35eb4c66bb64ff9d0ba009e1515ed01453855913e3e576ff11d9937b4a37d4747c03d1cb5678ca390161267464cb18f4cfdb3f1a8d9d5d61679e54b49d4c48a18f96b791f4a0bc15461d646a96709f959ab6b8b02637410fe3aaab7dfc968a82a1e2e4ff432e824ed1b6df3eab830097c935d695a067443cfef8d9"}}}]}, @TCA_MATCHALL_FLAGS={0x8, 0x3, 0x3}]}}, @filter_kind_options=@f_rsvp6={{0xa, 0x1, 'rsvp6\x00'}, {0x28, 0x2, [@TCA_RSVP_CLASSID={0x8, 0x1, {0xfff2, 0x6}}, @TCA_RSVP_CLASSID={0x8, 0x1, {0x0, 0xfff3}}, @TCA_RSVP_DST={0x14, 0x2, @mcast1}]}}, @filter_kind_options=@f_tcindex={{0xc, 0x1, 'tcindex\x00'}, {0xc68, 0x2, [@TCA_TCINDEX_POLICE={0xc64, 0x6, [@TCA_POLICE_TBF={0x3c, 0x1, {0x8, 0x1, 0x7, 0x80000001, 0x80, {0x5, 0x2, 0x3, 0x8, 0xbcb4, 0x5d9}, {0x8, 0x3, 0x3, 0xffff, 0x800, 0x3f}, 0x20, 0x1ff, 0x7}}, @TCA_POLICE_RATE64={0xc, 0x8, 0x101}, @TCA_POLICE_RATE={0x404, 0x2, [0x1, 0x7, 0x1, 0x5, 0x1, 0x5, 0x0, 0x3ff, 0x7ff, 0x1, 0x4, 0xfffffffe, 0x9, 0x40, 0x8, 0x5, 0x4, 0x0, 0x9, 0x2f, 0x3, 0x8, 0x1, 0x5, 0x0, 0x0, 0x800, 0xffff, 0x0, 0x3f, 0x100, 0x7fffffff, 0x7, 0x737b, 0x8ea, 0x1b, 0x2, 0x81, 0x3, 0x1, 0x1, 0x6, 0x0, 0xfff, 0xa342, 0x8001, 0x6, 0x1ff, 0x2, 0x9, 0xfff, 0x6, 0xfffffffe, 0x81, 0xfffeffff, 0x1, 0x4dfc, 0x2, 0x3, 0xfffffff8, 0x100, 0x97f, 0xe66, 0xfffffffd, 0x80000001, 0x1, 0x0, 0x1, 0xff, 0x74, 0x2, 0xff, 0x3, 0x1, 0x7fff, 0xff, 0x401, 0x5, 0x80000001, 0x4, 0x9, 0x20000000, 0xb34f, 0x1, 0x20, 0x0, 0x9000, 0x149dad33, 0xa44, 0x79c38461, 0x8001, 0x4, 0x80000000, 0x0, 0x4, 0x401, 0x5, 0x81, 0x6, 0x1000, 0x5, 0x9, 0x58d1, 0xc0a, 0x7, 0x9, 0x3f, 0x8, 0x101, 0x1000, 0x8000, 0x3, 0x3e000000, 0x3c6, 0x2d, 0x4, 0x4, 0x855, 0x81, 0x10001, 0x7, 0x5, 0x0, 0x673, 0x2, 0x9, 0x7, 0x10001, 0x6, 0x80, 0x89e, 0xaeb, 0x1000, 0xe2d7, 0x3, 0x1ff, 0x8f, 0xfff, 0x2, 0x0, 0x2, 0x400, 0x605d, 0x8000, 0x0, 0x1, 0x10001, 0x7fffffff, 0x0, 0x0, 0x1000, 0x4, 0x0, 0x5, 0x6, 0x1, 0xa53, 0x8, 0x2, 0x56, 0x7fffffff, 0x8001, 0x14000, 0x4, 0x6, 0x3, 0x0, 0x3, 0x6, 0x3, 0x8, 0x3, 0x8, 0x401, 0x0, 0x9, 0x0, 0x6, 0x20, 0x6, 0x940, 0xffffffff, 0x401, 0x8, 0x200, 0x6, 0x7, 0x2, 0x3, 0x5, 0x0, 0x2574, 0x7, 0x8, 0x3, 0x7f, 0x400000, 0x0, 0x9, 0x2, 0x8000, 0xfb, 0x628f, 0x9, 0x80000000, 0x9, 0xffff, 0x1ff, 0x7, 0x101, 0x3, 0x7, 0xd05, 0x7, 0xd7, 0x0, 0x1f, 0x7ff, 0xece, 0x8000, 0xfffffffa, 0x7fff, 0x8, 0xee, 0x2, 0x5, 0x4, 0x7, 0x8000, 0x40, 0xc, 0x0, 0x1, 0x7ff, 0x7, 0x5, 0x100, 0x6a4, 0x4, 0xfffffff7, 0x9, 0x40, 0x3ff, 0x3, 0x0, 0x1ff, 0x6, 0x983, 0x7112, 0x200, 0x9, 0x8, 0x4, 0x101, 0x0, 0x7]}, @TCA_POLICE_PEAKRATE={0x404, 0x3, [0x43af, 0x400, 0x7, 0x7, 0x3, 0xffffffff, 0x3, 0x3, 0x3, 0x6bd, 0xb03c, 0x3, 0x80000000, 0x3, 0xfffffff9, 0x4, 0x0, 0x7, 0x3, 0x8, 0x3, 0x10001, 0x8, 0x0, 0x4, 0x4, 0x5, 0x269, 0x1, 0x1, 0x7, 0x10000, 0x8, 0xfffffff7, 0x7f, 0xab4, 0x400, 0x8001, 0x7, 0x15b, 0x9, 0x401, 0x3ff, 0xff, 0x6, 0x3, 0x7f, 0xa9, 0x5, 0x790, 0x7, 0x6, 0xc02, 0x7, 0x1, 0x6, 0x9, 0x3ff, 0x1, 0x80000001, 0xbe83, 0xd9, 0x80000001, 0x8, 0x0, 0x2, 0x8, 0x8000000, 0x3f, 0xf85f, 0xc55, 0x4, 0x7ff, 0xfffffff8, 0x1b7, 0x7, 0x3, 0x7ff, 0x5, 0x9, 0x0, 0x9, 0x7ff, 0x0, 0xffff, 0x7, 0x80, 0x54e, 0x5, 0xffffff7f, 0x5, 0x400, 0x183, 0x475787aa, 0x373bf0be, 0x7fff, 0x7fffffff, 0xd6a, 0xf8000000, 0x6, 0x6, 0xffff, 0x8, 0x2, 0x7, 0x3ed89f2, 0x5, 0xfff, 0x0, 0x2, 0x7, 0x7, 0x3, 0x0, 0x80000001, 0x8, 0x3, 0x8, 0x2, 0xffffffc2, 0x0, 0x8, 0x3, 0x99, 0xff, 0x9, 0x1f, 0x7ff, 0x0, 0x80000000, 0x400, 0x9, 0x8001, 0x1ff, 0xffff, 0x81, 0x7, 0x6, 0x7, 0x3, 0x42c, 0x1ff, 0x5, 0x100, 0x800, 0x1, 0x1ff, 0x10001, 0x63, 0x2, 0x85, 0x5, 0x7fffffff, 0x0, 0x7, 0x1, 0x3ff, 0xfffffbff, 0x1f, 0x200, 0x0, 0x2, 0x5, 0x7, 0x2, 0x3ff, 0x200, 0x10001, 0xffff7fff, 0xfffffffe, 0x91, 0x101, 0x1ae92c67, 0x2, 0x8602, 0x0, 0x3, 0x20, 0x200, 0x100, 0x80000001, 0x4, 0x2, 0x4, 0x401, 0x34ca2008, 0xed07, 0x40, 0x7, 0x8, 0x5, 0x7, 0x3, 0xe59e, 0x7fff, 0x7fff, 0x7ea1, 0x40, 0x7, 0x80000000, 0xde8, 0x9, 0x53, 0x5, 0x6, 0xfba, 0x5, 0x6, 0x1690, 0x5, 0x2, 0x80000000, 0x9, 0x200, 0x3, 0x9, 0x5, 0xff0, 0x3, 0x2, 0x0, 0x80000001, 0x0, 0x5, 0x0, 0x9, 0x8001, 0x7, 0x5, 0xfffff801, 0x3, 0xbb, 0x7, 0x3, 0x644e, 0x8, 0x4, 0x1, 0x3be, 0x1, 0xfffff716, 0x2, 0x5, 0x2, 0x1, 0x7ff, 0xcd43, 0x7, 0x3, 0xf06c0000, 0x5, 0x1, 0x0, 0x4, 0x3da2c21, 0x6a]}, @TCA_POLICE_RATE={0x404, 0x2, [0x800, 0xa9, 0x7fff, 0x2, 0x7ff, 0x8, 0x20, 0x4, 0x2, 0x3ff, 0xfff, 0x3ff, 0x6, 0x2, 0x9, 0x0, 0x6, 0x10001, 0x4, 0x2, 0x2, 0x5, 0x0, 0x2, 0x80000000, 0x3, 0x6, 0x8, 0x20, 0x5, 0x2, 0x8, 0x100, 0xfffffffd, 0x5, 0x7fffffff, 0x8, 0x8000, 0x3, 0x100, 0xffffffff, 0x87, 0x6c, 0xa7, 0xfffffff7, 0x80000000, 0x0, 0x200, 0x80, 0x0, 0x8, 0x8, 0x4, 0x8, 0x4, 0x0, 0x8, 0x2, 0x101, 0x200, 0x1f, 0x7fffffff, 0x81, 0x3f, 0x4, 0x3ff, 0xff, 0x1, 0x7, 0x9, 0x6c62, 0x3, 0x80000001, 0x2, 0x8, 0x5, 0x8, 0x7, 0x20, 0x4, 0x1ff, 0x7, 0x20, 0x3, 0x0, 0x1, 0xd2fb, 0x1000, 0x4, 0x5, 0x3, 0x4, 0x0, 0x4, 0x3f, 0x5, 0x0, 0x0, 0x81, 0x3, 0x66, 0x3, 0x2, 0x8, 0x799c, 0x6, 0x10001, 0x690, 0x290, 0xfffff905, 0x9, 0x401, 0xb65, 0x5, 0x10001, 0x6, 0x497f7a5e, 0x5, 0x5, 0x1, 0x75f4d790, 0x9, 0x10, 0x2, 0x7fffffff, 0xfffffffe, 0x9, 0xd888, 0x401, 0x7a, 0x1, 0xd5, 0x18e, 0x101, 0xfffffff8, 0x100, 0xffffffff, 0x800, 0x1, 0x1, 0x9, 0x1, 0x1f, 0x4, 0x4ce, 0x8, 0x8b, 0x9, 0xea60, 0x88, 0x7, 0x5, 0xf918, 0x1, 0xfffffffd, 0x8d0, 0x9, 0xfffffffc, 0x5, 0x20, 0x2, 0x100, 0xd9, 0xfcf5, 0x7, 0x1, 0x1f, 0x7, 0x81, 0x6331, 0x2, 0x200, 0x0, 0xaf, 0x1, 0x3, 0x20, 0xfffffffc, 0x5, 0x8, 0x4, 0x8000, 0x6, 0x728, 0x4790, 0x1, 0x52, 0x5, 0xfffffffd, 0x2, 0x3, 0x20, 0x7, 0x8, 0x40, 0xffff, 0x9, 0x181, 0x1, 0x81, 0x1f, 0x5a7, 0x5, 0xfffffffe, 0x4, 0x1, 0x309, 0x5c1cde15, 0x2, 0x7, 0x3ff, 0x7ff, 0x1ff, 0xfffffffb, 0x2, 0x3, 0x6, 0x710, 0x2, 0x1, 0x80000000, 0x5, 0x1, 0x6, 0x0, 0x6, 0x5, 0x8, 0x4, 0x6, 0x7, 0x2, 0x9, 0xffffff00, 0x2, 0xfffffffc, 0x5, 0x10001, 0xffff7fff, 0x3, 0x9, 0x100, 0x5, 0x2, 0x0, 0x9, 0x8, 0xcc, 0x3, 0x100, 0xfffff0ad, 0x8, 0x1c00000, 0xba, 0x3, 0x81]}, @TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x6}]}]}}, @TCA_RATE={0x6, 0x5, {0x3f, 0x20}}]}, 0x1464}, 0x1, 0x0, 0x0, 0x8000}, 0x4050) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') setsockopt$pppl2tp_PPPOL2TP_SO_SENDSEQ(0xffffffffffffffff, 0x111, 0x3, 0x0, 0x4) preadv(r6, &(0x7f0000000500), 0x37d, 0x0) 01:20:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x0, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:38 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@getstats={0x1c, 0x5e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}}, 0x1c}}, 0x0) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000200)={@mcast2, @local, @ipv4={[], [], @loopback}, 0x6, 0x8000, 0x3, 0x400, 0x6, 0x40000000}) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:38 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:38 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:38 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) [ 3306.996561][ T741] syz-executor.0 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 3307.009859][ T741] CPU: 0 PID: 741 Comm: syz-executor.0 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3307.019835][ T741] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3307.029895][ T741] Call Trace: [ 3307.033194][ T741] dump_stack+0x14a/0x1ce [ 3307.037525][ T741] ? devkmsg_release+0x11c/0x11c [ 3307.042460][ T741] ? show_regs_print_info+0x12/0x12 [ 3307.047663][ T741] ? radix_tree_cpu_dead+0x160/0x160 [ 3307.052946][ T741] ? _raw_spin_lock+0xa1/0x170 [ 3307.057707][ T741] ? _raw_spin_trylock_bh+0x190/0x190 [ 3307.063084][ T741] dump_header+0xdb/0x700 [ 3307.067418][ T741] oom_kill_process+0xd3/0x280 [ 3307.072186][ T741] out_of_memory+0x5b6/0x890 [ 3307.076778][ T741] ? unregister_oom_notifier+0x20/0x20 [ 3307.082261][ T741] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3307.087895][ T741] ? get_page_from_freelist+0x7c0/0x7c0 [ 3307.093452][ T741] ? flush_tlb_func_common+0x45/0x570 [ 3307.098840][ T741] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3307.104230][ T741] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3307.110143][ T741] ? pagevec_lru_move_fn+0x193/0x210 [ 3307.115467][ T741] ? __pagevec_release+0x130/0x130 [ 3307.120594][ T741] ? __lru_cache_add+0x1a1/0x1f0 [ 3307.125571][ T741] wp_page_copy+0x1cb/0x1120 [ 3307.130182][ T741] ? add_mm_rss_vec+0x270/0x270 [ 3307.135063][ T741] ? find_lowest_rq+0x162/0x3f0 [ 3307.139922][ T741] ? vm_normal_page+0x1c9/0x1d0 [ 3307.144778][ T741] do_wp_page+0x4c1/0x1530 [ 3307.149206][ T741] ? _raw_spin_lock+0xa1/0x170 [ 3307.153982][ T741] ? do_swap_page+0x1560/0x1560 [ 3307.158935][ T741] handle_mm_fault+0x1354/0x40a0 [ 3307.163878][ T741] ? switch_mm_irqs_off+0x329/0xa10 [ 3307.169080][ T741] ? finish_fault+0x230/0x230 [ 3307.173763][ T741] ? __up_read+0x1b0/0x1b0 [ 3307.178190][ T741] ? vmacache_find+0x2d2/0x4b0 [ 3307.182962][ T741] do_user_addr_fault+0x48a/0x9f0 [ 3307.188032][ T741] page_fault+0x2f/0x40 [ 3307.192216][ T741] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 3307.198819][ T741] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 3307.218429][ T741] RSP: 0018:ffff88803baef888 EFLAGS: 00010206 [ 3307.224502][ T741] RAX: ffffffff81f75001 RBX: 0000000020f57500 RCX: 0000000000000500 [ 3307.232484][ T741] RDX: 0000000000001000 RSI: ffff88818ca35b00 RDI: 0000000020f57000 [ 3307.240460][ T741] RBP: ffff88803baefda8 R08: dffffc0000000000 R09: ffffed1031946c00 [ 3307.248435][ T741] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 3307.256407][ T741] R13: 0000000000001000 R14: ffff88818ca35000 R15: 0000000020f56500 [ 3307.264390][ T741] ? copyout+0x1/0xb0 [ 3307.268381][ T741] copyout+0x8e/0xb0 [ 3307.272277][ T741] copy_page_to_iter+0x393/0xbd0 [ 3307.277212][ T741] pipe_to_user+0xa3/0x130 [ 3307.281651][ T741] __splice_from_pipe+0x2d3/0x870 [ 3307.286674][ T741] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 3307.292215][ T741] do_vmsplice+0x252/0xee0 [ 3307.296630][ T741] ? avc_ss_reset+0x3a0/0x3a0 [ 3307.301340][ T741] ? write_pipe_buf+0x1d0/0x1d0 [ 3307.306226][ T741] ? __rcu_read_lock+0x50/0x50 [ 3307.310999][ T741] ? check_stack_object+0x5a/0x90 [ 3307.316019][ T741] ? _copy_from_user+0xa4/0xe0 [ 3307.320993][ T741] ? rw_copy_check_uvector+0x2b3/0x310 [ 3307.326456][ T741] ? import_iovec+0x1c2/0x380 [ 3307.331143][ T741] ? dup_iter+0x110/0x110 [ 3307.335477][ T741] ? do_vfs_ioctl+0x780/0x1750 [ 3307.340245][ T741] __se_sys_vmsplice+0x1fb/0x300 [ 3307.345303][ T741] ? __x64_sys_vmsplice+0xa0/0xa0 [ 3307.350324][ T741] ? put_timespec64+0x109/0x150 [ 3307.355174][ T741] ? __x64_sys_clock_gettime+0x20d/0x260 [ 3307.360805][ T741] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 3307.366521][ T741] do_syscall_64+0xcb/0x150 [ 3307.371036][ T741] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3307.376929][ T741] RIP: 0033:0x45c829 [ 3307.380815][ T741] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3307.400614][ T741] RSP: 002b:00007f5f7dae8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 3307.409050][ T741] RAX: ffffffffffffffda RBX: 0000000000509d00 RCX: 000000000045c829 [ 3307.417137][ T741] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004 [ 3307.425099][ T741] RBP: 000000000078c040 R08: 0000000000000000 R09: 0000000000000000 [ 3307.433063][ T741] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3307.441029][ T741] R13: 0000000000000c49 R14: 00000000004ce70e R15: 00007f5f7dae96d4 [ 3307.449201][ T741] Mem-Info: [ 3307.452341][ T741] active_anon:1408596 inactive_anon:10799 isolated_anon:0 [ 3307.452341][ T741] active_file:100 inactive_file:97 isolated_file:33 [ 3307.452341][ T741] unevictable:0 dirty:2 writeback:22 unstable:0 [ 3307.452341][ T741] slab_reclaimable:10325 slab_unreclaimable:90971 [ 3307.452341][ T741] mapped:56708 shmem:14896 pagetables:31830 bounce:0 [ 3307.452341][ T741] free:10030 free_pcp:337 free_cma:0 [ 3307.490341][ T741] Node 0 active_anon:5634384kB inactive_anon:43196kB active_file:400kB inactive_file:488kB unevictable:0kB isolated(anon):0kB isolated(file):132kB mapped:226832kB dirty:8kB writeback:88kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3307.514736][ T741] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3307.540832][ T741] lowmem_reserve[]: 0 2912 6416 6416 [ 3307.546243][ T741] DMA32 free:18204kB min:4644kB low:7624kB high:10604kB active_anon:2806284kB inactive_anon:2724kB active_file:92kB inactive_file:0kB unevictable:0kB writepending:80kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11360kB pagetables:23012kB bounce:0kB free_pcp:504kB local_pcp:248kB free_cma:0kB [ 3307.575446][ T741] lowmem_reserve[]: 0 0 3504 3504 [ 3307.580504][ T741] Normal free:5508kB min:24744kB low:28332kB high:31920kB active_anon:2827116kB inactive_anon:40472kB active_file:208kB inactive_file:572kB unevictable:0kB writepending:216kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27904kB pagetables:104308kB bounce:0kB free_pcp:972kB local_pcp:252kB free_cma:0kB [ 3307.610646][ T741] lowmem_reserve[]: 0 0 0 0 [ 3307.615172][ T741] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3307.628512][ T741] DMA32: 152*4kB (U) 334*8kB (UE) 843*16kB (UE) 17*32kB (UE) 12*64kB (UE) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18080kB [ 3307.642379][ T741] Normal: 420*4kB (UEH) 43*8kB (UEH) 40*16kB (UE) 77*32kB (UE) 2*64kB (EH) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5256kB [ 3307.656245][ T741] 15008 total pagecache pages [ 3307.660954][ T741] 0 pages in swap cache [ 3307.665139][ T741] Swap cache stats: add 0, delete 0, find 0/0 [ 3307.671231][ T741] Free swap = 0kB [ 3307.674990][ T741] Total swap = 0kB [ 3307.678711][ T741] 1965979 pages RAM [ 3307.682516][ T741] 0 pages HighMem/MovableOnly [ 3307.687219][ T741] 318830 pages reserved [ 3307.691372][ T741] 0 pages cma reserved [ 3307.695500][ T741] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=31026,uid=0 [ 3307.709948][ T741] Out of memory: Killed process 31026 (syz-executor.0) total-vm:75496kB, anon-rss:16580kB, file-rss:34624kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3307.733153][ T23] oom_reaper: reaped process 31026 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 3309.446167][ T23] oom_reaper: reaped process 739 (syz-executor.5), now anon-rss:0kB, file-rss:34692kB, shmem-rss:0kB [ 3309.567902][ T755] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3309.580447][ T755] CPU: 0 PID: 755 Comm: syz-executor.0 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3309.590433][ T755] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3309.600489][ T755] Call Trace: [ 3309.603772][ T755] dump_stack+0x14a/0x1ce [ 3309.608125][ T755] ? devkmsg_release+0x11c/0x11c [ 3309.613061][ T755] ? show_regs_print_info+0x12/0x12 [ 3309.618264][ T755] ? radix_tree_cpu_dead+0x160/0x160 [ 3309.623607][ T755] ? _raw_spin_lock+0xa1/0x170 [ 3309.628377][ T755] ? _raw_spin_trylock_bh+0x190/0x190 [ 3309.633766][ T755] dump_header+0xdb/0x700 [ 3309.638102][ T755] oom_kill_process+0xd3/0x280 [ 3309.642873][ T755] out_of_memory+0x5b6/0x890 [ 3309.647486][ T755] ? unregister_oom_notifier+0x20/0x20 [ 3309.652941][ T755] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3309.659069][ T755] ? get_page_from_freelist+0x7c0/0x7c0 [ 3309.664613][ T755] ? __zone_watermark_ok+0x91/0x280 [ 3309.669795][ T755] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3309.675148][ T755] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3309.680954][ T755] ? __rcu_read_lock+0x50/0x50 [ 3309.685886][ T755] pte_alloc_one+0x1b/0xb0 [ 3309.690288][ T755] handle_mm_fault+0x1cd6/0x40a0 [ 3309.695275][ T755] ? finish_fault+0x230/0x230 [ 3309.700052][ T755] ? __perf_event_task_sched_in+0x4f7/0x560 [ 3309.706046][ T755] ? __up_read+0x1b0/0x1b0 [ 3309.710573][ T755] ? vmacache_update+0x9f/0xf0 [ 3309.715540][ T755] do_user_addr_fault+0x48a/0x9f0 [ 3309.720830][ T755] page_fault+0x2f/0x40 [ 3309.724980][ T755] RIP: 0033:0x45c829 [ 3309.728882][ T755] Code: Bad RIP value. [ 3309.732933][ T755] RSP: 002b:00007f5f7dac7c78 EFLAGS: 00010246 [ 3309.739002][ T755] RAX: 0000000000000000 RBX: 00000000004da840 RCX: 000000000045c829 [ 3309.747052][ T755] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000000 [ 3309.755025][ T755] RBP: 000000000078c0e0 R08: ffffffffffffffff R09: 0000000000000000 [ 3309.763006][ T755] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3309.770965][ T755] R13: 0000000000000076 R14: 00000000004c311e R15: 00007f5f7dac86d4 [ 3309.805135][ T755] Mem-Info: [ 3309.808540][ T755] active_anon:1408146 inactive_anon:10799 isolated_anon:0 [ 3309.808540][ T755] active_file:48 inactive_file:568 isolated_file:0 [ 3309.808540][ T755] unevictable:0 dirty:0 writeback:0 unstable:0 [ 3309.808540][ T755] slab_reclaimable:10326 slab_unreclaimable:90907 [ 3309.808540][ T755] mapped:56952 shmem:14896 pagetables:31751 bounce:0 [ 3309.808540][ T755] free:10349 free_pcp:230 free_cma:0 [ 3309.897357][ T755] Node 0 active_anon:5616216kB inactive_anon:43196kB active_file:112kB inactive_file:660kB unevictable:0kB isolated(anon):0kB isolated(file):68kB mapped:226796kB dirty:0kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3309.921635][ T755] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3309.947900][ T755] lowmem_reserve[]: 0 2912 6416 6416 [ 3309.953251][ T755] DMA32 free:26916kB min:4644kB low:7624kB high:10604kB active_anon:2796320kB inactive_anon:2724kB active_file:492kB inactive_file:288kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11072kB pagetables:22924kB bounce:0kB free_pcp:2556kB local_pcp:1296kB free_cma:0kB [ 3309.982742][ T755] lowmem_reserve[]: 0 0 3504 3504 [ 3309.987833][ T755] Normal free:12260kB min:5592kB low:9180kB high:12768kB active_anon:2820268kB inactive_anon:40472kB active_file:572kB inactive_file:824kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27808kB pagetables:103960kB bounce:0kB free_pcp:1976kB local_pcp:1464kB free_cma:0kB [ 3310.038585][ T755] lowmem_reserve[]: 0 0 0 0 [ 3310.043779][ T755] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3310.057893][ T755] DMA32: 699*4kB (UMEH) 649*8kB (UMEH) 914*16kB (UMEH) 81*32kB (UMEH) 17*64kB (UMEH) 5*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 26932kB [ 3310.073472][ T755] Normal: 483*4kB (UE) 75*8kB (UME) 123*16kB (UMEH) 104*32kB (UME) 13*64kB (ME) 5*128kB (ME) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9300kB 01:20:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:42 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x0, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:42 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:42 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:42 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) recvmsg(r5, &(0x7f0000001600)={&(0x7f0000000200)=@vsock={0x28, 0x0, 0x0, @hyper}, 0x80, &(0x7f0000001540)=[{&(0x7f0000000280)=""/87, 0x57}, {&(0x7f0000000100)=""/42, 0x2a}, {&(0x7f0000000180)=""/24, 0x18}, {&(0x7f0000000340)=""/219, 0xdb}, {&(0x7f0000000440)=""/44, 0x2c}, {&(0x7f0000000480)=""/120, 0x78}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/9, 0x9}], 0x8, &(0x7f00000015c0)=""/62, 0x3e}, 0x0) r6 = open(0x0, 0x141042, 0x0) connect$inet(r6, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r7, &(0x7f0000000500), 0x37d, 0x0) [ 3310.088638][ T755] 16899 total pagecache pages [ 3310.093675][ T755] 0 pages in swap cache [ 3310.098067][ T755] Swap cache stats: add 0, delete 0, find 0/0 [ 3310.105886][ T755] Free swap = 0kB [ 3310.110895][ T755] Total swap = 0kB [ 3310.115090][ T755] 1965979 pages RAM [ 3310.119012][ T755] 0 pages HighMem/MovableOnly [ 3310.123738][ T755] 318830 pages reserved [ 3310.129116][ T755] 0 pages cma reserved 01:20:42 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) dup(0xffffffffffffffff) getsockname(0xffffffffffffffff, &(0x7f0000000200)=@sco={0x1f, @fixed}, &(0x7f00000000c0)=0x80) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) [ 3310.134805][ T755] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=755,uid=0 [ 3310.163739][ T755] Out of memory: Killed process 755 (syz-executor.0) total-vm:75496kB, anon-rss:16580kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 3310.184617][ T23] oom_reaper: reaped process 755 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:20:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=@getstats={0x1c, 0x5e, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x3}}, 0x1c}}, 0x0) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000200)={@mcast2, @local, @ipv4={[], [], @loopback}, 0x6, 0x8000, 0x3, 0x400, 0x6, 0x40000000}) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:42 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x0, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3311.164205][T24516] kworker/u4:3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 3311.185160][T24516] CPU: 1 PID: 24516 Comm: kworker/u4:3 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3311.195636][T24516] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3311.205705][T24516] Workqueue: events_unbound call_usermodehelper_exec_work [ 3311.212813][T24516] Call Trace: [ 3311.216108][T24516] dump_stack+0x14a/0x1ce [ 3311.220417][T24516] ? devkmsg_release+0x11c/0x11c [ 3311.225379][T24516] ? show_regs_print_info+0x12/0x12 [ 3311.230605][T24516] ? radix_tree_cpu_dead+0x160/0x160 [ 3311.235872][T24516] ? _raw_spin_lock+0xa1/0x170 [ 3311.240632][T24516] ? _raw_spin_trylock_bh+0x190/0x190 [ 3311.246087][T24516] dump_header+0xdb/0x700 [ 3311.250405][T24516] oom_kill_process+0xd3/0x280 [ 3311.255168][T24516] out_of_memory+0x5b6/0x890 [ 3311.259761][T24516] ? unregister_oom_notifier+0x20/0x20 [ 3311.265228][T24516] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3311.270768][T24516] ? get_page_from_freelist+0x7c0/0x7c0 [ 3311.276907][T24516] ? worker_thread+0xa8f/0x1430 [ 3311.281760][T24516] ? __zone_watermark_ok+0x91/0x280 [ 3311.286965][T24516] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3311.292325][T24516] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3311.297854][T24516] ? copy_process+0x5a4/0x5110 [ 3311.302612][T24516] ? copy_process+0x5a4/0x5110 [ 3311.307380][T24516] ? kmem_cache_alloc+0x1d5/0x260 [ 3311.312405][T24516] copy_process+0x5f3/0x5110 [ 3311.317005][T24516] ? native_apic_mem_read+0x40/0x40 [ 3311.322276][T24516] ? plist_del+0x3c6/0x3e0 [ 3311.326718][T24516] ? task_woken_rt+0x69/0x210 [ 3311.331412][T24516] ? ttwu_do_wakeup+0x338/0x5b0 [ 3311.336245][T24516] ? fork_idle+0x290/0x290 [ 3311.340663][T24516] ? _raw_spin_unlock+0x5/0x20 [ 3311.345436][T24516] ? ttwu_queue+0x2f9/0x480 [ 3311.349928][T24516] _do_fork+0x196/0x920 [ 3311.354071][T24516] ? select_task_rq_rt+0x225/0x340 [ 3311.359163][T24516] ? dup_mm+0x300/0x300 [ 3311.363408][T24516] ? _raw_spin_lock_irq+0xa2/0x180 [ 3311.368703][T24516] kernel_thread+0x162/0x1d0 [ 3311.373279][T24516] ? proc_cap_handler+0x580/0x580 [ 3311.378343][T24516] ? legacy_clone_args_valid+0x50/0x50 [ 3311.383833][T24516] ? kernel_sigaction+0x11b/0x200 [ 3311.388858][T24516] ? proc_cap_handler+0x580/0x580 [ 3311.393868][T24516] ? _raw_spin_unlock_irq+0x5/0x20 [ 3311.398966][T24516] ? finish_task_switch+0x235/0x4c0 [ 3311.404146][T24516] call_usermodehelper_exec_work+0xe0/0x350 [ 3311.410032][T24516] ? call_usermodehelper_setup+0x210/0x210 [ 3311.415822][T24516] ? read_word_at_a_time+0xe/0x20 [ 3311.420834][T24516] ? strscpy+0xa6/0x260 [ 3311.424979][T24516] process_one_work+0x777/0xf90 [ 3311.429896][T24516] worker_thread+0xa8f/0x1430 [ 3311.434564][T24516] ? _raw_spin_lock+0x170/0x170 [ 3311.439406][T24516] kthread+0x2df/0x300 [ 3311.443452][T24516] ? process_one_work+0xf90/0xf90 [ 3311.448476][T24516] ? kthread_destroy_worker+0x280/0x280 [ 3311.454011][T24516] ret_from_fork+0x1f/0x30 [ 3311.460993][T24516] Mem-Info: [ 3311.479726][T24516] active_anon:1408657 inactive_anon:10799 isolated_anon:0 [ 3311.479726][T24516] active_file:100 inactive_file:214 isolated_file:28 [ 3311.479726][T24516] unevictable:0 dirty:0 writeback:0 unstable:0 [ 3311.479726][T24516] slab_reclaimable:10303 slab_unreclaimable:91332 [ 3311.479726][T24516] mapped:56737 shmem:14896 pagetables:31779 bounce:0 [ 3311.479726][T24516] free:9602 free_pcp:22 free_cma:0 [ 3311.551443][T24516] Node 0 active_anon:5634628kB inactive_anon:43196kB active_file:288kB inactive_file:376kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:227048kB dirty:0kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3311.596802][T24516] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3311.623095][T24516] lowmem_reserve[]: 0 2912 6416 6416 [ 3311.628852][T24516] DMA32 free:19872kB min:4644kB low:7624kB high:10604kB active_anon:2805104kB inactive_anon:2724kB active_file:68kB inactive_file:300kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11136kB pagetables:22772kB bounce:0kB free_pcp:108kB local_pcp:0kB free_cma:0kB [ 3311.658192][T24516] lowmem_reserve[]: 0 0 3504 3504 [ 3311.663505][T24516] Normal free:3640kB min:5592kB low:9180kB high:12768kB active_anon:2829124kB inactive_anon:40472kB active_file:120kB inactive_file:0kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:28128kB pagetables:104344kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 3311.692832][T24516] lowmem_reserve[]: 0 0 0 0 [ 3311.697600][T24516] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3311.711210][T24516] DMA32: 119*4kB (UEH) 342*8kB (UEH) 801*16kB (UEH) 51*32kB (UE) 13*64kB (UME) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18492kB [ 3311.727698][T24516] Normal: 423*4kB (UME) 49*8kB (UE) 30*16kB (UME) 18*32kB (UME) 5*64kB (ME) 5*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4100kB [ 3311.742031][T24516] 15141 total pagecache pages [ 3311.746751][T24516] 0 pages in swap cache [ 3311.750905][T24516] Swap cache stats: add 0, delete 0, find 0/0 [ 3311.757358][T24516] Free swap = 0kB [ 3311.761076][T24516] Total swap = 0kB [ 3311.764810][T24516] 1965979 pages RAM [ 3311.768618][T24516] 0 pages HighMem/MovableOnly [ 3311.776379][T24516] 318830 pages reserved [ 3311.780671][T24516] 0 pages cma reserved [ 3311.785031][T24516] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=30904,uid=0 [ 3311.799371][T24516] Out of memory: Killed process 30904 (syz-executor.0) total-vm:75496kB, anon-rss:16580kB, file-rss:34624kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3311.834957][ T417] syz-executor.5 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 3311.848793][ T417] CPU: 1 PID: 417 Comm: syz-executor.5 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3311.858822][ T417] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3311.868873][ T417] Call Trace: [ 3311.872183][ T417] dump_stack+0x14a/0x1ce [ 3311.876540][ T417] ? devkmsg_release+0x11c/0x11c [ 3311.881491][ T417] ? show_regs_print_info+0x12/0x12 [ 3311.886695][ T417] ? radix_tree_cpu_dead+0x160/0x160 [ 3311.891996][ T417] ? _raw_spin_lock+0xa1/0x170 [ 3311.896769][ T417] ? _raw_spin_trylock_bh+0x190/0x190 [ 3311.902233][ T417] dump_header+0xdb/0x700 [ 3311.906563][ T417] oom_kill_process+0xd3/0x280 [ 3311.911335][ T417] out_of_memory+0x5b6/0x890 [ 3311.915923][ T417] ? unregister_oom_notifier+0x20/0x20 [ 3311.921468][ T417] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3311.927029][ T417] ? get_page_from_freelist+0x7c0/0x7c0 [ 3311.932571][ T417] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3311.937947][ T417] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3311.943487][ T417] pagecache_get_page+0x50f/0x880 [ 3311.948607][ T417] filemap_fault+0x1474/0x19d0 [ 3311.953568][ T417] ? generic_file_read_iter+0x20b0/0x20b0 [ 3311.959289][ T417] ? __rcu_read_lock+0x50/0x50 [ 3311.964057][ T417] ? _raw_spin_lock+0xa1/0x170 [ 3311.968826][ T417] ext4_filemap_fault+0x7b/0x90 [ 3311.973683][ T417] handle_mm_fault+0x2837/0x40a0 [ 3311.978623][ T417] ? finish_fault+0x230/0x230 [ 3311.983314][ T417] ? dput+0x518/0x5e0 [ 3311.987318][ T417] ? __up_read+0x1b0/0x1b0 [ 3311.991736][ T417] ? vmacache_find+0x205/0x4b0 [ 3311.996513][ T417] do_user_addr_fault+0x48a/0x9f0 [ 3312.001541][ T417] page_fault+0x2f/0x40 [ 3312.005695][ T417] RIP: 0033:0x45bc30 [ 3312.009591][ T417] Code: Bad RIP value. [ 3312.013652][ T417] RSP: 002b:00007ffc86121048 EFLAGS: 00010286 [ 3312.019718][ T417] RAX: ffffffffffffffff RBX: 000000000032818e RCX: 000000000045f257 [ 3312.027683][ T417] RDX: 00007ffc86121060 RSI: 00007ffc861210f0 RDI: 0000000000000001 [ 3312.035647][ T417] RBP: 000000000000490d R08: 0000000000000000 R09: 000000000000000d [ 3312.043618][ T417] R10: 0000000000000006 R11: 0000000000000246 R12: 00007ffc86122180 [ 3312.051591][ T417] R13: 0000000001e83940 R14: 0000000000000000 R15: 00007ffc86122180 [ 3312.060129][ T417] Mem-Info: [ 3312.063874][ T417] active_anon:1408655 inactive_anon:10799 isolated_anon:0 [ 3312.063874][ T417] active_file:22 inactive_file:1 isolated_file:0 [ 3312.063874][ T417] unevictable:0 dirty:2 writeback:0 unstable:0 [ 3312.063874][ T417] slab_reclaimable:10303 slab_unreclaimable:91338 [ 3312.063874][ T417] mapped:56616 shmem:14896 pagetables:31747 bounce:0 [ 3312.063874][ T417] free:10093 free_pcp:109 free_cma:0 [ 3312.102449][ T417] Node 0 active_anon:5634620kB inactive_anon:43196kB active_file:120kB inactive_file:500kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:226448kB dirty:4kB writeback:4kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3312.127798][ T417] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3312.154393][ T417] lowmem_reserve[]: 0 2912 6416 6416 [ 3312.159775][ T417] DMA32 free:19352kB min:20548kB low:23528kB high:26508kB active_anon:2805260kB inactive_anon:2724kB active_file:64kB inactive_file:372kB unevictable:0kB writepending:4kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11168kB pagetables:22772kB bounce:0kB free_pcp:32kB local_pcp:0kB free_cma:0kB [ 3312.198543][ T417] lowmem_reserve[]: 0 0 3504 3504 [ 3312.204211][ T417] Normal free:4156kB min:5592kB low:9180kB high:12768kB active_anon:2829360kB inactive_anon:40472kB active_file:56kB inactive_file:4kB unevictable:0kB writepending:4kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:28096kB pagetables:104216kB bounce:0kB free_pcp:44kB local_pcp:20kB free_cma:0kB [ 3312.233557][ T417] lowmem_reserve[]: 0 0 0 0 [ 3312.238072][ T417] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3312.254309][ T417] DMA32: 364*4kB (UMH) 374*8kB (UMEH) 803*16kB (UMEH) 53*32kB (UME) 13*64kB (UME) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 19824kB [ 3312.285534][ T417] Normal: 426*4kB (UME) 52*8kB (UME) 31*16kB (UME) 18*32kB (UME) 5*64kB (ME) 5*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4152kB [ 3312.299995][ T417] 15171 total pagecache pages [ 3312.304859][ T417] 0 pages in swap cache [ 3312.309112][ T417] Swap cache stats: add 0, delete 0, find 0/0 [ 3312.323681][ T417] Free swap = 0kB [ 3312.332191][ T417] Total swap = 0kB [ 3312.339595][ T417] 1965979 pages RAM [ 3312.348189][ T417] 0 pages HighMem/MovableOnly [ 3312.358937][ T417] 318830 pages reserved [ 3312.369116][ T417] 0 pages cma reserved [ 3312.380594][ T417] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=30172,uid=0 [ 3312.395346][ T417] Out of memory: Killed process 30172 (syz-executor.0) total-vm:75496kB, anon-rss:16580kB, file-rss:34624kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3312.448661][ T782] syz-executor.1 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 3312.491711][ T782] CPU: 1 PID: 782 Comm: syz-executor.1 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3312.501720][ T782] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3312.511782][ T782] Call Trace: [ 3312.515118][ T782] dump_stack+0x14a/0x1ce [ 3312.519515][ T782] ? devkmsg_release+0x11c/0x11c [ 3312.524486][ T782] ? show_regs_print_info+0x12/0x12 [ 3312.529696][ T782] ? radix_tree_cpu_dead+0x160/0x160 [ 3312.534991][ T782] ? _raw_spin_lock+0xa1/0x170 [ 3312.539859][ T782] ? _raw_spin_trylock_bh+0x190/0x190 [ 3312.545243][ T782] dump_header+0xdb/0x700 [ 3312.549730][ T782] oom_kill_process+0xd3/0x280 [ 3312.554509][ T782] out_of_memory+0x5b6/0x890 [ 3312.559113][ T782] ? unregister_oom_notifier+0x20/0x20 [ 3312.564580][ T782] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3312.570237][ T782] ? get_page_from_freelist+0x7c0/0x7c0 [ 3312.575785][ T782] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3312.581263][ T782] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3312.586923][ T782] ? anon_vma_interval_tree_insert+0x2f2/0x330 [ 3312.593084][ T782] handle_mm_fault+0x1689/0x40a0 [ 3312.598019][ T782] ? finish_fault+0x230/0x230 [ 3312.602682][ T782] ? do_mmap+0x9ad/0x1060 [ 3312.607000][ T782] ? up_read+0x10/0x10 [ 3312.611067][ T782] ? __up_read+0x1b0/0x1b0 [ 3312.615502][ T782] ? vmacache_update+0x9f/0xf0 [ 3312.620252][ T782] do_user_addr_fault+0x48a/0x9f0 [ 3312.625269][ T782] page_fault+0x2f/0x40 [ 3312.629417][ T782] RIP: 0033:0x41407f [ 3312.633337][ T782] Code: Bad RIP value. [ 3312.637384][ T782] RSP: 002b:00007fff52222a90 EFLAGS: 00010206 [ 3312.643431][ T782] RAX: 00007fcf77cd4000 RBX: 0000000000020000 RCX: 000000000045c87a [ 3312.651410][ T782] RDX: 0000000000021000 RSI: 0000000000021000 RDI: 0000000000000000 [ 3312.659369][ T782] RBP: 00007fff52222b70 R08: ffffffffffffffff R09: 0000000000000000 [ 3312.667355][ T782] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff52222c70 [ 3312.675337][ T782] R13: 00007fcf77cf4700 R14: 000000000000085d R15: 000000000078bf0c [ 3312.684534][ T782] Mem-Info: [ 3312.687695][ T782] active_anon:1408705 inactive_anon:10799 isolated_anon:0 [ 3312.687695][ T782] active_file:28 inactive_file:55 isolated_file:0 [ 3312.687695][ T782] unevictable:0 dirty:1 writeback:1 unstable:0 [ 3312.687695][ T782] slab_reclaimable:10303 slab_unreclaimable:91339 [ 3312.687695][ T782] mapped:56637 shmem:14896 pagetables:31747 bounce:0 [ 3312.687695][ T782] free:9634 free_pcp:91 free_cma:0 [ 3312.742075][ T782] Node 0 active_anon:5634820kB inactive_anon:43196kB active_file:92kB inactive_file:284kB unevictable:0kB isolated(anon):0kB isolated(file):108kB mapped:226748kB dirty:4kB writeback:4kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3312.766862][ T782] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3312.793326][ T782] lowmem_reserve[]: 0 2912 6416 6416 [ 3312.798960][ T782] DMA32 free:18136kB min:4644kB low:7624kB high:10604kB active_anon:2805764kB inactive_anon:2724kB active_file:64kB inactive_file:312kB unevictable:0kB writepending:4kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11168kB pagetables:22772kB bounce:0kB free_pcp:172kB local_pcp:172kB free_cma:0kB [ 3312.832115][ T782] lowmem_reserve[]: 0 0 3504 3504 [ 3312.852877][ T782] Normal free:3496kB min:5592kB low:9180kB high:12768kB active_anon:2828436kB inactive_anon:40472kB active_file:168kB inactive_file:200kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:28096kB pagetables:104224kB bounce:0kB free_pcp:1704kB local_pcp:1084kB free_cma:0kB [ 3312.882901][ T782] lowmem_reserve[]: 0 0 0 0 [ 3312.887531][ T782] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3312.901007][ T782] DMA32: 210*4kB (UMH) 349*8kB (UMEH) 803*16kB (UMEH) 52*32kB (UE) 12*64kB (UE) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 18912kB [ 3312.915566][ T782] Normal: 487*4kB (UME) 85*8kB (UME) 29*16kB (UME) 21*32kB (UME) 3*64kB (ME) 1*128kB (M) 1*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 4852kB [ 3312.930801][ T782] 15018 total pagecache pages [ 3312.935571][ T782] 0 pages in swap cache [ 3312.939792][ T782] Swap cache stats: add 0, delete 0, find 0/0 [ 3312.947047][ T782] Free swap = 0kB [ 3312.951664][ T782] Total swap = 0kB [ 3312.963951][ T782] 1965979 pages RAM [ 3312.968219][ T782] 0 pages HighMem/MovableOnly [ 3312.973072][ T782] 318830 pages reserved [ 3312.977648][ T782] 0 pages cma reserved [ 3312.982301][ T782] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=30005,uid=0 [ 3313.046101][ T782] Out of memory: Killed process 30005 (syz-executor.0) total-vm:75496kB, anon-rss:16580kB, file-rss:34624kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 01:20:45 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:45 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x0, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:20:45 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x0, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:45 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) ioctl$PERF_EVENT_IOC_ENABLE(r7, 0x8912, 0x400200) write$uinput_user_dev(r7, &(0x7f0000000340)={'syz0\x00', {0x9, 0x4, 0x0, 0x9}, 0x6, [0x927, 0x4, 0x5, 0xc5b, 0x0, 0x8, 0x1f, 0x0, 0xfffffffc, 0x98, 0x3, 0x3bc, 0x8, 0x9, 0x7, 0x9, 0x0, 0x7ff, 0x5, 0x6, 0x9, 0x6, 0x8000, 0x8, 0xfa5b, 0x6, 0x5, 0x8c18b52, 0x1, 0x10001, 0x0, 0x7, 0x401, 0x3, 0x1ee, 0x5, 0x80000000, 0xffff, 0x80000001, 0xfffffffb, 0x80000000, 0x80000001, 0x7, 0x7, 0x4a3, 0x4, 0x0, 0x200, 0x2, 0xffff, 0xc4, 0x2, 0x4, 0x100, 0x8, 0x1, 0x7fff, 0x100, 0xf94, 0x8ad, 0x400, 0x7, 0x2, 0x7d], [0xfbc6, 0x9875, 0x9, 0x6, 0x2, 0x10001, 0x3, 0x800, 0x90, 0x2, 0x7, 0x4ff40063, 0xfc000000, 0x8f, 0x96, 0x3f, 0x5, 0x20, 0x5, 0x7f, 0x7, 0x5, 0x7, 0x9, 0x7, 0x2, 0x3ff, 0x80, 0x5, 0x0, 0x8, 0xc47, 0x6, 0x3, 0x0, 0x0, 0x20, 0x2, 0xbb1, 0x1ff, 0xe8a, 0x3, 0x1, 0x401, 0x4, 0x100, 0x40ab, 0xffff, 0x1, 0x400, 0x7, 0x2, 0x2, 0x1, 0x800, 0x3, 0x2b4e49b6, 0x9, 0x3, 0x9, 0xf2, 0x6, 0x200, 0x8], [0x2, 0xbc26, 0x7fff, 0x81, 0xc0, 0x6, 0x3, 0x4, 0x6, 0x0, 0x9, 0x0, 0x7f, 0x6, 0x1, 0x6, 0x5, 0x1, 0x1, 0x0, 0x1c6764b, 0x1, 0xd3a, 0x9, 0x7, 0x20, 0x2fd8803c, 0x5, 0x0, 0x5, 0x3, 0x9a2, 0x3ff, 0x2, 0x3, 0x6, 0x80000000, 0x80000000, 0x101, 0x8, 0xb247, 0x1000, 0x6, 0x1, 0x5, 0x0, 0xe26, 0x7ff, 0x6, 0x7, 0x0, 0x8000, 0x4, 0x800, 0x8, 0x6, 0x0, 0xcb4f, 0x8, 0x8, 0x401, 0x80000001, 0x5, 0x1], [0x5, 0x6, 0x3, 0x40, 0x9, 0x7, 0x1, 0x8000, 0xb1, 0x8001, 0x40, 0x3, 0x5, 0xeedc, 0x6, 0x8, 0x479, 0x1, 0x8, 0x4, 0x4, 0x9, 0x400, 0x3ab, 0x4, 0x4, 0x5, 0x373, 0x9, 0x0, 0xcab, 0x0, 0x8, 0x7, 0x0, 0x5, 0x0, 0x8b28, 0x10001, 0xe9, 0x3, 0x0, 0x5, 0x1, 0x1, 0x0, 0x0, 0x5, 0x401, 0x8, 0x80000001, 0x6, 0x3ff, 0x7, 0xfffffe01, 0x0, 0x4, 0x5, 0x5, 0x8aa, 0xffffffff, 0x8, 0x2, 0x8001]}, 0x45c) 01:20:45 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x6, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) getpriority(0x1, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) set_robust_list(&(0x7f00000000c0)={0x0, 0x2}, 0x18) 01:20:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:20:45 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x0, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:45 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f00000000c0)='\x00\x00', 0x2) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) r6 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_group_source_req(r6, 0x0, 0x2c, &(0x7f0000000340)={0x8, {{0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x1b}}}, {{0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x12}}}}, 0x108) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) [ 3313.861761][ T835] ================================================================== [ 3313.869890][ T835] BUG: KASAN: stack-out-of-bounds in unwind_next_frame+0x1346/0x2230 [ 3313.877961][ T835] Read of size 8 at addr ffff888070c0ea98 by task syz-executor.4/835 [ 3313.886026][ T835] [ 3313.886501][ T419] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 3313.888354][ T835] CPU: 0 PID: 835 Comm: syz-executor.4 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3313.888359][ T835] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3313.888362][ T835] Call Trace: [ 3313.888380][ T835] dump_stack+0x14a/0x1ce [ 3313.927843][ T835] ? show_regs_print_info+0x12/0x12 [ 3313.933034][ T835] ? printk+0xd2/0x114 [ 3313.937103][ T835] print_address_description+0x93/0x620 [ 3313.942646][ T835] ? preempt_schedule+0x110/0x130 [ 3313.947665][ T835] ? schedule_preempt_disabled+0x20/0x20 [ 3313.953290][ T835] __kasan_report+0x16d/0x1e0 [ 3313.957964][ T835] ? unwind_next_frame+0x1346/0x2230 [ 3313.963249][ T835] kasan_report+0x34/0x60 [ 3313.967683][ T835] unwind_next_frame+0x1346/0x2230 [ 3313.972798][ T835] ? preempt_schedule_irq+0xc8/0x140 [ 3313.978095][ T835] ? retint_kernel+0x1b/0x1b [ 3313.982693][ T835] ? unwind_get_return_address_ptr+0xa0/0xa0 [ 3313.988771][ T835] ? unwind_next_frame+0x2230/0x2230 [ 3313.994060][ T835] ? retint_kernel+0x1b/0x1b [ 3313.998645][ T835] ? __schedule+0x918/0xef0 [ 3314.003148][ T835] ? in_sched_functions+0x9/0x40 [ 3314.008097][ T835] ? stack_trace_consume_entry_nosched+0x189/0x260 [ 3314.014592][ T835] ? stack_trace_save_tsk+0x490/0x490 [ 3314.019974][ T835] arch_stack_walk+0xf4/0x120 [ 3314.024684][ T835] stack_trace_save_tsk+0x2e7/0x490 [ 3314.029884][ T835] ? stack_trace_consume_entry+0x230/0x230 [ 3314.035682][ T835] ? _raw_spin_lock+0xa1/0x170 [ 3314.040513][ T835] ? __mutex_lock_interruptible_slowpath+0x10/0x10 [ 3314.047010][ T835] ? __ptrace_may_access+0x2b4/0x530 [ 3314.052294][ T835] ? kmem_cache_alloc_trace+0xc3/0x280 [ 3314.057833][ T835] proc_pid_stack+0x12f/0x1f0 [ 3314.062507][ T835] proc_single_show+0xd3/0x130 [ 3314.067265][ T835] seq_read+0x4aa/0xd30 [ 3314.071423][ T835] do_iter_read+0x43b/0x550 [ 3314.075920][ T835] do_preadv+0x213/0x350 [ 3314.080157][ T835] ? do_writev+0x5b0/0x5b0 [ 3314.084599][ T835] do_syscall_64+0xcb/0x150 [ 3314.089104][ T835] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3314.095001][ T835] RIP: 0033:0x45c829 [ 3314.098894][ T835] Code: 0d b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 db b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 3314.118583][ T835] RSP: 002b:00007f67d72d5c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 3314.126993][ T835] RAX: ffffffffffffffda RBX: 00000000004fa1c0 RCX: 000000000045c829 [ 3314.134971][ T835] RDX: 000000000000037d RSI: 0000000020000500 RDI: 0000000000000007 [ 3314.142939][ T835] RBP: 000000000078c0e0 R08: 0000000000000000 R09: 0000000000000000 [ 3314.150941][ T835] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3314.159277][ T835] R13: 000000000000085c R14: 00000000004cb1c7 R15: 00007f67d72d66d4 [ 3314.167253][ T835] [ 3314.167267][ T419] CPU: 1 PID: 419 Comm: syz-executor.3 Not tainted 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3314.167278][ T419] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3314.169767][ T835] The buggy address belongs to the page: [ 3314.179756][ T419] Call Trace: [ 3314.189901][ T835] page:ffffea0001c30380 refcount:0 mapcount:0 mapping:0000000000000000 index:0x1 [ 3314.195974][ T419] dump_stack+0x14a/0x1ce [ 3314.199248][ T835] flags: 0x4000000000000000() [ 3314.208372][ T419] ? devkmsg_release+0x11c/0x11c [ 3314.212701][ T835] raw: 4000000000000000 dead000000000100 dead000000000122 0000000000000000 [ 3314.217379][ T419] ? show_regs_print_info+0x12/0x12 [ 3314.222304][ T835] raw: 0000000000000001 0000000000000000 00000000ffffffff 0000000000000000 [ 3314.230909][ T419] ? radix_tree_cpu_dead+0x160/0x160 [ 3314.236091][ T835] page dumped because: kasan: bad access detected [ 3314.244673][ T419] ? _raw_spin_lock+0xa1/0x170 [ 3314.250041][ T835] [ 3314.256449][ T419] ? _raw_spin_trylock_bh+0x190/0x190 [ 3314.261191][ T835] Memory state around the buggy address: [ 3314.263541][ T419] dump_header+0xdb/0x700 [ 3314.268883][ T835] ffff888070c0e980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3314.274514][ T419] oom_kill_process+0xd3/0x280 [ 3314.278820][ T835] ffff888070c0ea00: f1 f1 f1 f1 00 00 00 f2 f2 f2 f2 f2 00 00 00 00 [ 3314.286885][ T419] out_of_memory+0x5b6/0x890 [ 3314.291627][ T835] >ffff888070c0ea80: 00 f3 f3 f3 f3 f3 f3 f3 00 00 00 00 00 00 00 00 [ 3314.299690][ T419] ? unregister_oom_notifier+0x20/0x20 [ 3314.304268][ T835] ^ [ 3314.312333][ T419] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3314.317782][ T835] ffff888070c0eb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3314.322630][ T419] ? get_page_from_freelist+0x7c0/0x7c0 [ 3314.328169][ T835] ffff888070c0eb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 3314.336231][ T419] ? __zone_watermark_ok+0x91/0x280 [ 3314.341747][ T835] ================================================================== 01:20:45 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(0x0) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) [ 3314.349805][ T419] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3314.354984][ T835] Disabling lock debugging due to kernel taint [ 3314.374735][ T419] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3314.380316][ T419] ? copy_process+0x5a4/0x5110 [ 3314.385110][ T419] ? copy_process+0x5a4/0x5110 [ 3314.389884][ T419] ? kmem_cache_alloc+0x1d5/0x260 [ 3314.394928][ T419] copy_process+0x5f3/0x5110 [ 3314.399546][ T419] ? do_wp_page+0xb1b/0x1530 [ 3314.404160][ T419] ? do_swap_page+0x1560/0x1560 [ 3314.409030][ T419] ? fork_idle+0x290/0x290 [ 3314.413465][ T419] ? memset+0x1f/0x40 [ 3314.417456][ T419] ? handle_mm_fault+0xb16/0x40a0 [ 3314.422492][ T419] _do_fork+0x196/0x920 [ 3314.426662][ T419] ? dup_mm+0x300/0x300 [ 3314.430824][ T419] ? ktime_get_raw+0x130/0x130 [ 3314.435605][ T419] __x64_sys_clone+0x25f/0x2c0 [ 3314.440386][ T419] ? __ia32_sys_vfork+0x110/0x110 [ 3314.445515][ T419] ? __x64_sys_clock_gettime+0x20d/0x260 [ 3314.451513][ T419] ? do_user_addr_fault+0x55c/0x9f0 [ 3314.456709][ T419] do_syscall_64+0xcb/0x150 [ 3314.461225][ T419] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3314.467130][ T419] RIP: 0033:0x45ae5a [ 3314.471024][ T419] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 3314.491060][ T419] RSP: 002b:00007ffe0c13c170 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 3314.499473][ T419] RAX: ffffffffffffffda RBX: 00007ffe0c13c170 RCX: 000000000045ae5a 01:20:46 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) [ 3314.507452][ T419] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 3314.515426][ T419] RBP: 00007ffe0c13c1b0 R08: 0000000000000001 R09: 000000000183d940 [ 3314.523400][ T419] R10: 000000000183dc10 R11: 0000000000000246 R12: 0000000000000001 [ 3314.531382][ T419] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffe0c13c200 [ 3314.591286][ T419] Mem-Info: [ 3314.595503][ T419] active_anon:1404514 inactive_anon:10799 isolated_anon:0 [ 3314.595503][ T419] active_file:1182 inactive_file:1149 isolated_file:140 [ 3314.595503][ T419] unevictable:0 dirty:83 writeback:0 unstable:0 [ 3314.595503][ T419] slab_reclaimable:10254 slab_unreclaimable:91631 [ 3314.595503][ T419] mapped:58817 shmem:14896 pagetables:31670 bounce:0 [ 3314.595503][ T419] free:11276 free_pcp:550 free_cma:0 [ 3314.665226][ T419] Node 0 active_anon:5619456kB inactive_anon:43196kB active_file:3080kB inactive_file:3160kB unevictable:0kB isolated(anon):0kB isolated(file):200kB mapped:232268kB dirty:32kB writeback:100kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3314.763730][ T419] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3314.790091][ T419] lowmem_reserve[]: 0 2912 6416 6416 [ 3314.795594][ T419] DMA32 free:25316kB min:12836kB low:15816kB high:18796kB active_anon:2795224kB inactive_anon:2724kB active_file:604kB inactive_file:168kB unevictable:0kB writepending:16kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11232kB pagetables:22748kB bounce:0kB free_pcp:12kB local_pcp:12kB free_cma:0kB [ 3314.825681][ T419] lowmem_reserve[]: 0 0 3504 3504 [ 3314.831215][ T419] Normal free:6008kB min:5592kB low:9180kB high:12768kB active_anon:2825468kB inactive_anon:40472kB active_file:2588kB inactive_file:2456kB unevictable:0kB writepending:316kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27776kB pagetables:103932kB bounce:0kB free_pcp:1064kB local_pcp:432kB free_cma:0kB [ 3314.872821][ T419] lowmem_reserve[]: 0 0 0 0 [ 3314.878443][ T419] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3314.892234][ T419] DMA32: 321*4kB (UMEH) 376*8kB (UMEH) 787*16kB (UME) 95*32kB (UME) 40*64kB (UMEH) 25*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 25684kB [ 3314.907664][ T419] Normal: 1003*4kB (UME) 257*8kB (UME) 32*16kB (UME) 33*32kB (UME) 2*64kB (ME) 0*128kB 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8020kB [ 3314.922621][ T419] 15890 total pagecache pages [ 3314.927509][ T419] 0 pages in swap cache [ 3314.931867][ T419] Swap cache stats: add 0, delete 0, find 0/0 [ 3314.938173][ T419] Free swap = 0kB [ 3314.942122][ T419] Total swap = 0kB [ 3314.946008][ T419] 1965979 pages RAM [ 3314.949965][ T419] 0 pages HighMem/MovableOnly [ 3314.954786][ T419] 318830 pages reserved [ 3314.959691][ T419] 0 pages cma reserved [ 3314.963947][ T419] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=29817,uid=0 [ 3314.979556][ T419] Out of memory: Killed process 29817 (syz-executor.0) total-vm:75496kB, anon-rss:16580kB, file-rss:34624kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3315.026624][ T23] oom_reaper: reaped process 29817 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:20:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, 0x0, 0x0) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:47 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x0, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:47 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = accept4$unix(r3, 0x0, &(0x7f0000000100), 0x800) sendmsg(r5, &(0x7f0000001500)={&(0x7f0000000200)=@alg={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha512\x00'}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000340)="57806e31e2f91f6f8e32fd6510923a74880c29852de5bfb0789c60a22269a160fa8d48447dd43bc2ab42e016d5ed1f55e937f880362bba240fc1900c0341feb0ecf7c787ffdf2abfb41d54bb70a6d6a3594cb64e26768d1cefaf0d3a65e8f3630bd31c4dbaccc64dffac620b5c561c1605898cdd486b4bdf4b3ea25aea2b3d8bb6b58235e7a61d5d354d88347e412e57f15631c6e655ac6554b3990412a22da1a564b89637bfc05181f02dcab9cba74df0f15285e28fdf70f655aa992c5ef7dcdc9934c08469f16e55f61e3ad0932b32", 0xd0}, {&(0x7f0000000440)="7c8547ddc15962f44f47addf723a92e87d518c8b006c770167f4e3796ce9b02a2a9ce22668b722908029907af56db861c6a90b91b1d00bf0964df4baba0c47ac812806f17f197946ee09701912c44179a857141684caeaf04b8db21a4002edfcaa7d10d579b1c884f23a671a7282538f2d94986c22f1ecf35c729fa0d1bdcabfe39ad884902c304b98dfb2579420a9151fce75be162587f98177daeed06ac47edcbba1a8ac2dbc95349b696e37e104f8453e83112347e725e1886241a917e6a756adba164c60242e57bc5e564612839fc816dfc6df688f07232704caf73bd3e74a6d05d8b915637d2f16fdc41f400dd39d17e6c6bd2ad5cd8189dff6603192e734f0a02334a298eb439ad0556a2520b7f7810093862c1bd6461d40e61a9e14eeb38fc93caaa8ba2de2fe831d6f62f0e249601331d1c88d53037e665a8bb03f9d78e1173417052bee48e1a2bd5e660cff0f6a4d8bec86cd9625f2c53db0a0909864be9c4005ad4b331e537042d586014864b2e959039cfc2be4338d557d6e7a6e49bd0ec98565f9128f950a70f7512bfca1ddb94812c229965c2b1927dfa14a2f43058e2636b285291cea193ae95db208fcb1f66354ef0ed36a22babe576eda842e71f9a821e5d7f4292286122da1de6ea636d879ca69b5e09ffe9301b092c8d1c53ea4fbb58e76c96c0b1b68d6ca5821a1173353d765776eda853213caa8cceb1c0863c512fccd30b7adc76aac15b4c7cedb0dfe59812bcc6a84c92747c157e79d4d2d65e73ac61fe8e94be28c7f57aa26724f1bbe9bd685e6ada6d00d61b576c5d93f83272772277f6276423724e4ff21e1d285890e2466bedb0cd4204deb888456470ee44e7a1dddd2d1377742880eeaf0499dad7cafb22701cddc2b86b12ce447d85111252c7c5475ae82c335d04018554ec09a91568f5f8450c57d3ffead24a8ce39628c09189fcd452ceb211af386571c12f121a3d1b7ce055a3cd75a5d860c866f151d73010dd23d2d41aafe0719c7de1b9a0dd83466c8c257cff860c2097fba69a6fbb54ebf5156282259a7e8a03afdbb203c88f74146faebd29b4934dd42bfe08094faac0a43f369f5cea112299f1a860cf921aeb81aee718193bc0b7588f25a5f7eb08288c8db0f3aca601ffd7d130dce7741e946edb3421e6066a1172b4b08302218059be471c6101b35528daba0fdaefdf5f4b15e58d674c90c19f0c205072721f968008e3176fa4104e30984e9ce3b0024c03b1eb8ecd58c303b9db32df44667aa91b1aa1f3d3f1b68fb8cf778aa1a9f7930fbbbd0393202d348212f8966c6c5809e700141af2b893e0d177233bbbf30222e0a650af5cc7cba7eb2239822c03c54c1242711dbe13e1fbe107066890c124858349a27ba9bbb1948c427916481931f68ca7039baa9fbf4029fc2c7cc2cd0921279d97936c96c89ebee2e60346ea666a4e25a81e34984a345e6d3a614cf8e6764cfc5024ad8cf53d08423473b6be4ed4ad03e2d1c12600263414e02bdc4145e50811bca8ba2029c255ea278c89c4440adf56255890d768108b84b7e226ea890f38acdf83c6fdd06515bf070b2f97b2daca178c905eb2991daf4fdc05e8953ed63edc9b679375128a23037ead108021f0da98600456b2c3656aeedceeb8f1cec903e577b2c9ef5912dd4cb7b9fd18dc6f89271fd075d1702f52af3b41274ea2c3e797dd662fc1612c3645f811809394d0001dc9c8237558aa46ffcc1459e6fee7cc2f1043c61926b0406e8c177af398e9dcde21debf06bfb319d13e82bf6d7227fec1a35b6faa7a818aa6efb2a5935e832dfbe056457e36010430b41515511771e73e7b4bdbaa3e22a526c43bb31428f75360cf243f5d6d66c97623fe149441854139395fd1472220be2fbb7a9b979621da2d744ede54aeb3c605b5d9905243c81f4ef4d272456ab5e4a782bffb668559a367e37ed0a10f030f076777dac1a2ae6c790e94b99a8340663e6581fdd39d5762cc8d9f0439771261f4344b94849ec66fa5dc91fa5d2ce4e82f9f6ff0da8228774b01d8c48d3471fd974c82a9dc6827857eb4872d06930f3b730fbdc346e522cccabf3d1a301fa1c474e2dbd182efa891eb9c8720e679128589cf007ad48009f27e12f4358c98ef7fc7e93dc16296a89589d1c50eec4b41c60267aaef1767693812dc9613f39b5bf8bde29bb5a7c64f397eab3d1e112621233db2d018da9d29c4584c295fcda62f29ab8f650cd7a9bc40f5ec78efe0f1f9b9429c7c17469ace3c54c4e3ff80874c1cdaac8e3794b8bdcf71b0e0d596e35da6bc18fcc406cc81edc75d397acc89c9132f18cfa8d1ecd246038c810bc5de0745437b2e2619a65fb24f4adfcab9b0b765466a31c333b8a5792f7547bf3e0bdcfc9980be0fe89f7e1c84fe7d69527db8799001c64a79e9bad556cec8c694f24a30f4a27c2a5cb7323f120f1349b624425f1788f842f21d23ff682242b22cca32a53312035bf383ba40f1ffe349f44be3f16268880239ad93ff6a20ecd38e9f762c3781e646add21fdfb56a57967f1badf101539ef981db4f0115890c57852fc1a1e0df633f4a87c65cf346ceb276bb6d20ef421cc707c25958e4ac0232867df69db5c2fa6895c1869a72d49b8fafa40bcae7c54bd9997e898fdfb0249e6a0211f30c9d42218617e6b9bfc8066f1ba7e78e5ac12e4ddb88a3b0690338e3b8ef3eefe76adbe3d1d930331527cbee793ca78d79319fb267aee788fbaf2c26fcda6ee720c0f5c9696592c2fd6e43ac5de1c1e2a273211043a0aebd116760b2c418626ffc5ffd3ccfc39d22b8d59f79c5a7f151986c7d3dcd0b13bb4db6b8adcd069a80b49976cbe0598ff08cf7268c394f3c36d97eb687eac9e3501d83ea4076d9340390c26962946214eef132f57a18009d1d78ba2bb2bec5579e944c976e398e471100cf26d5deb4a819b052934c6726e43684bca0f61ee319a1f98a77a52b8940e6efffccf15711c4c77bd8e18edb65fdbe76e3946cff3e67106c37d387dae17a1e3282a46340f2b6ac6c75c42829b60adfd5a842f9e7d5416554fcd617854ccb25412aea08eaf55d0bfc82630699e818ea7f5c67a38d9e1a362f8e07bcd062e5ea19e558d64d25db3c4def9eacae38f74983aef89a8227350473de33ea8fab888dfbaf3737dcd59e761a4ae22d4c9d2b8178cc08df19a21990bf49d16547dcfd44dcc69296d41cbd52f61d71725e846be0faf65cba7485c2af65d4a66488163bc5c7977e9f1768d6785e8afd4cbe2f42c415570cd34c5f377bbdca099a6c624181bfe4d48869f10469ada7865d828bdd5e99f90228f302b4004c0304c006a9cc17588818a489d9341b91ecd46be11f8aa35f67f2069eeb012ef858bc702e519225305d3a323f1f0e2c7ac3de529378e27b71d17c363e9ff3cc3568cd4947eb57fbaf48d79d71ae2244bc13af4cd2f26daa776de1e1db444e31a80ec4f9748075debd79b50d7514288d0acb1da750ec3dcdaf55cee244d6b5aaec727df8bec03bf3d6d5d07ea278d0e4cc8a3d4f827739e35f19fd02b07085f779433eab1c8b8d12fc44afdab849e52ec87b285a91ef5a66866c790a45bba5a8f222446e4ccd6b8ca1f0cfc6201748c00da971044659f8ee38f8a7c23fc625e7efbf4db155108f4f241293dca6e981f0414d33cf326db3e9fe3d12a1837dac4210565553541d0c91f810b4e27272f33107728f4e0f32e095960f10036e7d29419f8c2d4b4515131b75b8da9668b3c9f261edd2c480bb6f1adf5c1ff8f796ad9269122207e0da89e33a98b75aeae6a9b41ec8a534703c21eca8504ef6808b501bcf23b8cad623e94daa345f3903901bca1a999d905f623efcc241d6a43bdc2494c4ee42e898cafa605053c91fd4fb831220b09a97beb99011ac29cfb843f3de25d1a291b29c4d9c7b0e3922e8080d8c8289ec49c8833565fc6f53f83d68c27004bcc037f8bd87d9645bdf42c62010f7e39890cee2a74406ef3b9a8b51ed551bcc9e418400bfded7e48d60208497de3c3032c1dc9a5e80a1f80b2cf1ad8ec08a313a22b27b9c2fa280a080d3e6ce40d0a26f91d8b3d7cffe079854cb397845225915add707543b08a83d149e276c44e577dc8cc8db7a87e93872829c16f5a02f77bc6b783f26c24d2effb3d489ea0c004b49ef6fb483be3923dc4cb1aa5daee6f5b71388bbee3c537a74c104c8cfb496f208939fa9da50c738b5ac3aee2404cf0412c709cbf1f1876f49fc8415c349f8af589330d6517b467c31cc89f7afd8c7b87afdf9e28316b54f5a73b7316676488a4970ff74b4f9f813e8f02afe2c563f24814ed5ce490904136624616d41915f8acfca7788e4eb4578ca2ab197ace5cbe45606998db2d347edc51c093dcabe39d846cb911687e9b2270e8a72d1052dc5b583616cf915dba39e4cbaf7a9f763ef42bc527d546ae69628fd299b19a263f9d2c4a3f02571335c9ff8581aeb40c105200286b22d514d293190e4d6ddfd823cd5372a4e2dfbf9c70d5b066f4300779070c4e03aba9ceaac4b6c12656807865e20a19f42b3c190502134913f342d40dfee68465197eeced1e98984c47335e8f6367e25eed4cefd6c4cf180329391edf720f1e58b8a77510c66cb69e58bac60ec61b18a9b11b0eb6e7104e91774de598cd68120227a2eb5036dafa96a37ccb69207be024bc5989e37924838292e9e381059be2edf353077f5c6654cd8ad496626146902a31043ef5ba5dc833a86933ff7ec94f0ae584752e4e40794c45d3198e41b8ae88e2d542464c05021627aee81a05f91dd39f02e8bd812f234e8607c7768ac12e45b3adc345ae1f83fefbb3aaa5782639396a7698822882a73b9f8406c8da3618697620c3921a6a1c1697eac39c27f9713b4acae9df1d23a4ca3ee138ab8caa3876bd6da3f7b5ccc400923a8d828bdb27a531a73cf97e8860fdaa7894fa9e59c4f4db5d2e7770efe27bc30b82b60d2c34701596cb835eecf9da73833c165b39c7a24b25cc4800c2aafe3df87bcbc3651113f2edfea0f4acdc6936513c54f43ea19dc10a6722f782ea46229ec63b89aab4dac26266fd6fd4e73264d235d4c3310c7ead126c7e74fc2e9529be742058eb7a9e8f48b8a5b9d62668ada5f5ae872da9ee3316efc924f67bec63ad37a233d9c8a5d43175c384db07b2f9ed12db6319e77ab72f922af3e3753a239f1cbf228669a7d402621bd151ca9c79ca1068ead890d11497aa165e7a433b174b68a44c47ef29d1f5bce50203124926e9c71ef55e1040cda88523c4e8d21e6ab41f2dd652d10dbc6cd606868766759bb8792bafd61b29fc44dc06f804090eb1b689e6fac7c4e6caef2fc2917e3d4f5a9b2f4f0a7fd11750d5333c580e52ee0b7afd4323aa3d724b1acf90fec1e8007fb55d5dd5dc593d500bf301b43dbfd0ac0b5f3b3b78a4ba1caef885bb8fce317a812e29a36c08a227b2382acc88d7116c83b2a8e4e18ac426222333eb2a9b8750f0cd3a3c70942bb99effa0b608689eb6923ec2169a30d0911e6725a31e8c1f692f16571d13fd84fe5d15efe7085e9a9bdd6e17774607dacdbfafef9148b1ff0fb9027e06b3b19aab12f71c799a847305acc98e323ae3755589c6f856d7c6890e31d9a95cfad0d1ff133b08eb051939f80f04cc181231b042b6650652e7375925312aa9ee059885ba80b185250a866229455df152e81085a094c60589a03fa893b77f631d13303b078e814a2cad95d53a1d3856487bbb1be239b5505ffcd990cf43258aed5b20fae0ef11845d", 0x1000}, {&(0x7f0000000280)="3a0c38e938fd828ae58c057189143a6a494005fe94ff6d7f174b2568759d0b913dfc383c56d7dd1e38f2359617c6624b95a99a0de2ac84d5eaf26b23f59529d87fcbbb909f4d838719b73ef34d93719ff0f2e73201b737f2dbf8415fa78d65afbe2f6a9f02d2edc0e6655a84c3ce3bc26cd1b1314883c4b4ec393e", 0x7b}], 0x3, &(0x7f0000001440)=ANY=[@ANYBLOB="90000000000000000000000000000000515ce264b8b0f29f023218fa5a51bcdc2916cc4453ebeed2c4293645d30c8224a0a40275d6c0e4270aea68e6ff8de9e0d5e059e9c8095af942f14d3057ac6c871c9c83d6f0bfff2c39ad48cae209001c4aaa257fccdb57f3fb5bcbaa0d3d0230c373844dd7f7bcbe023c2eb559bb88c3675c7239321b4345ef71fcdcbf"], 0x90}, 0x20000000) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r6, &(0x7f0000000500), 0x37d, 0x0) 01:20:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, 0x0, 0x0) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:47 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0xffffffffffffffff) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:47 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x0, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:47 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:47 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, 0x0, 0x0) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:47 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3315.785669][ T903] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=1000 [ 3315.797994][ T903] CPU: 0 PID: 903 Comm: syz-executor.0 Tainted: G B 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3315.809372][ T903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3315.819428][ T903] Call Trace: [ 3315.822727][ T903] dump_stack+0x14a/0x1ce [ 3315.827060][ T903] ? devkmsg_release+0x11c/0x11c [ 3315.832021][ T903] ? show_regs_print_info+0x12/0x12 [ 3315.837228][ T903] ? radix_tree_cpu_dead+0x160/0x160 [ 3315.842509][ T903] ? _raw_spin_lock+0xa1/0x170 [ 3315.847282][ T903] ? _raw_spin_trylock_bh+0x190/0x190 [ 3315.852666][ T903] dump_header+0xdb/0x700 [ 3315.857006][ T903] oom_kill_process+0xd3/0x280 [ 3315.861777][ T903] out_of_memory+0x5b6/0x890 [ 3315.866394][ T903] ? unregister_oom_notifier+0x20/0x20 [ 3315.871855][ T903] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3315.877405][ T903] ? get_page_from_freelist+0x7c0/0x7c0 [ 3315.882947][ T903] ? __zone_watermark_ok+0x91/0x280 [ 3315.888156][ T903] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3315.893557][ T903] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3315.899197][ T903] ? __rcu_read_lock+0x50/0x50 [ 3315.903983][ T903] pte_alloc_one+0x1b/0xb0 [ 3315.908456][ T903] handle_mm_fault+0x1cd6/0x40a0 [ 3315.913399][ T903] ? finish_fault+0x230/0x230 [ 3315.918333][ T903] ? __perf_event_task_sched_in+0x4f7/0x560 [ 3315.924229][ T903] ? __up_read+0x1b0/0x1b0 [ 3315.928647][ T903] ? vmacache_update+0x9f/0xf0 [ 3315.933439][ T903] do_user_addr_fault+0x48a/0x9f0 [ 3315.938474][ T903] page_fault+0x2f/0x40 [ 3315.942810][ T903] RIP: 0033:0x45c829 [ 3315.946709][ T903] Code: Bad RIP value. [ 3315.950772][ T903] RSP: 002b:00007f5f7dac7c78 EFLAGS: 00010246 [ 3315.956827][ T903] RAX: 0000000000000000 RBX: 00000000004da840 RCX: 000000000045c829 [ 3315.964801][ T903] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000000 [ 3315.972795][ T903] RBP: 000000000078c0e0 R08: ffffffffffffffff R09: 0000000000000000 [ 3315.980790][ T903] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000ffffffff [ 3315.988764][ T903] R13: 0000000000000076 R14: 00000000004c311e R15: 00007f5f7dac86d4 [ 3316.005370][ T903] Mem-Info: [ 3316.008815][ T903] active_anon:1406707 inactive_anon:10799 isolated_anon:0 [ 3316.008815][ T903] active_file:256 inactive_file:550 isolated_file:48 [ 3316.008815][ T903] unevictable:0 dirty:6 writeback:0 unstable:0 [ 3316.008815][ T903] slab_reclaimable:10219 slab_unreclaimable:91921 [ 3316.008815][ T903] mapped:57251 shmem:14896 pagetables:31823 bounce:0 [ 3316.008815][ T903] free:10441 free_pcp:135 free_cma:0 [ 3316.047753][ T903] Node 0 active_anon:5626828kB inactive_anon:43196kB active_file:1124kB inactive_file:3300kB unevictable:0kB isolated(anon):0kB isolated(file):192kB mapped:230204kB dirty:24kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3316.080235][ T903] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3316.109555][ T903] lowmem_reserve[]: 0 2912 6416 6416 [ 3316.137651][ T903] DMA32 free:18836kB min:4644kB low:7624kB high:10604kB active_anon:2796368kB inactive_anon:2724kB active_file:1276kB inactive_file:2612kB unevictable:0kB writepending:4kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11552kB pagetables:23120kB bounce:0kB free_pcp:384kB local_pcp:380kB free_cma:0kB [ 3316.216758][ T903] lowmem_reserve[]: 0 0 3504 3504 [ 3316.221857][ T903] Normal free:4600kB min:5592kB low:9180kB high:12768kB active_anon:2831468kB inactive_anon:40472kB active_file:252kB inactive_file:388kB unevictable:0kB writepending:20kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27808kB pagetables:104172kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3316.253684][ T903] lowmem_reserve[]: 0 0 0 0 [ 3316.278894][ T903] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3316.343545][ T903] DMA32: 187*4kB (UEH) 345*8kB (UMEH) 782*16kB (UMEH) 58*32kB (UMEH) 3*64kB (UME) 1*128kB (M) 1*256kB (M) 0*512kB 1*1024kB (M) 0*2048kB 0*4096kB = 19476kB [ 3316.395295][ T903] Normal: 923*4kB (UMEH) 361*8kB (UMEH) 41*16kB (MEH) 59*32kB (UMEH) 6*64kB (UME) 0*128kB 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9764kB [ 3316.436175][ T903] 15359 total pagecache pages [ 3316.450579][ T903] 0 pages in swap cache [ 3316.459386][ T903] Swap cache stats: add 0, delete 0, find 0/0 [ 3316.472245][ T903] Free swap = 0kB [ 3316.485840][ T903] Total swap = 0kB [ 3316.489795][ T903] 1965979 pages RAM [ 3316.493753][ T903] 0 pages HighMem/MovableOnly [ 3316.498584][ T903] 318830 pages reserved [ 3316.503078][ T903] 0 pages cma reserved [ 3316.507279][ T903] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=871,uid=0 01:20:48 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3316.932386][ T205] systemd-journal invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 3316.960475][ T205] CPU: 0 PID: 205 Comm: systemd-journal Tainted: G B 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3316.971948][ T205] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3316.982007][ T205] Call Trace: [ 3316.985399][ T205] dump_stack+0x14a/0x1ce [ 3316.989725][ T205] ? devkmsg_release+0x11c/0x11c [ 3316.994662][ T205] ? show_regs_print_info+0x12/0x12 [ 3316.999859][ T205] ? radix_tree_cpu_dead+0x160/0x160 [ 3317.005172][ T205] ? _raw_spin_lock+0xa1/0x170 [ 3317.009931][ T205] ? _raw_spin_trylock_bh+0x190/0x190 [ 3317.015309][ T205] dump_header+0xdb/0x700 [ 3317.019731][ T205] oom_kill_process+0xd3/0x280 [ 3317.024633][ T205] out_of_memory+0x5b6/0x890 [ 3317.029227][ T205] ? unregister_oom_notifier+0x20/0x20 [ 3317.034779][ T205] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3317.040332][ T205] ? get_page_from_freelist+0x7c0/0x7c0 [ 3317.045902][ T205] ? __zone_watermark_ok+0x91/0x280 [ 3317.051104][ T205] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3317.056475][ T205] ? __kasan_kmalloc+0x12c/0x1c0 [ 3317.061446][ T205] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3317.067001][ T205] alloc_slab_page+0x3a/0x3a0 [ 3317.071696][ T205] new_slab+0x408/0x450 [ 3317.075860][ T205] ? should_fail+0x18e/0x860 [ 3317.080454][ T205] ___slab_alloc+0x2e0/0x450 [ 3317.085057][ T205] ? getname_flags+0xb8/0x610 [ 3317.089742][ T205] ? getname_flags+0xb8/0x610 [ 3317.094451][ T205] kmem_cache_alloc+0x23f/0x260 [ 3317.099334][ T205] getname_flags+0xb8/0x610 [ 3317.103839][ T205] ? security_prepare_creds+0x197/0x220 [ 3317.109395][ T205] user_path_at_empty+0x28/0x50 [ 3317.114253][ T205] do_faccessat+0x306/0x800 [ 3317.118761][ T205] ? __ia32_sys_fallocate+0x100/0x100 [ 3317.124158][ T205] do_syscall_64+0xcb/0x150 [ 3317.128694][ T205] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3317.134672][ T205] RIP: 0033:0x7fa7e5eaa9c7 [ 3317.139095][ T205] Code: Bad RIP value. [ 3317.143156][ T205] RSP: 002b:00007ffdfd580188 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 [ 3317.151597][ T205] RAX: ffffffffffffffda RBX: 00007ffdfd5831b0 RCX: 00007fa7e5eaa9c7 [ 3317.159576][ T205] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000555ed725a9a3 [ 3317.167569][ T205] RBP: 00007ffdfd5802d0 R08: 0000555ed72503e5 R09: 0000000000000018 [ 3317.175546][ T205] R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 01:20:48 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) [ 3317.183524][ T205] R13: 0000000000000000 R14: 0000555ed76328c0 R15: 00007ffdfd5807c0 [ 3317.197860][ T205] Mem-Info: [ 3317.202017][ T205] active_anon:1406657 inactive_anon:10799 isolated_anon:0 [ 3317.202017][ T205] active_file:572 inactive_file:909 isolated_file:50 [ 3317.202017][ T205] unevictable:0 dirty:14 writeback:0 unstable:0 [ 3317.202017][ T205] slab_reclaimable:10217 slab_unreclaimable:91640 [ 3317.202017][ T205] mapped:57776 shmem:14896 pagetables:31745 bounce:0 [ 3317.202017][ T205] free:10220 free_pcp:254 free_cma:0 [ 3317.264958][ T205] Node 0 active_anon:5626628kB inactive_anon:43196kB active_file:2408kB inactive_file:2636kB unevictable:0kB isolated(anon):0kB isolated(file):100kB mapped:230804kB dirty:56kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3317.301515][ T205] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3317.328302][ T205] lowmem_reserve[]: 0 2912 6416 6416 [ 3317.333994][ T205] DMA32 free:20752kB min:4644kB low:7624kB high:10604kB active_anon:2799732kB inactive_anon:2724kB active_file:772kB inactive_file:428kB unevictable:0kB writepending:16kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11136kB pagetables:23140kB bounce:0kB free_pcp:512kB local_pcp:28kB free_cma:0kB [ 3317.363675][ T205] lowmem_reserve[]: 0 0 3504 3504 [ 3317.369136][ T205] Normal free:8064kB min:5592kB low:9180kB high:12768kB active_anon:2826896kB inactive_anon:40472kB active_file:36kB inactive_file:292kB unevictable:0kB writepending:40kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27744kB pagetables:103840kB bounce:0kB free_pcp:1928kB local_pcp:496kB free_cma:0kB [ 3317.400028][ T205] lowmem_reserve[]: 0 0 0 0 [ 3317.404919][ T205] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3317.419501][ T205] DMA32: 346*4kB (UMEH) 376*8kB (UMEH) 780*16kB (UMEH) 105*32kB (UMEH) 11*64kB (UME) 2*128kB (UM) 0*256kB 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 21704kB [ 3317.435743][ T205] Normal: 757*4kB (UME) 316*8kB (UME) 60*16kB (ME) 53*32kB (UME) 17*64kB (UME) 0*128kB 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9556kB [ 3317.450808][ T205] 14985 total pagecache pages [ 3317.455868][ T205] 0 pages in swap cache [ 3317.460106][ T205] Swap cache stats: add 0, delete 0, find 0/0 [ 3317.466317][ T205] Free swap = 0kB [ 3317.470042][ T205] Total swap = 0kB [ 3317.474063][ T205] 1965979 pages RAM [ 3317.478196][ T205] 0 pages HighMem/MovableOnly [ 3317.483337][ T205] 318830 pages reserved [ 3317.487883][ T205] 0 pages cma reserved [ 3317.492298][ T205] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=905,uid=0 [ 3317.506651][ T205] Out of memory: Killed process 905 (syz-executor.0) total-vm:75364kB, anon-rss:16572kB, file-rss:34692kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 01:20:52 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write(0xffffffffffffffff, &(0x7f0000000340)="02f726b5b85fcf9c683a13dc46b986a11eb2b1ce4a0f3426f2a38d3476d4b760073ae703fb47bf547ab14952f90b5f01b61010a70320b4047dc02b1a20ed0f778f992b01bbf281aade9d10c0dc9218a8bb1a05e92ba1439bf967c053f101ecabde01de367a298b9e4ef3b60eadc7c12e72f9fa704bb10000e9e92baaf0925029533fd08b22d544677bbf395dcac9047dca667e2fc136fff9909c54eb0892ea74a6b59bec7d1fa3fec6c0ff446fa4b070164d1d0e24eb39c8674dacaaa32221e7d343602881ca151c67589081d2c56bd9d365a7ed0f1c76403a78", 0xda) preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:52 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:52 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:52 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:52 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:20:52 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r1, &(0x7f0000000500), 0x37d, 0x0) 01:20:52 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x4, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) r4 = open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r5, &(0x7f0000000500), 0x37d, 0x0) 01:20:52 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:52 executing program 0: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x9, 0x10000000000002d8, 0x0, 0x0, 0x0, 0x3}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) r4 = open(&(0x7f0000000180)='./file0\x00', 0x80000, 0x100) ioctl$EVIOCGABS3F(r4, 0x8018457f, &(0x7f0000000400)=""/4096) r5 = syz_open_dev$hiddev(&(0x7f0000000100)='/dev/usb/hiddev#\x00', 0x99a7, 0xa3b2331bf52aee29) write(r5, &(0x7f0000000340)="0b7414721f8f270c9be0a8461e7996be16caffac0adfe2056eb85a3db8c456bd71ebedadba34f36af70a7bf12e584d9df11f80a99f011864bec9428d54ef952162aeedd95aa88fc571a19ac73114fbc1f701e1f1587f7f38151d5a63acabf6c8e083ae570faee34301fd4656ea89cda4b8c67ade3c156bcb5f8a6778efcbc3ce5400e609fd00"/147, 0xfffffffffffffc40) vmsplice(r2, &(0x7f0000001800)=[{&(0x7f0000000240)="5df5e9573fee6426ff21a1a5", 0xc}, {&(0x7f0000001400)="d5b0523b91a8b2a061f1a9e4a75b63a51d8acae339ee33e6388c78aaa0f47c81c7427baec24baec8aa3cded0f50f32dd4348fd08b46fd32201d73d4a5b731f32e3e5a910daca212482392f33aeebd451b9ca5e3efe7816e883f19161ad4ed6f6af50c3c1fdd41d2c343dc8d979780469b1c3e1ffb63a0363e34cb6af59cc37e7de4f99416297b3b93b55259d95a138dae9dc96d29de2ca5202b19789e22358062ca77681fa0e067728309815a7e0ba0760b26c1b3c48bee8ec5f4aef57c0a3e16eda5cf1ce538478de52c10d118c9cd414079a6826ff666bb1ba0b5b31a0e5b455959a764cf7beb10199a6b585ccb728", 0xf0}, {&(0x7f0000001500)="379df578831bfb3f66eed3395ffa795c1d42ff8937f5f4c39cda860beed51a52f4e9762b88598224576b45e12666db68eb84f1342401cdfbdd749f215eca2051a3fbf68f144364f1a553d018b04ed7607dd55b1f85c79b13bc4f4e47e34ed44d4428812a53c594844fd7a678a540fee38b2c87be5d0f8b322277d2636ae53781d25830ed66661e6e7c765f2218f524a108d435b7344593a9197d10abecd25154947fb49454371448c178aab54ed783e2b608714dc19c58c68e87048e17073699ae1f0d44a37b755abb62", 0xca}, {&(0x7f0000001600)="698ee9c2e4da6d43fa61a395f05a081778fd02b25afacc43aa15a820dacec4fed8dceac77da9470b469d60232fd7533ea0d4fc1eed7d98f6f190a22426d504dce7489b35d0c1ba23b4af1cd705afabf0ceb91c749682998c42ae2488ebed6a26409bf6248df9187d8228139e8f1dfacc7899c477c8e1e71e5d50b53d8eaa358104e04c1705696b4e2d42a217f6681553da9022a1a8dbbb9a3961211aaa473e1d93a00fdeecdb228b456e792baa3b4c96300ae21d795f6df7ea8735d216f4532bad61e5441e06f898a344ee648ba83c6660f32d5577a858b80c83de058c9d428e", 0xe0}, {&(0x7f0000000280)="2f5ea0d8178e6748f7ac4dfc6f1835c1e12f1e59d0b32db973dd5dfa3d68caf897823d3a78e0434fd333666aaba34b8da0fce73e5190b110fd622841e667113f64490db40798cfb33ec213a9aeda6faf87a948fb49bdde27434687dd80e51756f62d", 0x62}, {&(0x7f0000001700)="268aa54a04e1dc648e5363d77d8fa9a683fe9e7497a89119cb2aaaebc81bfb78de04bb361487c17f2edb041c24f364ca378d84453e74d14f61130f106e8792e8b703063b0946d3a43fcf18e90d7ded86496ca890ea30c810cc37ad65a03113b08efdfdfca0b5361438e595f85418637b0e69c6e5718b62b27198f6660fae836fc5e664a97237531d4bfe04e03aae1a3cfc94e94234a4598b3ec17002b1972d1f531f402d53d48091621ec18bb189f49eab12b6209d25f33c6dfcc1ee68ee7c69", 0xc0}, {}], 0x7, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x3, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) open(0x0, 0x141042, 0x0) connect$inet(r4, &(0x7f0000000140)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(r0, &(0x7f00000000c0)='net/if_inet6\x00') preadv(r6, &(0x7f0000000500), 0x37d, 0x0) setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000200)={@ipv4={[], [], @broadcast}}, 0x14) [ 3321.895465][ T923] syz-executor.5 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3321.908324][ T923] CPU: 1 PID: 923 Comm: syz-executor.5 Tainted: G B 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3321.919713][ T923] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3321.929955][ T923] Call Trace: [ 3321.933250][ T923] dump_stack+0x14a/0x1ce [ 3321.937585][ T923] ? devkmsg_release+0x11c/0x11c [ 3321.942521][ T923] ? show_regs_print_info+0x12/0x12 [ 3321.947718][ T923] ? radix_tree_cpu_dead+0x160/0x160 [ 3321.953020][ T923] ? _raw_spin_lock+0xa1/0x170 [ 3321.957785][ T923] ? _raw_spin_trylock_bh+0x190/0x190 [ 3321.963157][ T923] dump_header+0xdb/0x700 [ 3321.967504][ T923] oom_kill_process+0xd3/0x280 [ 3321.972313][ T923] out_of_memory+0x5b6/0x890 [ 3321.976915][ T923] ? unregister_oom_notifier+0x20/0x20 [ 3321.982376][ T923] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3321.987947][ T923] ? get_page_from_freelist+0x7c0/0x7c0 [ 3321.993497][ T923] ? __zone_watermark_ok+0x91/0x280 [ 3321.998889][ T923] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3322.004263][ T923] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3322.009827][ T923] ? copy_process+0x5a4/0x5110 [ 3322.014613][ T923] ? kmem_cache_alloc+0x1d5/0x260 [ 3322.019933][ T923] copy_process+0x5f3/0x5110 [ 3322.024535][ T923] ? get_mem_cgroup_from_mm+0x27b/0x2c0 [ 3322.030080][ T923] ? _raw_spin_lock+0xa1/0x170 [ 3322.035280][ T923] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 3322.041099][ T923] ? fork_idle+0x290/0x290 [ 3322.045518][ T923] ? _raw_spin_unlock+0x5/0x20 [ 3322.050280][ T923] ? handle_mm_fault+0xb16/0x40a0 [ 3322.055305][ T923] _do_fork+0x196/0x920 [ 3322.059463][ T923] ? dup_mm+0x300/0x300 [ 3322.063625][ T923] ? do_mmap+0x9ad/0x1060 [ 3322.067952][ T923] __x64_sys_clone+0x25f/0x2c0 [ 3322.072717][ T923] ? __ia32_sys_vfork+0x110/0x110 [ 3322.077754][ T923] ? do_user_addr_fault+0x55c/0x9f0 [ 3322.083163][ T923] do_syscall_64+0xcb/0x150 [ 3322.088201][ T923] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3322.094089][ T923] RIP: 0033:0x45f1f9 [ 3322.097979][ T923] Code: Bad RIP value. [ 3322.102026][ T923] RSP: 002b:00007ffc86121e48 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 3322.110605][ T923] RAX: ffffffffffffffda RBX: 00007f0c79517700 RCX: 000000000045f1f9 [ 3322.118592][ T923] RDX: 00007f0c795179d0 RSI: 00007f0c79516db0 RDI: 00000000003d0f00 [ 3322.126573][ T923] RBP: 00007ffc86122070 R08: 00007f0c79517700 R09: 00007f0c79517700 [ 3322.134555][ T923] R10: 00007f0c795179d0 R11: 0000000000000202 R12: 0000000000000000 [ 3322.142522][ T923] R13: 00007ffc86121eff R14: 00007f0c795179c0 R15: 000000000078c04c [ 3322.182497][ T923] Mem-Info: [ 3322.217236][ T923] active_anon:1408553 inactive_anon:10799 isolated_anon:0 [ 3322.217236][ T923] active_file:111 inactive_file:235 isolated_file:37 [ 3322.217236][ T923] unevictable:0 dirty:0 writeback:0 unstable:0 [ 3322.217236][ T923] slab_reclaimable:10203 slab_unreclaimable:91701 [ 3322.217236][ T923] mapped:56917 shmem:14896 pagetables:31765 bounce:0 [ 3322.217236][ T923] free:9241 free_pcp:346 free_cma:0 [ 3322.255205][ T923] Node 0 active_anon:5634212kB inactive_anon:43196kB active_file:580kB inactive_file:640kB unevictable:0kB isolated(anon):0kB isolated(file):20kB mapped:227668kB dirty:0kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 3322.289317][ T923] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 3322.388048][ T923] lowmem_reserve[]: 0 2912 6416 6416 [ 3322.393554][ T923] DMA32 free:17020kB min:4644kB low:7624kB high:10604kB active_anon:2801600kB inactive_anon:2724kB active_file:0kB inactive_file:428kB unevictable:0kB writepending:0kB present:3129332kB managed:2983764kB mlocked:0kB kernel_stack:11328kB pagetables:23328kB bounce:0kB free_pcp:592kB local_pcp:276kB free_cma:0kB [ 3322.423035][ T923] lowmem_reserve[]: 0 0 3504 3504 [ 3322.428197][ T923] Normal free:3724kB min:5592kB low:9180kB high:12768kB active_anon:2832648kB inactive_anon:40472kB active_file:0kB inactive_file:560kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:27936kB pagetables:103732kB bounce:0kB free_pcp:732kB local_pcp:248kB free_cma:0kB [ 3322.457815][ T923] lowmem_reserve[]: 0 0 0 0 [ 3322.462316][ T923] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 3322.475778][ T923] DMA32: 115*4kB (UEH) 272*8kB (UMEH) 694*16kB (UMEH) 90*32kB (UEH) 8*64kB (UME) 0*128kB 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17388kB [ 3322.490572][ T923] Normal: 246*4kB (UME) 80*8kB (UE) 6*16kB (E) 24*32kB (UME) 12*64kB (M) 1*128kB (M) 1*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 3640kB [ 3322.505204][ T923] 14938 total pagecache pages [ 3322.509880][ T923] 0 pages in swap cache [ 3322.514058][ T923] Swap cache stats: add 0, delete 0, find 0/0 [ 3322.520123][ T923] Free swap = 0kB [ 3322.523948][ T923] Total swap = 0kB [ 3322.527644][ T923] 1965979 pages RAM [ 3322.531425][ T923] 0 pages HighMem/MovableOnly [ 3322.536103][ T923] 318830 pages reserved [ 3322.540249][ T923] 0 pages cma reserved [ 3322.544330][ T923] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=840,uid=0 [ 3322.558301][ T923] Out of memory: Killed process 840 (syz-executor.0) total-vm:75496kB, anon-rss:16580kB, file-rss:34628kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 3322.576080][ T23] oom_reaper: reaped process 840 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 01:20:54 executing program 2: r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x3, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:54 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000100)="44b537566a878e86867db6ec1c8bad47ee0af1b3c1de6226eccf8700bfd2d550712f59b91d7dbe2200000000000000", 0x2f}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$KDSETMODE(r5, 0x4b3a, 0x0) 01:20:54 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write(0xffffffffffffffff, &(0x7f0000000340)="02f726b5b85fcf9c683a13dc46b986a11eb2b1ce4a0f3426f2a38d3476d4b760073ae703fb47bf547ab14952f90b5f01b61010a70320b4047dc02b1a20ed0f778f992b01bbf281aade9d10c0dc9218a8bb1a05e92ba1439bf967c053f101ecabde01de367a298b9e4ef3b60eadc7c12e72f9fa704bb10000e9e92baaf0925029533fd08b22d544677bbf395dcac9047dca667e2fc136fff9909c54eb0892ea74a6b59bec7d1fa3fec6c0ff446fa4b070164d1d0e24eb39c8674dacaaa32221e7d343602881ca151c67589081d2c56bd9d365a7ed0f1c76403a78", 0xda) preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:54 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:54 executing program 5: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) getpid() socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r2) fcntl$dupfd(r2, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r3, &(0x7f0000000500), 0x37d, 0x0) 01:20:54 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) 01:20:54 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) 01:20:54 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0) [ 3323.300591][ T986] syz-executor.5 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 3323.323404][ T986] CPU: 0 PID: 986 Comm: syz-executor.5 Tainted: G B 5.4.35-syzkaller-00725-g7f84f8f18418 #0 [ 3323.334794][ T986] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 3323.344857][ T986] Call Trace: [ 3323.352241][ T986] dump_stack+0x14a/0x1ce [ 3323.356580][ T986] ? devkmsg_release+0x11c/0x11c [ 3323.361529][ T986] ? show_regs_print_info+0x12/0x12 [ 3323.366760][ T986] ? radix_tree_cpu_dead+0x160/0x160 [ 3323.372054][ T986] ? _raw_spin_lock+0xa1/0x170 [ 3323.376957][ T986] ? _raw_spin_trylock_bh+0x190/0x190 [ 3323.382361][ T986] dump_header+0xdb/0x700 [ 3323.386718][ T986] oom_kill_process+0xd3/0x280 [ 3323.391507][ T986] out_of_memory+0x5b6/0x890 [ 3323.396113][ T986] ? unregister_oom_notifier+0x20/0x20 [ 3323.401581][ T986] __alloc_pages_slowpath+0x16c2/0x1e50 [ 3323.407250][ T986] ? get_page_from_freelist+0x7c0/0x7c0 [ 3323.412812][ T986] ? __zone_watermark_ok+0x91/0x280 [ 3323.418024][ T986] __alloc_pages_nodemask+0x5cb/0x7c0 [ 3323.423401][ T986] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 3323.428947][ T986] ? __should_failslab+0x1/0x150 [ 3323.433905][ T986] ? copy_process+0x5a4/0x5110 [ 3323.438673][ T986] ? kmem_cache_alloc+0x1d5/0x260 [ 3323.443702][ T986] copy_process+0x5f3/0x5110 [ 3323.448450][ T986] ? preempt_schedule+0x110/0x130 [ 3323.453508][ T986] ? fork_idle+0x290/0x290 [ 3323.458283][ T986] ? ___preempt_schedule+0x16/0x20 [ 3323.463391][ T986] ? _raw_spin_unlock+0x16/0x20 [ 3323.468239][ T986] ? handle_mm_fault+0xb16/0x40a0 [ 3323.473268][ T986] _do_fork+0x196/0x920 [ 3323.477434][ T986] ? dup_mm+0x300/0x300 [ 3323.481594][ T986] __x64_sys_clone+0x25f/0x2c0 [ 3323.486360][ T986] ? __ia32_sys_vfork+0x110/0x110 [ 3323.491380][ T986] ? __fpregs_load_activate+0x2d3/0x390 [ 3323.497794][ T986] ? do_user_addr_fault+0x55c/0x9f0 [ 3323.502986][ T986] do_syscall_64+0xcb/0x150 [ 3323.507490][ T986] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 3323.513980][ T986] RIP: 0033:0x45f1f9 [ 3323.517863][ T986] Code: ff 48 85 f6 0f 84 37 8d fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 0e 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 3323.537459][ T986] RSP: 002b:00007ffc86121e48 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 3323.545888][ T986] RAX: ffffffffffffffda RBX: 00007f0c794f6700 RCX: 000000000045f1f9 [ 3323.553853][ T986] RDX: 00007f0c794f69d0 RSI: 00007f0c794f5db0 RDI: 00000000003d0f00 [ 3323.561894][ T986] RBP: 00007ffc86122070 R08: 00007f0c794f6700 R09: 00007f0c794f6700 [ 3323.569883][ T986] R10: 00007f0c794f69d0 R11: 0000000000000202 R12: 0000000000000000 [ 3323.577866][ T986] R13: 00007ffc86121eff R14: 00007f0c794f69c0 R15: 000000000078c0ec 01:20:55 executing program 2: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write(0xffffffffffffffff, &(0x7f0000000340)="02f726b5b85fcf9c683a13dc46b986a11eb2b1ce4a0f3426f2a38d3476d4b760073ae703fb47bf547ab14952f90b5f01b61010a70320b4047dc02b1a20ed0f778f992b01bbf281aade9d10c0dc9218a8bb1a05e92ba1439bf967c053f101ecabde01de367a298b9e4ef3b60eadc7c12e72f9fa704bb10000e9e92baaf0925029533fd08b22d544677bbf395dcac9047dca667e2fc136fff9909c54eb0892ea74a6b59bec7d1fa3fec6c0ff446fa4b070164d1d0e24eb39c8674dacaaa32221e7d343602881ca151c67589081d2c56bd9d365a7ed0f1c76403a78", 0xda) preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) [ 3323.768961][ T986] Mem-Info: [ 3323.779296][ T986] active_anon:1402456 inactive_anon:10799 isolated_anon:0 [ 3323.779296][ T986] active_file:474 inactive_file:1107 isolated_file:58 [ 3323.779296][ T986] unevictable:0 dirty:8 writeback:0 unstable:0 [ 3323.779296][ T986] slab_reclaimable:10193 slab_unreclaimable:91982 [ 3323.779296][ T986] mapped:57734 shmem:14896 pagetables:31793 bounce:0 01:20:55 executing program 4: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x3, 0x7) recvmmsg(r1, &(0x7f0000001c40)=[{{0x0, 0x0, 0x0}, 0x1}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) open(0x0, 0x141042, 0x0) ioctl$TUNGETIFF(r3, 0x800454d2, &(0x7f0000001600)) socket$key(0xf, 0x3, 0x2) r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) socketpair$unix(0xa, 0x1, 0x0, &(0x7f0000000140)) r5 = dup(0xffffffffffffffff) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x0) vmsplice(r5, &(0x7f00000000c0), 0x100001eb, 0xd) ioctl$PPPIOCATTACH(r5, 0x4004743d, &(0x7f0000000100)=0x4) 01:20:55 executing program 1: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, 0x0, 0x0) socket$inet6(0xa, 0x3, 0x7) pipe(&(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3, 0x0, 0x4}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(r3) fcntl$dupfd(r3, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) socket$key(0xf, 0x3, 0x2) clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r4, &(0x7f0000000500), 0x37d, 0x0) [ 3323.779296][ T986] free:13161 free_pcp:698 free_cma:0 [ 3323.836746][ T986] Node 0 active_anon:5609724kB inactive_anon:43196kB active_file:2496kB inactive_file:9028kB unevictable:0kB isolated(anon):0kB isolated(file):100kB mapped:234536kB dirty:132kB writeback:0kB shmem:59584kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 01:20:55 executing program 3: prlimit64(0x0, 0xe, &(0x7f00000001c0)={0x9, 0x400000008d}, 0x0) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9}, 0x0) socket$inet6(0xa, 0x0, 0x7) recvmmsg(0xffffffffffffffff, &(0x7f0000001c40), 0x0, 0x20, 0x0) pipe(&(0x7f0000000300)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x2, 0x1, 0x0, 0x3}, 0x0) connect$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10) recvmsg(0xffffffffffffffff, &(0x7f0000001580)={0x0, 0x0, &(0x7f0000001500)=[{&(0x7f0000000200)=""/161, 0xa1}, {&(0x7f0000000180)=""/14, 0xe}, {&(0x7f0000000340)=""/91, 0x5b}, {&(0x7f00000015c0)=""/80, 0x50}, {&(0x7f0000000440)=""/177, 0xb1}, {&(0x7f00000002c0)}, {&(0x7f0000000500)=""/4096, 0x1000}], 0x7}, 0x0) dup(0xffffffffffffffff) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) setsockopt$IP_VS_SO_SET_ADD(0xffffffffffffffff, 0x0, 0x482, &(0x7f0000000100)={0x62, @private=0xa010101, 0x4e23, 0x2, 'sed\x00', 0x0, 0x8, 0x6c}, 0x2c) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/netlink\x00') preadv(r2, &(0x7f0000000500), 0x37d, 0x0)