e-rss:34816kB, shmem-rss:0kB 06:28:30 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xc235010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:30 executing program 0: 06:28:30 executing program 1: 06:28:30 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xdb, 0x0) 06:28:30 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") getsockopt$inet_udp_int(r0, 0x11, 0x0, &(0x7f0000000140), &(0x7f0000000380)=0x4) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") ioctl$sock_netdev_private(r2, 0x89f7, &(0x7f0000000280)="13242bcb7092cfbf312de01cbcf66fbdf80accd252ce90eb4ca89310e51eb8982bdd24f2dd9956045d9ce0ca0482801a48bc6b7d872e9a3e7a181cd196d1b770c57c362865da810c19ae173363680e31dcff5492a88253dca7021de9b7db134fb1eac013b14fba3743a5ecc62a82e99675d17a15971db5c35800560ca92ac422a3dfda8f6946f8d916146323988c83f64e588e9615c5a3ee650f0a2fd7105b7b96cc81186100e9def9cb80d0f3d888fb7587c3a93cdf4eab1f6ef77c67447828e1dbd2e58021c43839f50895a1af7cd1f8fcd58901ade6c23db41eb4ce6f8abd239e546c222776819906eb5e") r3 = socket$isdn(0x22, 0x3, 0x4) shutdown(r3, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="090000006f020063c6a9ddfbd7a900004583e08a1dc97ba8276dd12102000000000000008bf2ae0c9d67d443818030da6b31ec3fca6be8ec05cd91cde833d951368827310c8ad17696c6cf70060219a44129770d1dea1d814628819b30053ac328b5631034fc7beb20a3a96ebc3f2f055293c4ee9ff9cdb456e95e03a60d60369584e3dcb5243c751ce1b7e0319a013cb311eebc8e5cd261adeff68658b50787d97c115b372cc181fb57c6cfdf14c69874da47b9fc80a5cff54c6894bdc7d9c6af8786814a2cf90e0f66fb351dbd5057ddc6b3a37004a6c0bf5a9760d3e4dbab231808ea95a26bc4d2a4af7cca7e5ff62d4196601b474ecf2a3178c61b8b327d9f0476000000a87bd569e2066434fa66a4dff4fa7b"], 0x9) r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r4, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 658.174579][T21013] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 658.223373][T21013] CPU: 1 PID: 21013 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 658.232512][T21013] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 658.242573][T21013] Call Trace: [ 658.245876][T21013] dump_stack+0x172/0x1f0 [ 658.250213][T21013] dump_header+0x177/0x1152 [ 658.254724][T21013] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 658.260527][T21013] ? ___ratelimit+0x2c8/0x595 [ 658.265188][T21013] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 658.270981][T21013] ? lockdep_hardirqs_on+0x418/0x5d0 [ 658.276247][T21013] ? trace_hardirqs_on+0x67/0x240 [ 658.281274][T21013] ? pagefault_out_of_memory+0x11c/0x11c [ 658.286889][T21013] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 658.292677][T21013] ? ___ratelimit+0x60/0x595 [ 658.297248][T21013] ? do_raw_spin_unlock+0x57/0x270 [ 658.302352][T21013] oom_kill_process.cold+0x10/0x15 [ 658.307455][T21013] out_of_memory+0x334/0x1340 [ 658.312121][T21013] ? lock_downgrade+0x920/0x920 [ 658.316956][T21013] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 658.322748][T21013] ? oom_killer_disable+0x280/0x280 [ 658.327954][T21013] mem_cgroup_out_of_memory+0x1d8/0x240 [ 658.333485][T21013] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 658.339209][T21013] ? do_raw_spin_unlock+0x57/0x270 [ 658.344302][T21013] ? _raw_spin_unlock+0x2d/0x50 [ 658.349147][T21013] try_charge+0xf4b/0x1440 [ 658.353563][T21013] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 658.359110][T21013] ? percpu_ref_tryget_live+0x111/0x290 [ 658.364639][T21013] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 658.370862][T21013] ? __kasan_check_read+0x11/0x20 [ 658.375870][T21013] ? get_mem_cgroup_from_mm+0x156/0x320 [ 658.381398][T21013] mem_cgroup_try_charge+0x136/0x590 [ 658.386662][T21013] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 658.392888][T21013] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 658.398505][T21013] __handle_mm_fault+0x1e34/0x3f20 [ 658.403603][T21013] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 658.409136][T21013] ? __kasan_check_read+0x11/0x20 [ 658.414148][T21013] handle_mm_fault+0x1b5/0x6c0 [ 658.418908][T21013] __get_user_pages+0x7d4/0x1b30 [ 658.423836][T21013] ? mark_held_locks+0xf0/0xf0 [ 658.428592][T21013] ? follow_page_mask+0x1cf0/0x1cf0 [ 658.433770][T21013] ? __mm_populate+0x270/0x380 [ 658.438518][T21013] ? memset+0x32/0x40 [ 658.442489][T21013] populate_vma_page_range+0x20d/0x2a0 [ 658.447949][T21013] __mm_populate+0x204/0x380 [ 658.452556][T21013] ? populate_vma_page_range+0x2a0/0x2a0 [ 658.458192][T21013] ? __kasan_check_write+0x14/0x20 [ 658.463301][T21013] ? up_write+0x155/0x490 [ 658.467628][T21013] __x64_sys_mremap+0x7dc/0xb80 [ 658.472471][T21013] ? mremap_to+0x750/0x750 [ 658.476879][T21013] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 658.482339][T21013] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 658.487783][T21013] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 658.493827][T21013] ? do_syscall_64+0x26/0x760 [ 658.498488][T21013] ? lockdep_hardirqs_on+0x418/0x5d0 [ 658.503767][T21013] ? trace_hardirqs_on+0x67/0x240 [ 658.508775][T21013] do_syscall_64+0xfa/0x760 [ 658.513264][T21013] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 658.519136][T21013] RIP: 0033:0x459879 [ 658.523014][T21013] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 658.542597][T21013] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 658.550991][T21013] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 658.558946][T21013] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 658.566898][T21013] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 06:28:30 executing program 0: 06:28:30 executing program 1: r0 = socket$netlink(0x10, 0x3, 0xc) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x2, &(0x7f0000000040)="93b7bdbf59885029e0ff6c3ab0401214e8f684423a516e5e31d7b501a228efb1859ac45efa6fce87d62fb93e96ef36f6d48c4fce2dfaffb675b29c3c6df80d8064470ccd79c12f4ad226516ec6447a07c0d667b9ce1b71d678490f6765dd42b0ab10b5291efd23425aad6b0d8368f6fe547e4273dddae8cadafc880c15b1413c2f424fd1745a386d3164df8bd07e731291cee048983a9352b439e4b153f6e489129726d0c246389c89113c300f6b57ab57504087bab5", 0xb6) lsetxattr(&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=@known='trusted.overlay.opaque\x00', &(0x7f00000001c0)='em0\'\x00', 0x5, 0x2) write$char_usb(0xffffffffffffffff, &(0x7f0000000600)="6f7307316cbb1c69fa97a2feae9664d64c44053bc47f5108968ccd582b635783c5a25264048697a0eed440151916b62baf5a3c59fa79f5aebe108d6e87ab882423b1a2503fb3dab65e118c5d4f78f90df2143cac1fd75294821701294060008dae6d780e04d5f916fb3c4272c40980950f3f14e6a4df6f7a47c4d6f777d02ba834b85f43fad8015ec130e1fe48e3b0c108a48a944b", 0x95) writev(0xffffffffffffffff, &(0x7f0000fb5ff0)=[{&(0x7f0000fb4000)="1f00000002031900000007000000068100023b0509000100010100ff", 0x1c}], 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000340)={0x0, 0x0}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000570600000fff07006706000002000000070600000ee60000bf2500000000000063350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad32010000000000950000000000000005000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) fdatasync(0xffffffffffffffff) r2 = socket(0x0, 0x0, 0x9) dup3(r1, 0xffffffffffffffff, 0x0) fdatasync(0xffffffffffffffff) flistxattr(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000ac0)={0xffffffffffffffff, 0x0, &(0x7f0000000a40)=""/80}, 0x18) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x0, &(0x7f0000000940)=ANY=[], &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70) setsockopt$inet_udp_encap(r2, 0x11, 0x64, &(0x7f0000000580)=0x5, 0x4) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') setsockopt$netlink_NETLINK_PKTINFO(r0, 0x10e, 0x3, &(0x7f0000000400), 0x4) r3 = socket$inet6(0xa, 0x802, 0x0) sendmmsg(r3, &(0x7f0000005040), 0x15f, 0x0) sendmmsg$inet(r3, &(0x7f00000005c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) r4 = accept4$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @local}, &(0x7f0000000380)=0x1c, 0x80000) sendto$inet6(r4, &(0x7f00000004c0)="02c08cb5c6ef098029ef8370403d2fc8b9eac24eb067882a78047503c7a21e04d3026e17d032f1cee9359359bcf6d26d5a67471afe0aa0c8513740e49fb20cc1946d3ff39b88b61936834c03a0138cd2ea8790fd96b3913cf7d42271fbfa420ed3bc4ce6a46cab4e00994d62cdc7117770e7614ee1481cbbc12b751022067ebe8151b6645aaa1f90fc529d7758314293f2306dff07", 0x95, 0x4, &(0x7f00000003c0)={0xa, 0x4e22, 0x2, @remote, 0x100}, 0x1c) sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, 0x0, 0x0) [ 658.574851][T21013] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 658.582803][T21013] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 658.608886][T21013] memory: usage 307200kB, limit 307200kB, failcnt 4285 [ 658.620222][T21013] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 658.641783][T21013] Memory cgroup stats for /syz3: [ 658.641897][T21013] anon 304680960 [ 658.641897][T21013] file 0 [ 658.641897][T21013] kernel_stack 917504 [ 658.641897][T21013] slab 4476928 [ 658.641897][T21013] sock 0 [ 658.641897][T21013] shmem 0 [ 658.641897][T21013] file_mapped 0 [ 658.641897][T21013] file_dirty 0 [ 658.641897][T21013] file_writeback 0 [ 658.641897][T21013] anon_thp 216006656 [ 658.641897][T21013] inactive_anon 248512512 [ 658.641897][T21013] active_anon 18161664 [ 658.641897][T21013] inactive_file 0 [ 658.641897][T21013] active_file 0 [ 658.641897][T21013] unevictable 37965824 [ 658.641897][T21013] slab_reclaimable 1351680 [ 658.641897][T21013] slab_unreclaimable 3125248 [ 658.641897][T21013] pgfault 667689 [ 658.641897][T21013] pgmajfault 0 [ 658.641897][T21013] workingset_refault 99 [ 658.641897][T21013] workingset_activate 66 [ 658.641897][T21013] workingset_nodereclaim 0 [ 658.641897][T21013] pgrefill 496 [ 658.641897][T21013] pgscan 531 [ 658.641897][T21013] pgsteal 99 [ 658.666220][T21013] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21010,uid=0 [ 658.791276][T21013] Memory cgroup out of memory: Killed process 21010 (syz-executor.3) total-vm:72700kB, anon-rss:14524kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 658.828528][ T1065] oom_reaper: reaped process 21010 (syz-executor.3), now anon-rss:14516kB, file-rss:54332kB, shmem-rss:0kB [ 658.929832][T21050] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 658.946852][T21050] CPU: 1 PID: 21050 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 658.956066][T21050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 658.966118][T21050] Call Trace: [ 658.969415][T21050] dump_stack+0x172/0x1f0 [ 658.973754][T21050] dump_header+0x177/0x1152 [ 658.978260][T21050] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 658.984064][T21050] ? ___ratelimit+0x2c8/0x595 [ 658.988742][T21050] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 658.994552][T21050] ? lockdep_hardirqs_on+0x418/0x5d0 [ 658.999842][T21050] ? trace_hardirqs_on+0x67/0x240 [ 659.004865][T21050] ? pagefault_out_of_memory+0x11c/0x11c [ 659.010509][T21050] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 659.016316][T21050] ? ___ratelimit+0x60/0x595 [ 659.020992][T21050] ? do_raw_spin_unlock+0x57/0x270 [ 659.026110][T21050] oom_kill_process.cold+0x10/0x15 [ 659.031229][T21050] out_of_memory+0x334/0x1340 [ 659.035912][T21050] ? lock_downgrade+0x920/0x920 [ 659.040770][T21050] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 659.046580][T21050] ? oom_killer_disable+0x280/0x280 [ 659.051788][T21050] mem_cgroup_out_of_memory+0x1d8/0x240 [ 659.057343][T21050] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 659.062984][T21050] ? do_raw_spin_unlock+0x57/0x270 [ 659.068097][T21050] ? _raw_spin_unlock+0x2d/0x50 [ 659.072953][T21050] try_charge+0xf4b/0x1440 [ 659.077384][T21050] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 659.082926][T21050] ? percpu_ref_tryget_live+0x111/0x290 [ 659.088487][T21050] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 659.094737][T21050] ? __kasan_check_read+0x11/0x20 [ 659.099771][T21050] ? get_mem_cgroup_from_mm+0x156/0x320 [ 659.105332][T21050] mem_cgroup_try_charge+0x136/0x590 [ 659.110627][T21050] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 659.116874][T21050] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 659.122515][T21050] __handle_mm_fault+0x1e34/0x3f20 [ 659.127630][T21050] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 659.133192][T21050] ? __kasan_check_read+0x11/0x20 [ 659.138227][T21050] handle_mm_fault+0x1b5/0x6c0 [ 659.142996][T21050] __get_user_pages+0x7d4/0x1b30 [ 659.147938][T21050] ? mark_held_locks+0xf0/0xf0 [ 659.152717][T21050] ? follow_page_mask+0x1cf0/0x1cf0 [ 659.157908][T21050] ? __mm_populate+0x270/0x380 [ 659.162679][T21050] ? __kasan_check_write+0x14/0x20 [ 659.167798][T21050] ? down_read+0x109/0x430 [ 659.172218][T21050] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 659.178470][T21050] populate_vma_page_range+0x20d/0x2a0 [ 659.183935][T21050] __mm_populate+0x204/0x380 [ 659.188529][T21050] ? populate_vma_page_range+0x2a0/0x2a0 [ 659.194156][T21050] ? __kasan_check_write+0x14/0x20 [ 659.199261][T21050] ? up_write+0x155/0x490 [ 659.203593][T21050] ? ns_capable_common+0x93/0x100 [ 659.208622][T21050] __x64_sys_mlockall+0x473/0x520 [ 659.213646][T21050] do_syscall_64+0xfa/0x760 [ 659.218152][T21050] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 659.224031][T21050] RIP: 0033:0x459879 [ 659.227923][T21050] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 659.247519][T21050] RSP: 002b:00007fe89ccc6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 659.255926][T21050] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 659.263889][T21050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 659.271855][T21050] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000 [ 659.279818][T21050] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89ccc76d4 [ 659.287780][T21050] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 659.318631][T21050] memory: usage 307200kB, limit 307200kB, failcnt 5005 [ 659.355627][T21050] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 659.365014][T21050] Memory cgroup stats for /syz2: [ 659.365124][T21050] anon 305127424 [ 659.365124][T21050] file 28672 [ 659.365124][T21050] kernel_stack 983040 [ 659.365124][T21050] slab 4280320 [ 659.365124][T21050] sock 0 [ 659.365124][T21050] shmem 0 [ 659.365124][T21050] file_mapped 0 [ 659.365124][T21050] file_dirty 0 [ 659.365124][T21050] file_writeback 0 [ 659.365124][T21050] anon_thp 220200960 [ 659.365124][T21050] inactive_anon 261046272 [ 659.365124][T21050] active_anon 11849728 [ 659.365124][T21050] inactive_file 0 [ 659.365124][T21050] active_file 0 [ 659.365124][T21050] unevictable 32473088 [ 659.365124][T21050] slab_reclaimable 1216512 [ 659.365124][T21050] slab_unreclaimable 3063808 [ 659.365124][T21050] pgfault 688479 [ 659.365124][T21050] pgmajfault 0 [ 659.365124][T21050] workingset_refault 165 [ 659.365124][T21050] workingset_activate 66 [ 659.365124][T21050] workingset_nodereclaim 0 [ 659.365124][T21050] pgrefill 1334 [ 659.365124][T21050] pgscan 1561 06:28:31 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='\x00\x04\x00\x00\x00\a\x00\x01\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) r3 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/btrfs-control\x00', 0xb7bb956c916382ce, 0x0) fcntl$getown(r3, 0x9) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:28:31 executing program 0: mlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000) read(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x100000000, @multicast1}, 0x10) pivot_root(0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000940)={0x0, 0x70, 0x40, 0x7f, 0xb245, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e, 0x0, 0x9, 0x0, 0xfffffffffffffffa, 0x0, 0x0, 0x7, 0x0, 0xea53, 0x0, 0x2e9, 0x3, 0x3, 0x0, 0x0, 0x7, 0x0, 0x800, 0xfffffffffffffffe, 0x1, 0xc000000000, 0x1, 0x8, 0x0, 0x7fff, 0x0, 0x80000000, 0x0, 0x151a, 0x1, @perf_bp={&(0x7f0000000080), 0x6}, 0x88, 0x6, 0x8, 0x0, 0x7, 0x8, 0x1}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x2) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) 06:28:31 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xdc, 0x0) 06:28:31 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xc335010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 659.365124][T21050] pgsteal 198 06:28:31 executing program 1: mlock(&(0x7f0000ffe000/0x2000)=nil, 0x2000) read(0xffffffffffffffff, 0x0, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000140)={0x2, 0x0, @local}, 0x10) connect$inet(r0, &(0x7f0000000480)={0x2, 0x100000000, @multicast1}, 0x10) pivot_root(0x0, 0x0) perf_event_open$cgroup(&(0x7f0000000940)={0x0, 0x70, 0x40, 0x7f, 0xb245, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4e, 0x0, 0x9, 0x0, 0xfffffffffffffffa, 0x0, 0x0, 0x0, 0x9, 0xea53, 0x0, 0x2e9, 0x3, 0x3, 0x1aa64f8b, 0x3, 0x7, 0x8001, 0x800, 0xfffffffffffffffe, 0x1, 0xc000000000, 0x1, 0x8, 0x9, 0x7fff, 0x0, 0x80000000, 0x0, 0x151a, 0x1, @perf_bp={&(0x7f0000000080), 0x6}, 0x88, 0x6, 0x8, 0x0, 0x7, 0x8, 0x1}, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x2) sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0) 06:28:31 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xc435010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 659.708769][T21050] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21020,uid=0 [ 659.747781][T21050] Memory cgroup out of memory: Killed process 21020 (syz-executor.2) total-vm:72840kB, anon-rss:18356kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 06:28:31 executing program 0: syz_emit_ethernet(0x4a, &(0x7f0000001300)={@local, @random="192bce5e2dfb", [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x2b, 0x0, @local={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd]}, @local, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) 06:28:31 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xc535010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 659.842225][T21069] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 659.870435][T21069] CPU: 0 PID: 21069 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 659.879574][T21069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 659.889636][T21069] Call Trace: [ 659.892936][T21069] dump_stack+0x172/0x1f0 [ 659.897276][T21069] dump_header+0x177/0x1152 [ 659.902574][T21069] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 659.908389][T21069] ? ___ratelimit+0x2c8/0x595 [ 659.913077][T21069] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 659.918880][T21069] ? lockdep_hardirqs_on+0x418/0x5d0 [ 659.918897][T21069] ? trace_hardirqs_on+0x67/0x240 [ 659.918916][T21069] ? pagefault_out_of_memory+0x11c/0x11c [ 659.918933][T21069] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 659.918954][T21069] ? ___ratelimit+0x60/0x595 [ 659.929225][T21069] ? do_raw_spin_unlock+0x57/0x270 [ 659.929246][T21069] oom_kill_process.cold+0x10/0x15 [ 659.929268][T21069] out_of_memory+0x334/0x1340 [ 659.929287][T21069] ? lock_downgrade+0x920/0x920 [ 659.945267][T21069] ? oom_killer_disable+0x280/0x280 [ 659.945297][T21069] mem_cgroup_out_of_memory+0x1d8/0x240 [ 659.945313][T21069] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 659.945333][T21069] ? do_raw_spin_unlock+0x57/0x270 [ 659.965006][T21069] ? _raw_spin_unlock+0x2d/0x50 [ 659.965029][T21069] try_charge+0xf4b/0x1440 [ 659.965054][T21069] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 659.965072][T21069] ? percpu_ref_tryget_live+0x111/0x290 [ 659.975779][T21069] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 659.975799][T21069] ? __kasan_check_read+0x11/0x20 [ 659.975821][T21069] ? get_mem_cgroup_from_mm+0x156/0x320 [ 659.975839][T21069] mem_cgroup_try_charge+0x136/0x590 [ 659.975859][T21069] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 659.986563][T21069] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 659.986585][T21069] __handle_mm_fault+0x1e34/0x3f20 [ 659.986607][T21069] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 659.986641][T21069] ? __kasan_check_read+0x11/0x20 [ 659.995878][T21069] handle_mm_fault+0x1b5/0x6c0 [ 659.995931][T21069] __get_user_pages+0x7d4/0x1b30 [ 659.995955][T21069] ? mark_held_locks+0xf0/0xf0 [ 659.995979][T21069] ? follow_page_mask+0x1cf0/0x1cf0 [ 659.995990][T21069] ? __mm_populate+0x270/0x380 [ 659.996011][T21069] ? __kasan_check_write+0x14/0x20 [ 659.996026][T21069] ? down_read+0x109/0x430 [ 659.996043][T21069] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 659.996067][T21069] populate_vma_page_range+0x20d/0x2a0 [ 660.007160][T21069] __mm_populate+0x204/0x380 [ 660.007181][T21069] ? populate_vma_page_range+0x2a0/0x2a0 [ 660.007198][T21069] ? __kasan_check_write+0x14/0x20 [ 660.007212][T21069] ? up_write+0x155/0x490 [ 660.007225][T21069] ? ns_capable_common+0x93/0x100 [ 660.007245][T21069] __x64_sys_mlockall+0x473/0x520 [ 660.018483][T21069] do_syscall_64+0xfa/0x760 [ 660.018505][T21069] entry_SYSCALL_64_after_hwframe+0x49/0xbe 06:28:32 executing program 0: syz_emit_ethernet(0x4a, &(0x7f0000001300)={@local, @random="192bce5e2dfb", [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x2b, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @local, {[], @tcp={{0x4e21, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0) [ 660.018518][T21069] RIP: 0033:0x459879 [ 660.018534][T21069] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 660.018542][T21069] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 660.018556][T21069] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 660.018564][T21069] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 660.018571][T21069] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 660.018578][T21069] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 660.018587][T21069] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 660.252234][T21069] memory: usage 307200kB, limit 307200kB, failcnt 4336 [ 660.260654][T21069] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 660.284200][T21069] Memory cgroup stats for /syz3: [ 660.284332][T21069] anon 304640000 [ 660.284332][T21069] file 0 [ 660.284332][T21069] kernel_stack 917504 [ 660.284332][T21069] slab 4476928 [ 660.284332][T21069] sock 0 [ 660.284332][T21069] shmem 0 [ 660.284332][T21069] file_mapped 0 [ 660.284332][T21069] file_dirty 0 [ 660.284332][T21069] file_writeback 0 [ 660.284332][T21069] anon_thp 216006656 [ 660.284332][T21069] inactive_anon 258785280 [ 660.284332][T21069] active_anon 18161664 [ 660.284332][T21069] inactive_file 0 [ 660.284332][T21069] active_file 0 [ 660.284332][T21069] unevictable 27828224 [ 660.284332][T21069] slab_reclaimable 1351680 [ 660.284332][T21069] slab_unreclaimable 3125248 [ 660.284332][T21069] pgfault 668976 [ 660.284332][T21069] pgmajfault 0 [ 660.284332][T21069] workingset_refault 99 [ 660.284332][T21069] workingset_activate 66 [ 660.284332][T21069] workingset_nodereclaim 0 [ 660.284332][T21069] pgrefill 496 [ 660.284332][T21069] pgscan 531 [ 660.284332][T21069] pgsteal 99 [ 660.378400][T21069] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21026,uid=0 [ 660.394052][T21069] Memory cgroup out of memory: Killed process 21026 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 660.452339][T21050] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 660.463411][ T1065] oom_reaper: reaped process 21026 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 660.495204][T21050] CPU: 1 PID: 21050 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 660.504332][T21050] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 660.514379][T21050] Call Trace: [ 660.517670][T21050] dump_stack+0x172/0x1f0 [ 660.522004][T21050] dump_header+0x177/0x1152 [ 660.526505][T21050] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 660.532309][T21050] ? ___ratelimit+0x2c8/0x595 [ 660.537853][T21050] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 660.543663][T21050] ? lockdep_hardirqs_on+0x418/0x5d0 [ 660.548947][T21050] ? trace_hardirqs_on+0x67/0x240 [ 660.553972][T21050] ? pagefault_out_of_memory+0x11c/0x11c [ 660.559601][T21050] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 660.565402][T21050] ? ___ratelimit+0x60/0x595 [ 660.569990][T21050] ? do_raw_spin_unlock+0x57/0x270 [ 660.575107][T21050] oom_kill_process.cold+0x10/0x15 [ 660.580230][T21050] out_of_memory+0x334/0x1340 [ 660.584911][T21050] ? lock_downgrade+0x920/0x920 [ 660.589803][T21050] ? oom_killer_disable+0x280/0x280 [ 660.595011][T21050] mem_cgroup_out_of_memory+0x1d8/0x240 [ 660.600557][T21050] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 660.606192][T21050] ? do_raw_spin_unlock+0x57/0x270 [ 660.611303][T21050] ? _raw_spin_unlock+0x2d/0x50 [ 660.616158][T21050] try_charge+0xf4b/0x1440 [ 660.620585][T21050] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 660.626123][T21050] ? percpu_ref_tryget_live+0x111/0x290 [ 660.631675][T21050] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 660.637915][T21050] ? __kasan_check_read+0x11/0x20 [ 660.642946][T21050] ? get_mem_cgroup_from_mm+0x156/0x320 [ 660.648497][T21050] mem_cgroup_try_charge+0x136/0x590 [ 660.653789][T21050] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 660.660035][T21050] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 660.665669][T21050] __handle_mm_fault+0x1e34/0x3f20 [ 660.670789][T21050] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 660.676348][T21050] ? __kasan_check_read+0x11/0x20 [ 660.681378][T21050] handle_mm_fault+0x1b5/0x6c0 [ 660.686146][T21050] __get_user_pages+0x7d4/0x1b30 [ 660.691082][T21050] ? mark_held_locks+0xf0/0xf0 [ 660.695856][T21050] ? follow_page_mask+0x1cf0/0x1cf0 [ 660.701049][T21050] ? __mm_populate+0x270/0x380 [ 660.705820][T21050] ? __kasan_check_write+0x14/0x20 [ 660.710930][T21050] ? down_read+0x109/0x430 [ 660.715349][T21050] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 660.721592][T21050] populate_vma_page_range+0x20d/0x2a0 [ 660.727052][T21050] __mm_populate+0x204/0x380 [ 660.731650][T21050] ? populate_vma_page_range+0x2a0/0x2a0 [ 660.737284][T21050] ? __kasan_check_write+0x14/0x20 [ 660.742394][T21050] ? up_write+0x155/0x490 [ 660.746722][T21050] ? ns_capable_common+0x93/0x100 [ 660.751757][T21050] __x64_sys_mlockall+0x473/0x520 [ 660.756801][T21050] do_syscall_64+0xfa/0x760 [ 660.761295][T21050] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 660.767172][T21050] RIP: 0033:0x459879 [ 660.771054][T21050] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 660.790638][T21050] RSP: 002b:00007fe89ccc6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 660.799029][T21050] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 660.806995][T21050] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 660.814950][T21050] RBP: 000000000075c118 R08: 0000000000000000 R09: 0000000000000000 [ 660.822914][T21050] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89ccc76d4 [ 660.830865][T21050] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 660.860283][T21050] memory: usage 307200kB, limit 307200kB, failcnt 5021 [ 660.867230][T21050] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 660.875730][T21050] Memory cgroup stats for /syz2: [ 660.875863][T21050] anon 305254400 [ 660.875863][T21050] file 28672 [ 660.875863][T21050] kernel_stack 983040 [ 660.875863][T21050] slab 4280320 [ 660.875863][T21050] sock 0 [ 660.875863][T21050] shmem 0 [ 660.875863][T21050] file_mapped 0 [ 660.875863][T21050] file_dirty 0 [ 660.875863][T21050] file_writeback 0 [ 660.875863][T21050] anon_thp 220200960 [ 660.875863][T21050] inactive_anon 252530688 [ 660.875863][T21050] active_anon 11849728 [ 660.875863][T21050] inactive_file 0 [ 660.875863][T21050] active_file 0 [ 660.875863][T21050] unevictable 41123840 [ 660.875863][T21050] slab_reclaimable 1216512 [ 660.875863][T21050] slab_unreclaimable 3063808 [ 660.875863][T21050] pgfault 690591 [ 660.875863][T21050] pgmajfault 0 [ 660.875863][T21050] workingset_refault 165 [ 660.875863][T21050] workingset_activate 66 [ 660.875863][T21050] workingset_nodereclaim 0 [ 660.875863][T21050] pgrefill 1334 [ 660.875863][T21050] pgscan 1561 [ 660.875863][T21050] pgsteal 198 [ 660.970233][T21050] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21022,uid=0 [ 660.986453][T21050] Memory cgroup out of memory: Killed process 21022 (syz-executor.2) total-vm:72832kB, anon-rss:18352kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 661.017552][T21069] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 661.022720][ T1065] oom_reaper: reaped process 21022 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 661.037360][T21069] CPU: 0 PID: 21069 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 661.048043][T21069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 661.058528][T21069] Call Trace: [ 661.061821][T21069] dump_stack+0x172/0x1f0 [ 661.066159][T21069] dump_header+0x177/0x1152 [ 661.070667][T21069] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 661.076468][T21069] ? ___ratelimit+0x2c8/0x595 [ 661.081144][T21069] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 661.087062][T21069] ? lockdep_hardirqs_on+0x418/0x5d0 [ 661.092350][T21069] ? trace_hardirqs_on+0x67/0x240 [ 661.097477][T21069] ? pagefault_out_of_memory+0x11c/0x11c [ 661.103110][T21069] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 661.108915][T21069] ? ___ratelimit+0x60/0x595 [ 661.113506][T21069] ? do_raw_spin_unlock+0x57/0x270 [ 661.118624][T21069] oom_kill_process.cold+0x10/0x15 [ 661.123736][T21069] out_of_memory+0x334/0x1340 [ 661.128413][T21069] ? lock_downgrade+0x920/0x920 [ 661.133269][T21069] ? oom_killer_disable+0x280/0x280 [ 661.138500][T21069] mem_cgroup_out_of_memory+0x1d8/0x240 [ 661.144044][T21069] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 661.149695][T21069] ? do_raw_spin_unlock+0x57/0x270 [ 661.154814][T21069] ? _raw_spin_unlock+0x2d/0x50 [ 661.159776][T21069] try_charge+0xf4b/0x1440 [ 661.164216][T21069] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 661.169788][T21069] ? percpu_ref_tryget_live+0x111/0x290 [ 661.175341][T21069] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 661.181584][T21069] ? __kasan_check_read+0x11/0x20 [ 661.186625][T21069] ? get_mem_cgroup_from_mm+0x156/0x320 [ 661.192176][T21069] mem_cgroup_try_charge+0x136/0x590 [ 661.197464][T21069] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 661.203716][T21069] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 661.209353][T21069] __handle_mm_fault+0x1e34/0x3f20 [ 661.214471][T21069] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 661.220470][T21069] ? __kasan_check_read+0x11/0x20 [ 661.225504][T21069] handle_mm_fault+0x1b5/0x6c0 [ 661.230273][T21069] __get_user_pages+0x7d4/0x1b30 [ 661.235226][T21069] ? follow_page_mask+0x1cf0/0x1cf0 [ 661.240431][T21069] ? vmacache_find+0x65/0x310 [ 661.245110][T21069] ? __sanitizer_cov_trace_pc+0x3f/0x50 [ 661.250666][T21069] populate_vma_page_range+0x20d/0x2a0 [ 661.256133][T21069] __mm_populate+0x204/0x380 [ 661.260730][T21069] ? populate_vma_page_range+0x2a0/0x2a0 [ 661.266365][T21069] ? __kasan_check_write+0x14/0x20 [ 661.271479][T21069] ? up_write+0x155/0x490 [ 661.275817][T21069] __x64_sys_mremap+0x7dc/0xb80 [ 661.280682][T21069] ? mremap_to+0x750/0x750 [ 661.285110][T21069] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 661.290569][T21069] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 661.296029][T21069] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 661.302093][T21069] ? do_syscall_64+0x26/0x760 [ 661.306769][T21069] ? lockdep_hardirqs_on+0x418/0x5d0 [ 661.312051][T21069] ? trace_hardirqs_on+0x67/0x240 [ 661.317688][T21069] do_syscall_64+0xfa/0x760 [ 661.322197][T21069] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 661.328168][T21069] RIP: 0033:0x459879 [ 661.332064][T21069] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 661.351668][T21069] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 661.360079][T21069] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 661.368048][T21069] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 661.376018][T21069] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 661.383987][T21069] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 661.391960][T21069] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 661.405497][T21069] memory: usage 307008kB, limit 307200kB, failcnt 4361 [ 661.412553][T21069] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 661.425862][T21069] Memory cgroup stats for /syz3: [ 661.425993][T21069] anon 304545792 [ 661.425993][T21069] file 0 [ 661.425993][T21069] kernel_stack 983040 [ 661.425993][T21069] slab 4476928 [ 661.425993][T21069] sock 0 [ 661.425993][T21069] shmem 0 [ 661.425993][T21069] file_mapped 0 [ 661.425993][T21069] file_dirty 0 [ 661.425993][T21069] file_writeback 0 [ 661.425993][T21069] anon_thp 218103808 [ 661.425993][T21069] inactive_anon 248504320 [ 661.425993][T21069] active_anon 18161664 [ 661.425993][T21069] inactive_file 0 [ 661.425993][T21069] active_file 0 [ 661.425993][T21069] unevictable 37806080 [ 661.425993][T21069] slab_reclaimable 1351680 [ 661.425993][T21069] slab_unreclaimable 3125248 [ 661.425993][T21069] pgfault 672705 [ 661.425993][T21069] pgmajfault 0 [ 661.425993][T21069] workingset_refault 99 [ 661.425993][T21069] workingset_activate 66 [ 661.425993][T21069] workingset_nodereclaim 0 [ 661.425993][T21069] pgrefill 496 [ 661.425993][T21069] pgscan 531 [ 661.425993][T21069] pgsteal 99 [ 661.544200][T21069] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21068,uid=0 [ 661.559994][T21069] Memory cgroup out of memory: Killed process 21068 (syz-executor.3) total-vm:72700kB, anon-rss:14260kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 661.581128][ T1065] oom_reaper: reaped process 21068 (syz-executor.3), now anon-rss:14252kB, file-rss:54332kB, shmem-rss:0kB 06:28:33 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x5) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:28:33 executing program 1: clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) chdir(&(0x7f0000000000)='.\x00') 06:28:33 executing program 0: r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes)\x00'}, 0x58) r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x200002, 0x0) write$FUSE_NOTIFY_POLL(r1, &(0x7f0000000100)={0x18, 0x1, 0x0, {0x1}}, 0x18) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000040)="dfbc58ef6edd8c56a5017ead7279f601", 0x10) accept(r0, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200) creat(&(0x7f00000000c0)='./file0\x00', 0x0) 06:28:33 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xc635010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:33 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xdd, 0x0) 06:28:33 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cd39685000000000"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:28:34 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xc735010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:34 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:28:34 executing program 1: pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) readahead(0xffffffffffffffff, 0x0, 0x0) write(r1, &(0x7f00000001c0), 0xfffffef3) read(r0, &(0x7f0000000200)=""/250, 0x50c7e5e2) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x25, &(0x7f0000000740)=0x100, 0x4) bind$inet(r2, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10) sendmsg$TIPC_CMD_SET_LINK_TOL(0xffffffffffffffff, 0x0, 0x0) socket$inet6(0xa, 0x0, 0x0) connect$inet(r2, &(0x7f0000000480)={0x2, 0x0, @multicast1}, 0x10) sendmmsg(r2, &(0x7f0000007fc0), 0x800001d, 0x0) mkdir(&(0x7f0000fd5ff8)='./file0\x00', 0x0) [ 662.009838][T21102] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 662.055012][T21102] CPU: 1 PID: 21102 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 662.064151][T21102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 662.074200][T21102] Call Trace: [ 662.074222][T21102] dump_stack+0x172/0x1f0 [ 662.074244][T21102] dump_header+0x177/0x1152 [ 662.074262][T21102] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 662.074272][T21102] ? ___ratelimit+0x2c8/0x595 [ 662.074287][T21102] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 662.074301][T21102] ? lockdep_hardirqs_on+0x418/0x5d0 [ 662.074319][T21102] ? trace_hardirqs_on+0x67/0x240 [ 662.112906][T21102] ? pagefault_out_of_memory+0x11c/0x11c [ 662.112928][T21102] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 662.112943][T21102] ? ___ratelimit+0x60/0x595 [ 662.112955][T21102] ? do_raw_spin_unlock+0x57/0x270 [ 662.112972][T21102] oom_kill_process.cold+0x10/0x15 [ 662.139244][T21102] out_of_memory+0x334/0x1340 [ 662.143944][T21102] ? lock_downgrade+0x920/0x920 [ 662.148811][T21102] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 662.154622][T21102] ? oom_killer_disable+0x280/0x280 [ 662.154655][T21102] mem_cgroup_out_of_memory+0x1d8/0x240 [ 662.154675][T21102] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 662.154704][T21102] ? do_raw_spin_unlock+0x57/0x270 [ 662.176131][T21102] ? _raw_spin_unlock+0x2d/0x50 [ 662.181003][T21102] try_charge+0xf4b/0x1440 [ 662.185443][T21102] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 662.190991][T21102] ? percpu_ref_tryget_live+0x111/0x290 [ 662.191013][T21102] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 662.191031][T21102] ? __kasan_check_read+0x11/0x20 [ 662.191053][T21102] ? get_mem_cgroup_from_mm+0x156/0x320 [ 662.191070][T21102] mem_cgroup_try_charge+0x136/0x590 [ 662.191089][T21102] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 662.224868][T21102] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 662.230519][T21102] __handle_mm_fault+0x1e34/0x3f20 [ 662.235635][T21102] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 662.235667][T21102] ? __kasan_check_read+0x11/0x20 [ 662.235696][T21102] handle_mm_fault+0x1b5/0x6c0 [ 662.235715][T21102] __get_user_pages+0x7d4/0x1b30 [ 662.255920][T21102] ? mark_held_locks+0xf0/0xf0 [ 662.260704][T21102] ? follow_page_mask+0x1cf0/0x1cf0 [ 662.265902][T21102] ? __mm_populate+0x270/0x380 [ 662.270680][T21102] ? __kasan_check_write+0x14/0x20 [ 662.275885][T21102] ? down_read+0x109/0x430 [ 662.275904][T21102] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 662.275924][T21102] populate_vma_page_range+0x20d/0x2a0 [ 662.275944][T21102] __mm_populate+0x204/0x380 [ 662.275961][T21102] ? populate_vma_page_range+0x2a0/0x2a0 06:28:34 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 662.302218][T21102] ? __kasan_check_write+0x14/0x20 [ 662.307333][T21102] ? up_write+0x155/0x490 [ 662.311660][T21102] ? ns_capable_common+0x93/0x100 [ 662.311689][T21102] __x64_sys_mlockall+0x473/0x520 [ 662.311709][T21102] do_syscall_64+0xfa/0x760 [ 662.311733][T21102] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 662.321736][T21102] RIP: 0033:0x459879 [ 662.321752][T21102] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 662.321760][T21102] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 662.321774][T21102] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 662.321783][T21102] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 662.321791][T21102] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 662.321798][T21102] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 06:28:34 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56e9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850000000000000"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r2) ioctl$VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f0000000140)={0x4}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 662.321810][T21102] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 662.377582][T21102] memory: usage 307200kB, limit 307200kB, failcnt 4372 [ 662.493213][T21102] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 662.502998][T21102] Memory cgroup stats for /syz3: [ 662.503112][T21102] anon 304697344 [ 662.503112][T21102] file 0 [ 662.503112][T21102] kernel_stack 851968 [ 662.503112][T21102] slab 4476928 [ 662.503112][T21102] sock 0 [ 662.503112][T21102] shmem 0 [ 662.503112][T21102] file_mapped 0 [ 662.503112][T21102] file_dirty 0 [ 662.503112][T21102] file_writeback 0 [ 662.503112][T21102] anon_thp 218103808 [ 662.503112][T21102] inactive_anon 258777088 [ 662.503112][T21102] active_anon 18161664 [ 662.503112][T21102] inactive_file 0 [ 662.503112][T21102] active_file 0 [ 662.503112][T21102] unevictable 27938816 [ 662.503112][T21102] slab_reclaimable 1351680 [ 662.503112][T21102] slab_unreclaimable 3125248 [ 662.503112][T21102] pgfault 673959 [ 662.503112][T21102] pgmajfault 0 [ 662.503112][T21102] workingset_refault 99 [ 662.503112][T21102] workingset_activate 66 [ 662.503112][T21102] workingset_nodereclaim 0 [ 662.503112][T21102] pgrefill 496 [ 662.503112][T21102] pgscan 531 06:28:34 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 662.503112][T21102] pgsteal 99 06:28:34 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xde, 0x0) 06:28:34 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xc835010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:34 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 662.789218][T21102] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21091,uid=0 [ 662.836701][T21102] Memory cgroup out of memory: Killed process 21091 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 06:28:35 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xc935010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:35 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 662.933313][T21146] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 662.965373][T21146] CPU: 0 PID: 21146 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 662.974624][T21146] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 662.984677][T21146] Call Trace: [ 662.987980][T21146] dump_stack+0x172/0x1f0 [ 662.992325][T21146] dump_header+0x177/0x1152 [ 662.996854][T21146] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 663.002662][T21146] ? ___ratelimit+0x2c8/0x595 [ 663.007345][T21146] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 663.013154][T21146] ? lockdep_hardirqs_on+0x418/0x5d0 [ 663.018552][T21146] ? trace_hardirqs_on+0x67/0x240 [ 663.023584][T21146] ? pagefault_out_of_memory+0x11c/0x11c [ 663.029224][T21146] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 663.035048][T21146] ? ___ratelimit+0x60/0x595 [ 663.039640][T21146] ? do_raw_spin_unlock+0x57/0x270 [ 663.044756][T21146] oom_kill_process.cold+0x10/0x15 [ 663.049874][T21146] out_of_memory+0x334/0x1340 [ 663.054558][T21146] ? lock_downgrade+0x920/0x920 [ 663.059423][T21146] ? oom_killer_disable+0x280/0x280 [ 663.064637][T21146] mem_cgroup_out_of_memory+0x1d8/0x240 [ 663.070194][T21146] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 663.075852][T21146] ? do_raw_spin_unlock+0x57/0x270 [ 663.080967][T21146] ? _raw_spin_unlock+0x2d/0x50 [ 663.085830][T21146] try_charge+0xf4b/0x1440 [ 663.090263][T21146] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 663.095813][T21146] ? percpu_ref_tryget_live+0x111/0x290 [ 663.101369][T21146] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 663.107612][T21146] ? __kasan_check_read+0x11/0x20 [ 663.112647][T21146] ? get_mem_cgroup_from_mm+0x156/0x320 [ 663.118200][T21146] mem_cgroup_try_charge+0x136/0x590 [ 663.123487][T21146] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 663.129738][T21146] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 663.135386][T21146] __handle_mm_fault+0x1e34/0x3f20 [ 663.140520][T21146] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 663.146086][T21146] ? __kasan_check_read+0x11/0x20 [ 663.151123][T21146] handle_mm_fault+0x1b5/0x6c0 [ 663.155900][T21146] __get_user_pages+0x7d4/0x1b30 [ 663.160845][T21146] ? mark_held_locks+0xf0/0xf0 [ 663.165626][T21146] ? follow_page_mask+0x1cf0/0x1cf0 [ 663.170827][T21146] ? __mm_populate+0x270/0x380 [ 663.175607][T21146] ? __kasan_check_write+0x14/0x20 [ 663.180734][T21146] ? down_read+0x109/0x430 [ 663.185156][T21146] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 663.191406][T21146] populate_vma_page_range+0x20d/0x2a0 [ 663.196877][T21146] __mm_populate+0x204/0x380 [ 663.201474][T21146] ? populate_vma_page_range+0x2a0/0x2a0 [ 663.207201][T21146] ? __kasan_check_write+0x14/0x20 [ 663.209680][T21129] cgroup: fork rejected by pids controller in /syz1 [ 663.212308][T21146] ? up_write+0x155/0x490 [ 663.212324][T21146] ? ns_capable_common+0x93/0x100 [ 663.212346][T21146] __x64_sys_mlockall+0x473/0x520 [ 663.212365][T21146] do_syscall_64+0xfa/0x760 [ 663.212391][T21146] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 663.243729][T21146] RIP: 0033:0x459879 [ 663.247626][T21146] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 663.267227][T21146] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 663.275645][T21146] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 663.283620][T21146] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 663.291595][T21146] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 663.299569][T21146] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 663.307540][T21146] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 663.324880][T21146] memory: usage 307200kB, limit 307200kB, failcnt 5039 [ 663.332075][T21146] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 663.339682][T21146] Memory cgroup stats for /syz2: [ 663.339807][T21146] anon 305016832 [ 663.339807][T21146] file 28672 [ 663.339807][T21146] kernel_stack 917504 [ 663.339807][T21146] slab 4280320 [ 663.339807][T21146] sock 0 [ 663.339807][T21146] shmem 0 [ 663.339807][T21146] file_mapped 0 [ 663.339807][T21146] file_dirty 0 [ 663.339807][T21146] file_writeback 0 [ 663.339807][T21146] anon_thp 220200960 [ 663.339807][T21146] inactive_anon 252936192 [ 663.339807][T21146] active_anon 11849728 [ 663.339807][T21146] inactive_file 0 [ 663.339807][T21146] active_file 0 [ 663.339807][T21146] unevictable 40177664 [ 663.339807][T21146] slab_reclaimable 1216512 [ 663.339807][T21146] slab_unreclaimable 3063808 [ 663.339807][T21146] pgfault 698181 [ 663.339807][T21146] pgmajfault 0 [ 663.339807][T21146] workingset_refault 165 [ 663.339807][T21146] workingset_activate 66 [ 663.339807][T21146] workingset_nodereclaim 0 [ 663.339807][T21146] pgrefill 1334 [ 663.339807][T21146] pgscan 1561 [ 663.339807][T21146] pgsteal 198 [ 663.433845][T21146] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21093,uid=0 [ 663.485685][T21146] Memory cgroup out of memory: Killed process 21093 (syz-executor.2) total-vm:73104kB, anon-rss:18616kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 663.545646][T21131] syz-executor.1 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 663.594563][ T1065] oom_reaper: reaped process 21093 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 663.649456][T21131] CPU: 0 PID: 21131 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 663.658596][T21131] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 663.668649][T21131] Call Trace: [ 663.671951][T21131] dump_stack+0x172/0x1f0 [ 663.676284][T21131] dump_header+0x177/0x1152 [ 663.680790][T21131] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 663.686594][T21131] ? ___ratelimit+0x2c8/0x595 [ 663.691274][T21131] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 663.697084][T21131] ? lockdep_hardirqs_on+0x418/0x5d0 [ 663.702370][T21131] ? trace_hardirqs_on+0x67/0x240 [ 663.707397][T21131] ? pagefault_out_of_memory+0x11c/0x11c [ 663.713033][T21131] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 663.718840][T21131] ? ___ratelimit+0x60/0x595 [ 663.723431][T21131] ? do_raw_spin_unlock+0x57/0x270 [ 663.728549][T21131] oom_kill_process.cold+0x10/0x15 [ 663.733665][T21131] out_of_memory+0x334/0x1340 [ 663.738347][T21131] ? lock_downgrade+0x920/0x920 [ 663.743199][T21131] ? oom_killer_disable+0x280/0x280 [ 663.748411][T21131] mem_cgroup_out_of_memory+0x1d8/0x240 [ 663.753956][T21131] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 663.759598][T21131] ? do_raw_spin_unlock+0x57/0x270 [ 663.764716][T21131] ? _raw_spin_unlock+0x2d/0x50 [ 663.769570][T21131] try_charge+0xf4b/0x1440 [ 663.773993][T21131] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 663.779537][T21131] ? find_held_lock+0x35/0x130 [ 663.784306][T21131] ? get_mem_cgroup_from_mm+0x139/0x320 [ 663.789958][T21131] ? lock_downgrade+0x920/0x920 [ 663.794804][T21131] ? percpu_ref_tryget_live+0x111/0x290 [ 663.800356][T21131] __memcg_kmem_charge_memcg+0x71/0xf0 [ 663.805814][T21131] ? memcg_kmem_put_cache+0x50/0x50 [ 663.811016][T21131] ? get_mem_cgroup_from_mm+0x156/0x320 [ 663.816568][T21131] __memcg_kmem_charge+0x13a/0x3a0 [ 663.821685][T21131] __alloc_pages_nodemask+0x4f7/0x900 [ 663.827062][T21131] ? __alloc_pages_slowpath+0x2540/0x2540 [ 663.832782][T21131] ? ___might_sleep+0x163/0x280 [ 663.837637][T21131] ? copyin+0x100/0x150 [ 663.841796][T21131] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 663.848040][T21131] alloc_pages_current+0x107/0x210 [ 663.853157][T21131] pipe_write+0x66d/0xf40 [ 663.857501][T21131] new_sync_write+0x4d3/0x770 [ 663.862176][T21131] ? new_sync_read+0x800/0x800 [ 663.866949][T21131] ? common_file_perm+0x238/0x720 [ 663.871974][T21131] ? __fget+0x384/0x560 [ 663.876133][T21131] ? apparmor_file_permission+0x25/0x30 [ 663.881683][T21131] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 663.887924][T21131] ? security_file_permission+0x8f/0x380 [ 663.893557][T21131] __vfs_write+0xe1/0x110 [ 663.897895][T21131] vfs_write+0x268/0x5d0 [ 663.902141][T21131] ksys_write+0x14f/0x290 [ 663.906470][T21131] ? __ia32_sys_read+0xb0/0xb0 [ 663.911237][T21131] ? do_syscall_64+0x26/0x760 [ 663.915914][T21131] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 663.921977][T21131] ? do_syscall_64+0x26/0x760 [ 663.926662][T21131] __x64_sys_write+0x73/0xb0 [ 663.931263][T21131] do_syscall_64+0xfa/0x760 [ 663.935774][T21131] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 663.941668][T21131] RIP: 0033:0x459879 [ 663.945561][T21131] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 663.965172][T21131] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 663.973585][T21131] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459879 [ 663.981558][T21131] RDX: 00000000fffffef3 RSI: 00000000200001c0 RDI: 0000000000000004 [ 663.989533][T21131] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 663.997505][T21131] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 664.005470][T21131] R13: 00000000004c5e17 R14: 00000000004e0300 R15: 00000000ffffffff [ 664.030074][T21131] memory: usage 307200kB, limit 307200kB, failcnt 237 [ 664.037007][T21131] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 664.044354][T21131] Memory cgroup stats for /syz1: [ 664.044593][T21131] anon 298995712 [ 664.044593][T21131] file 221184 [ 664.044593][T21131] kernel_stack 1048576 [ 664.044593][T21131] slab 10448896 [ 664.044593][T21131] sock 0 [ 664.044593][T21131] shmem 61440 [ 664.044593][T21131] file_mapped 0 [ 664.044593][T21131] file_dirty 0 [ 664.044593][T21131] file_writeback 0 [ 664.044593][T21131] anon_thp 125829120 [ 664.044593][T21131] inactive_anon 261074944 [ 664.044593][T21131] active_anon 19030016 [ 664.044593][T21131] inactive_file 0 [ 664.044593][T21131] active_file 135168 [ 664.044593][T21131] unevictable 18870272 [ 664.044593][T21131] slab_reclaimable 5947392 [ 664.044593][T21131] slab_unreclaimable 4501504 [ 664.044593][T21131] pgfault 121539 [ 664.044593][T21131] pgmajfault 0 [ 664.044593][T21131] workingset_refault 0 [ 664.044593][T21131] workingset_activate 0 [ 664.044593][T21131] workingset_nodereclaim 0 [ 664.044593][T21131] pgrefill 242 [ 664.044593][T21131] pgscan 267 [ 664.044593][T21131] pgsteal 35 [ 664.139915][T21131] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=20117,uid=0 [ 664.158163][T21131] Memory cgroup out of memory: Killed process 20117 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 664.204497][T21137] syz-executor.1 invoked oom-killer: gfp_mask=0x500cc2(GFP_HIGHUSER|__GFP_ACCOUNT), order=0, oom_score_adj=1000 [ 664.222945][T21137] CPU: 1 PID: 21137 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 664.232051][T21137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 664.242088][T21137] Call Trace: [ 664.245379][T21137] dump_stack+0x172/0x1f0 [ 664.249702][T21137] dump_header+0x177/0x1152 [ 664.254186][T21137] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 664.259971][T21137] ? ___ratelimit+0x2c8/0x595 [ 664.264632][T21137] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 664.270419][T21137] ? lockdep_hardirqs_on+0x418/0x5d0 [ 664.275685][T21137] ? trace_hardirqs_on+0x67/0x240 [ 664.280693][T21137] ? pagefault_out_of_memory+0x11c/0x11c [ 664.286397][T21137] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 664.292183][T21137] ? ___ratelimit+0x60/0x595 [ 664.296750][T21137] ? do_raw_spin_unlock+0x57/0x270 [ 664.301857][T21137] oom_kill_process.cold+0x10/0x15 [ 664.306952][T21137] out_of_memory+0x334/0x1340 [ 664.311610][T21137] ? lock_downgrade+0x920/0x920 [ 664.316447][T21137] ? oom_killer_disable+0x280/0x280 [ 664.321636][T21137] mem_cgroup_out_of_memory+0x1d8/0x240 [ 664.327164][T21137] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 664.332778][T21137] ? do_raw_spin_unlock+0x57/0x270 [ 664.337873][T21137] ? _raw_spin_unlock+0x2d/0x50 [ 664.342724][T21137] try_charge+0xa2d/0x1440 [ 664.347141][T21137] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 664.352669][T21137] ? find_held_lock+0x35/0x130 [ 664.357412][T21137] ? get_mem_cgroup_from_mm+0x139/0x320 [ 664.362943][T21137] ? lock_downgrade+0x920/0x920 [ 664.367772][T21137] ? percpu_ref_tryget_live+0x111/0x290 [ 664.373302][T21137] __memcg_kmem_charge_memcg+0x71/0xf0 [ 664.378742][T21137] ? memcg_kmem_put_cache+0x50/0x50 [ 664.383925][T21137] ? get_mem_cgroup_from_mm+0x156/0x320 [ 664.389466][T21137] __memcg_kmem_charge+0x13a/0x3a0 [ 664.394562][T21137] __alloc_pages_nodemask+0x4f7/0x900 [ 664.399919][T21137] ? __alloc_pages_slowpath+0x2540/0x2540 [ 664.405619][T21137] ? ___might_sleep+0x163/0x280 [ 664.410473][T21137] ? copyin+0x100/0x150 [ 664.414616][T21137] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 664.420844][T21137] alloc_pages_current+0x107/0x210 [ 664.425945][T21137] pipe_write+0x66d/0xf40 [ 664.430263][T21137] new_sync_write+0x4d3/0x770 [ 664.434930][T21137] ? new_sync_read+0x800/0x800 [ 664.439679][T21137] ? common_file_perm+0x238/0x720 [ 664.444681][T21137] ? __fget+0x384/0x560 [ 664.448819][T21137] ? apparmor_file_permission+0x25/0x30 [ 664.454343][T21137] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 664.460566][T21137] ? security_file_permission+0x8f/0x380 [ 664.466180][T21137] __vfs_write+0xe1/0x110 [ 664.470496][T21137] vfs_write+0x268/0x5d0 [ 664.474724][T21137] ksys_write+0x14f/0x290 [ 664.479037][T21137] ? __ia32_sys_read+0xb0/0xb0 [ 664.483787][T21137] ? do_syscall_64+0x26/0x760 [ 664.488443][T21137] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 664.494489][T21137] ? do_syscall_64+0x26/0x760 [ 664.499149][T21137] __x64_sys_write+0x73/0xb0 [ 664.503722][T21137] do_syscall_64+0xfa/0x760 [ 664.508211][T21137] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 664.514083][T21137] RIP: 0033:0x459879 [ 664.517960][T21137] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 664.537544][T21137] RSP: 002b:00007f4e2a8ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 664.545934][T21137] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459879 [ 664.553885][T21137] RDX: 00000000fffffef3 RSI: 00000000200001c0 RDI: 0000000000000004 [ 664.561840][T21137] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 664.569791][T21137] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a8ec6d4 [ 664.577742][T21137] R13: 00000000004c5e17 R14: 00000000004e0300 R15: 00000000ffffffff [ 664.594892][T21137] memory: usage 288908kB, limit 307200kB, failcnt 237 [ 664.602880][T21137] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 664.615173][T21137] Memory cgroup stats for /syz1: [ 664.615415][T21137] anon 280428544 [ 664.615415][T21137] file 221184 [ 664.615415][T21137] kernel_stack 1048576 [ 664.615415][T21137] slab 10448896 [ 664.615415][T21137] sock 0 [ 664.615415][T21137] shmem 61440 [ 664.615415][T21137] file_mapped 0 [ 664.615415][T21137] file_dirty 0 [ 664.615415][T21137] file_writeback 0 [ 664.615415][T21137] anon_thp 123731968 [ 664.615415][T21137] inactive_anon 242376704 [ 664.615415][T21137] active_anon 19030016 [ 664.615415][T21137] inactive_file 0 [ 664.615415][T21137] active_file 135168 [ 664.615415][T21137] unevictable 18870272 [ 664.615415][T21137] slab_reclaimable 5947392 [ 664.615415][T21137] slab_unreclaimable 4501504 [ 664.615415][T21137] pgfault 121539 [ 664.615415][T21137] pgmajfault 0 [ 664.615415][T21137] workingset_refault 0 [ 664.615415][T21137] workingset_activate 0 [ 664.615415][T21137] workingset_nodereclaim 0 [ 664.615415][T21137] pgrefill 242 [ 664.615415][T21137] pgscan 267 [ 664.615415][T21137] pgsteal 35 [ 664.716810][T21137] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=19923,uid=0 [ 664.780746][T21137] Memory cgroup out of memory: Killed process 19923 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 664.830827][T21102] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 664.851041][ T1065] oom_reaper: reaped process 19923 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 664.860096][T21102] CPU: 1 PID: 21102 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 664.871263][T21102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 664.881317][T21102] Call Trace: [ 664.884618][T21102] dump_stack+0x172/0x1f0 [ 664.888961][T21102] dump_header+0x177/0x1152 [ 664.893467][T21102] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 664.899275][T21102] ? ___ratelimit+0x2c8/0x595 [ 664.903951][T21102] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 664.909762][T21102] ? lockdep_hardirqs_on+0x418/0x5d0 [ 664.915049][T21102] ? trace_hardirqs_on+0x67/0x240 [ 664.920079][T21102] ? pagefault_out_of_memory+0x11c/0x11c [ 664.925715][T21102] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 664.931671][T21102] ? ___ratelimit+0x60/0x595 [ 664.936245][T21102] ? do_raw_spin_unlock+0x57/0x270 [ 664.941358][T21102] oom_kill_process.cold+0x10/0x15 [ 664.946479][T21102] out_of_memory+0x334/0x1340 [ 664.951162][T21102] ? lock_downgrade+0x920/0x920 [ 664.956009][T21102] ? oom_killer_disable+0x280/0x280 [ 664.961191][T21102] mem_cgroup_out_of_memory+0x1d8/0x240 [ 664.966715][T21102] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 664.972607][T21102] ? do_raw_spin_unlock+0x57/0x270 [ 664.977697][T21102] ? _raw_spin_unlock+0x2d/0x50 [ 664.982539][T21102] try_charge+0xf4b/0x1440 [ 664.986945][T21102] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 664.992468][T21102] ? percpu_ref_tryget_live+0x111/0x290 [ 664.998131][T21102] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 665.004354][T21102] ? __kasan_check_read+0x11/0x20 [ 665.009409][T21102] ? get_mem_cgroup_from_mm+0x156/0x320 [ 665.014945][T21102] mem_cgroup_try_charge+0x136/0x590 [ 665.020218][T21102] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 665.026442][T21102] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 665.032097][T21102] __handle_mm_fault+0x1e34/0x3f20 [ 665.037197][T21102] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 665.042732][T21102] ? __kasan_check_read+0x11/0x20 [ 665.047741][T21102] handle_mm_fault+0x1b5/0x6c0 [ 665.052488][T21102] __get_user_pages+0x7d4/0x1b30 [ 665.057404][T21102] ? mark_held_locks+0xf0/0xf0 [ 665.062157][T21102] ? follow_page_mask+0x1cf0/0x1cf0 [ 665.067328][T21102] ? __mm_populate+0x270/0x380 [ 665.072073][T21102] ? memset+0x32/0x40 [ 665.076069][T21102] populate_vma_page_range+0x20d/0x2a0 [ 665.081521][T21102] __mm_populate+0x204/0x380 [ 665.086093][T21102] ? populate_vma_page_range+0x2a0/0x2a0 [ 665.091705][T21102] ? up_write+0x1c8/0x490 [ 665.096051][T21102] __x64_sys_mremap+0x7dc/0xb80 [ 665.100883][T21102] ? mremap_to+0x750/0x750 [ 665.105281][T21102] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 665.110749][T21102] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 665.116187][T21102] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 665.122233][T21102] ? do_syscall_64+0x26/0x760 [ 665.126930][T21102] ? lockdep_hardirqs_on+0x418/0x5d0 [ 665.132205][T21102] ? trace_hardirqs_on+0x67/0x240 [ 665.137208][T21102] do_syscall_64+0xfa/0x760 [ 665.141694][T21102] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 665.147563][T21102] RIP: 0033:0x459879 [ 665.151438][T21102] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 665.171018][T21102] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 665.179512][T21102] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 665.187472][T21102] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 665.195434][T21102] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 665.203387][T21102] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 665.211341][T21102] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 665.240097][T21102] memory: usage 307136kB, limit 307200kB, failcnt 4399 [ 665.253728][T21102] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 665.268705][T21102] Memory cgroup stats for /syz3: [ 665.268815][T21102] anon 296247296 [ 665.268815][T21102] file 0 [ 665.268815][T21102] kernel_stack 851968 [ 665.268815][T21102] slab 4476928 [ 665.268815][T21102] sock 0 [ 665.268815][T21102] shmem 0 [ 665.268815][T21102] file_mapped 0 [ 665.268815][T21102] file_dirty 0 [ 665.268815][T21102] file_writeback 0 [ 665.268815][T21102] anon_thp 216006656 [ 665.268815][T21102] inactive_anon 240078848 [ 665.268815][T21102] active_anon 18161664 [ 665.268815][T21102] inactive_file 0 [ 665.268815][T21102] active_file 0 [ 665.268815][T21102] unevictable 38023168 [ 665.268815][T21102] slab_reclaimable 1351680 [ 665.268815][T21102] slab_unreclaimable 3125248 [ 665.268815][T21102] pgfault 678249 [ 665.268815][T21102] pgmajfault 0 [ 665.268815][T21102] workingset_refault 99 [ 665.268815][T21102] workingset_activate 66 [ 665.268815][T21102] workingset_nodereclaim 0 [ 665.268815][T21102] pgrefill 496 [ 665.268815][T21102] pgscan 531 [ 665.268815][T21102] pgsteal 99 [ 665.362996][T21102] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21101,uid=0 [ 665.380986][T21102] Memory cgroup out of memory: Killed process 21102 (syz-executor.3) total-vm:72700kB, anon-rss:14456kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 665.399359][ T1065] oom_reaper: reaped process 21102 (syz-executor.3), now anon-rss:14448kB, file-rss:54332kB, shmem-rss:0kB [ 665.411105][T21177] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 665.427449][T21177] CPU: 1 PID: 21177 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 665.436697][T21177] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 665.446755][T21177] Call Trace: [ 665.450053][T21177] dump_stack+0x172/0x1f0 [ 665.454384][T21177] dump_header+0x177/0x1152 [ 665.458888][T21177] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 665.464945][T21177] ? ___ratelimit+0x2c8/0x595 [ 665.469620][T21177] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 665.475424][T21177] ? lockdep_hardirqs_on+0x418/0x5d0 [ 665.480705][T21177] ? trace_hardirqs_on+0x67/0x240 [ 665.485729][T21177] ? pagefault_out_of_memory+0x11c/0x11c [ 665.491361][T21177] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 665.497166][T21177] ? ___ratelimit+0x60/0x595 [ 665.501753][T21177] ? do_raw_spin_unlock+0x57/0x270 [ 665.506863][T21177] oom_kill_process.cold+0x10/0x15 [ 665.511982][T21177] out_of_memory+0x334/0x1340 [ 665.516655][T21177] ? lock_downgrade+0x920/0x920 [ 665.521512][T21177] ? oom_killer_disable+0x280/0x280 [ 665.526721][T21177] mem_cgroup_out_of_memory+0x1d8/0x240 [ 665.532274][T21177] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 06:28:37 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc9ff010000d1212c68080dc56ec1198bf2ae0c9d67c14da68030da6b31ec3fca6be8ec05cd91cde864ae2c396891"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) lstat(&(0x7f0000000200)='./file0\x00', &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f00000000c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd) r5 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, r4) keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r4, &(0x7f0000000380)='asymmetric\x00i\x8dRT\xcc|\rO\xe2\xbe\x95\xe2\x80}5y\xd6\xda1\xbd\x15\xddH_\xed\xe3\xae\x0e\x14\xc1\x87$\xae&\x90cPh\xb1,\x93[D\xd7\x88\x9dI^AD\xf4[3\xe17\xfa\x05\xc7\x16\x1c\x02G\xa8z\xd3\xda\xc1\xd01\x87\xbf\xdf\xe6)\\=\xc2\x15\x7fu\xf1n\xba\xb8\xdc\x80\x0f\xf8m@\xb2\x88\xce+\vXKa\xaeK\xed\x89<\x84_a\x8e\x82\x15\x9d\x9d^\x99\xa6\xbd\xbd\v\xd6\x1d\x80%#}\xaeDZa\xb9\x01\xff\xca\xf5\xc5\\F)F]\xc0\xfe\xd9\xff\xc79\x86\x01\xf9\xf1\x00\x80\x00\x00\x00\x00\x00\x00\x19@\xd7\x1ds\b4\x98U\x17Od\xaa\x98\x1cu\x13\x1c<\x01 \xe5\xf6\x8b\xe6C\x99\xe4\xc5\xf5v\x98{\xce\xc40N\x03\xcb\xffh\xf2h 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 665.765454][T21177] RSP: 002b:00007fe89cd08c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 665.773845][T21177] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 665.781798][T21177] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 665.789751][T21177] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 665.797700][T21177] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd096d4 [ 665.805648][T21177] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 665.815482][T21177] memory: usage 307200kB, limit 307200kB, failcnt 5061 [ 665.822520][T21177] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 665.829537][T21177] Memory cgroup stats for /syz2: [ 665.829649][T21177] anon 304717824 [ 665.829649][T21177] file 28672 [ 665.829649][T21177] kernel_stack 983040 [ 665.829649][T21177] slab 4280320 [ 665.829649][T21177] sock 0 [ 665.829649][T21177] shmem 0 [ 665.829649][T21177] file_mapped 0 [ 665.829649][T21177] file_dirty 0 [ 665.829649][T21177] file_writeback 0 [ 665.829649][T21177] anon_thp 222298112 [ 665.829649][T21177] inactive_anon 245096448 [ 665.829649][T21177] active_anon 11849728 [ 665.829649][T21177] inactive_file 0 [ 665.829649][T21177] active_file 0 [ 665.829649][T21177] unevictable 48041984 [ 665.829649][T21177] slab_reclaimable 1216512 [ 665.829649][T21177] slab_unreclaimable 3063808 [ 665.829649][T21177] pgfault 702570 [ 665.829649][T21177] pgmajfault 0 [ 665.829649][T21177] workingset_refault 165 [ 665.829649][T21177] workingset_activate 66 [ 665.829649][T21177] workingset_nodereclaim 0 [ 665.829649][T21177] pgrefill 1334 [ 665.829649][T21177] pgscan 1561 [ 665.829649][T21177] pgsteal 198 [ 666.037464][T21177] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21145,uid=0 [ 666.067441][T21177] Memory cgroup out of memory: Killed process 21177 (syz-executor.2) total-vm:72832kB, anon-rss:18232kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 666.098153][ T1065] oom_reaper: reaped process 21177 (syz-executor.2), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB 06:28:38 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(0xffffffffffffffff, 0x54a2) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:28:38 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:28:38 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xcb35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:38 executing program 1: r0 = socket$inet6_udp(0xa, 0x2, 0x0) sendmmsg$inet6(r0, &(0x7f0000006d00)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x0, @mcast2}, 0x1c, 0x0}}, {{&(0x7f0000000180)={0xa, 0x4e22, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}}, 0x1c, 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="24000000000000002900000032000000ff0200000000000000002100000000012507f46d"], 0x24}}], 0x2, 0x0) 06:28:38 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) write(0xffffffffffffffff, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:28:38 executing program 1: socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = syz_open_procfs(0x0, &(0x7f0000000040)='net/netlink\x00') sendfile(r0, r1, 0x0, 0x80000005) 06:28:38 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xcc35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 666.851233][T21193] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 666.861885][T21193] CPU: 1 PID: 21193 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 666.870994][T21193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 666.881050][T21193] Call Trace: [ 666.884346][T21193] dump_stack+0x172/0x1f0 [ 666.888678][T21193] dump_header+0x177/0x1152 [ 666.893182][T21193] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 666.898985][T21193] ? ___ratelimit+0x2c8/0x595 [ 666.903660][T21193] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 666.909463][T21193] ? lockdep_hardirqs_on+0x418/0x5d0 [ 666.914747][T21193] ? trace_hardirqs_on+0x67/0x240 [ 666.919781][T21193] ? pagefault_out_of_memory+0x11c/0x11c [ 666.925413][T21193] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 666.931218][T21193] ? ___ratelimit+0x60/0x595 [ 666.935806][T21193] ? do_raw_spin_unlock+0x57/0x270 [ 666.940924][T21193] oom_kill_process.cold+0x10/0x15 [ 666.946036][T21193] out_of_memory+0x334/0x1340 [ 666.950719][T21193] ? lock_downgrade+0x920/0x920 [ 666.955572][T21193] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 666.961382][T21193] ? oom_killer_disable+0x280/0x280 [ 666.966588][T21193] mem_cgroup_out_of_memory+0x1d8/0x240 [ 666.972130][T21193] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 666.977767][T21193] ? do_raw_spin_unlock+0x57/0x270 [ 666.982875][T21193] ? _raw_spin_unlock+0x2d/0x50 [ 666.987727][T21193] try_charge+0xf4b/0x1440 [ 666.992156][T21193] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 666.997696][T21193] ? percpu_ref_tryget_live+0x111/0x290 [ 667.003242][T21193] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 667.009496][T21193] ? __kasan_check_read+0x11/0x20 [ 667.014528][T21193] ? get_mem_cgroup_from_mm+0x156/0x320 [ 667.020080][T21193] mem_cgroup_try_charge+0x136/0x590 [ 667.025372][T21193] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 667.031620][T21193] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 667.037262][T21193] __handle_mm_fault+0x1e34/0x3f20 [ 667.042380][T21193] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 667.047959][T21193] ? __kasan_check_read+0x11/0x20 [ 667.052996][T21193] handle_mm_fault+0x1b5/0x6c0 [ 667.057766][T21193] __get_user_pages+0x7d4/0x1b30 [ 667.062815][T21193] ? mark_held_locks+0xf0/0xf0 [ 667.067588][T21193] ? follow_page_mask+0x1cf0/0x1cf0 [ 667.072789][T21193] ? retint_kernel+0x2b/0x2b [ 667.077394][T21193] populate_vma_page_range+0x20d/0x2a0 [ 667.082856][T21193] __mm_populate+0x204/0x380 [ 667.087451][T21193] ? populate_vma_page_range+0x2a0/0x2a0 [ 667.093085][T21193] ? up_write+0x1c8/0x490 [ 667.097417][T21193] __x64_sys_mremap+0x7dc/0xb80 [ 667.102264][T21193] ? lockdep_hardirqs_on+0x418/0x5d0 [ 667.107550][T21193] ? retint_kernel+0x2b/0x2b [ 667.112143][T21193] ? mremap_to+0x750/0x750 [ 667.116572][T21193] ? __this_cpu_preempt_check+0x3a/0x210 [ 667.122210][T21193] ? retint_kernel+0x2b/0x2b [ 667.126828][T21193] do_syscall_64+0xfa/0x760 [ 667.131337][T21193] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 667.137229][T21193] RIP: 0033:0x459879 [ 667.141128][T21193] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 667.160730][T21193] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 667.169146][T21193] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 667.177112][T21193] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 667.185131][T21193] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 667.193087][T21193] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 667.201039][T21193] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 667.210230][T21193] memory: usage 307200kB, limit 307200kB, failcnt 4414 [ 667.217154][T21193] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 667.224187][T21193] Memory cgroup stats for /syz3: [ 667.224289][T21193] anon 304500736 [ 667.224289][T21193] file 0 [ 667.224289][T21193] kernel_stack 917504 [ 667.224289][T21193] slab 4612096 [ 667.224289][T21193] sock 0 [ 667.224289][T21193] shmem 0 [ 667.224289][T21193] file_mapped 0 [ 667.224289][T21193] file_dirty 0 [ 667.224289][T21193] file_writeback 0 [ 667.224289][T21193] anon_thp 216006656 [ 667.224289][T21193] inactive_anon 248487936 [ 667.224289][T21193] active_anon 18161664 [ 667.224289][T21193] inactive_file 0 [ 667.224289][T21193] active_file 0 [ 667.224289][T21193] unevictable 37871616 [ 667.224289][T21193] slab_reclaimable 1351680 [ 667.224289][T21193] slab_unreclaimable 3260416 [ 667.224289][T21193] pgfault 683826 [ 667.224289][T21193] pgmajfault 0 [ 667.224289][T21193] workingset_refault 99 [ 667.224289][T21193] workingset_activate 66 [ 667.224289][T21193] workingset_nodereclaim 0 [ 667.224289][T21193] pgrefill 529 [ 667.224289][T21193] pgscan 564 [ 667.224289][T21193] pgsteal 99 [ 667.317867][T21193] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21192,uid=0 [ 667.333405][T21193] Memory cgroup out of memory: Killed process 21192 (syz-executor.3) total-vm:72700kB, anon-rss:14524kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 667.351765][ T1065] oom_reaper: reaped process 21192 (syz-executor.3), now anon-rss:14516kB, file-rss:54332kB, shmem-rss:0kB [ 667.363804][T21223] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 667.380857][T21223] CPU: 0 PID: 21223 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 667.389974][T21223] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 667.400020][T21223] Call Trace: [ 667.403313][T21223] dump_stack+0x172/0x1f0 [ 667.407647][T21223] dump_header+0x177/0x1152 [ 667.412145][T21223] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 667.417946][T21223] ? ___ratelimit+0x2c8/0x595 [ 667.422629][T21223] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 667.428437][T21223] ? lockdep_hardirqs_on+0x418/0x5d0 [ 667.433719][T21223] ? trace_hardirqs_on+0x67/0x240 [ 667.438750][T21223] ? pagefault_out_of_memory+0x11c/0x11c [ 667.444386][T21223] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 667.450188][T21223] ? ___ratelimit+0x60/0x595 [ 667.454777][T21223] ? do_raw_spin_unlock+0x57/0x270 [ 667.459893][T21223] oom_kill_process.cold+0x10/0x15 [ 667.464989][T21223] out_of_memory+0x334/0x1340 [ 667.469644][T21223] ? lock_downgrade+0x920/0x920 [ 667.474478][T21223] ? oom_killer_disable+0x280/0x280 [ 667.479698][T21223] mem_cgroup_out_of_memory+0x1d8/0x240 [ 667.485258][T21223] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 667.490870][T21223] ? do_raw_spin_unlock+0x57/0x270 [ 667.495962][T21223] ? _raw_spin_unlock+0x2d/0x50 [ 667.500795][T21223] try_charge+0xf4b/0x1440 [ 667.505192][T21223] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 667.510850][T21223] ? percpu_ref_tryget_live+0x111/0x290 [ 667.516376][T21223] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 667.522595][T21223] ? __kasan_check_read+0x11/0x20 [ 667.527600][T21223] ? get_mem_cgroup_from_mm+0x156/0x320 [ 667.533138][T21223] mem_cgroup_try_charge+0x136/0x590 [ 667.538403][T21223] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 667.544619][T21223] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 667.550228][T21223] wp_page_copy+0x41e/0x1590 [ 667.554793][T21223] ? find_held_lock+0x35/0x130 [ 667.559535][T21223] ? pmd_pfn+0x1d0/0x1d0 [ 667.563755][T21223] ? lock_downgrade+0x920/0x920 [ 667.568586][T21223] ? swp_swapcount+0x540/0x540 [ 667.573327][T21223] ? __kasan_check_read+0x11/0x20 [ 667.578327][T21223] ? do_raw_spin_unlock+0x57/0x270 [ 667.583416][T21223] do_wp_page+0x499/0x14d0 [ 667.587814][T21223] ? finish_mkwrite_fault+0x570/0x570 [ 667.593167][T21223] __handle_mm_fault+0x22f1/0x3f20 [ 667.598258][T21223] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 667.603785][T21223] ? __kasan_check_read+0x11/0x20 [ 667.608804][T21223] handle_mm_fault+0x1b5/0x6c0 [ 667.613567][T21223] __get_user_pages+0x7d4/0x1b30 [ 667.618483][T21223] ? mark_held_locks+0xf0/0xf0 [ 667.623243][T21223] ? follow_page_mask+0x1cf0/0x1cf0 [ 667.628424][T21223] ? __mm_populate+0x270/0x380 [ 667.633166][T21223] ? __kasan_check_write+0x14/0x20 [ 667.638255][T21223] ? down_read+0x109/0x430 [ 667.642648][T21223] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 667.648865][T21223] populate_vma_page_range+0x20d/0x2a0 [ 667.654302][T21223] __mm_populate+0x204/0x380 [ 667.658873][T21223] ? populate_vma_page_range+0x2a0/0x2a0 [ 667.664481][T21223] ? __kasan_check_write+0x14/0x20 [ 667.669570][T21223] ? up_write+0x155/0x490 [ 667.673890][T21223] ? ns_capable_common+0x93/0x100 [ 667.678904][T21223] __x64_sys_mlockall+0x473/0x520 [ 667.683909][T21223] do_syscall_64+0xfa/0x760 [ 667.688508][T21223] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 667.694376][T21223] RIP: 0033:0x459879 [ 667.698249][T21223] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 667.717845][T21223] RSP: 002b:00007fe89cd08c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 667.726228][T21223] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 667.734190][T21223] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 667.742137][T21223] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 06:28:39 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) write(0xffffffffffffffff, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:28:39 executing program 1: 06:28:39 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xcd35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:39 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:28:39 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xe0, 0x0) [ 667.750084][T21223] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd096d4 [ 667.758044][T21223] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 667.796146][T21223] memory: usage 307200kB, limit 307200kB, failcnt 5084 [ 667.851801][T21223] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 667.883882][T21223] Memory cgroup stats for /syz2: [ 667.884006][T21223] anon 304656384 [ 667.884006][T21223] file 28672 [ 667.884006][T21223] kernel_stack 983040 [ 667.884006][T21223] slab 4280320 [ 667.884006][T21223] sock 0 [ 667.884006][T21223] shmem 0 [ 667.884006][T21223] file_mapped 0 [ 667.884006][T21223] file_dirty 0 [ 667.884006][T21223] file_writeback 0 [ 667.884006][T21223] anon_thp 222298112 [ 667.884006][T21223] inactive_anon 244989952 [ 667.884006][T21223] active_anon 11849728 [ 667.884006][T21223] inactive_file 0 [ 667.884006][T21223] active_file 0 [ 667.884006][T21223] unevictable 47890432 [ 667.884006][T21223] slab_reclaimable 1216512 [ 667.884006][T21223] slab_unreclaimable 3063808 [ 667.884006][T21223] pgfault 709698 [ 667.884006][T21223] pgmajfault 0 [ 667.884006][T21223] workingset_refault 165 [ 667.884006][T21223] workingset_activate 66 [ 667.884006][T21223] workingset_nodereclaim 0 [ 667.884006][T21223] pgrefill 1334 [ 667.884006][T21223] pgscan 1561 [ 667.884006][T21223] pgsteal 198 [ 667.913000][T21223] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21206,uid=0 [ 668.033365][T21223] Memory cgroup out of memory: Killed process 21206 (syz-executor.2) total-vm:72832kB, anon-rss:18220kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 668.058899][ T1065] oom_reaper: reaped process 21206 (syz-executor.2), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 668.070872][T21235] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 668.097662][T21235] CPU: 0 PID: 21235 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 668.106795][T21235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 668.116845][T21235] Call Trace: [ 668.120138][T21235] dump_stack+0x172/0x1f0 [ 668.124475][T21235] dump_header+0x177/0x1152 [ 668.128974][T21235] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 668.134786][T21235] ? ___ratelimit+0x2c8/0x595 [ 668.139461][T21235] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 668.145272][T21235] ? lockdep_hardirqs_on+0x418/0x5d0 [ 668.150560][T21235] ? trace_hardirqs_on+0x67/0x240 [ 668.155585][T21235] ? pagefault_out_of_memory+0x11c/0x11c [ 668.161217][T21235] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 668.167028][T21235] ? ___ratelimit+0x60/0x595 [ 668.171625][T21235] ? do_raw_spin_unlock+0x57/0x270 [ 668.176743][T21235] oom_kill_process.cold+0x10/0x15 [ 668.181871][T21235] out_of_memory+0x334/0x1340 [ 668.186549][T21235] ? lock_downgrade+0x920/0x920 [ 668.191385][T21235] ? oom_killer_disable+0x280/0x280 [ 668.196618][T21235] mem_cgroup_out_of_memory+0x1d8/0x240 [ 668.202152][T21235] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 668.207766][T21235] ? do_raw_spin_unlock+0x57/0x270 [ 668.212861][T21235] ? _raw_spin_unlock+0x2d/0x50 [ 668.217697][T21235] try_charge+0xf4b/0x1440 [ 668.222135][T21235] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 668.227694][T21235] ? percpu_ref_tryget_live+0x111/0x290 [ 668.233215][T21235] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 668.239435][T21235] ? __kasan_check_read+0x11/0x20 [ 668.244474][T21235] ? get_mem_cgroup_from_mm+0x156/0x320 [ 668.249997][T21235] mem_cgroup_try_charge+0x136/0x590 [ 668.255261][T21235] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 668.261482][T21235] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 668.267094][T21235] __handle_mm_fault+0x1e34/0x3f20 [ 668.272182][T21235] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 668.277709][T21235] ? __kasan_check_read+0x11/0x20 [ 668.282709][T21235] handle_mm_fault+0x1b5/0x6c0 [ 668.287450][T21235] __get_user_pages+0x7d4/0x1b30 [ 668.292359][T21235] ? mark_held_locks+0xf0/0xf0 [ 668.297102][T21235] ? follow_page_mask+0x1cf0/0x1cf0 [ 668.302307][T21235] ? __mm_populate+0x270/0x380 [ 668.307050][T21235] ? __kasan_check_write+0x14/0x20 [ 668.312192][T21235] ? down_read+0x109/0x430 [ 668.316595][T21235] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 668.322827][T21235] populate_vma_page_range+0x20d/0x2a0 [ 668.328288][T21235] __mm_populate+0x204/0x380 [ 668.332859][T21235] ? populate_vma_page_range+0x2a0/0x2a0 [ 668.338467][T21235] ? __kasan_check_write+0x14/0x20 [ 668.343554][T21235] ? up_write+0x155/0x490 [ 668.347861][T21235] ? ns_capable_common+0x93/0x100 [ 668.352867][T21235] __x64_sys_mlockall+0x473/0x520 [ 668.357869][T21235] do_syscall_64+0xfa/0x760 [ 668.362353][T21235] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 668.368221][T21235] RIP: 0033:0x459879 [ 668.372095][T21235] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 668.391679][T21235] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 668.400079][T21235] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 668.408039][T21235] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 668.416067][T21235] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 668.424034][T21235] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 668.431989][T21235] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 668.441996][T21235] memory: usage 307200kB, limit 307200kB, failcnt 4459 06:28:40 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r2 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000140)='/proc/capi/capi20ncci\x00', 0x8000, 0x0) utimensat(r2, &(0x7f0000000280)='./file0\x00', &(0x7f00000002c0)={{0x0, 0x7530}, {0x77359400}}, 0x80) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:28:40 executing program 1: 06:28:40 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) write(0xffffffffffffffff, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:28:40 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xce35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 668.449293][T21235] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 668.456795][T21235] Memory cgroup stats for /syz3: [ 668.457033][T21235] anon 304685056 [ 668.457033][T21235] file 0 [ 668.457033][T21235] kernel_stack 917504 [ 668.457033][T21235] slab 4612096 [ 668.457033][T21235] sock 0 [ 668.457033][T21235] shmem 0 [ 668.457033][T21235] file_mapped 0 [ 668.457033][T21235] file_dirty 0 [ 668.457033][T21235] file_writeback 0 [ 668.457033][T21235] anon_thp 216006656 [ 668.457033][T21235] inactive_anon 258760704 [ 668.457033][T21235] active_anon 18161664 [ 668.457033][T21235] inactive_file 0 [ 668.457033][T21235] active_file 0 [ 668.457033][T21235] unevictable 27869184 [ 668.457033][T21235] slab_reclaimable 1351680 [ 668.457033][T21235] slab_unreclaimable 3260416 [ 668.457033][T21235] pgfault 685113 [ 668.457033][T21235] pgmajfault 0 [ 668.457033][T21235] workingset_refault 99 [ 668.457033][T21235] workingset_activate 66 [ 668.457033][T21235] workingset_nodereclaim 0 [ 668.457033][T21235] pgrefill 529 [ 668.457033][T21235] pgscan 564 06:28:40 executing program 1: [ 668.457033][T21235] pgsteal 99 06:28:40 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:28:40 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xcf35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:40 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xe1, 0x0) 06:28:40 executing program 1: [ 668.742491][T21235] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21211,uid=0 06:28:40 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 668.786857][T21235] Memory cgroup out of memory: Killed process 21211 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 668.906525][T21247] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 668.953968][T21247] CPU: 0 PID: 21247 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 668.963118][T21247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 668.973173][T21247] Call Trace: [ 668.976470][T21247] dump_stack+0x172/0x1f0 [ 668.980811][T21247] dump_header+0x177/0x1152 [ 668.985320][T21247] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 668.991127][T21247] ? ___ratelimit+0x2c8/0x595 [ 668.995800][T21247] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 669.001615][T21247] ? lockdep_hardirqs_on+0x418/0x5d0 [ 669.006920][T21247] ? trace_hardirqs_on+0x67/0x240 [ 669.011946][T21247] ? pagefault_out_of_memory+0x11c/0x11c [ 669.017583][T21247] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 669.023392][T21247] ? ___ratelimit+0x60/0x595 [ 669.027983][T21247] ? do_raw_spin_unlock+0x57/0x270 [ 669.033101][T21247] oom_kill_process.cold+0x10/0x15 [ 669.038218][T21247] out_of_memory+0x334/0x1340 [ 669.042897][T21247] ? lock_downgrade+0x920/0x920 [ 669.047751][T21247] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 669.053567][T21247] ? oom_killer_disable+0x280/0x280 [ 669.058774][T21247] mem_cgroup_out_of_memory+0x1d8/0x240 [ 669.064327][T21247] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 669.069971][T21247] ? do_raw_spin_unlock+0x57/0x270 [ 669.075094][T21247] ? _raw_spin_unlock+0x2d/0x50 [ 669.079956][T21247] try_charge+0xf4b/0x1440 [ 669.084389][T21247] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 669.089941][T21247] ? percpu_ref_tryget_live+0x111/0x290 [ 669.095490][T21247] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 669.101735][T21247] ? __kasan_check_read+0x11/0x20 [ 669.106765][T21247] ? get_mem_cgroup_from_mm+0x156/0x320 [ 669.112313][T21247] mem_cgroup_try_charge+0x136/0x590 [ 669.117604][T21247] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 669.123856][T21247] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 669.129495][T21247] __handle_mm_fault+0x1e34/0x3f20 [ 669.134623][T21247] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 669.140188][T21247] ? __kasan_check_read+0x11/0x20 [ 669.145223][T21247] handle_mm_fault+0x1b5/0x6c0 [ 669.149989][T21247] __get_user_pages+0x7d4/0x1b30 [ 669.154925][T21247] ? mark_held_locks+0xf0/0xf0 [ 669.159806][T21247] ? follow_page_mask+0x1cf0/0x1cf0 [ 669.165003][T21247] ? __mm_populate+0x270/0x380 [ 669.169783][T21247] ? __kasan_check_write+0x14/0x20 [ 669.174900][T21247] ? down_read+0x109/0x430 [ 669.179320][T21247] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 669.185674][T21247] populate_vma_page_range+0x20d/0x2a0 [ 669.191166][T21247] __mm_populate+0x204/0x380 [ 669.195868][T21247] ? populate_vma_page_range+0x2a0/0x2a0 [ 669.201508][T21247] ? __kasan_check_write+0x14/0x20 [ 669.206622][T21247] ? up_write+0x155/0x490 [ 669.210967][T21247] ? ns_capable_common+0x93/0x100 [ 669.215997][T21247] __x64_sys_mlockall+0x473/0x520 [ 669.221061][T21247] do_syscall_64+0xfa/0x760 [ 669.225577][T21247] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 669.231477][T21247] RIP: 0033:0x459879 [ 669.235374][T21247] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 669.254979][T21247] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 669.263393][T21247] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 669.271373][T21247] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 669.279344][T21247] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 669.287315][T21247] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 669.295286][T21247] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 669.316165][T21247] memory: usage 307200kB, limit 307200kB, failcnt 5115 [ 669.323208][T21247] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 669.330311][T21247] Memory cgroup stats for /syz2: [ 669.330420][T21247] anon 304795648 [ 669.330420][T21247] file 28672 [ 669.330420][T21247] kernel_stack 917504 [ 669.330420][T21247] slab 4280320 [ 669.330420][T21247] sock 0 [ 669.330420][T21247] shmem 0 [ 669.330420][T21247] file_mapped 0 [ 669.330420][T21247] file_dirty 0 [ 669.330420][T21247] file_writeback 0 [ 669.330420][T21247] anon_thp 224395264 [ 669.330420][T21247] inactive_anon 252559360 [ 669.330420][T21247] active_anon 11714560 [ 669.330420][T21247] inactive_file 0 [ 669.330420][T21247] active_file 0 [ 669.330420][T21247] unevictable 40558592 [ 669.330420][T21247] slab_reclaimable 1216512 [ 669.330420][T21247] slab_unreclaimable 3063808 [ 669.330420][T21247] pgfault 711975 [ 669.330420][T21247] pgmajfault 0 [ 669.330420][T21247] workingset_refault 165 [ 669.330420][T21247] workingset_activate 66 [ 669.330420][T21247] workingset_nodereclaim 0 [ 669.330420][T21247] pgrefill 1334 [ 669.330420][T21247] pgscan 1561 [ 669.330420][T21247] pgsteal 198 [ 669.425454][T21247] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21224,uid=0 [ 669.442188][T21247] Memory cgroup out of memory: Killed process 21224 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 669.467657][T21235] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 669.484574][T21235] CPU: 1 PID: 21235 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 669.493700][T21235] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 669.498506][ T1065] oom_reaper: reaped process 21224 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 669.505225][T21235] Call Trace: [ 669.505251][T21235] dump_stack+0x172/0x1f0 [ 669.505273][T21235] dump_header+0x177/0x1152 [ 669.505294][T21235] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 669.534239][T21235] ? ___ratelimit+0x2c8/0x595 [ 669.538926][T21235] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 669.544744][T21235] ? lockdep_hardirqs_on+0x418/0x5d0 [ 669.550033][T21235] ? trace_hardirqs_on+0x67/0x240 [ 669.555075][T21235] ? pagefault_out_of_memory+0x11c/0x11c [ 669.560705][T21235] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 669.566506][T21235] ? ___ratelimit+0x60/0x595 [ 669.571098][T21235] ? do_raw_spin_unlock+0x57/0x270 [ 669.576303][T21235] oom_kill_process.cold+0x10/0x15 [ 669.581425][T21235] out_of_memory+0x334/0x1340 [ 669.586133][T21235] ? lock_downgrade+0x920/0x920 [ 669.590995][T21235] ? oom_killer_disable+0x280/0x280 [ 669.596194][T21235] mem_cgroup_out_of_memory+0x1d8/0x240 [ 669.601717][T21235] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 669.607349][T21235] ? do_raw_spin_unlock+0x57/0x270 [ 669.612446][T21235] ? _raw_spin_unlock+0x2d/0x50 [ 669.617291][T21235] try_charge+0xf4b/0x1440 [ 669.621701][T21235] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 669.627226][T21235] ? percpu_ref_tryget_live+0x111/0x290 [ 669.632756][T21235] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 669.638978][T21235] ? __kasan_check_read+0x11/0x20 [ 669.644001][T21235] ? get_mem_cgroup_from_mm+0x156/0x320 [ 669.649539][T21235] mem_cgroup_try_charge+0x136/0x590 [ 669.654805][T21235] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 669.661029][T21235] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 669.666659][T21235] __handle_mm_fault+0x1e34/0x3f20 [ 669.671755][T21235] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 669.677310][T21235] ? __kasan_check_read+0x11/0x20 [ 669.682322][T21235] handle_mm_fault+0x1b5/0x6c0 [ 669.687069][T21235] __get_user_pages+0x7d4/0x1b30 [ 669.691984][T21235] ? mark_held_locks+0xf0/0xf0 [ 669.696745][T21235] ? follow_page_mask+0x1cf0/0x1cf0 [ 669.701918][T21235] ? __mm_populate+0x270/0x380 [ 669.706664][T21235] ? memset+0x32/0x40 [ 669.710637][T21235] populate_vma_page_range+0x20d/0x2a0 [ 669.716084][T21235] __mm_populate+0x204/0x380 [ 669.720662][T21235] ? populate_vma_page_range+0x2a0/0x2a0 [ 669.726897][T21235] ? up_write+0x1c8/0x490 [ 669.731206][T21235] __x64_sys_mremap+0x7dc/0xb80 [ 669.736090][T21235] ? mremap_to+0x750/0x750 [ 669.740487][T21235] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 669.745925][T21235] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 669.751364][T21235] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 669.757413][T21235] ? do_syscall_64+0x26/0x760 [ 669.762081][T21235] ? lockdep_hardirqs_on+0x418/0x5d0 [ 669.767346][T21235] ? trace_hardirqs_on+0x67/0x240 [ 669.772352][T21235] do_syscall_64+0xfa/0x760 [ 669.776837][T21235] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 669.782702][T21235] RIP: 0033:0x459879 [ 669.786612][T21235] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 669.806217][T21235] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 669.814653][T21235] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 669.822644][T21235] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 669.830637][T21235] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 669.838590][T21235] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 669.846593][T21235] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 669.855097][T21235] memory: usage 307200kB, limit 307200kB, failcnt 4498 [ 669.862043][T21235] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 669.869057][T21235] Memory cgroup stats for /syz3: [ 669.869160][T21235] anon 304582656 [ 669.869160][T21235] file 0 [ 669.869160][T21235] kernel_stack 917504 [ 669.869160][T21235] slab 4612096 [ 669.869160][T21235] sock 0 [ 669.869160][T21235] shmem 0 [ 669.869160][T21235] file_mapped 0 [ 669.869160][T21235] file_dirty 0 [ 669.869160][T21235] file_writeback 0 [ 669.869160][T21235] anon_thp 213909504 [ 669.869160][T21235] inactive_anon 248455168 [ 669.869160][T21235] active_anon 18161664 [ 669.869160][T21235] inactive_file 0 [ 669.869160][T21235] active_file 0 [ 669.869160][T21235] unevictable 37871616 [ 669.869160][T21235] slab_reclaimable 1351680 [ 669.869160][T21235] slab_unreclaimable 3260416 [ 669.869160][T21235] pgfault 689898 [ 669.869160][T21235] pgmajfault 0 [ 669.869160][T21235] workingset_refault 99 [ 669.869160][T21235] workingset_activate 66 [ 669.869160][T21235] workingset_nodereclaim 0 [ 669.869160][T21235] pgrefill 529 [ 669.869160][T21235] pgscan 564 [ 669.869160][T21235] pgsteal 99 [ 669.962367][T21235] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21234,uid=0 [ 669.977912][T21235] Memory cgroup out of memory: Killed process 21234 (syz-executor.3) total-vm:72700kB, anon-rss:14524kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 669.996233][ T1065] oom_reaper: reaped process 21234 (syz-executor.3), now anon-rss:14516kB, file-rss:54332kB, shmem-rss:0kB [ 669.996319][T21247] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 670.017904][T21247] CPU: 1 PID: 21247 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 670.027009][T21247] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 670.037056][T21247] Call Trace: [ 670.040349][T21247] dump_stack+0x172/0x1f0 [ 670.044684][T21247] dump_header+0x177/0x1152 [ 670.049188][T21247] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 670.054989][T21247] ? ___ratelimit+0x2c8/0x595 [ 670.059661][T21247] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 670.065468][T21247] ? lockdep_hardirqs_on+0x418/0x5d0 [ 670.070751][T21247] ? trace_hardirqs_on+0x67/0x240 [ 670.075772][T21247] ? pagefault_out_of_memory+0x11c/0x11c [ 670.081407][T21247] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 670.087217][T21247] ? ___ratelimit+0x60/0x595 [ 670.091800][T21247] ? do_raw_spin_unlock+0x57/0x270 [ 670.096912][T21247] oom_kill_process.cold+0x10/0x15 [ 670.102025][T21247] out_of_memory+0x334/0x1340 [ 670.106708][T21247] ? lock_downgrade+0x920/0x920 [ 670.111575][T21247] ? oom_killer_disable+0x280/0x280 06:28:42 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:28:42 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 670.116786][T21247] mem_cgroup_out_of_memory+0x1d8/0x240 [ 670.122332][T21247] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 670.127969][T21247] ? do_raw_spin_unlock+0x57/0x270 [ 670.133094][T21247] ? _raw_spin_unlock+0x2d/0x50 [ 670.137950][T21247] try_charge+0xf4b/0x1440 [ 670.137974][T21247] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 670.137987][T21247] ? percpu_ref_tryget_live+0x111/0x290 [ 670.138009][T21247] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 670.147940][T21247] ? __kasan_check_read+0x11/0x20 [ 670.147959][T21247] ? get_mem_cgroup_from_mm+0x156/0x320 [ 670.147975][T21247] mem_cgroup_try_charge+0x136/0x590 [ 670.147991][T21247] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 670.148009][T21247] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 670.187436][T21247] __handle_mm_fault+0x1e34/0x3f20 [ 670.192570][T21247] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 670.198136][T21247] ? __kasan_check_read+0x11/0x20 [ 670.203174][T21247] handle_mm_fault+0x1b5/0x6c0 [ 670.207947][T21247] __get_user_pages+0x7d4/0x1b30 [ 670.212882][T21247] ? mark_held_locks+0xf0/0xf0 [ 670.217659][T21247] ? follow_page_mask+0x1cf0/0x1cf0 [ 670.222856][T21247] ? __mm_populate+0x270/0x380 [ 670.227626][T21247] ? __kasan_check_write+0x14/0x20 [ 670.232740][T21247] ? down_read+0x109/0x430 [ 670.237160][T21247] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 670.243416][T21247] populate_vma_page_range+0x20d/0x2a0 [ 670.249000][T21247] __mm_populate+0x204/0x380 [ 670.253601][T21247] ? populate_vma_page_range+0x2a0/0x2a0 [ 670.259237][T21247] ? __kasan_check_write+0x14/0x20 [ 670.264352][T21247] ? up_write+0x155/0x490 [ 670.268678][T21247] ? ns_capable_common+0x93/0x100 [ 670.273709][T21247] __x64_sys_mlockall+0x473/0x520 [ 670.278743][T21247] do_syscall_64+0xfa/0x760 [ 670.283259][T21247] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 670.289143][T21247] RIP: 0033:0x459879 [ 670.293030][T21247] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 670.312664][T21247] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 670.321058][T21247] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 670.329012][T21247] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 670.336963][T21247] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 670.344916][T21247] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 670.352928][T21247] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 670.362938][T21247] memory: usage 294340kB, limit 307200kB, failcnt 5138 [ 670.369874][T21247] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 670.376719][T21247] Memory cgroup stats for /syz2: [ 670.376860][T21247] anon 291983360 [ 670.376860][T21247] file 28672 [ 670.376860][T21247] kernel_stack 917504 [ 670.376860][T21247] slab 4280320 [ 670.376860][T21247] sock 0 [ 670.376860][T21247] shmem 0 [ 670.376860][T21247] file_mapped 0 [ 670.376860][T21247] file_dirty 0 [ 670.376860][T21247] file_writeback 0 [ 670.376860][T21247] anon_thp 224395264 [ 670.376860][T21247] inactive_anon 234004480 [ 670.376860][T21247] active_anon 11714560 [ 670.376860][T21247] inactive_file 0 [ 670.376860][T21247] active_file 0 [ 670.376860][T21247] unevictable 46092288 [ 670.376860][T21247] slab_reclaimable 1216512 [ 670.376860][T21247] slab_unreclaimable 3063808 [ 670.376860][T21247] pgfault 712866 [ 670.376860][T21247] pgmajfault 0 [ 670.376860][T21247] workingset_refault 165 [ 670.376860][T21247] workingset_activate 66 [ 670.376860][T21247] workingset_nodereclaim 0 [ 670.376860][T21247] pgrefill 1334 [ 670.376860][T21247] pgscan 1561 [ 670.376860][T21247] pgsteal 198 [ 670.471544][T21247] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21245,uid=0 [ 670.492345][T21247] Memory cgroup out of memory: Killed process 21245 (syz-executor.2) total-vm:72576kB, anon-rss:16428kB, file-rss:36988kB, shmem-rss:0kB, UID:0 pgtables:167936kB oom_score_adj:1000 [ 670.511332][ T1065] oom_reaper: reaped process 21245 (syz-executor.2), now anon-rss:16480kB, file-rss:37968kB, shmem-rss:0kB [ 670.513865][T21274] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 670.533962][T21274] CPU: 0 PID: 21274 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 670.543070][T21274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 670.553121][T21274] Call Trace: [ 670.556416][T21274] dump_stack+0x172/0x1f0 [ 670.560749][T21274] dump_header+0x177/0x1152 [ 670.565255][T21274] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 670.571150][T21274] ? ___ratelimit+0x2c8/0x595 [ 670.575829][T21274] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 670.581638][T21274] ? lockdep_hardirqs_on+0x418/0x5d0 [ 670.586925][T21274] ? trace_hardirqs_on+0x67/0x240 [ 670.591946][T21274] ? pagefault_out_of_memory+0x11c/0x11c [ 670.597558][T21274] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 670.603397][T21274] ? ___ratelimit+0x60/0x595 [ 670.607979][T21274] ? do_raw_spin_unlock+0x57/0x270 [ 670.613068][T21274] oom_kill_process.cold+0x10/0x15 [ 670.618161][T21274] out_of_memory+0x334/0x1340 [ 670.622815][T21274] ? lock_downgrade+0x920/0x920 [ 670.627645][T21274] ? oom_killer_disable+0x280/0x280 [ 670.632827][T21274] mem_cgroup_out_of_memory+0x1d8/0x240 [ 670.638523][T21274] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 670.644135][T21274] ? do_raw_spin_unlock+0x57/0x270 [ 670.649438][T21274] ? _raw_spin_unlock+0x2d/0x50 [ 670.654271][T21274] try_charge+0xf4b/0x1440 [ 670.658711][T21274] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 670.664341][T21274] ? percpu_ref_tryget_live+0x111/0x290 [ 670.669870][T21274] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 670.676089][T21274] ? __kasan_check_read+0x11/0x20 [ 670.681092][T21274] ? get_mem_cgroup_from_mm+0x156/0x320 [ 670.686615][T21274] mem_cgroup_try_charge+0x136/0x590 [ 670.691896][T21274] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 670.698117][T21274] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 670.703743][T21274] __handle_mm_fault+0x1e34/0x3f20 [ 670.708846][T21274] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 670.714375][T21274] ? __kasan_check_read+0x11/0x20 [ 670.719382][T21274] handle_mm_fault+0x1b5/0x6c0 [ 670.724136][T21274] __get_user_pages+0x7d4/0x1b30 [ 670.729048][T21274] ? mark_held_locks+0xf0/0xf0 [ 670.733790][T21274] ? follow_page_mask+0x1cf0/0x1cf0 [ 670.738964][T21274] ? __mm_populate+0x270/0x380 [ 670.743707][T21274] ? __kasan_check_write+0x14/0x20 [ 670.748793][T21274] ? down_read+0x109/0x430 [ 670.753185][T21274] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 670.759403][T21274] populate_vma_page_range+0x20d/0x2a0 [ 670.764855][T21274] __mm_populate+0x204/0x380 [ 670.769425][T21274] ? populate_vma_page_range+0x2a0/0x2a0 [ 670.775033][T21274] ? __kasan_check_write+0x14/0x20 [ 670.780119][T21274] ? up_write+0x155/0x490 [ 670.784425][T21274] ? ns_capable_common+0x93/0x100 [ 670.789438][T21274] __x64_sys_mlockall+0x473/0x520 [ 670.794449][T21274] do_syscall_64+0xfa/0x760 [ 670.798934][T21274] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 670.804799][T21274] RIP: 0033:0x459879 [ 670.808676][T21274] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 670.828255][T21274] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 670.836641][T21274] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 670.844588][T21274] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 670.852534][T21274] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 670.860481][T21274] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 06:28:42 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x4) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9daa9fddee8030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) r2 = add_key$keyring(&(0x7f0000000300)='keyring\x00', &(0x7f0000000340)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffa) request_key(&(0x7f0000000140)='rxrpc\x00', &(0x7f0000000280)={'syz', 0x0}, &(0x7f00000002c0)='GPLself-\x00', r2) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:28:42 executing program 1: 06:28:42 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xd035010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:42 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xe2, 0x0) 06:28:42 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 670.868437][T21274] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff 06:28:43 executing program 1: [ 670.907872][T21274] memory: usage 307196kB, limit 307200kB, failcnt 4524 [ 670.946003][T21274] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 670.994853][T21274] Memory cgroup stats for /syz3: [ 670.994972][T21274] anon 304648192 [ 670.994972][T21274] file 0 [ 670.994972][T21274] kernel_stack 851968 [ 670.994972][T21274] slab 4612096 [ 670.994972][T21274] sock 0 [ 670.994972][T21274] shmem 0 [ 670.994972][T21274] file_mapped 0 [ 670.994972][T21274] file_dirty 0 [ 670.994972][T21274] file_writeback 0 [ 670.994972][T21274] anon_thp 213909504 [ 670.994972][T21274] inactive_anon 258727936 [ 670.994972][T21274] active_anon 18161664 [ 670.994972][T21274] inactive_file 0 06:28:43 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xd135010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 670.994972][T21274] active_file 0 [ 670.994972][T21274] unevictable 27734016 [ 670.994972][T21274] slab_reclaimable 1351680 [ 670.994972][T21274] slab_unreclaimable 3260416 [ 670.994972][T21274] pgfault 691185 [ 670.994972][T21274] pgmajfault 0 [ 670.994972][T21274] workingset_refault 99 [ 670.994972][T21274] workingset_activate 66 [ 670.994972][T21274] workingset_nodereclaim 0 [ 670.994972][T21274] pgrefill 529 [ 670.994972][T21274] pgscan 564 [ 670.994972][T21274] pgsteal 99 06:28:43 executing program 1: [ 671.109144][T21274] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21266,uid=0 [ 671.125379][T21274] Memory cgroup out of memory: Killed process 21266 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 06:28:43 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xd235010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 671.214084][ T1065] oom_reaper: reaped process 21266 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 06:28:43 executing program 1: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") r1 = creat(&(0x7f0000000040)='./file0\x00', 0x0) write$cgroup_type(r1, &(0x7f0000000180)='threaded\x00', 0x3d3427e) clone(0x20001000104, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='pipefs\x00', 0x0, 0x0) [ 672.113725][T21274] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 672.131750][T21274] CPU: 0 PID: 21274 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 672.140889][T21274] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 672.150952][T21274] Call Trace: [ 672.154249][T21274] dump_stack+0x172/0x1f0 [ 672.158591][T21274] dump_header+0x177/0x1152 [ 672.163116][T21274] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 672.168924][T21274] ? ___ratelimit+0x2c8/0x595 [ 672.173610][T21274] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 672.179411][T21274] ? lockdep_hardirqs_on+0x418/0x5d0 [ 672.184675][T21274] ? trace_hardirqs_on+0x67/0x240 [ 672.189682][T21274] ? pagefault_out_of_memory+0x11c/0x11c [ 672.195300][T21274] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 672.201098][T21274] ? ___ratelimit+0x60/0x595 [ 672.205668][T21274] ? do_raw_spin_unlock+0x57/0x270 [ 672.210777][T21274] oom_kill_process.cold+0x10/0x15 [ 672.215877][T21274] out_of_memory+0x334/0x1340 [ 672.220530][T21274] ? lock_downgrade+0x920/0x920 [ 672.225365][T21274] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 672.231152][T21274] ? oom_killer_disable+0x280/0x280 [ 672.236333][T21274] mem_cgroup_out_of_memory+0x1d8/0x240 [ 672.241858][T21274] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 672.247471][T21274] ? do_raw_spin_unlock+0x57/0x270 [ 672.252561][T21274] ? _raw_spin_unlock+0x2d/0x50 [ 672.257391][T21274] try_charge+0xf4b/0x1440 [ 672.261790][T21274] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 672.267322][T21274] ? percpu_ref_tryget_live+0x111/0x290 [ 672.272850][T21274] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 672.279069][T21274] ? __kasan_check_read+0x11/0x20 [ 672.284073][T21274] ? get_mem_cgroup_from_mm+0x156/0x320 [ 672.289600][T21274] mem_cgroup_try_charge+0x136/0x590 [ 672.294911][T21274] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 672.301134][T21274] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 672.306761][T21274] __handle_mm_fault+0x1e34/0x3f20 [ 672.311875][T21274] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 672.317416][T21274] ? __kasan_check_read+0x11/0x20 [ 672.322951][T21274] handle_mm_fault+0x1b5/0x6c0 [ 672.327699][T21274] __get_user_pages+0x7d4/0x1b30 [ 672.332617][T21274] ? mark_held_locks+0xf0/0xf0 [ 672.337370][T21274] ? follow_page_mask+0x1cf0/0x1cf0 [ 672.342547][T21274] ? __mm_populate+0x270/0x380 [ 672.347314][T21274] ? memset+0x32/0x40 [ 672.351293][T21274] populate_vma_page_range+0x20d/0x2a0 [ 672.356733][T21274] __mm_populate+0x204/0x380 [ 672.361309][T21274] ? populate_vma_page_range+0x2a0/0x2a0 [ 672.366935][T21274] ? up_write+0x1c8/0x490 [ 672.371258][T21274] __x64_sys_mremap+0x7dc/0xb80 [ 672.376180][T21274] ? mremap_to+0x750/0x750 [ 672.380581][T21274] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 672.386076][T21274] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 672.391515][T21274] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 672.397561][T21274] ? do_syscall_64+0x26/0x760 [ 672.402228][T21274] ? lockdep_hardirqs_on+0x418/0x5d0 [ 672.407502][T21274] ? trace_hardirqs_on+0x67/0x240 [ 672.412505][T21274] do_syscall_64+0xfa/0x760 [ 672.416987][T21274] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 672.422856][T21274] RIP: 0033:0x459879 [ 672.426774][T21274] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 672.446476][T21274] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 672.454873][T21274] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 672.462826][T21274] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 672.471157][T21274] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 672.479107][T21274] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 672.487062][T21274] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 672.498513][T21274] memory: usage 307200kB, limit 307200kB, failcnt 4562 [ 672.506052][T21274] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 672.515458][T21274] Memory cgroup stats for /syz3: [ 672.515606][T21274] anon 304635904 [ 672.515606][T21274] file 0 [ 672.515606][T21274] kernel_stack 917504 [ 672.515606][T21274] slab 4612096 [ 672.515606][T21274] sock 0 [ 672.515606][T21274] shmem 0 [ 672.515606][T21274] file_mapped 0 [ 672.515606][T21274] file_dirty 0 [ 672.515606][T21274] file_writeback 0 [ 672.515606][T21274] anon_thp 213909504 [ 672.515606][T21274] inactive_anon 248455168 [ 672.515606][T21274] active_anon 18161664 [ 672.515606][T21274] inactive_file 0 [ 672.515606][T21274] active_file 0 [ 672.515606][T21274] unevictable 38006784 [ 672.515606][T21274] slab_reclaimable 1351680 [ 672.515606][T21274] slab_unreclaimable 3260416 [ 672.515606][T21274] pgfault 696003 [ 672.515606][T21274] pgmajfault 0 [ 672.515606][T21274] workingset_refault 99 [ 672.515606][T21274] workingset_activate 66 [ 672.515606][T21274] workingset_nodereclaim 0 [ 672.515606][T21274] pgrefill 529 [ 672.515606][T21274] pgscan 564 [ 672.515606][T21274] pgsteal 99 [ 672.609259][T21274] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21270,uid=0 [ 672.624981][T21274] Memory cgroup out of memory: Killed process 21270 (syz-executor.3) total-vm:72700kB, anon-rss:14524kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 672.643721][T21303] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 672.643761][ T1065] oom_reaper: reaped process 21270 (syz-executor.3), now anon-rss:14516kB, file-rss:54332kB, shmem-rss:0kB [ 672.657521][T21303] CPU: 1 PID: 21303 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 672.674430][T21303] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 672.684488][T21303] Call Trace: [ 672.687784][T21303] dump_stack+0x172/0x1f0 [ 672.692117][T21303] dump_header+0x177/0x1152 [ 672.696619][T21303] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 672.702528][T21303] ? ___ratelimit+0x2c8/0x595 [ 672.707205][T21303] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 672.713012][T21303] ? lockdep_hardirqs_on+0x418/0x5d0 [ 672.718298][T21303] ? trace_hardirqs_on+0x67/0x240 [ 672.723324][T21303] ? pagefault_out_of_memory+0x11c/0x11c [ 672.728956][T21303] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 672.734763][T21303] ? ___ratelimit+0x60/0x595 [ 672.739352][T21303] ? do_raw_spin_unlock+0x57/0x270 [ 672.744472][T21303] oom_kill_process.cold+0x10/0x15 [ 672.749587][T21303] out_of_memory+0x334/0x1340 [ 672.754267][T21303] ? lock_downgrade+0x920/0x920 [ 672.759126][T21303] ? oom_killer_disable+0x280/0x280 06:28:44 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) r1 = syz_open_dev$swradio(&(0x7f0000000100)='/dev/swradio#\x00', 0x0, 0x2) setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r1, 0x6, 0x21, &(0x7f0000000200)="d4d367cb1f3dfdbbdae284873dc67d18", 0x10) r2 = gettid() timer_create(0x0, &(0x7f0000000440)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f0000044000)) r3 = syz_open_dev$usbmon(&(0x7f0000000040)='/dev/usbmon#\x00', 0x0, 0x0) ioctl$MON_IOCX_MFETCH(r3, 0x40189206, &(0x7f00000001c0)={0x0, 0xfffffffffffffd76}) ioctl$MON_IOCX_MFETCH(r3, 0xc0109207, &(0x7f0000000100)={0x0, 0x0, 0x5}) ioctl$MON_IOCX_MFETCH(r3, 0x80089203, 0x0) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) tkill(r2, 0x800000015) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r4 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r4, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000600)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf27ab441b9cf6a9dbfd73f7a8f26b5d959a98030da6b31ec3f746be8ec05cd91cde8c49f2c3968504fe0e92f5a96ee39723900000000000000047b7a2ee3f4bce4e6abca0500000000000000780905b2a13d8737c7c815590f8f85818d0a02bbd78fcfd1c0047c1e56f9a30708a2eb5a014eb8a5ac2f4644da0ec2cc0656220bef98b9ab3ba7b1ded751e18acf05c930a5874f72a9b4a045ab0e972f1fdc430648c1fa9952e30842a692dcd65fa7c78e955d684a14a94cec36115ebaf0e9a28ee64dc07a6d979e0da4198943deb1f2c94a6980e4997ffaef150b627a5430bfc6f7eb6ca43ff1c2bf85c9cdec01ca3f5c7317b96605cc5f829f56887ed5435d3352f3f36d0e7d0a0746256daa0bdb872cd9b7ec2e00c16cdf049249720a0eac92d0c45759a468d14a86bcceac59f20a7b7feb3c53aac75b619fb4d6c42b7ad53bf2636b6b6cbc8e67e78201984a6e88dd0c6fbc48911517985218f880d1530e118e5eff043bfcaa0d733fbef56adcf2b04fed80786e6fadb4ed48825f493187bd4987ca1c52"], 0x9) r5 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$KVM_GET_VCPU_MMAP_SIZE(r0, 0xae04) ioctl$RNDCLEARPOOL(r5, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:28:44 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xe3, 0x0) [ 672.764342][T21303] mem_cgroup_out_of_memory+0x1d8/0x240 [ 672.769891][T21303] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 672.775529][T21303] ? do_raw_spin_unlock+0x57/0x270 [ 672.780645][T21303] ? _raw_spin_unlock+0x2d/0x50 [ 672.785516][T21303] try_charge+0xf4b/0x1440 [ 672.789953][T21303] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 672.795502][T21303] ? percpu_ref_tryget_live+0x111/0x290 [ 672.801055][T21303] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 672.807305][T21303] ? __kasan_check_read+0x11/0x20 [ 672.807327][T21303] ? get_mem_cgroup_from_mm+0x156/0x320 [ 672.807345][T21303] mem_cgroup_try_charge+0x136/0x590 [ 672.817884][T21303] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 672.817905][T21303] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 672.817925][T21303] wp_page_copy+0x41e/0x1590 [ 672.817944][T21303] ? find_held_lock+0x35/0x130 [ 672.844386][T21303] ? pmd_pfn+0x1d0/0x1d0 [ 672.848649][T21303] ? lock_downgrade+0x920/0x920 [ 672.853513][T21303] ? swp_swapcount+0x540/0x540 [ 672.858288][T21303] ? __kasan_check_read+0x11/0x20 [ 672.863318][T21303] ? do_raw_spin_unlock+0x57/0x270 [ 672.868435][T21303] do_wp_page+0x499/0x14d0 [ 672.872850][T21303] ? finish_mkwrite_fault+0x570/0x570 [ 672.878218][T21303] __handle_mm_fault+0x22f1/0x3f20 [ 672.883328][T21303] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 672.888885][T21303] ? __kasan_check_read+0x11/0x20 [ 672.893904][T21303] handle_mm_fault+0x1b5/0x6c0 [ 672.898649][T21303] __get_user_pages+0x7d4/0x1b30 [ 672.903569][T21303] ? mark_held_locks+0xf0/0xf0 [ 672.908336][T21303] ? follow_page_mask+0x1cf0/0x1cf0 [ 672.913568][T21303] ? __mm_populate+0x270/0x380 [ 672.918328][T21303] ? __kasan_check_write+0x14/0x20 [ 672.923440][T21303] ? down_read+0x109/0x430 [ 672.927850][T21303] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 672.934075][T21303] populate_vma_page_range+0x20d/0x2a0 [ 672.939517][T21303] __mm_populate+0x204/0x380 [ 672.944087][T21303] ? populate_vma_page_range+0x2a0/0x2a0 [ 672.949702][T21303] ? __kasan_check_write+0x14/0x20 [ 672.954794][T21303] ? up_write+0x155/0x490 [ 672.959144][T21303] ? ns_capable_common+0x93/0x100 [ 672.964252][T21303] __x64_sys_mlockall+0x473/0x520 [ 672.969270][T21303] do_syscall_64+0xfa/0x760 [ 672.973786][T21303] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 672.979667][T21303] RIP: 0033:0x459879 [ 672.983551][T21303] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 673.003141][T21303] RSP: 002b:00007fe89cd08c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 673.011557][T21303] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 673.019531][T21303] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 673.027502][T21303] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 673.035472][T21303] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd096d4 [ 673.043438][T21303] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 673.053726][T21303] memory: usage 307200kB, limit 307200kB, failcnt 5183 [ 673.060642][T21303] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 673.067567][T21303] Memory cgroup stats for /syz2: [ 673.067677][T21303] anon 304705536 [ 673.067677][T21303] file 28672 [ 673.067677][T21303] kernel_stack 983040 [ 673.067677][T21303] slab 4419584 [ 673.067677][T21303] sock 0 [ 673.067677][T21303] shmem 0 [ 673.067677][T21303] file_mapped 0 [ 673.067677][T21303] file_dirty 0 [ 673.067677][T21303] file_writeback 0 [ 673.067677][T21303] anon_thp 224395264 [ 673.067677][T21303] inactive_anon 244994048 [ 673.067677][T21303] active_anon 11714560 [ 673.067677][T21303] inactive_file 0 [ 673.067677][T21303] active_file 0 [ 673.067677][T21303] unevictable 47878144 [ 673.067677][T21303] slab_reclaimable 1216512 [ 673.067677][T21303] slab_unreclaimable 3203072 [ 673.067677][T21303] pgfault 719433 [ 673.067677][T21303] pgmajfault 0 [ 673.067677][T21303] workingset_refault 165 [ 673.067677][T21303] workingset_activate 66 [ 673.067677][T21303] workingset_nodereclaim 0 [ 673.067677][T21303] pgrefill 1334 [ 673.067677][T21303] pgscan 1561 [ 673.067677][T21303] pgsteal 198 [ 673.165606][T21303] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21284,uid=0 [ 673.181197][T21303] Memory cgroup out of memory: Killed process 21284 (syz-executor.2) total-vm:72832kB, anon-rss:18152kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 673.200138][ T1065] oom_reaper: reaped process 21284 (syz-executor.2), now anon-rss:18160kB, file-rss:54332kB, shmem-rss:0kB [ 673.206216][T21317] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 673.229935][T21317] CPU: 1 PID: 21317 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 673.239047][T21317] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 673.249098][T21317] Call Trace: [ 673.252401][T21317] dump_stack+0x172/0x1f0 [ 673.256744][T21317] dump_header+0x177/0x1152 [ 673.261254][T21317] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 673.267056][T21317] ? ___ratelimit+0x2c8/0x595 [ 673.271737][T21317] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 673.277546][T21317] ? lockdep_hardirqs_on+0x418/0x5d0 [ 673.282831][T21317] ? trace_hardirqs_on+0x67/0x240 [ 673.287879][T21317] ? pagefault_out_of_memory+0x11c/0x11c [ 673.293517][T21317] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 673.299335][T21317] ? ___ratelimit+0x60/0x595 [ 673.303922][T21317] ? do_raw_spin_unlock+0x57/0x270 [ 673.309035][T21317] oom_kill_process.cold+0x10/0x15 [ 673.314147][T21317] out_of_memory+0x334/0x1340 06:28:45 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c3968509975d53a3f6b5c050832e5b34a71f273e68f285d59fb8c7f594dadf38f5ca0d147b455b9897e614fa73fe58ff32f763d0321811fbc094e2489fa5dffc13862d0a099a0c40287ea0000000000002de20982eb1f89aa8dd488aef9ac9fb97f99d07c4ac6b51d248b2f2c07713a99170676c920ef4e710ef8efd32fac675d214c7cc6fdd7660f6c4bb9df2ee18bb830d20b26403df14c97fc4400"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:28:45 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xd335010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:45 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:28:45 executing program 1: socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000580)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200) r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0) r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000b40)=ANY=[@ANYBLOB="580000000000000029000000390000000208030000000000fe8800000000000000000000000000010000000000000000000000000000000100000000000000000000000000000000ff010000000000000000000000000001080200000000000029000000040000002f3d00000000000003f887d8a5445ae6281557f739a326e37d81607df2ece2c60e6d2d455654cc6b6e37a258ad2d8b929fd27bdc007a42c06b6a67249d356de1e04080e8382f57e08d519901712907193f84425d5e0462607a6ec3aced38a14cee2a962fd0d40d93e2e1e641227da324d87e44299bf171438644f3586f2291a09629769915e5ecccdfdd05f735641ec50718aa4203e3d2f2643f2f41e20791e4c0d743af738f2f3ad029504a1304625d7fdbc86fef52479795e667623239948234f91d2a6cab786ad2f885d2866dacdce55dd14c209b8e48924c56941f8b92d36d499a9407bbc8a75559418a22725e3916738c30a5b35e2174fb49471b660927f42c040108002515e5f3fd3db5201cc569de64a9fbb20395656a022fbec17a9638c0212a4ec7436aa372e61d05020005c204000000099cbf7265baeb7c4b4a58418916a03d8778ad995bb2a227f8ab84cd806bbbebd05e5f059be6621c6d4082cfb60f88af5b9a4803f7fb2fe660576579fdc5346732a6569e53a11856a9c87887820d82bccf9f628ae8af5e7bddffc8e095e5aea6bbce79a3c0efd91c915a9048968560d41f04a0669545adc366ea633469453e0c1085cc124491e05e4d1a1dd03ee47a0bc37199dc38b48c57cc1702a68975eb118e3cd34b1cbd4f2f0d1a14556c0b979e5f9acbbb8885897f0cac4b7cff7bf993343f966f0014000000000000002900000043000000ff070000000000001400000000000000290000003e000000080000000000000014000000000000002900000043000000090000000000000058020000000000002900000036000000d947000000000000c91000000000000000000000000000000000ff89bc4d5b33b45252789465a53d27386700d69c57e1c9c05f265b766bde071444f7d5dcc16fe965851c8ed46c21d86e627ad7e9790162a8dd0840c7a8616c543a7bcc3c056af695c2b224748543831c46e00e592349dd233cce05af67b3722e9e87938ee2f818d0411168ace9170abe083df4df355a67c28e6af4fff642183a4960ed0707e21f1a270b05040101066a4ed4757328288fa9a70ce1d78e1ebc503a20bd8488182452a6894061df7aa3815c867fc90593695dc34c67c44f7c04bbd140b61d0e218e5f4ffc1be650cc6fe20e0e5aebc355b3d057c050df5cfbd45ba42ee9b70634fc5c9c7244cac51b1178bd8cea7b0b1873ad91776de62fc74d0fa847df2fa0feede680502e4c92817af22348fa90f73d4c90cb0ed58d53035d8b123be5e86316d582958f40dc39f8b6f2cafcfe5ef560e692285d8c123fd0fe362dd0d16bd5f9c581749f0abd03a54795a752c3c6bbc4416870335a7dd70e3399a8f473da26ca71ae07271f4ed2f63a54884c"], 0x446}, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x1f, 0x0, 0x168) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_ENABLE_CAP_CPU(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000040)={0x0, 0x5, [], [0xc1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000]}) [ 673.318827][T21317] ? lock_downgrade+0x920/0x920 [ 673.323680][T21317] ? oom_killer_disable+0x280/0x280 [ 673.328893][T21317] mem_cgroup_out_of_memory+0x1d8/0x240 [ 673.334441][T21317] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 673.340078][T21317] ? do_raw_spin_unlock+0x57/0x270 [ 673.345190][T21317] ? _raw_spin_unlock+0x2d/0x50 [ 673.350045][T21317] try_charge+0xf4b/0x1440 [ 673.354479][T21317] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 673.360036][T21317] ? find_held_lock+0x35/0x130 [ 673.364817][T21317] ? get_mem_cgroup_from_mm+0x139/0x320 [ 673.370378][T21317] ? lock_downgrade+0x920/0x920 [ 673.375226][T21317] ? percpu_ref_tryget_live+0x111/0x290 [ 673.380772][T21317] __memcg_kmem_charge_memcg+0x71/0xf0 [ 673.380787][T21317] ? memcg_kmem_put_cache+0x50/0x50 [ 673.380807][T21317] ? get_mem_cgroup_from_mm+0x156/0x320 [ 673.396957][T21317] __memcg_kmem_charge+0x13a/0x3a0 [ 673.396978][T21317] __alloc_pages_nodemask+0x4f7/0x900 [ 673.396995][T21317] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 673.397011][T21317] ? __alloc_pages_slowpath+0x2540/0x2540 [ 673.397025][T21317] ? percpu_ref_put_many+0xb6/0x190 [ 673.397043][T21317] ? lockdep_hardirqs_on+0x418/0x5d0 [ 673.397060][T21317] ? trace_hardirqs_on+0x67/0x240 [ 673.434186][T21317] ? __kasan_check_read+0x11/0x20 [ 673.439221][T21317] copy_process+0x3f8/0x6830 [ 673.443822][T21317] ? __kasan_check_read+0x11/0x20 [ 673.448848][T21317] ? __lock_acquire+0x16f2/0x4a00 [ 673.453880][T21317] ? __cleanup_sighand+0x60/0x60 [ 673.458823][T21317] ? __might_fault+0x12b/0x1e0 [ 673.463596][T21317] ? __might_fault+0x12b/0x1e0 [ 673.468372][T21317] _do_fork+0x146/0xfa0 [ 673.472535][T21317] ? copy_init_mm+0x20/0x20 [ 673.477044][T21317] ? __kasan_check_read+0x11/0x20 [ 673.482064][T21317] ? _copy_to_user+0x118/0x160 [ 673.486836][T21317] __x64_sys_clone+0x1ab/0x270 [ 673.491604][T21317] ? __ia32_sys_vfork+0xd0/0xd0 [ 673.496468][T21317] ? do_syscall_64+0x26/0x760 [ 673.501146][T21317] ? lockdep_hardirqs_on+0x418/0x5d0 [ 673.506436][T21317] ? trace_hardirqs_on+0x67/0x240 [ 673.511466][T21317] do_syscall_64+0xfa/0x760 [ 673.515985][T21317] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 673.521873][T21317] RIP: 0033:0x459879 [ 673.525775][T21317] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 673.545377][T21317] RSP: 002b:00007fc0ba507c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 673.553782][T21317] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 673.561738][T21317] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000000 [ 673.569690][T21317] RBP: 000000000075bfc8 R08: ffffffffffffffff R09: 0000000000000000 [ 673.577651][T21317] R10: 0000000020000240 R11: 0000000000000246 R12: 00007fc0ba5086d4 [ 673.585713][T21317] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 00000000ffffffff [ 673.594738][T21317] memory: usage 307192kB, limit 307200kB, failcnt 4580 [ 673.601880][T21317] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 673.609077][T21317] Memory cgroup stats for /syz3: [ 673.609191][T21317] anon 304615424 [ 673.609191][T21317] file 0 [ 673.609191][T21317] kernel_stack 1048576 [ 673.609191][T21317] slab 4612096 [ 673.609191][T21317] sock 0 [ 673.609191][T21317] shmem 0 [ 673.609191][T21317] file_mapped 0 [ 673.609191][T21317] file_dirty 0 [ 673.609191][T21317] file_writeback 0 [ 673.609191][T21317] anon_thp 213909504 [ 673.609191][T21317] inactive_anon 258727936 [ 673.609191][T21317] active_anon 18161664 [ 673.609191][T21317] inactive_file 0 [ 673.609191][T21317] active_file 0 [ 673.609191][T21317] unevictable 27598848 [ 673.609191][T21317] slab_reclaimable 1351680 [ 673.609191][T21317] slab_unreclaimable 3260416 [ 673.609191][T21317] pgfault 697257 [ 673.609191][T21317] pgmajfault 0 [ 673.609191][T21317] workingset_refault 99 [ 673.609191][T21317] workingset_activate 66 [ 673.609191][T21317] workingset_nodereclaim 0 [ 673.609191][T21317] pgrefill 529 [ 673.609191][T21317] pgscan 564 [ 673.609191][T21317] pgsteal 99 [ 673.703308][T21317] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21307,uid=0 [ 673.719474][T21317] Memory cgroup out of memory: Killed process 21307 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 673.767890][T21316] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 673.788394][T21316] CPU: 1 PID: 21316 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 673.797515][T21316] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 673.807565][T21316] Call Trace: [ 673.810865][T21316] dump_stack+0x172/0x1f0 [ 673.815194][T21316] dump_header+0x177/0x1152 [ 673.819687][T21316] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 673.825477][T21316] ? ___ratelimit+0x2c8/0x595 [ 673.830141][T21316] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 673.835930][T21316] ? lockdep_hardirqs_on+0x418/0x5d0 [ 673.841197][T21316] ? trace_hardirqs_on+0x67/0x240 [ 673.846201][T21316] ? pagefault_out_of_memory+0x11c/0x11c [ 673.851819][T21316] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 673.857607][T21316] ? ___ratelimit+0x60/0x595 [ 673.862177][T21316] ? do_raw_spin_unlock+0x57/0x270 [ 673.867280][T21316] oom_kill_process.cold+0x10/0x15 [ 673.872380][T21316] out_of_memory+0x334/0x1340 [ 673.877038][T21316] ? lock_downgrade+0x920/0x920 [ 673.881874][T21316] ? oom_killer_disable+0x280/0x280 [ 673.887060][T21316] mem_cgroup_out_of_memory+0x1d8/0x240 [ 673.892591][T21316] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 673.898301][T21316] ? do_raw_spin_unlock+0x57/0x270 [ 673.903409][T21316] ? _raw_spin_unlock+0x2d/0x50 [ 673.908245][T21316] try_charge+0xa2d/0x1440 [ 673.912657][T21316] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 673.918182][T21316] ? percpu_ref_tryget_live+0x111/0x290 [ 673.923710][T21316] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 673.929933][T21316] ? __kasan_check_read+0x11/0x20 [ 673.934943][T21316] ? get_mem_cgroup_from_mm+0x156/0x320 [ 673.940469][T21316] mem_cgroup_try_charge+0x136/0x590 [ 673.945733][T21316] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 673.951955][T21316] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 673.957572][T21316] __handle_mm_fault+0x1e34/0x3f20 [ 673.962669][T21316] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 673.968204][T21316] ? __kasan_check_read+0x11/0x20 [ 673.973215][T21316] handle_mm_fault+0x1b5/0x6c0 [ 673.977961][T21316] __get_user_pages+0x7d4/0x1b30 [ 673.982878][T21316] ? mark_held_locks+0xf0/0xf0 [ 673.987632][T21316] ? follow_page_mask+0x1cf0/0x1cf0 [ 673.992814][T21316] ? __mm_populate+0x270/0x380 [ 673.997572][T21316] ? __kasan_check_write+0x14/0x20 [ 674.002666][T21316] ? down_read+0x109/0x430 [ 674.007064][T21316] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 674.013405][T21316] populate_vma_page_range+0x20d/0x2a0 [ 674.018870][T21316] __mm_populate+0x204/0x380 [ 674.023450][T21316] ? populate_vma_page_range+0x2a0/0x2a0 [ 674.029067][T21316] ? __kasan_check_write+0x14/0x20 [ 674.034166][T21316] ? up_write+0x155/0x490 [ 674.038479][T21316] ? ns_capable_common+0x93/0x100 [ 674.043493][T21316] __x64_sys_mlockall+0x473/0x520 [ 674.048501][T21316] do_syscall_64+0xfa/0x760 [ 674.053010][T21316] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 674.058989][T21316] RIP: 0033:0x459879 [ 674.062865][T21316] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 674.082445][T21316] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 674.090848][T21316] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 674.098798][T21316] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 674.106748][T21316] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 06:28:46 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xe4, 0x0) 06:28:46 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xd435010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 674.115222][T21316] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 674.123345][T21316] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff 06:28:46 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 674.228777][T21316] memory: usage 288816kB, limit 307200kB, failcnt 4580 [ 674.242313][T21316] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 674.253046][T21316] Memory cgroup stats for /syz3: [ 674.253159][T21316] anon 285986816 [ 674.253159][T21316] file 0 [ 674.253159][T21316] kernel_stack 1048576 [ 674.253159][T21316] slab 4612096 [ 674.253159][T21316] sock 0 [ 674.253159][T21316] shmem 0 [ 674.253159][T21316] file_mapped 0 [ 674.253159][T21316] file_dirty 0 [ 674.253159][T21316] file_writeback 0 [ 674.253159][T21316] anon_thp 213909504 [ 674.253159][T21316] inactive_anon 240209920 [ 674.253159][T21316] active_anon 18161664 [ 674.253159][T21316] inactive_file 0 [ 674.253159][T21316] active_file 0 [ 674.253159][T21316] unevictable 27598848 [ 674.253159][T21316] slab_reclaimable 1351680 [ 674.253159][T21316] slab_unreclaimable 3260416 [ 674.253159][T21316] pgfault 697257 [ 674.253159][T21316] pgmajfault 0 [ 674.253159][T21316] workingset_refault 99 [ 674.253159][T21316] workingset_activate 66 [ 674.253159][T21316] workingset_nodereclaim 0 [ 674.253159][T21316] pgrefill 529 [ 674.253159][T21316] pgscan 564 [ 674.253159][T21316] pgsteal 99 [ 674.349989][T21316] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=20940,uid=0 [ 674.365881][T21316] Memory cgroup out of memory: Killed process 20940 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 674.407714][T21324] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 674.437331][T21324] CPU: 0 PID: 21324 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 674.446452][T21324] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 674.456492][T21324] Call Trace: [ 674.459768][T21324] dump_stack+0x172/0x1f0 [ 674.464086][T21324] dump_header+0x177/0x1152 [ 674.468576][T21324] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 674.474363][T21324] ? ___ratelimit+0x2c8/0x595 [ 674.479020][T21324] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 674.484826][T21324] ? lockdep_hardirqs_on+0x418/0x5d0 [ 674.490092][T21324] ? trace_hardirqs_on+0x67/0x240 [ 674.495100][T21324] ? pagefault_out_of_memory+0x11c/0x11c [ 674.500715][T21324] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 674.506501][T21324] ? ___ratelimit+0x60/0x595 [ 674.511072][T21324] ? do_raw_spin_unlock+0x57/0x270 [ 674.516165][T21324] oom_kill_process.cold+0x10/0x15 [ 674.521268][T21324] out_of_memory+0x334/0x1340 [ 674.525926][T21324] ? lock_downgrade+0x920/0x920 [ 674.530764][T21324] ? oom_killer_disable+0x280/0x280 [ 674.535953][T21324] mem_cgroup_out_of_memory+0x1d8/0x240 [ 674.541479][T21324] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 674.547092][T21324] ? do_raw_spin_unlock+0x57/0x270 [ 674.552186][T21324] ? _raw_spin_unlock+0x2d/0x50 [ 674.557019][T21324] try_charge+0xf4b/0x1440 [ 674.561423][T21324] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 674.566951][T21324] ? percpu_ref_tryget_live+0x111/0x290 [ 674.572481][T21324] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 674.578724][T21324] ? __kasan_check_read+0x11/0x20 [ 674.583733][T21324] ? get_mem_cgroup_from_mm+0x156/0x320 [ 674.589274][T21324] mem_cgroup_try_charge+0x136/0x590 [ 674.594542][T21324] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 674.600764][T21324] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 674.606383][T21324] __handle_mm_fault+0x1e34/0x3f20 [ 674.611483][T21324] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 674.617018][T21324] ? __kasan_check_read+0x11/0x20 [ 674.622040][T21324] handle_mm_fault+0x1b5/0x6c0 [ 674.626793][T21324] __get_user_pages+0x7d4/0x1b30 [ 674.631711][T21324] ? mark_held_locks+0xf0/0xf0 [ 674.636463][T21324] ? follow_page_mask+0x1cf0/0x1cf0 [ 674.641640][T21324] ? __mm_populate+0x270/0x380 [ 674.646390][T21324] ? __kasan_check_write+0x14/0x20 [ 674.651491][T21324] ? down_read+0x109/0x430 [ 674.655887][T21324] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 674.662108][T21324] populate_vma_page_range+0x20d/0x2a0 [ 674.667561][T21324] __mm_populate+0x204/0x380 [ 674.672136][T21324] ? populate_vma_page_range+0x2a0/0x2a0 [ 674.677751][T21324] ? __kasan_check_write+0x14/0x20 [ 674.682844][T21324] ? up_write+0x155/0x490 [ 674.687162][T21324] ? ns_capable_common+0x93/0x100 [ 674.692181][T21324] __x64_sys_mlockall+0x473/0x520 [ 674.697190][T21324] do_syscall_64+0xfa/0x760 [ 674.701674][T21324] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 674.707555][T21324] RIP: 0033:0x459879 [ 674.711429][T21324] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 674.731010][T21324] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 674.739410][T21324] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 674.747446][T21324] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 674.755397][T21324] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 674.763347][T21324] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 674.771298][T21324] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff 06:28:46 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xd535010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:46 executing program 1: socket$vsock_stream(0x28, 0x1, 0x0) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x8927, 0x719000) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000300)) pipe(&(0x7f00000004c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f0000000340), 0x41395527) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clock_gettime(0x0, &(0x7f0000000440)={0x0, 0x0}) getsockopt$inet6_IPV6_IPSEC_POLICY(r1, 0x29, 0x22, 0x0, 0x0) creat(&(0x7f0000000280)='./file0\x00', 0x0) pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0xff}, &(0x7f0000000200)={0x0, r2+30000000}, 0x0) setsockopt$bt_l2cap_L2CAP_CONNINFO(r0, 0x6, 0x2, &(0x7f00000001c0)={0x0, 0x4, 0x6, 0x4}, 0x6) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) [ 674.887156][T21324] memory: usage 307196kB, limit 307200kB, failcnt 5211 [ 674.916777][T21324] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 06:28:47 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xe5, 0x0) [ 675.136576][T21324] Memory cgroup stats for /syz2: [ 675.136692][T21324] anon 304771072 [ 675.136692][T21324] file 28672 [ 675.136692][T21324] kernel_stack 917504 [ 675.136692][T21324] slab 4419584 [ 675.136692][T21324] sock 0 [ 675.136692][T21324] shmem 0 [ 675.136692][T21324] file_mapped 0 [ 675.136692][T21324] file_dirty 0 [ 675.136692][T21324] file_writeback 0 [ 675.136692][T21324] anon_thp 222298112 [ 675.136692][T21324] inactive_anon 252624896 [ 675.136692][T21324] active_anon 11714560 [ 675.136692][T21324] inactive_file 0 [ 675.136692][T21324] active_file 0 [ 675.136692][T21324] unevictable 40415232 [ 675.136692][T21324] slab_reclaimable 1216512 [ 675.136692][T21324] slab_unreclaimable 3203072 [ 675.136692][T21324] pgfault 722238 [ 675.136692][T21324] pgmajfault 0 [ 675.136692][T21324] workingset_refault 165 [ 675.136692][T21324] workingset_activate 66 [ 675.136692][T21324] workingset_nodereclaim 0 [ 675.136692][T21324] pgrefill 1334 [ 675.136692][T21324] pgscan 1561 [ 675.136692][T21324] pgsteal 198 [ 675.238661][T21324] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21305,uid=0 [ 675.266335][T21324] Memory cgroup out of memory: Killed process 21305 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 675.313237][ T1065] oom_reaper: reaped process 21305 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 675.363159][T21313] cgroup: fork rejected by pids controller in /syz3 06:28:47 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xd635010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:47 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r0, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 675.894724][T21470] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 675.905102][T21470] CPU: 1 PID: 21470 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 675.914213][T21470] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 675.924264][T21470] Call Trace: [ 675.927567][T21470] dump_stack+0x172/0x1f0 [ 675.931896][T21470] dump_header+0x177/0x1152 [ 675.936396][T21470] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 675.942204][T21470] ? ___ratelimit+0x2c8/0x595 [ 675.946886][T21470] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 675.952699][T21470] ? lockdep_hardirqs_on+0x418/0x5d0 [ 675.958000][T21470] ? trace_hardirqs_on+0x67/0x240 [ 675.963034][T21470] ? pagefault_out_of_memory+0x11c/0x11c [ 675.968670][T21470] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 675.974480][T21470] ? ___ratelimit+0x60/0x595 [ 675.979078][T21470] ? do_raw_spin_unlock+0x57/0x270 [ 675.984190][T21470] oom_kill_process.cold+0x10/0x15 [ 675.989296][T21470] out_of_memory+0x334/0x1340 [ 675.989309][T21470] ? lock_downgrade+0x920/0x920 [ 675.989347][T21470] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 675.989367][T21470] ? oom_killer_disable+0x280/0x280 [ 676.009852][T21470] mem_cgroup_out_of_memory+0x1d8/0x240 [ 676.015408][T21470] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 676.021049][T21470] ? do_raw_spin_unlock+0x57/0x270 [ 676.026169][T21470] ? _raw_spin_unlock+0x2d/0x50 [ 676.031021][T21470] try_charge+0xf4b/0x1440 [ 676.035431][T21470] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 676.040953][T21470] ? percpu_ref_tryget_live+0x111/0x290 [ 676.046477][T21470] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 676.052757][T21470] ? __kasan_check_read+0x11/0x20 [ 676.057803][T21470] ? get_mem_cgroup_from_mm+0x156/0x320 [ 676.063329][T21470] mem_cgroup_try_charge+0x136/0x590 [ 676.068593][T21470] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 676.074811][T21470] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 676.080424][T21470] wp_page_copy+0x41e/0x1590 [ 676.084995][T21470] ? find_held_lock+0x35/0x130 [ 676.089757][T21470] ? pmd_pfn+0x1d0/0x1d0 [ 676.093987][T21470] ? lock_downgrade+0x920/0x920 [ 676.098825][T21470] ? swp_swapcount+0x540/0x540 [ 676.103580][T21470] ? __kasan_check_read+0x11/0x20 [ 676.108589][T21470] ? do_raw_spin_unlock+0x57/0x270 [ 676.113730][T21470] do_wp_page+0x499/0x14d0 [ 676.118141][T21470] ? finish_mkwrite_fault+0x570/0x570 [ 676.123499][T21470] __handle_mm_fault+0x22f1/0x3f20 [ 676.128594][T21470] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 676.134140][T21470] ? __kasan_check_read+0x11/0x20 [ 676.139153][T21470] handle_mm_fault+0x1b5/0x6c0 [ 676.143900][T21470] __get_user_pages+0x7d4/0x1b30 [ 676.148966][T21470] ? mark_held_locks+0xf0/0xf0 [ 676.153726][T21470] ? follow_page_mask+0x1cf0/0x1cf0 [ 676.158909][T21470] ? __mm_populate+0x270/0x380 [ 676.163668][T21470] ? __kasan_check_write+0x14/0x20 [ 676.168767][T21470] ? down_read+0x109/0x430 [ 676.173167][T21470] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 676.179395][T21470] populate_vma_page_range+0x20d/0x2a0 [ 676.184841][T21470] __mm_populate+0x204/0x380 [ 676.189419][T21470] ? populate_vma_page_range+0x2a0/0x2a0 [ 676.195035][T21470] ? __kasan_check_write+0x14/0x20 [ 676.200139][T21470] ? up_write+0x155/0x490 [ 676.204452][T21470] ? ns_capable_common+0x93/0x100 [ 676.209470][T21470] __x64_sys_mlockall+0x473/0x520 [ 676.214478][T21470] do_syscall_64+0xfa/0x760 [ 676.218963][T21470] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 676.224843][T21470] RIP: 0033:0x459879 [ 676.228729][T21470] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 676.248320][T21470] RSP: 002b:00007fe89cce7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 676.256839][T21470] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 676.264789][T21470] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 676.272775][T21470] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 676.280725][T21470] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cce86d4 [ 676.288714][T21470] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 676.297031][T21470] memory: usage 307172kB, limit 307200kB, failcnt 5227 [ 676.304048][T21470] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 676.311170][T21470] Memory cgroup stats for /syz2: [ 676.311285][T21470] anon 304603136 [ 676.311285][T21470] file 28672 [ 676.311285][T21470] kernel_stack 983040 [ 676.311285][T21470] slab 4419584 [ 676.311285][T21470] sock 0 [ 676.311285][T21470] shmem 0 [ 676.311285][T21470] file_mapped 0 [ 676.311285][T21470] file_dirty 0 [ 676.311285][T21470] file_writeback 0 [ 676.311285][T21470] anon_thp 226492416 [ 676.311285][T21470] inactive_anon 246923264 [ 676.311285][T21470] active_anon 11714560 [ 676.311285][T21470] inactive_file 0 [ 676.311285][T21470] active_file 0 [ 676.311285][T21470] unevictable 45928448 [ 676.311285][T21470] slab_reclaimable 1216512 [ 676.311285][T21470] slab_unreclaimable 3203072 [ 676.311285][T21470] pgfault 725505 [ 676.311285][T21470] pgmajfault 0 [ 676.311285][T21470] workingset_refault 165 [ 676.311285][T21470] workingset_activate 66 [ 676.311285][T21470] workingset_nodereclaim 0 [ 676.311285][T21470] pgrefill 1334 [ 676.311285][T21470] pgscan 1561 [ 676.311285][T21470] pgsteal 198 [ 676.405674][T21470] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21323,uid=0 [ 676.421242][T21470] Memory cgroup out of memory: Killed process 21323 (syz-executor.2) total-vm:72832kB, anon-rss:18084kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 676.439568][ T1065] oom_reaper: reaped process 21323 (syz-executor.2), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB 06:28:49 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) r2 = mq_open(&(0x7f0000000140)='security.SMACK64\x00', 0x0, 0x100, &(0x7f0000000280)={0x2, 0x8, 0x80, 0x3, 0xfff, 0x1, 0xff, 0x1}) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x1) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") poll(&(0x7f00000002c0)=[{r2, 0x2}, {r3, 0x14c}, {r4, 0xcf1c91f23033dda7}, {r0, 0x11}], 0x4, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r5 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r5, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:28:49 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xd735010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:49 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") getsockopt$sock_int(r1, 0x1, 0x29, &(0x7f0000000100), &(0x7f0000000200)=0x4) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c0067d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:28:49 executing program 1: syz_open_dev$rtc(&(0x7f0000000380)='/dev/rtc#\x00', 0x5, 0x10000) r0 = perf_event_open(&(0x7f00000004c0)={0x2, 0x70, 0x70, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x800000000000, 0x0, 0x0, 0x19, 0x0, 0x0, 0x200, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000000}, 0x0, 0xb, 0xffffffffffffffff, 0x0) r1 = open(0xfffffffffffffffe, 0x141042, 0x20000000000) open(&(0x7f0000000200)='./bus\x00', 0x8040, 0x32) ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000300)=0x41b) r2 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) fchown(r2, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xed}}, 0x0, 0xffffffffffffffff, r2, 0x0) rmdir(&(0x7f00000006c0)='./file0\x00') socket$inet6(0xa, 0x1, 0xfffdffffffffffff) creat(&(0x7f00000002c0)='./bus\x00', 0x4) setxattr$security_selinux(&(0x7f00000005c0)='./bus\x00', &(0x7f0000000540)='security.selinux\x00', &(0x7f0000000480)='system_u:object_r:hald_mac_exec_t:s0\x00', 0x25, 0x3) rmdir(&(0x7f0000000580)='./bus\x00') write$binfmt_elf64(r0, &(0x7f00000001c0)=ANY=[], 0x0) r3 = socket$inet6(0xa, 0x3, 0xa) r4 = syz_open_procfs(0x0, &(0x7f0000000340)='net/ip6_flowlabel\x00n\xc01\x14\x894X\xed\xc1\xc9\xd8\xdcK\r\x8d\xae\x98&@\xd0\xe6\xbbQ\xd7\xffYn\x1c\x92\xde\x0e\xaa1\x91\x98\xe9\x1f\nMCi|+\xcdw\xf0\x176Z\xf1`\xac\xf3;\xd6d2\xeb\xe5\f\x0e\x8b\xda\xf7\xfc9\xfe\xff4\xef\'\xa19q\x93\"\x7fG3\xc1E\xe6e6\xc6\xc2u\x11% \xe7+0\x97\x84;\\\xda\xc4\x80\xc3\xb18N\xbfY%\x05\xf8\x85\x89\xfc\xd2\xd7') sendfile(r3, r4, &(0x7f00000001c0)=0x202, 0x8) 06:28:49 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xe6, 0x0) 06:28:49 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r0, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 677.234276][ T26] audit: type=1804 audit(1567664929.318:100): pid=21481 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir015414142/syzkaller.NMOu8l/750/bus" dev="sda1" ino=16695 res=1 06:28:49 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xd835010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 677.315165][ T26] audit: type=1804 audit(1567664929.398:101): pid=21487 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.1" name="/root/syzkaller-testdir015414142/syzkaller.NMOu8l/750/bus" dev="sda1" ino=16695 res=1 06:28:49 executing program 1: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xdf, 0x0) 06:28:49 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xd935010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:49 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xda35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:49 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xdb35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 677.988524][T21507] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 678.014044][T21507] CPU: 0 PID: 21507 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 678.023283][T21507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 678.033345][T21507] Call Trace: [ 678.036645][T21507] dump_stack+0x172/0x1f0 [ 678.040989][T21507] dump_header+0x177/0x1152 [ 678.045500][T21507] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 678.051305][T21507] ? ___ratelimit+0x2c8/0x595 [ 678.055992][T21507] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 678.061804][T21507] ? lockdep_hardirqs_on+0x418/0x5d0 [ 678.067092][T21507] ? trace_hardirqs_on+0x67/0x240 [ 678.072125][T21507] ? pagefault_out_of_memory+0x11c/0x11c [ 678.077762][T21507] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 678.083565][T21507] ? ___ratelimit+0x60/0x595 06:28:50 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000000)='./file0\x00') mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, 0xffffffffffffffff, 0x0) ftruncate(0xffffffffffffffff, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r0, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 678.088157][T21507] ? do_raw_spin_unlock+0x57/0x270 [ 678.093277][T21507] oom_kill_process.cold+0x10/0x15 [ 678.098392][T21507] out_of_memory+0x334/0x1340 [ 678.103081][T21507] ? lock_downgrade+0x920/0x920 [ 678.107942][T21507] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 678.113755][T21507] ? oom_killer_disable+0x280/0x280 [ 678.118969][T21507] mem_cgroup_out_of_memory+0x1d8/0x240 [ 678.124524][T21507] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 678.130167][T21507] ? do_raw_spin_unlock+0x57/0x270 [ 678.135291][T21507] ? _raw_spin_unlock+0x2d/0x50 [ 678.140160][T21507] try_charge+0xf4b/0x1440 [ 678.144596][T21507] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 678.150147][T21507] ? percpu_ref_tryget_live+0x111/0x290 [ 678.155719][T21507] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 678.161979][T21507] ? __kasan_check_read+0x11/0x20 [ 678.167019][T21507] ? get_mem_cgroup_from_mm+0x156/0x320 [ 678.172580][T21507] mem_cgroup_try_charge+0x136/0x590 [ 678.177874][T21507] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 678.184127][T21507] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 678.189766][T21507] wp_page_copy+0x41e/0x1590 [ 678.194371][T21507] ? find_held_lock+0x35/0x130 [ 678.199142][T21507] ? pmd_pfn+0x1d0/0x1d0 [ 678.203401][T21507] ? lock_downgrade+0x920/0x920 [ 678.208259][T21507] ? swp_swapcount+0x540/0x540 [ 678.213032][T21507] ? __kasan_check_read+0x11/0x20 [ 678.218065][T21507] ? do_raw_spin_unlock+0x57/0x270 [ 678.223189][T21507] do_wp_page+0x499/0x14d0 [ 678.227606][T21507] ? finish_mkwrite_fault+0x570/0x570 [ 678.232995][T21507] __handle_mm_fault+0x22f1/0x3f20 [ 678.238089][T21507] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 678.243629][T21507] ? __kasan_check_read+0x11/0x20 [ 678.248642][T21507] handle_mm_fault+0x1b5/0x6c0 [ 678.253394][T21507] __get_user_pages+0x7d4/0x1b30 [ 678.258314][T21507] ? mark_held_locks+0xf0/0xf0 [ 678.263070][T21507] ? follow_page_mask+0x1cf0/0x1cf0 [ 678.268249][T21507] ? __mm_populate+0x270/0x380 [ 678.272995][T21507] ? memset+0x32/0x40 [ 678.276961][T21507] populate_vma_page_range+0x20d/0x2a0 [ 678.282407][T21507] __mm_populate+0x204/0x380 [ 678.286987][T21507] ? populate_vma_page_range+0x2a0/0x2a0 [ 678.292617][T21507] ? __kasan_check_write+0x14/0x20 [ 678.297708][T21507] ? up_write+0x155/0x490 [ 678.302013][T21507] ? ns_capable_common+0x93/0x100 [ 678.307029][T21507] __x64_sys_mlockall+0x473/0x520 [ 678.312041][T21507] do_syscall_64+0xfa/0x760 [ 678.316524][T21507] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 678.322392][T21507] RIP: 0033:0x459879 [ 678.326279][T21507] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 678.345886][T21507] RSP: 002b:00007fc0ba4e6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 678.354293][T21507] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 678.362257][T21507] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 678.362266][T21507] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 678.362273][T21507] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba4e76d4 [ 678.362281][T21507] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 678.380028][T21507] memory: usage 305984kB, limit 307200kB, failcnt 4648 [ 678.414725][T21507] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 678.422070][T21507] Memory cgroup stats for /syz3: [ 678.422192][T21507] anon 302551040 [ 678.422192][T21507] file 0 [ 678.422192][T21507] kernel_stack 983040 [ 678.422192][T21507] slab 5296128 [ 678.422192][T21507] sock 0 [ 678.422192][T21507] shmem 0 [ 678.422192][T21507] file_mapped 0 [ 678.422192][T21507] file_dirty 0 [ 678.422192][T21507] file_writeback 0 [ 678.422192][T21507] anon_thp 213909504 [ 678.422192][T21507] inactive_anon 248729600 [ 678.422192][T21507] active_anon 18161664 [ 678.422192][T21507] inactive_file 0 [ 678.422192][T21507] active_file 0 [ 678.422192][T21507] unevictable 35360768 [ 678.422192][T21507] slab_reclaimable 1351680 [ 678.422192][T21507] slab_unreclaimable 3944448 [ 678.422192][T21507] pgfault 706530 [ 678.422192][T21507] pgmajfault 0 [ 678.422192][T21507] workingset_refault 99 [ 678.422192][T21507] workingset_activate 66 [ 678.422192][T21507] workingset_nodereclaim 0 [ 678.422192][T21507] pgrefill 562 [ 678.422192][T21507] pgscan 597 [ 678.422192][T21507] pgsteal 99 [ 678.517058][T21507] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21473,uid=0 [ 678.532667][T21507] Memory cgroup out of memory: Killed process 21473 (syz-executor.3) total-vm:72832kB, anon-rss:18152kB, file-rss:54332kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 678.551062][ T1065] oom_reaper: reaped process 21473 (syz-executor.3), now anon-rss:18352kB, file-rss:54332kB, shmem-rss:0kB [ 678.557902][T21489] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 678.577445][T21489] CPU: 0 PID: 21489 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 678.586739][T21489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 678.596800][T21489] Call Trace: [ 678.600098][T21489] dump_stack+0x172/0x1f0 [ 678.604434][T21489] dump_header+0x177/0x1152 [ 678.608940][T21489] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 678.614741][T21489] ? ___ratelimit+0x2c8/0x595 [ 678.619417][T21489] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 678.625224][T21489] ? lockdep_hardirqs_on+0x418/0x5d0 [ 678.630509][T21489] ? trace_hardirqs_on+0x67/0x240 [ 678.635538][T21489] ? pagefault_out_of_memory+0x11c/0x11c [ 678.641176][T21489] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 678.646984][T21489] ? ___ratelimit+0x60/0x595 [ 678.651575][T21489] ? do_raw_spin_unlock+0x57/0x270 [ 678.656692][T21489] oom_kill_process.cold+0x10/0x15 [ 678.661817][T21489] out_of_memory+0x334/0x1340 [ 678.666491][T21489] ? lock_downgrade+0x920/0x920 [ 678.671354][T21489] ? oom_killer_disable+0x280/0x280 [ 678.676565][T21489] mem_cgroup_out_of_memory+0x1d8/0x240 [ 678.682112][T21489] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 678.687748][T21489] ? do_raw_spin_unlock+0x57/0x270 [ 678.692863][T21489] ? _raw_spin_unlock+0x2d/0x50 [ 678.697717][T21489] try_charge+0xf4b/0x1440 [ 678.702142][T21489] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 678.707688][T21489] ? percpu_ref_tryget_live+0x111/0x290 [ 678.713241][T21489] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 678.719491][T21489] ? __kasan_check_read+0x11/0x20 [ 678.724523][T21489] ? get_mem_cgroup_from_mm+0x156/0x320 [ 678.730086][T21489] mem_cgroup_try_charge+0x136/0x590 [ 678.735376][T21489] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 678.741627][T21489] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 678.747274][T21489] wp_page_copy+0x41e/0x1590 [ 678.751885][T21489] ? find_held_lock+0x35/0x130 [ 678.756661][T21489] ? pmd_pfn+0x1d0/0x1d0 [ 678.760905][T21489] ? lock_downgrade+0x920/0x920 [ 678.765751][T21489] ? swp_swapcount+0x540/0x540 [ 678.765769][T21489] ? __kasan_check_read+0x11/0x20 [ 678.765785][T21489] ? do_raw_spin_unlock+0x57/0x270 [ 678.780651][T21489] do_wp_page+0x499/0x14d0 [ 678.785079][T21489] ? finish_mkwrite_fault+0x570/0x570 [ 678.790464][T21489] __handle_mm_fault+0x22f1/0x3f20 [ 678.795590][T21489] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 678.801160][T21489] ? __kasan_check_read+0x11/0x20 [ 678.806192][T21489] handle_mm_fault+0x1b5/0x6c0 [ 678.810966][T21489] __get_user_pages+0x7d4/0x1b30 [ 678.815909][T21489] ? mark_held_locks+0xf0/0xf0 [ 678.820691][T21489] ? follow_page_mask+0x1cf0/0x1cf0 [ 678.825895][T21489] ? __mm_populate+0x270/0x380 [ 678.830676][T21489] ? __kasan_check_write+0x14/0x20 [ 678.835797][T21489] ? down_read+0x109/0x430 [ 678.840223][T21489] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 678.846466][T21489] populate_vma_page_range+0x20d/0x2a0 [ 678.851930][T21489] __mm_populate+0x204/0x380 [ 678.856520][T21489] ? populate_vma_page_range+0x2a0/0x2a0 [ 678.862137][T21489] ? up_write+0x1c8/0x490 [ 678.866446][T21489] ? ns_capable_common+0x93/0x100 [ 678.871454][T21489] __x64_sys_mlockall+0x473/0x520 [ 678.876463][T21489] do_syscall_64+0xfa/0x760 [ 678.880949][T21489] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 678.886817][T21489] RIP: 0033:0x459879 [ 678.890719][T21489] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 678.910350][T21489] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 678.918749][T21489] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 678.926707][T21489] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 678.934658][T21489] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 678.942610][T21489] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 678.950561][T21489] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 678.959666][T21489] memory: usage 307200kB, limit 307200kB, failcnt 5241 [ 678.966550][T21489] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 678.973442][T21489] Memory cgroup stats for /syz2: [ 678.973563][T21489] anon 304484352 [ 678.973563][T21489] file 28672 [ 678.973563][T21489] kernel_stack 983040 [ 678.973563][T21489] slab 4419584 [ 678.973563][T21489] sock 0 [ 678.973563][T21489] shmem 0 [ 678.973563][T21489] file_mapped 0 [ 678.973563][T21489] file_dirty 0 [ 678.973563][T21489] file_writeback 0 [ 678.973563][T21489] anon_thp 224395264 [ 678.973563][T21489] inactive_anon 244776960 [ 678.973563][T21489] active_anon 11714560 [ 678.973563][T21489] inactive_file 0 [ 678.973563][T21489] active_file 0 [ 678.973563][T21489] unevictable 47943680 [ 678.973563][T21489] slab_reclaimable 1216512 [ 678.973563][T21489] slab_unreclaimable 3203072 [ 678.973563][T21489] pgfault 732072 [ 678.973563][T21489] pgmajfault 0 [ 678.973563][T21489] workingset_refault 165 [ 678.973563][T21489] workingset_activate 66 [ 678.973563][T21489] workingset_nodereclaim 0 [ 678.973563][T21489] pgrefill 1334 [ 678.973563][T21489] pgscan 1561 [ 678.973563][T21489] pgsteal 198 [ 679.067564][T21489] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21486,uid=0 [ 679.083150][T21489] Memory cgroup out of memory: Killed process 21486 (syz-executor.2) total-vm:72832kB, anon-rss:18224kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 679.102889][ T1065] oom_reaper: reaped process 21486 (syz-executor.2), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB 06:28:51 executing program 1: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xda35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:51 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xe7, 0x0) 06:28:51 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xdc35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:51 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276d68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850000000"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) setsockopt$inet_tcp_int(r3, 0x6, 0x80000000000002, &(0x7f00000000c0)=0x2000000000000074, 0x25d) bind$inet(r3, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r3, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe5}]}, 0x10) sendto$inet(r3, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000600)=0xda9, 0x4) sendto$inet(r3, &(0x7f00000012c0)="20268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9221a750fbf746bec66ba", 0xfe6a, 0xe, 0x0, 0xfffffffffffffe2b) r4 = socket(0x10, 0x2, 0x0) close(r4) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r5, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB="01000500", @ANYRES32=0x0], &(0x7f000095dffc)=0x8) r7 = socket(0x10, 0x2, 0x0) close(r7) r8 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r8, 0x84, 0x1d, &(0x7f000095dff8)={0x1, [0x0]}, &(0x7f000095dffc)=0x8) getsockopt$inet_sctp_SCTP_CONTEXT(r7, 0x84, 0x71, &(0x7f0000000040)={r9}, &(0x7f0000000080)=0x8) getsockopt$inet_sctp_SCTP_CONTEXT(r4, 0x84, 0x71, &(0x7f0000000040)={r9, 0x3d2}, &(0x7f0000000100)=0x1bd) setsockopt$inet_sctp_SCTP_AUTH_KEY(r3, 0x84, 0x17, &(0x7f0000000280)={r6, 0x81, 0xa6, "ee3a3bda003fdbb65806c7376004c832b9e6d2a4c01bb7b75f49b64f6271fcc0c47c82dde51e26138fef38b6c11f3496a3db4bd7ce2133585af083c2c864262bd4ac99fd394645ec918563aac56345461f8d68bf721298fee4f30ad8fbf47fd0ce0fa652518e5ff0bc1004d497da308fab914a79066bd7b4dd55c929b675523357607aab8eb2ab70afb33fd402f4aa5174a42a987b724ee1960752bb3aeade1ffe1122afd44a"}, 0xae) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:28:51 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r0) ioctl$SG_SET_KEEP_ORPHAN(r0, 0x2287, &(0x7f0000000140)=0xfda5) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) stat(&(0x7f0000000840)='./file0\x00', &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0}) r4 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$sock_int(r4, 0x1, 0xf, &(0x7f0000017000)=0xfffff7fffffffffd, 0x4) bind$inet(r4, &(0x7f0000011ff0)={0x2, 0x4e20, @multicast2}, 0x10) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setfsuid(r5) syz_mount_image$reiserfs(&(0x7f0000000300)='reiserfs\x00', &(0x7f0000000340)='./file0\x00', 0x6, 0x8, &(0x7f0000000780)=[{&(0x7f0000000380)="7693a9f5dffa89458a9eb8889a1f9eaa23893eec012a84624359b62775782ede9b89fe26e1cf2592fe657f6f086b2c52f62b32a1ac712a48bc37cc361d5ba82ba84f5a8a7ca41e8a6b8232a7508fcb6a80cd", 0x52, 0xe1}, {&(0x7f0000000440)="337ccca0b7dfc917f637043ba37d4ea3c307b071746467fcb78627c0adb45b8d7e23be3eded494c08863f2e4f028532ffea15a6aa0436a71857cbb14d03f3a5562a949503ed5aa886c8e23966cc9279269ca0149ea9f62230aaf8d62d8e945120d45a90111781cdeb51baa8ab8249bf850b669eeea99029b05f17ebba5aaa538807e6b1d7a5291b5af56", 0x8a, 0x3}, {&(0x7f0000000500)="fb09e89fd31c3336f31a7d6ed16ee1ac78901e", 0x13, 0x5}, {&(0x7f0000000540)="010ca0944c75ab378bf05415bc91ab8acac8f853d1cc1aaaa353180ccb5c9b7e50c9f2f7f8817ed3f15b5313ab46a05be416ad23e0138841025ca072630c1fb7cafd90cf5944bd12a282f6210085c9038ecbce05bc", 0x55, 0x8}, {&(0x7f00000005c0)="412c502729f3cf07e765bb3f0e99c7a1a13b63ad63214ee7dee7b8492fc261dfc9d4da03bd0071", 0x27, 0x1}, {&(0x7f0000000600)="4a129b0476313be06180cec373dce6515578a8ffd76700390a9a42a87afdc1da1874b59e1e5698e56001a304853ee2ccc1", 0x31, 0x10000}, {&(0x7f0000000640)="17ac0a8d86578fde34bb412f749a84b4a739b4db9ee3cd8e0eca20a111423062144b3d65f89ad8ad9e66aaa112d2cafbcbe05a14bff0e9f9115887bb88ae8ccad2656c3be0ebc8c2b1e9f7c18a4685a82fe80a07937706e3dd936e6f78e5ad286ef0d46df8615b6862daa30b7754073c2cc650c2378ae74946e3f0f0b7f4d0222d31693e29ba7ff3ee7a8aff", 0x8c, 0x3f}, {&(0x7f0000000700)="1916a016e08053481969868e5620afb4dd7ee6144357d4896c4c862f5cddea1eaa22c5c7820b89406187cd57e653e59c25ee94807546044b7a373eba049d4616fe81a59c18a895bca66293271f523e47671f51a4925b4022c8bf95cebf751bb5a1a42f6aec", 0x65, 0x1}], 0x6802, &(0x7f0000000900)={[{@tails_off='tails=off'}, {@noattrs='noattrs'}, {@data_journal='data=journal'}, {@barrier_flush='barrier=flush'}, {@usrquota='usrquota'}, {@noquota='noquota'}, {@replayonly='replayonly'}, {@noquota='noquota'}], [{@euid_lt={'euid<', r3}}, {@audit='audit'}, {@fowner_lt={'fowner<', r5}}]}) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r6 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r6, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r6) ioctl$MON_IOCX_GETX(r6, 0x4018920a, &(0x7f0000000a80)={&(0x7f00000009c0), &(0x7f0000000a00)=""/95, 0x5f}) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:28:51 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000300)='ramfs\x00', 0x0, 0x0) r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:28:51 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xdd35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:51 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") getsockopt$inet_udp_int(r0, 0x11, 0x0, &(0x7f0000000140), &(0x7f0000000380)=0x4) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") ioctl$sock_netdev_private(r2, 0x89f7, &(0x7f0000000280)="13242bcb7092cfbf312de01cbcf66fbdf80accd252ce90eb4ca89310e51eb8982bdd24f2dd9956045d9ce0ca0482801a48bc6b7d872e9a3e7a181cd196d1b770c57c362865da810c19ae173363680e31dcff5492a88253dca7021de9b7db134fb1eac013b14fba3743a5ecc62a82e99675d17a15971db5c35800560ca92ac422a3dfda8f6946f8d916146323988c83f64e588e9615c5a3ee650f0a2fd7105b7b96cc81186100e9def9cb80d0f3d888fb7587c3a93cdf4eab1f6ef77c67447828e1dbd2e58021c43839f50895a1af7cd1f8fcd58901ade6c23db41eb4ce6f8abd239e546c222776819906eb5e") r3 = socket$isdn(0x22, 0x3, 0x4) shutdown(r3, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="090000006f020063c6a9ddfbd7a900004583e08a1dc97ba8276dd12102000000000000008bf2ae0c9d67d443818030da6b31ec3fca6be8ec05cd91cde833d951368827310c8ad17696c6cf70060219a44129770d1dea1d814628819b30053ac328b5631034fc7beb20a3a96ebc3f2f055293c4ee9ff9cdb456e95e03a60d60369584e3dcb5243c751ce1b7e0319a013cb311eebc8e5cd261adeff68658b50787d97c115b372cc181fb57c6cfdf14c69874da47b9fc80a5cff54c6894bdc7d9c6af8786814a2cf90e0f66fb351dbd5057ddc6b3a37004a6c0bf5a9760d3e4dbab231808ea95a26bc4d2a4af7cca7e5ff62d4196601b474ecf2a3178c61b8b327d9f0476000000a87bd569e2066434fa66a4dff4fa7b"], 0x9) r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r4, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:28:51 executing program 0: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 679.485018][T21532] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 679.537675][T21532] CPU: 0 PID: 21532 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 679.546822][T21532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 679.556908][T21532] Call Trace: [ 679.560206][T21532] dump_stack+0x172/0x1f0 [ 679.564550][T21532] dump_header+0x177/0x1152 [ 679.569061][T21532] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 679.574869][T21532] ? ___ratelimit+0x2c8/0x595 [ 679.579545][T21532] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 679.585350][T21532] ? lockdep_hardirqs_on+0x418/0x5d0 [ 679.590640][T21532] ? trace_hardirqs_on+0x67/0x240 [ 679.595687][T21532] ? pagefault_out_of_memory+0x11c/0x11c [ 679.601326][T21532] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 679.607142][T21532] ? ___ratelimit+0x60/0x595 [ 679.611737][T21532] ? do_raw_spin_unlock+0x57/0x270 [ 679.616860][T21532] oom_kill_process.cold+0x10/0x15 [ 679.621979][T21532] out_of_memory+0x334/0x1340 [ 679.626659][T21532] ? lock_downgrade+0x920/0x920 [ 679.631517][T21532] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 679.637324][T21532] ? oom_killer_disable+0x280/0x280 [ 679.642530][T21532] mem_cgroup_out_of_memory+0x1d8/0x240 [ 679.648083][T21532] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 679.653729][T21532] ? do_raw_spin_unlock+0x57/0x270 [ 679.658853][T21532] ? _raw_spin_unlock+0x2d/0x50 [ 679.663710][T21532] try_charge+0xf4b/0x1440 [ 679.668147][T21532] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 679.673727][T21532] ? percpu_ref_tryget_live+0x111/0x290 [ 679.679289][T21532] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 06:28:51 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 679.685537][T21532] ? __kasan_check_read+0x11/0x20 [ 679.690574][T21532] ? get_mem_cgroup_from_mm+0x156/0x320 [ 679.696130][T21532] mem_cgroup_try_charge+0x136/0x590 [ 679.701422][T21532] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 679.707670][T21532] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 679.713302][T21532] __handle_mm_fault+0x1e34/0x3f20 [ 679.718429][T21532] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 679.723997][T21532] ? __kasan_check_read+0x11/0x20 [ 679.729036][T21532] handle_mm_fault+0x1b5/0x6c0 [ 679.733816][T21532] __get_user_pages+0x7d4/0x1b30 [ 679.738764][T21532] ? mark_held_locks+0xf0/0xf0 [ 679.743545][T21532] ? follow_page_mask+0x1cf0/0x1cf0 [ 679.748750][T21532] ? __mm_populate+0x270/0x380 [ 679.753534][T21532] ? __kasan_check_write+0x14/0x20 [ 679.758650][T21532] ? down_read+0x109/0x430 [ 679.763069][T21532] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 679.769325][T21532] populate_vma_page_range+0x20d/0x2a0 [ 679.774797][T21532] __mm_populate+0x204/0x380 [ 679.779397][T21532] ? populate_vma_page_range+0x2a0/0x2a0 [ 679.785036][T21532] ? __kasan_check_write+0x14/0x20 [ 679.790150][T21532] ? up_write+0x155/0x490 [ 679.794478][T21532] ? ns_capable_common+0x93/0x100 [ 679.799513][T21532] __x64_sys_mlockall+0x473/0x520 [ 679.804549][T21532] do_syscall_64+0xfa/0x760 [ 679.809062][T21532] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 679.814944][T21532] RIP: 0033:0x459879 [ 679.818840][T21532] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 06:28:51 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xde35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 679.838443][T21532] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 679.846859][T21532] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 679.854828][T21532] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 679.862797][T21532] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 679.870775][T21532] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 679.878753][T21532] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 679.913536][T21532] memory: usage 307200kB, limit 307200kB, failcnt 5262 [ 679.921294][T21532] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 679.928550][T21532] Memory cgroup stats for /syz2: [ 679.928694][T21532] anon 304517120 [ 679.928694][T21532] file 28672 [ 679.928694][T21532] kernel_stack 917504 [ 679.928694][T21532] slab 4419584 [ 679.928694][T21532] sock 0 [ 679.928694][T21532] shmem 0 [ 679.928694][T21532] file_mapped 0 [ 679.928694][T21532] file_dirty 0 [ 679.928694][T21532] file_writeback 0 [ 679.928694][T21532] anon_thp 224395264 [ 679.928694][T21532] inactive_anon 261201920 [ 679.928694][T21532] active_anon 11714560 [ 679.928694][T21532] inactive_file 0 [ 679.928694][T21532] active_file 0 [ 679.928694][T21532] unevictable 31768576 [ 679.928694][T21532] slab_reclaimable 1216512 [ 679.928694][T21532] slab_unreclaimable 3203072 [ 679.928694][T21532] pgfault 732765 [ 679.928694][T21532] pgmajfault 0 [ 679.928694][T21532] workingset_refault 165 [ 679.928694][T21532] workingset_activate 66 [ 679.928694][T21532] workingset_nodereclaim 0 [ 679.928694][T21532] pgrefill 1367 [ 679.928694][T21532] pgscan 1561 [ 679.928694][T21532] pgsteal 198 [ 680.030727][T21532] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21514,uid=0 [ 680.046974][T21532] Memory cgroup out of memory: Killed process 21514 (syz-executor.2) total-vm:72832kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 680.098114][T21537] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 680.115343][T21537] CPU: 0 PID: 21537 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 680.124498][T21537] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 680.134556][T21537] Call Trace: [ 680.137850][T21537] dump_stack+0x172/0x1f0 [ 680.142191][T21537] dump_header+0x177/0x1152 [ 680.146809][T21537] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 680.152616][T21537] ? ___ratelimit+0x2c8/0x595 [ 680.157307][T21537] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 680.163122][T21537] ? lockdep_hardirqs_on+0x418/0x5d0 [ 680.168419][T21537] ? trace_hardirqs_on+0x67/0x240 [ 680.173451][T21537] ? pagefault_out_of_memory+0x11c/0x11c [ 680.179095][T21537] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 680.184902][T21537] ? ___ratelimit+0x60/0x595 [ 680.189490][T21537] ? do_raw_spin_unlock+0x57/0x270 [ 680.194611][T21537] oom_kill_process.cold+0x10/0x15 [ 680.199732][T21537] out_of_memory+0x334/0x1340 [ 680.204416][T21537] ? lock_downgrade+0x920/0x920 [ 680.209282][T21537] ? oom_killer_disable+0x280/0x280 [ 680.214497][T21537] mem_cgroup_out_of_memory+0x1d8/0x240 [ 680.220045][T21537] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 680.225684][T21537] ? do_raw_spin_unlock+0x57/0x270 [ 680.230797][T21537] ? _raw_spin_unlock+0x2d/0x50 [ 680.235738][T21537] try_charge+0xf4b/0x1440 [ 680.240170][T21537] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 680.245718][T21537] ? percpu_ref_tryget_live+0x111/0x290 [ 680.251272][T21537] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 680.257603][T21537] ? __kasan_check_read+0x11/0x20 [ 680.257624][T21537] ? get_mem_cgroup_from_mm+0x156/0x320 [ 680.257645][T21537] mem_cgroup_try_charge+0x136/0x590 [ 680.257662][T21537] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 680.257680][T21537] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 680.257705][T21537] __handle_mm_fault+0x1e34/0x3f20 [ 680.285351][T21537] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 680.285381][T21537] ? __kasan_check_read+0x11/0x20 [ 680.301021][T21537] handle_mm_fault+0x1b5/0x6c0 [ 680.305798][T21537] __get_user_pages+0x7d4/0x1b30 [ 680.310742][T21537] ? mark_held_locks+0xf0/0xf0 [ 680.315514][T21537] ? follow_page_mask+0x1cf0/0x1cf0 [ 680.315531][T21537] ? __mm_populate+0x270/0x380 [ 680.325470][T21537] ? __kasan_check_write+0x14/0x20 [ 680.330585][T21537] ? down_read+0x109/0x430 [ 680.335007][T21537] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 680.341258][T21537] populate_vma_page_range+0x20d/0x2a0 [ 680.346712][T21537] __mm_populate+0x204/0x380 [ 680.346732][T21537] ? populate_vma_page_range+0x2a0/0x2a0 [ 680.346749][T21537] ? __kasan_check_write+0x14/0x20 [ 680.362037][T21537] ? up_write+0x155/0x490 [ 680.366367][T21537] ? ns_capable_common+0x93/0x100 [ 680.371401][T21537] __x64_sys_mlockall+0x473/0x520 [ 680.376431][T21537] do_syscall_64+0xfa/0x760 [ 680.380940][T21537] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 680.386825][T21537] RIP: 0033:0x459879 [ 680.386841][T21537] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 680.386849][T21537] RSP: 002b:00007fc0ba507c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 680.418745][T21537] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 680.418755][T21537] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 680.418764][T21537] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 680.418771][T21537] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5086d4 [ 680.418778][T21537] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 680.470195][T21537] memory: usage 307184kB, limit 307200kB, failcnt 4681 [ 680.477642][T21537] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 680.484746][T21537] Memory cgroup stats for /syz3: [ 680.484869][T21537] anon 303616000 [ 680.484869][T21537] file 0 [ 680.484869][T21537] kernel_stack 917504 [ 680.484869][T21537] slab 5296128 [ 680.484869][T21537] sock 0 [ 680.484869][T21537] shmem 0 [ 680.484869][T21537] file_mapped 0 [ 680.484869][T21537] file_dirty 0 [ 680.484869][T21537] file_writeback 0 [ 680.484869][T21537] anon_thp 213909504 [ 680.484869][T21537] inactive_anon 257245184 [ 680.484869][T21537] active_anon 18026496 [ 680.484869][T21537] inactive_file 0 [ 680.484869][T21537] active_file 0 [ 680.484869][T21537] unevictable 28467200 [ 680.484869][T21537] slab_reclaimable 1351680 [ 680.484869][T21537] slab_unreclaimable 3944448 [ 680.484869][T21537] pgfault 709467 [ 680.484869][T21537] pgmajfault 0 [ 680.484869][T21537] workingset_refault 99 [ 680.484869][T21537] workingset_activate 66 [ 680.484869][T21537] workingset_nodereclaim 0 [ 680.484869][T21537] pgrefill 562 [ 680.484869][T21537] pgscan 597 [ 680.484869][T21537] pgsteal 99 [ 680.579812][T21537] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21508,uid=0 [ 680.595919][T21537] Memory cgroup out of memory: Killed process 21508 (syz-executor.3) total-vm:72708kB, anon-rss:18352kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 06:28:52 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 680.644204][T21527] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=3, oom_score_adj=1000 [ 680.668407][T21527] CPU: 0 PID: 21527 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 680.677555][T21527] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 680.677635][T21527] Call Trace: [ 680.677655][T21527] dump_stack+0x172/0x1f0 [ 680.677676][T21527] dump_header+0x177/0x1152 [ 680.677694][T21527] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 680.677710][T21527] ? ___ratelimit+0x2c8/0x595 [ 680.710289][T21527] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 680.716105][T21527] ? lockdep_hardirqs_on+0x418/0x5d0 [ 680.721397][T21527] ? trace_hardirqs_on+0x67/0x240 [ 680.726431][T21527] ? pagefault_out_of_memory+0x11c/0x11c [ 680.732076][T21527] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 680.737884][T21527] ? ___ratelimit+0x60/0x595 [ 680.737898][T21527] ? do_raw_spin_unlock+0x57/0x270 [ 680.737916][T21527] oom_kill_process.cold+0x10/0x15 [ 680.737933][T21527] out_of_memory+0x334/0x1340 [ 680.737947][T21527] ? lock_downgrade+0x920/0x920 [ 680.737966][T21527] ? oom_killer_disable+0x280/0x280 [ 680.737992][T21527] mem_cgroup_out_of_memory+0x1d8/0x240 [ 680.738007][T21527] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 680.738024][T21527] ? do_raw_spin_unlock+0x57/0x270 [ 680.738043][T21527] ? _raw_spin_unlock+0x2d/0x50 [ 680.762302][T21527] try_charge+0xa2d/0x1440 [ 680.762326][T21527] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 680.788560][T21527] ? mark_held_locks+0xa4/0xf0 [ 680.788576][T21527] ? mem_cgroup_charge_skmem+0x11a/0x280 [ 680.788665][T21527] ? __sk_mem_raise_allocated+0x56e/0x13c0 [ 680.788681][T21527] ? mem_cgroup_charge_skmem+0x11a/0x280 [ 680.809056][T21527] ? lockdep_hardirqs_on+0x418/0x5d0 [ 680.809072][T21527] ? trace_hardirqs_on+0x67/0x240 [ 680.809090][T21527] mem_cgroup_charge_skmem+0x12f/0x280 [ 680.809105][T21527] ? mem_cgroup_sk_free+0x90/0x90 [ 680.809120][T21527] ? __kasan_check_write+0x14/0x20 [ 680.809134][T21527] ? __alloc_skb+0x3d0/0x5e0 [ 680.809156][T21527] __sk_mem_raise_allocated+0x56e/0x13c0 [ 680.846374][T21527] __sk_mem_schedule+0x6d/0xe0 [ 680.846394][T21527] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 680.867599][T21527] tcp_sendmsg_locked+0x16b6/0x3220 [ 680.867632][T21527] ? tcp_sendpage+0x60/0x60 [ 680.867650][T21527] ? trace_hardirqs_on+0x67/0x240 [ 680.882338][T21527] ? lock_sock_nested+0x9a/0x120 [ 680.887287][T21527] ? __local_bh_enable_ip+0x15a/0x270 [ 680.892660][T21527] tcp_sendmsg+0x30/0x50 [ 680.896920][T21527] inet_sendmsg+0x9e/0xe0 [ 680.901236][T21527] ? inet_send_prepare+0x4f0/0x4f0 [ 680.901250][T21527] sock_sendmsg+0xd7/0x130 [ 680.901266][T21527] __sys_sendto+0x262/0x380 [ 680.901282][T21527] ? __ia32_sys_getpeername+0xb0/0xb0 [ 680.901317][T21527] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 680.901333][T21527] ? put_timespec64+0xda/0x140 [ 680.901347][T21527] ? nsecs_to_jiffies+0x30/0x30 [ 680.901372][T21527] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 680.926916][T21527] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 680.926931][T21527] ? do_syscall_64+0x26/0x760 [ 680.926947][T21527] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 680.926966][T21527] __x64_sys_sendto+0xe1/0x1a0 [ 680.962862][T21527] do_syscall_64+0xfa/0x760 [ 680.962883][T21527] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 680.973240][T21527] RIP: 0033:0x459879 [ 680.977137][T21527] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 680.996735][T21527] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002c [ 680.996750][T21527] RAX: ffffffffffffffda RBX: 0000000000000006 RCX: 0000000000459879 [ 680.996763][T21527] RDX: 000000000000fe6a RSI: 00000000200012c0 RDI: 0000000000000006 [ 681.021215][T21527] RBP: 000000000075bf20 R08: 0000000000000000 R09: fffffffffffffe2b [ 681.029188][T21527] R10: 000000000000000e R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 681.037154][T21527] R13: 00000000004c783b R14: 00000000004dd0f0 R15: 00000000ffffffff 06:28:53 executing program 0: r0 = open(0x0, 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:28:53 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xe8, 0x0) 06:28:53 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xdf35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 681.266246][T21527] memory: usage 295556kB, limit 307200kB, failcnt 4681 [ 681.297370][T21527] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 681.324641][T21527] Memory cgroup stats for /syz3: [ 681.324943][T21527] anon 291942400 [ 681.324943][T21527] file 0 [ 681.324943][T21527] kernel_stack 983040 [ 681.324943][T21527] slab 5296128 [ 681.324943][T21527] sock 0 [ 681.324943][T21527] shmem 0 [ 681.324943][T21527] file_mapped 0 [ 681.324943][T21527] file_dirty 0 [ 681.324943][T21527] file_writeback 0 [ 681.324943][T21527] anon_thp 213909504 [ 681.324943][T21527] inactive_anon 238485504 [ 681.324943][T21527] active_anon 18026496 [ 681.324943][T21527] inactive_file 0 [ 681.324943][T21527] active_file 0 [ 681.324943][T21527] unevictable 35483648 [ 681.324943][T21527] slab_reclaimable 1351680 [ 681.324943][T21527] slab_unreclaimable 3944448 [ 681.324943][T21527] pgfault 710952 [ 681.324943][T21527] pgmajfault 0 [ 681.324943][T21527] workingset_refault 99 [ 681.324943][T21527] workingset_activate 66 [ 681.324943][T21527] workingset_nodereclaim 0 [ 681.324943][T21527] pgrefill 562 [ 681.324943][T21527] pgscan 597 [ 681.324943][T21527] pgsteal 99 [ 681.426509][T21527] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=14643,uid=0 [ 681.452511][T21527] Memory cgroup out of memory: Killed process 14643 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 681.487530][T21532] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 681.501340][T21532] CPU: 0 PID: 21532 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 681.510463][T21532] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 681.520518][T21532] Call Trace: [ 681.523819][T21532] dump_stack+0x172/0x1f0 [ 681.528158][T21532] dump_header+0x177/0x1152 [ 681.532666][T21532] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 681.538469][T21532] ? ___ratelimit+0x2c8/0x595 [ 681.543144][T21532] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 681.548955][T21532] ? lockdep_hardirqs_on+0x418/0x5d0 [ 681.554239][T21532] ? trace_hardirqs_on+0x67/0x240 [ 681.559265][T21532] ? pagefault_out_of_memory+0x11c/0x11c [ 681.564902][T21532] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 681.570712][T21532] ? ___ratelimit+0x60/0x595 [ 681.575303][T21532] ? do_raw_spin_unlock+0x57/0x270 [ 681.580423][T21532] oom_kill_process.cold+0x10/0x15 [ 681.585542][T21532] out_of_memory+0x334/0x1340 [ 681.590219][T21532] ? lock_downgrade+0x920/0x920 [ 681.595077][T21532] ? oom_killer_disable+0x280/0x280 [ 681.600287][T21532] mem_cgroup_out_of_memory+0x1d8/0x240 [ 681.605842][T21532] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 681.611482][T21532] ? do_raw_spin_unlock+0x57/0x270 [ 681.616599][T21532] ? _raw_spin_unlock+0x2d/0x50 [ 681.621457][T21532] try_charge+0xf4b/0x1440 [ 681.625887][T21532] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 681.631431][T21532] ? percpu_ref_tryget_live+0x111/0x290 [ 681.636979][T21532] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 681.643224][T21532] ? __kasan_check_read+0x11/0x20 [ 681.648260][T21532] ? get_mem_cgroup_from_mm+0x156/0x320 [ 681.653809][T21532] mem_cgroup_try_charge+0x136/0x590 [ 681.659095][T21532] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 681.665347][T21532] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 681.670998][T21532] __handle_mm_fault+0x1e34/0x3f20 [ 681.676121][T21532] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 681.681687][T21532] ? __kasan_check_read+0x11/0x20 [ 681.686727][T21532] handle_mm_fault+0x1b5/0x6c0 [ 681.691503][T21532] __get_user_pages+0x7d4/0x1b30 [ 681.696439][T21532] ? mark_held_locks+0xf0/0xf0 [ 681.701228][T21532] ? follow_page_mask+0x1cf0/0x1cf0 [ 681.706432][T21532] ? __mm_populate+0x270/0x380 [ 681.711211][T21532] ? __kasan_check_write+0x14/0x20 [ 681.716325][T21532] ? down_read+0x109/0x430 [ 681.720744][T21532] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 681.725692][ T1065] oom_reaper: reaped process 14643 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 681.726990][T21532] populate_vma_page_range+0x20d/0x2a0 [ 681.727018][T21532] __mm_populate+0x204/0x380 [ 681.748035][T21532] ? populate_vma_page_range+0x2a0/0x2a0 [ 681.753678][T21532] ? __kasan_check_write+0x14/0x20 [ 681.758796][T21532] ? up_write+0x155/0x490 [ 681.763131][T21532] ? ns_capable_common+0x93/0x100 [ 681.768169][T21532] __x64_sys_mlockall+0x473/0x520 [ 681.773221][T21532] do_syscall_64+0xfa/0x760 [ 681.777728][T21532] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 681.783607][T21532] RIP: 0033:0x459879 [ 681.787486][T21532] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 681.807077][T21532] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 681.815475][T21532] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 681.823428][T21532] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 681.831383][T21532] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 681.839333][T21532] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 681.847291][T21532] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 681.859576][T21532] memory: usage 307196kB, limit 307200kB, failcnt 5278 [ 681.866705][T21532] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 681.873815][T21532] Memory cgroup stats for /syz2: [ 681.873932][T21532] anon 304742400 [ 681.873932][T21532] file 28672 [ 681.873932][T21532] kernel_stack 917504 [ 681.873932][T21532] slab 4419584 [ 681.873932][T21532] sock 0 [ 681.873932][T21532] shmem 0 [ 681.873932][T21532] file_mapped 0 [ 681.873932][T21532] file_dirty 0 [ 681.873932][T21532] file_writeback 0 [ 681.873932][T21532] anon_thp 224395264 [ 681.873932][T21532] inactive_anon 252866560 [ 681.873932][T21532] active_anon 11714560 [ 681.873932][T21532] inactive_file 0 [ 681.873932][T21532] active_file 0 [ 681.873932][T21532] unevictable 40407040 [ 681.873932][T21532] slab_reclaimable 1216512 [ 681.873932][T21532] slab_unreclaimable 3203072 [ 681.873932][T21532] pgfault 734349 [ 681.873932][T21532] pgmajfault 0 [ 681.873932][T21532] workingset_refault 165 [ 681.873932][T21532] workingset_activate 66 [ 681.873932][T21532] workingset_nodereclaim 0 [ 681.873932][T21532] pgrefill 1367 [ 681.873932][T21532] pgscan 1561 [ 681.873932][T21532] pgsteal 198 [ 681.970452][T21532] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21503,uid=0 06:28:54 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b21ec3fca6be8ec05cd91cde8c49f2c396850d54317e02ba404a37ccc8ee85333c0c918069bef057c32984689c968d09fd952e46e565f5342886475feb79a6c5a61932777a8de689a9f74cf7a300804a1f7b4e7850d2eb368184f3851554161013fb6e6db410adb909a22278bb73c501b0d50b42bc878cf878a722f2f59abea2788aea506ba5f3ce1fdfdeb9400a8b0f2158859b8de3bb5807d14e4676c9899ad804e02899b1bb30a9cda8942bb177959ac1b95d61f3d951819fc495bcb1b63b5dee2938b9493a79055e2201434940fe4dff1f9e78c595507c4ee0a3f2236340f055123a4dd53c9726a3aaa8af0c64d15044803"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x4000000, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(0xffffffffffffffff, 0x8010743f, &(0x7f0000000140)) [ 681.986467][T21532] Memory cgroup out of memory: Killed process 21503 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 682.123953][ T1065] oom_reaper: reaped process 21503 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 682.552365][T21583] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 682.564250][T21583] CPU: 0 PID: 21583 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 682.573360][T21583] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 682.583416][T21583] Call Trace: [ 682.586710][T21583] dump_stack+0x172/0x1f0 [ 682.591049][T21583] dump_header+0x177/0x1152 [ 682.595555][T21583] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 682.601364][T21583] ? ___ratelimit+0x2c8/0x595 [ 682.606039][T21583] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 682.611848][T21583] ? lockdep_hardirqs_on+0x418/0x5d0 [ 682.617133][T21583] ? trace_hardirqs_on+0x67/0x240 [ 682.622163][T21583] ? pagefault_out_of_memory+0x11c/0x11c [ 682.627801][T21583] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 682.633630][T21583] ? ___ratelimit+0x60/0x595 [ 682.638219][T21583] ? do_raw_spin_unlock+0x57/0x270 [ 682.643331][T21583] oom_kill_process.cold+0x10/0x15 [ 682.648445][T21583] out_of_memory+0x334/0x1340 [ 682.653120][T21583] ? lock_downgrade+0x920/0x920 [ 682.657974][T21583] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 682.663783][T21583] ? oom_killer_disable+0x280/0x280 [ 682.668992][T21583] mem_cgroup_out_of_memory+0x1d8/0x240 [ 682.674540][T21583] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 682.680189][T21583] ? do_raw_spin_unlock+0x57/0x270 [ 682.685303][T21583] ? _raw_spin_unlock+0x2d/0x50 [ 682.690159][T21583] try_charge+0xf4b/0x1440 [ 682.694590][T21583] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 682.700137][T21583] ? percpu_ref_tryget_live+0x111/0x290 [ 682.705689][T21583] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 682.711944][T21583] ? __kasan_check_read+0x11/0x20 [ 682.716977][T21583] ? get_mem_cgroup_from_mm+0x156/0x320 [ 682.722523][T21583] mem_cgroup_try_charge+0x136/0x590 [ 682.727810][T21583] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 682.734054][T21583] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 682.739692][T21583] wp_page_copy+0x41e/0x1590 [ 682.744281][T21583] ? find_held_lock+0x35/0x130 [ 682.749054][T21583] ? pmd_pfn+0x1d0/0x1d0 [ 682.753298][T21583] ? lock_downgrade+0x920/0x920 [ 682.758150][T21583] ? swp_swapcount+0x540/0x540 [ 682.762921][T21583] ? __kasan_check_read+0x11/0x20 [ 682.767941][T21583] ? do_raw_spin_unlock+0x57/0x270 [ 682.773055][T21583] do_wp_page+0x499/0x14d0 [ 682.777476][T21583] ? finish_mkwrite_fault+0x570/0x570 [ 682.782856][T21583] __handle_mm_fault+0x22f1/0x3f20 [ 682.787973][T21583] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 682.793531][T21583] ? __kasan_check_read+0x11/0x20 [ 682.798579][T21583] handle_mm_fault+0x1b5/0x6c0 [ 682.803355][T21583] __get_user_pages+0x7d4/0x1b30 [ 682.808297][T21583] ? mark_held_locks+0xf0/0xf0 [ 682.813074][T21583] ? follow_page_mask+0x1cf0/0x1cf0 [ 682.818272][T21583] ? __mm_populate+0x270/0x380 [ 682.823042][T21583] ? __kasan_check_write+0x14/0x20 [ 682.828155][T21583] ? down_read+0x109/0x430 [ 682.832570][T21583] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 682.838823][T21583] populate_vma_page_range+0x20d/0x2a0 [ 682.844298][T21583] __mm_populate+0x204/0x380 [ 682.848900][T21583] ? populate_vma_page_range+0x2a0/0x2a0 [ 682.854537][T21583] ? __kasan_check_write+0x14/0x20 [ 682.859649][T21583] ? up_write+0x155/0x490 [ 682.863962][T21583] ? ns_capable_common+0x93/0x100 [ 682.868978][T21583] __x64_sys_mlockall+0x473/0x520 [ 682.873990][T21583] do_syscall_64+0xfa/0x760 [ 682.878478][T21583] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 682.884352][T21583] RIP: 0033:0x459879 [ 682.888228][T21583] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 682.907812][T21583] RSP: 002b:00007fe89cd08c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 682.916206][T21583] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 682.924161][T21583] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 682.932113][T21583] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 682.940063][T21583] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd096d4 [ 682.948015][T21583] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 682.962589][T21583] memory: usage 307200kB, limit 307200kB, failcnt 5306 [ 682.969787][T21583] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 682.976767][T21583] Memory cgroup stats for /syz2: [ 682.976889][T21583] anon 304611328 [ 682.976889][T21583] file 28672 [ 682.976889][T21583] kernel_stack 983040 [ 682.976889][T21583] slab 4419584 [ 682.976889][T21583] sock 0 [ 682.976889][T21583] shmem 0 [ 682.976889][T21583] file_mapped 0 [ 682.976889][T21583] file_dirty 0 [ 682.976889][T21583] file_writeback 0 [ 682.976889][T21583] anon_thp 224395264 [ 682.976889][T21583] inactive_anon 246988800 [ 682.976889][T21583] active_anon 11714560 [ 682.976889][T21583] inactive_file 0 [ 682.976889][T21583] active_file 0 [ 682.976889][T21583] unevictable 45883392 [ 682.976889][T21583] slab_reclaimable 1216512 [ 682.976889][T21583] slab_unreclaimable 3203072 [ 682.976889][T21583] pgfault 738639 [ 682.976889][T21583] pgmajfault 0 [ 682.976889][T21583] workingset_refault 165 [ 682.976889][T21583] workingset_activate 66 [ 682.976889][T21583] workingset_nodereclaim 0 [ 682.976889][T21583] pgrefill 1367 [ 682.976889][T21583] pgscan 1561 [ 682.976889][T21583] pgsteal 198 [ 683.077347][T21583] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21531,uid=0 [ 683.093719][T21583] Memory cgroup out of memory: Killed process 21531 (syz-executor.2) total-vm:72964kB, anon-rss:18220kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 683.113330][ T1065] oom_reaper: reaped process 21531 (syz-executor.2), now anon-rss:18240kB, file-rss:54332kB, shmem-rss:0kB [ 683.113758][T21581] syz-executor.3 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 683.136286][T21581] CPU: 0 PID: 21581 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 683.145475][T21581] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 683.155528][T21581] Call Trace: [ 683.158838][T21581] dump_stack+0x172/0x1f0 [ 683.163178][T21581] dump_header+0x177/0x1152 [ 683.167798][T21581] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 683.173706][T21581] ? ___ratelimit+0x2c8/0x595 [ 683.178394][T21581] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 683.184204][T21581] ? lockdep_hardirqs_on+0x418/0x5d0 [ 683.189493][T21581] ? trace_hardirqs_on+0x67/0x240 [ 683.194518][T21581] ? pagefault_out_of_memory+0x11c/0x11c [ 683.200153][T21581] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 683.205957][T21581] ? ___ratelimit+0x60/0x595 [ 683.210540][T21581] ? do_raw_spin_unlock+0x57/0x270 [ 683.215653][T21581] oom_kill_process.cold+0x10/0x15 [ 683.220765][T21581] out_of_memory+0x334/0x1340 [ 683.225436][T21581] ? lock_downgrade+0x920/0x920 [ 683.230287][T21581] ? oom_killer_disable+0x280/0x280 [ 683.235492][T21581] mem_cgroup_out_of_memory+0x1d8/0x240 [ 683.241035][T21581] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 683.246674][T21581] ? do_raw_spin_unlock+0x57/0x270 [ 683.251788][T21581] ? _raw_spin_unlock+0x2d/0x50 [ 683.256650][T21581] try_charge+0xf4b/0x1440 [ 683.261068][T21581] ? __lock_acquire+0x800/0x4a00 [ 683.266017][T21581] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 683.271560][T21581] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 683.277538][T21581] ? cache_grow_begin+0x122/0xd20 [ 683.282538][T21581] ? find_held_lock+0x35/0x130 [ 683.287283][T21581] ? cache_grow_begin+0x122/0xd20 [ 683.292312][T21581] __memcg_kmem_charge_memcg+0x71/0xf0 [ 683.297799][T21581] ? memcg_kmem_put_cache+0x50/0x50 [ 683.302973][T21581] ? __kasan_check_read+0x11/0x20 [ 683.307987][T21581] cache_grow_begin+0x629/0xd20 [ 683.312828][T21581] ? __sanitizer_cov_trace_cmp2+0x11/0x20 [ 683.318594][T21581] ? mempolicy_slab_node+0x139/0x390 [ 683.323857][T21581] fallback_alloc+0x1fd/0x2d0 [ 683.328529][T21581] ____cache_alloc_node+0x1bc/0x1d0 [ 683.333715][T21581] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 683.339931][T21581] kmem_cache_alloc_node+0xe3/0x740 [ 683.345105][T21581] ? lockdep_hardirqs_on+0x418/0x5d0 [ 683.350377][T21581] ? trace_hardirqs_on+0x67/0x240 [ 683.355467][T21581] copy_process+0x44c4/0x6830 [ 683.360124][T21581] ? __kasan_check_read+0x11/0x20 [ 683.365124][T21581] ? __lock_acquire+0x16f2/0x4a00 [ 683.370143][T21581] ? __cleanup_sighand+0x60/0x60 [ 683.375064][T21581] ? __might_fault+0x12b/0x1e0 [ 683.379807][T21581] ? __might_fault+0x12b/0x1e0 [ 683.384552][T21581] _do_fork+0x146/0xfa0 [ 683.388697][T21581] ? copy_init_mm+0x20/0x20 [ 683.393193][T21581] ? __kasan_check_read+0x11/0x20 [ 683.398191][T21581] ? _copy_to_user+0x118/0x160 [ 683.402933][T21581] __x64_sys_clone+0x1ab/0x270 [ 683.407685][T21581] ? __ia32_sys_vfork+0xd0/0xd0 [ 683.412539][T21581] ? do_syscall_64+0x26/0x760 [ 683.417207][T21581] ? lockdep_hardirqs_on+0x418/0x5d0 [ 683.422470][T21581] ? trace_hardirqs_on+0x67/0x240 [ 683.427482][T21581] do_syscall_64+0xfa/0x760 [ 683.431988][T21581] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 683.437861][T21581] RIP: 0033:0x459879 [ 683.441771][T21581] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 683.461351][T21581] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 683.469746][T21581] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 683.477703][T21581] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000004000000 [ 683.485713][T21581] RBP: 000000000075bf20 R08: ffffffffffffffff R09: 0000000000000000 [ 683.493663][T21581] R10: 0000000020000240 R11: 0000000000000246 R12: 00007fc0ba5296d4 06:28:55 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) r2 = socket$inet6_dccp(0xa, 0x6, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") tee(r2, r3, 0x7, 0x4) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x4, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) write$P9_RREMOVE(0xffffffffffffffff, &(0x7f0000000140)={0x7, 0x7b, 0x2}, 0x7) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:28:55 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xe9, 0x0) 06:28:55 executing program 1 (fault-call:16 fault-nth:0): mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:28:55 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xe035010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:55 executing program 0: r0 = open(0x0, 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 683.501610][T21581] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 00000000ffffffff [ 683.547616][T21581] memory: usage 307168kB, limit 307200kB, failcnt 4701 [ 683.558260][T21581] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 683.573382][T21581] Memory cgroup stats for /syz3: [ 683.573482][T21581] anon 303632384 [ 683.573482][T21581] file 0 [ 683.573482][T21581] kernel_stack 917504 [ 683.573482][T21581] slab 5566464 [ 683.573482][T21581] sock 0 [ 683.573482][T21581] shmem 0 [ 683.573482][T21581] file_mapped 0 [ 683.573482][T21581] file_dirty 0 [ 683.573482][T21581] file_writeback 0 [ 683.573482][T21581] anon_thp 211812352 [ 683.573482][T21581] inactive_anon 250028032 [ 683.573482][T21581] active_anon 18153472 [ 683.573482][T21581] inactive_file 0 [ 683.573482][T21581] active_file 0 [ 683.573482][T21581] unevictable 35192832 [ 683.573482][T21581] slab_reclaimable 1351680 [ 683.573482][T21581] slab_unreclaimable 4214784 [ 683.573482][T21581] pgfault 716925 [ 683.573482][T21581] pgmajfault 0 [ 683.573482][T21581] workingset_refault 99 [ 683.573482][T21581] workingset_activate 66 [ 683.573482][T21581] workingset_nodereclaim 0 [ 683.573482][T21581] pgrefill 562 [ 683.573482][T21581] pgscan 597 [ 683.573482][T21581] pgsteal 132 [ 683.671318][T21581] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21580,uid=0 [ 683.698090][T21581] Memory cgroup out of memory: Killed process 21580 (syz-executor.3) total-vm:72832kB, anon-rss:18220kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 683.729554][ T1065] oom_reaper: reaped process 21580 (syz-executor.3), now anon-rss:18228kB, file-rss:54332kB, shmem-rss:0kB 06:28:56 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xe135010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:56 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = creat(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) truncate(&(0x7f00000004c0)='./file1\x00', 0x98) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05caaacde8c49f2c396850"], 0x9) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000240)={&(0x7f0000000340)=ANY=[@ANYBLOB="9feb010018000000000000003000000017000000030000000a0000000000000b030000000f0000000000000c05000000060000000000000901000000060000000000000700000000006100"], &(0x7f0000000600)=""/181, 0x4b, 0xb5, 0x1}, 0x20) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000700)={0xffffffffffffff9c, 0xc0, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=0x1ff, 0x0, 0x0, 0x0, &(0x7f0000000480)={0x0, 0x1}, 0x0, 0x0, &(0x7f0000000540)={0x4, 0x2, 0x9, 0x2}, &(0x7f0000000580)=0x6, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=0x8}}, 0x10) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000b40)={r4, 0xb, &(0x7f0000000ac0)={&(0x7f0000000900)=""/167, 0xa7, r5}}, 0x13a) bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000200)={r0, 0x10, &(0x7f0000000100)={&(0x7f0000000280)=""/245, 0xf5, r5}}, 0x10) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r6 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r6, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") fcntl$getownex(r6, 0x10, &(0x7f0000000440)={0x0, 0x0}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x7fff, 0x2}, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, r7, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r1, 0x8010743f, &(0x7f0000000140)) 06:28:56 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xe235010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 684.260188][T21607] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 684.284984][T21607] CPU: 0 PID: 21607 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 684.294116][T21607] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 684.304154][T21607] Call Trace: [ 684.307432][T21607] dump_stack+0x172/0x1f0 [ 684.311746][T21607] dump_header+0x177/0x1152 [ 684.316234][T21607] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 684.322021][T21607] ? ___ratelimit+0x2c8/0x595 [ 684.326678][T21607] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 684.332470][T21607] ? lockdep_hardirqs_on+0x418/0x5d0 [ 684.337738][T21607] ? trace_hardirqs_on+0x67/0x240 [ 684.342742][T21607] ? pagefault_out_of_memory+0x11c/0x11c [ 684.348359][T21607] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 684.354231][T21607] ? ___ratelimit+0x60/0x595 [ 684.358805][T21607] ? do_raw_spin_unlock+0x57/0x270 [ 684.363910][T21607] oom_kill_process.cold+0x10/0x15 [ 684.369007][T21607] out_of_memory+0x334/0x1340 [ 684.373662][T21607] ? lock_downgrade+0x920/0x920 [ 684.378508][T21607] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 684.384306][T21607] ? oom_killer_disable+0x280/0x280 [ 684.389494][T21607] mem_cgroup_out_of_memory+0x1d8/0x240 [ 684.395022][T21607] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 684.400636][T21607] ? do_raw_spin_unlock+0x57/0x270 [ 684.405728][T21607] ? _raw_spin_unlock+0x2d/0x50 [ 684.410567][T21607] try_charge+0xf4b/0x1440 [ 684.414973][T21607] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 684.420498][T21607] ? percpu_ref_tryget_live+0x111/0x290 [ 684.426024][T21607] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 684.432251][T21607] ? __kasan_check_read+0x11/0x20 [ 684.437279][T21607] ? get_mem_cgroup_from_mm+0x156/0x320 [ 684.442826][T21607] mem_cgroup_try_charge+0x136/0x590 [ 684.448095][T21607] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 684.454319][T21607] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 684.459944][T21607] __handle_mm_fault+0x1e34/0x3f20 [ 684.465038][T21607] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 684.470574][T21607] ? __kasan_check_read+0x11/0x20 [ 684.475586][T21607] handle_mm_fault+0x1b5/0x6c0 [ 684.480333][T21607] __get_user_pages+0x7d4/0x1b30 [ 684.485252][T21607] ? mark_held_locks+0xf0/0xf0 [ 684.490004][T21607] ? follow_page_mask+0x1cf0/0x1cf0 [ 684.495178][T21607] ? __mm_populate+0x270/0x380 [ 684.499925][T21607] ? __kasan_check_write+0x14/0x20 [ 684.505029][T21607] ? down_read+0x109/0x430 [ 684.509428][T21607] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 684.515658][T21607] populate_vma_page_range+0x20d/0x2a0 [ 684.521109][T21607] __mm_populate+0x204/0x380 [ 684.525685][T21607] ? populate_vma_page_range+0x2a0/0x2a0 [ 684.531299][T21607] ? __kasan_check_write+0x14/0x20 [ 684.536392][T21607] ? up_write+0x155/0x490 [ 684.540700][T21607] ? ns_capable_common+0x93/0x100 [ 684.545710][T21607] __x64_sys_mlockall+0x473/0x520 [ 684.550717][T21607] do_syscall_64+0xfa/0x760 [ 684.555203][T21607] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 684.561069][T21607] RIP: 0033:0x459879 [ 684.564945][T21607] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 684.584528][T21607] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 684.592919][T21607] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 684.600871][T21607] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 684.608826][T21607] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 684.616777][T21607] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 684.624728][T21607] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff 06:28:56 executing program 0: r0 = open(0x0, 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:28:56 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xea, 0x0) [ 684.775078][T21616] FAULT_INJECTION: forcing a failure. [ 684.775078][T21616] name failslab, interval 1, probability 0, space 0, times 0 [ 684.803481][T21616] CPU: 1 PID: 21616 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 684.812622][T21616] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 684.822682][T21616] Call Trace: [ 684.825994][T21616] dump_stack+0x172/0x1f0 [ 684.830345][T21616] should_fail.cold+0xa/0x15 [ 684.834976][T21616] ? fault_create_debugfs_attr+0x180/0x180 [ 684.840796][T21616] ? ___might_sleep+0x163/0x280 [ 684.843145][T21607] memory: usage 307200kB, limit 307200kB, failcnt 4722 [ 684.845655][T21616] __should_failslab+0x121/0x190 [ 684.845675][T21616] should_failslab+0x9/0x14 [ 684.845688][T21616] kmem_cache_alloc+0x2aa/0x710 [ 684.845713][T21616] ? __kasan_check_read+0x11/0x20 [ 684.852693][T21607] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 684.857460][T21616] vm_area_dup+0x21/0x170 [ 684.857475][T21616] __split_vma+0xab/0x560 [ 684.857492][T21616] ? find_vma+0x30/0x170 [ 684.857508][T21616] __do_munmap+0x396/0x10f0 [ 684.857522][T21616] ? mark_held_locks+0xf0/0xf0 [ 684.857538][T21616] ? find_held_lock+0x35/0x130 [ 684.857556][T21616] do_munmap+0x31/0x40 [ 684.862144][T21607] Memory cgroup stats for /syz3: [ 684.862267][T21607] anon 303628288 [ 684.862267][T21607] file 0 [ 684.862267][T21607] kernel_stack 917504 [ 684.862267][T21607] slab 5566464 [ 684.862267][T21607] sock 0 [ 684.862267][T21607] shmem 0 [ 684.862267][T21607] file_mapped 0 [ 684.862267][T21607] file_dirty 0 [ 684.862267][T21607] file_writeback 0 [ 684.862267][T21607] anon_thp 213909504 [ 684.862267][T21607] inactive_anon 257056768 [ 684.862267][T21607] active_anon 18116608 [ 684.862267][T21607] inactive_file 0 [ 684.862267][T21607] active_file 0 [ 684.862267][T21607] unevictable 28221440 [ 684.862267][T21607] slab_reclaimable 1351680 [ 684.862267][T21607] slab_unreclaimable 4214784 [ 684.862267][T21607] pgfault 719334 [ 684.862267][T21607] pgmajfault 0 [ 684.862267][T21607] workingset_refault 99 [ 684.862267][T21607] workingset_activate 66 [ 684.862267][T21607] workingset_nodereclaim 0 [ 684.862267][T21607] pgrefill 562 [ 684.862267][T21607] pgscan 597 [ 684.862267][T21607] pgsteal 132 [ 684.866864][T21616] mremap_to+0x3b4/0x750 [ 684.866886][T21616] ? move_vma+0x950/0x950 [ 684.866903][T21616] ? __kasan_check_write+0x14/0x20 [ 684.866919][T21616] ? __mutex_unlock_slowpath+0xf8/0x6b0 [ 684.866937][T21616] __x64_sys_mremap+0x729/0xb80 [ 684.872084][T21607] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21576,uid=0 [ 684.878765][T21616] ? mremap_to+0x750/0x750 [ 684.878780][T21616] ? fput+0x1b/0x20 [ 684.878794][T21616] ? ksys_write+0x1cf/0x290 [ 684.878813][T21616] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 684.878827][T21616] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 684.878847][T21616] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 684.883333][T21607] Memory cgroup out of memory: Killed process 21576 (syz-executor.3) total-vm:72840kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 684.887449][T21616] ? do_syscall_64+0x26/0x760 [ 684.887466][T21616] ? lockdep_hardirqs_on+0x418/0x5d0 [ 684.887482][T21616] ? trace_hardirqs_on+0x67/0x240 [ 684.887502][T21616] do_syscall_64+0xfa/0x760 [ 684.887522][T21616] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 684.887537][T21616] RIP: 0033:0x459879 06:28:57 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xe335010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 685.119008][T21616] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 685.138616][T21616] RSP: 002b:00007f4e2a90cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 685.147035][T21616] RAX: ffffffffffffffda RBX: 00007f4e2a90cc90 RCX: 0000000000459879 [ 685.151096][T21604] syz-executor.2 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=1000 [ 685.155004][T21616] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 685.155014][T21616] RBP: 000000000075bfc8 R08: 0000000020130000 R09: 0000000000000000 [ 685.155023][T21616] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f4e2a90d6d4 [ 685.155032][T21616] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 0000000000000008 [ 685.205850][T21604] CPU: 0 PID: 21604 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 685.214974][T21604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 685.225031][T21604] Call Trace: [ 685.228334][T21604] dump_stack+0x172/0x1f0 [ 685.232674][T21604] dump_header+0x177/0x1152 [ 685.237179][T21604] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 685.242979][T21604] ? ___ratelimit+0x2c8/0x595 [ 685.247660][T21604] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 685.253469][T21604] ? lockdep_hardirqs_on+0x418/0x5d0 [ 685.258756][T21604] ? trace_hardirqs_on+0x67/0x240 [ 685.263786][T21604] ? pagefault_out_of_memory+0x11c/0x11c [ 685.269419][T21604] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 685.275225][T21604] ? ___ratelimit+0x60/0x595 [ 685.279928][T21604] ? do_raw_spin_unlock+0x57/0x270 [ 685.285047][T21604] oom_kill_process.cold+0x10/0x15 [ 685.290173][T21604] out_of_memory+0x334/0x1340 [ 685.294860][T21604] ? lock_downgrade+0x920/0x920 [ 685.299716][T21604] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 685.305524][T21604] ? oom_killer_disable+0x280/0x280 [ 685.310737][T21604] mem_cgroup_out_of_memory+0x1d8/0x240 [ 685.316282][T21604] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 685.321916][T21604] ? do_raw_spin_unlock+0x57/0x270 [ 685.327027][T21604] ? _raw_spin_unlock+0x2d/0x50 [ 685.331883][T21604] try_charge+0xf4b/0x1440 [ 685.336306][T21604] ? __lock_acquire+0x800/0x4a00 [ 685.341247][T21604] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 685.346788][T21604] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 685.352767][T21604] ? cache_grow_begin+0x122/0xd20 [ 685.357792][T21604] ? find_held_lock+0x35/0x130 [ 685.362553][T21604] ? cache_grow_begin+0x122/0xd20 [ 685.367589][T21604] __memcg_kmem_charge_memcg+0x71/0xf0 [ 685.373052][T21604] ? memcg_kmem_put_cache+0x50/0x50 [ 685.378254][T21604] ? __kasan_check_read+0x11/0x20 [ 685.383281][T21604] cache_grow_begin+0x629/0xd20 [ 685.388135][T21604] ? __sanitizer_cov_trace_cmp2+0x11/0x20 [ 685.393857][T21604] ? mempolicy_slab_node+0x139/0x390 [ 685.399166][T21604] fallback_alloc+0x1fd/0x2d0 [ 685.403852][T21604] ____cache_alloc_node+0x1bc/0x1d0 [ 685.409056][T21604] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 685.415300][T21604] kmem_cache_alloc+0x1ef/0x710 [ 685.420160][T21604] sk_prot_alloc+0x67/0x310 [ 685.424665][T21604] sk_alloc+0x39/0xf70 [ 685.428815][T21604] inet6_create+0x360/0xf80 [ 685.433345][T21604] __sock_create+0x3d8/0x730 [ 685.438034][T21604] __sys_socket+0x103/0x220 [ 685.442564][T21604] ? move_addr_to_kernel+0x80/0x80 [ 685.447676][T21604] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 685.453127][T21604] ? do_syscall_64+0x26/0x760 [ 685.457812][T21604] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 685.463871][T21604] ? do_syscall_64+0x26/0x760 [ 685.468530][T21604] __x64_sys_socket+0x73/0xb0 [ 685.473191][T21604] do_syscall_64+0xfa/0x760 [ 685.477691][T21604] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 685.483573][T21604] RIP: 0033:0x459879 [ 685.487445][T21604] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 685.507026][T21604] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 [ 685.515423][T21604] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000459879 06:28:57 executing program 1 (fault-call:16 fault-nth:1): mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 685.523376][T21604] RDX: 0000000000000000 RSI: 0000000000000006 RDI: 000000000000000a [ 685.531327][T21604] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 685.539399][T21604] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 685.547372][T21604] R13: 00000000004c850c R14: 00000000004df118 R15: 00000000ffffffff [ 685.576671][T21604] memory: usage 307200kB, limit 307200kB, failcnt 5353 [ 685.592669][T21604] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 685.623805][T21604] Memory cgroup stats for /syz2: [ 685.623917][T21604] anon 304783360 [ 685.623917][T21604] file 28672 [ 685.623917][T21604] kernel_stack 917504 [ 685.623917][T21604] slab 4554752 [ 685.623917][T21604] sock 0 [ 685.623917][T21604] shmem 0 [ 685.623917][T21604] file_mapped 0 [ 685.623917][T21604] file_dirty 0 [ 685.623917][T21604] file_writeback 0 [ 685.623917][T21604] anon_thp 224395264 [ 685.623917][T21604] inactive_anon 242716672 [ 685.623917][T21604] active_anon 11780096 [ 685.623917][T21604] inactive_file 0 [ 685.623917][T21604] active_file 0 [ 685.623917][T21604] unevictable 50204672 [ 685.623917][T21604] slab_reclaimable 1216512 [ 685.623917][T21604] slab_unreclaimable 3338240 [ 685.623917][T21604] pgfault 744909 [ 685.623917][T21604] pgmajfault 0 [ 685.623917][T21604] workingset_refault 165 [ 685.623917][T21604] workingset_activate 66 [ 685.623917][T21604] workingset_nodereclaim 0 [ 685.623917][T21604] pgrefill 1367 [ 685.623917][T21604] pgscan 1561 [ 685.623917][T21604] pgsteal 198 [ 685.737006][T21604] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21603,uid=0 [ 685.754364][T21604] Memory cgroup out of memory: Killed process 21603 (syz-executor.2) total-vm:72832kB, anon-rss:18220kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 685.773573][T21625] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 685.783955][T21625] CPU: 0 PID: 21625 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 685.793056][T21625] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 685.803103][T21625] Call Trace: [ 685.806403][T21625] dump_stack+0x172/0x1f0 [ 685.810736][T21625] dump_header+0x177/0x1152 [ 685.815241][T21625] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 685.821042][T21625] ? ___ratelimit+0x2c8/0x595 [ 685.825720][T21625] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 685.831528][T21625] ? lockdep_hardirqs_on+0x418/0x5d0 [ 685.836808][T21625] ? trace_hardirqs_on+0x67/0x240 [ 685.841834][T21625] ? pagefault_out_of_memory+0x11c/0x11c [ 685.847467][T21625] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 685.853270][T21625] ? ___ratelimit+0x60/0x595 [ 685.857855][T21625] ? do_raw_spin_unlock+0x57/0x270 [ 685.862984][T21625] oom_kill_process.cold+0x10/0x15 [ 685.868097][T21625] out_of_memory+0x334/0x1340 [ 685.872774][T21625] ? lock_downgrade+0x920/0x920 [ 685.877629][T21625] ? oom_killer_disable+0x280/0x280 [ 685.882834][T21625] mem_cgroup_out_of_memory+0x1d8/0x240 [ 685.888384][T21625] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 685.894018][T21625] ? do_raw_spin_unlock+0x57/0x270 [ 685.899140][T21625] ? _raw_spin_unlock+0x2d/0x50 [ 685.903994][T21625] try_charge+0xf4b/0x1440 [ 685.908424][T21625] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 685.913968][T21625] ? percpu_ref_tryget_live+0x111/0x290 [ 685.919508][T21625] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 685.925728][T21625] ? __kasan_check_read+0x11/0x20 [ 685.930744][T21625] ? get_mem_cgroup_from_mm+0x156/0x320 [ 685.936409][T21625] mem_cgroup_try_charge+0x136/0x590 [ 685.941673][T21625] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 685.947903][T21625] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 685.953526][T21625] wp_page_copy+0x41e/0x1590 [ 685.958102][T21625] ? find_held_lock+0x35/0x130 [ 685.962862][T21625] ? pmd_pfn+0x1d0/0x1d0 [ 685.967083][T21625] ? lock_downgrade+0x920/0x920 [ 685.971963][T21625] ? swp_swapcount+0x540/0x540 [ 685.976705][T21625] ? __kasan_check_read+0x11/0x20 [ 685.981705][T21625] ? do_raw_spin_unlock+0x57/0x270 [ 685.986796][T21625] do_wp_page+0x499/0x14d0 [ 685.991206][T21625] ? finish_mkwrite_fault+0x570/0x570 [ 685.996570][T21625] __handle_mm_fault+0x22f1/0x3f20 [ 686.001665][T21625] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 686.007194][T21625] ? __kasan_check_read+0x11/0x20 [ 686.012214][T21625] handle_mm_fault+0x1b5/0x6c0 [ 686.017020][T21625] __get_user_pages+0x7d4/0x1b30 [ 686.021947][T21625] ? mark_held_locks+0xf0/0xf0 [ 686.026698][T21625] ? follow_page_mask+0x1cf0/0x1cf0 [ 686.031966][T21625] ? __mm_populate+0x270/0x380 [ 686.036751][T21625] ? __kasan_check_write+0x14/0x20 [ 686.041850][T21625] ? down_read+0x109/0x430 [ 686.046243][T21625] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 686.052480][T21625] populate_vma_page_range+0x20d/0x2a0 [ 686.057934][T21625] __mm_populate+0x204/0x380 [ 686.062516][T21625] ? populate_vma_page_range+0x2a0/0x2a0 [ 686.068139][T21625] ? __kasan_check_write+0x14/0x20 [ 686.073238][T21625] ? up_write+0x155/0x490 [ 686.077552][T21625] ? ns_capable_common+0x93/0x100 [ 686.082569][T21625] __x64_sys_mlockall+0x473/0x520 [ 686.087582][T21625] do_syscall_64+0xfa/0x760 [ 686.092076][T21625] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 686.097952][T21625] RIP: 0033:0x459879 [ 686.101840][T21625] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 686.121433][T21625] RSP: 002b:00007fc0ba507c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 686.129834][T21625] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 06:28:58 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) openat$uinput(0xffffffffffffff9c, &(0x7f0000000140)='/dev/uinput\x00', 0x802, 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$VIDIOC_RESERVED(r0, 0x5601, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c681977f2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c3968500000000000"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:28:58 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xe435010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:58 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:28:58 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xeb, 0x0) [ 686.137806][T21625] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 686.145798][T21625] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 686.153785][T21625] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5086d4 [ 686.161749][T21625] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 686.171903][T21625] memory: usage 307196kB, limit 307200kB, failcnt 4753 [ 686.182381][T21625] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 686.204950][T21625] Memory cgroup stats for /syz3: [ 686.205057][T21625] anon 303529984 [ 686.205057][T21625] file 0 [ 686.205057][T21625] kernel_stack 1048576 [ 686.205057][T21625] slab 5566464 [ 686.205057][T21625] sock 0 [ 686.205057][T21625] shmem 0 [ 686.205057][T21625] file_mapped 0 [ 686.205057][T21625] file_dirty 0 [ 686.205057][T21625] file_writeback 0 [ 686.205057][T21625] anon_thp 211812352 [ 686.205057][T21625] inactive_anon 247857152 [ 686.205057][T21625] active_anon 18116608 [ 686.205057][T21625] inactive_file 0 [ 686.205057][T21625] active_file 0 [ 686.205057][T21625] unevictable 37355520 [ 686.205057][T21625] slab_reclaimable 1351680 [ 686.205057][T21625] slab_unreclaimable 4214784 [ 686.205057][T21625] pgfault 723888 [ 686.205057][T21625] pgmajfault 0 [ 686.205057][T21625] workingset_refault 99 [ 686.205057][T21625] workingset_activate 66 [ 686.205057][T21625] workingset_nodereclaim 0 [ 686.205057][T21625] pgrefill 562 [ 686.205057][T21625] pgscan 597 [ 686.205057][T21625] pgsteal 132 [ 686.300204][T21625] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21606,uid=0 [ 686.317527][T21625] Memory cgroup out of memory: Killed process 21606 (syz-executor.3) total-vm:72832kB, anon-rss:18220kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 686.363615][ T1065] oom_reaper: reaped process 21606 (syz-executor.3), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 686.375480][T21635] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 686.386173][T21635] CPU: 0 PID: 21635 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 686.395273][T21635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 686.395280][T21635] Call Trace: [ 686.395301][T21635] dump_stack+0x172/0x1f0 [ 686.395320][T21635] dump_header+0x177/0x1152 [ 686.395340][T21635] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 686.423236][T21635] ? ___ratelimit+0x2c8/0x595 [ 686.427909][T21635] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 686.427928][T21635] ? lockdep_hardirqs_on+0x418/0x5d0 [ 686.427945][T21635] ? trace_hardirqs_on+0x67/0x240 [ 686.427963][T21635] ? pagefault_out_of_memory+0x11c/0x11c [ 686.427979][T21635] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 686.427993][T21635] ? ___ratelimit+0x60/0x595 [ 686.428005][T21635] ? do_raw_spin_unlock+0x57/0x270 [ 686.428024][T21635] oom_kill_process.cold+0x10/0x15 [ 686.428040][T21635] out_of_memory+0x334/0x1340 [ 686.428054][T21635] ? lock_downgrade+0x920/0x920 [ 686.428073][T21635] ? oom_killer_disable+0x280/0x280 [ 686.428097][T21635] mem_cgroup_out_of_memory+0x1d8/0x240 [ 686.444155][T21635] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 686.465211][T21635] ? do_raw_spin_unlock+0x57/0x270 [ 686.465231][T21635] ? _raw_spin_unlock+0x2d/0x50 [ 686.465250][T21635] try_charge+0xf4b/0x1440 [ 686.465274][T21635] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 686.490544][T21635] ? percpu_ref_tryget_live+0x111/0x290 [ 686.490564][T21635] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 686.490587][T21635] ? __kasan_check_read+0x11/0x20 [ 686.510521][T21635] ? get_mem_cgroup_from_mm+0x156/0x320 [ 686.532924][T21635] mem_cgroup_try_charge+0x136/0x590 [ 686.532944][T21635] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 686.532963][T21635] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 686.555622][T21635] __handle_mm_fault+0x1e34/0x3f20 [ 686.560743][T21635] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 686.566300][T21635] ? __kasan_check_read+0x11/0x20 [ 686.566326][T21635] handle_mm_fault+0x1b5/0x6c0 [ 686.566345][T21635] __get_user_pages+0x7d4/0x1b30 [ 686.576094][T21635] ? mark_held_locks+0xf0/0xf0 [ 686.576123][T21635] ? follow_page_mask+0x1cf0/0x1cf0 [ 686.576136][T21635] ? __mm_populate+0x270/0x380 [ 686.576155][T21635] ? __kasan_check_write+0x14/0x20 [ 686.585811][T21635] ? down_read+0x109/0x430 [ 686.595723][T21635] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 686.595745][T21635] populate_vma_page_range+0x20d/0x2a0 [ 686.595766][T21635] __mm_populate+0x204/0x380 [ 686.595784][T21635] ? populate_vma_page_range+0x2a0/0x2a0 [ 686.605271][T21635] ? __kasan_check_write+0x14/0x20 [ 686.616917][T21635] ? up_write+0x155/0x490 [ 686.616932][T21635] ? ns_capable_common+0x93/0x100 [ 686.616955][T21635] __x64_sys_mlockall+0x473/0x520 [ 686.616979][T21635] do_syscall_64+0xfa/0x760 [ 686.627162][T21635] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 686.627175][T21635] RIP: 0033:0x459879 [ 686.627190][T21635] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 686.627198][T21635] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 686.636603][T21635] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 686.636612][T21635] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 686.636621][T21635] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 686.636630][T21635] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 686.636639][T21635] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 686.753070][T21635] memory: usage 307168kB, limit 307200kB, failcnt 940 06:28:58 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0xeb06db333651c4bb}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") ioctl$FS_IOC_GETFLAGS(r3, 0x80086601, &(0x7f0000000100)) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) [ 686.785867][T21635] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 686.803245][T21635] Memory cgroup stats for /syz1: [ 686.803366][T21635] anon 294350848 [ 686.803366][T21635] file 122880 [ 686.803366][T21635] kernel_stack 851968 [ 686.803366][T21635] slab 15196160 [ 686.803366][T21635] sock 0 [ 686.803366][T21635] shmem 61440 [ 686.803366][T21635] file_mapped 0 [ 686.803366][T21635] file_dirty 0 [ 686.803366][T21635] file_writeback 0 [ 686.803366][T21635] anon_thp 123731968 [ 686.803366][T21635] inactive_anon 261300224 [ 686.803366][T21635] active_anon 5459968 [ 686.803366][T21635] inactive_file 90112 [ 686.803366][T21635] active_file 135168 [ 686.803366][T21635] unevictable 27656192 [ 686.803366][T21635] slab_reclaimable 6758400 [ 686.803366][T21635] slab_unreclaimable 8437760 [ 686.803366][T21635] pgfault 140877 [ 686.803366][T21635] pgmajfault 0 [ 686.803366][T21635] workingset_refault 0 [ 686.803366][T21635] workingset_activate 0 06:28:59 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xe4ffffff00000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 686.803366][T21635] workingset_nodereclaim 0 [ 686.803366][T21635] pgrefill 308 [ 686.803366][T21635] pgscan 4388 [ 686.803366][T21635] pgsteal 4133 06:28:59 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 686.977142][T21635] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=21558,uid=0 [ 687.002316][T21635] Memory cgroup out of memory: Killed process 21558 (syz-executor.1) total-vm:72840kB, anon-rss:18480kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 687.060897][T21647] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 687.061603][ T1065] oom_reaper: reaped process 21558 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 687.082626][T21647] CPU: 1 PID: 21647 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 687.091737][T21647] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 687.101797][T21647] Call Trace: [ 687.105097][T21647] dump_stack+0x172/0x1f0 [ 687.109439][T21647] dump_header+0x177/0x1152 [ 687.113955][T21647] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 687.119759][T21647] ? ___ratelimit+0x2c8/0x595 [ 687.124425][T21647] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 687.130232][T21647] ? lockdep_hardirqs_on+0x418/0x5d0 [ 687.135515][T21647] ? trace_hardirqs_on+0x67/0x240 [ 687.140676][T21647] ? pagefault_out_of_memory+0x11c/0x11c [ 687.146317][T21647] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 687.152125][T21647] ? ___ratelimit+0x60/0x595 [ 687.156718][T21647] ? do_raw_spin_unlock+0x57/0x270 [ 687.161851][T21647] oom_kill_process.cold+0x10/0x15 [ 687.166973][T21647] out_of_memory+0x334/0x1340 [ 687.171654][T21647] ? lock_downgrade+0x920/0x920 [ 687.176517][T21647] ? oom_killer_disable+0x280/0x280 [ 687.181731][T21647] mem_cgroup_out_of_memory+0x1d8/0x240 [ 687.187279][T21647] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 687.192917][T21647] ? do_raw_spin_unlock+0x57/0x270 [ 687.198043][T21647] ? _raw_spin_unlock+0x2d/0x50 [ 687.202900][T21647] try_charge+0xf4b/0x1440 [ 687.207328][T21647] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 687.212863][T21647] ? percpu_ref_tryget_live+0x111/0x290 [ 687.218440][T21647] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 687.224667][T21647] ? __kasan_check_read+0x11/0x20 [ 687.229683][T21647] ? get_mem_cgroup_from_mm+0x156/0x320 [ 687.235216][T21647] mem_cgroup_try_charge+0x136/0x590 [ 687.240491][T21647] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 687.246721][T21647] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 687.252336][T21647] __handle_mm_fault+0x1e34/0x3f20 [ 687.257470][T21647] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 687.263003][T21647] ? __kasan_check_read+0x11/0x20 [ 687.268033][T21647] handle_mm_fault+0x1b5/0x6c0 [ 687.272787][T21647] __get_user_pages+0x7d4/0x1b30 [ 687.277876][T21647] ? mark_held_locks+0xf0/0xf0 [ 687.282640][T21647] ? follow_page_mask+0x1cf0/0x1cf0 [ 687.287819][T21647] ? __mm_populate+0x270/0x380 [ 687.292571][T21647] ? __kasan_check_write+0x14/0x20 [ 687.297669][T21647] ? down_read+0x109/0x430 [ 687.302072][T21647] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 687.308295][T21647] populate_vma_page_range+0x20d/0x2a0 [ 687.313733][T21647] __mm_populate+0x204/0x380 [ 687.318325][T21647] ? populate_vma_page_range+0x2a0/0x2a0 [ 687.323979][T21647] ? __kasan_check_write+0x14/0x20 [ 687.329072][T21647] ? up_write+0x155/0x490 [ 687.333377][T21647] ? ns_capable_common+0x93/0x100 [ 687.338394][T21647] __x64_sys_mlockall+0x473/0x520 [ 687.343400][T21647] do_syscall_64+0xfa/0x760 [ 687.347889][T21647] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 687.353760][T21647] RIP: 0033:0x459879 [ 687.357635][T21647] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 687.377220][T21647] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 687.385613][T21647] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 687.393565][T21647] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 687.401514][T21647] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 06:28:59 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xe535010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:28:59 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xec, 0x0) [ 687.409462][T21647] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 687.417419][T21647] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 687.435220][T21647] memory: usage 307076kB, limit 307200kB, failcnt 5376 [ 687.475871][T21647] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 687.487229][T21647] Memory cgroup stats for /syz2: [ 687.491814][T21647] anon 304705536 [ 687.491814][T21647] file 28672 [ 687.491814][T21647] kernel_stack 851968 [ 687.491814][T21647] slab 4554752 [ 687.491814][T21647] sock 0 [ 687.491814][T21647] shmem 0 [ 687.491814][T21647] file_mapped 0 [ 687.491814][T21647] file_dirty 0 [ 687.491814][T21647] file_writeback 0 [ 687.491814][T21647] anon_thp 224395264 [ 687.491814][T21647] inactive_anon 250556416 [ 687.491814][T21647] active_anon 11780096 [ 687.491814][T21647] inactive_file 0 [ 687.491814][T21647] active_file 0 [ 687.491814][T21647] unevictable 42364928 [ 687.491814][T21647] slab_reclaimable 1216512 [ 687.491814][T21647] slab_unreclaimable 3338240 [ 687.491814][T21647] pgfault 747681 [ 687.491814][T21647] pgmajfault 0 [ 687.491814][T21647] workingset_refault 198 [ 687.491814][T21647] workingset_activate 66 [ 687.491814][T21647] workingset_nodereclaim 0 [ 687.491814][T21647] pgrefill 1367 [ 687.491814][T21647] pgscan 1561 [ 687.491814][T21647] pgsteal 198 [ 687.497908][T21647] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21612,uid=0 06:28:59 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xe635010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 687.613185][T21647] Memory cgroup out of memory: Killed process 21612 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 687.641757][ T1065] oom_reaper: reaped process 21612 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 687.659786][T21651] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 687.679378][T21651] CPU: 0 PID: 21651 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 687.688505][T21651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 687.698569][T21651] Call Trace: [ 687.701863][T21651] dump_stack+0x172/0x1f0 [ 687.701888][T21651] dump_header+0x177/0x1152 [ 687.710686][T21651] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 687.710700][T21651] ? ___ratelimit+0x2c8/0x595 [ 687.710714][T21651] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 687.710734][T21651] ? lockdep_hardirqs_on+0x418/0x5d0 [ 687.721172][T21651] ? trace_hardirqs_on+0x67/0x240 [ 687.721191][T21651] ? pagefault_out_of_memory+0x11c/0x11c [ 687.721210][T21651] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 687.732258][T21651] ? ___ratelimit+0x60/0x595 [ 687.732273][T21651] ? do_raw_spin_unlock+0x57/0x270 [ 687.732293][T21651] oom_kill_process.cold+0x10/0x15 [ 687.732310][T21651] out_of_memory+0x334/0x1340 [ 687.742925][T21651] ? lock_downgrade+0x920/0x920 [ 687.742946][T21651] ? oom_killer_disable+0x280/0x280 [ 687.742974][T21651] mem_cgroup_out_of_memory+0x1d8/0x240 [ 687.742994][T21651] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 687.753341][T21651] ? do_raw_spin_unlock+0x57/0x270 [ 687.753359][T21651] ? _raw_spin_unlock+0x2d/0x50 [ 687.753379][T21651] try_charge+0xf4b/0x1440 [ 687.753404][T21651] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 687.763571][T21651] ? percpu_ref_tryget_live+0x111/0x290 [ 687.763592][T21651] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 687.763610][T21651] ? __kasan_check_read+0x11/0x20 [ 687.763628][T21651] ? get_mem_cgroup_from_mm+0x156/0x320 [ 687.763645][T21651] mem_cgroup_try_charge+0x136/0x590 [ 687.773125][T21651] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 687.773146][T21651] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 687.773167][T21651] __handle_mm_fault+0x1e34/0x3f20 [ 687.773189][T21651] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 687.783892][T21651] ? __kasan_check_read+0x11/0x20 [ 687.783917][T21651] handle_mm_fault+0x1b5/0x6c0 [ 687.783941][T21651] __get_user_pages+0x7d4/0x1b30 [ 687.794633][T21651] ? mark_held_locks+0xf0/0xf0 [ 687.794660][T21651] ? follow_page_mask+0x1cf0/0x1cf0 [ 687.794673][T21651] ? __mm_populate+0x270/0x380 [ 687.794698][T21651] ? __kasan_check_write+0x14/0x20 [ 687.803914][T21651] ? down_read+0x109/0x430 [ 687.803931][T21651] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 687.803950][T21651] populate_vma_page_range+0x20d/0x2a0 [ 687.803979][T21651] __mm_populate+0x204/0x380 [ 687.815023][T21651] ? populate_vma_page_range+0x2a0/0x2a0 [ 687.815040][T21651] ? __kasan_check_write+0x14/0x20 [ 687.815054][T21651] ? up_write+0x155/0x490 [ 687.815066][T21651] ? ns_capable_common+0x93/0x100 [ 687.815086][T21651] __x64_sys_mlockall+0x473/0x520 [ 687.826298][T21651] do_syscall_64+0xfa/0x760 [ 687.826320][T21651] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 687.826332][T21651] RIP: 0033:0x459879 [ 687.826346][T21651] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 687.826358][T21651] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 687.843360][T21651] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 687.843369][T21651] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 687.843378][T21651] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 687.843387][T21651] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 687.843395][T21651] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 687.863053][T21651] memory: usage 307192kB, limit 307200kB, failcnt 4763 [ 687.885376][T21651] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 687.905215][T21651] Memory cgroup stats for /syz3: [ 687.905327][T21651] anon 303640576 [ 687.905327][T21651] file 0 [ 687.905327][T21651] kernel_stack 917504 [ 687.905327][T21651] slab 5566464 [ 687.905327][T21651] sock 0 [ 687.905327][T21651] shmem 0 [ 687.905327][T21651] file_mapped 0 [ 687.905327][T21651] file_dirty 0 [ 687.905327][T21651] file_writeback 0 [ 687.905327][T21651] anon_thp 211812352 [ 687.905327][T21651] inactive_anon 254885888 [ 687.905327][T21651] active_anon 18116608 [ 687.905327][T21651] inactive_file 0 [ 687.905327][T21651] active_file 0 [ 687.905327][T21651] unevictable 30597120 [ 687.905327][T21651] slab_reclaimable 1351680 [ 687.905327][T21651] slab_unreclaimable 4214784 [ 687.905327][T21651] pgfault 726858 [ 687.905327][T21651] pgmajfault 0 [ 687.905327][T21651] workingset_refault 99 [ 687.905327][T21651] workingset_activate 66 [ 687.905327][T21651] workingset_nodereclaim 0 [ 687.905327][T21651] pgrefill 562 [ 687.905327][T21651] pgscan 597 [ 687.905327][T21651] pgsteal 132 [ 687.911796][T21651] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21627,uid=0 [ 687.927449][T21651] Memory cgroup out of memory: Killed process 21627 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 687.969215][T21635] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 688.075334][T21635] CPU: 0 PID: 21635 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 688.174790][T21635] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 688.174796][T21635] Call Trace: [ 688.174818][T21635] dump_stack+0x172/0x1f0 [ 688.174840][T21635] dump_header+0x177/0x1152 [ 688.174858][T21635] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 688.174871][T21635] ? ___ratelimit+0x2c8/0x595 [ 688.174882][T21635] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 688.174902][T21635] ? lockdep_hardirqs_on+0x418/0x5d0 [ 688.194049][T21635] ? trace_hardirqs_on+0x67/0x240 [ 688.194068][T21635] ? pagefault_out_of_memory+0x11c/0x11c [ 688.194088][T21635] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 688.194102][T21635] ? ___ratelimit+0x60/0x595 [ 688.194116][T21635] ? do_raw_spin_unlock+0x57/0x270 [ 688.194132][T21635] oom_kill_process.cold+0x10/0x15 [ 688.194149][T21635] out_of_memory+0x334/0x1340 [ 688.194162][T21635] ? lock_downgrade+0x920/0x920 [ 688.194184][T21635] ? oom_killer_disable+0x280/0x280 [ 688.201797][T21635] mem_cgroup_out_of_memory+0x1d8/0x240 [ 688.201815][T21635] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 688.201835][T21635] ? do_raw_spin_unlock+0x57/0x270 [ 688.201853][T21635] ? _raw_spin_unlock+0x2d/0x50 [ 688.201872][T21635] try_charge+0xf4b/0x1440 [ 688.212149][T21635] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 688.212163][T21635] ? percpu_ref_tryget_live+0x111/0x290 [ 688.212182][T21635] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 688.212199][T21635] ? __kasan_check_read+0x11/0x20 [ 688.212221][T21635] ? get_mem_cgroup_from_mm+0x156/0x320 [ 688.212238][T21635] mem_cgroup_try_charge+0x136/0x590 [ 688.212253][T21635] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 688.212275][T21635] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 688.228083][T21635] __handle_mm_fault+0x1e34/0x3f20 [ 688.228107][T21635] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 688.228135][T21635] ? __kasan_check_read+0x11/0x20 [ 688.228159][T21635] handle_mm_fault+0x1b5/0x6c0 [ 688.228176][T21635] __get_user_pages+0x7d4/0x1b30 [ 688.228190][T21635] ? mark_held_locks+0xf0/0xf0 [ 688.228213][T21635] ? follow_page_mask+0x1cf0/0x1cf0 [ 688.238825][T21635] ? __mm_populate+0x270/0x380 [ 688.238849][T21635] ? __kasan_check_write+0x14/0x20 [ 688.238866][T21635] ? down_read+0x109/0x430 [ 688.238883][T21635] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 688.238900][T21635] populate_vma_page_range+0x20d/0x2a0 [ 688.238919][T21635] __mm_populate+0x204/0x380 [ 688.238936][T21635] ? populate_vma_page_range+0x2a0/0x2a0 [ 688.238948][T21635] ? __kasan_check_write+0x14/0x20 [ 688.238964][T21635] ? up_write+0x155/0x490 [ 688.254411][T21635] ? ns_capable_common+0x93/0x100 [ 688.254440][T21635] __x64_sys_mlockall+0x473/0x520 [ 688.254459][T21635] do_syscall_64+0xfa/0x760 [ 688.254483][T21635] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 688.290468][T21635] RIP: 0033:0x459879 [ 688.290484][T21635] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 688.290492][T21635] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 688.290505][T21635] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 688.290514][T21635] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 688.290522][T21635] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 688.290531][T21635] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 688.290539][T21635] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 688.402700][T21635] memory: usage 296620kB, limit 307200kB, failcnt 971 06:29:00 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x0, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 688.528347][T21635] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 688.535904][T21635] Memory cgroup stats for /syz1: [ 688.536014][T21635] anon 283910144 [ 688.536014][T21635] file 122880 [ 688.536014][T21635] kernel_stack 851968 [ 688.536014][T21635] slab 15196160 [ 688.536014][T21635] sock 0 [ 688.536014][T21635] shmem 61440 [ 688.536014][T21635] file_mapped 0 [ 688.536014][T21635] file_dirty 0 [ 688.536014][T21635] file_writeback 0 [ 688.536014][T21635] anon_thp 123731968 [ 688.536014][T21635] inactive_anon 242511872 [ 688.536014][T21635] active_anon 5459968 [ 688.536014][T21635] inactive_file 90112 [ 688.536014][T21635] active_file 135168 [ 688.536014][T21635] unevictable 35901440 [ 688.536014][T21635] slab_reclaimable 6758400 [ 688.536014][T21635] slab_unreclaimable 8437760 [ 688.536014][T21635] pgfault 142923 [ 688.536014][T21635] pgmajfault 0 [ 688.536014][T21635] workingset_refault 0 [ 688.536014][T21635] workingset_activate 0 [ 688.536014][T21635] workingset_nodereclaim 0 [ 688.536014][T21635] pgrefill 341 [ 688.536014][T21635] pgscan 4421 [ 688.536014][T21635] pgsteal 4133 [ 688.694409][T21635] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=21634,uid=0 [ 688.711921][T21635] Memory cgroup out of memory: Killed process 21635 (syz-executor.1) total-vm:72576kB, anon-rss:16608kB, file-rss:37968kB, shmem-rss:0kB, UID:0 pgtables:172032kB oom_score_adj:1000 [ 688.730450][ T1065] oom_reaper: reaped process 21635 (syz-executor.1), now anon-rss:16608kB, file-rss:37968kB, shmem-rss:0kB 06:29:01 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 688.970703][T21670] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 688.999070][T21670] CPU: 1 PID: 21670 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 689.008260][T21670] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 689.018323][T21670] Call Trace: [ 689.021623][T21670] dump_stack+0x172/0x1f0 [ 689.025960][T21670] dump_header+0x177/0x1152 [ 689.030467][T21670] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 689.036269][T21670] ? ___ratelimit+0x2c8/0x595 [ 689.040947][T21670] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 689.046754][T21670] ? lockdep_hardirqs_on+0x418/0x5d0 [ 689.052040][T21670] ? trace_hardirqs_on+0x67/0x240 [ 689.057064][T21670] ? pagefault_out_of_memory+0x11c/0x11c [ 689.062706][T21670] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 689.068513][T21670] ? ___ratelimit+0x60/0x595 [ 689.073099][T21670] ? do_raw_spin_unlock+0x57/0x270 [ 689.078217][T21670] oom_kill_process.cold+0x10/0x15 [ 689.083328][T21670] out_of_memory+0x334/0x1340 [ 689.088003][T21670] ? lock_downgrade+0x920/0x920 [ 689.092856][T21670] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 689.098659][T21670] ? oom_killer_disable+0x280/0x280 [ 689.103867][T21670] mem_cgroup_out_of_memory+0x1d8/0x240 [ 689.109429][T21670] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 689.115077][T21670] ? do_raw_spin_unlock+0x57/0x270 [ 689.120205][T21670] ? _raw_spin_unlock+0x2d/0x50 [ 689.125075][T21670] try_charge+0xf4b/0x1440 [ 689.129510][T21670] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 689.135055][T21670] ? percpu_ref_tryget_live+0x111/0x290 [ 689.140609][T21670] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 689.146862][T21670] ? __kasan_check_read+0x11/0x20 [ 689.151912][T21670] ? get_mem_cgroup_from_mm+0x156/0x320 [ 689.157467][T21670] mem_cgroup_try_charge+0x136/0x590 [ 689.162760][T21670] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 689.169009][T21670] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 689.174657][T21670] wp_page_copy+0x41e/0x1590 [ 689.179258][T21670] ? find_held_lock+0x35/0x130 [ 689.184034][T21670] ? pmd_pfn+0x1d0/0x1d0 [ 689.188286][T21670] ? lock_downgrade+0x920/0x920 [ 689.193142][T21670] ? swp_swapcount+0x540/0x540 [ 689.197918][T21670] ? __kasan_check_read+0x11/0x20 [ 689.202944][T21670] ? do_raw_spin_unlock+0x57/0x270 [ 689.208062][T21670] do_wp_page+0x499/0x14d0 [ 689.212490][T21670] ? finish_mkwrite_fault+0x570/0x570 [ 689.217873][T21670] __handle_mm_fault+0x22f1/0x3f20 [ 689.222991][T21670] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 689.228553][T21670] ? __kasan_check_read+0x11/0x20 [ 689.233587][T21670] handle_mm_fault+0x1b5/0x6c0 [ 689.238359][T21670] __get_user_pages+0x7d4/0x1b30 [ 689.243298][T21670] ? mark_held_locks+0xf0/0xf0 [ 689.248071][T21670] ? follow_page_mask+0x1cf0/0x1cf0 [ 689.253278][T21670] ? __mm_populate+0x270/0x380 [ 689.258048][T21670] ? __kasan_check_write+0x14/0x20 [ 689.263159][T21670] ? down_read+0x109/0x430 [ 689.267583][T21670] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 689.273837][T21670] populate_vma_page_range+0x20d/0x2a0 [ 689.279311][T21670] __mm_populate+0x204/0x380 [ 689.283909][T21670] ? populate_vma_page_range+0x2a0/0x2a0 [ 689.289544][T21670] ? __kasan_check_write+0x14/0x20 [ 689.294654][T21670] ? up_write+0x155/0x490 [ 689.298982][T21670] ? ns_capable_common+0x93/0x100 [ 689.304022][T21670] __x64_sys_mlockall+0x473/0x520 [ 689.309052][T21670] do_syscall_64+0xfa/0x760 [ 689.313576][T21670] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 689.314175][T21643] cgroup: fork rejected by pids controller in /syz2 [ 689.319470][T21670] RIP: 0033:0x459879 [ 689.319484][T21670] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 689.319492][T21670] RSP: 002b:00007fc0ba507c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 689.319505][T21670] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 689.319512][T21670] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 689.319519][T21670] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 689.319533][T21670] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5086d4 [ 689.389827][T21670] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 689.414009][T21670] memory: usage 307200kB, limit 307200kB, failcnt 4774 [ 689.421100][T21670] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 689.428486][T21670] Memory cgroup stats for /syz3: [ 689.428603][T21670] anon 303480832 [ 689.428603][T21670] file 0 [ 689.428603][T21670] kernel_stack 983040 [ 689.428603][T21670] slab 5566464 [ 689.428603][T21670] sock 0 [ 689.428603][T21670] shmem 0 [ 689.428603][T21670] file_mapped 0 [ 689.428603][T21670] file_dirty 0 [ 689.428603][T21670] file_writeback 0 [ 689.428603][T21670] anon_thp 211812352 [ 689.428603][T21670] inactive_anon 252010496 [ 689.428603][T21670] active_anon 18116608 [ 689.428603][T21670] inactive_file 0 [ 689.428603][T21670] active_file 0 [ 689.428603][T21670] unevictable 33406976 [ 689.428603][T21670] slab_reclaimable 1351680 [ 689.428603][T21670] slab_unreclaimable 4214784 [ 689.428603][T21670] pgfault 733227 [ 689.428603][T21670] pgmajfault 0 [ 689.428603][T21670] workingset_refault 99 [ 689.428603][T21670] workingset_activate 66 [ 689.428603][T21670] workingset_nodereclaim 0 [ 689.428603][T21670] pgrefill 562 [ 689.428603][T21670] pgscan 597 [ 689.428603][T21670] pgsteal 132 [ 689.523858][T21670] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21650,uid=0 [ 689.539912][T21670] Memory cgroup out of memory: Killed process 21650 (syz-executor.3) total-vm:72964kB, anon-rss:18148kB, file-rss:54332kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 689.559014][ T1065] oom_reaper: reaped process 21650 (syz-executor.3), now anon-rss:18240kB, file-rss:54332kB, shmem-rss:0kB 06:29:01 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006de08a1dc97ba8376dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850000000000000"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:01 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xed, 0x0) 06:29:01 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:29:01 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xe735010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:01 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc9ea57d1b7e49b3a01f4dc7ba8f4ac27ba179f276dd7212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ece428f166b045a1cf2a9876283773609a94653401060b4447f2d3c000f2e61fe062d514424bf6f64396ffff0000e4e8e894232266017f7687132593511fc393e7f1fc256d2247d013bbc7a3488eb3a66357bccbd0547cca7fd261ef"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x8000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:29:01 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:29:02 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xe835010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:02 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x0, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 690.091172][T21793] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 690.144531][T21793] CPU: 1 PID: 21793 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 690.153690][T21793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.163755][T21793] Call Trace: [ 690.167063][T21793] dump_stack+0x172/0x1f0 [ 690.171442][T21793] dump_header+0x177/0x1152 [ 690.175959][T21793] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 690.182037][T21793] ? ___ratelimit+0x2c8/0x595 [ 690.186721][T21793] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 690.192560][T21793] ? lockdep_hardirqs_on+0x418/0x5d0 [ 690.197846][T21793] ? trace_hardirqs_on+0x67/0x240 [ 690.202875][T21793] ? pagefault_out_of_memory+0x11c/0x11c [ 690.208509][T21793] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 690.214313][T21793] ? ___ratelimit+0x60/0x595 [ 690.218905][T21793] ? do_raw_spin_unlock+0x57/0x270 [ 690.224066][T21793] oom_kill_process.cold+0x10/0x15 [ 690.229181][T21793] out_of_memory+0x334/0x1340 [ 690.233863][T21793] ? lock_downgrade+0x920/0x920 [ 690.238722][T21793] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 690.244538][T21793] ? oom_killer_disable+0x280/0x280 [ 690.249753][T21793] mem_cgroup_out_of_memory+0x1d8/0x240 [ 690.255308][T21793] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 690.260944][T21793] ? do_raw_spin_unlock+0x57/0x270 [ 690.266048][T21793] ? _raw_spin_unlock+0x2d/0x50 [ 690.266068][T21793] try_charge+0xf4b/0x1440 [ 690.266092][T21793] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 690.280845][T21793] ? percpu_ref_tryget_live+0x111/0x290 [ 690.286403][T21793] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 06:29:02 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0xfaff, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:02 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x10, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:29:02 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xe935010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 690.292656][T21793] ? __kasan_check_read+0x11/0x20 [ 690.297693][T21793] ? get_mem_cgroup_from_mm+0x156/0x320 [ 690.303269][T21793] mem_cgroup_try_charge+0x136/0x590 [ 690.308563][T21793] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 690.314810][T21793] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 690.320426][T21793] __handle_mm_fault+0x1e34/0x3f20 [ 690.325519][T21793] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 690.331069][T21793] ? __kasan_check_read+0x11/0x20 [ 690.336084][T21793] handle_mm_fault+0x1b5/0x6c0 [ 690.340829][T21793] __get_user_pages+0x7d4/0x1b30 [ 690.345745][T21793] ? mark_held_locks+0xf0/0xf0 [ 690.350493][T21793] ? follow_page_mask+0x1cf0/0x1cf0 [ 690.355673][T21793] ? __mm_populate+0x270/0x380 [ 690.360429][T21793] ? __kasan_check_write+0x14/0x20 [ 690.365536][T21793] ? down_read+0x109/0x430 [ 690.369932][T21793] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 690.376155][T21793] populate_vma_page_range+0x20d/0x2a0 [ 690.381610][T21793] __mm_populate+0x204/0x380 [ 690.386191][T21793] ? populate_vma_page_range+0x2a0/0x2a0 [ 690.391805][T21793] ? __kasan_check_write+0x14/0x20 [ 690.396892][T21793] ? up_write+0x155/0x490 [ 690.401199][T21793] ? ns_capable_common+0x93/0x100 [ 690.406209][T21793] __x64_sys_mlockall+0x473/0x520 [ 690.411229][T21793] do_syscall_64+0xfa/0x760 [ 690.415716][T21793] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 690.421583][T21793] RIP: 0033:0x459879 [ 690.425457][T21793] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 690.445041][T21793] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 690.453438][T21793] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 690.461387][T21793] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 690.469335][T21793] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 690.477290][T21793] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 690.485355][T21793] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 690.506484][T21793] memory: usage 307200kB, limit 307200kB, failcnt 4790 [ 690.513529][T21793] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 690.539580][T21793] Memory cgroup stats for /syz3: [ 690.539690][T21793] anon 303632384 [ 690.539690][T21793] file 0 [ 690.539690][T21793] kernel_stack 917504 [ 690.539690][T21793] slab 5566464 [ 690.539690][T21793] sock 0 [ 690.539690][T21793] shmem 0 [ 690.539690][T21793] file_mapped 0 [ 690.539690][T21793] file_dirty 0 [ 690.539690][T21793] file_writeback 0 [ 690.539690][T21793] anon_thp 211812352 [ 690.539690][T21793] inactive_anon 257011712 [ 690.539690][T21793] active_anon 18116608 [ 690.539690][T21793] inactive_file 0 [ 690.539690][T21793] active_file 0 [ 690.539690][T21793] unevictable 28540928 [ 690.539690][T21793] slab_reclaimable 1351680 [ 690.539690][T21793] slab_unreclaimable 4214784 [ 690.539690][T21793] pgfault 736197 [ 690.539690][T21793] pgmajfault 0 [ 690.539690][T21793] workingset_refault 99 [ 690.539690][T21793] workingset_activate 66 [ 690.539690][T21793] workingset_nodereclaim 0 [ 690.539690][T21793] pgrefill 562 [ 690.539690][T21793] pgscan 597 [ 690.539690][T21793] pgsteal 132 [ 690.577374][T21792] FAULT_FLAG_ALLOW_RETRY missing 70 [ 690.635151][T21793] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21671,uid=0 06:29:02 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xea35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 690.654660][T21793] Memory cgroup out of memory: Killed process 21671 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 690.683289][T21792] CPU: 0 PID: 21792 Comm: syz-executor.4 Not tainted 5.3.0-rc6-next-20190830 #75 [ 690.692427][T21792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.702833][T21792] Call Trace: [ 690.705748][ T1065] oom_reaper: reaped process 21671 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 690.706132][T21792] dump_stack+0x172/0x1f0 [ 690.721455][T21792] handle_userfault.cold+0x41/0x5e [ 690.726572][T21792] ? lock_downgrade+0x920/0x920 [ 690.731430][T21792] ? __kasan_check_read+0x11/0x20 [ 690.736460][T21792] ? userfaultfd_ioctl+0x3aa0/0x3aa0 [ 690.741751][T21792] ? find_get_entry+0x4ab/0x7a0 [ 690.746611][T21792] ? find_get_pages_contig+0xa20/0xa20 [ 690.752076][T21792] ? ___might_sleep+0x163/0x280 [ 690.756941][T21792] ? __kasan_check_read+0x11/0x20 [ 690.761989][T21792] ? find_lock_entry+0x1a7/0x560 [ 690.766929][T21792] shmem_getpage_gfp+0x1f51/0x2680 [ 690.772058][T21792] ? shmem_unuse_inode+0x1010/0x1010 [ 690.777352][T21792] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 690.783591][T21792] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 690.789835][T21792] shmem_fault+0x22a/0x7b0 [ 690.794262][T21792] ? shmem_read_mapping_page_gfp+0x1a0/0x1a0 [ 690.800247][T21792] ? find_lock_entry+0x560/0x560 [ 690.805192][T21792] ? pmd_val+0x85/0x100 [ 690.809350][T21792] ? pmd_val+0x85/0x100 [ 690.813507][T21792] __do_fault+0x111/0x540 [ 690.817836][T21792] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 690.824080][T21792] __handle_mm_fault+0x2cb8/0x3f20 [ 690.829201][T21792] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 690.834760][T21792] ? __kasan_check_read+0x11/0x20 [ 690.839794][T21792] handle_mm_fault+0x1b5/0x6c0 [ 690.841652][T21801] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 690.844560][T21792] __do_page_fault+0x536/0xdd0 [ 690.859483][T21792] do_page_fault+0x38/0x590 [ 690.863992][T21792] page_fault+0x39/0x40 [ 690.868146][T21792] RIP: 0033:0x453210 [ 690.872040][T21792] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 690.891640][T21792] RSP: 002b:00007ff1e67fb7a8 EFLAGS: 00010202 [ 690.897701][T21792] RAX: 00007ff1e67fb850 RBX: 0000000000000003 RCX: 000000000000000e [ 690.905670][T21792] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007ff1e67fb850 [ 690.913641][T21792] RBP: 000000000075bf20 R08: 00000000000003ff R09: 0000000000000000 [ 690.921614][T21792] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff1e67fc6d4 [ 690.929587][T21792] R13: 00000000004c8c4b R14: 00000000004dfbc8 R15: 00000000ffffffff [ 690.955207][T21801] CPU: 1 PID: 21801 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 690.964351][T21801] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 690.974412][T21801] Call Trace: [ 690.977720][T21801] dump_stack+0x172/0x1f0 [ 690.982057][T21801] dump_header+0x177/0x1152 [ 690.986552][T21801] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 690.992359][T21801] ? ___ratelimit+0x2c8/0x595 [ 690.997044][T21801] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 691.002854][T21801] ? lockdep_hardirqs_on+0x418/0x5d0 [ 691.008150][T21801] ? trace_hardirqs_on+0x67/0x240 [ 691.013273][T21801] ? pagefault_out_of_memory+0x11c/0x11c [ 691.018913][T21801] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 691.024725][T21801] ? ___ratelimit+0x60/0x595 [ 691.029326][T21801] ? do_raw_spin_unlock+0x57/0x270 [ 691.034447][T21801] oom_kill_process.cold+0x10/0x15 [ 691.039561][T21801] out_of_memory+0x334/0x1340 [ 691.044244][T21801] ? lock_downgrade+0x920/0x920 [ 691.049101][T21801] ? oom_killer_disable+0x280/0x280 [ 691.054306][T21801] mem_cgroup_out_of_memory+0x1d8/0x240 [ 691.059848][T21801] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 691.065482][T21801] ? do_raw_spin_unlock+0x57/0x270 [ 691.070594][T21801] ? _raw_spin_unlock+0x2d/0x50 [ 691.075451][T21801] try_charge+0xf4b/0x1440 [ 691.079881][T21801] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 691.085532][T21801] ? percpu_ref_tryget_live+0x111/0x290 [ 691.091081][T21801] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 691.097323][T21801] ? __kasan_check_read+0x11/0x20 [ 691.102358][T21801] ? get_mem_cgroup_from_mm+0x156/0x320 [ 691.107907][T21801] mem_cgroup_try_charge+0x136/0x590 [ 691.113194][T21801] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 691.119436][T21801] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 691.125075][T21801] __handle_mm_fault+0x1e34/0x3f20 [ 691.130191][T21801] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 691.135756][T21801] ? __kasan_check_read+0x11/0x20 [ 691.140789][T21801] handle_mm_fault+0x1b5/0x6c0 [ 691.145560][T21801] __get_user_pages+0x7d4/0x1b30 [ 691.150497][T21801] ? mark_held_locks+0xf0/0xf0 [ 691.155272][T21801] ? follow_page_mask+0x1cf0/0x1cf0 [ 691.160475][T21801] ? __mm_populate+0x270/0x380 [ 691.165251][T21801] ? __kasan_check_write+0x14/0x20 [ 691.170367][T21801] ? down_read+0x109/0x430 [ 691.174793][T21801] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 691.181075][T21801] populate_vma_page_range+0x20d/0x2a0 [ 691.186550][T21801] __mm_populate+0x204/0x380 [ 691.191152][T21801] ? populate_vma_page_range+0x2a0/0x2a0 [ 691.196791][T21801] ? __kasan_check_write+0x14/0x20 [ 691.201917][T21801] ? up_write+0x155/0x490 [ 691.206247][T21801] ? ns_capable_common+0x93/0x100 [ 691.211282][T21801] __x64_sys_mlockall+0x473/0x520 [ 691.216316][T21801] do_syscall_64+0xfa/0x760 [ 691.220827][T21801] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 691.226738][T21801] RIP: 0033:0x459879 [ 691.230643][T21801] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 691.250354][T21801] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 691.258770][T21801] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 691.266737][T21801] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 691.274711][T21801] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 691.282681][T21801] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 691.290653][T21801] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 691.314755][T21801] memory: usage 307200kB, limit 307200kB, failcnt 5391 [ 691.321817][T21801] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 691.343886][T21801] Memory cgroup stats for /syz2: [ 691.344002][T21801] anon 304099328 [ 691.344002][T21801] file 28672 [ 691.344002][T21801] kernel_stack 851968 [ 691.344002][T21801] slab 5373952 [ 691.344002][T21801] sock 0 [ 691.344002][T21801] shmem 0 [ 691.344002][T21801] file_mapped 0 [ 691.344002][T21801] file_dirty 0 [ 691.344002][T21801] file_writeback 0 [ 691.344002][T21801] anon_thp 224395264 [ 691.344002][T21801] inactive_anon 252755968 [ 691.344002][T21801] active_anon 11780096 [ 691.344002][T21801] inactive_file 0 [ 691.344002][T21801] active_file 0 [ 691.344002][T21801] unevictable 39579648 [ 691.344002][T21801] slab_reclaimable 1216512 [ 691.344002][T21801] slab_unreclaimable 4157440 [ 691.344002][T21801] pgfault 753489 [ 691.344002][T21801] pgmajfault 0 [ 691.344002][T21801] workingset_refault 198 [ 691.344002][T21801] workingset_activate 66 [ 691.344002][T21801] workingset_nodereclaim 0 [ 691.344002][T21801] pgrefill 1400 [ 691.344002][T21801] pgscan 1561 [ 691.344002][T21801] pgsteal 198 [ 691.438273][T21801] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=13842,uid=0 [ 691.453858][T21801] Memory cgroup out of memory: Killed process 13842 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 691.480324][ T1065] oom_reaper: reaped process 13842 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 691.491657][T21810] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 691.516998][T21810] CPU: 0 PID: 21810 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 691.526130][T21810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 691.536186][T21810] Call Trace: [ 691.539477][T21810] dump_stack+0x172/0x1f0 [ 691.543808][T21810] dump_header+0x177/0x1152 [ 691.548313][T21810] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 691.554113][T21810] ? ___ratelimit+0x2c8/0x595 [ 691.558784][T21810] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 691.564586][T21810] ? lockdep_hardirqs_on+0x418/0x5d0 [ 691.569877][T21810] ? trace_hardirqs_on+0x67/0x240 [ 691.574910][T21810] ? pagefault_out_of_memory+0x11c/0x11c [ 691.580544][T21810] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 691.586349][T21810] ? ___ratelimit+0x60/0x595 [ 691.590935][T21810] ? do_raw_spin_unlock+0x57/0x270 [ 691.596053][T21810] oom_kill_process.cold+0x10/0x15 [ 691.601178][T21810] out_of_memory+0x334/0x1340 [ 691.605861][T21810] ? lock_downgrade+0x920/0x920 [ 691.610720][T21810] ? oom_killer_disable+0x280/0x280 [ 691.615930][T21810] mem_cgroup_out_of_memory+0x1d8/0x240 [ 691.621479][T21810] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 691.627118][T21810] ? do_raw_spin_unlock+0x57/0x270 [ 691.632231][T21810] ? _raw_spin_unlock+0x2d/0x50 [ 691.637082][T21810] try_charge+0xf4b/0x1440 [ 691.641520][T21810] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 691.647065][T21810] ? percpu_ref_tryget_live+0x111/0x290 [ 691.652616][T21810] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 691.658864][T21810] ? __kasan_check_read+0x11/0x20 [ 691.663896][T21810] ? get_mem_cgroup_from_mm+0x156/0x320 [ 691.669450][T21810] mem_cgroup_try_charge+0x136/0x590 [ 691.674745][T21810] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 691.680997][T21810] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 691.686634][T21810] __handle_mm_fault+0x1e34/0x3f20 [ 691.691757][T21810] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 691.697326][T21810] ? __kasan_check_read+0x11/0x20 [ 691.702357][T21810] handle_mm_fault+0x1b5/0x6c0 [ 691.707128][T21810] __get_user_pages+0x7d4/0x1b30 [ 691.712093][T21810] ? mark_held_locks+0xf0/0xf0 [ 691.716881][T21810] ? follow_page_mask+0x1cf0/0x1cf0 [ 691.722077][T21810] ? __mm_populate+0x270/0x380 [ 691.726850][T21810] ? __kasan_check_write+0x14/0x20 [ 691.731961][T21810] ? down_read+0x109/0x430 [ 691.736373][T21810] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 691.742626][T21810] populate_vma_page_range+0x20d/0x2a0 [ 691.748091][T21810] __mm_populate+0x204/0x380 [ 691.752685][T21810] ? populate_vma_page_range+0x2a0/0x2a0 [ 691.758340][T21810] ? __kasan_check_write+0x14/0x20 [ 691.763450][T21810] ? up_write+0x155/0x490 [ 691.767784][T21810] ? ns_capable_common+0x93/0x100 [ 691.772817][T21810] __x64_sys_mlockall+0x473/0x520 [ 691.777844][T21810] do_syscall_64+0xfa/0x760 [ 691.782356][T21810] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 691.788238][T21810] RIP: 0033:0x459879 [ 691.792119][T21810] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 691.811704][T21810] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 691.820101][T21810] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 691.828055][T21810] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 691.836007][T21810] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 691.843958][T21810] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 691.851922][T21810] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 691.870303][T21810] memory: usage 307196kB, limit 307200kB, failcnt 992 [ 691.877230][T21810] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 691.890473][T21810] Memory cgroup stats for /syz1: [ 691.890591][T21810] anon 294424576 [ 691.890591][T21810] file 122880 [ 691.890591][T21810] kernel_stack 851968 [ 691.890591][T21810] slab 15196160 [ 691.890591][T21810] sock 0 [ 691.890591][T21810] shmem 61440 [ 691.890591][T21810] file_mapped 0 [ 691.890591][T21810] file_dirty 0 [ 691.890591][T21810] file_writeback 0 [ 691.890591][T21810] anon_thp 123731968 [ 691.890591][T21810] inactive_anon 261165056 [ 691.890591][T21810] active_anon 5459968 [ 691.890591][T21810] inactive_file 90112 [ 691.890591][T21810] active_file 135168 [ 691.890591][T21810] unevictable 27926528 [ 691.890591][T21810] slab_reclaimable 6758400 [ 691.890591][T21810] slab_unreclaimable 8437760 [ 691.890591][T21810] pgfault 150447 [ 691.890591][T21810] pgmajfault 0 [ 691.890591][T21810] workingset_refault 0 [ 691.890591][T21810] workingset_activate 0 [ 691.890591][T21810] workingset_nodereclaim 0 [ 691.890591][T21810] pgrefill 374 [ 691.890591][T21810] pgscan 4454 [ 691.890591][T21810] pgsteal 4133 [ 691.998312][T21810] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=21768,uid=0 [ 692.020812][T21810] Memory cgroup out of memory: Killed process 21768 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 692.057507][T21831] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 692.077404][T21831] CPU: 0 PID: 21831 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 692.086531][T21831] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 692.087173][ T1065] oom_reaper: reaped process 21768 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 692.096577][T21831] Call Trace: [ 692.096601][T21831] dump_stack+0x172/0x1f0 [ 692.096620][T21831] dump_header+0x177/0x1152 [ 692.096636][T21831] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 692.096646][T21831] ? ___ratelimit+0x2c8/0x595 [ 692.096659][T21831] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 692.096679][T21831] ? lockdep_hardirqs_on+0x418/0x5d0 [ 692.141346][T21831] ? trace_hardirqs_on+0x67/0x240 [ 692.146373][T21831] ? pagefault_out_of_memory+0x11c/0x11c [ 692.152009][T21831] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 692.157828][T21831] ? ___ratelimit+0x60/0x595 [ 692.162429][T21831] ? do_raw_spin_unlock+0x57/0x270 [ 692.167548][T21831] oom_kill_process.cold+0x10/0x15 [ 692.172666][T21831] out_of_memory+0x334/0x1340 [ 692.177351][T21831] ? lock_downgrade+0x920/0x920 [ 692.182210][T21831] ? oom_killer_disable+0x280/0x280 [ 692.187422][T21831] mem_cgroup_out_of_memory+0x1d8/0x240 [ 692.192975][T21831] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 692.198617][T21831] ? do_raw_spin_unlock+0x57/0x270 [ 692.203732][T21831] ? _raw_spin_unlock+0x2d/0x50 [ 692.208593][T21831] try_charge+0xf4b/0x1440 [ 692.213020][T21831] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 692.218561][T21831] ? percpu_ref_tryget_live+0x111/0x290 [ 692.224110][T21831] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 692.230350][T21831] ? __kasan_check_read+0x11/0x20 [ 692.235380][T21831] ? get_mem_cgroup_from_mm+0x156/0x320 [ 692.240931][T21831] mem_cgroup_try_charge+0x136/0x590 [ 692.246212][T21831] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 692.252456][T21831] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 692.258099][T21831] wp_page_copy+0x41e/0x1590 [ 692.262686][T21831] ? find_held_lock+0x35/0x130 [ 692.267573][T21831] ? pmd_pfn+0x1d0/0x1d0 [ 692.271813][T21831] ? lock_downgrade+0x920/0x920 [ 692.276664][T21831] ? swp_swapcount+0x540/0x540 [ 692.281429][T21831] ? __kasan_check_read+0x11/0x20 [ 692.286454][T21831] ? do_raw_spin_unlock+0x57/0x270 [ 692.291565][T21831] do_wp_page+0x499/0x14d0 [ 692.295983][T21831] ? finish_mkwrite_fault+0x570/0x570 [ 692.301362][T21831] __handle_mm_fault+0x22f1/0x3f20 [ 692.306477][T21831] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 692.312032][T21831] ? __kasan_check_read+0x11/0x20 [ 692.317066][T21831] handle_mm_fault+0x1b5/0x6c0 [ 692.321857][T21831] __get_user_pages+0x7d4/0x1b30 [ 692.326792][T21831] ? mark_held_locks+0xf0/0xf0 [ 692.331568][T21831] ? follow_page_mask+0x1cf0/0x1cf0 [ 692.336762][T21831] ? __mm_populate+0x270/0x380 [ 692.341535][T21831] ? __kasan_check_write+0x14/0x20 [ 692.346649][T21831] ? down_read+0x109/0x430 [ 692.351066][T21831] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 692.357311][T21831] populate_vma_page_range+0x20d/0x2a0 [ 692.362773][T21831] __mm_populate+0x204/0x380 [ 692.367365][T21831] ? populate_vma_page_range+0x2a0/0x2a0 [ 692.372998][T21831] ? __kasan_check_write+0x14/0x20 [ 692.378118][T21831] ? up_write+0x155/0x490 [ 692.382447][T21831] ? ns_capable_common+0x93/0x100 [ 692.387474][T21831] __x64_sys_mlockall+0x473/0x520 [ 692.392496][T21831] do_syscall_64+0xfa/0x760 [ 692.397006][T21831] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 692.402893][T21831] RIP: 0033:0x459879 [ 692.406786][T21831] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 692.426395][T21831] RSP: 002b:00007fe89cce7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 692.434806][T21831] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 692.442772][T21831] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 692.450741][T21831] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 692.458711][T21831] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cce86d4 [ 692.466678][T21831] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 692.517402][T21831] memory: usage 307196kB, limit 307200kB, failcnt 5428 [ 692.533179][T21831] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 692.540515][T21831] Memory cgroup stats for /syz2: [ 692.540640][T21831] anon 303919104 [ 692.540640][T21831] file 28672 [ 692.540640][T21831] kernel_stack 917504 [ 692.540640][T21831] slab 5373952 [ 692.540640][T21831] sock 0 [ 692.540640][T21831] shmem 0 [ 692.540640][T21831] file_mapped 0 [ 692.540640][T21831] file_dirty 0 [ 692.540640][T21831] file_writeback 0 [ 692.540640][T21831] anon_thp 220200960 [ 692.540640][T21831] inactive_anon 248258560 [ 692.540640][T21831] active_anon 11780096 [ 692.540640][T21831] inactive_file 0 [ 692.540640][T21831] active_file 0 [ 692.540640][T21831] unevictable 43700224 [ 692.540640][T21831] slab_reclaimable 1216512 [ 692.540640][T21831] slab_unreclaimable 4157440 [ 692.540640][T21831] pgfault 755238 [ 692.540640][T21831] pgmajfault 0 [ 692.540640][T21831] workingset_refault 198 [ 692.540640][T21831] workingset_activate 66 [ 692.540640][T21831] workingset_nodereclaim 0 [ 692.540640][T21831] pgrefill 1400 [ 692.540640][T21831] pgscan 1594 [ 692.540640][T21831] pgsteal 198 [ 692.635848][T21831] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21800,uid=0 [ 692.651870][T21831] Memory cgroup out of memory: Killed process 21800 (syz-executor.2) total-vm:72832kB, anon-rss:18016kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 692.671901][ T1065] oom_reaper: reaped process 21800 (syz-executor.2), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB 06:29:04 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") write$binfmt_elf32(r0, &(0x7f0000000440)={{0x7f, 0x45, 0x4c, 0x46, 0x100, 0x3f, 0x3, 0xfffffffffffffffc, 0x9, 0x1, 0x3, 0x8, 0x33f, 0x38, 0x31c, 0x101, 0x2, 0x20, 0x2, 0xffffffff80000001, 0x0, 0x6}, [{0x7, 0xccc, 0x6, 0x4, 0xef, 0x7, 0xc3c, 0x8}, {0x60000000, 0x7, 0x200009, 0x4, 0x8000, 0x100000000, 0x6, 0x5}], "79a7802caf31ecaf48ae2c338e9b887e2948986f4c534aa7dd6d0fd060311db7c94c73e90b91c52f695145cb7c5a34620fd617698e534d62f84f92ddc2d1b94de9edfddb0f6bdd1f4c838c84ea6c279316c7182831e1217908aa5dee891999c01cf94348be558eb74a4966d545bee02df2db6a636c4c4de1f0807e9624a0a01b2ac70a3762ad7991f47aed4f29e500020c675f79e47e3c1ff179b0ed17c6c4060bbdcdcf20f3c569d16520cc7e4ac8ac53ec5db9e90056e058e9adb16c648b1919dc3c6a12c64ccf7cddcc217ea7d10b36102fab654e", [[]]}, 0x24e) r1 = creat(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r3 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r3, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000006c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030e6b431ec3fca6be8ec05cd91cde8c49f2c396850ccb5eacbf901cba813cf1ff37a64e47a2c5d06cadcdde5716ccd3c5b7718606d21e2c7db0c45fbb5217eb545612b6baabd9c0d7718c11ea68371279cc72fee210e584d56ec6071aa8b04b940f4a3aa1d9baa452466267c09114ea82db6f53063ff6fec936739d0f9e540754127ee46e69291febead0d312f3a2b5176ff59744bb951546e0eb963a9d1ea67480faf437f230c8302387cb8dc51f9a08ec1a5aa53e376e26280779b667765428c7b"], 0xe9) r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r4, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) ioctl$GIO_UNISCRNMAP(0xffffffffffffffff, 0x4b69, &(0x7f0000000280)=""/114) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) fcntl$dupfd(r2, 0x406, r1) 06:29:04 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xeb35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:04 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xee, 0x0) 06:29:04 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x10, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:29:04 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000140)='net/dev_mcast\x00\xc0\x87\xeaU\x01\x1e\x14\xc9\xe3G\xdd\x1fU\xa6\x02j\x1c\xb7\xe0g\xf3\xc5w\x98\x1c\t\x94\xa1\xe8\r\x90\xd4\x9dh\xbd\xbc\x91\xfa\xb9\xc1\xc7\xf0c\xe6v\xe80x0, 0x1000, "3be2b64a13c65a7886073d719caf78d65a5746de489aff834416086f341b1449bbeff7a34ea5e7033b419f31f6af5a89ca4efab6be95c8495eaaeedcf07f42bbbfb4bc70f4622eec15acede64e75cd88f8eb692efb83a9e254bac8d4c0665520d4a11ee5c1630b933346d39a0035e17f7ed360a4d384361e17a07a8752f5d8bd6aa076aa5e366c15780e56081a5de0771a2f07f07840c8aa5ea1ce977647ecbf8ef6a53d7eab916057463bfe7e6b484550615a2d1bc877f6bc6978ebb1f8cc47aefbc489c7d288a6074bfea847fed4528cf7cce2c2f654c8eecc6099c6c1675c0de562dad2643cfc6cae5989a283f9617cff52419b6b49b62279f80bd4e452f39611755adfc863098271572264e413d82619de60bed56b6612fea4a764b78d5ea24de8360b3fed0a19724a8273cc9a664403421c39b0e659059c0268e08e418aeee2a4e0b4de2424ea4fab453973f68efd2bf98487bf63721e49c652cc91a57820cdb7e44ad809a4c6edf973097cb044f901ac825e021fe759a96261bd374a73ca653832590a902d32189c89d23e78d5ab8059b98da188fe56e7fd40ed605c8dd64ce49d4ea065b0fb9d1cde71bf7542353882afa899ca6425c0e5f32f807232e39c6b31f4936a4368acffaa5f09fb07440a99d77d82c119db4d2dfc161e42dcc5633dae1075fc2c823ef9425e15d892ef41fd297215fc064ecd67be419a08b5a650f6e955e0c4cea0018a01ee7892c94e735fc20d2d078647f5b8da51fb165c9bf61a4a6826d468930d84d3d8396780a6eaeb61fbf50e3b63b1316d6ff074d594d7399206228252b756f3571b7b8d81d85c1b0c1d25416a8891731d9e947d3271b3760d4ae137e9795bbb6302446700d066ac007f495c4dbbcf5c2d8e1ec56b34f0a4fb2846065a28f9da591118c115c2c51bf7c82154efd721f48c0915fa378a68f04d1cbb8d9eab43ce4cb5bbe854793f7bdf20f782ba6bc371dd45c7e049e4541e4312b32dfdabf95be6281100f10643413eb62ab281e3e333519f37c666a7bbb5f80dea973a2732564859f6955c0ccd54b6efd91f5bcd51d570894bd46789947e7cd50475534d89cce62a8ae05917007e12b1ccd6813718ec3bf9bbc040c513fd279496d40fd2459e00d9264ea25467d8dd40bceec334f4a74b944095746508c5bec638f17be9bc3ad4f16952f0d4e718d5fe4fd8a5cbb062c83c6d6f24924db7fad5812ec4dce0b3d701b26da34c4f1435e2b64749e81d021f1a8fa2094eb89db73f6c5475c00551d0f92984096e770ddeab0ea00cf72a62bae852a2aff766a5d0d6ec463f3f83662d0000a3f76383ec780d802eabe871969add5b3409223024c5b8299c48a764367a59f50cd94b90d77d46319a87a70d5a181e7384ca563f769a494757e499806c068f170d72e60174429996e9ee22247243a8b5846ba9f06aa25655891af8ea2f472ffe8d0aa00b432616a0689b13337dfc679cbdc3f6833272a51c103f2d37c24c45f5c3044b5fea7aa955afaf5cff42b41e1b0214069216e9523ce871012e3606606dd384b5633237d3c23f3f49517b7c6ef91ff941cad06eb5c31e79a655b15141ce37bd97f20fc428dc0775b994ba05d2170f099966997c5bb71edb576cf1da59811049f4391a98ad4ea8b726f273c1c16dfe18e1a80913002e605762eb827d3676d37a0c1272c3f51856cfd0b2a005c27d3315abda90375a4469a806a4d498df455c0470ce31a30e147758170491c5981e6040c9f08cffc44d8cc28181676c30df89468f72363ebc9d362f058e0c751b8a4f97dad74f91fe26349431f07128ff910afdab24d08b9ad80ff5de6ac8740e0f48715ebf4f56d9449e14946e19a50d678ec30737c2e99d579ef422618861830b5b6abf0057f8644190d7e1b3479babb3780ee15a4806c27298b6c2d79ebf5135d45c1933df073b48168cc91538a5064f5336fabfdc823b8c4456919391ab0c010ffcd09519a45afcecd9bb5894932b21ba63707243da394a7a53cffeb7861beef57552b9f7e0d19fc9927461c6642a145ed2fffa7d0763d9d42c08c4b4beeba59a66c7c30d484423dd32af8489a2b730217f64bf0f73eda28e52c609c4ef27824eaabc0d8671106389385e69d58bee1d28ceb8d6cf380d645983ede43c4fbed28f80ac35420c2a03dd75b36cbc0d76bf81b21bc74f5c112cd21d05c88b4e83339a2c2ecfe988b53721b75914e421691be89302363c958874cb4522ef8737199132e5027dd20b30f43c38748e671879917e426b3443f08f4e2fb2fc54f7f0512f1f21ff4cfd9f5b4c8d90a0f21ecdbedf4074685d59f6a7a4e42abf46119f42c31249ba2c32829e4ccb718d54dfd6a0d0055b5bbb0fc3f90aac49d9fd0cb2af2d35c0f5875b961721bb7c82060518f3ee72aad984f0cba310df12e4efdd355e4a0da09dcf6833ca81527b82b915f58d22633258d78836254c9996c769895cb9c739bae5fe3b6a2b0c7de6bfb7e41d7038cb43e4d6a533bfb81ab02ad12a97f9ed350a76c1e9d0676ebcbb6e6f6173c5914d9b931ff9372581d2ad2854717e8ba9d42c8dacfea9a07ad5d9c1da606a93e0370afb6073f89c2d8f39bcebda7d40ca5bb2848f3501e314364dc7895bb716a2d7c25739bc8ea9672442c6810483a2c9285919bbc54117c3e261a36d7cf6815b2dcb46cfd897786b426bfa68672ddd06519f34b7b3333a45b87899d9ec1e07d0871a817c15cfda3c40edd316b663e2fc3ac55bb3b4740489e18dfc2199b766273c171b3e8d1e08afd87e5320c6564ec84b8cdeb88c2c13b99da9281c94e384b18107607a52a4bf0fd8e40f136422f69d1f34c7727be333112654ef5cfdb47d732aaa2c29d874b4a65f4de4763eff0b66ad1dfcdcb776d3894b8e11f13654ab58c03404f4c94ca93b9ac480222e4c1960f7145fa1673d5b02b48132b1f629afac2838ec9c1fec4b2fcd9be285c988ece28bf41781d1835b2565eea29276c99a6999148853c742653c97243104d91a8aa52383f79946e79286ddd8ae828e7b42247c43206917d66ee9e1e8292ebb00291b885c9a2f588ece99239c7fdf8ad148c59a54d5714d3ba7068bdb68201005b03ab58998538746c31774b57c3b2f2ff5613ea6f99fa343c2343cdde1f311eae786493c6418dde96b953f787171ee84368e3cb3e938af34d0f8e35def3abcd7a797fb3b3392fdf0f08a816538efea05f2fcf87af0d73575eddf5aff52fb0face2b334203188bff0967022e254e98f31ed7e1186a1eda75a87b29c2f7eee26949fb8f85d046d2794cefcb61c7d9618bc6e7c9350ece7d88c8af4997bebbb0eb0f0e8670e3728074af8c9158c53c6a239c0b8256fcabdb5913c76d590c0cc296fb6d07310d572232eb022f8069393779fabd741b6a2f0d16b686434052c20011a24165109ef1e13b85143c2a2c289994fe0612684bc0e28f4bb5ed2df875a5dcb9ba4771ee30a723150de545264c4d727a887fc0dc254e231ade8593a3681bed1f91dba5861bfe0bb07a595df4a5de9924615518f0b3caf5654ad003ae1d89ecb8b872e706b9c6be97a89717d36dc59c4a82eb17cb74961d82d3177547cee53cd012dc1542ea44c3affcf6c5720ebb375d31fcb4f5ebea7c89f6eef76021a40def9380aef3f2e19bb14245bc44b13d1ab4620bf58d85712e6a3a6e0c530e2b90e598db05bc268ca0b9eb04988d8e9708b241b939438109dbbf05816fa0391c5aea06ed5224c8234881a8704e681f621d4c7760578049fbfcd694be67929c2df90ffa3eca0580a2e2c6d1ce566b72349b0c64d4f3da50f0a5ee71edfa4288b1186316b553e068e91831a204c7572fd23f83435b80071ab4dd76de80285563ede61cdcb0bf3a6083b74b78ac008bdc5fc00f67561dac179954fa4e88dbe0e065e13aecf71ecbf63ca7df07749801a6caae69125db03e1b9d813f00565d99d46e209fe5eb749d03f8f25efa1e6f48fab1e482e40d4bbf3d2e70f6e3bac4e4a32d69afc1d5b2f683ca7125edee760e7f19f776d36ebf328ef62eab3f8814bff08ea7942415bf3ead5470270240c19b41ae7ac0a5208a033f8deb8eaf8af9b83e795533f583bc41cf800332c133a6ae493c2b22cb1f5770ff3dcbc3bb7b683d5a88bc08cc0d40ae62c348ec92067640f417e4e0d93f4d8873096b9210698d122c5d33a992d5c8665ac5a0328fcab326bcac5d23e56db20fcbb1fcefaf0b10d419b6dd9c8a8458d7295d9fef965ee9619cedd8a390e81aee47874a3d8ec90ed28bee02116487e51f9d431e792678b4f48a7553e75d4532efbe75886dcc357d1da7737468a0943bf0e54ea28f14457ca9d756e8a91fa6b7a9db2703d0d49dc1d754d7d1766e899367ad48defb4031bf7ac34c41caf4eac676c1793fcc05e19c93986bd2afe9ba7579093d8dc742475b72758cc92a7f3be133d4bad7534e879880707e8e9dacca737457f32dd87574fd087365d69720ba89a83c3c09fa21b893d852471bceb37a035a529aff0e0967b0296a753d1e04c18ac61f812d735aae69746c950d7dcbdeeb740523b35696a8f70ba9351f8552cc1949703684b5b3ff6aec330796540137827a230443a56ffd73204626f344fce214a2d32624349e0de1858f95edd2e25afdab812a5e1c0be524710716fa66e6586246003331806710bb3db5a2e86aaca1359bc8d6b72a72838c9cffd706c7b4309b56a5b2b5711f4caae087cd73b559dee1283d92728c8ce5199e3714e738cc7c35aaf102331d841c229fd0a4773ec213b6bcb379583740adf3335e36d4e50da9f891069a7c8e2d9fe12fe0a61caf15f3d8f52cd709d171bdc0934264f162aae879a092d8ea01933a59a025dd15986cd3b11d62bd61e7e8a7b712e249bdef2d72bc924081462e862e17a0a802095133c400382a8fb83fc41c49ab22e755b2ae55e21af1f0a262d1906125750e6905091f1de8c9736945e95a9da4186e3a517358b881a7fec7ff10d82acda8f22fcf423d8077761c02c64b044ee5ad7476b7022fd370a4fcbc6e85990750ce4ac08d4caececd1ba065b14b1a3767ea12c6cdd86eb0f15dc5b6662583679653cd73814c1d07c4b445a25bd008ae37ce506104ad74bd28af87d001458bb7958c39264bc0b18bc2fe1f7b69863910bd15249bc483f4f365323bd7146ccdcbaab6c29f8589499adddfb92980d39a39c876c95f3c55cdadb42c20a7ee6f3385157b13eb6ffc3e5026f961c43a4352a51cec77a81a83335a7296927977d9753b4f8eb4f9a79992ebb5dfde588875e1909d3d713c789d24f7d4e301e2f6c75cacba29a184f27d11ca3a1e1fc927d7dea8d49b4b9589cf92b74a24d37d9afe8d22fffb342ceddb86b31b1ca70cd166d0f18532d6003490dd039ff8a39f5d74a488bb7aaae24295ed93e894685353177c94a085ddc0135965f83ef3906629a0b6067a7f7076d8056ad8e3f5916b165398a3adcd4712706360bfeafae87a3069c18e3dcdbc23435fab204e52fd93dbf679fccebc76a01ca423079c063f9fe28a4176c65ffd8f3875b990cc3bf96649a7f95abb81bd8a43b624a04090952a38cd7e8ac185fa8ea90b36e5eb469ead24c388d1cc3a525ca7dc21e951392c7f484665e285b163a66a2e39e00dfbfed9ca25dcb8898653a9f7518233f2504c6c7628570181434a10427c661a14abfcd354a487efef2f2b042feaf6c26d12f8116c62317eceb1b0e4026d70b019f796cb5632b5901539b9134a608818f39c62c582ff8e81a9974c3743f891052"}, &(0x7f0000000200)=0x1008) setsockopt$inet_sctp_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000300)=@assoc_value={r5, 0x3}, 0x8) r6 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r6, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r6) openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x400000, 0x0) r7 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r7, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") r8 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r8, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") write$UHID_SET_REPORT_REPLY(r2, &(0x7f0000001480)=ANY=[@ANYPTR64=&(0x7f00000003c0)=ANY=[@ANYRES32, @ANYPTR=&(0x7f0000000380)=ANY=[@ANYRESOCT=r7], @ANYRESHEX, @ANYRESHEX=r8], @ANYRES64=r2], 0x2) ioctl$SNDRV_TIMER_IOCTL_INFO(r3, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r9 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r9, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) 06:29:05 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xec35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 693.006774][T21810] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 693.025426][T21810] CPU: 1 PID: 21810 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 693.034560][T21810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 693.044623][T21810] Call Trace: [ 693.047926][T21810] dump_stack+0x172/0x1f0 [ 693.052274][T21810] dump_header+0x177/0x1152 [ 693.056787][T21810] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 693.062584][T21810] ? ___ratelimit+0x2c8/0x595 [ 693.067338][T21810] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 693.073184][T21810] ? lockdep_hardirqs_on+0x418/0x5d0 [ 693.078461][T21810] ? trace_hardirqs_on+0x67/0x240 [ 693.083478][T21810] ? pagefault_out_of_memory+0x11c/0x11c [ 693.089090][T21810] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 693.094876][T21810] ? ___ratelimit+0x60/0x595 [ 693.099448][T21810] ? do_raw_spin_unlock+0x57/0x270 [ 693.104599][T21810] oom_kill_process.cold+0x10/0x15 [ 693.109707][T21810] out_of_memory+0x334/0x1340 [ 693.114366][T21810] ? lock_downgrade+0x920/0x920 [ 693.119197][T21810] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 693.124992][T21810] ? oom_killer_disable+0x280/0x280 [ 693.130186][T21810] mem_cgroup_out_of_memory+0x1d8/0x240 [ 693.135724][T21810] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 693.141337][T21810] ? do_raw_spin_unlock+0x57/0x270 [ 693.146459][T21810] ? _raw_spin_unlock+0x2d/0x50 [ 693.151313][T21810] try_charge+0xf4b/0x1440 [ 693.155720][T21810] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 693.161244][T21810] ? percpu_ref_tryget_live+0x111/0x290 [ 693.166816][T21810] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 693.173099][T21810] ? __kasan_check_read+0x11/0x20 [ 693.178154][T21810] ? get_mem_cgroup_from_mm+0x156/0x320 [ 693.183682][T21810] mem_cgroup_try_charge+0x136/0x590 [ 693.188956][T21810] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 693.195188][T21810] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 693.200802][T21810] wp_page_copy+0x41e/0x1590 [ 693.205373][T21810] ? find_held_lock+0x35/0x130 [ 693.210133][T21810] ? pmd_pfn+0x1d0/0x1d0 [ 693.214359][T21810] ? lock_downgrade+0x920/0x920 [ 693.219192][T21810] ? swp_swapcount+0x540/0x540 [ 693.223947][T21810] ? __kasan_check_read+0x11/0x20 [ 693.229016][T21810] ? do_raw_spin_unlock+0x57/0x270 [ 693.234128][T21810] do_wp_page+0x499/0x14d0 [ 693.238550][T21810] ? finish_mkwrite_fault+0x570/0x570 [ 693.243913][T21810] __handle_mm_fault+0x22f1/0x3f20 [ 693.249011][T21810] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 693.254548][T21810] ? __kasan_check_read+0x11/0x20 [ 693.259566][T21810] handle_mm_fault+0x1b5/0x6c0 [ 693.264332][T21810] __get_user_pages+0x7d4/0x1b30 [ 693.269261][T21810] ? mark_held_locks+0xf0/0xf0 [ 693.274019][T21810] ? follow_page_mask+0x1cf0/0x1cf0 [ 693.279195][T21810] ? __mm_populate+0x270/0x380 [ 693.283944][T21810] ? __kasan_check_write+0x14/0x20 [ 693.289053][T21810] ? down_read+0x109/0x430 [ 693.293470][T21810] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 693.299700][T21810] populate_vma_page_range+0x20d/0x2a0 [ 693.305142][T21810] __mm_populate+0x204/0x380 [ 693.309814][T21810] ? populate_vma_page_range+0x2a0/0x2a0 [ 693.315422][T21810] ? __kasan_check_write+0x14/0x20 [ 693.320639][T21810] ? up_write+0x155/0x490 [ 693.324957][T21810] ? ns_capable_common+0x93/0x100 [ 693.329972][T21810] __x64_sys_mlockall+0x473/0x520 [ 693.334990][T21810] do_syscall_64+0xfa/0x760 [ 693.339498][T21810] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 693.345366][T21810] RIP: 0033:0x459879 [ 693.349240][T21810] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 693.368821][T21810] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 693.377207][T21810] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 693.385153][T21810] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 693.393116][T21810] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 693.401076][T21810] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 693.409036][T21810] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 693.430761][T21810] memory: usage 307104kB, limit 307200kB, failcnt 1013 [ 693.445034][T21810] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 693.454000][T21810] Memory cgroup stats for /syz1: [ 693.454117][T21810] anon 294182912 [ 693.454117][T21810] file 122880 [ 693.454117][T21810] kernel_stack 917504 [ 693.454117][T21810] slab 15196160 [ 693.454117][T21810] sock 0 [ 693.454117][T21810] shmem 61440 [ 693.454117][T21810] file_mapped 0 [ 693.454117][T21810] file_dirty 0 [ 693.454117][T21810] file_writeback 0 [ 693.454117][T21810] anon_thp 134217728 [ 693.454117][T21810] inactive_anon 252059648 [ 693.454117][T21810] active_anon 5459968 [ 693.454117][T21810] inactive_file 90112 [ 693.454117][T21810] active_file 135168 [ 693.454117][T21810] unevictable 36589568 [ 693.454117][T21810] slab_reclaimable 6758400 [ 693.454117][T21810] slab_unreclaimable 8437760 [ 693.454117][T21810] pgfault 152691 [ 693.454117][T21810] pgmajfault 0 [ 693.454117][T21810] workingset_refault 0 [ 693.454117][T21810] workingset_activate 0 [ 693.454117][T21810] workingset_nodereclaim 0 [ 693.454117][T21810] pgrefill 374 [ 693.454117][T21810] pgscan 4454 [ 693.454117][T21810] pgsteal 4133 [ 693.463905][T21810] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=21809,uid=0 [ 693.577267][T21810] Memory cgroup out of memory: Killed process 21810 (syz-executor.1) total-vm:72776kB, anon-rss:18176kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 693.614558][T21847] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 693.616142][ T1065] oom_reaper: reaped process 21810 (syz-executor.1), now anon-rss:18176kB, file-rss:54332kB, shmem-rss:0kB [ 693.636244][T21839] FAULT_FLAG_ALLOW_RETRY missing 70 [ 693.640537][T21847] CPU: 0 PID: 21847 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 693.650545][T21847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 693.660583][T21847] Call Trace: [ 693.663855][T21847] dump_stack+0x172/0x1f0 [ 693.668171][T21847] dump_header+0x177/0x1152 [ 693.672655][T21847] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 693.678441][T21847] ? ___ratelimit+0x2c8/0x595 [ 693.683110][T21847] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 693.688898][T21847] ? lockdep_hardirqs_on+0x418/0x5d0 [ 693.694166][T21847] ? trace_hardirqs_on+0x67/0x240 [ 693.699168][T21847] ? pagefault_out_of_memory+0x11c/0x11c [ 693.704782][T21847] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 693.710569][T21847] ? ___ratelimit+0x60/0x595 [ 693.715135][T21847] ? do_raw_spin_unlock+0x57/0x270 [ 693.720228][T21847] oom_kill_process.cold+0x10/0x15 [ 693.725319][T21847] out_of_memory+0x334/0x1340 [ 693.729989][T21847] ? lock_downgrade+0x920/0x920 [ 693.734940][T21847] ? oom_killer_disable+0x280/0x280 [ 693.740127][T21847] mem_cgroup_out_of_memory+0x1d8/0x240 [ 693.745649][T21847] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 693.751266][T21847] ? do_raw_spin_unlock+0x57/0x270 [ 693.756356][T21847] ? _raw_spin_unlock+0x2d/0x50 [ 693.761192][T21847] try_charge+0xf4b/0x1440 [ 693.765599][T21847] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 693.771124][T21847] ? percpu_ref_tryget_live+0x111/0x290 [ 693.776654][T21847] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 693.782886][T21847] ? __kasan_check_read+0x11/0x20 [ 693.787895][T21847] ? get_mem_cgroup_from_mm+0x156/0x320 [ 693.793420][T21847] mem_cgroup_try_charge+0x136/0x590 [ 693.798695][T21847] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 693.804929][T21847] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 693.810554][T21847] __handle_mm_fault+0x1e34/0x3f20 [ 693.815651][T21847] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 693.821185][T21847] ? __kasan_check_read+0x11/0x20 [ 693.826196][T21847] handle_mm_fault+0x1b5/0x6c0 [ 693.830943][T21847] __get_user_pages+0x7d4/0x1b30 [ 693.835861][T21847] ? mark_held_locks+0xf0/0xf0 [ 693.840614][T21847] ? follow_page_mask+0x1cf0/0x1cf0 [ 693.845789][T21847] ? __mm_populate+0x270/0x380 [ 693.850537][T21847] ? __kasan_check_write+0x14/0x20 [ 693.855626][T21847] ? down_read+0x109/0x430 [ 693.860023][T21847] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 693.866247][T21847] populate_vma_page_range+0x20d/0x2a0 [ 693.871693][T21847] __mm_populate+0x204/0x380 [ 693.876265][T21847] ? populate_vma_page_range+0x2a0/0x2a0 [ 693.881877][T21847] ? __kasan_check_write+0x14/0x20 [ 693.886969][T21847] ? up_write+0x155/0x490 [ 693.891278][T21847] ? ns_capable_common+0x93/0x100 [ 693.896285][T21847] __x64_sys_mlockall+0x473/0x520 [ 693.901294][T21847] do_syscall_64+0xfa/0x760 [ 693.905779][T21847] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 693.911651][T21847] RIP: 0033:0x459879 [ 693.915525][T21847] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 693.935107][T21847] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 693.943505][T21847] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 693.951461][T21847] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 693.959411][T21847] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 693.967372][T21847] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 693.975341][T21847] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 693.986158][T21839] CPU: 0 PID: 21839 Comm: syz-executor.4 Not tainted 5.3.0-rc6-next-20190830 #75 [ 693.990668][T21847] memory: usage 307200kB, limit 307200kB, failcnt 5467 [ 693.995288][T21839] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 694.009569][T21847] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 694.012161][T21839] Call Trace: [ 694.012188][T21839] dump_stack+0x172/0x1f0 [ 694.012214][T21839] handle_userfault.cold+0x41/0x5e [ 694.012232][T21839] ? lock_downgrade+0x920/0x920 [ 694.012255][T21839] ? __kasan_check_read+0x11/0x20 [ 694.012271][T21839] ? userfaultfd_ioctl+0x3aa0/0x3aa0 [ 694.012288][T21839] ? find_get_entry+0x4ab/0x7a0 [ 694.012308][T21839] ? find_get_pages_contig+0xa20/0xa20 [ 694.012325][T21839] ? ___might_sleep+0x163/0x280 [ 694.012346][T21839] ? __kasan_check_read+0x11/0x20 [ 694.012367][T21839] ? find_lock_entry+0x1a7/0x560 [ 694.012388][T21839] shmem_getpage_gfp+0x1f51/0x2680 [ 694.012419][T21839] ? shmem_unuse_inode+0x1010/0x1010 [ 694.012442][T21839] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 694.012458][T21839] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 694.012477][T21839] shmem_fault+0x22a/0x7b0 [ 694.012500][T21839] ? shmem_read_mapping_page_gfp+0x1a0/0x1a0 [ 694.012518][T21839] ? find_lock_entry+0x560/0x560 [ 694.012535][T21839] ? pmd_val+0x85/0x100 [ 694.022809][T21847] Memory cgroup stats for /syz2: [ 694.022918][T21847] anon 303767552 [ 694.022918][T21847] file 28672 [ 694.022918][T21847] kernel_stack 983040 [ 694.022918][T21847] slab 5373952 [ 694.022918][T21847] sock 0 [ 694.022918][T21847] shmem 0 [ 694.022918][T21847] file_mapped 0 [ 694.022918][T21847] file_dirty 0 [ 694.022918][T21847] file_writeback 0 [ 694.022918][T21847] anon_thp 213909504 [ 694.022918][T21847] inactive_anon 254787584 [ 694.022918][T21847] active_anon 11780096 [ 694.022918][T21847] inactive_file 0 [ 694.022918][T21847] active_file 0 [ 694.022918][T21847] unevictable 37445632 [ 694.022918][T21847] slab_reclaimable 1216512 [ 694.022918][T21847] slab_unreclaimable 4157440 [ 694.022918][T21847] pgfault 757812 [ 694.022918][T21847] pgmajfault 0 [ 694.022918][T21847] workingset_refault 198 [ 694.022918][T21847] workingset_activate 66 [ 694.022918][T21847] workingset_nodereclaim 0 [ 694.022918][T21847] pgrefill 1400 [ 694.022918][T21847] pgscan 1627 [ 694.022918][T21847] pgsteal 198 [ 694.026975][T21839] ? pmd_val+0x85/0x100 [ 694.032133][T21847] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21828,uid=0 [ 694.036901][T21839] __do_fault+0x111/0x540 [ 694.042000][T21847] Memory cgroup out of memory: Killed process 21828 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 694.047167][T21839] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 694.208392][T21839] __handle_mm_fault+0x2cb8/0x3f20 [ 694.208414][T21839] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 694.208440][T21839] ? __kasan_check_read+0x11/0x20 [ 694.208460][T21839] handle_mm_fault+0x1b5/0x6c0 [ 694.208479][T21839] __do_page_fault+0x536/0xdd0 [ 694.208503][T21839] do_page_fault+0x38/0x590 [ 694.286020][T21839] page_fault+0x39/0x40 [ 694.290171][T21839] RIP: 0033:0x453210 [ 694.294066][T21839] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d 06:29:06 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) sendmmsg$nfc_llcp(r1, &(0x7f0000000200)=[{&(0x7f0000000280)={0x27, 0x1, 0x2, 0x6, 0x1, 0x9, "3312acf61750957c473696590d5ade080aa7204a35ac6c60c2a2aa0261f0c118a34b062f0656e71f6c7320132adca38cc536a1695c80fab88c7cb2b682f179", 0x34}, 0x60, &(0x7f00000016c0)=[{&(0x7f0000000440)="561ed15036985edff95c40fe98e2c51ded6f1b258326b94e8fb9245fca2eccf2c94c9033a21ab774ec30ae5c423a33bb5dcadaf12d47cd40f3f844ab90f2c48d1057b08a6a8667c694cbf96cd87eac8c1237bc1d07dc42722fd741814aabdecc36ece7f457690b64f955815c6cd71519ed7eff0ea2f19ea497f5ca114c4a9fc076dad0199ba4ffa7a81067af8f1c98970f6a92b3988ead32c280c56bec2e9b278259c41dbc533ae956c51cb0126277684183c9b5574443eece161ea469131e4428b3ae204dbf366aee272eead2318014b58aa54221b6a708d9ec76b3ab57470113e30d15d6ba08d193b148e633143ec4fa7d73ceaa1d6e420bc04152f7f4ddab4fb11876b7dc722e6eded879b170eeeca787374704c3442dea058e76ced14c346d5c1836b71c07c25c62bd76ccead0a7e6edb50ae200178e18e020573916971f227fafc1551b70ab3c09acb5ee1a1b37e24a70f26a6a9561a8df3e0e3805ec5c8bc334c6d51d6209e18554a4c03dd5e46129ebc6a87579ffc0aeb58c67f6b84760dd3be7c84499b9f2fdb951d0c9a70c552435240d8f72d3b81e08714f76f7b023eefeb07e2a14a52e03c6a223bdfd4ad8f1cbc38b34068d8480563fc6c9407aab7994747036add05600f95b2c548af8ff196d814d461001f1af0d3dc7d9451a1a773b68c4fd0ec4506c38f5a418f2ebe8da2b6a95c69667dfea9cffdc6f50c777d76732f42a1353f5ecc9417ec9b8ff78836a7be9ebef1f24862e6ef5f9a78545b5e216500e6b657720b1fbd79073f736cf4cd94e5b670df162b9a496385df0ba10ca5896a837b8f874611b0fc5934ad5a471295742302f7bb23ecb2282ee7256b39ba68ac84a8fbde8ded6f0fd22dacba6e9b8ed8f6bf2c206e41ed28d309f30f25d8de160ea662f6f0bf7c69ab215113bcf682f95848db237a949439456b76405af9faa7555069fb28be1f0fc0309e8df0b058cc09c437c7085104d01893336bfe5222d969900e205ddc317dbe22ef9aa8837650eda45c5211245a6cc1400d3d03208254deeb811585f9c5960715485ad2bd4f77130d14415d8252440407445acf8e8becfafed2cfb9aae6254d7914a418cbe773818e26a149032549d0de1b227a3b83b1f55dd475271009f760e5c10ebf703ccf7174451eed35d521e9286da43e42294562cfbbe3949ecb9d4fd576e2dde757605eb427839c7580fec70e2fbee1b2905ca709e0d542bf03c116e96f98efa9f6acff635944c5faca73d319036e4dda1d5f451c7557f7db009a334168ce6fd408ef8ee034650c6440e5ebad595c1fd24839f41c0965eec98635ecc3802d5f8190a40d6fde5ddc0c3e7dc598ecd1da6e122efc97ec9d015464d23e5ea5d22868e98a69559ae989145bacf22420c3492517bfec7cd437e72e20e4dd8692408f440979721a7d71acaaf1350119443845da9fe0b175fd50ab7fbe2218a1866106f831cc55d336d823b6178a2ce820bdfb5fcf524086fe36370bd86df950cfa1fa8f1fe4c20478c548f39dae59128d44c53bc01dbbb67b18ae4787545097a6106ae7ae82bbd0ce65b39255b0a9c742ed560d39f8959e12f427b4621c8ece865666a0414f4ea95243cc221e9e396b44cdba44aaed6346d554647373c1b34685f82be2bfc3d02422a0e2413e96694ef27573e94e9c5b1e678a76bd509a1a8907a06ea5567b3cebc73d52a0f1a52d022eb9d7c82e155cf94e6c3b3b1c109b72535b7d693708ee18c85adefe8d47ec216ddbab068ee830dc5c8b98f58df6ce5337edb9cc1e6ff8c7a04ecc8b67664053c6fd3a89fb5ed9dc05962fbbaab165af9744e89ea699b4f94d05b1b05fc6c55c1d74c339d19b6c53f394b45523c5ad1c82d94161a0ad069ce90f5a916899bdf69dc2d28cd3fed05329fecf0e9994b3917d500204a2e32ad007c89af08b8b5ba4e2659ee6c499818ea08800a9b7a339ce6b5bb93d70cb86bc3f5c075d0e32ea99e0f091fa5236ad131e7953c6297f740a7a043df7142c51a865b28a39a55cfa20fac44a552822938c17c73fadee7e6bd021d06ccb599d40829203f007bc17a84a47e9530ef1fd851dc119fc5672089e8cab1e53ce652d78a63e046705beef39aed091258ab88c256360c025ef88b08944efcdafa3e60dc8653158efd9eb69a427af57b00206128c022d8f1852b15439d071267ecb3df8ceb839d1a26e29704a428171b30acd933191864e5a26928e257b2e35edacc44af0f73d7ca90ff225f9dddfcc0e59119d29dac4d03d7b86361050371d16ec0656094dc4c6a9b033aabe07c9b33a91e564592830b3384922943ce215f96dc0b31a6cc856c43e1823e48b6a7c56bb889fb14284e26657dfcaf793ba4beb8fb1ef244b15e8577ce1647292015f3f3ffe14dfe2ccb103fa119e05f4903155bbe8d7d40361e1cb69956e8835becd77dda6b3ef2b5376c9b852144ad62ea0ae89a45e4096d7618d4c0af4ab73d34a55530ebbd8645e0a9287dad76235cfa70c73e55e88a0580453015485f20f8bca53b6ee30411c3fefb8163073f5e2abc81dfd068d42fe533f803009f7de66588a48eeace08ae20d24751cbe8ec4e29dadfedafa13bbbc09ec654ce76e7eaf8346c93c6c94f5174d72c6722706c07931bb99982cc91a54ca19915ba4e1c699e74d71a7024ae0321ed3f4824471a94a455cb251d13b9a5d962de263881fe7f04a56d9233f6c1f6e605d1b2961edc0f10e33cdc85c25965e3b844d07c06978ee218d2e7863b0bf776514a766168628140f615133e2d14faffa855c04859ce9aad6f5d04c70726952a3e9f2651138a846a11a86b54e624aab6aaf7e16c6850ee4c72f42a8ebdafb63b550b553658a78b5edd7885c672b0d70da1084cc3d37c1932083e151ac17f214b82f4400ffd2e1d2215c272f007b80c3be33dfbfd2581c403a852b1cff041260cf6d2be6a212866b0176ee1753ca693110119b7acbadb873c33ed3898376392f1cca1244d597e7c39f50e67d226a6d6a48a652a05d80bae828897babae3f451c825921e41cf91ba70b0dcc4cd4fb09986bf08662bbb4bbfbcbc70fbd2f747d3bd3e48808f60635531e803485e77a5d16abecf62b1b87d7aed0da4216d9e95f61131bc1c88e0689d9254e940a7eb9b9fd3c2bbe67a9b1342fedb29bf319473a67e0adcd953729c9cbb0c063910f9aef21b968281a88f5c402c307c60f450fb4cf9dd1074dd1be28b920b2bef4880026014c0cdda6b7e81c7a052d177661471dda31ee0aa65a332c51d4763fda39801b54068388d97f7818a09f9929ddd2efa6d43a77fc31d41d3e4ae0e91ecf7b3faaf9c25ca936db5d9669b566c9fcd32c3ec73bb2a966423dd3781acfa2c8e81c2691237fdb76cac7a7738df307c4bd73869d4a00cc9314537356b036768228e13da85c02993bebeb6f743153ec693d6fdd16ccd10d34e170a75999ca91f9d0db20771849316f6774b5c8a9e7cc911adc919a89725f2d21ec01195a7a726eeff44e298ab46776ba5490712696f596456efbd8d130bdf2d9430b897c90047d2eb3a4c085c31155a52f1a142299f392fd2ef94f7ed48189f859f6d24680c01234db5df053dad8c7b74aac4a364f2b12a547778b15f362e42ceffc2beb56510a57a0e7085f9df2804343edf357a4b2b05c92e2bf4df8e89a1217cec9cb164e78302d9b0183b88eb2c6d2f2056a2381faaa6693504a87a01eb1540384413db33117d0ad08d7c08ed69e03c0f40c0c215ed0da20eeb07770cb59bc99c8cfb51208403e3744c129c09efb2093adebdb5365963b41fd0587e94b4e625660fb1f7b302396a0fd28585bd8e299f46a887d44156019fa4d313a8e17075f3845198054ef0b8836da40ec12bcbddcd42992d616109e2500c082bc98746fd5fb9b7ee2e3da815ef757c9679369b7853ec7408c5d33e1abef88b51ddc176bea822894672fdb1d5a35a53c74ffad11dff8c7ac88a7aa0b944c710c259356ce3123c198ca49a9cc6f44b3b6c45b0ca5611fd9de87497a518218c7a62d2329aa0d1faec3bb35c24b3bb49c277603719fd62a81c181259387f4ed28d28af66060ef9c22b8192819fac077ef6d283e67f6ddde18a168b4247835aadee6d266e919ba55957a3bd65adeec3e37623940e043726d3951f982f4f7e71271cccd6b94bc296b7486faaacea531251459bebec498d4dc0bd7b50c4e6c525ddcafd1ce9e06b6120f3a3b362c3186ab2dbd1ca158deaec2b63811451252921580eb0d8f37003133846019583ef1cbdd6cc31be8746fdf5a2cff6b4c113a6e65c438d69c74ea5edec881d2762e0f121307c1f67d438c11a32c0051083ab7aef4cf178b92218912e953321ee7879e49bdd725639c4dbb5ea24a688e609f08c84815e464c7345fa0ea8c79e2f4782df6529e9ac772d848b4114238b75e32e1448b2370b9000bcb86a8611291a35a6ed5e540f3ab52adbb0d39d261e33bdd51725b8de2d00c6b47f2f9b96ef2631bd56f3e0a6cd962aa3cf7bdad3a3cec22fdb19b8c304ad352f8023c285fa071c31282e8962a5b702277be2ed5a818e5553548917fac09cd7018ac591d499af6242f096b259d3ea85c91c7ba1e0b5b8a070662656b952dd80b157867926b5a29855099e6e6baabac7a5793ef1f6fc38eee7a43c8d2e4bc6736e6c640454c6aab7fa7db5b9e1c94af8f1edeb96735d5f7d638095f5432500d84a2b466ccac654013b2fe8935bb3a38500e6d4c8c29583f75bcaf1a4083cde80c13a6fa212d4c58f1ee0020017d87ce7eb98e683b08c716e6141d7f17bc76dedeb2caecb5a958926b9d16e9b7a8605611dbc45e54e9ba3bbeeebb46e166970220eededec2acbb9d084c962602523deca1cc57ccd830b86cb4adee36e43790031cb74c9681687fff275ea25dc2f243bc633912840db98533f9b80fbbcb2120bbd10213d0e6fed022e015ad280e97da71c45de6b50a760dbf7e69d9e842080417b216f76d2449d1b668e34499c794e60e1b7d72b1c98bfe4f117c631ba3a416405893c318761a1a92242faf681291a370f01bb2d217fa58a907c205b80b6fdb22a63520dde3926c02396ce3370c60e3a8ec23657a9eddf177a2a5d87f64333a61489131e1ac95818731418a0bed6c7c3257db6dd3e99c795d935043c458e81a0ca8cd9856fa1d8ee525f83715310e29ba6af055e6ed06b1934a1a81e601434a91ef34b5179073d131da08ac827c54f2e4bd7f811937410d5aa5c084bc1a7719623c42b6e436cb35309aaaf07cd1abaa685bd0d89edf48b6b2d07be9d5ce7c024f87e9d183969f5cdfa2cfad40bf7673de66ee3be642ca2aad7452713b0aeea435c9b7579023fcd91984dd97e4552b7abe44b9d4a4a7513604a41a8ec0ca127849061da9ab1179fdb151a4650945ff1438c806c2a8b08eff6fc76cc11f041c6f1399ac74d01ba2f08cd8012d3b553a0837b47def4ee94f1c73089bd24edc2a38eece649b07e5e90786c83c9cbf3a1fdfb4c8dc70515160147ff1850a6ce099c3a3292e1ba3204447f9057ebbe1e0fd87991b8786ff9cd015552d3f478b57810bae5d1f5712934256c55638a3b7913b8b9aa04c713140e8a356fe7912ed063a4cfef86479b24683a9ff38a5e09629a235882bcabaf1fcfde22b54b81a1839488a892b16bd8e4837db224ff755917e3ec2141b4c48367d50db1bce6e168ea7468894bd45bcfe830e6722fa1a88838d48cb560221843fd0ec699db773147c1be53e87659150660d27506d63467841c31dcedb7228a1a75496b", 0x1000}, {&(0x7f0000000300)="160202a66baf54adbe7a9a780a1df857494dfb6de8e237170617f4629626ee6a1e97f335941ca5ebbeb1388caf575564d25a9e3b228546c31165483d43828f33b583053405028489be4e66b6bf2489fa0ed1cfe841ac3beebf023ad78fd4fbb1b26b741cc102dde4c557a8208d24ec2006643ec4b39e7d1c299f5f084c9f97b3eb817eadb9cc42bd23e1dd6c26fe4987884f049726ca", 0x96}, {&(0x7f0000001440)="8534ecfe13d5f8c7a397e43aeee55c411b50f7be318138bcd5b165302e589810daa94f9db253cd1ed56e4b8d0b158d053d8aa4e92b5146ae082e3aa2b36144e6ef44f80590ce37ec692faa6bb0798c915bafb061d0438b7ffe627c65d8a684e203faeb3e", 0x64}, {&(0x7f00000014c0)="d2c46bdc55d46c553ac4846a17660b716a21fa6ae4511d386b23a73c23e2631f6afafbe5b1457eac910857c2f32f73c7e863eaabe17967423508264cecf999fe51dffbc5c0b3e7205dc37de818599dd58349e3f7789183f1b34a5656adbc9b560bfe1396da7a46023bc1bd69e05d550e8467bf159f3d4abcd8b4eb9ae7bdada944f327e2539f84c6cca7fef080b823607ede227c", 0x94}, {&(0x7f0000001580)="0ac339f8deb32616992e5658a1d2595d2e60968a786b8f6ac0b6e6b3705ecca65ecc3ae8514d110576b0724dc12015004d0a3a0ecebcf215de0897e926053710dca1194b15da5812e2757f6bd30a923aa9df0b577e98f91b2c", 0x59}, {&(0x7f0000000100)="5303ee6c", 0x4}, {&(0x7f0000001600)="2b8ed2171bc52c0293ea25f789115cc786789d63a283eee9a758fe978930d9a199911bd34cecd9559662f32f26790853548eaf52830ba7a3cf879b116796ef8e161d5ccfa6a50faa223d9357d27d4995db9b53c22e00826e11d8b378d5713bd20de8c78fefb3d885f04ea6cd3f426c4dc36174a513e5a3076cfc7811924c193023548fcec774a6789d54314528086d11409af23d228004e32f4a679962962c15e441720fecd8e48413287f2d8f18582a", 0xb0}], 0x7, &(0x7f0000001740)={0x58, 0x101, 0xfffffffffffffffa, "1c319b6d1a4d67401c2c2b0274723cb06cb5755a757639310bdbef3700609d3229ec6a425a6d54a6005f8744a2f248f533be7e86721323e09a317a17929d57389e2e14f756916d"}, 0x58, 0x4}], 0x1, 0x8000) 06:29:06 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x10, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 694.313664][T21839] RSP: 002b:00007ff1e67fb7a8 EFLAGS: 00010202 [ 694.313677][T21839] RAX: 00007ff1e67fb850 RBX: 0000000000000003 RCX: 000000000000000e [ 694.313687][T21839] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007ff1e67fb850 [ 694.313695][T21839] RBP: 000000000075bf20 R08: 00000000000003ff R09: 0000000000000000 [ 694.313709][T21839] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff1e67fc6d4 [ 694.351692][T21839] R13: 00000000004c8c4b R14: 00000000004dfbc8 R15: 00000000ffffffff 06:29:06 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x803f00, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:06 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xed35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:06 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xee35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 694.920816][T21959] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 694.931371][T21959] CPU: 0 PID: 21959 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 694.940485][T21959] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 694.950533][T21959] Call Trace: [ 694.953826][T21959] dump_stack+0x172/0x1f0 [ 694.958162][T21959] dump_header+0x177/0x1152 [ 694.962683][T21959] ? pagefault_out_of_memory+0x11c/0x11c [ 694.968321][T21959] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 694.974130][T21959] ? ___ratelimit+0x60/0x595 [ 694.978725][T21959] ? do_raw_spin_unlock+0x57/0x270 [ 694.983842][T21959] oom_kill_process.cold+0x10/0x15 [ 694.988966][T21959] out_of_memory+0x334/0x1340 [ 694.993644][T21959] ? lock_downgrade+0x920/0x920 [ 694.998503][T21959] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 695.004317][T21959] ? oom_killer_disable+0x280/0x280 [ 695.009539][T21959] mem_cgroup_out_of_memory+0x1d8/0x240 [ 695.015095][T21959] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 695.020741][T21959] ? do_raw_spin_unlock+0x57/0x270 [ 695.025866][T21959] ? _raw_spin_unlock+0x2d/0x50 [ 695.030732][T21959] try_charge+0xf4b/0x1440 [ 695.035164][T21959] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 695.040714][T21959] ? percpu_ref_tryget_live+0x111/0x290 [ 695.046266][T21959] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 695.052509][T21959] ? __kasan_check_read+0x11/0x20 [ 695.057541][T21959] ? get_mem_cgroup_from_mm+0x156/0x320 [ 695.063197][T21959] mem_cgroup_try_charge+0x136/0x590 [ 695.068494][T21959] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 695.074746][T21959] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 695.080393][T21959] __handle_mm_fault+0x1e34/0x3f20 [ 695.085517][T21959] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 695.091088][T21959] ? __kasan_check_read+0x11/0x20 [ 695.096120][T21959] handle_mm_fault+0x1b5/0x6c0 [ 695.100898][T21959] __get_user_pages+0x7d4/0x1b30 [ 695.105849][T21959] ? follow_page_mask+0x1cf0/0x1cf0 [ 695.111057][T21959] ? retint_kernel+0x2b/0x2b [ 695.115670][T21959] populate_vma_page_range+0x20d/0x2a0 [ 695.121143][T21959] __mm_populate+0x204/0x380 [ 695.125748][T21959] ? populate_vma_page_range+0x2a0/0x2a0 [ 695.131392][T21959] ? up_write+0x1c8/0x490 [ 695.135732][T21959] __x64_sys_mremap+0x7dc/0xb80 [ 695.140597][T21959] ? mremap_to+0x750/0x750 [ 695.145027][T21959] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 695.150490][T21959] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 695.155960][T21959] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 695.162046][T21959] ? do_syscall_64+0x26/0x760 [ 695.166731][T21959] ? lockdep_hardirqs_on+0x418/0x5d0 [ 695.172019][T21959] ? trace_hardirqs_on+0x67/0x240 [ 695.177078][T21959] do_syscall_64+0xfa/0x760 [ 695.181604][T21959] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 695.187496][T21959] RIP: 0033:0x459879 [ 695.191397][T21959] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 695.211007][T21959] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 06:29:07 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xef35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 695.219434][T21959] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 695.227415][T21959] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 695.235399][T21959] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 695.243380][T21959] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 695.251351][T21959] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff 06:29:07 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") setsockopt$IP_VS_SO_SET_EDIT(r0, 0x0, 0x483, &(0x7f0000000280)={0x0, @multicast1, 0x4e22, 0x1, 'none\x00', 0x8, 0xffffffffffffff81, 0x17}, 0x2c) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec119eef2c50c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") getsockopt$IPT_SO_GET_ENTRIES(r2, 0x0, 0x41, &(0x7f0000001500)=ANY=[@ANYBLOB="7365637572697479000000000000000000000000000000000000000000000000001000004c7852ca1ce2e15392aeed102eb05aabb08fb93ec59f264f0129d51dd4d12d8428e4ffad5bd972ce6b3c109aaaf44b091fe406605c9c852e95d4bed08c926c7947e813bcd546c702cd29f0cc07b07a85d4a5b256c7b2f2daf2a55656630c201b031daedc50c57362f9b82fa6a596f7e0a3abd94b1303c5a023f9a96e13eb7509f60d20dc33e4c7943d561006d5b2eb83af000f1e9c0628c0b33da2183aa05a5bd144406939cc375dcc0be8a677f35d71cdc0af219f132966fa0274995d38901a2cce78c725272adbc209a6af204b16579f49950d0d5eedfcb2cc9134d1d790cf945a12a9e25a9e19b53586ce14945937b3aa0bb1733881460df807a91d2a307ab48039d4f8236be5c4f8e7bd45e7ca2a97b8b4e1c6a94b4953ebc6bbf09ce08bed652ce6d77c781451d1d0e12170f8a41b248fff6b4d55db0032ea52c02dbbb6f1a4b02e1ef5207e7ec336a2d611f71b04cc125e13a84040bedd5df92f0f46498adae59513e99496b451039f87709047a28415fb66ce420a1bcbcd32f20f9b32a5d5118c41a713433d7c41fe50a104d57a21b1e8cbee1b8be24d9b1118497c3f6941824d4b588ac6cc77ed54dc33b1188579f9c0fe9d69ca4b37a2fb967d3730e4f1edab8c713bc40d676c9a546b6fdbfab79dc65b5a9bec503cd6d83803f9f5695644bf17066b37de68d38c327fb4ea3973434e154af6dbb9ffa39f8c2c74d5138b490a606fe554034e7c1611128b8a6ebd1aef2d92bdb64fe47df5e7bf39184b423ff78dedbf944b6afc7c999d69014e5588093a8b9c4fef1e3e10c9032047732613e0233daffea3777cc228f7622677d236d32351889e8b43129926f7d04464a0a71eb4db8bd0a300449357972e41f4fbd3efabed8baa89bbf7d94318ab343a3896c08a6fd771b4f5b82ca13170d4d99dae472c6678263e18ba17ac366d28c6d6a917fc4ccd90bc1a4cbd8ddd872e92f1e8b5d219a3c292ce50e51c974aff3e337d6b23cd5161fd4eb5363455498572ff62827ade47928e5edbdbbe3c00ae52125ebeb7d58085ca7466e91b93d1ab23efd9426042ac8b248600aa7875e1c53fc71e7580800d2c8ddb862f7adc7d1b4da8c3e7a2a51a92ea9d4196c3ace81e8ad6df5777e7da4ea22cb858e7843f17586e7fc0f5949e40fe16d961e0504c567be97260dc9ecd54296dfe5b60fe6b63d8a4518576ed53a52343d4f17ed88719a484bcf6ab219aed587217a6b1fbeff3af4a649f057220739ace98fd47385ed78d3e4ebeb567de288a15a95c052aef27ac4f8967916b91476a5810ddbca19cbe2ab49de1317e26a5e2f4095fc8da54624945546c4e9e22de88d71e19d0ecf12f6fd3afc612cc49b308dc592acbb1ab3394d4e8cf6fc354c2f144f1394b2fbc18c87d1b2e50add0572dc004b0ec4b7da8c29550daffb525218aa0ef879b045fc0c6afd126dd725af50863ef422cc6c0395005949562d45d41dda660ff283adb1b8417f3fb899d3c98ca1a8232836f385a594ee346c4113c46be7d276ff6ade099b244bfbc97cecca13af3802fa6a06753c1b2c7da3468d14d0814a7719faf14b559b45e5028157a8019f8565f3b8939f7fef8870a73c232ac78e2e0d4c1a02882b1669a491dfb5ae0acb219da3d3fc64b972189b9ba32017c918b63fee40e647bc4fc3ea8a6a1359c68b1cc37f19cc4da6e2857155df4a61e08086c3056981fb902f1630947d96fc6dfcc6b76b1fe2ee52b42c35bb49e76d26effb69d4276e5e56b2a94723e463509b8aa71936bbc0395b576c44794c8d40f6fe8d8b0e75974447f6bac4c27cc45e23bd75d7c652233f2b1af64a4408134edc458490cda77c6fe6dcd71b763b4355a9093dc945472bf4e1ae79a6ed9d130caf6a5f6406e841e8b6cb80c9a1b449706bb25674303c85804898b8720ff445af1273a9ef8a48766a61ae028475b42955e288f44214e1cca615e1c9b00f642a7641d5a8e1a0b24a7c4cddd50fef24d10d4d9313bc75901b781f130278fddbc3c58f68514fa2a8a9541340a82665788862bea90e7c4fd50723d1f1582b596fa4758e03da34a0f78b5685e2b1e0336f7e2ff901faf1d2b458ccf046691697b684c0a9477cab3af0fc7319e9234f59226ded08e9f62c8872d34087b2d4a5357f6c6bb6db6047947a08b3bbcbd8ad3d7fbeb49abcdba5af02d695652a2c66175777089343dca1e8214bd85aa5ad2559ce07ab777279f82cc27c4118a88cb3615ea1baa285d8bfa56e38cec2de020bc930b50416522a6aaac024762881fb35ab164925a3a6254177dcbbf65c0b6acae768a1cb8837304888e6c5c2a374e785117249e33da717e9f8d128a447e0113b12414102e93cf5200a131743a9a6ac5b0edbf5eaa5d764c76b5ba9b92dd57f4fce4b6ce28d58f3f920186731105cbf17e66aaca107a6050379cdfd4496fb461e63692c569a45be271f370be54c83d369eb0ae64d548f9bdae5207f2755b6edcad32bbabc40f588c4b1640ca2bac628f739d38c7136df7502eff78c9f9e2e956a268b5eb6cda76bf70a99d39abf4beafeddd1fd45a108a9a25d0a22c973c7de589bc2915e65ca23c80bbc48ba36a168567c7db27afc12fd1101538e4c7a73ffe907daab3efb9984563ab3d3c0031ac4bcd08bad89523a1f9042712257b553ace18fef2e5c748feba9e23574285632e831d66d93f51131406e01de3de1c79523612bff1f6cefdd11675e0fc96a8cfebb91f4c4058a8344ef4ba44a4facd3e24f64cd0ec03b89b85b1eb6f5a410138f8381c433ff86487fd1e83b44fa33e7363e88d7e5ded727497bbdf51a8037b0d3d92b1e428dfd63e7d8c1d384d7176d5b96e5e2e8e6aa12d3f7ed1a97c9188b790785e138a4432effae8731014903c69cc78112833330f6b4d34f4790ff07f61411475a59faccd6c6b956e8ed5e3c67af925405758872164a50265d87fb1035360f7e6027fbcdbe744bb983c82f629369e0b178da5abb54e23f7583e4a415ff5f1925686446620a6bd118d043678f9bebb8023c8f4048363ddfcea329068781e1b9b448f6f7b1a05121c3db2e1dcede0368320fee091b679b396d308e1f469a445894bfdda9b1e2c88cb6c586ce8c489f0a74c2b9c81becadbf8a1bd8b0782edf27ea8b163463d1bf09d2eb62fbf02b7e5a7aea760f77cd78c86adf0107adb8cecb500b11d90c8e3f33748f2dbed827c21efb6c5f55672a5907e2d4fad870ce19b695c1d8c38c8177ab6348c440e6fdfab8c5d15e2b319c12f8ce9fa842696085b4adebcf244ad6fbc84d1d34d596034c3274a076a0850284edc89df4d29ab04b197d5eebc2ed01a2153546ccbf50d712f0d2aa2ad43cc337490d2d906aea38cc511a95055b818ac9f51f7d1084324494c93fb0b71b04197652ebb2a3de16db76da95d429d4e140efe03cc8c5e28a5f503a4576da456d7bd4193d8013d844704659e4afc259052e64ac4ac0beda99ba8a2d507f6b0ca54b772ec77a9956d1a70d4beb0060432a55fc4e020b3e2075cbcbb0a7d9a972b8e3cd58ec186f9b522303b030d87e6b20b90dd6da490cf2cf32ec2ff74f1a8eb8d99fa6818448884bd6d35413bf71d9d8bc19a4bc2d2497bc630d7e73a482145d44ec965268ece45476818c8d09c0e463a17e0b240399dc29afaf1e8c93ba964b9452a9bd579d6c8679ec6750c72e64146ceb46c15d651c4ff647310c563595d5b1099f3fdd0fe53ac9dea8e21b4e7df32c71be8a0e66943186f04d73add83642466e194ca07c287a5655dc1389ab740000000d4bd900e035c66dcad00b6cabeb3b91064db4c3e617b05edeaaed62a7f3d1b78dacf5bf767bae60f7d2bf0a7dbdf75dea302f64c4c9f8d3bf85b4b5dd17112c8fff0ad228e2bd5f1f786a40a8796835bae12b01b5b257857ff99ec15b130a1591241a263e79558b45c01ee199d2bbe27b176868438d038b70efc4f8cc718166567c0842d4c0dae15826cd879dc6767ba3b084ed9cc68b8af7f999d8f5f60c5ecf71b554dd0fd2d0fc66f30948a1dc79e8da350b3794f86aff19ae7cb7148ac7c738db1675945888d7d3a02c959e7d74ce2bbc25d5ea59acecf2e519c2275d6c6cd7f41df6e33582a47a4036801a1615305e2250d004b73bae2932c2131d4e0eab267176023bc698da8c8a3a308676b89b5b30bbab9080efeb29cbde49ad9d40d64d1a7414bd3ab13178d5419f7b3b2ac4ab3d60a9bf380f8b9cd81a9c0877fc7d5740a3a7196eb203704cdfc9e68d640842a2d8f9045987f4f3a24f31f959586283b70d9c051281caf6d3d42ed6e723432147f27aaebfaf6ff58277e6b847582d3bc633020e1730dbe05ad1ae17e8a02dc1156f147bde26cc588710a1e3b2c47daefeb55368823c22c1930c81e9c3554ad7e150a6f0139301d4e56e29f1bfb34421d727da6a7128524e242d3590b431595b7163625c67bc9c975589f541a81220fb4053d238f7d8108184f9671703e3bec5b4d8727d74b20fae3b249a2198114943e80e8a7fa3c5b841e3c91da77fe7cc02c3ee0c7c182de9a1bafe4e9d61cd79e8b05cfb91e7b1ec316f61a40aa72c80a35cffaeee9bd3a34cc74344cbecf9a4d311d19220af757329751e6cd26691391dc3692e0d6f3ac59d1bb0c194b94aafe153831ecf72246800504e3a6d8a5f962747ad254c63e13c38598bd8009e64c048d0ce6e191fb7722ef00025ee1621985ca09b0cfad1d6c690a627f8bf3478af38a34e41d1daed9f26a93f8a1a197db598b0a467baee0235c192fe2f8bff5489550e1fc9fc7b696320b67f40d5e43acaac9a2ab4edf5e2182736f09eb7071aad619e56343d3dbfd36a2ee3407bcd4bd2a5e8dd1a5dc3ffd1ba5a7aff6365d365742a81e8454e6128f2a783d6769b70fb7e5f2f9372eaa2ef56beaaed987f3720a719397254f4f00189ce408ccc123fe9360e9637554ed4a4c15b2188f16713f484c143e2e461304de373476d5ad12d47d723f1d6496c5daea5fb883bbae111b7aa93d594e49649c75fd75c47384d44a5e09cff13afbf6d5e33dea9fbc7be60aca09b6c6a500d956a1179f8f7132b53100da97a7da618ab445a499c18adda8378d90057a46bbce5470370601e76234cbb4211ac52ab59dfe13175db28e3628c016ca64cb97a4cb8f919a5b1c506af4275c15788ce79abeb5ee5a8ad37883e117690ef9c38cc1ed1d26308d518776724ebb2c0b2d21253fa186a7ac0d703303afac16b4c45ac99e6b164b6ec54b2c8a0ab46c4d1720be850361e60d1758629efa2c2a6399a04ab4ce11383e43ba1d9d892920a8b85ea0181975713c39234de333b2989e0df3f3d6f5639cac2489ce525e9a95d33b157a670ee89081d78f57c1a712fd5ae618a1f149f826f093faba2ad147b889041bd128feb724e15e9b8f5c72d564d98910b519b9ebd9572a492e43f03f9a04a5af633a0e23164ceb4e40cd02621df3bab2d2b8bc4b978b67e8f3f03914c322e6513a6827262c44204c7c0d32e1ec5306bc4dfc1d0318fa038b342f8a35919cb992d6b78e152958dc2537b7f9b569fc5a1ee312e1a4ef5ce8b4da9c66e273bec970aa2e572889af1844ce0066d8ef10284ad0ff320b19a04eaf080f5d3ab75c2f723aedfb85462d66854175205b9669eddfd654b80fc9da1b769b0f48c3cfd5b178ff6b374180412ab32bc773a20f84ec8c3a9e4ebb64a643f5f80b0e92406944e932f0f19b0a4ba35ae604a9a143b45890fc8cf63960cde8414666798c04f79214c2cfe7b5e2d5ca1bee2c3443db5032ecc3671846578c219960144a74a13a585077ada31b041b4615f90e6ae2511d712fb6d6dd249bf0b7a520c76b3bb1de8d01b3b96b2c59a6b5b9c90edb68b7d34d10d7bba89858853eb0e6c55c122af6e7ee05843ffe9e8e2e8a977a799ab487f3b43adee8ce134969cc2e84d7c82600"/4254], &(0x7f0000000140)=0x1024) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:07 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, 0xffffffffffffffff, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:29:07 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xef, 0x0) 06:29:07 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xf035010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 695.500036][T21959] memory: usage 307200kB, limit 307200kB, failcnt 4825 [ 695.507007][T21959] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 695.527193][T21959] Memory cgroup stats for /syz3: [ 695.540973][T21959] anon 302424064 [ 695.540973][T21959] file 0 [ 695.540973][T21959] kernel_stack 917504 [ 695.540973][T21959] slab 6516736 [ 695.540973][T21959] sock 0 [ 695.540973][T21959] shmem 0 [ 695.540973][T21959] file_mapped 0 [ 695.540973][T21959] file_dirty 0 [ 695.540973][T21959] file_writeback 0 [ 695.540973][T21959] anon_thp 213909504 [ 695.540973][T21959] inactive_anon 258265088 [ 695.540973][T21959] active_anon 18079744 [ 695.540973][T21959] inactive_file 0 [ 695.540973][T21959] active_file 0 [ 695.540973][T21959] unevictable 26046464 [ 695.540973][T21959] slab_reclaimable 1351680 [ 695.540973][T21959] slab_unreclaimable 5165056 [ 695.540973][T21959] pgfault 746328 [ 695.540973][T21959] pgmajfault 0 [ 695.540973][T21959] workingset_refault 99 [ 695.540973][T21959] workingset_activate 66 [ 695.540973][T21959] workingset_nodereclaim 0 [ 695.540973][T21959] pgrefill 595 [ 695.540973][T21959] pgscan 597 [ 695.540973][T21959] pgsteal 132 [ 695.564678][T21992] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:20002 [ 695.642763][T21959] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21958,uid=0 [ 695.693223][T21959] Memory cgroup out of memory: Killed process 21958 (syz-executor.3) total-vm:72700kB, anon-rss:10040kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:192512kB oom_score_adj:1000 [ 695.732645][T21997] IPVS: set_ctl: invalid protocol: 0 224.0.0.1:20002 06:29:07 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xf0ffffff00000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 695.742580][ T1065] oom_reaper: reaped process 21958 (syz-executor.3), now anon-rss:10032kB, file-rss:54332kB, shmem-rss:0kB [ 695.742704][T21969] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 695.794125][T21969] CPU: 1 PID: 21969 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 695.803268][T21969] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 695.813336][T21969] Call Trace: [ 695.816633][T21969] dump_stack+0x172/0x1f0 [ 695.820979][T21969] dump_header+0x177/0x1152 [ 695.825494][T21969] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 695.831305][T21969] ? ___ratelimit+0x2c8/0x595 [ 695.835995][T21969] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 695.841810][T21969] ? lockdep_hardirqs_on+0x418/0x5d0 [ 695.847105][T21969] ? trace_hardirqs_on+0x67/0x240 [ 695.852136][T21969] ? pagefault_out_of_memory+0x11c/0x11c [ 695.857768][T21969] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 695.863577][T21969] ? ___ratelimit+0x60/0x595 [ 695.868165][T21969] ? do_raw_spin_unlock+0x57/0x270 [ 695.873279][T21969] oom_kill_process.cold+0x10/0x15 [ 695.878395][T21969] out_of_memory+0x334/0x1340 [ 695.883078][T21969] ? lock_downgrade+0x920/0x920 [ 695.887935][T21969] ? oom_killer_disable+0x280/0x280 [ 695.893151][T21969] mem_cgroup_out_of_memory+0x1d8/0x240 [ 695.898703][T21969] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 695.904345][T21969] ? do_raw_spin_unlock+0x57/0x270 [ 695.909465][T21969] ? _raw_spin_unlock+0x2d/0x50 [ 695.914329][T21969] try_charge+0xf4b/0x1440 [ 695.918751][T21969] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 695.924286][T21969] ? percpu_ref_tryget_live+0x111/0x290 [ 695.924307][T21969] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 695.936066][T21969] ? __kasan_check_read+0x11/0x20 06:29:08 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r2 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r2, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10) setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, &(0x7f0000000480)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0x0, 0xe5}]}, 0x10) sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000000)='bbr\x00', 0x3) setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000600)=0xda9, 0x4) sendto$inet(r2, &(0x7f00000012c0)="20268a927f1f6588b967481241ba7860f46ef65ac618ded8974895abeaf4b4834ff922b3f1e0b02bd67aa03059bcecc7a95c25a3a07e758044ab4ea6f7ae55d88fecf9221a750fbf746bec66ba", 0xfe6a, 0xe, 0x0, 0xfffffffffffffe2b) prctl$PR_GET_NAME(0x10, &(0x7f0000001340)=""/4096) getsockopt$inet_tcp_int(r2, 0x6, 0x22, &(0x7f0000000140), &(0x7f0000000280)=0x4) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 695.941093][T21969] ? get_mem_cgroup_from_mm+0x156/0x320 [ 695.946652][T21969] mem_cgroup_try_charge+0x136/0x590 [ 695.951944][T21969] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 695.958196][T21969] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 695.963846][T21969] __handle_mm_fault+0x1e34/0x3f20 [ 695.968970][T21969] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 695.974534][T21969] ? __kasan_check_read+0x11/0x20 [ 695.979578][T21969] handle_mm_fault+0x1b5/0x6c0 [ 695.984352][T21969] __get_user_pages+0x7d4/0x1b30 [ 695.989407][T21969] ? mark_held_locks+0xf0/0xf0 [ 695.994201][T21969] ? follow_page_mask+0x1cf0/0x1cf0 [ 695.999407][T21969] ? __mm_populate+0x270/0x380 [ 696.004196][T21969] ? memset+0x32/0x40 [ 696.008196][T21969] populate_vma_page_range+0x20d/0x2a0 [ 696.013664][T21969] __mm_populate+0x204/0x380 [ 696.018265][T21969] ? populate_vma_page_range+0x2a0/0x2a0 [ 696.023907][T21969] ? __kasan_check_write+0x14/0x20 [ 696.029027][T21969] ? up_write+0x155/0x490 [ 696.033364][T21969] __x64_sys_mremap+0x7dc/0xb80 [ 696.038227][T21969] ? mremap_to+0x750/0x750 [ 696.042657][T21969] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 696.048122][T21969] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 696.053595][T21969] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 696.059666][T21969] ? do_syscall_64+0x26/0x760 [ 696.064349][T21969] ? lockdep_hardirqs_on+0x418/0x5d0 [ 696.069640][T21969] ? trace_hardirqs_on+0x67/0x240 [ 696.074675][T21969] do_syscall_64+0xfa/0x760 [ 696.079191][T21969] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 696.085071][T21969] RIP: 0033:0x459879 [ 696.088945][T21969] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 696.108597][T21969] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 696.116992][T21969] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 696.124953][T21969] RDX: 0000000000803f00 RSI: 0000000000002000 RDI: 0000000020a94000 [ 696.132915][T21969] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 696.140872][T21969] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 696.148833][T21969] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 696.181392][T21969] memory: usage 307200kB, limit 307200kB, failcnt 1052 06:29:08 executing program 3: creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006fe0d42ae72b4de3182cf48b11abe95b020000004583e08a1dc97ba8276dd1212c6808159df8f19f3f78ee9f5a"], 0x9) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r4) ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r4, 0x4008240b, &(0x7f0000000340)={0x4, 0x70, 0x7, 0xfffffffffffffffa, 0x3, 0x3ff, 0x0, 0x7fff, 0x80200, 0x2, 0x6838, 0x1, 0x100000000, 0x2, 0xffffffff00000001, 0x800, 0x100007, 0x5, 0x13e, 0x6, 0x2, 0x8, 0x1, 0x9, 0x80, 0x6, 0xe37, 0xffffffffffff8001, 0x8, 0x400, 0x5851, 0x22, 0x9, 0x80000001, 0x1ff, 0x8000, 0x0, 0x7, 0x0, 0x40, 0x2, @perf_bp={&(0x7f0000000300)}, 0x1040, 0x2, 0xa87, 0x7, 0x3, 0x6, 0xeff}) r5 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r5, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r5) ioctl$SNDRV_CTL_IOCTL_HWDEP_NEXT_DEVICE(r5, 0xc0045520, &(0x7f0000000200)=0x100000001) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f00000003c0)={0x3, 0x3, 0x7, 0x1}) setsockopt$IP_VS_SO_SET_DEL(r1, 0x0, 0x484, &(0x7f0000000480)={0x24, @broadcast, 0x4e20, 0x3, 'none\x00', 0x4, 0x5, 0x5c}, 0x2c) r6 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r6, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") fcntl$getownex(r6, 0x10, &(0x7f0000000440)) [ 696.195744][T21969] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 696.217354][T21969] Memory cgroup stats for /syz1: [ 696.217478][T21969] anon 294387712 [ 696.217478][T21969] file 122880 [ 696.217478][T21969] kernel_stack 917504 [ 696.217478][T21969] slab 15196160 [ 696.217478][T21969] sock 0 [ 696.217478][T21969] shmem 61440 [ 696.217478][T21969] file_mapped 0 [ 696.217478][T21969] file_dirty 0 [ 696.217478][T21969] file_writeback 0 [ 696.217478][T21969] anon_thp 132120576 [ 696.217478][T21969] inactive_anon 250122240 [ 696.217478][T21969] active_anon 5525504 [ 696.217478][T21969] inactive_file 90112 [ 696.217478][T21969] active_file 135168 [ 696.217478][T21969] unevictable 38981632 [ 696.217478][T21969] slab_reclaimable 6758400 [ 696.217478][T21969] slab_unreclaimable 8437760 [ 696.217478][T21969] pgfault 157476 [ 696.217478][T21969] pgmajfault 0 [ 696.217478][T21969] workingset_refault 0 06:29:08 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xf135010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 696.217478][T21969] workingset_activate 0 [ 696.217478][T21969] workingset_nodereclaim 0 [ 696.217478][T21969] pgrefill 407 [ 696.217478][T21969] pgscan 4454 [ 696.217478][T21969] pgsteal 4133 [ 696.324683][T21969] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=21968,uid=0 [ 696.340527][T21969] Memory cgroup out of memory: Killed process 21968 (syz-executor.1) total-vm:72700kB, anon-rss:17412kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 696.358564][T21990] FAULT_FLAG_ALLOW_RETRY missing 70 [ 696.363783][T21990] CPU: 1 PID: 21990 Comm: syz-executor.4 Not tainted 5.3.0-rc6-next-20190830 #75 [ 696.372990][T21990] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 696.383043][T21990] Call Trace: [ 696.386335][T21990] dump_stack+0x172/0x1f0 [ 696.388539][T22007] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 696.390662][T21990] handle_userfault.cold+0x41/0x5e [ 696.390679][T21990] ? lock_downgrade+0x920/0x920 [ 696.390701][T21990] ? __kasan_check_read+0x11/0x20 [ 696.415770][T21990] ? userfaultfd_ioctl+0x3aa0/0x3aa0 [ 696.421062][T21990] ? find_get_entry+0x4ab/0x7a0 [ 696.425914][T21990] ? find_get_pages_contig+0xa20/0xa20 [ 696.431374][T21990] ? __kasan_check_read+0x11/0x20 [ 696.436404][T21990] ? __kasan_check_read+0x11/0x20 [ 696.441432][T21990] ? find_lock_entry+0x1a7/0x560 [ 696.446381][T21990] shmem_getpage_gfp+0x1f51/0x2680 [ 696.451512][T21990] ? shmem_unuse_inode+0x1010/0x1010 [ 696.456811][T21990] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 696.463056][T21990] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 696.469310][T21990] shmem_fault+0x22a/0x7b0 [ 696.473734][T21990] ? shmem_read_mapping_page_gfp+0x1a0/0x1a0 [ 696.479717][T21990] ? find_lock_entry+0x560/0x560 [ 696.484648][T21990] ? pmd_val+0x85/0x100 [ 696.488798][T21990] ? pmd_val+0x85/0x100 [ 696.492957][T21990] __do_fault+0x111/0x540 [ 696.497287][T21990] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 696.503528][T21990] __handle_mm_fault+0x2cb8/0x3f20 [ 696.508643][T21990] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 696.514202][T21990] ? __kasan_check_read+0x11/0x20 [ 696.519239][T21990] handle_mm_fault+0x1b5/0x6c0 [ 696.524014][T21990] __do_page_fault+0x536/0xdd0 [ 696.528796][T21990] do_page_fault+0x38/0x590 [ 696.533312][T21990] page_fault+0x39/0x40 [ 696.537464][T21990] RIP: 0033:0x453210 [ 696.541358][T21990] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 696.560962][T21990] RSP: 002b:00007ff1e67fb7a8 EFLAGS: 00010202 [ 696.567031][T21990] RAX: 00007ff1e67fb850 RBX: 0000000000000003 RCX: 000000000000000e [ 696.574998][T21990] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007ff1e67fb850 [ 696.582966][T21990] RBP: 000000000075bf20 R08: 00000000000003ff R09: 0000000000000000 [ 696.590933][T21990] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff1e67fc6d4 [ 696.598901][T21990] R13: 00000000004c8c4b R14: 00000000004dfbc8 R15: 00000000ffffffff [ 696.606891][T22007] CPU: 0 PID: 22007 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 696.608460][ T1065] oom_reaper: reaped process 21968 (syz-executor.1), now anon-rss:17632kB, file-rss:54332kB, shmem-rss:0kB [ 696.615996][T22007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 696.616008][T22007] Call Trace: [ 696.640782][T22007] dump_stack+0x172/0x1f0 [ 696.645127][T22007] dump_header+0x177/0x1152 [ 696.649636][T22007] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 696.655435][T22007] ? ___ratelimit+0x2c8/0x595 [ 696.660113][T22007] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 696.665917][T22007] ? lockdep_hardirqs_on+0x418/0x5d0 [ 696.671199][T22007] ? trace_hardirqs_on+0x67/0x240 [ 696.676220][T22007] ? pagefault_out_of_memory+0x11c/0x11c [ 696.681853][T22007] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 696.687654][T22007] ? ___ratelimit+0x60/0x595 [ 696.692254][T22007] ? do_raw_spin_unlock+0x57/0x270 [ 696.697366][T22007] oom_kill_process.cold+0x10/0x15 [ 696.702481][T22007] out_of_memory+0x334/0x1340 [ 696.707206][T22007] ? lock_downgrade+0x920/0x920 [ 696.712068][T22007] ? oom_killer_disable+0x280/0x280 [ 696.717281][T22007] mem_cgroup_out_of_memory+0x1d8/0x240 [ 696.722835][T22007] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 696.728473][T22007] ? do_raw_spin_unlock+0x57/0x270 [ 696.733590][T22007] ? _raw_spin_unlock+0x2d/0x50 [ 696.738451][T22007] try_charge+0xf4b/0x1440 [ 696.742881][T22007] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 696.748440][T22007] ? percpu_ref_tryget_live+0x111/0x290 [ 696.753992][T22007] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 696.760227][T22007] ? __kasan_check_read+0x11/0x20 [ 696.760248][T22007] ? get_mem_cgroup_from_mm+0x156/0x320 [ 696.760263][T22007] mem_cgroup_try_charge+0x136/0x590 [ 696.760279][T22007] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 696.760296][T22007] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 696.760312][T22007] __handle_mm_fault+0x1e34/0x3f20 [ 696.760331][T22007] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 696.770874][T22007] ? __kasan_check_read+0x11/0x20 [ 696.770897][T22007] handle_mm_fault+0x1b5/0x6c0 [ 696.770916][T22007] __get_user_pages+0x7d4/0x1b30 [ 696.770929][T22007] ? mark_held_locks+0xf0/0xf0 [ 696.770957][T22007] ? follow_page_mask+0x1cf0/0x1cf0 [ 696.782427][T22007] ? __mm_populate+0x270/0x380 [ 696.782449][T22007] ? __kasan_check_write+0x14/0x20 [ 696.782466][T22007] ? down_read+0x109/0x430 [ 696.782487][T22007] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 696.793181][T22007] populate_vma_page_range+0x20d/0x2a0 [ 696.803706][T22007] __mm_populate+0x204/0x380 [ 696.813349][T22007] ? populate_vma_page_range+0x2a0/0x2a0 [ 696.823260][T22007] ? __kasan_check_write+0x14/0x20 [ 696.833089][T22007] ? up_write+0x155/0x490 [ 696.843795][T22007] ? ns_capable_common+0x93/0x100 [ 696.853800][T22007] __x64_sys_mlockall+0x473/0x520 [ 696.864499][T22007] do_syscall_64+0xfa/0x760 [ 696.873802][T22007] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 696.883286][T22007] RIP: 0033:0x459879 06:29:09 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x804000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:09 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, 0xffffffffffffffff, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:29:09 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xf0, 0x0) [ 696.893017][T22007] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 696.912606][T22007] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 696.912619][T22007] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 696.912626][T22007] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 696.912634][T22007] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 696.912642][T22007] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 696.912650][T22007] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 696.962121][T22007] memory: usage 307200kB, limit 307200kB, failcnt 5484 [ 696.971303][T22007] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 696.996097][T22007] Memory cgroup stats for /syz2: [ 696.996222][T22007] anon 303583232 [ 696.996222][T22007] file 28672 [ 696.996222][T22007] kernel_stack 917504 [ 696.996222][T22007] slab 5373952 [ 696.996222][T22007] sock 0 [ 696.996222][T22007] shmem 0 [ 696.996222][T22007] file_mapped 0 [ 696.996222][T22007] file_dirty 0 [ 696.996222][T22007] file_writeback 0 [ 696.996222][T22007] anon_thp 213909504 [ 696.996222][T22007] inactive_anon 254836736 [ 696.996222][T22007] active_anon 11780096 [ 696.996222][T22007] inactive_file 0 [ 696.996222][T22007] active_file 0 [ 696.996222][T22007] unevictable 36855808 [ 696.996222][T22007] slab_reclaimable 1216512 [ 696.996222][T22007] slab_unreclaimable 4157440 [ 696.996222][T22007] pgfault 763455 [ 696.996222][T22007] pgmajfault 0 [ 696.996222][T22007] workingset_refault 198 [ 696.996222][T22007] workingset_activate 66 [ 696.996222][T22007] workingset_nodereclaim 0 [ 696.996222][T22007] pgrefill 1400 [ 696.996222][T22007] pgscan 1627 [ 696.996222][T22007] pgsteal 198 [ 697.116710][T22007] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=21974,uid=0 06:29:09 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xf235010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 697.173308][T22007] Memory cgroup out of memory: Killed process 21974 (syz-executor.2) total-vm:72708kB, anon-rss:18352kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 697.213754][T22010] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 697.225116][T22010] CPU: 0 PID: 22010 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 697.232143][ T1065] oom_reaper: reaped process 21974 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 697.234232][T22010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 697.234238][T22010] Call Trace: [ 697.234261][T22010] dump_stack+0x172/0x1f0 [ 697.234281][T22010] dump_header+0x177/0x1152 [ 697.234301][T22010] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 697.273201][T22010] ? ___ratelimit+0x2c8/0x595 [ 697.277886][T22010] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 697.283700][T22010] ? lockdep_hardirqs_on+0x418/0x5d0 [ 697.288995][T22010] ? trace_hardirqs_on+0x67/0x240 [ 697.294025][T22010] ? pagefault_out_of_memory+0x11c/0x11c [ 697.299663][T22010] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 697.305466][T22010] ? ___ratelimit+0x60/0x595 [ 697.310053][T22010] ? do_raw_spin_unlock+0x57/0x270 [ 697.315171][T22010] oom_kill_process.cold+0x10/0x15 [ 697.320289][T22010] out_of_memory+0x334/0x1340 [ 697.324965][T22010] ? lock_downgrade+0x920/0x920 [ 697.329821][T22010] ? oom_killer_disable+0x280/0x280 [ 697.335029][T22010] mem_cgroup_out_of_memory+0x1d8/0x240 [ 697.340572][T22010] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 697.346215][T22010] ? do_raw_spin_unlock+0x57/0x270 [ 697.351335][T22010] ? _raw_spin_unlock+0x2d/0x50 [ 697.356192][T22010] try_charge+0xf4b/0x1440 [ 697.360620][T22010] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 697.366163][T22010] ? percpu_ref_tryget_live+0x111/0x290 [ 697.371715][T22010] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 697.377957][T22010] ? __kasan_check_read+0x11/0x20 [ 697.382985][T22010] ? get_mem_cgroup_from_mm+0x156/0x320 [ 697.388531][T22010] mem_cgroup_try_charge+0x136/0x590 [ 697.393816][T22010] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 697.400063][T22010] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 697.405699][T22010] __handle_mm_fault+0x1e34/0x3f20 [ 697.410807][T22010] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 697.410833][T22010] ? __kasan_check_read+0x11/0x20 [ 697.410853][T22010] handle_mm_fault+0x1b5/0x6c0 [ 697.410870][T22010] __get_user_pages+0x7d4/0x1b30 [ 697.410884][T22010] ? mark_held_locks+0xf0/0xf0 [ 697.410909][T22010] ? follow_page_mask+0x1cf0/0x1cf0 [ 697.410921][T22010] ? __mm_populate+0x270/0x380 [ 697.410940][T22010] ? __kasan_check_write+0x14/0x20 [ 697.410954][T22010] ? down_read+0x109/0x430 [ 697.410973][T22010] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 697.445849][T22010] populate_vma_page_range+0x20d/0x2a0 [ 697.445871][T22010] __mm_populate+0x204/0x380 [ 697.445888][T22010] ? populate_vma_page_range+0x2a0/0x2a0 [ 697.477200][T22010] ? __kasan_check_write+0x14/0x20 [ 697.482295][T22010] ? up_write+0x155/0x490 [ 697.486607][T22010] ? ns_capable_common+0x93/0x100 [ 697.491618][T22010] __x64_sys_mlockall+0x473/0x520 [ 697.496628][T22010] do_syscall_64+0xfa/0x760 [ 697.501120][T22010] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 697.506989][T22010] RIP: 0033:0x459879 [ 697.510867][T22010] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 697.530453][T22010] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 697.538859][T22010] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 697.546810][T22010] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 697.554774][T22010] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 697.562727][T22010] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 697.570678][T22010] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 697.588261][T22010] memory: usage 307084kB, limit 307200kB, failcnt 4862 [ 697.595407][T22010] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 697.610010][T22010] Memory cgroup stats for /syz3: [ 697.610115][T22010] anon 302297088 [ 697.610115][T22010] file 0 [ 697.610115][T22010] kernel_stack 983040 [ 697.610115][T22010] slab 6516736 [ 697.610115][T22010] sock 0 [ 697.610115][T22010] shmem 0 [ 697.610115][T22010] file_mapped 0 [ 697.610115][T22010] file_dirty 0 [ 697.610115][T22010] file_writeback 0 [ 697.610115][T22010] anon_thp 213909504 [ 697.610115][T22010] inactive_anon 267370496 [ 697.610115][T22010] active_anon 18079744 [ 697.610115][T22010] inactive_file 0 [ 697.610115][T22010] active_file 0 06:29:09 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xf335010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 697.610115][T22010] unevictable 16793600 [ 697.610115][T22010] slab_reclaimable 1351680 [ 697.610115][T22010] slab_unreclaimable 5165056 [ 697.610115][T22010] pgfault 746427 [ 697.610115][T22010] pgmajfault 0 [ 697.610115][T22010] workingset_refault 99 [ 697.610115][T22010] workingset_activate 66 [ 697.610115][T22010] workingset_nodereclaim 0 [ 697.610115][T22010] pgrefill 595 [ 697.610115][T22010] pgscan 597 [ 697.610115][T22010] pgsteal 132 [ 697.770748][T22010] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21971,uid=0 [ 697.793864][T22010] Memory cgroup out of memory: Killed process 21971 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 06:29:09 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, 0xffffffffffffffff, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 697.831731][T22024] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 697.853166][T22024] CPU: 1 PID: 22024 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 697.862294][T22024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 697.862300][T22024] Call Trace: [ 697.862322][T22024] dump_stack+0x172/0x1f0 [ 697.862343][T22024] dump_header+0x177/0x1152 [ 697.862360][T22024] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 697.862372][T22024] ? ___ratelimit+0x2c8/0x595 [ 697.862386][T22024] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 697.862402][T22024] ? lockdep_hardirqs_on+0x418/0x5d0 [ 697.862417][T22024] ? trace_hardirqs_on+0x67/0x240 [ 697.862433][T22024] ? pagefault_out_of_memory+0x11c/0x11c [ 697.862449][T22024] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 697.862462][T22024] ? ___ratelimit+0x60/0x595 [ 697.862474][T22024] ? do_raw_spin_unlock+0x57/0x270 [ 697.862491][T22024] oom_kill_process.cold+0x10/0x15 [ 697.862507][T22024] out_of_memory+0x334/0x1340 [ 697.862521][T22024] ? lock_downgrade+0x920/0x920 [ 697.862543][T22024] ? oom_killer_disable+0x280/0x280 [ 697.893675][ T1065] oom_reaper: reaped process 21971 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 697.895125][T22024] mem_cgroup_out_of_memory+0x1d8/0x240 [ 697.895143][T22024] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 697.895163][T22024] ? do_raw_spin_unlock+0x57/0x270 [ 697.895183][T22024] ? _raw_spin_unlock+0x2d/0x50 [ 697.911250][T22024] try_charge+0xf4b/0x1440 [ 697.911278][T22024] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 697.911292][T22024] ? percpu_ref_tryget_live+0x111/0x290 [ 697.911310][T22024] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 697.911328][T22024] ? __kasan_check_read+0x11/0x20 [ 697.922722][T22024] ? get_mem_cgroup_from_mm+0x156/0x320 [ 697.922740][T22024] mem_cgroup_try_charge+0x136/0x590 [ 697.922756][T22024] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 06:29:10 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xf1, 0x0) [ 697.922776][T22024] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 697.922797][T22024] __handle_mm_fault+0x1e34/0x3f20 [ 697.922816][T22024] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 697.922844][T22024] ? __kasan_check_read+0x11/0x20 [ 697.937596][T22024] handle_mm_fault+0x1b5/0x6c0 [ 697.937618][T22024] __get_user_pages+0x7d4/0x1b30 [ 697.937633][T22024] ? mark_held_locks+0xf0/0xf0 [ 697.937663][T22024] ? follow_page_mask+0x1cf0/0x1cf0 [ 697.937673][T22024] ? __mm_populate+0x270/0x380 [ 697.937693][T22024] ? __kasan_check_write+0x14/0x20 [ 697.947180][T22024] ? down_read+0x109/0x430 [ 697.947198][T22024] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 697.947218][T22024] populate_vma_page_range+0x20d/0x2a0 [ 697.947236][T22024] __mm_populate+0x204/0x380 [ 697.947254][T22024] ? populate_vma_page_range+0x2a0/0x2a0 [ 697.963633][T22024] ? __kasan_check_write+0x14/0x20 [ 697.963653][T22024] ? up_write+0x155/0x490 [ 697.963666][T22024] ? ns_capable_common+0x93/0x100 [ 697.963688][T22024] __x64_sys_mlockall+0x473/0x520 [ 697.963707][T22024] do_syscall_64+0xfa/0x760 [ 697.963729][T22024] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 697.963740][T22024] RIP: 0033:0x459879 [ 697.963756][T22024] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 697.974882][T22024] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 697.974897][T22024] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 697.974906][T22024] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 697.974914][T22024] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 697.974923][T22024] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 697.974931][T22024] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 698.057391][T22024] memory: usage 307200kB, limit 307200kB, failcnt 1070 [ 698.130845][T22024] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 698.162119][T22024] Memory cgroup stats for /syz1: [ 698.162223][T22024] anon 294432768 [ 698.162223][T22024] file 122880 [ 698.162223][T22024] kernel_stack 917504 [ 698.162223][T22024] slab 15196160 [ 698.162223][T22024] sock 0 [ 698.162223][T22024] shmem 61440 [ 698.162223][T22024] file_mapped 0 [ 698.162223][T22024] file_dirty 0 [ 698.162223][T22024] file_writeback 0 [ 698.162223][T22024] anon_thp 132120576 [ 698.162223][T22024] inactive_anon 259043328 [ 698.162223][T22024] active_anon 5525504 [ 698.162223][T22024] inactive_file 90112 [ 698.162223][T22024] active_file 135168 [ 698.162223][T22024] unevictable 29925376 [ 698.162223][T22024] slab_reclaimable 6758400 [ 698.162223][T22024] slab_unreclaimable 8437760 [ 698.162223][T22024] pgfault 159786 [ 698.162223][T22024] pgmajfault 0 [ 698.162223][T22024] workingset_refault 33 [ 698.162223][T22024] workingset_activate 0 [ 698.162223][T22024] workingset_nodereclaim 0 [ 698.162223][T22024] pgrefill 407 [ 698.162223][T22024] pgscan 4454 [ 698.162223][T22024] pgsteal 4133 [ 698.281007][T22024] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=21980,uid=0 [ 698.347114][T22024] Memory cgroup out of memory: Killed process 21980 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 06:29:10 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xf435010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 698.421667][T22007] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 698.459252][T22007] CPU: 1 PID: 22007 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 698.468396][T22007] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 698.478447][T22007] Call Trace: [ 698.478471][T22007] dump_stack+0x172/0x1f0 [ 698.478493][T22007] dump_header+0x177/0x1152 [ 698.478510][T22007] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 698.478521][T22007] ? ___ratelimit+0x2c8/0x595 [ 698.478536][T22007] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 698.478559][T22007] ? lockdep_hardirqs_on+0x418/0x5d0 [ 698.496436][T22007] ? trace_hardirqs_on+0x67/0x240 [ 698.496456][T22007] ? pagefault_out_of_memory+0x11c/0x11c [ 698.496475][T22007] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 698.496488][T22007] ? ___ratelimit+0x60/0x595 [ 698.496505][T22007] ? do_raw_spin_unlock+0x57/0x270 [ 698.528646][T22007] oom_kill_process.cold+0x10/0x15 [ 698.528667][T22007] out_of_memory+0x334/0x1340 [ 698.528683][T22007] ? lock_downgrade+0x920/0x920 [ 698.528702][T22007] ? oom_killer_disable+0x280/0x280 [ 698.528726][T22007] mem_cgroup_out_of_memory+0x1d8/0x240 [ 698.528743][T22007] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 698.543511][T22007] ? do_raw_spin_unlock+0x57/0x270 [ 698.563712][T22007] ? _raw_spin_unlock+0x2d/0x50 [ 698.563736][T22007] try_charge+0xf4b/0x1440 [ 698.563761][T22007] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 698.563779][T22007] ? percpu_ref_tryget_live+0x111/0x290 [ 698.589243][T22007] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 698.589263][T22007] ? __kasan_check_read+0x11/0x20 [ 698.589292][T22007] ? get_mem_cgroup_from_mm+0x156/0x320 [ 698.611565][T22007] mem_cgroup_try_charge+0x136/0x590 [ 698.611584][T22007] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 698.611605][T22007] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 698.611633][T22007] __handle_mm_fault+0x1e34/0x3f20 [ 698.623115][T22007] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 698.623146][T22007] ? __kasan_check_read+0x11/0x20 [ 698.623168][T22007] handle_mm_fault+0x1b5/0x6c0 [ 698.623186][T22007] __get_user_pages+0x7d4/0x1b30 [ 698.644416][T22007] ? mark_held_locks+0xf0/0xf0 [ 698.658829][T22007] ? follow_page_mask+0x1cf0/0x1cf0 [ 698.664021][T22007] ? __mm_populate+0x270/0x380 [ 698.664044][T22007] ? memset+0x32/0x40 [ 698.664066][T22007] populate_vma_page_range+0x20d/0x2a0 [ 698.664084][T22007] __mm_populate+0x204/0x380 [ 698.664101][T22007] ? populate_vma_page_range+0x2a0/0x2a0 [ 698.688458][T22007] ? __kasan_check_write+0x14/0x20 [ 698.688475][T22007] ? up_write+0x155/0x490 [ 698.688497][T22007] __x64_sys_mremap+0x7dc/0xb80 [ 698.688517][T22007] ? mremap_to+0x750/0x750 [ 698.688539][T22007] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 698.688556][T22007] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 698.693983][T22046] IPVS: set_ctl: invalid protocol: 36 255.255.255.255:20000 [ 698.697964][T22007] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 698.697981][T22007] ? do_syscall_64+0x26/0x760 [ 698.697998][T22007] ? lockdep_hardirqs_on+0x418/0x5d0 [ 698.698013][T22007] ? trace_hardirqs_on+0x67/0x240 [ 698.698032][T22007] do_syscall_64+0xfa/0x760 [ 698.698057][T22007] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 698.707269][T22007] RIP: 0033:0x459879 [ 698.707285][T22007] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 698.707294][T22007] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 698.707308][T22007] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 698.707317][T22007] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 698.707325][T22007] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 698.707333][T22007] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 698.707341][T22007] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff 06:29:10 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(0xffffffffffffffff, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 699.047702][T22007] memory: usage 296732kB, limit 307200kB, failcnt 5522 [ 699.061747][T22007] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 699.071230][T22007] Memory cgroup stats for /syz2: [ 699.071340][T22007] anon 292859904 [ 699.071340][T22007] file 28672 [ 699.071340][T22007] kernel_stack 917504 [ 699.071340][T22007] slab 5373952 [ 699.071340][T22007] sock 0 [ 699.071340][T22007] shmem 0 [ 699.071340][T22007] file_mapped 0 [ 699.071340][T22007] file_dirty 0 [ 699.071340][T22007] file_writeback 0 [ 699.071340][T22007] anon_thp 211812352 [ 699.071340][T22007] inactive_anon 238190592 [ 699.071340][T22007] active_anon 11780096 [ 699.071340][T22007] inactive_file 0 [ 699.071340][T22007] active_file 0 [ 699.071340][T22007] unevictable 42872832 [ 699.071340][T22007] slab_reclaimable 1216512 [ 699.071340][T22007] slab_unreclaimable 4157440 [ 699.071340][T22007] pgfault 766227 [ 699.071340][T22007] pgmajfault 0 [ 699.071340][T22007] workingset_refault 198 [ 699.071340][T22007] workingset_activate 66 [ 699.071340][T22007] workingset_nodereclaim 0 [ 699.071340][T22007] pgrefill 1400 [ 699.071340][T22007] pgscan 1627 [ 699.071340][T22007] pgsteal 198 [ 699.175197][T22007] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22005,uid=0 [ 699.190827][T22007] Memory cgroup out of memory: Killed process 22007 (syz-executor.2) total-vm:72700kB, anon-rss:17164kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 699.209293][ T1065] oom_reaper: reaped process 22007 (syz-executor.2), now anon-rss:17156kB, file-rss:54332kB, shmem-rss:0kB [ 699.220997][T22010] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 699.233495][T22010] CPU: 1 PID: 22010 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 699.242611][T22010] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 699.252661][T22010] Call Trace: [ 699.255961][T22010] dump_stack+0x172/0x1f0 [ 699.260297][T22010] dump_header+0x177/0x1152 [ 699.264806][T22010] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 699.270609][T22010] ? ___ratelimit+0x2c8/0x595 [ 699.275284][T22010] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 699.281089][T22010] ? lockdep_hardirqs_on+0x418/0x5d0 [ 699.286385][T22010] ? trace_hardirqs_on+0x67/0x240 [ 699.291416][T22010] ? pagefault_out_of_memory+0x11c/0x11c [ 699.297064][T22010] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 699.302874][T22010] ? ___ratelimit+0x60/0x595 [ 699.307469][T22010] ? do_raw_spin_unlock+0x57/0x270 [ 699.312585][T22010] oom_kill_process.cold+0x10/0x15 [ 699.317887][T22010] out_of_memory+0x334/0x1340 [ 699.322580][T22010] ? lock_downgrade+0x920/0x920 [ 699.327438][T22010] ? oom_killer_disable+0x280/0x280 [ 699.332646][T22010] mem_cgroup_out_of_memory+0x1d8/0x240 [ 699.338184][T22010] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 699.343801][T22010] ? do_raw_spin_unlock+0x57/0x270 [ 699.348903][T22010] ? _raw_spin_unlock+0x2d/0x50 [ 699.353746][T22010] try_charge+0xf4b/0x1440 [ 699.358150][T22010] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 699.363675][T22010] ? percpu_ref_tryget_live+0x111/0x290 [ 699.369202][T22010] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 699.375438][T22010] ? __kasan_check_read+0x11/0x20 [ 699.380464][T22010] ? get_mem_cgroup_from_mm+0x156/0x320 [ 699.385997][T22010] mem_cgroup_try_charge+0x136/0x590 [ 699.391267][T22010] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 699.397497][T22010] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 699.403113][T22010] __handle_mm_fault+0x1e34/0x3f20 [ 699.408217][T22010] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 699.413748][T22010] ? __this_cpu_preempt_check+0x3a/0x210 [ 699.419378][T22010] ? __kasan_check_read+0x11/0x20 [ 699.424400][T22010] handle_mm_fault+0x1b5/0x6c0 [ 699.429152][T22010] __get_user_pages+0x7d4/0x1b30 [ 699.434337][T22010] ? follow_page_mask+0x1cf0/0x1cf0 [ 699.439524][T22010] ? __this_cpu_preempt_check+0x3a/0x210 [ 699.445137][T22010] ? retint_kernel+0x2b/0x2b [ 699.449747][T22010] populate_vma_page_range+0x20d/0x2a0 [ 699.455188][T22010] __mm_populate+0x204/0x380 [ 699.459766][T22010] ? populate_vma_page_range+0x2a0/0x2a0 [ 699.465380][T22010] ? refcount_sub_and_test_checked+0x154/0x200 [ 699.471516][T22010] __x64_sys_mremap+0x7dc/0xb80 [ 699.476348][T22010] ? mremap_to+0x750/0x750 [ 699.480749][T22010] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 699.486186][T22010] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 699.491627][T22010] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 699.497672][T22010] ? do_syscall_64+0x26/0x760 [ 699.502340][T22010] ? lockdep_hardirqs_on+0x418/0x5d0 [ 699.507605][T22010] ? trace_hardirqs_on+0x67/0x240 [ 699.512611][T22010] do_syscall_64+0xfa/0x760 [ 699.517093][T22010] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 699.522961][T22010] RIP: 0033:0x459879 [ 699.526833][T22010] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 06:29:11 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xf535010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 699.546425][T22010] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 699.554825][T22010] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 699.562961][T22010] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 699.570923][T22010] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 699.578872][T22010] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 699.586831][T22010] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 699.605999][T22010] memory: usage 307200kB, limit 307200kB, failcnt 4917 [ 699.613922][T22010] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 699.626230][T22010] Memory cgroup stats for /syz3: [ 699.626339][T22010] anon 302317568 [ 699.626339][T22010] file 0 [ 699.626339][T22010] kernel_stack 983040 [ 699.626339][T22010] slab 6516736 [ 699.626339][T22010] sock 0 [ 699.626339][T22010] shmem 0 [ 699.626339][T22010] file_mapped 0 [ 699.626339][T22010] file_dirty 0 [ 699.626339][T22010] file_writeback 0 [ 699.626339][T22010] anon_thp 211812352 [ 699.626339][T22010] inactive_anon 257159168 [ 699.626339][T22010] active_anon 18079744 [ 699.626339][T22010] inactive_file 0 [ 699.626339][T22010] active_file 0 [ 699.626339][T22010] unevictable 27156480 [ 699.626339][T22010] slab_reclaimable 1351680 [ 699.626339][T22010] slab_unreclaimable 5165056 [ 699.626339][T22010] pgfault 750816 [ 699.626339][T22010] pgmajfault 0 [ 699.626339][T22010] workingset_refault 99 [ 699.626339][T22010] workingset_activate 66 [ 699.626339][T22010] workingset_nodereclaim 0 [ 699.626339][T22010] pgrefill 595 [ 699.626339][T22010] pgscan 630 [ 699.626339][T22010] pgsteal 132 [ 699.721154][T22010] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22009,uid=0 [ 699.743524][T22010] Memory cgroup out of memory: Killed process 22009 (syz-executor.3) total-vm:72832kB, anon-rss:10168kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:192512kB oom_score_adj:1000 [ 699.781496][ T1065] oom_reaper: reaped process 22009 (syz-executor.3), now anon-rss:10160kB, file-rss:54332kB, shmem-rss:0kB [ 699.793297][T22024] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 699.839053][T22024] CPU: 0 PID: 22024 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 699.848210][T22024] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 699.858261][T22024] Call Trace: [ 699.861559][T22024] dump_stack+0x172/0x1f0 [ 699.865897][T22024] dump_header+0x177/0x1152 [ 699.870413][T22024] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 699.876218][T22024] ? ___ratelimit+0x2c8/0x595 [ 699.880892][T22024] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 699.886702][T22024] ? lockdep_hardirqs_on+0x418/0x5d0 [ 699.891991][T22024] ? trace_hardirqs_on+0x67/0x240 [ 699.897030][T22024] ? pagefault_out_of_memory+0x11c/0x11c [ 699.902666][T22024] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 699.902682][T22024] ? ___ratelimit+0x60/0x595 [ 699.902694][T22024] ? do_raw_spin_unlock+0x57/0x270 [ 699.902713][T22024] oom_kill_process.cold+0x10/0x15 [ 699.923361][T22024] out_of_memory+0x334/0x1340 [ 699.928049][T22024] ? lock_downgrade+0x920/0x920 [ 699.932905][T22024] ? oom_killer_disable+0x280/0x280 [ 699.932932][T22024] mem_cgroup_out_of_memory+0x1d8/0x240 [ 699.943629][T22024] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 699.943648][T22024] ? do_raw_spin_unlock+0x57/0x270 [ 699.943668][T22024] ? _raw_spin_unlock+0x2d/0x50 [ 699.954365][T22024] try_charge+0xf4b/0x1440 [ 699.954393][T22024] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 699.963610][T22024] ? percpu_ref_tryget_live+0x111/0x290 [ 699.963629][T22024] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 699.963647][T22024] ? __kasan_check_read+0x11/0x20 [ 699.974778][T22024] ? get_mem_cgroup_from_mm+0x156/0x320 [ 699.974801][T22024] mem_cgroup_try_charge+0x136/0x590 [ 699.986027][T22024] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 699.996805][T22024] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 699.996823][T22024] wp_page_copy+0x41e/0x1590 [ 699.996841][T22024] ? find_held_lock+0x35/0x130 [ 700.018002][T22024] ? pmd_pfn+0x1d0/0x1d0 [ 700.022257][T22024] ? lock_downgrade+0x920/0x920 [ 700.027120][T22024] ? swp_swapcount+0x540/0x540 [ 700.031888][T22024] ? __kasan_check_read+0x11/0x20 [ 700.036915][T22024] ? do_raw_spin_unlock+0x57/0x270 [ 700.042028][T22024] do_wp_page+0x499/0x14d0 [ 700.046445][T22024] ? finish_mkwrite_fault+0x570/0x570 [ 700.046474][T22024] __handle_mm_fault+0x22f1/0x3f20 [ 700.056933][T22024] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 700.062498][T22024] ? __kasan_check_read+0x11/0x20 [ 700.067529][T22024] handle_mm_fault+0x1b5/0x6c0 [ 700.067548][T22024] __get_user_pages+0x7d4/0x1b30 [ 700.067562][T22024] ? mark_held_locks+0xf0/0xf0 [ 700.067589][T22024] ? follow_page_mask+0x1cf0/0x1cf0 06:29:12 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8275ad1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c3968507960c70df6b55f2663edc6430f9349418aebe589f28f247dc4fb40b98e3346b47da6d16f46b397d49a30692d06322c9e1c7732a9b8470f8a469eba0c128491c4a94fdd495a8946da5d878a8e5a2e0a92017d43ec676d1d21293118f8c1a4c5733cb0d37f2ea48ae61b605e612705e8dd32b83fff41aaa8169d0c3b34dc6a5302e7c0d70959064f80688aacfda1b77749f935cc"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:29:12 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(0xffffffffffffffff, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 700.067601][T22024] ? __mm_populate+0x270/0x380 [ 700.067623][T22024] ? __kasan_check_write+0x14/0x20 [ 700.067638][T22024] ? down_read+0x109/0x430 [ 700.067658][T22024] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 700.077323][T22024] populate_vma_page_range+0x20d/0x2a0 [ 700.077343][T22024] __mm_populate+0x204/0x380 [ 700.077362][T22024] ? populate_vma_page_range+0x2a0/0x2a0 [ 700.077376][T22024] ? __kasan_check_write+0x14/0x20 [ 700.077389][T22024] ? up_write+0x155/0x490 [ 700.077401][T22024] ? ns_capable_common+0x93/0x100 [ 700.077426][T22024] __x64_sys_mlockall+0x473/0x520 [ 700.087350][T22024] do_syscall_64+0xfa/0x760 [ 700.087372][T22024] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 700.087384][T22024] RIP: 0033:0x459879 [ 700.087400][T22024] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 700.087408][T22024] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 700.087427][T22024] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 700.087435][T22024] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 700.087450][T22024] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 700.097272][T22024] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 700.097281][T22024] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 700.124529][T22024] memory: usage 307128kB, limit 307200kB, failcnt 1082 [ 700.240274][T22024] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 700.252349][T22024] Memory cgroup stats for /syz1: [ 700.252466][T22024] anon 286879744 [ 700.252466][T22024] file 122880 [ 700.252466][T22024] kernel_stack 917504 [ 700.252466][T22024] slab 15196160 [ 700.252466][T22024] sock 0 [ 700.252466][T22024] shmem 61440 [ 700.252466][T22024] file_mapped 0 [ 700.252466][T22024] file_dirty 0 [ 700.252466][T22024] file_writeback 0 [ 700.252466][T22024] anon_thp 134217728 [ 700.252466][T22024] inactive_anon 246886400 [ 700.252466][T22024] active_anon 5525504 [ 700.252466][T22024] inactive_file 90112 [ 700.252466][T22024] active_file 135168 [ 700.252466][T22024] unevictable 34435072 [ 700.252466][T22024] slab_reclaimable 6758400 [ 700.252466][T22024] slab_unreclaimable 8437760 [ 700.252466][T22024] pgfault 161997 [ 700.252466][T22024] pgmajfault 0 [ 700.252466][T22024] workingset_refault 33 [ 700.252466][T22024] workingset_activate 0 [ 700.252466][T22024] workingset_nodereclaim 0 [ 700.252466][T22024] pgrefill 407 [ 700.252466][T22024] pgscan 4454 [ 700.252466][T22024] pgsteal 4133 [ 700.349339][T22024] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22023,uid=0 [ 700.364876][T22024] Memory cgroup out of memory: Killed process 22024 (syz-executor.1) total-vm:72832kB, anon-rss:18232kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 700.383103][ T1065] oom_reaper: reaped process 22024 (syz-executor.1), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 700.383235][T22065] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 700.412307][T22065] CPU: 0 PID: 22065 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 700.421445][T22065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 700.431502][T22065] Call Trace: [ 700.434838][T22065] dump_stack+0x172/0x1f0 [ 700.439184][T22065] dump_header+0x177/0x1152 [ 700.443689][T22065] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 700.449496][T22065] ? ___ratelimit+0x2c8/0x595 [ 700.454172][T22065] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 700.459984][T22065] ? lockdep_hardirqs_on+0x418/0x5d0 [ 700.465271][T22065] ? trace_hardirqs_on+0x67/0x240 [ 700.470303][T22065] ? pagefault_out_of_memory+0x11c/0x11c [ 700.475943][T22065] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 700.481748][T22065] ? ___ratelimit+0x60/0x595 [ 700.486344][T22065] ? do_raw_spin_unlock+0x57/0x270 06:29:12 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x7fffdfecf000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:12 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198b54c70c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) prctl$PR_SET_UNALIGN(0x6, 0x2) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0xc0f25b3e2f86dff4, @perf_bp, 0x0, 0x2000, 0x0, 0x5}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(r0, &(0x7f00000002c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000280)={&(0x7f0000000440)={0x388, 0x3a, 0x10, 0x70bd27, 0x25dfdbfc, {0x17}, [@generic="5283896b5d7bb4a37e1e1d3abf35c5e7682034aa2aef63ceedaaacd9f4ccc48e1dbef1b252ef91b10c", @typed={0x8, 0x4a, @u32=0x2}, @typed={0xc, 0x2c, @u64=0x6}, @nested={0xc, 0x1c, [@typed={0x8, 0x9, @u32=0x1}]}, @nested={0x15c, 0x19, [@typed={0x1c, 0x43, @str='*em1.wlan0selfselfproc\x00'}, @generic="ca17edd73a4000f6dc8c3df5aa38dd9474fad45f3e5fa7d2a39c9a5e7e6ec79619cd0449aceae5b825a4017bcdfe46d59a7ae51c9562f14f080d6ba6af7ac18dbb2f4ca7fb25214df616b0c2132cf1df009b8a622049f9a94b7b4de80b76d44bcc46a8", @generic="57b76279e35c952fa3762e3c464507480b19724a3b1d4f03b8aa0716f660905fccb54a7cf64d99c5e1ffb49faf0d6b37b60e6b0399ddcda7d9b89ba3c3387cdd8c16d87962c22355d09c3000e60ce9aaffd6e186ade45e1f4b2e304f1e51c718dcd460e10646d5b4035780b33c1b098d2b629a7831ddb06041d5b2e0179ff906d87bf797c59d45c8a759c5337a66d324808cd7d28861f41dd81d2755221d94e8b8e6966e87e97af9aa0bcc2300705c072001c3d44dd9e26b528a715bdda938a1c14287126cf4585875b8f61637e50e4db5c3832df4fb"]}, @typed={0x14, 0x79, @str='/dev/urandom\x00'}, @generic="c8559156fca983b382905341f57e4666e050dbebc4be700046", @typed={0x4, 0x5}, @generic="c7ad2693d91f876978fbe97fb848d305ad76c2c9598189c806e54e16a6732eaec15347ce4d8cc4815ab796e9efca055b5a4000c696fb851ba2c6c10bb8e931f5e77885d0c1e3d502583bb56512bbfb7541d7da7148c70be833d7d886b4595da09fb68d8b0beffeb3648fb1322fb7faffd25955c8c3f14903986687da4fa4a3a08bc478edd29c0a1555b75097b8380ad2b330a422bdab3b3d8a7832096ea5527306a20908dcae0b91ab675c721aa587602d958d74843362fe0287f33bb7f77d992cdb18ced4a4ff3f886708553d9feee176f49bf00d5b03a0", @generic="390f322dd58639131a2cdd67bd3b05927a60749aa059cb9341eb5bd3a3d6fb13c859336bd5a6da393e75c5a494aebf4f197a1fd3ee2274980c4bffc488e445f9305452c2b82142d8b318628ff46eb66010a461a37b55bc79691c44a274436de487c8f06590be7b89fa6fe176d203ad3c9556852fdaa1194fdd88235cb85eed6b58dc40f741bb4920e68aba12470682db9031bb70540130155a40566bf500fd549331e457aa0d3e900cd72ff4e3e0660e6193eb4866d807a10404ab166dd8790c2034e839f1df"]}, 0x388}}, 0x6088) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:12 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xf2, 0x0) 06:29:12 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(0xffffffffffffffff, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:29:12 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xf635010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 700.491471][T22065] oom_kill_process.cold+0x10/0x15 [ 700.496591][T22065] out_of_memory+0x334/0x1340 [ 700.501274][T22065] ? lock_downgrade+0x920/0x920 [ 700.506137][T22065] ? oom_killer_disable+0x280/0x280 [ 700.511356][T22065] mem_cgroup_out_of_memory+0x1d8/0x240 [ 700.516909][T22065] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 700.522556][T22065] ? do_raw_spin_unlock+0x57/0x270 [ 700.527676][T22065] ? _raw_spin_unlock+0x2d/0x50 [ 700.532526][T22065] try_charge+0xf4b/0x1440 [ 700.536945][T22065] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 700.536958][T22065] ? percpu_ref_tryget_live+0x111/0x290 [ 700.536979][T22065] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 700.554286][T22065] ? __kasan_check_read+0x11/0x20 [ 700.559350][T22065] ? get_mem_cgroup_from_mm+0x156/0x320 [ 700.564906][T22065] mem_cgroup_try_charge+0x136/0x590 [ 700.570199][T22065] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 700.576450][T22065] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 700.582097][T22065] __handle_mm_fault+0x1e34/0x3f20 [ 700.587224][T22065] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 700.592787][T22065] ? __kasan_check_read+0x11/0x20 [ 700.597824][T22065] handle_mm_fault+0x1b5/0x6c0 [ 700.602600][T22065] __get_user_pages+0x7d4/0x1b30 [ 700.607544][T22065] ? mark_held_locks+0xf0/0xf0 [ 700.612325][T22065] ? follow_page_mask+0x1cf0/0x1cf0 [ 700.617527][T22065] ? __mm_populate+0x270/0x380 [ 700.622302][T22065] ? __kasan_check_write+0x14/0x20 [ 700.627424][T22065] ? down_read+0x109/0x430 [ 700.631848][T22065] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 700.638098][T22065] populate_vma_page_range+0x20d/0x2a0 [ 700.643571][T22065] __mm_populate+0x204/0x380 [ 700.648168][T22065] ? populate_vma_page_range+0x2a0/0x2a0 [ 700.653801][T22065] ? __kasan_check_write+0x14/0x20 [ 700.658910][T22065] ? up_write+0x155/0x490 [ 700.663285][T22065] ? ns_capable_common+0x93/0x100 [ 700.668318][T22065] __x64_sys_mlockall+0x473/0x520 [ 700.673347][T22065] do_syscall_64+0xfa/0x760 [ 700.677879][T22065] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 700.683862][T22065] RIP: 0033:0x459879 [ 700.687759][T22065] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 700.707367][T22065] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 700.715789][T22065] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 700.723767][T22065] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 700.731744][T22065] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 700.739719][T22065] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 700.747695][T22065] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff 06:29:12 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xf735010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:12 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xf3, 0x0) [ 700.822236][T22065] memory: usage 307200kB, limit 307200kB, failcnt 4935 [ 700.834984][T22065] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 700.842409][T22065] Memory cgroup stats for /syz3: [ 700.842516][T22065] anon 302587904 [ 700.842516][T22065] file 0 [ 700.842516][T22065] kernel_stack 917504 [ 700.842516][T22065] slab 6516736 [ 700.842516][T22065] sock 0 [ 700.842516][T22065] shmem 0 [ 700.842516][T22065] file_mapped 0 [ 700.842516][T22065] file_dirty 0 [ 700.842516][T22065] file_writeback 0 [ 700.842516][T22065] anon_thp 211812352 [ 700.842516][T22065] inactive_anon 267431936 [ 700.842516][T22065] active_anon 18214912 [ 700.842516][T22065] inactive_file 0 [ 700.842516][T22065] active_file 0 [ 700.842516][T22065] unevictable 17018880 [ 700.842516][T22065] slab_reclaimable 1351680 [ 700.842516][T22065] slab_unreclaimable 5165056 [ 700.842516][T22065] pgfault 750915 [ 700.842516][T22065] pgmajfault 0 [ 700.842516][T22065] workingset_refault 99 [ 700.842516][T22065] workingset_activate 66 [ 700.842516][T22065] workingset_nodereclaim 0 [ 700.842516][T22065] pgrefill 628 [ 700.842516][T22065] pgscan 630 [ 700.842516][T22065] pgsteal 132 [ 700.972447][T22065] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22048,uid=0 [ 700.995106][T22065] Memory cgroup out of memory: Killed process 22048 (syz-executor.3) total-vm:72840kB, anon-rss:18360kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 06:29:13 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xf835010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:13 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xf935010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:13 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 701.405226][T22076] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 701.442587][T22076] CPU: 1 PID: 22076 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 701.451715][T22076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 701.451722][T22076] Call Trace: [ 701.451743][T22076] dump_stack+0x172/0x1f0 [ 701.451762][T22076] dump_header+0x177/0x1152 [ 701.451779][T22076] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 701.451796][T22076] ? ___ratelimit+0x2c8/0x595 [ 701.484363][T22076] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 701.490172][T22076] ? lockdep_hardirqs_on+0x418/0x5d0 [ 701.495451][T22076] ? trace_hardirqs_on+0x67/0x240 [ 701.495470][T22076] ? pagefault_out_of_memory+0x11c/0x11c [ 701.495486][T22076] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 701.495502][T22076] ? ___ratelimit+0x60/0x595 [ 701.511904][T22076] ? do_raw_spin_unlock+0x57/0x270 [ 701.511926][T22076] oom_kill_process.cold+0x10/0x15 [ 701.511942][T22076] out_of_memory+0x334/0x1340 [ 701.511959][T22076] ? lock_downgrade+0x920/0x920 [ 701.521625][T22076] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 701.536192][T22076] ? oom_killer_disable+0x280/0x280 [ 701.536220][T22076] mem_cgroup_out_of_memory+0x1d8/0x240 [ 701.536238][T22076] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 701.552727][T22076] ? do_raw_spin_unlock+0x57/0x270 [ 701.552747][T22076] ? _raw_spin_unlock+0x2d/0x50 [ 701.552768][T22076] try_charge+0xf4b/0x1440 [ 701.568309][T22076] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 701.578219][T22076] ? percpu_ref_tryget_live+0x111/0x290 [ 701.583764][T22076] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 701.583786][T22076] ? __kasan_check_read+0x11/0x20 [ 701.583811][T22076] ? get_mem_cgroup_from_mm+0x156/0x320 [ 701.600560][T22076] mem_cgroup_try_charge+0x136/0x590 [ 701.605841][T22076] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 701.605862][T22076] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 701.605885][T22076] wp_page_copy+0x41e/0x1590 [ 701.622296][T22076] ? find_held_lock+0x35/0x130 [ 701.627054][T22076] ? pmd_pfn+0x1d0/0x1d0 [ 701.627073][T22076] ? lock_downgrade+0x920/0x920 [ 701.627089][T22076] ? swp_swapcount+0x540/0x540 [ 701.627106][T22076] ? __kasan_check_read+0x11/0x20 [ 701.640898][T22076] ? do_raw_spin_unlock+0x57/0x270 [ 701.640920][T22076] do_wp_page+0x499/0x14d0 [ 701.640941][T22076] ? finish_mkwrite_fault+0x570/0x570 [ 701.640965][T22076] __handle_mm_fault+0x22f1/0x3f20 [ 701.640985][T22076] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 701.651107][T22076] ? __kasan_check_read+0x11/0x20 [ 701.651133][T22076] handle_mm_fault+0x1b5/0x6c0 [ 701.651153][T22076] __get_user_pages+0x7d4/0x1b30 [ 701.651172][T22076] ? mark_held_locks+0xf0/0xf0 [ 701.660928][T22076] ? follow_page_mask+0x1cf0/0x1cf0 [ 701.660942][T22076] ? __mm_populate+0x270/0x380 [ 701.660964][T22076] ? __kasan_check_write+0x14/0x20 [ 701.660980][T22076] ? down_read+0x109/0x430 [ 701.661014][T22076] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 701.671628][T22076] populate_vma_page_range+0x20d/0x2a0 [ 701.671650][T22076] __mm_populate+0x204/0x380 [ 701.671669][T22076] ? populate_vma_page_range+0x2a0/0x2a0 [ 701.671684][T22076] ? __kasan_check_write+0x14/0x20 [ 701.671703][T22076] ? up_write+0x155/0x490 [ 701.681526][T22076] ? ns_capable_common+0x93/0x100 [ 701.681549][T22076] __x64_sys_mlockall+0x473/0x520 [ 701.681568][T22076] do_syscall_64+0xfa/0x760 [ 701.681590][T22076] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 701.681608][T22076] RIP: 0033:0x459879 [ 701.701185][T22076] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 701.701193][T22076] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 701.701208][T22076] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 701.701216][T22076] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 701.701229][T22076] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 701.716930][T22076] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 701.716940][T22076] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 701.804942][T22076] memory: usage 307160kB, limit 307200kB, failcnt 1106 [ 701.850395][T22076] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 701.885641][T22076] Memory cgroup stats for /syz1: [ 701.885761][T22076] anon 294367232 [ 701.885761][T22076] file 122880 [ 701.885761][T22076] kernel_stack 983040 [ 701.885761][T22076] slab 15196160 [ 701.885761][T22076] sock 0 [ 701.885761][T22076] shmem 61440 [ 701.885761][T22076] file_mapped 0 [ 701.885761][T22076] file_dirty 0 [ 701.885761][T22076] file_writeback 0 [ 701.885761][T22076] anon_thp 127926272 [ 701.885761][T22076] inactive_anon 249380864 [ 701.885761][T22076] active_anon 5505024 [ 701.885761][T22076] inactive_file 90112 [ 701.885761][T22076] active_file 135168 [ 701.885761][T22076] unevictable 39436288 [ 701.885761][T22076] slab_reclaimable 6758400 [ 701.885761][T22076] slab_unreclaimable 8437760 [ 701.885761][T22076] pgfault 167574 [ 701.885761][T22076] pgmajfault 0 [ 701.885761][T22076] workingset_refault 33 [ 701.885761][T22076] workingset_activate 0 [ 701.885761][T22076] workingset_nodereclaim 0 [ 701.885761][T22076] pgrefill 407 [ 701.885761][T22076] pgscan 4487 [ 701.885761][T22076] pgsteal 4133 [ 701.993118][T22076] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22071,uid=0 [ 702.017704][T22076] Memory cgroup out of memory: Killed process 22071 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 702.041633][ T1065] oom_reaper: reaped process 22071 (syz-executor.1), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 702.054334][T22089] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 702.070715][T22089] CPU: 1 PID: 22089 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 702.079829][T22089] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 702.089969][T22089] Call Trace: [ 702.093262][T22089] dump_stack+0x172/0x1f0 [ 702.097597][T22089] dump_header+0x177/0x1152 [ 702.102106][T22089] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 702.107919][T22089] ? ___ratelimit+0x2c8/0x595 [ 702.112600][T22089] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 702.118408][T22089] ? lockdep_hardirqs_on+0x418/0x5d0 [ 702.123691][T22089] ? trace_hardirqs_on+0x67/0x240 [ 702.128717][T22089] ? pagefault_out_of_memory+0x11c/0x11c [ 702.134438][T22089] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 702.140241][T22089] ? ___ratelimit+0x60/0x595 [ 702.144833][T22089] ? do_raw_spin_unlock+0x57/0x270 [ 702.149950][T22089] oom_kill_process.cold+0x10/0x15 [ 702.155078][T22089] out_of_memory+0x334/0x1340 [ 702.159766][T22089] ? lock_downgrade+0x920/0x920 [ 702.164636][T22089] ? oom_killer_disable+0x280/0x280 [ 702.169851][T22089] mem_cgroup_out_of_memory+0x1d8/0x240 [ 702.175398][T22089] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 702.181135][T22089] ? do_raw_spin_unlock+0x57/0x270 [ 702.186254][T22089] ? _raw_spin_unlock+0x2d/0x50 [ 702.191215][T22089] try_charge+0xf4b/0x1440 [ 702.195644][T22089] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 702.201186][T22089] ? percpu_ref_tryget_live+0x111/0x290 [ 702.206746][T22089] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 702.212996][T22089] ? __kasan_check_read+0x11/0x20 [ 702.218033][T22089] ? get_mem_cgroup_from_mm+0x156/0x320 [ 702.223582][T22089] mem_cgroup_try_charge+0x136/0x590 [ 702.228982][T22089] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 702.235240][T22089] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 702.240886][T22089] wp_page_copy+0x41e/0x1590 [ 702.245483][T22089] ? find_held_lock+0x35/0x130 [ 702.250258][T22089] ? pmd_pfn+0x1d0/0x1d0 [ 702.254506][T22089] ? lock_downgrade+0x920/0x920 [ 702.259380][T22089] ? swp_swapcount+0x540/0x540 [ 702.264143][T22089] ? __kasan_check_read+0x11/0x20 [ 702.269219][T22089] ? do_raw_spin_unlock+0x57/0x270 [ 702.274332][T22089] do_wp_page+0x499/0x14d0 [ 702.278764][T22089] ? finish_mkwrite_fault+0x570/0x570 [ 702.284148][T22089] __handle_mm_fault+0x22f1/0x3f20 [ 702.289265][T22089] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 702.294832][T22089] ? __kasan_check_read+0x11/0x20 [ 702.299874][T22089] handle_mm_fault+0x1b5/0x6c0 [ 702.304643][T22089] __get_user_pages+0x7d4/0x1b30 [ 702.309579][T22089] ? mark_held_locks+0xf0/0xf0 [ 702.314350][T22089] ? follow_page_mask+0x1cf0/0x1cf0 [ 702.319545][T22089] ? __mm_populate+0x270/0x380 [ 702.324314][T22089] ? __kasan_check_write+0x14/0x20 [ 702.329424][T22089] ? down_read+0x109/0x430 [ 702.333844][T22089] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 702.340089][T22089] populate_vma_page_range+0x20d/0x2a0 [ 702.345551][T22089] __mm_populate+0x204/0x380 [ 702.350144][T22089] ? populate_vma_page_range+0x2a0/0x2a0 [ 702.355796][T22089] ? __kasan_check_write+0x14/0x20 [ 702.360904][T22089] ? up_write+0x155/0x490 [ 702.365239][T22089] ? ns_capable_common+0x93/0x100 [ 702.370278][T22089] __x64_sys_mlockall+0x473/0x520 [ 702.375305][T22089] do_syscall_64+0xfa/0x760 [ 702.379816][T22089] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 702.385717][T22089] RIP: 0033:0x459879 [ 702.389614][T22089] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 702.409212][T22089] RSP: 002b:00007fe89cd08c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 702.417625][T22089] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 702.425599][T22089] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 702.433566][T22089] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 702.441521][T22089] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd096d4 [ 702.449472][T22089] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 702.462915][T22089] memory: usage 307200kB, limit 307200kB, failcnt 5553 [ 702.475941][T22089] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 702.482952][T22089] Memory cgroup stats for /syz2: [ 702.483070][T22089] anon 303525888 [ 702.483070][T22089] file 28672 [ 702.483070][T22089] kernel_stack 983040 [ 702.483070][T22089] slab 5373952 [ 702.483070][T22089] sock 0 [ 702.483070][T22089] shmem 0 [ 702.483070][T22089] file_mapped 0 [ 702.483070][T22089] file_dirty 0 [ 702.483070][T22089] file_writeback 0 [ 702.483070][T22089] anon_thp 216006656 [ 702.483070][T22089] inactive_anon 243585024 [ 702.483070][T22089] active_anon 11911168 [ 702.483070][T22089] inactive_file 0 [ 702.483070][T22089] active_file 0 [ 702.483070][T22089] unevictable 47984640 [ 702.483070][T22089] slab_reclaimable 1216512 [ 702.483070][T22089] slab_unreclaimable 4157440 [ 702.483070][T22089] pgfault 771177 [ 702.483070][T22089] pgmajfault 0 [ 702.483070][T22089] workingset_refault 198 [ 702.483070][T22089] workingset_activate 66 [ 702.483070][T22089] workingset_nodereclaim 0 [ 702.483070][T22089] pgrefill 1400 [ 702.483070][T22089] pgscan 1627 [ 702.483070][T22089] pgsteal 198 [ 702.577062][T22089] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22066,uid=0 [ 702.592639][T22089] Memory cgroup out of memory: Killed process 22066 (syz-executor.2) total-vm:72832kB, anon-rss:18152kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 702.611676][ T1065] oom_reaper: reaped process 22066 (syz-executor.2), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 702.611958][T22106] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 702.635288][T22106] CPU: 1 PID: 22106 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 702.644390][T22106] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 702.654439][T22106] Call Trace: [ 702.657733][T22106] dump_stack+0x172/0x1f0 [ 702.662070][T22106] dump_header+0x177/0x1152 [ 702.666574][T22106] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 702.672378][T22106] ? ___ratelimit+0x2c8/0x595 [ 702.677053][T22106] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 702.682859][T22106] ? lockdep_hardirqs_on+0x418/0x5d0 [ 702.688140][T22106] ? trace_hardirqs_on+0x67/0x240 [ 702.693163][T22106] ? pagefault_out_of_memory+0x11c/0x11c [ 702.698804][T22106] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 702.704612][T22106] ? ___ratelimit+0x60/0x595 [ 702.709206][T22106] ? do_raw_spin_unlock+0x57/0x270 [ 702.714323][T22106] oom_kill_process.cold+0x10/0x15 [ 702.719437][T22106] out_of_memory+0x334/0x1340 [ 702.724118][T22106] ? lock_downgrade+0x920/0x920 [ 702.728978][T22106] ? oom_killer_disable+0x280/0x280 [ 702.734196][T22106] mem_cgroup_out_of_memory+0x1d8/0x240 [ 702.739741][T22106] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 702.745379][T22106] ? do_raw_spin_unlock+0x57/0x270 [ 702.750495][T22106] ? _raw_spin_unlock+0x2d/0x50 [ 702.755351][T22106] try_charge+0xf4b/0x1440 [ 702.759778][T22106] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 702.765311][T22106] ? find_held_lock+0x35/0x130 [ 702.770076][T22106] ? get_mem_cgroup_from_mm+0x139/0x320 [ 702.775622][T22106] ? lock_downgrade+0x920/0x920 [ 702.780467][T22106] ? percpu_ref_tryget_live+0x111/0x290 [ 702.786035][T22106] __memcg_kmem_charge_memcg+0x71/0xf0 [ 702.791499][T22106] ? memcg_kmem_put_cache+0x50/0x50 [ 702.796704][T22106] ? get_mem_cgroup_from_mm+0x156/0x320 [ 702.802257][T22106] __memcg_kmem_charge+0x13a/0x3a0 [ 702.807367][T22106] __alloc_pages_nodemask+0x4f7/0x900 [ 702.812769][T22106] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 702.818291][T22106] ? __alloc_pages_slowpath+0x2540/0x2540 [ 702.823989][T22106] ? percpu_ref_put_many+0xb6/0x190 [ 702.829173][T22106] ? lockdep_hardirqs_on+0x418/0x5d0 [ 702.834436][T22106] ? trace_hardirqs_on+0x67/0x240 [ 702.839455][T22106] copy_process+0x3f8/0x6830 [ 702.844027][T22106] ? __kasan_check_read+0x11/0x20 [ 702.849034][T22106] ? __lock_acquire+0x16f2/0x4a00 [ 702.854040][T22106] ? __cleanup_sighand+0x60/0x60 [ 702.858989][T22106] ? __might_fault+0x12b/0x1e0 [ 702.863730][T22106] ? __might_fault+0x12b/0x1e0 [ 702.868477][T22106] _do_fork+0x146/0xfa0 [ 702.872614][T22106] ? copy_init_mm+0x20/0x20 [ 702.877099][T22106] ? __kasan_check_read+0x11/0x20 [ 702.882358][T22106] ? _copy_to_user+0x118/0x160 [ 702.887104][T22106] __x64_sys_clone+0x1ab/0x270 [ 702.891844][T22106] ? __ia32_sys_vfork+0xd0/0xd0 [ 702.896677][T22106] ? do_syscall_64+0x26/0x760 [ 702.901334][T22106] ? lockdep_hardirqs_on+0x418/0x5d0 [ 702.906596][T22106] ? trace_hardirqs_on+0x67/0x240 [ 702.911600][T22106] do_syscall_64+0xfa/0x760 [ 702.916086][T22106] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 702.922018][T22106] RIP: 0033:0x459879 [ 702.925891][T22106] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 702.945795][T22106] RSP: 002b:00007fc0ba4e6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 702.954187][T22106] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 702.962136][T22106] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000000 [ 702.970094][T22106] RBP: 000000000075c070 R08: ffffffffffffffff R09: 0000000000000000 [ 702.978043][T22106] R10: 0000000020000240 R11: 0000000000000246 R12: 00007fc0ba4e76d4 [ 702.986005][T22106] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 00000000ffffffff [ 702.994255][T22106] memory: usage 307180kB, limit 307200kB, failcnt 4967 [ 703.001218][T22106] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 703.008116][T22106] Memory cgroup stats for /syz3: [ 703.008231][T22106] anon 302247936 [ 703.008231][T22106] file 0 [ 703.008231][T22106] kernel_stack 983040 [ 703.008231][T22106] slab 6516736 [ 703.008231][T22106] sock 0 [ 703.008231][T22106] shmem 0 [ 703.008231][T22106] file_mapped 0 [ 703.008231][T22106] file_dirty 0 [ 703.008231][T22106] file_writeback 0 [ 703.008231][T22106] anon_thp 209715200 [ 703.008231][T22106] inactive_anon 248823808 [ 703.008231][T22106] active_anon 18214912 [ 703.008231][T22106] inactive_file 0 [ 703.008231][T22106] active_file 0 [ 703.008231][T22106] unevictable 35401728 [ 703.008231][T22106] slab_reclaimable 1351680 [ 703.008231][T22106] slab_unreclaimable 5165056 [ 703.008231][T22106] pgfault 757812 [ 703.008231][T22106] pgmajfault 0 [ 703.008231][T22106] workingset_refault 99 [ 703.008231][T22106] workingset_activate 66 [ 703.008231][T22106] workingset_nodereclaim 0 [ 703.008231][T22106] pgrefill 628 [ 703.008231][T22106] pgscan 630 [ 703.008231][T22106] pgsteal 132 [ 703.101770][T22106] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22063,uid=0 [ 703.117394][T22106] Memory cgroup out of memory: Killed process 22063 (syz-executor.3) total-vm:72832kB, anon-rss:18224kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 703.135718][ T1065] oom_reaper: reaped process 22063 (syz-executor.3), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB 06:29:15 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xfa35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:15 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:29:15 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xf4, 0x0) 06:29:15 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x7ffffffff000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:15 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) r0 = syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x5, 0xa2002) ioctl$VIDIOC_G_MODULATOR(r0, 0xc0445636, &(0x7f0000000300)={0x7, "b25591439b415ef788c8ac28fc108cd4b4486c23a1af46a4b87d127a67138219", 0x1000, 0xb6, 0x7, 0x4b3418449fc903fc, 0x5}) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd11069d8943826e1f1212c68080d186ec1198bf2ae239d81fcd810890717c4d171360ad467d443a68038da6b31ec3fca6be8ec05cd91ddf4e618622d6502ae49181b7de52e8c014edc9f5737874ff21b22cb01c24bee"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:15 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) r2 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r2, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r3, &(0x7f00000002c0)={0x10000000}) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r4, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) r5 = openat$null(0xffffffffffffff9c, &(0x7f0000000100)='/dev/null\x00', 0x2000, 0x0) setsockopt$llc_int(r5, 0x10c, 0xdd37b790d53ad75b, &(0x7f0000000200)=0xc4, 0x4) 06:29:15 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x0) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 703.431444][T22114] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 703.461850][T22114] CPU: 1 PID: 22114 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 703.470984][T22114] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 703.481041][T22114] Call Trace: [ 703.484341][T22114] dump_stack+0x172/0x1f0 [ 703.488675][T22114] dump_header+0x177/0x1152 [ 703.493185][T22114] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 703.498991][T22114] ? ___ratelimit+0x2c8/0x595 [ 703.503678][T22114] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 703.509494][T22114] ? lockdep_hardirqs_on+0x418/0x5d0 [ 703.514792][T22114] ? trace_hardirqs_on+0x67/0x240 [ 703.519826][T22114] ? pagefault_out_of_memory+0x11c/0x11c [ 703.525466][T22114] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 06:29:15 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xfb35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:15 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(0x0) write(0xffffffffffffffff, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:29:15 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(0x0) write(0xffffffffffffffff, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 703.531275][T22114] ? ___ratelimit+0x60/0x595 [ 703.535865][T22114] ? do_raw_spin_unlock+0x57/0x270 [ 703.540979][T22114] oom_kill_process.cold+0x10/0x15 [ 703.546094][T22114] out_of_memory+0x334/0x1340 [ 703.550776][T22114] ? lock_downgrade+0x920/0x920 [ 703.555634][T22114] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 703.561446][T22114] ? oom_killer_disable+0x280/0x280 [ 703.566753][T22114] mem_cgroup_out_of_memory+0x1d8/0x240 [ 703.572304][T22114] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 703.577945][T22114] ? do_raw_spin_unlock+0x57/0x270 [ 703.583058][T22114] ? _raw_spin_unlock+0x2d/0x50 [ 703.587916][T22114] try_charge+0xf4b/0x1440 [ 703.592353][T22114] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 703.597904][T22114] ? percpu_ref_tryget_live+0x111/0x290 [ 703.603457][T22114] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 703.609703][T22114] ? __kasan_check_read+0x11/0x20 [ 703.614735][T22114] ? get_mem_cgroup_from_mm+0x156/0x320 [ 703.620289][T22114] mem_cgroup_try_charge+0x136/0x590 [ 703.625578][T22114] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 06:29:15 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(0x0) write(0xffffffffffffffff, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 703.631823][T22114] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 703.637477][T22114] __handle_mm_fault+0x1e34/0x3f20 [ 703.642604][T22114] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 703.648198][T22114] ? __kasan_check_read+0x11/0x20 [ 703.653237][T22114] handle_mm_fault+0x1b5/0x6c0 [ 703.658011][T22114] __get_user_pages+0x7d4/0x1b30 [ 703.662951][T22114] ? mark_held_locks+0xf0/0xf0 [ 703.667729][T22114] ? follow_page_mask+0x1cf0/0x1cf0 [ 703.672925][T22114] ? __mm_populate+0x270/0x380 06:29:15 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)) write(0xffffffffffffffff, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 703.677700][T22114] ? __kasan_check_write+0x14/0x20 [ 703.682819][T22114] ? down_read+0x109/0x430 [ 703.687235][T22114] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 703.693493][T22114] populate_vma_page_range+0x20d/0x2a0 [ 703.698963][T22114] __mm_populate+0x204/0x380 [ 703.703560][T22114] ? populate_vma_page_range+0x2a0/0x2a0 [ 703.709203][T22114] ? __kasan_check_write+0x14/0x20 [ 703.714311][T22114] ? up_write+0x155/0x490 [ 703.714326][T22114] ? ns_capable_common+0x93/0x100 [ 703.714348][T22114] __x64_sys_mlockall+0x473/0x520 [ 703.714368][T22114] do_syscall_64+0xfa/0x760 [ 703.728876][T22114] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 703.728889][T22114] RIP: 0033:0x459879 [ 703.728905][T22114] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 703.728913][T22114] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 703.728928][T22114] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 06:29:15 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)) write(0xffffffffffffffff, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 703.728936][T22114] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 703.728943][T22114] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 703.728952][T22114] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 703.728960][T22114] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 703.729732][T22114] memory: usage 307200kB, limit 307200kB, failcnt 5597 [ 703.785156][T22114] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 06:29:15 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)) write(0xffffffffffffffff, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 703.842397][T22114] Memory cgroup stats for /syz2: [ 703.842501][T22114] anon 303738880 [ 703.842501][T22114] file 28672 [ 703.842501][T22114] kernel_stack 917504 [ 703.842501][T22114] slab 5509120 [ 703.842501][T22114] sock 0 [ 703.842501][T22114] shmem 0 [ 703.842501][T22114] file_mapped 0 [ 703.842501][T22114] file_dirty 0 [ 703.842501][T22114] file_writeback 0 [ 703.842501][T22114] anon_thp 216006656 [ 703.842501][T22114] inactive_anon 252764160 [ 703.842501][T22114] active_anon 11919360 [ 703.842501][T22114] inactive_file 0 [ 703.842501][T22114] active_file 0 [ 703.842501][T22114] unevictable 39223296 [ 703.842501][T22114] slab_reclaimable 1216512 [ 703.842501][T22114] slab_unreclaimable 4292608 [ 703.842501][T22114] pgfault 773157 [ 703.842501][T22114] pgmajfault 0 [ 703.842501][T22114] workingset_refault 198 [ 703.842501][T22114] workingset_activate 66 [ 703.842501][T22114] workingset_nodereclaim 0 [ 703.842501][T22114] pgrefill 1433 [ 703.842501][T22114] pgscan 1627 [ 703.842501][T22114] pgsteal 198 [ 703.942424][T22114] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22090,uid=0 [ 703.960344][T22114] Memory cgroup out of memory: Killed process 22090 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 704.008463][T22111] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 704.032847][T22111] CPU: 0 PID: 22111 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 704.041977][T22111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 704.052025][T22111] Call Trace: [ 704.055317][T22111] dump_stack+0x172/0x1f0 [ 704.059652][T22111] dump_header+0x177/0x1152 [ 704.064154][T22111] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 704.069967][T22111] ? ___ratelimit+0x2c8/0x595 [ 704.074646][T22111] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 704.080454][T22111] ? lockdep_hardirqs_on+0x418/0x5d0 [ 704.087912][T22111] ? trace_hardirqs_on+0x67/0x240 [ 704.092937][T22111] ? pagefault_out_of_memory+0x11c/0x11c [ 704.098566][T22111] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 704.104368][T22111] ? ___ratelimit+0x60/0x595 [ 704.108950][T22111] ? do_raw_spin_unlock+0x57/0x270 [ 704.114071][T22111] oom_kill_process.cold+0x10/0x15 [ 704.119204][T22111] out_of_memory+0x334/0x1340 [ 704.123881][T22111] ? lock_downgrade+0x920/0x920 [ 704.128742][T22111] ? oom_killer_disable+0x280/0x280 [ 704.133953][T22111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 704.139501][T22111] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 704.145141][T22111] ? do_raw_spin_unlock+0x57/0x270 [ 704.150259][T22111] ? _raw_spin_unlock+0x2d/0x50 [ 704.155120][T22111] try_charge+0xf4b/0x1440 [ 704.159557][T22111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 704.165109][T22111] ? percpu_ref_tryget_live+0x111/0x290 [ 704.170669][T22111] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 704.176925][T22111] ? __kasan_check_read+0x11/0x20 [ 704.181965][T22111] ? get_mem_cgroup_from_mm+0x156/0x320 [ 704.187518][T22111] mem_cgroup_try_charge+0x136/0x590 [ 704.192810][T22111] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 704.199070][T22111] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 704.204707][T22111] __handle_mm_fault+0x1e34/0x3f20 [ 704.209824][T22111] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 704.215382][T22111] ? __kasan_check_read+0x11/0x20 [ 704.220414][T22111] handle_mm_fault+0x1b5/0x6c0 [ 704.225183][T22111] __get_user_pages+0x7d4/0x1b30 [ 704.230121][T22111] ? mark_held_locks+0xf0/0xf0 [ 704.234899][T22111] ? follow_page_mask+0x1cf0/0x1cf0 [ 704.240099][T22111] ? __mm_populate+0x270/0x380 [ 704.244870][T22111] ? __kasan_check_write+0x14/0x20 [ 704.249987][T22111] ? down_read+0x109/0x430 [ 704.254411][T22111] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 704.260658][T22111] populate_vma_page_range+0x20d/0x2a0 [ 704.266122][T22111] __mm_populate+0x204/0x380 [ 704.270832][T22111] ? populate_vma_page_range+0x2a0/0x2a0 [ 704.276472][T22111] ? __kasan_check_write+0x14/0x20 [ 704.281585][T22111] ? up_write+0x155/0x490 [ 704.285913][T22111] ? ns_capable_common+0x93/0x100 [ 704.290945][T22111] __x64_sys_mlockall+0x473/0x520 [ 704.295971][T22111] do_syscall_64+0xfa/0x760 [ 704.300482][T22111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 704.306370][T22111] RIP: 0033:0x459879 [ 704.310265][T22111] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 704.329866][T22111] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 704.338280][T22111] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 704.346246][T22111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 06:29:16 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xf5, 0x0) [ 704.354214][T22111] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 704.362179][T22111] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 704.370147][T22111] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 704.443112][T22111] memory: usage 307144kB, limit 307200kB, failcnt 1119 [ 704.450320][T22111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 704.457805][T22111] Memory cgroup stats for /syz1: [ 704.457933][T22111] anon 294436864 [ 704.457933][T22111] file 122880 [ 704.457933][T22111] kernel_stack 851968 [ 704.457933][T22111] slab 15196160 [ 704.457933][T22111] sock 0 [ 704.457933][T22111] shmem 61440 [ 704.457933][T22111] file_mapped 0 [ 704.457933][T22111] file_dirty 0 [ 704.457933][T22111] file_writeback 0 [ 704.457933][T22111] anon_thp 130023424 [ 704.457933][T22111] inactive_anon 259022848 [ 704.457933][T22111] active_anon 5492736 [ 704.457933][T22111] inactive_file 90112 [ 704.457933][T22111] active_file 135168 [ 704.457933][T22111] unevictable 29876224 [ 704.457933][T22111] slab_reclaimable 6758400 [ 704.457933][T22111] slab_unreclaimable 8437760 [ 704.457933][T22111] pgfault 169356 [ 704.457933][T22111] pgmajfault 0 [ 704.457933][T22111] workingset_refault 33 [ 704.457933][T22111] workingset_activate 0 [ 704.457933][T22111] workingset_nodereclaim 0 [ 704.457933][T22111] pgrefill 407 [ 704.457933][T22111] pgscan 4487 [ 704.457933][T22111] pgsteal 4133 [ 704.555871][T22111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22096,uid=0 [ 704.571477][T22111] Memory cgroup out of memory: Killed process 22096 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 704.597575][T22123] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 704.617323][T22123] CPU: 0 PID: 22123 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 704.619626][ T1065] oom_reaper: reaped process 22096 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 704.626433][T22123] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 704.626440][T22123] Call Trace: [ 704.626463][T22123] dump_stack+0x172/0x1f0 [ 704.626485][T22123] dump_header+0x177/0x1152 [ 704.626502][T22123] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 704.626521][T22123] ? ___ratelimit+0x2c8/0x595 [ 704.670062][T22123] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 704.675873][T22123] ? lockdep_hardirqs_on+0x418/0x5d0 [ 704.681159][T22123] ? trace_hardirqs_on+0x67/0x240 [ 704.686182][T22123] ? pagefault_out_of_memory+0x11c/0x11c [ 704.691827][T22123] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 704.697633][T22123] ? ___ratelimit+0x60/0x595 [ 704.702221][T22123] ? do_raw_spin_unlock+0x57/0x270 [ 704.707340][T22123] oom_kill_process.cold+0x10/0x15 [ 704.712455][T22123] out_of_memory+0x334/0x1340 [ 704.717138][T22123] ? lock_downgrade+0x920/0x920 [ 704.722039][T22123] ? oom_killer_disable+0x280/0x280 [ 704.727249][T22123] mem_cgroup_out_of_memory+0x1d8/0x240 [ 704.732796][T22123] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 704.738434][T22123] ? do_raw_spin_unlock+0x57/0x270 [ 704.743547][T22123] ? _raw_spin_unlock+0x2d/0x50 [ 704.748400][T22123] try_charge+0xf4b/0x1440 [ 704.752826][T22123] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 704.758374][T22123] ? percpu_ref_tryget_live+0x111/0x290 [ 704.763925][T22123] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 704.770169][T22123] ? __kasan_check_read+0x11/0x20 [ 704.775199][T22123] ? get_mem_cgroup_from_mm+0x156/0x320 [ 704.780759][T22123] mem_cgroup_try_charge+0x136/0x590 [ 704.786043][T22123] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 704.792284][T22123] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 704.798017][T22123] __handle_mm_fault+0x1e34/0x3f20 [ 704.803136][T22123] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 704.808696][T22123] ? __kasan_check_read+0x11/0x20 [ 704.813733][T22123] handle_mm_fault+0x1b5/0x6c0 [ 704.818509][T22123] __get_user_pages+0x7d4/0x1b30 [ 704.823446][T22123] ? mark_held_locks+0xf0/0xf0 [ 704.828224][T22123] ? follow_page_mask+0x1cf0/0x1cf0 [ 704.833417][T22123] ? __mm_populate+0x270/0x380 [ 704.838198][T22123] ? __kasan_check_write+0x14/0x20 [ 704.843312][T22123] ? down_read+0x109/0x430 [ 704.847733][T22123] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 704.854409][T22123] populate_vma_page_range+0x20d/0x2a0 [ 704.859872][T22123] __mm_populate+0x204/0x380 [ 704.864470][T22123] ? populate_vma_page_range+0x2a0/0x2a0 [ 704.870105][T22123] ? __kasan_check_write+0x14/0x20 [ 704.875221][T22123] ? up_write+0x155/0x490 [ 704.879554][T22123] ? ns_capable_common+0x93/0x100 [ 704.884591][T22123] __x64_sys_mlockall+0x473/0x520 [ 704.889623][T22123] do_syscall_64+0xfa/0x760 [ 704.894144][T22123] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 704.900037][T22123] RIP: 0033:0x459879 [ 704.903933][T22123] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 704.923542][T22123] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 704.931969][T22123] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 704.939944][T22123] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 704.947919][T22123] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 704.955891][T22123] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 704.963859][T22123] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 704.973118][T22123] memory: usage 307200kB, limit 307200kB, failcnt 5012 [ 704.980056][T22123] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 704.986892][T22123] Memory cgroup stats for /syz3: [ 704.987013][T22123] anon 302534656 [ 704.987013][T22123] file 0 [ 704.987013][T22123] kernel_stack 917504 [ 704.987013][T22123] slab 6516736 [ 704.987013][T22123] sock 0 [ 704.987013][T22123] shmem 0 [ 704.987013][T22123] file_mapped 0 [ 704.987013][T22123] file_dirty 0 [ 704.987013][T22123] file_writeback 0 [ 704.987013][T22123] anon_thp 209715200 [ 704.987013][T22123] inactive_anon 258961408 [ 704.987013][T22123] active_anon 18214912 [ 704.987013][T22123] inactive_file 0 [ 704.987013][T22123] active_file 0 [ 704.987013][T22123] unevictable 25534464 [ 704.987013][T22123] slab_reclaimable 1351680 [ 704.987013][T22123] slab_unreclaimable 5165056 [ 704.987013][T22123] pgfault 760056 [ 704.987013][T22123] pgmajfault 0 [ 704.987013][T22123] workingset_refault 99 [ 704.987013][T22123] workingset_activate 66 [ 704.987013][T22123] workingset_nodereclaim 0 [ 704.987013][T22123] pgrefill 628 [ 704.987013][T22123] pgscan 630 [ 704.987013][T22123] pgsteal 132 [ 705.080524][T22123] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=21586,uid=0 [ 705.096894][T22123] Memory cgroup out of memory: Killed process 21586 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 705.124713][ T1065] oom_reaper: reaped process 21586 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 705.136056][T22112] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 705.148431][T22112] CPU: 1 PID: 22112 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 705.157536][T22112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 705.167587][T22112] Call Trace: [ 705.170883][T22112] dump_stack+0x172/0x1f0 [ 705.175218][T22112] dump_header+0x177/0x1152 [ 705.179724][T22112] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 705.185538][T22112] ? ___ratelimit+0x2c8/0x595 [ 705.190219][T22112] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 705.196029][T22112] ? lockdep_hardirqs_on+0x418/0x5d0 [ 705.201311][T22112] ? trace_hardirqs_on+0x67/0x240 [ 705.206330][T22112] ? pagefault_out_of_memory+0x11c/0x11c [ 705.211965][T22112] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 705.217772][T22112] ? ___ratelimit+0x60/0x595 [ 705.222365][T22112] ? do_raw_spin_unlock+0x57/0x270 [ 705.227478][T22112] oom_kill_process.cold+0x10/0x15 [ 705.232593][T22112] out_of_memory+0x334/0x1340 [ 705.237271][T22112] ? lock_downgrade+0x920/0x920 [ 705.242133][T22112] ? oom_killer_disable+0x280/0x280 [ 705.247348][T22112] mem_cgroup_out_of_memory+0x1d8/0x240 [ 705.252898][T22112] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 705.258540][T22112] ? do_raw_spin_unlock+0x57/0x270 [ 705.263656][T22112] ? _raw_spin_unlock+0x2d/0x50 [ 705.268513][T22112] try_charge+0xf4b/0x1440 [ 705.272941][T22112] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 705.278495][T22112] ? find_held_lock+0x35/0x130 [ 705.283264][T22112] ? get_mem_cgroup_from_mm+0x139/0x320 [ 705.288828][T22112] ? lock_downgrade+0x920/0x920 [ 705.293698][T22112] ? percpu_ref_tryget_live+0x111/0x290 [ 705.299244][T22112] __memcg_kmem_charge_memcg+0x71/0xf0 [ 705.304704][T22112] ? memcg_kmem_put_cache+0x50/0x50 [ 705.309906][T22112] ? get_mem_cgroup_from_mm+0x156/0x320 [ 705.315454][T22112] __memcg_kmem_charge+0x13a/0x3a0 [ 705.320567][T22112] __alloc_pages_nodemask+0x4f7/0x900 [ 705.325938][T22112] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 705.331488][T22112] ? __alloc_pages_slowpath+0x2540/0x2540 [ 705.337199][T22112] ? percpu_ref_put_many+0xb6/0x190 [ 705.337220][T22112] ? lockdep_hardirqs_on+0x418/0x5d0 [ 705.347669][T22112] ? trace_hardirqs_on+0x67/0x240 [ 705.352689][T22112] ? __kasan_check_read+0x11/0x20 [ 705.357718][T22112] copy_process+0x3f8/0x6830 [ 705.362304][T22112] ? psi_memstall_leave+0x12e/0x180 [ 705.367516][T22112] ? __cleanup_sighand+0x60/0x60 [ 705.372461][T22112] ? __kasan_check_read+0x11/0x20 [ 705.377486][T22112] ? __lock_acquire+0x8a0/0x4a00 [ 705.382428][T22112] ? _raw_spin_unlock_irq+0x5e/0x90 [ 705.387634][T22112] _do_fork+0x146/0xfa0 [ 705.391796][T22112] ? copy_init_mm+0x20/0x20 [ 705.396309][T22112] ? lock_downgrade+0x920/0x920 [ 705.401162][T22112] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 705.407414][T22112] __x64_sys_clone+0x1ab/0x270 [ 705.412200][T22112] ? __ia32_sys_vfork+0xd0/0xd0 [ 705.417049][T22112] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 705.423301][T22112] ? do_syscall_64+0x26/0x760 [ 705.427989][T22112] ? lockdep_hardirqs_on+0x418/0x5d0 [ 705.433320][T22112] ? trace_hardirqs_on+0x67/0x240 [ 705.438349][T22112] do_syscall_64+0xfa/0x760 [ 705.442859][T22112] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 705.448744][T22112] RIP: 0033:0x45c249 [ 705.452641][T22112] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 705.474414][T22112] RSP: 002b:00007ffe05a5b988 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 705.482823][T22112] RAX: ffffffffffffffda RBX: 00007fe89cce8700 RCX: 000000000045c249 [ 705.490789][T22112] RDX: 00007fe89cce89d0 RSI: 00007fe89cce7db0 RDI: 00000000003d0f00 [ 705.498759][T22112] RBP: 00007ffe05a5bba0 R08: 00007fe89cce8700 R09: 00007fe89cce8700 [ 705.506733][T22112] R10: 00007fe89cce89d0 R11: 0000000000000202 R12: 0000000000000000 [ 705.514698][T22112] R13: 00007ffe05a5ba3f R14: 00007fe89cce89c0 R15: 000000000075c07c [ 705.525940][T22112] memory: usage 307180kB, limit 307200kB, failcnt 5625 [ 705.533049][T22112] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 705.540434][T22112] Memory cgroup stats for /syz2: [ 705.540550][T22112] anon 303607808 [ 705.540550][T22112] file 28672 [ 705.540550][T22112] kernel_stack 917504 [ 705.540550][T22112] slab 5509120 [ 705.540550][T22112] sock 0 [ 705.540550][T22112] shmem 0 [ 705.540550][T22112] file_mapped 0 [ 705.540550][T22112] file_dirty 0 [ 705.540550][T22112] file_writeback 0 [ 705.540550][T22112] anon_thp 216006656 [ 705.540550][T22112] inactive_anon 246751232 [ 705.540550][T22112] active_anon 11919360 [ 705.540550][T22112] inactive_file 0 [ 705.540550][T22112] active_file 0 [ 705.540550][T22112] unevictable 45133824 [ 705.540550][T22112] slab_reclaimable 1216512 [ 705.540550][T22112] slab_unreclaimable 4292608 [ 705.540550][T22112] pgfault 776127 [ 705.540550][T22112] pgmajfault 0 [ 705.540550][T22112] workingset_refault 198 [ 705.540550][T22112] workingset_activate 66 [ 705.540550][T22112] workingset_nodereclaim 0 [ 705.540550][T22112] pgrefill 1433 [ 705.540550][T22112] pgscan 1627 [ 705.540550][T22112] pgsteal 198 [ 705.635642][T22112] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22112,uid=0 [ 705.653944][T22112] Memory cgroup out of memory: Killed process 22112 (syz-executor.2) total-vm:72832kB, anon-rss:18220kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 705.673250][T22111] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 705.673656][ T1065] oom_reaper: reaped process 22112 (syz-executor.2), now anon-rss:18208kB, file-rss:54332kB, shmem-rss:0kB [ 705.683858][T22111] CPU: 1 PID: 22111 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 705.703970][T22111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 705.714019][T22111] Call Trace: [ 705.717314][T22111] dump_stack+0x172/0x1f0 [ 705.721644][T22111] dump_header+0x177/0x1152 [ 705.726143][T22111] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 705.731941][T22111] ? ___ratelimit+0x2c8/0x595 [ 705.736617][T22111] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 705.742419][T22111] ? lockdep_hardirqs_on+0x418/0x5d0 [ 705.747700][T22111] ? trace_hardirqs_on+0x67/0x240 [ 705.752719][T22111] ? pagefault_out_of_memory+0x11c/0x11c [ 705.758346][T22111] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 705.764142][T22111] ? ___ratelimit+0x60/0x595 [ 705.768727][T22111] ? do_raw_spin_unlock+0x57/0x270 [ 705.773836][T22111] oom_kill_process.cold+0x10/0x15 [ 705.778949][T22111] out_of_memory+0x334/0x1340 [ 705.783624][T22111] ? lock_downgrade+0x920/0x920 [ 705.788475][T22111] ? oom_killer_disable+0x280/0x280 [ 705.793681][T22111] mem_cgroup_out_of_memory+0x1d8/0x240 [ 705.799224][T22111] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 705.805030][T22111] ? do_raw_spin_unlock+0x57/0x270 [ 705.810152][T22111] ? _raw_spin_unlock+0x2d/0x50 [ 705.815006][T22111] try_charge+0xf4b/0x1440 [ 705.819441][T22111] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 705.824980][T22111] ? percpu_ref_tryget_live+0x111/0x290 [ 705.830539][T22111] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 705.836779][T22111] ? __kasan_check_read+0x11/0x20 [ 705.841808][T22111] ? get_mem_cgroup_from_mm+0x156/0x320 [ 705.847350][T22111] mem_cgroup_try_charge+0x136/0x590 [ 705.852635][T22111] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 705.858883][T22111] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 705.864516][T22111] wp_page_copy+0x41e/0x1590 [ 705.869101][T22111] ? find_held_lock+0x35/0x130 [ 705.873863][T22111] ? pmd_pfn+0x1d0/0x1d0 [ 705.878101][T22111] ? lock_downgrade+0x920/0x920 [ 705.882963][T22111] ? swp_swapcount+0x540/0x540 [ 705.887729][T22111] ? __kasan_check_read+0x11/0x20 [ 705.892747][T22111] ? do_raw_spin_unlock+0x57/0x270 [ 705.897861][T22111] do_wp_page+0x499/0x14d0 [ 705.902274][T22111] ? finish_mkwrite_fault+0x570/0x570 [ 705.907628][T22111] __handle_mm_fault+0x22f1/0x3f20 [ 705.912720][T22111] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 705.918370][T22111] ? __kasan_check_read+0x11/0x20 [ 705.923376][T22111] handle_mm_fault+0x1b5/0x6c0 [ 705.928120][T22111] __get_user_pages+0x7d4/0x1b30 [ 705.933035][T22111] ? mark_held_locks+0xf0/0xf0 [ 705.937778][T22111] ? follow_page_mask+0x1cf0/0x1cf0 [ 705.942960][T22111] ? __mm_populate+0x270/0x380 [ 705.947700][T22111] ? __kasan_check_write+0x14/0x20 [ 705.952818][T22111] ? down_read+0x109/0x430 [ 705.957209][T22111] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 705.963423][T22111] populate_vma_page_range+0x20d/0x2a0 [ 705.968904][T22111] __mm_populate+0x204/0x380 [ 705.973471][T22111] ? populate_vma_page_range+0x2a0/0x2a0 [ 705.979080][T22111] ? __kasan_check_write+0x14/0x20 [ 705.984170][T22111] ? up_write+0x155/0x490 [ 705.988474][T22111] ? ns_capable_common+0x93/0x100 [ 705.993510][T22111] __x64_sys_mlockall+0x473/0x520 [ 705.998513][T22111] do_syscall_64+0xfa/0x760 [ 706.003006][T22111] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 706.008871][T22111] RIP: 0033:0x459879 [ 706.012747][T22111] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 706.032327][T22111] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 706.040715][T22111] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 706.048666][T22111] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 706.056612][T22111] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 706.064561][T22111] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 706.072520][T22111] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 706.090256][T22111] memory: usage 307120kB, limit 307200kB, failcnt 1139 [ 706.100689][T22111] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 706.107770][T22111] Memory cgroup stats for /syz1: [ 706.107898][T22111] anon 294289408 [ 706.107898][T22111] file 122880 [ 706.107898][T22111] kernel_stack 917504 [ 706.107898][T22111] slab 15196160 [ 706.107898][T22111] sock 0 [ 706.107898][T22111] shmem 61440 [ 706.107898][T22111] file_mapped 0 [ 706.107898][T22111] file_dirty 0 [ 706.107898][T22111] file_writeback 0 [ 706.107898][T22111] anon_thp 127926272 [ 706.107898][T22111] inactive_anon 249155584 [ 706.107898][T22111] active_anon 5492736 [ 706.107898][T22111] inactive_file 90112 [ 706.107898][T22111] active_file 135168 [ 706.107898][T22111] unevictable 39518208 [ 706.107898][T22111] slab_reclaimable 6758400 [ 706.107898][T22111] slab_unreclaimable 8437760 [ 706.107898][T22111] pgfault 173118 [ 706.107898][T22111] pgmajfault 0 [ 706.107898][T22111] workingset_refault 33 [ 706.107898][T22111] workingset_activate 0 [ 706.107898][T22111] workingset_nodereclaim 0 [ 706.107898][T22111] pgrefill 407 [ 706.107898][T22111] pgscan 4487 [ 706.107898][T22111] pgsteal 4133 [ 706.203001][T22111] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22110,uid=0 [ 706.227608][T22111] Memory cgroup out of memory: Killed process 22110 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 706.269055][ T1065] oom_reaper: reaped process 22110 (syz-executor.1), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB 06:29:18 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x2, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:18 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:29:18 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xfc35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:18 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xf6, 0x0) 06:29:18 executing program 2: mkdir(&(0x7f0000000140)='./file0\x00', 0x91) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:18 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000100)='/proc/self/attr/current\x00', 0x2, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:29:18 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) 06:29:18 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xfd35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:18 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, 0x0, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 706.656887][T22261] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 706.678200][T22261] CPU: 0 PID: 22261 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 706.687333][T22261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 706.697390][T22261] Call Trace: [ 706.700691][T22261] dump_stack+0x172/0x1f0 [ 706.705032][T22261] dump_header+0x177/0x1152 [ 706.709547][T22261] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 706.715356][T22261] ? ___ratelimit+0x2c8/0x595 [ 706.720038][T22261] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 706.725847][T22261] ? lockdep_hardirqs_on+0x418/0x5d0 [ 706.731134][T22261] ? trace_hardirqs_on+0x67/0x240 [ 706.736164][T22261] ? pagefault_out_of_memory+0x11c/0x11c [ 706.741803][T22261] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 706.747611][T22261] ? ___ratelimit+0x60/0x595 [ 706.752200][T22261] ? do_raw_spin_unlock+0x57/0x270 [ 706.757318][T22261] oom_kill_process.cold+0x10/0x15 [ 706.762438][T22261] out_of_memory+0x334/0x1340 [ 706.767118][T22261] ? lock_downgrade+0x920/0x920 [ 706.771977][T22261] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 706.777787][T22261] ? oom_killer_disable+0x280/0x280 [ 706.782998][T22261] mem_cgroup_out_of_memory+0x1d8/0x240 [ 706.788549][T22261] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 706.794187][T22261] ? do_raw_spin_unlock+0x57/0x270 [ 706.799304][T22261] ? _raw_spin_unlock+0x2d/0x50 [ 706.804163][T22261] try_charge+0xf4b/0x1440 [ 706.808590][T22261] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 706.814131][T22261] ? percpu_ref_tryget_live+0x111/0x290 [ 706.819681][T22261] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 706.825926][T22261] ? __kasan_check_read+0x11/0x20 [ 706.830962][T22261] ? get_mem_cgroup_from_mm+0x156/0x320 [ 706.836508][T22261] mem_cgroup_try_charge+0x136/0x590 [ 706.841793][T22261] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 706.848042][T22261] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 706.853684][T22261] __handle_mm_fault+0x1e34/0x3f20 [ 706.858802][T22261] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 706.864359][T22261] ? __kasan_check_read+0x11/0x20 [ 706.869395][T22261] handle_mm_fault+0x1b5/0x6c0 [ 706.874164][T22261] __get_user_pages+0x7d4/0x1b30 [ 706.874179][T22261] ? mark_held_locks+0xf0/0xf0 [ 706.874201][T22261] ? follow_page_mask+0x1cf0/0x1cf0 [ 706.889038][T22261] ? __mm_populate+0x270/0x380 [ 706.889062][T22261] ? __kasan_check_write+0x14/0x20 [ 706.889079][T22261] ? down_read+0x109/0x430 06:29:19 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 706.889096][T22261] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 706.889114][T22261] populate_vma_page_range+0x20d/0x2a0 [ 706.889134][T22261] __mm_populate+0x204/0x380 [ 706.889153][T22261] ? populate_vma_page_range+0x2a0/0x2a0 [ 706.889168][T22261] ? __kasan_check_write+0x14/0x20 [ 706.889182][T22261] ? up_write+0x155/0x490 [ 706.889193][T22261] ? ns_capable_common+0x93/0x100 [ 706.889212][T22261] __x64_sys_mlockall+0x473/0x520 [ 706.909773][T22261] do_syscall_64+0xfa/0x760 [ 706.909796][T22261] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 706.909808][T22261] RIP: 0033:0x459879 [ 706.909823][T22261] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 706.909830][T22261] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 706.909844][T22261] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 706.909852][T22261] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 706.909859][T22261] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 706.909868][T22261] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 706.909877][T22261] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 707.030483][T22261] memory: usage 307200kB, limit 307200kB, failcnt 5673 [ 707.045940][T22261] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 707.057041][T22261] Memory cgroup stats for /syz2: [ 707.057160][T22261] anon 303538176 [ 707.057160][T22261] file 28672 [ 707.057160][T22261] kernel_stack 917504 [ 707.057160][T22261] slab 5509120 [ 707.057160][T22261] sock 0 [ 707.057160][T22261] shmem 0 [ 707.057160][T22261] file_mapped 0 [ 707.057160][T22261] file_dirty 0 [ 707.057160][T22261] file_writeback 0 [ 707.057160][T22261] anon_thp 218103808 [ 707.057160][T22261] inactive_anon 252669952 [ 707.057160][T22261] active_anon 11894784 [ 707.057160][T22261] inactive_file 0 06:29:19 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) [ 707.057160][T22261] active_file 0 [ 707.057160][T22261] unevictable 39018496 [ 707.057160][T22261] slab_reclaimable 1216512 [ 707.057160][T22261] slab_unreclaimable 4292608 [ 707.057160][T22261] pgfault 778074 [ 707.057160][T22261] pgmajfault 0 [ 707.057160][T22261] workingset_refault 198 [ 707.057160][T22261] workingset_activate 66 [ 707.057160][T22261] workingset_nodereclaim 0 [ 707.057160][T22261] pgrefill 1433 [ 707.057160][T22261] pgscan 1660 [ 707.057160][T22261] pgsteal 198 [ 707.166570][T22261] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22143,uid=0 [ 707.190172][T22261] Memory cgroup out of memory: Killed process 22143 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 06:29:19 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xf7, 0x0) [ 707.233683][T22265] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 707.242957][ T1065] oom_reaper: reaped process 22143 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 707.254358][T22265] CPU: 1 PID: 22265 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 707.264094][T22265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 707.274144][T22265] Call Trace: [ 707.277440][T22265] dump_stack+0x172/0x1f0 [ 707.281776][T22265] dump_header+0x177/0x1152 [ 707.286279][T22265] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 707.292081][T22265] ? ___ratelimit+0x2c8/0x595 [ 707.296771][T22265] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 707.302581][T22265] ? lockdep_hardirqs_on+0x418/0x5d0 [ 707.307871][T22265] ? trace_hardirqs_on+0x67/0x240 [ 707.312901][T22265] ? pagefault_out_of_memory+0x11c/0x11c [ 707.318535][T22265] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 707.324341][T22265] ? ___ratelimit+0x60/0x595 [ 707.328932][T22265] ? do_raw_spin_unlock+0x57/0x270 [ 707.334053][T22265] oom_kill_process.cold+0x10/0x15 [ 707.339178][T22265] out_of_memory+0x334/0x1340 [ 707.343862][T22265] ? lock_downgrade+0x920/0x920 [ 707.348726][T22265] ? oom_killer_disable+0x280/0x280 [ 707.353943][T22265] mem_cgroup_out_of_memory+0x1d8/0x240 [ 707.359497][T22265] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 707.365135][T22265] ? do_raw_spin_unlock+0x57/0x270 [ 707.370255][T22265] ? _raw_spin_unlock+0x2d/0x50 [ 707.375110][T22265] try_charge+0xf4b/0x1440 [ 707.379537][T22265] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 707.385078][T22265] ? percpu_ref_tryget_live+0x111/0x290 [ 707.390627][T22265] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 707.396865][T22265] ? __kasan_check_read+0x11/0x20 [ 707.401895][T22265] ? get_mem_cgroup_from_mm+0x156/0x320 [ 707.407441][T22265] mem_cgroup_try_charge+0x136/0x590 [ 707.412741][T22265] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 707.418988][T22265] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 707.424628][T22265] __handle_mm_fault+0x1e34/0x3f20 [ 707.429751][T22265] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 707.435312][T22265] ? __kasan_check_read+0x11/0x20 [ 707.440357][T22265] handle_mm_fault+0x1b5/0x6c0 [ 707.445132][T22265] __get_user_pages+0x7d4/0x1b30 [ 707.450077][T22265] ? mark_held_locks+0xf0/0xf0 [ 707.454859][T22265] ? follow_page_mask+0x1cf0/0x1cf0 [ 707.460059][T22265] ? __mm_populate+0x270/0x380 [ 707.464825][T22265] ? __kasan_check_write+0x14/0x20 [ 707.469932][T22265] ? down_read+0x109/0x430 [ 707.474349][T22265] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 707.480596][T22265] populate_vma_page_range+0x20d/0x2a0 [ 707.486065][T22265] __mm_populate+0x204/0x380 [ 707.490664][T22265] ? populate_vma_page_range+0x2a0/0x2a0 [ 707.496298][T22265] ? __kasan_check_write+0x14/0x20 [ 707.501422][T22265] ? up_write+0x155/0x490 [ 707.505752][T22265] ? ns_capable_common+0x93/0x100 [ 707.510779][T22265] __x64_sys_mlockall+0x473/0x520 [ 707.515805][T22265] do_syscall_64+0xfa/0x760 [ 707.520316][T22265] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 707.526206][T22265] RIP: 0033:0x459879 [ 707.530103][T22265] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 707.549709][T22265] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 707.558209][T22265] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 707.566184][T22265] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 707.574153][T22265] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 707.574163][T22265] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 707.574171][T22265] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 707.596472][T22265] memory: usage 307200kB, limit 307200kB, failcnt 5030 [ 707.605926][T22265] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 707.620018][T22265] Memory cgroup stats for /syz3: [ 707.620238][T22265] anon 301555712 [ 707.620238][T22265] file 0 [ 707.620238][T22265] kernel_stack 917504 [ 707.620238][T22265] slab 7335936 [ 707.620238][T22265] sock 0 [ 707.620238][T22265] shmem 0 [ 707.620238][T22265] file_mapped 0 [ 707.620238][T22265] file_dirty 0 [ 707.620238][T22265] file_writeback 0 [ 707.620238][T22265] anon_thp 209715200 [ 707.620238][T22265] inactive_anon 261120000 [ 707.620238][T22265] active_anon 18079744 [ 707.620238][T22265] inactive_file 0 [ 707.620238][T22265] active_file 0 [ 707.620238][T22265] unevictable 22507520 [ 707.620238][T22265] slab_reclaimable 1351680 [ 707.620238][T22265] slab_unreclaimable 5984256 [ 707.620238][T22265] pgfault 763059 [ 707.620238][T22265] pgmajfault 0 [ 707.620238][T22265] workingset_refault 99 [ 707.620238][T22265] workingset_activate 66 [ 707.620238][T22265] workingset_nodereclaim 0 [ 707.620238][T22265] pgrefill 628 [ 707.620238][T22265] pgscan 630 [ 707.620238][T22265] pgsteal 132 [ 707.715499][T22265] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22151,uid=0 [ 707.731671][T22265] Memory cgroup out of memory: Killed process 22151 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 707.750457][T22270] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 707.771979][T22270] CPU: 1 PID: 22270 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 707.781106][T22270] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 707.787601][ T1065] oom_reaper: reaped process 22151 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 707.791243][T22270] Call Trace: [ 707.791268][T22270] dump_stack+0x172/0x1f0 [ 707.791293][T22270] dump_header+0x177/0x1152 [ 707.791313][T22270] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 707.805592][T22270] ? ___ratelimit+0x2c8/0x595 [ 707.805608][T22270] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 707.805625][T22270] ? lockdep_hardirqs_on+0x418/0x5d0 [ 707.805647][T22270] ? trace_hardirqs_on+0x67/0x240 [ 707.814436][T22270] ? pagefault_out_of_memory+0x11c/0x11c [ 707.814453][T22270] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 707.814467][T22270] ? ___ratelimit+0x60/0x595 [ 707.814483][T22270] ? do_raw_spin_unlock+0x57/0x270 [ 707.831181][T22270] oom_kill_process.cold+0x10/0x15 [ 707.831201][T22270] out_of_memory+0x334/0x1340 [ 707.831216][T22270] ? lock_downgrade+0x920/0x920 [ 707.831241][T22270] ? oom_killer_disable+0x280/0x280 [ 707.841605][T22270] mem_cgroup_out_of_memory+0x1d8/0x240 [ 707.857571][T22270] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 707.857593][T22270] ? do_raw_spin_unlock+0x57/0x270 [ 707.857611][T22270] ? _raw_spin_unlock+0x2d/0x50 [ 707.857633][T22270] try_charge+0xf4b/0x1440 [ 707.907979][T22270] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 707.913525][T22270] ? percpu_ref_tryget_live+0x111/0x290 [ 707.919078][T22270] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 707.925319][T22270] ? __kasan_check_read+0x11/0x20 [ 707.930349][T22270] ? get_mem_cgroup_from_mm+0x156/0x320 [ 707.935905][T22270] mem_cgroup_try_charge+0x136/0x590 [ 707.941195][T22270] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 707.947439][T22270] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 707.953078][T22270] wp_page_copy+0x41e/0x1590 [ 707.957671][T22270] ? find_held_lock+0x35/0x130 [ 707.962440][T22270] ? pmd_pfn+0x1d0/0x1d0 [ 707.966684][T22270] ? lock_downgrade+0x920/0x920 [ 707.971552][T22270] ? swp_swapcount+0x540/0x540 [ 707.976326][T22270] ? __kasan_check_read+0x11/0x20 [ 707.981363][T22270] ? do_raw_spin_unlock+0x57/0x270 [ 707.986486][T22270] do_wp_page+0x499/0x14d0 [ 707.990914][T22270] ? finish_mkwrite_fault+0x570/0x570 [ 707.996307][T22270] __handle_mm_fault+0x22f1/0x3f20 [ 708.001432][T22270] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 708.006993][T22270] ? __kasan_check_read+0x11/0x20 [ 708.012040][T22270] handle_mm_fault+0x1b5/0x6c0 [ 708.016820][T22270] __get_user_pages+0x7d4/0x1b30 [ 708.021762][T22270] ? mark_held_locks+0xf0/0xf0 [ 708.026540][T22270] ? follow_page_mask+0x1cf0/0x1cf0 [ 708.031735][T22270] ? __mm_populate+0x270/0x380 [ 708.036512][T22270] ? __kasan_check_write+0x14/0x20 [ 708.041629][T22270] ? down_read+0x109/0x430 [ 708.046118][T22270] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 708.052362][T22270] populate_vma_page_range+0x20d/0x2a0 [ 708.057827][T22270] __mm_populate+0x204/0x380 [ 708.062421][T22270] ? populate_vma_page_range+0x2a0/0x2a0 [ 708.068054][T22270] ? __kasan_check_write+0x14/0x20 [ 708.073167][T22270] ? up_write+0x155/0x490 [ 708.077492][T22270] ? ns_capable_common+0x93/0x100 [ 708.082524][T22270] __x64_sys_mlockall+0x473/0x520 [ 708.087551][T22270] do_syscall_64+0xfa/0x760 [ 708.092063][T22270] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 708.097961][T22270] RIP: 0033:0x459879 [ 708.101854][T22270] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 708.121470][T22270] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 708.129892][T22270] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 708.137868][T22270] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 708.145931][T22270] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 708.153909][T22270] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 708.161883][T22270] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 708.180548][T22270] memory: usage 307200kB, limit 307200kB, failcnt 1156 [ 708.187638][T22270] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 708.194733][T22270] Memory cgroup stats for /syz1: [ 708.194848][T22270] anon 294330368 [ 708.194848][T22270] file 122880 [ 708.194848][T22270] kernel_stack 917504 [ 708.194848][T22270] slab 15196160 [ 708.194848][T22270] sock 0 [ 708.194848][T22270] shmem 61440 [ 708.194848][T22270] file_mapped 0 [ 708.194848][T22270] file_dirty 0 [ 708.194848][T22270] file_writeback 0 [ 708.194848][T22270] anon_thp 123731968 [ 708.194848][T22270] inactive_anon 251363328 [ 708.194848][T22270] active_anon 5492736 [ 708.194848][T22270] inactive_file 90112 [ 708.194848][T22270] active_file 135168 [ 708.194848][T22270] unevictable 37335040 [ 708.194848][T22270] slab_reclaimable 6758400 [ 708.194848][T22270] slab_unreclaimable 8437760 [ 708.194848][T22270] pgfault 180246 [ 708.194848][T22270] pgmajfault 0 [ 708.194848][T22270] workingset_refault 33 [ 708.194848][T22270] workingset_activate 0 [ 708.194848][T22270] workingset_nodereclaim 0 [ 708.194848][T22270] pgrefill 407 [ 708.194848][T22270] pgscan 4487 [ 708.194848][T22270] pgsteal 4133 [ 708.289866][T22270] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22267,uid=0 [ 708.305555][T22270] Memory cgroup out of memory: Killed process 22267 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 708.323994][ T1065] oom_reaper: reaped process 22267 (syz-executor.1), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 708.324537][T22261] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 708.358647][T22261] CPU: 0 PID: 22261 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 708.367811][T22261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 708.377863][T22261] Call Trace: [ 708.381156][T22261] dump_stack+0x172/0x1f0 [ 708.385491][T22261] dump_header+0x177/0x1152 [ 708.389993][T22261] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 708.395801][T22261] ? ___ratelimit+0x2c8/0x595 [ 708.400489][T22261] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 708.406294][T22261] ? lockdep_hardirqs_on+0x418/0x5d0 [ 708.411582][T22261] ? trace_hardirqs_on+0x67/0x240 [ 708.416608][T22261] ? pagefault_out_of_memory+0x11c/0x11c [ 708.422244][T22261] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 708.428046][T22261] ? ___ratelimit+0x60/0x595 [ 708.432634][T22261] ? do_raw_spin_unlock+0x57/0x270 [ 708.437748][T22261] oom_kill_process.cold+0x10/0x15 [ 708.442868][T22261] out_of_memory+0x334/0x1340 [ 708.447559][T22261] ? lock_downgrade+0x920/0x920 [ 708.452522][T22261] ? oom_killer_disable+0x280/0x280 [ 708.457740][T22261] mem_cgroup_out_of_memory+0x1d8/0x240 [ 708.463295][T22261] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 708.468947][T22261] ? do_raw_spin_unlock+0x57/0x270 [ 708.474072][T22261] ? _raw_spin_unlock+0x2d/0x50 [ 708.478936][T22261] try_charge+0xf4b/0x1440 [ 708.483372][T22261] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 06:29:20 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x4, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:20 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0) 06:29:20 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xfe35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 708.488950][T22261] ? percpu_ref_tryget_live+0x111/0x290 [ 708.494516][T22261] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 708.500763][T22261] ? __kasan_check_read+0x11/0x20 [ 708.505798][T22261] ? get_mem_cgroup_from_mm+0x156/0x320 [ 708.511474][T22261] mem_cgroup_try_charge+0x136/0x590 [ 708.516764][T22261] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 708.523023][T22261] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 708.528671][T22261] __handle_mm_fault+0x1e34/0x3f20 [ 708.533882][T22261] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 708.539447][T22261] ? __kasan_check_read+0x11/0x20 [ 708.544485][T22261] handle_mm_fault+0x1b5/0x6c0 [ 708.549258][T22261] __get_user_pages+0x7d4/0x1b30 [ 708.554200][T22261] ? mark_held_locks+0xf0/0xf0 [ 708.558978][T22261] ? follow_page_mask+0x1cf0/0x1cf0 [ 708.564175][T22261] ? __mm_populate+0x270/0x380 [ 708.568954][T22261] ? memset+0x32/0x40 [ 708.572948][T22261] populate_vma_page_range+0x20d/0x2a0 [ 708.578418][T22261] __mm_populate+0x204/0x380 [ 708.583013][T22261] ? populate_vma_page_range+0x2a0/0x2a0 [ 708.588757][T22261] ? up_write+0x1c8/0x490 [ 708.593095][T22261] __x64_sys_mremap+0x7dc/0xb80 [ 708.597940][T22261] ? mremap_to+0x750/0x750 [ 708.602348][T22261] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 708.607794][T22261] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 708.613237][T22261] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 708.619283][T22261] ? do_syscall_64+0x26/0x760 [ 708.623951][T22261] ? lockdep_hardirqs_on+0x418/0x5d0 [ 708.629220][T22261] ? trace_hardirqs_on+0x67/0x240 [ 708.634229][T22261] do_syscall_64+0xfa/0x760 [ 708.638720][T22261] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 708.644592][T22261] RIP: 0033:0x459879 [ 708.648471][T22261] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 708.668065][T22261] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 708.676466][T22261] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 06:29:20 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xf8, 0x0) [ 708.684423][T22261] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 708.692377][T22261] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 708.700331][T22261] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 708.708284][T22261] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 708.800582][T22261] memory: usage 307024kB, limit 307200kB, failcnt 5693 [ 708.818431][T22261] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 708.830274][T22261] Memory cgroup stats for /syz2: [ 708.830389][T22261] anon 303190016 [ 708.830389][T22261] file 28672 [ 708.830389][T22261] kernel_stack 983040 [ 708.830389][T22261] slab 5509120 [ 708.830389][T22261] sock 0 [ 708.830389][T22261] shmem 0 [ 708.830389][T22261] file_mapped 0 [ 708.830389][T22261] file_dirty 0 [ 708.830389][T22261] file_writeback 0 [ 708.830389][T22261] anon_thp 218103808 [ 708.830389][T22261] inactive_anon 246616064 [ 708.830389][T22261] active_anon 11894784 [ 708.830389][T22261] inactive_file 0 [ 708.830389][T22261] active_file 0 [ 708.830389][T22261] unevictable 44711936 [ 708.830389][T22261] slab_reclaimable 1216512 [ 708.830389][T22261] slab_unreclaimable 4292608 [ 708.830389][T22261] pgfault 780483 [ 708.830389][T22261] pgmajfault 0 [ 708.830389][T22261] workingset_refault 198 [ 708.830389][T22261] workingset_activate 66 [ 708.830389][T22261] workingset_nodereclaim 0 [ 708.830389][T22261] pgrefill 1466 [ 708.830389][T22261] pgscan 1660 [ 708.830389][T22261] pgsteal 198 [ 708.928554][T22261] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22259,uid=0 [ 708.944485][T22261] Memory cgroup out of memory: Killed process 22259 (syz-executor.2) total-vm:72700kB, anon-rss:17956kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 708.963672][ T1065] oom_reaper: reaped process 22259 (syz-executor.2), now anon-rss:17948kB, file-rss:54332kB, shmem-rss:0kB [ 708.975363][T22265] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 708.992189][T22265] CPU: 1 PID: 22265 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 709.001433][T22265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 709.011488][T22265] Call Trace: [ 709.014783][T22265] dump_stack+0x172/0x1f0 [ 709.019120][T22265] dump_header+0x177/0x1152 [ 709.023625][T22265] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 709.029528][T22265] ? ___ratelimit+0x2c8/0x595 [ 709.034200][T22265] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 709.040007][T22265] ? lockdep_hardirqs_on+0x418/0x5d0 [ 709.045305][T22265] ? trace_hardirqs_on+0x67/0x240 [ 709.050338][T22265] ? pagefault_out_of_memory+0x11c/0x11c [ 709.055978][T22265] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 709.061779][T22265] ? ___ratelimit+0x60/0x595 [ 709.066375][T22265] ? do_raw_spin_unlock+0x57/0x270 [ 709.071480][T22265] oom_kill_process.cold+0x10/0x15 [ 709.076579][T22265] out_of_memory+0x334/0x1340 [ 709.081259][T22265] ? lock_downgrade+0x920/0x920 [ 709.086108][T22265] ? oom_killer_disable+0x280/0x280 [ 709.091302][T22265] mem_cgroup_out_of_memory+0x1d8/0x240 [ 709.096835][T22265] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 709.102447][T22265] ? do_raw_spin_unlock+0x57/0x270 [ 709.107538][T22265] ? _raw_spin_unlock+0x2d/0x50 [ 709.112367][T22265] try_charge+0xf4b/0x1440 [ 709.116767][T22265] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 709.122286][T22265] ? percpu_ref_tryget_live+0x111/0x290 [ 709.127824][T22265] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 709.134050][T22265] ? __kasan_check_read+0x11/0x20 [ 709.139051][T22265] ? get_mem_cgroup_from_mm+0x156/0x320 [ 709.144572][T22265] mem_cgroup_try_charge+0x136/0x590 [ 709.149833][T22265] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 709.156062][T22265] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 709.161674][T22265] __handle_mm_fault+0x1e34/0x3f20 [ 709.166774][T22265] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 709.172334][T22265] ? __kasan_check_read+0x11/0x20 [ 709.177353][T22265] handle_mm_fault+0x1b5/0x6c0 [ 709.182141][T22265] __get_user_pages+0x7d4/0x1b30 [ 709.187068][T22265] ? follow_page_mask+0x1cf0/0x1cf0 [ 709.192255][T22265] ? memset+0x32/0x40 [ 709.196262][T22265] populate_vma_page_range+0x20d/0x2a0 [ 709.201736][T22265] __mm_populate+0x204/0x380 [ 709.206306][T22265] ? populate_vma_page_range+0x2a0/0x2a0 [ 709.211918][T22265] ? up_write+0x1c8/0x490 [ 709.216227][T22265] __x64_sys_mremap+0x7dc/0xb80 [ 709.221056][T22265] ? mremap_to+0x750/0x750 [ 709.225453][T22265] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 709.230886][T22265] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 709.236321][T22265] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 709.242364][T22265] ? do_syscall_64+0x26/0x760 [ 709.247016][T22265] ? lockdep_hardirqs_on+0x418/0x5d0 [ 709.252290][T22265] ? trace_hardirqs_on+0x67/0x240 [ 709.257307][T22265] do_syscall_64+0xfa/0x760 [ 709.261789][T22265] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 709.267659][T22265] RIP: 0033:0x459879 [ 709.271533][T22265] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 709.291144][T22265] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 06:29:21 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="090000006f020000004583c59b2b1cd1ffe6aa212244fae08a1dd97ba8276dd1212c68080dc56e010400000000e2000000a68030daad31a870f31e5ed06b310000ca6b"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0xffffffffffffffe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 709.299531][T22265] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 709.307483][T22265] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 709.315429][T22265] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 709.323390][T22265] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 709.331338][T22265] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 709.344752][T22265] memory: usage 307200kB, limit 307200kB, failcnt 5067 [ 709.353118][T22265] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 709.360640][T22265] Memory cgroup stats for /syz3: [ 709.360755][T22265] anon 301514752 [ 709.360755][T22265] file 0 [ 709.360755][T22265] kernel_stack 917504 [ 709.360755][T22265] slab 7335936 [ 709.360755][T22265] sock 0 [ 709.360755][T22265] shmem 0 [ 709.360755][T22265] file_mapped 0 [ 709.360755][T22265] file_dirty 0 [ 709.360755][T22265] file_writeback 0 [ 709.360755][T22265] anon_thp 209715200 [ 709.360755][T22265] inactive_anon 253865984 [ 709.360755][T22265] active_anon 18079744 [ 709.360755][T22265] inactive_file 0 [ 709.360755][T22265] active_file 0 [ 709.360755][T22265] unevictable 29626368 [ 709.360755][T22265] slab_reclaimable 1351680 [ 709.360755][T22265] slab_unreclaimable 5984256 [ 709.360755][T22265] pgfault 765831 [ 709.360755][T22265] pgmajfault 0 [ 709.360755][T22265] workingset_refault 99 [ 709.360755][T22265] workingset_activate 66 [ 709.360755][T22265] workingset_nodereclaim 0 [ 709.360755][T22265] pgrefill 628 [ 709.360755][T22265] pgscan 630 [ 709.360755][T22265] pgsteal 132 [ 709.456088][T22265] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22260,uid=0 [ 709.471636][T22265] Memory cgroup out of memory: Killed process 22265 (syz-executor.3) total-vm:72700kB, anon-rss:17428kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 709.491836][ T1065] oom_reaper: reaped process 22265 (syz-executor.3), now anon-rss:17420kB, file-rss:54332kB, shmem-rss:0kB [ 709.495085][T22296] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 709.543746][T22296] CPU: 1 PID: 22296 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 709.552880][T22296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 709.562954][T22296] Call Trace: [ 709.566251][T22296] dump_stack+0x172/0x1f0 [ 709.570590][T22296] dump_header+0x177/0x1152 [ 709.575097][T22296] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 709.580899][T22296] ? ___ratelimit+0x2c8/0x595 [ 709.585580][T22296] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 709.591394][T22296] ? lockdep_hardirqs_on+0x418/0x5d0 [ 709.596679][T22296] ? trace_hardirqs_on+0x67/0x240 [ 709.601706][T22296] ? pagefault_out_of_memory+0x11c/0x11c [ 709.607371][T22296] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 709.613184][T22296] ? ___ratelimit+0x60/0x595 [ 709.617770][T22296] ? do_raw_spin_unlock+0x57/0x270 [ 709.622886][T22296] oom_kill_process.cold+0x10/0x15 [ 709.628007][T22296] out_of_memory+0x334/0x1340 [ 709.632683][T22296] ? lock_downgrade+0x920/0x920 [ 709.637548][T22296] ? oom_killer_disable+0x280/0x280 [ 709.642766][T22296] mem_cgroup_out_of_memory+0x1d8/0x240 [ 709.648355][T22296] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 06:29:21 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) setsockopt$RXRPC_SECURITY_KEYRING(r0, 0x110, 0x2, &(0x7f0000000100)='#\'ppp1.bdevvboxnet1--trustedvboxnet1keyringem1\x00', 0x2f) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:29:21 executing program 0: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ashmem\x00', 0x0, 0x0) mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0) mprotect(&(0x7f0000701000/0x3000)=nil, 0x3000, 0x0) 06:29:21 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xfeffffff00000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 709.654005][T22296] ? do_raw_spin_unlock+0x57/0x270 [ 709.659132][T22296] ? _raw_spin_unlock+0x2d/0x50 [ 709.664084][T22296] try_charge+0xf4b/0x1440 [ 709.668503][T22296] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 709.668518][T22296] ? percpu_ref_tryget_live+0x111/0x290 [ 709.668538][T22296] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 709.668553][T22296] ? __kasan_check_read+0x11/0x20 [ 709.668573][T22296] ? get_mem_cgroup_from_mm+0x156/0x320 [ 709.679638][T22296] mem_cgroup_try_charge+0x136/0x590 [ 709.679656][T22296] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 709.679674][T22296] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 709.690895][T22296] __handle_mm_fault+0x1e34/0x3f20 [ 709.690918][T22296] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 709.690946][T22296] ? __kasan_check_read+0x11/0x20 [ 709.690969][T22296] handle_mm_fault+0x1b5/0x6c0 [ 709.701745][T22296] __get_user_pages+0x7d4/0x1b30 [ 709.701761][T22296] ? mark_held_locks+0xf0/0xf0 [ 709.701787][T22296] ? follow_page_mask+0x1cf0/0x1cf0 [ 709.701800][T22296] ? __mm_populate+0x270/0x380 06:29:21 executing program 0: openat$capi20(0xffffffffffffff9c, &(0x7f0000000000)='/dev/capi20\x00', 0x0, 0x0) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu\x00', 0x200002, 0x0) openat$cgroup_int(r0, &(0x7f0000000280)='cpuset.cpu_exclusive\x00', 0x2, 0x0) pipe(&(0x7f0000000000)) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000180)={0x1b9}, 0x0, 0x0) [ 709.701822][T22296] ? __kasan_check_write+0x14/0x20 [ 709.713649][T22296] ? down_read+0x109/0x430 [ 709.713666][T22296] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 709.713685][T22296] populate_vma_page_range+0x20d/0x2a0 [ 709.713710][T22296] __mm_populate+0x204/0x380 [ 709.724318][T22296] ? populate_vma_page_range+0x2a0/0x2a0 [ 709.724335][T22296] ? __kasan_check_write+0x14/0x20 [ 709.724348][T22296] ? up_write+0x155/0x490 [ 709.724361][T22296] ? ns_capable_common+0x93/0x100 [ 709.724381][T22296] __x64_sys_mlockall+0x473/0x520 [ 709.734145][T22296] do_syscall_64+0xfa/0x760 [ 709.734168][T22296] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 709.734179][T22296] RIP: 0033:0x459879 [ 709.734194][T22296] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 709.734206][T22296] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 06:29:22 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xf9, 0x0) [ 709.743875][T22296] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 709.743883][T22296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 709.743892][T22296] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 709.743900][T22296] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 709.743909][T22296] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 709.785491][T22296] memory: usage 307200kB, limit 307200kB, failcnt 1197 06:29:22 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x3e7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket(0x10, 0x2, 0x0) getsockopt$sock_cred(r0, 0x1, 0x11, 0x0, &(0x7f0000cab000)) [ 709.987808][T22296] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 709.994698][T22296] Memory cgroup stats for /syz1: [ 709.994825][T22296] anon 294559744 [ 709.994825][T22296] file 122880 [ 709.994825][T22296] kernel_stack 851968 [ 709.994825][T22296] slab 15196160 [ 709.994825][T22296] sock 0 [ 709.994825][T22296] shmem 61440 [ 709.994825][T22296] file_mapped 0 [ 709.994825][T22296] file_dirty 0 [ 709.994825][T22296] file_writeback 0 [ 709.994825][T22296] anon_thp 123731968 [ 709.994825][T22296] inactive_anon 261095424 06:29:22 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xff35010000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 709.994825][T22296] active_anon 5627904 [ 709.994825][T22296] inactive_file 90112 [ 709.994825][T22296] active_file 135168 [ 709.994825][T22296] unevictable 27873280 [ 709.994825][T22296] slab_reclaimable 6758400 [ 709.994825][T22296] slab_unreclaimable 8437760 [ 709.994825][T22296] pgfault 182589 [ 709.994825][T22296] pgmajfault 0 [ 709.994825][T22296] workingset_refault 33 [ 709.994825][T22296] workingset_activate 0 [ 709.994825][T22296] workingset_nodereclaim 0 [ 709.994825][T22296] pgrefill 407 [ 709.994825][T22296] pgscan 4487 [ 709.994825][T22296] pgsteal 4166 [ 710.103866][T22296] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22280,uid=0 [ 710.146627][T22296] Memory cgroup out of memory: Killed process 22280 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 710.187573][T22309] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 710.213760][T22309] CPU: 0 PID: 22309 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 710.223002][T22309] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 710.233061][T22309] Call Trace: [ 710.236354][T22309] dump_stack+0x172/0x1f0 [ 710.240693][T22309] dump_header+0x177/0x1152 [ 710.245200][T22309] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 710.251005][T22309] ? ___ratelimit+0x2c8/0x595 [ 710.255681][T22309] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 710.261500][T22309] ? lockdep_hardirqs_on+0x418/0x5d0 [ 710.266795][T22309] ? trace_hardirqs_on+0x67/0x240 [ 710.271824][T22309] ? pagefault_out_of_memory+0x11c/0x11c [ 710.277457][T22309] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 710.283264][T22309] ? ___ratelimit+0x60/0x595 [ 710.287854][T22309] ? do_raw_spin_unlock+0x57/0x270 [ 710.292970][T22309] oom_kill_process.cold+0x10/0x15 [ 710.298081][T22309] out_of_memory+0x334/0x1340 [ 710.302759][T22309] ? lock_downgrade+0x920/0x920 [ 710.307619][T22309] ? oom_killer_disable+0x280/0x280 [ 710.312830][T22309] mem_cgroup_out_of_memory+0x1d8/0x240 [ 710.318378][T22309] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 710.324016][T22309] ? do_raw_spin_unlock+0x57/0x270 [ 710.329131][T22309] ? _raw_spin_unlock+0x2d/0x50 [ 710.333984][T22309] try_charge+0xf4b/0x1440 [ 710.338410][T22309] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 710.343950][T22309] ? percpu_ref_tryget_live+0x111/0x290 [ 710.349495][T22309] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 710.355742][T22309] ? __kasan_check_read+0x11/0x20 [ 710.360770][T22309] ? get_mem_cgroup_from_mm+0x156/0x320 [ 710.366322][T22309] mem_cgroup_try_charge+0x136/0x590 [ 710.371615][T22309] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 710.377869][T22309] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 710.383523][T22309] __handle_mm_fault+0x1e34/0x3f20 [ 710.388652][T22309] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 710.394229][T22309] ? __kasan_check_read+0x11/0x20 [ 710.399363][T22309] handle_mm_fault+0x1b5/0x6c0 [ 710.404136][T22309] __get_user_pages+0x7d4/0x1b30 [ 710.409079][T22309] ? mark_held_locks+0xf0/0xf0 [ 710.413859][T22309] ? follow_page_mask+0x1cf0/0x1cf0 [ 710.419060][T22309] ? __mm_populate+0x270/0x380 [ 710.423834][T22309] ? __kasan_check_write+0x14/0x20 [ 710.428979][T22309] ? down_read+0x109/0x430 [ 710.433402][T22309] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 710.439651][T22309] populate_vma_page_range+0x20d/0x2a0 [ 710.445121][T22309] __mm_populate+0x204/0x380 [ 710.445398][ T1065] oom_reaper: reaped process 22280 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 710.449709][T22309] ? populate_vma_page_range+0x2a0/0x2a0 [ 710.449724][T22309] ? __kasan_check_write+0x14/0x20 [ 710.449738][T22309] ? up_write+0x155/0x490 [ 710.449750][T22309] ? ns_capable_common+0x93/0x100 [ 710.449770][T22309] __x64_sys_mlockall+0x473/0x520 [ 710.449789][T22309] do_syscall_64+0xfa/0x760 [ 710.449809][T22309] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 710.449820][T22309] RIP: 0033:0x459879 [ 710.449838][T22309] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 710.519705][T22309] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 710.528119][T22309] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 710.536091][T22309] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 710.544063][T22309] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 710.552032][T22309] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 710.560004][T22309] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 710.596098][T22309] memory: usage 307112kB, limit 307200kB, failcnt 5716 [ 710.607585][T22309] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 710.614667][T22309] Memory cgroup stats for /syz2: [ 710.614783][T22309] anon 303509504 [ 710.614783][T22309] file 28672 [ 710.614783][T22309] kernel_stack 917504 [ 710.614783][T22309] slab 5509120 [ 710.614783][T22309] sock 0 [ 710.614783][T22309] shmem 0 [ 710.614783][T22309] file_mapped 0 [ 710.614783][T22309] file_dirty 0 [ 710.614783][T22309] file_writeback 0 [ 710.614783][T22309] anon_thp 218103808 [ 710.614783][T22309] inactive_anon 252694528 [ 710.614783][T22309] active_anon 11894784 [ 710.614783][T22309] inactive_file 0 [ 710.614783][T22309] active_file 0 [ 710.614783][T22309] unevictable 38875136 [ 710.614783][T22309] slab_reclaimable 1216512 [ 710.614783][T22309] slab_unreclaimable 4292608 [ 710.614783][T22309] pgfault 782958 [ 710.614783][T22309] pgmajfault 0 [ 710.614783][T22309] workingset_refault 198 [ 710.614783][T22309] workingset_activate 66 [ 710.614783][T22309] workingset_nodereclaim 0 [ 710.614783][T22309] pgrefill 1466 [ 710.614783][T22309] pgscan 1693 [ 710.614783][T22309] pgsteal 198 [ 710.717777][T22309] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22286,uid=0 [ 710.740473][T22309] Memory cgroup out of memory: Killed process 22286 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 710.768401][ T1065] oom_reaper: reaped process 22286 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 710.779729][T22320] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 710.805438][T22320] CPU: 1 PID: 22320 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 710.814571][T22320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 710.824630][T22320] Call Trace: [ 710.828448][T22320] dump_stack+0x172/0x1f0 [ 710.832789][T22320] dump_header+0x177/0x1152 [ 710.837297][T22320] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 710.843101][T22320] ? ___ratelimit+0x2c8/0x595 [ 710.847781][T22320] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 710.853588][T22320] ? lockdep_hardirqs_on+0x418/0x5d0 [ 710.858872][T22320] ? trace_hardirqs_on+0x67/0x240 [ 710.863901][T22320] ? pagefault_out_of_memory+0x11c/0x11c [ 710.869533][T22320] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 710.875336][T22320] ? ___ratelimit+0x60/0x595 [ 710.879923][T22320] ? do_raw_spin_unlock+0x57/0x270 [ 710.885038][T22320] oom_kill_process.cold+0x10/0x15 [ 710.890148][T22320] out_of_memory+0x334/0x1340 [ 710.894827][T22320] ? lock_downgrade+0x920/0x920 [ 710.899680][T22320] ? oom_killer_disable+0x280/0x280 [ 710.904894][T22320] mem_cgroup_out_of_memory+0x1d8/0x240 [ 710.910445][T22320] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 710.916073][T22320] ? do_raw_spin_unlock+0x57/0x270 [ 710.921194][T22320] ? _raw_spin_unlock+0x2d/0x50 [ 710.926055][T22320] try_charge+0xf4b/0x1440 [ 710.930483][T22320] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 710.936030][T22320] ? percpu_ref_tryget_live+0x111/0x290 [ 710.941582][T22320] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 710.947830][T22320] ? __kasan_check_read+0x11/0x20 [ 710.952862][T22320] ? get_mem_cgroup_from_mm+0x156/0x320 [ 710.958502][T22320] mem_cgroup_try_charge+0x136/0x590 [ 710.963793][T22320] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 710.970041][T22320] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 710.975686][T22320] __handle_mm_fault+0x1e34/0x3f20 [ 710.980813][T22320] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 710.986377][T22320] ? __kasan_check_read+0x11/0x20 [ 710.991415][T22320] handle_mm_fault+0x1b5/0x6c0 [ 710.996185][T22320] __get_user_pages+0x7d4/0x1b30 [ 711.001123][T22320] ? mark_held_locks+0xf0/0xf0 [ 711.005902][T22320] ? follow_page_mask+0x1cf0/0x1cf0 [ 711.011132][T22320] ? __mm_populate+0x270/0x380 [ 711.015914][T22320] ? memset+0x32/0x40 [ 711.019905][T22320] populate_vma_page_range+0x20d/0x2a0 [ 711.025375][T22320] __mm_populate+0x204/0x380 [ 711.029976][T22320] ? populate_vma_page_range+0x2a0/0x2a0 [ 711.035623][T22320] ? up_write+0x1c8/0x490 [ 711.039969][T22320] __x64_sys_mremap+0x7dc/0xb80 [ 711.044821][T22320] ? retint_kernel+0x2b/0x2b [ 711.049410][T22320] ? trace_hardirqs_on_caller+0x6a/0x240 [ 711.055048][T22320] ? mremap_to+0x750/0x750 [ 711.059477][T22320] ? retint_kernel+0x2b/0x2b [ 711.064080][T22320] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 711.069545][T22320] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 711.075014][T22320] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 711.081086][T22320] ? do_syscall_64+0x26/0x760 [ 711.085776][T22320] ? lockdep_hardirqs_on+0x418/0x5d0 [ 711.091068][T22320] ? trace_hardirqs_on+0x67/0x240 [ 711.096106][T22320] do_syscall_64+0xfa/0x760 [ 711.100619][T22320] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 711.106508][T22320] RIP: 0033:0x459879 [ 711.110400][T22320] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 711.130007][T22320] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 711.138444][T22320] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 711.146445][T22320] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 711.154422][T22320] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 711.162399][T22320] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 711.170379][T22320] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 711.178617][T22320] memory: usage 307112kB, limit 307200kB, failcnt 5105 [ 711.185476][T22320] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 711.192451][T22320] Memory cgroup stats for /syz3: [ 711.192577][T22320] anon 301449216 [ 711.192577][T22320] file 0 [ 711.192577][T22320] kernel_stack 917504 [ 711.192577][T22320] slab 7335936 [ 711.192577][T22320] sock 0 [ 711.192577][T22320] shmem 0 [ 711.192577][T22320] file_mapped 0 [ 711.192577][T22320] file_dirty 0 [ 711.192577][T22320] file_writeback 0 [ 711.192577][T22320] anon_thp 209715200 [ 711.192577][T22320] inactive_anon 249958400 [ 711.192577][T22320] active_anon 18186240 [ 711.192577][T22320] inactive_file 0 [ 711.192577][T22320] active_file 0 [ 711.192577][T22320] unevictable 33370112 [ 711.192577][T22320] slab_reclaimable 1351680 [ 711.192577][T22320] slab_unreclaimable 5984256 [ 711.192577][T22320] pgfault 770286 [ 711.192577][T22320] pgmajfault 0 [ 711.192577][T22320] workingset_refault 99 [ 711.192577][T22320] workingset_activate 66 [ 711.192577][T22320] workingset_nodereclaim 0 [ 711.192577][T22320] pgrefill 628 [ 711.192577][T22320] pgscan 630 [ 711.192577][T22320] pgsteal 132 [ 711.285959][T22320] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22316,uid=0 [ 711.301499][T22320] Memory cgroup out of memory: Killed process 22316 (syz-executor.3) total-vm:72700kB, anon-rss:16040kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 711.320436][ T1065] oom_reaper: reaped process 22316 (syz-executor.3), now anon-rss:16032kB, file-rss:54332kB, shmem-rss:0kB [ 711.327725][T22296] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 711.348574][T22296] CPU: 0 PID: 22296 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 711.357691][T22296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 711.367753][T22296] Call Trace: [ 711.371046][T22296] dump_stack+0x172/0x1f0 [ 711.375393][T22296] dump_header+0x177/0x1152 [ 711.379922][T22296] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 711.385720][T22296] ? ___ratelimit+0x2c8/0x595 [ 711.390398][T22296] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 711.396213][T22296] ? lockdep_hardirqs_on+0x418/0x5d0 [ 711.401504][T22296] ? trace_hardirqs_on+0x67/0x240 [ 711.406530][T22296] ? pagefault_out_of_memory+0x11c/0x11c [ 711.412163][T22296] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 711.417969][T22296] ? ___ratelimit+0x60/0x595 [ 711.422555][T22296] ? do_raw_spin_unlock+0x57/0x270 [ 711.427673][T22296] oom_kill_process.cold+0x10/0x15 [ 711.432788][T22296] out_of_memory+0x334/0x1340 [ 711.437474][T22296] ? lock_downgrade+0x920/0x920 [ 711.442336][T22296] ? oom_killer_disable+0x280/0x280 [ 711.447547][T22296] mem_cgroup_out_of_memory+0x1d8/0x240 [ 711.453098][T22296] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 711.458731][T22296] ? do_raw_spin_unlock+0x57/0x270 [ 711.458751][T22296] ? _raw_spin_unlock+0x2d/0x50 [ 711.458770][T22296] try_charge+0xf4b/0x1440 [ 711.458794][T22296] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 711.458806][T22296] ? percpu_ref_tryget_live+0x111/0x290 [ 711.458828][T22296] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 711.468744][T22296] ? __kasan_check_read+0x11/0x20 [ 711.468764][T22296] ? get_mem_cgroup_from_mm+0x156/0x320 [ 711.468781][T22296] mem_cgroup_try_charge+0x136/0x590 [ 711.468798][T22296] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 711.468817][T22296] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 711.518094][T22296] wp_page_copy+0x41e/0x1590 [ 711.522664][T22296] ? find_held_lock+0x35/0x130 [ 711.527424][T22296] ? pmd_pfn+0x1d0/0x1d0 [ 711.531650][T22296] ? lock_downgrade+0x920/0x920 [ 711.536484][T22296] ? swp_swapcount+0x540/0x540 [ 711.541225][T22296] ? __kasan_check_read+0x11/0x20 [ 711.546228][T22296] ? do_raw_spin_unlock+0x57/0x270 [ 711.551321][T22296] do_wp_page+0x499/0x14d0 [ 711.555751][T22296] ? finish_mkwrite_fault+0x570/0x570 [ 711.561107][T22296] __handle_mm_fault+0x22f1/0x3f20 [ 711.566200][T22296] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 711.571728][T22296] ? __kasan_check_read+0x11/0x20 [ 711.576777][T22296] handle_mm_fault+0x1b5/0x6c0 [ 711.581532][T22296] __get_user_pages+0x7d4/0x1b30 [ 711.586495][T22296] ? mark_held_locks+0xf0/0xf0 [ 711.591242][T22296] ? follow_page_mask+0x1cf0/0x1cf0 [ 711.596415][T22296] ? __mm_populate+0x270/0x380 [ 711.601166][T22296] ? __kasan_check_write+0x14/0x20 [ 711.606254][T22296] ? down_read+0x109/0x430 [ 711.610663][T22296] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 711.616916][T22296] populate_vma_page_range+0x20d/0x2a0 [ 711.622354][T22296] __mm_populate+0x204/0x380 [ 711.626938][T22296] ? populate_vma_page_range+0x2a0/0x2a0 [ 711.632558][T22296] ? __kasan_check_write+0x14/0x20 [ 711.637653][T22296] ? up_write+0x155/0x490 [ 711.641968][T22296] ? ns_capable_common+0x93/0x100 [ 711.647020][T22296] __x64_sys_mlockall+0x473/0x520 [ 711.652037][T22296] do_syscall_64+0xfa/0x760 [ 711.656539][T22296] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 711.662408][T22296] RIP: 0033:0x459879 [ 711.666286][T22296] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 711.685873][T22296] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 711.694261][T22296] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 711.702224][T22296] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 711.710188][T22296] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 711.718147][T22296] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 711.726108][T22296] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 711.736269][T22296] memory: usage 307148kB, limit 307200kB, failcnt 1235 [ 711.743187][T22296] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 711.750117][T22296] Memory cgroup stats for /syz1: [ 711.750227][T22296] anon 294338560 [ 711.750227][T22296] file 122880 [ 711.750227][T22296] kernel_stack 917504 [ 711.750227][T22296] slab 14925824 [ 711.750227][T22296] sock 0 [ 711.750227][T22296] shmem 61440 [ 711.750227][T22296] file_mapped 0 [ 711.750227][T22296] file_dirty 0 [ 711.750227][T22296] file_writeback 0 [ 711.750227][T22296] anon_thp 123731968 [ 711.750227][T22296] inactive_anon 251363328 [ 711.750227][T22296] active_anon 5627904 [ 711.750227][T22296] inactive_file 90112 [ 711.750227][T22296] active_file 135168 [ 711.750227][T22296] unevictable 37335040 [ 711.750227][T22296] slab_reclaimable 6623232 [ 711.750227][T22296] slab_unreclaimable 8302592 [ 711.750227][T22296] pgfault 187407 [ 711.750227][T22296] pgmajfault 0 [ 711.750227][T22296] workingset_refault 33 [ 711.750227][T22296] workingset_activate 0 [ 711.750227][T22296] workingset_nodereclaim 0 [ 711.750227][T22296] pgrefill 407 [ 711.750227][T22296] pgscan 4487 [ 711.750227][T22296] pgsteal 4166 [ 711.845281][T22296] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22295,uid=0 [ 711.861608][T22296] Memory cgroup out of memory: Killed process 22296 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 711.879975][ T1065] oom_reaper: reaped process 22296 (syz-executor.1), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 711.886763][T22337] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 711.908577][T22337] CPU: 1 PID: 22337 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 711.917698][T22337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 711.927745][T22337] Call Trace: [ 711.931036][T22337] dump_stack+0x172/0x1f0 [ 711.935374][T22337] dump_header+0x177/0x1152 [ 711.939874][T22337] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 711.945678][T22337] ? ___ratelimit+0x2c8/0x595 [ 711.950361][T22337] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 711.956178][T22337] ? lockdep_hardirqs_on+0x418/0x5d0 [ 711.961469][T22337] ? trace_hardirqs_on+0x67/0x240 [ 711.966493][T22337] ? pagefault_out_of_memory+0x11c/0x11c [ 711.972123][T22337] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 711.977931][T22337] ? ___ratelimit+0x60/0x595 [ 711.982520][T22337] ? do_raw_spin_unlock+0x57/0x270 [ 711.987633][T22337] oom_kill_process.cold+0x10/0x15 [ 711.992801][T22337] out_of_memory+0x334/0x1340 [ 711.997470][T22337] ? lock_downgrade+0x920/0x920 [ 712.002320][T22337] ? oom_killer_disable+0x280/0x280 [ 712.007529][T22337] mem_cgroup_out_of_memory+0x1d8/0x240 [ 712.013078][T22337] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 712.018703][T22337] ? do_raw_spin_unlock+0x57/0x270 [ 712.023805][T22337] ? _raw_spin_unlock+0x2d/0x50 [ 712.028643][T22337] try_charge+0xf4b/0x1440 [ 712.033050][T22337] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 712.038574][T22337] ? percpu_ref_tryget_live+0x111/0x290 [ 712.044101][T22337] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 712.050321][T22337] ? __kasan_check_read+0x11/0x20 [ 712.055339][T22337] ? get_mem_cgroup_from_mm+0x156/0x320 [ 712.060892][T22337] mem_cgroup_try_charge+0x136/0x590 [ 712.066177][T22337] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 712.072440][T22337] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 712.078052][T22337] wp_page_copy+0x41e/0x1590 [ 712.082623][T22337] ? find_held_lock+0x35/0x130 [ 712.087382][T22337] ? pmd_pfn+0x1d0/0x1d0 [ 712.091620][T22337] ? lock_downgrade+0x920/0x920 [ 712.096449][T22337] ? swp_swapcount+0x540/0x540 [ 712.101197][T22337] ? __kasan_check_read+0x11/0x20 [ 712.106201][T22337] ? do_raw_spin_unlock+0x57/0x270 [ 712.111293][T22337] do_wp_page+0x499/0x14d0 [ 712.115695][T22337] ? finish_mkwrite_fault+0x570/0x570 [ 712.121055][T22337] __handle_mm_fault+0x22f1/0x3f20 [ 712.126150][T22337] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 712.131752][T22337] ? __kasan_check_read+0x11/0x20 [ 712.136800][T22337] handle_mm_fault+0x1b5/0x6c0 [ 712.141548][T22337] __get_user_pages+0x7d4/0x1b30 [ 712.146463][T22337] ? mark_held_locks+0xf0/0xf0 [ 712.151211][T22337] ? follow_page_mask+0x1cf0/0x1cf0 [ 712.156383][T22337] ? __mm_populate+0x270/0x380 [ 712.161136][T22337] ? __kasan_check_write+0x14/0x20 [ 712.166228][T22337] ? down_read+0x109/0x430 [ 712.170670][T22337] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 712.176890][T22337] populate_vma_page_range+0x20d/0x2a0 [ 712.182351][T22337] __mm_populate+0x204/0x380 [ 712.186935][T22337] ? populate_vma_page_range+0x2a0/0x2a0 [ 712.192558][T22337] ? __kasan_check_write+0x14/0x20 [ 712.197647][T22337] ? up_write+0x155/0x490 [ 712.201958][T22337] ? ns_capable_common+0x93/0x100 [ 712.206965][T22337] __x64_sys_mlockall+0x473/0x520 [ 712.211969][T22337] do_syscall_64+0xfa/0x760 [ 712.216473][T22337] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 712.222352][T22337] RIP: 0033:0x459879 [ 712.226229][T22337] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 712.245856][T22337] RSP: 002b:00007fe89cd08c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 712.254246][T22337] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 06:29:24 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0xf, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:24 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xff7f000000000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:24 executing program 0: r0 = getpid() r1 = syz_open_dev$sndseq(&(0x7f0000000880)='/dev/snd/seq\x00', 0x0, 0x0) read(r1, &(0x7f0000000180)=""/28, 0x24d42ca6) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd, @time}) timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0)) ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(r1, 0x80045300, &(0x7f00000002c0)={0x0, 0x0, 0x0, 'queue1\x00'}) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0) tkill(r0, 0x1000000000015) 06:29:24 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xfa, 0x0) [ 712.262222][T22337] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 712.270182][T22337] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 712.278131][T22337] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd096d4 [ 712.286079][T22337] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 712.304642][T22337] memory: usage 307196kB, limit 307200kB, failcnt 5767 [ 712.329934][T22337] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 712.359044][T22337] Memory cgroup stats for /syz2: [ 712.359344][T22337] anon 303517696 [ 712.359344][T22337] file 28672 [ 712.359344][T22337] kernel_stack 983040 [ 712.359344][T22337] slab 5509120 [ 712.359344][T22337] sock 0 [ 712.359344][T22337] shmem 0 [ 712.359344][T22337] file_mapped 0 [ 712.359344][T22337] file_dirty 0 [ 712.359344][T22337] file_writeback 0 [ 712.359344][T22337] anon_thp 216006656 [ 712.359344][T22337] inactive_anon 241418240 [ 712.359344][T22337] active_anon 11894784 [ 712.359344][T22337] inactive_file 0 [ 712.359344][T22337] active_file 0 [ 712.359344][T22337] unevictable 50008064 [ 712.359344][T22337] slab_reclaimable 1216512 [ 712.359344][T22337] slab_unreclaimable 4292608 [ 712.359344][T22337] pgfault 786753 [ 712.359344][T22337] pgmajfault 0 [ 712.359344][T22337] workingset_refault 198 [ 712.359344][T22337] workingset_activate 66 [ 712.359344][T22337] workingset_nodereclaim 0 [ 712.359344][T22337] pgrefill 1466 [ 712.359344][T22337] pgscan 1693 [ 712.359344][T22337] pgsteal 198 [ 712.495706][T22337] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22308,uid=0 [ 712.518048][T22337] Memory cgroup out of memory: Killed process 22337 (syz-executor.2) total-vm:72832kB, anon-rss:18232kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 712.542749][ T1065] oom_reaper: reaped process 22337 (syz-executor.2), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB 06:29:24 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000600)) r1 = syz_open_pts(r0, 0x0) ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040)={0x17}) ioctl$TIOCGSERIAL(r1, 0x541e, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000280)=""/100}) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="0900418db1962e8bcf2583e0761dc97ba8276dd13c2c68080dc56ec1198bf2ae0c9d67d443a6800000000000000000e8ec05cd91cde8c49f0c396850"], 0x9) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x2c200b00, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:24 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xffffff7f00000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:24 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) rt_sigprocmask(0x4, &(0x7f0000000100)={0x1}, 0x0, 0x8) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f0200000045830300000000000000d1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) socket$netlink(0x10, 0x3, 0x2) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:29:24 executing program 0: r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)={0x14, 0x23, 0x847, 0x0, 0x0, {0x2806}}, 0x14}}, 0x0) 06:29:24 executing program 0: write$FUSE_ATTR(0xffffffffffffffff, &(0x7f0000000000)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}}}, 0x78) r0 = syz_open_dev$media(&(0x7f00000001c0)='/dev/media#\x00', 0x0, 0x0) ioctl$SG_EMULATED_HOST(r0, 0xc0347c03, &(0x7f0000000040)) 06:29:24 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xffffffff00000000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:25 executing program 0: r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0) mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0) ftruncate(r0, 0x1045) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write(r1, &(0x7f00000001c0), 0xfb120eb7) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x6) [ 712.980581][T22362] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 713.016832][T22362] CPU: 1 PID: 22362 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 713.026077][T22362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 713.026084][T22362] Call Trace: [ 713.026105][T22362] dump_stack+0x172/0x1f0 [ 713.026126][T22362] dump_header+0x177/0x1152 [ 713.026143][T22362] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 713.026159][T22362] ? ___ratelimit+0x2c8/0x595 [ 713.058730][T22362] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 713.058750][T22362] ? lockdep_hardirqs_on+0x418/0x5d0 [ 713.058766][T22362] ? trace_hardirqs_on+0x67/0x240 [ 713.058784][T22362] ? pagefault_out_of_memory+0x11c/0x11c [ 713.058803][T22362] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 713.069853][T22362] ? ___ratelimit+0x60/0x595 [ 713.069868][T22362] ? do_raw_spin_unlock+0x57/0x270 [ 713.069888][T22362] oom_kill_process.cold+0x10/0x15 [ 713.069906][T22362] out_of_memory+0x334/0x1340 [ 713.069922][T22362] ? lock_downgrade+0x920/0x920 [ 713.069940][T22362] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 713.069957][T22362] ? oom_killer_disable+0x280/0x280 [ 713.080588][T22362] mem_cgroup_out_of_memory+0x1d8/0x240 [ 713.080605][T22362] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 713.080626][T22362] ? do_raw_spin_unlock+0x57/0x270 [ 713.080648][T22362] ? _raw_spin_unlock+0x2d/0x50 [ 713.091005][T22362] try_charge+0xf4b/0x1440 [ 713.091032][T22362] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 713.091046][T22362] ? percpu_ref_tryget_live+0x111/0x290 [ 713.091067][T22362] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 713.101245][T22362] ? __kasan_check_read+0x11/0x20 [ 713.101267][T22362] ? get_mem_cgroup_from_mm+0x156/0x320 [ 713.101286][T22362] mem_cgroup_try_charge+0x136/0x590 06:29:25 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xffffffff87a00000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 713.101302][T22362] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 713.101322][T22362] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 713.110809][T22362] __handle_mm_fault+0x1e34/0x3f20 [ 713.110832][T22362] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 713.110862][T22362] ? __kasan_check_read+0x11/0x20 [ 713.110884][T22362] handle_mm_fault+0x1b5/0x6c0 [ 713.110903][T22362] __get_user_pages+0x7d4/0x1b30 [ 713.121866][T22362] ? mark_held_locks+0xf0/0xf0 [ 713.121895][T22362] ? follow_page_mask+0x1cf0/0x1cf0 [ 713.121908][T22362] ? __mm_populate+0x270/0x380 [ 713.121928][T22362] ? __kasan_check_write+0x14/0x20 [ 713.121946][T22362] ? down_read+0x109/0x430 [ 713.143018][T22362] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 713.249124][T22362] populate_vma_page_range+0x20d/0x2a0 [ 713.254595][T22362] __mm_populate+0x204/0x380 [ 713.259195][T22362] ? populate_vma_page_range+0x2a0/0x2a0 [ 713.264830][T22362] ? __kasan_check_write+0x14/0x20 [ 713.269947][T22362] ? up_write+0x155/0x490 [ 713.274280][T22362] ? ns_capable_common+0x93/0x100 [ 713.279316][T22362] __x64_sys_mlockall+0x473/0x520 [ 713.279336][T22362] do_syscall_64+0xfa/0x760 [ 713.279358][T22362] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 713.279369][T22362] RIP: 0033:0x459879 [ 713.279383][T22362] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 713.279397][T22362] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 713.288886][T22362] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 713.288895][T22362] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 713.288904][T22362] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 713.288912][T22362] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 713.288919][T22362] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 713.426261][T22362] memory: usage 307200kB, limit 307200kB, failcnt 5121 [ 713.452689][T22362] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 713.465305][T22362] Memory cgroup stats for /syz3: [ 713.465426][T22362] anon 301621248 [ 713.465426][T22362] file 0 [ 713.465426][T22362] kernel_stack 983040 [ 713.465426][T22362] slab 7471104 [ 713.465426][T22362] sock 0 [ 713.465426][T22362] shmem 0 [ 713.465426][T22362] file_mapped 0 [ 713.465426][T22362] file_dirty 0 [ 713.465426][T22362] file_writeback 0 [ 713.465426][T22362] anon_thp 209715200 [ 713.465426][T22362] inactive_anon 259010560 [ 713.465426][T22362] active_anon 18202624 [ 713.465426][T22362] inactive_file 0 [ 713.465426][T22362] active_file 0 [ 713.465426][T22362] unevictable 24543232 [ 713.465426][T22362] slab_reclaimable 1351680 [ 713.465426][T22362] slab_unreclaimable 6119424 [ 713.465426][T22362] pgfault 771771 [ 713.465426][T22362] pgmajfault 0 [ 713.465426][T22362] workingset_refault 99 [ 713.465426][T22362] workingset_activate 66 [ 713.465426][T22362] workingset_nodereclaim 0 [ 713.465426][T22362] pgrefill 628 [ 713.465426][T22362] pgscan 630 [ 713.465426][T22362] pgsteal 132 [ 713.571708][T22362] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22333,uid=0 [ 713.594103][T22362] Memory cgroup out of memory: Killed process 22333 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 713.661917][T22351] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 713.685513][T22351] CPU: 0 PID: 22351 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 713.694647][T22351] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 713.704699][T22351] Call Trace: [ 713.707992][T22351] dump_stack+0x172/0x1f0 [ 713.712327][T22351] dump_header+0x177/0x1152 [ 713.716829][T22351] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 713.722631][T22351] ? ___ratelimit+0x2c8/0x595 [ 713.727309][T22351] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 713.733114][T22351] ? lockdep_hardirqs_on+0x418/0x5d0 [ 713.738400][T22351] ? trace_hardirqs_on+0x67/0x240 [ 713.743426][T22351] ? pagefault_out_of_memory+0x11c/0x11c [ 713.749060][T22351] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 713.754863][T22351] ? ___ratelimit+0x60/0x595 [ 713.759451][T22351] ? do_raw_spin_unlock+0x57/0x270 [ 713.764561][T22351] oom_kill_process.cold+0x10/0x15 [ 713.769674][T22351] out_of_memory+0x334/0x1340 [ 713.774352][T22351] ? lock_downgrade+0x920/0x920 [ 713.779208][T22351] ? oom_killer_disable+0x280/0x280 [ 713.784414][T22351] mem_cgroup_out_of_memory+0x1d8/0x240 [ 713.789961][T22351] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 713.795600][T22351] ? do_raw_spin_unlock+0x57/0x270 [ 713.800718][T22351] ? _raw_spin_unlock+0x2d/0x50 [ 713.805575][T22351] try_charge+0xf4b/0x1440 [ 713.810000][T22351] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 713.815545][T22351] ? percpu_ref_tryget_live+0x111/0x290 [ 713.821100][T22351] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 713.827342][T22351] ? __kasan_check_read+0x11/0x20 [ 713.832376][T22351] ? get_mem_cgroup_from_mm+0x156/0x320 [ 713.837936][T22351] mem_cgroup_try_charge+0x136/0x590 [ 713.843225][T22351] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 713.849476][T22351] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 713.855120][T22351] do_huge_pmd_wp_page_fallback+0x24c/0x1740 [ 713.861122][T22351] ? defrag_store+0x360/0x360 [ 713.865811][T22351] ? lock_downgrade+0x920/0x920 [ 713.870773][T22351] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 713.877216][T22351] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 713.883464][T22351] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 713.889704][T22351] ? alloc_pages_vma+0x122/0x3f0 [ 713.894650][T22351] do_huge_pmd_wp_page+0x7ff/0x2300 [ 713.899849][T22351] ? mark_lock+0xc2/0x1220 [ 713.904274][T22351] ? __split_huge_pmd+0x2810/0x2810 [ 713.909477][T22351] ? __kasan_check_read+0x11/0x20 [ 713.914504][T22351] ? pmd_val+0x85/0x100 [ 713.918662][T22351] ? add_mm_counter_fast.part.0+0x40/0x40 [ 713.924391][T22351] __handle_mm_fault+0x14cf/0x3f20 [ 713.929513][T22351] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 713.935075][T22351] ? __kasan_check_read+0x11/0x20 [ 713.940117][T22351] handle_mm_fault+0x1b5/0x6c0 [ 713.944891][T22351] __get_user_pages+0x7d4/0x1b30 [ 713.949833][T22351] ? mark_held_locks+0xf0/0xf0 [ 713.954615][T22351] ? follow_page_mask+0x1cf0/0x1cf0 [ 713.959813][T22351] ? __mm_populate+0x270/0x380 [ 713.964585][T22351] ? __kasan_check_write+0x14/0x20 [ 713.969700][T22351] ? down_read+0x109/0x430 [ 713.974119][T22351] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 713.980367][T22351] populate_vma_page_range+0x20d/0x2a0 [ 713.985833][T22351] __mm_populate+0x204/0x380 [ 713.990428][T22351] ? populate_vma_page_range+0x2a0/0x2a0 [ 713.996063][T22351] ? __kasan_check_write+0x14/0x20 [ 714.001180][T22351] ? up_write+0x155/0x490 [ 714.005510][T22351] ? ns_capable_common+0x93/0x100 [ 714.010558][T22351] __x64_sys_mlockall+0x473/0x520 [ 714.015703][T22351] do_syscall_64+0xfa/0x760 [ 714.020216][T22351] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 714.026108][T22351] RIP: 0033:0x459879 [ 714.030023][T22351] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 714.049633][T22351] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 714.058049][T22351] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 714.066021][T22351] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 714.073992][T22351] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 714.081966][T22351] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 714.089937][T22351] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 714.101753][T22351] memory: usage 307200kB, limit 307200kB, failcnt 1274 [ 714.123508][T22351] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 714.132823][T22351] Memory cgroup stats for /syz1: [ 714.132977][T22351] anon 293220352 [ 714.132977][T22351] file 122880 [ 714.132977][T22351] kernel_stack 983040 [ 714.132977][T22351] slab 14925824 [ 714.132977][T22351] sock 0 [ 714.132977][T22351] shmem 61440 [ 714.132977][T22351] file_mapped 0 [ 714.132977][T22351] file_dirty 0 [ 714.132977][T22351] file_writeback 0 [ 714.132977][T22351] anon_thp 130023424 [ 714.132977][T22351] inactive_anon 248119296 [ 714.132977][T22351] active_anon 5627904 [ 714.132977][T22351] inactive_file 90112 [ 714.132977][T22351] active_file 135168 [ 714.132977][T22351] unevictable 39522304 [ 714.132977][T22351] slab_reclaimable 6623232 [ 714.132977][T22351] slab_unreclaimable 8302592 [ 714.132977][T22351] pgfault 192192 [ 714.132977][T22351] pgmajfault 0 [ 714.132977][T22351] workingset_refault 33 [ 714.132977][T22351] workingset_activate 0 [ 714.132977][T22351] workingset_nodereclaim 0 [ 714.132977][T22351] pgrefill 407 [ 714.132977][T22351] pgscan 4487 [ 714.132977][T22351] pgsteal 4166 [ 714.237553][T22351] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22349,uid=0 [ 714.264446][T22351] Memory cgroup out of memory: Killed process 22349 (syz-executor.1) total-vm:72840kB, anon-rss:18232kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 714.290286][ T1065] oom_reaper: reaped process 22349 (syz-executor.1), now anon-rss:18240kB, file-rss:54332kB, shmem-rss:0kB [ 714.301969][T22362] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 714.323355][T22362] CPU: 0 PID: 22362 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 714.332480][T22362] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 714.342537][T22362] Call Trace: [ 714.345829][T22362] dump_stack+0x172/0x1f0 [ 714.350165][T22362] dump_header+0x177/0x1152 [ 714.354674][T22362] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 714.360478][T22362] ? ___ratelimit+0x2c8/0x595 [ 714.365152][T22362] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 714.370969][T22362] ? lockdep_hardirqs_on+0x418/0x5d0 [ 714.376252][T22362] ? trace_hardirqs_on+0x67/0x240 [ 714.381281][T22362] ? pagefault_out_of_memory+0x11c/0x11c [ 714.386916][T22362] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 714.392727][T22362] ? ___ratelimit+0x60/0x595 [ 714.397313][T22362] ? do_raw_spin_unlock+0x57/0x270 [ 714.402428][T22362] oom_kill_process.cold+0x10/0x15 [ 714.407543][T22362] out_of_memory+0x334/0x1340 [ 714.412215][T22362] ? lock_downgrade+0x920/0x920 [ 714.417072][T22362] ? oom_killer_disable+0x280/0x280 [ 714.422282][T22362] mem_cgroup_out_of_memory+0x1d8/0x240 [ 714.427824][T22362] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 714.433459][T22362] ? do_raw_spin_unlock+0x57/0x270 [ 714.438575][T22362] ? _raw_spin_unlock+0x2d/0x50 [ 714.443426][T22362] try_charge+0xf4b/0x1440 [ 714.447858][T22362] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 714.453402][T22362] ? percpu_ref_tryget_live+0x111/0x290 [ 714.458949][T22362] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 714.465192][T22362] ? __kasan_check_read+0x11/0x20 [ 714.470218][T22362] ? get_mem_cgroup_from_mm+0x156/0x320 [ 714.475764][T22362] mem_cgroup_try_charge+0x136/0x590 [ 714.481051][T22362] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 714.487303][T22362] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 714.492943][T22362] __handle_mm_fault+0x1e34/0x3f20 [ 714.498068][T22362] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 714.503610][T22362] ? __kasan_check_read+0x11/0x20 [ 714.508634][T22362] handle_mm_fault+0x1b5/0x6c0 [ 714.513394][T22362] __get_user_pages+0x7d4/0x1b30 [ 714.518322][T22362] ? mark_held_locks+0xf0/0xf0 [ 714.523080][T22362] ? follow_page_mask+0x1cf0/0x1cf0 [ 714.528272][T22362] ? __mm_populate+0x270/0x380 [ 714.533094][T22362] ? memset+0x32/0x40 [ 714.537105][T22362] populate_vma_page_range+0x20d/0x2a0 [ 714.542588][T22362] __mm_populate+0x204/0x380 [ 714.547166][T22362] ? populate_vma_page_range+0x2a0/0x2a0 [ 714.552780][T22362] ? up_write+0x1c8/0x490 [ 714.557091][T22362] __x64_sys_mremap+0x7dc/0xb80 [ 714.561929][T22362] ? mremap_to+0x750/0x750 [ 714.566327][T22362] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 714.571793][T22362] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 714.577241][T22362] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 714.583291][T22362] ? do_syscall_64+0x26/0x760 [ 714.587961][T22362] ? lockdep_hardirqs_on+0x418/0x5d0 [ 714.593233][T22362] ? trace_hardirqs_on+0x67/0x240 [ 714.598251][T22362] do_syscall_64+0xfa/0x760 [ 714.602761][T22362] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 714.608637][T22362] RIP: 0033:0x459879 [ 714.612520][T22362] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 714.632107][T22362] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 714.640512][T22362] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 714.648470][T22362] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 714.656429][T22362] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 714.664389][T22362] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fc0ba5296d4 06:29:26 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0xf, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:26 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xfb, 0x0) 06:29:26 executing program 0: perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) bind$llc(r0, &(0x7f0000000080)={0x1a, 0x0, 0x0, 0x0, 0xa40}, 0x10) sendmsg$can_bcm(r0, &(0x7f0000000000)={&(0x7f0000000200), 0x10, &(0x7f00000002c0)={0x0}}, 0x0) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 06:29:26 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xfffffffffffff000, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:26 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x10000000000097, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec13d2e64eafd4002198ba669ce64773cca3e38b2061af2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c39685016191000c27a06940104ef180c4c4ff2c58d0572e8cc7aa46750eca0a4e857797f7fdec5fa9e3119e9ef625e064c65f57964f5b9905b4e565eb73530f1fc5ed50659f8837f3dcd29ad790b0a7230b95420e49d598ab14ea14c87a098fee709ad0deae16e77ddf4c03439285d27bfedb01a0acb0f43e25ec1c2778d8dd782c66e03994c30c661bbd307e6c7253621f53e595d3a01df3c8797e01927f5b092da656032131c6f2d7a15bc45050e8cd7496a92d280e26c81a925a8e536fe5e0407195c55983957e28e90df708455be2d2a42c391f8fb9d2d1aa9af8faabff215c0e2d9a8d4"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 714.672388][T22362] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 714.682215][T22362] memory: usage 307172kB, limit 307200kB, failcnt 5146 [ 714.689193][T22362] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 714.732013][T22362] Memory cgroup stats for /syz3: [ 714.732122][T22362] anon 301346816 [ 714.732122][T22362] file 0 [ 714.732122][T22362] kernel_stack 1048576 [ 714.732122][T22362] slab 7471104 [ 714.732122][T22362] sock 0 [ 714.732122][T22362] shmem 0 [ 714.732122][T22362] file_mapped 0 [ 714.732122][T22362] file_dirty 0 [ 714.732122][T22362] file_writeback 0 [ 714.732122][T22362] anon_thp 211812352 [ 714.732122][T22362] inactive_anon 252899328 [ 714.732122][T22362] active_anon 18202624 [ 714.732122][T22362] inactive_file 0 [ 714.732122][T22362] active_file 0 [ 714.732122][T22362] unevictable 30285824 [ 714.732122][T22362] slab_reclaimable 1351680 [ 714.732122][T22362] slab_unreclaimable 6119424 [ 714.732122][T22362] pgfault 774180 [ 714.732122][T22362] pgmajfault 0 [ 714.732122][T22362] workingset_refault 132 [ 714.732122][T22362] workingset_activate 66 [ 714.732122][T22362] workingset_nodereclaim 0 [ 714.732122][T22362] pgrefill 628 [ 714.732122][T22362] pgscan 630 [ 714.732122][T22362] pgsteal 132 [ 714.895760][T22362] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22358,uid=0 [ 714.921310][T22362] Memory cgroup out of memory: Killed process 22358 (syz-executor.3) total-vm:72832kB, anon-rss:16040kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 714.964645][ T1065] oom_reaper: reaped process 22358 (syz-executor.3), now anon-rss:16032kB, file-rss:54332kB, shmem-rss:0kB [ 714.976473][T22400] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 714.986883][T22400] CPU: 1 PID: 22400 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 714.995987][T22400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 715.006040][T22400] Call Trace: [ 715.009345][T22400] dump_stack+0x172/0x1f0 [ 715.013685][T22400] dump_header+0x177/0x1152 [ 715.018188][T22400] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 715.024007][T22400] ? ___ratelimit+0x2c8/0x595 [ 715.028685][T22400] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 715.034493][T22400] ? lockdep_hardirqs_on+0x418/0x5d0 [ 715.039776][T22400] ? trace_hardirqs_on+0x67/0x240 [ 715.044805][T22400] ? pagefault_out_of_memory+0x11c/0x11c [ 715.050441][T22400] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 715.056246][T22400] ? ___ratelimit+0x60/0x595 [ 715.060834][T22400] ? do_raw_spin_unlock+0x57/0x270 [ 715.065951][T22400] oom_kill_process.cold+0x10/0x15 [ 715.071063][T22400] out_of_memory+0x334/0x1340 [ 715.075738][T22400] ? lock_downgrade+0x920/0x920 [ 715.080590][T22400] ? oom_killer_disable+0x280/0x280 [ 715.085803][T22400] mem_cgroup_out_of_memory+0x1d8/0x240 [ 715.091349][T22400] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 715.096987][T22400] ? do_raw_spin_unlock+0x57/0x270 [ 715.102105][T22400] ? _raw_spin_unlock+0x2d/0x50 [ 715.106968][T22400] try_charge+0xf4b/0x1440 [ 715.111400][T22400] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 715.116947][T22400] ? percpu_ref_tryget_live+0x111/0x290 [ 715.122499][T22400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 715.128747][T22400] ? __kasan_check_read+0x11/0x20 [ 715.133777][T22400] ? get_mem_cgroup_from_mm+0x156/0x320 [ 715.139329][T22400] mem_cgroup_try_charge+0x136/0x590 [ 715.144615][T22400] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 715.150859][T22400] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 715.156497][T22400] __handle_mm_fault+0x1e34/0x3f20 [ 715.161613][T22400] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 715.167172][T22400] ? __kasan_check_read+0x11/0x20 [ 715.172214][T22400] handle_mm_fault+0x1b5/0x6c0 [ 715.176995][T22400] __get_user_pages+0x7d4/0x1b30 [ 715.181943][T22400] ? mark_held_locks+0xf0/0xf0 [ 715.186717][T22400] ? follow_page_mask+0x1cf0/0x1cf0 [ 715.191917][T22400] ? __mm_populate+0x270/0x380 [ 715.196690][T22400] ? __kasan_check_write+0x14/0x20 [ 715.201812][T22400] ? down_read+0x109/0x430 [ 715.206250][T22400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 715.212504][T22400] populate_vma_page_range+0x20d/0x2a0 [ 715.217969][T22400] __mm_populate+0x204/0x380 [ 715.222568][T22400] ? populate_vma_page_range+0x2a0/0x2a0 [ 715.228202][T22400] ? __kasan_check_write+0x14/0x20 [ 715.233312][T22400] ? up_write+0x155/0x490 [ 715.237635][T22400] ? ns_capable_common+0x93/0x100 [ 715.242665][T22400] __x64_sys_mlockall+0x473/0x520 [ 715.247692][T22400] do_syscall_64+0xfa/0x760 [ 715.252202][T22400] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 715.258106][T22400] RIP: 0033:0x459879 [ 715.262001][T22400] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 715.281599][T22400] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 715.290007][T22400] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 715.297978][T22400] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 715.305945][T22400] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 715.313917][T22400] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 715.321885][T22400] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 715.332594][T22400] memory: usage 307200kB, limit 307200kB, failcnt 1776 [ 715.339994][T22400] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 715.347033][T22400] Memory cgroup stats for /syz1: [ 715.347157][T22400] anon 294424576 [ 715.347157][T22400] file 122880 [ 715.347157][T22400] kernel_stack 917504 [ 715.347157][T22400] slab 14925824 [ 715.347157][T22400] sock 0 [ 715.347157][T22400] shmem 61440 [ 715.347157][T22400] file_mapped 0 [ 715.347157][T22400] file_dirty 0 [ 715.347157][T22400] file_writeback 0 [ 715.347157][T22400] anon_thp 130023424 [ 715.347157][T22400] inactive_anon 256991232 [ 715.347157][T22400] active_anon 5627904 [ 715.347157][T22400] inactive_file 90112 [ 715.347157][T22400] active_file 135168 [ 715.347157][T22400] unevictable 31821824 [ 715.347157][T22400] slab_reclaimable 6623232 [ 715.347157][T22400] slab_unreclaimable 8302592 [ 715.347157][T22400] pgfault 194469 [ 715.347157][T22400] pgmajfault 0 [ 715.347157][T22400] workingset_refault 33 [ 715.347157][T22400] workingset_activate 0 [ 715.347157][T22400] workingset_nodereclaim 0 [ 715.347157][T22400] pgrefill 407 [ 715.347157][T22400] pgscan 4487 [ 715.347157][T22400] pgsteal 4166 [ 715.443187][T22400] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22369,uid=0 [ 715.459277][T22400] Memory cgroup out of memory: Killed process 22369 (syz-executor.1) total-vm:72840kB, anon-rss:18240kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 715.503518][T22400] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 715.516013][T22400] CPU: 1 PID: 22400 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 715.525140][T22400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 715.535194][T22400] Call Trace: [ 715.538498][T22400] dump_stack+0x172/0x1f0 [ 715.542834][T22400] dump_header+0x177/0x1152 [ 715.547341][T22400] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 715.553148][T22400] ? ___ratelimit+0x2c8/0x595 [ 715.557825][T22400] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 715.563633][T22400] ? lockdep_hardirqs_on+0x418/0x5d0 [ 715.568918][T22400] ? trace_hardirqs_on+0x67/0x240 [ 715.573942][T22400] ? pagefault_out_of_memory+0x11c/0x11c [ 715.579582][T22400] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 715.585389][T22400] ? ___ratelimit+0x60/0x595 [ 715.589980][T22400] ? do_raw_spin_unlock+0x57/0x270 [ 715.595216][T22400] oom_kill_process.cold+0x10/0x15 [ 715.600319][T22400] out_of_memory+0x334/0x1340 [ 715.605082][T22400] ? lock_downgrade+0x920/0x920 [ 715.609917][T22400] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 715.615700][T22400] ? oom_killer_disable+0x280/0x280 [ 715.620884][T22400] mem_cgroup_out_of_memory+0x1d8/0x240 [ 715.626422][T22400] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 715.632049][T22400] ? do_raw_spin_unlock+0x57/0x270 [ 715.637146][T22400] ? _raw_spin_unlock+0x2d/0x50 [ 715.641991][T22400] try_charge+0xf4b/0x1440 [ 715.646565][T22400] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 715.652086][T22400] ? percpu_ref_tryget_live+0x111/0x290 [ 715.657611][T22400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 715.663831][T22400] ? __kasan_check_read+0x11/0x20 [ 715.668835][T22400] ? get_mem_cgroup_from_mm+0x156/0x320 [ 715.674357][T22400] mem_cgroup_try_charge+0x136/0x590 [ 715.679623][T22400] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 715.685855][T22400] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 715.691469][T22400] __handle_mm_fault+0x1e34/0x3f20 [ 715.696562][T22400] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 715.702094][T22400] ? __kasan_check_read+0x11/0x20 [ 715.707158][T22400] handle_mm_fault+0x1b5/0x6c0 [ 715.711903][T22400] __get_user_pages+0x7d4/0x1b30 [ 715.716821][T22400] ? mark_held_locks+0xf0/0xf0 [ 715.721569][T22400] ? follow_page_mask+0x1cf0/0x1cf0 [ 715.726739][T22400] ? __mm_populate+0x270/0x380 [ 715.731482][T22400] ? __kasan_check_write+0x14/0x20 [ 715.736572][T22400] ? down_read+0x109/0x430 [ 715.741021][T22400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 715.747241][T22400] populate_vma_page_range+0x20d/0x2a0 [ 715.752685][T22400] __mm_populate+0x204/0x380 [ 715.757356][T22400] ? populate_vma_page_range+0x2a0/0x2a0 [ 715.762989][T22400] ? __kasan_check_write+0x14/0x20 [ 715.768214][T22400] ? up_write+0x155/0x490 [ 715.772521][T22400] ? ns_capable_common+0x93/0x100 [ 715.777527][T22400] __x64_sys_mlockall+0x473/0x520 [ 715.782531][T22400] do_syscall_64+0xfa/0x760 [ 715.787015][T22400] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 715.792884][T22400] RIP: 0033:0x459879 [ 715.796757][T22400] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 715.816448][T22400] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 715.824847][T22400] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 715.832797][T22400] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 715.840875][T22400] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 715.848831][T22400] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 715.856779][T22400] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff 06:29:27 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) r2 = socket$inet_dccp(0x2, 0x6, 0x0) signalfd(r2, &(0x7f0000000100)={0x9}, 0x8) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8277ed1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cce8c49f2c396850"], 0x9) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:29:27 executing program 0: dup(0xffffffffffffffff) r0 = eventfd2(0x0, 0x0) r1 = dup(r0) r2 = open(&(0x7f0000000040)='./bus\x00', 0x141042, 0x0) ftruncate(r2, 0x7fff) sendfile(r1, r2, 0x0, 0x8000fffffffe) 06:29:27 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0xffffffffffffffff, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 715.868536][T22400] memory: usage 307196kB, limit 307200kB, failcnt 1795 [ 715.875940][T22400] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 715.883666][T22400] Memory cgroup stats for /syz1: [ 715.883782][T22400] anon 294559744 [ 715.883782][T22400] file 122880 [ 715.883782][T22400] kernel_stack 917504 [ 715.883782][T22400] slab 14925824 [ 715.883782][T22400] sock 0 [ 715.883782][T22400] shmem 61440 [ 715.883782][T22400] file_mapped 0 [ 715.883782][T22400] file_dirty 0 [ 715.883782][T22400] file_writeback 0 06:29:28 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xfc, 0x0) [ 715.883782][T22400] anon_thp 130023424 [ 715.883782][T22400] inactive_anon 256856064 [ 715.883782][T22400] active_anon 5627904 [ 715.883782][T22400] inactive_file 90112 [ 715.883782][T22400] active_file 135168 [ 715.883782][T22400] unevictable 32227328 [ 715.883782][T22400] slab_reclaimable 6623232 [ 715.883782][T22400] slab_unreclaimable 8302592 [ 715.883782][T22400] pgfault 194535 [ 715.883782][T22400] pgmajfault 0 [ 715.883782][T22400] workingset_refault 33 [ 715.883782][T22400] workingset_activate 0 [ 715.883782][T22400] workingset_nodereclaim 0 [ 715.883782][T22400] pgrefill 407 [ 715.883782][T22400] pgscan 4487 [ 715.883782][T22400] pgsteal 4166 [ 715.980066][T22400] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22356,uid=0 [ 716.050816][T22400] Memory cgroup out of memory: Killed process 22356 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 06:29:28 executing program 0: chdir(0x0) prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = getpid() socket$inet_icmp_raw(0x2, 0x3, 0x1) sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) clock_nanosleep(0x0, 0x0, 0x0, &(0x7f0000000100)) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0) r4 = open(&(0x7f00000008c0)='./file0\x00', 0x20141042, 0x0) ftruncate(r4, 0x28007d) sendfile(r4, r4, 0x0, 0x2008000fffffffe) 06:29:28 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 716.124599][T22404] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 716.162788][T22404] CPU: 0 PID: 22404 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 716.171933][T22404] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.181989][T22404] Call Trace: [ 716.185285][T22404] dump_stack+0x172/0x1f0 [ 716.189622][T22404] dump_header+0x177/0x1152 [ 716.194230][T22404] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 716.200036][T22404] ? ___ratelimit+0x2c8/0x595 [ 716.204716][T22404] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 716.210530][T22404] ? lockdep_hardirqs_on+0x418/0x5d0 [ 716.215826][T22404] ? trace_hardirqs_on+0x67/0x240 [ 716.220941][T22404] ? pagefault_out_of_memory+0x11c/0x11c [ 716.226583][T22404] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 716.232388][T22404] ? ___ratelimit+0x60/0x595 [ 716.236973][T22404] ? do_raw_spin_unlock+0x57/0x270 [ 716.242090][T22404] oom_kill_process.cold+0x10/0x15 [ 716.247205][T22404] out_of_memory+0x334/0x1340 [ 716.251883][T22404] ? lock_downgrade+0x920/0x920 [ 716.256743][T22404] ? oom_killer_disable+0x280/0x280 [ 716.261955][T22404] mem_cgroup_out_of_memory+0x1d8/0x240 [ 716.267504][T22404] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 716.273147][T22404] ? do_raw_spin_unlock+0x57/0x270 [ 716.278262][T22404] ? _raw_spin_unlock+0x2d/0x50 [ 716.283120][T22404] try_charge+0xf4b/0x1440 [ 716.287553][T22404] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 716.293096][T22404] ? percpu_ref_tryget_live+0x111/0x290 [ 716.298646][T22404] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 716.304885][T22404] ? __kasan_check_read+0x11/0x20 [ 716.309914][T22404] ? get_mem_cgroup_from_mm+0x156/0x320 [ 716.315460][T22404] mem_cgroup_try_charge+0x136/0x590 [ 716.320744][T22404] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 716.326992][T22404] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 716.332631][T22404] wp_page_copy+0x41e/0x1590 [ 716.337221][T22404] ? find_held_lock+0x35/0x130 [ 716.341992][T22404] ? pmd_pfn+0x1d0/0x1d0 [ 716.346237][T22404] ? lock_downgrade+0x920/0x920 [ 716.351099][T22404] ? swp_swapcount+0x540/0x540 [ 716.355865][T22404] ? __kasan_check_read+0x11/0x20 [ 716.360888][T22404] ? do_raw_spin_unlock+0x57/0x270 [ 716.366002][T22404] do_wp_page+0x499/0x14d0 [ 716.370423][T22404] ? finish_mkwrite_fault+0x570/0x570 [ 716.375814][T22404] __handle_mm_fault+0x22f1/0x3f20 [ 716.380944][T22404] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 716.386514][T22404] ? __kasan_check_read+0x11/0x20 [ 716.391566][T22404] handle_mm_fault+0x1b5/0x6c0 [ 716.396341][T22404] __get_user_pages+0x7d4/0x1b30 [ 716.401290][T22404] ? mark_held_locks+0xf0/0xf0 [ 716.406073][T22404] ? follow_page_mask+0x1cf0/0x1cf0 [ 716.411274][T22404] ? __mm_populate+0x270/0x380 [ 716.416050][T22404] ? __kasan_check_write+0x14/0x20 [ 716.421168][T22404] ? down_read+0x109/0x430 [ 716.425592][T22404] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 716.431838][T22404] populate_vma_page_range+0x20d/0x2a0 [ 716.437306][T22404] __mm_populate+0x204/0x380 [ 716.441903][T22404] ? populate_vma_page_range+0x2a0/0x2a0 [ 716.447545][T22404] ? __kasan_check_write+0x14/0x20 [ 716.452662][T22404] ? up_write+0x155/0x490 [ 716.456998][T22404] ? ns_capable_common+0x93/0x100 [ 716.462031][T22404] __x64_sys_mlockall+0x473/0x520 [ 716.467170][T22404] do_syscall_64+0xfa/0x760 [ 716.471690][T22404] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 716.477583][T22404] RIP: 0033:0x459879 [ 716.481479][T22404] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 716.501087][T22404] RSP: 002b:00007fe89cd08c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 716.509592][T22404] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 716.517566][T22404] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 716.525681][T22404] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 716.533672][T22404] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd096d4 [ 716.541653][T22404] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 716.554539][T22404] memory: usage 307200kB, limit 307200kB, failcnt 5787 [ 716.561673][T22404] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 716.569087][T22404] Memory cgroup stats for /syz2: [ 716.569196][T22404] anon 303329280 [ 716.569196][T22404] file 28672 [ 716.569196][T22404] kernel_stack 983040 [ 716.569196][T22404] slab 5509120 [ 716.569196][T22404] sock 0 [ 716.569196][T22404] shmem 0 [ 716.569196][T22404] file_mapped 0 [ 716.569196][T22404] file_dirty 0 [ 716.569196][T22404] file_writeback 0 [ 716.569196][T22404] anon_thp 207618048 [ 716.569196][T22404] inactive_anon 245669888 [ 716.569196][T22404] active_anon 11894784 [ 716.569196][T22404] inactive_file 0 [ 716.569196][T22404] active_file 0 [ 716.569196][T22404] unevictable 45899776 [ 716.569196][T22404] slab_reclaimable 1216512 [ 716.569196][T22404] slab_unreclaimable 4292608 [ 716.569196][T22404] pgfault 800019 [ 716.569196][T22404] pgmajfault 0 [ 716.569196][T22404] workingset_refault 198 [ 716.569196][T22404] workingset_activate 66 [ 716.569196][T22404] workingset_nodereclaim 0 [ 716.569196][T22404] pgrefill 1466 [ 716.569196][T22404] pgscan 1693 [ 716.569196][T22404] pgsteal 198 06:29:28 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 716.574300][T22404] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22395,uid=0 [ 716.696271][T22404] Memory cgroup out of memory: Killed process 22395 (syz-executor.2) total-vm:72832kB, anon-rss:18220kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 716.753614][ T1065] oom_reaper: reaped process 22395 (syz-executor.2), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 716.777885][T22410] FAULT_FLAG_ALLOW_RETRY missing 70 [ 716.796578][T22410] CPU: 0 PID: 22410 Comm: syz-executor.4 Not tainted 5.3.0-rc6-next-20190830 #75 [ 716.805708][T22410] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 716.816110][T22410] Call Trace: [ 716.819412][T22410] dump_stack+0x172/0x1f0 [ 716.823761][T22410] handle_userfault.cold+0x41/0x5e [ 716.828879][T22410] ? lock_downgrade+0x920/0x920 [ 716.833745][T22410] ? __kasan_check_read+0x11/0x20 [ 716.838779][T22410] ? userfaultfd_ioctl+0x3aa0/0x3aa0 [ 716.844079][T22410] ? find_get_entry+0x4ab/0x7a0 [ 716.848938][T22410] ? find_get_pages_contig+0xa20/0xa20 [ 716.854399][T22410] ? __kasan_check_read+0x11/0x20 [ 716.859605][T22410] ? __kasan_check_read+0x11/0x20 [ 716.864641][T22410] ? find_lock_entry+0x1a7/0x560 [ 716.869586][T22410] shmem_getpage_gfp+0x1f51/0x2680 [ 716.874716][T22410] ? shmem_unuse_inode+0x1010/0x1010 [ 716.880016][T22410] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 716.886260][T22410] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 716.892515][T22410] shmem_fault+0x22a/0x7b0 [ 716.896949][T22410] ? shmem_read_mapping_page_gfp+0x1a0/0x1a0 [ 716.902936][T22410] ? find_lock_entry+0x560/0x560 [ 716.907874][T22410] ? pmd_val+0x85/0x100 [ 716.912032][T22410] ? pmd_val+0x85/0x100 [ 716.916198][T22410] __do_fault+0x111/0x540 [ 716.920529][T22410] ? __sanitizer_cov_trace_const_cmp8+0x18/0x20 [ 716.926775][T22410] __handle_mm_fault+0x2cb8/0x3f20 [ 716.931893][T22410] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 716.937454][T22410] ? __kasan_check_read+0x11/0x20 [ 716.942494][T22410] handle_mm_fault+0x1b5/0x6c0 [ 716.947262][T22410] __do_page_fault+0x536/0xdd0 [ 716.952044][T22410] do_page_fault+0x38/0x590 [ 716.956550][T22410] page_fault+0x39/0x40 [ 716.960699][T22410] RIP: 0033:0x453210 [ 716.964589][T22410] Code: 0f 84 c4 0f 00 00 48 89 f1 48 89 f8 48 83 e1 3f 48 83 f9 20 0f 86 7b 02 00 00 48 83 e6 f0 48 83 e1 0f 66 0f ef c0 66 0f ef c9 <66> 0f 74 0e 66 0f d7 d1 48 d3 ea 49 c7 c2 11 00 00 00 49 29 ca 4d [ 716.984192][T22410] RSP: 002b:00007ff1e67fb7a8 EFLAGS: 00010202 [ 716.990257][T22410] RAX: 00007ff1e67fb850 RBX: 0000000000000003 RCX: 000000000000000e [ 716.998232][T22410] RDX: 00000000000003ff RSI: 0000000020012fe0 RDI: 00007ff1e67fb850 [ 717.006209][T22410] RBP: 000000000075bf20 R08: 00000000000003ff R09: 0000000000000000 [ 717.014191][T22410] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ff1e67fc6d4 [ 717.022164][T22410] R13: 00000000004c8c4b R14: 00000000004dfbc8 R15: 00000000ffffffff [ 717.127453][ T26] audit: type=1800 audit(1567664969.208:102): pid=22427 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=collect_data cause=failed comm="syz-executor.0" name="file0" dev="sda1" ino=16635 res=0 [ 717.330007][T22428] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 717.340430][T22428] CPU: 0 PID: 22428 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 717.349532][T22428] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 717.359583][T22428] Call Trace: [ 717.362880][T22428] dump_stack+0x172/0x1f0 [ 717.367217][T22428] dump_header+0x177/0x1152 [ 717.371728][T22428] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 717.377531][T22428] ? ___ratelimit+0x2c8/0x595 [ 717.382211][T22428] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 717.388025][T22428] ? lockdep_hardirqs_on+0x418/0x5d0 [ 717.393401][T22428] ? trace_hardirqs_on+0x67/0x240 [ 717.398433][T22428] ? pagefault_out_of_memory+0x11c/0x11c [ 717.404069][T22428] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 717.409878][T22428] ? ___ratelimit+0x60/0x595 [ 717.414466][T22428] ? do_raw_spin_unlock+0x57/0x270 [ 717.419585][T22428] oom_kill_process.cold+0x10/0x15 [ 717.424698][T22428] out_of_memory+0x334/0x1340 [ 717.429379][T22428] ? lock_downgrade+0x920/0x920 [ 717.434240][T22428] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 717.440050][T22428] ? oom_killer_disable+0x280/0x280 [ 717.445260][T22428] mem_cgroup_out_of_memory+0x1d8/0x240 [ 717.450805][T22428] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 717.456444][T22428] ? do_raw_spin_unlock+0x57/0x270 [ 717.461556][T22428] ? _raw_spin_unlock+0x2d/0x50 [ 717.466411][T22428] try_charge+0xf4b/0x1440 [ 717.470836][T22428] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 717.476377][T22428] ? percpu_ref_tryget_live+0x111/0x290 [ 717.481928][T22428] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 717.488179][T22428] ? __kasan_check_read+0x11/0x20 [ 717.493210][T22428] ? get_mem_cgroup_from_mm+0x156/0x320 [ 717.498850][T22428] mem_cgroup_try_charge+0x136/0x590 [ 717.504138][T22428] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 717.510389][T22428] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 717.516035][T22428] do_huge_pmd_wp_page_fallback+0x24c/0x1740 [ 717.522021][T22428] ? defrag_store+0x360/0x360 [ 717.522043][T22428] ? lock_downgrade+0x920/0x920 [ 717.522064][T22428] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 717.522079][T22428] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 717.522098][T22428] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 717.522112][T22428] ? alloc_pages_vma+0x122/0x3f0 [ 717.522130][T22428] do_huge_pmd_wp_page+0x7ff/0x2300 [ 717.522152][T22428] ? __split_huge_pmd+0x2810/0x2810 [ 717.537969][T22428] ? __kasan_check_read+0x11/0x20 [ 717.537986][T22428] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 717.538002][T22428] ? pmd_val+0x85/0x100 [ 717.538017][T22428] ? add_mm_counter_fast.part.0+0x40/0x40 [ 717.538038][T22428] __handle_mm_fault+0x14cf/0x3f20 [ 717.538057][T22428] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 717.597232][T22428] ? __kasan_check_read+0x11/0x20 [ 717.602276][T22428] handle_mm_fault+0x1b5/0x6c0 [ 717.607052][T22428] __get_user_pages+0x7d4/0x1b30 [ 717.611986][T22428] ? mark_held_locks+0xf0/0xf0 [ 717.616755][T22428] ? follow_page_mask+0x1cf0/0x1cf0 [ 717.621937][T22428] ? __mm_populate+0x270/0x380 [ 717.626686][T22428] ? __kasan_check_write+0x14/0x20 [ 717.631779][T22428] ? down_read+0x109/0x430 [ 717.636175][T22428] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 717.642398][T22428] populate_vma_page_range+0x20d/0x2a0 [ 717.647851][T22428] __mm_populate+0x204/0x380 [ 717.652430][T22428] ? populate_vma_page_range+0x2a0/0x2a0 [ 717.658057][T22428] ? __kasan_check_write+0x14/0x20 [ 717.663158][T22428] ? up_write+0x155/0x490 [ 717.667477][T22428] ? ns_capable_common+0x93/0x100 [ 717.672509][T22428] __x64_sys_mlockall+0x473/0x520 [ 717.677528][T22428] do_syscall_64+0xfa/0x760 [ 717.682028][T22428] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 717.687908][T22428] RIP: 0033:0x459879 [ 717.691820][T22428] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 717.711412][T22428] RSP: 002b:00007fc0ba507c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 717.719831][T22428] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 717.727797][T22428] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 717.735757][T22428] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 717.743751][T22428] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5086d4 [ 717.751706][T22428] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 717.761039][T22428] memory: usage 307200kB, limit 307200kB, failcnt 5224 [ 717.767968][T22428] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 717.774803][T22428] Memory cgroup stats for /syz3: [ 717.774897][T22428] anon 299433984 [ 717.774897][T22428] file 0 [ 717.774897][T22428] kernel_stack 983040 [ 717.774897][T22428] slab 7471104 [ 717.774897][T22428] sock 0 [ 717.774897][T22428] shmem 0 [ 717.774897][T22428] file_mapped 0 [ 717.774897][T22428] file_dirty 0 [ 717.774897][T22428] file_writeback 0 [ 717.774897][T22428] anon_thp 209715200 [ 717.774897][T22428] inactive_anon 248029184 [ 717.774897][T22428] active_anon 18255872 [ 717.774897][T22428] inactive_file 0 [ 717.774897][T22428] active_file 0 [ 717.774897][T22428] unevictable 33165312 [ 717.774897][T22428] slab_reclaimable 1351680 [ 717.774897][T22428] slab_unreclaimable 6119424 [ 717.774897][T22428] pgfault 777942 [ 717.774897][T22428] pgmajfault 0 [ 717.774897][T22428] workingset_refault 132 [ 717.774897][T22428] workingset_activate 66 [ 717.774897][T22428] workingset_nodereclaim 0 [ 717.774897][T22428] pgrefill 628 [ 717.774897][T22428] pgscan 663 [ 717.774897][T22428] pgsteal 165 [ 717.868321][T22428] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22418,uid=0 [ 717.883857][T22428] Memory cgroup out of memory: Killed process 22418 (syz-executor.3) total-vm:72832kB, anon-rss:18088kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 717.903475][ T1065] oom_reaper: reaped process 22418 (syz-executor.3), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 717.911458][T22400] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 717.931332][T22400] CPU: 0 PID: 22400 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 717.940443][T22400] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 717.950497][T22400] Call Trace: [ 717.953792][T22400] dump_stack+0x172/0x1f0 [ 717.958130][T22400] dump_header+0x177/0x1152 [ 717.962634][T22400] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 717.968441][T22400] ? ___ratelimit+0x2c8/0x595 [ 717.973128][T22400] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 717.978945][T22400] ? lockdep_hardirqs_on+0x418/0x5d0 [ 717.984232][T22400] ? trace_hardirqs_on+0x67/0x240 [ 717.989256][T22400] ? pagefault_out_of_memory+0x11c/0x11c [ 717.994894][T22400] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 718.000713][T22400] ? ___ratelimit+0x60/0x595 [ 718.005308][T22400] ? do_raw_spin_unlock+0x57/0x270 [ 718.010428][T22400] oom_kill_process.cold+0x10/0x15 [ 718.015568][T22400] out_of_memory+0x334/0x1340 [ 718.020249][T22400] ? lock_downgrade+0x920/0x920 [ 718.025115][T22400] ? oom_killer_disable+0x280/0x280 [ 718.030334][T22400] mem_cgroup_out_of_memory+0x1d8/0x240 [ 718.035887][T22400] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 718.041513][T22400] ? do_raw_spin_unlock+0x57/0x270 [ 718.041532][T22400] ? _raw_spin_unlock+0x2d/0x50 [ 718.041550][T22400] try_charge+0xf4b/0x1440 [ 718.041574][T22400] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 718.041587][T22400] ? percpu_ref_tryget_live+0x111/0x290 [ 718.041604][T22400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 718.041622][T22400] ? __kasan_check_read+0x11/0x20 [ 718.078257][T22400] ? get_mem_cgroup_from_mm+0x156/0x320 [ 718.083811][T22400] mem_cgroup_try_charge+0x136/0x590 [ 718.089092][T22400] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 718.095322][T22400] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 718.100939][T22400] wp_page_copy+0x41e/0x1590 [ 718.105524][T22400] ? find_held_lock+0x35/0x130 [ 718.110302][T22400] ? pmd_pfn+0x1d0/0x1d0 [ 718.114549][T22400] ? lock_downgrade+0x920/0x920 [ 718.119406][T22400] ? swp_swapcount+0x540/0x540 [ 718.124176][T22400] ? __kasan_check_read+0x11/0x20 [ 718.129203][T22400] ? do_raw_spin_unlock+0x57/0x270 [ 718.134305][T22400] do_wp_page+0x499/0x14d0 [ 718.138701][T22400] ? finish_mkwrite_fault+0x570/0x570 [ 718.144061][T22400] __handle_mm_fault+0x22f1/0x3f20 [ 718.149200][T22400] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 718.154729][T22400] ? __kasan_check_read+0x11/0x20 [ 718.159777][T22400] handle_mm_fault+0x1b5/0x6c0 [ 718.164529][T22400] __get_user_pages+0x7d4/0x1b30 [ 718.169449][T22400] ? mark_held_locks+0xf0/0xf0 [ 718.174372][T22400] ? follow_page_mask+0x1cf0/0x1cf0 [ 718.179549][T22400] ? __mm_populate+0x270/0x380 [ 718.184314][T22400] ? __kasan_check_write+0x14/0x20 [ 718.189403][T22400] ? down_read+0x109/0x430 [ 718.193817][T22400] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 718.200042][T22400] populate_vma_page_range+0x20d/0x2a0 [ 718.205480][T22400] __mm_populate+0x204/0x380 [ 718.210051][T22400] ? populate_vma_page_range+0x2a0/0x2a0 [ 718.215707][T22400] ? __kasan_check_write+0x14/0x20 [ 718.220799][T22400] ? up_write+0x155/0x490 [ 718.225105][T22400] ? ns_capable_common+0x93/0x100 [ 718.230115][T22400] __x64_sys_mlockall+0x473/0x520 [ 718.235115][T22400] do_syscall_64+0xfa/0x760 [ 718.239612][T22400] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 718.245476][T22400] RIP: 0033:0x459879 [ 718.249346][T22400] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 718.268923][T22400] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 718.277321][T22400] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 718.285279][T22400] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 718.293225][T22400] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 718.301170][T22400] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 718.309161][T22400] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 718.318314][T22400] memory: usage 297924kB, limit 307200kB, failcnt 1828 [ 718.325216][T22400] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 718.332129][T22400] Memory cgroup stats for /syz1: [ 718.332248][T22400] anon 285319168 [ 718.332248][T22400] file 122880 [ 718.332248][T22400] kernel_stack 786432 [ 718.332248][T22400] slab 14925824 [ 718.332248][T22400] sock 0 [ 718.332248][T22400] shmem 61440 [ 718.332248][T22400] file_mapped 0 [ 718.332248][T22400] file_dirty 0 [ 718.332248][T22400] file_writeback 0 [ 718.332248][T22400] anon_thp 123731968 [ 718.332248][T22400] inactive_anon 242491392 [ 718.332248][T22400] active_anon 5627904 [ 718.332248][T22400] inactive_file 90112 [ 718.332248][T22400] active_file 135168 [ 718.332248][T22400] unevictable 37335040 [ 718.332248][T22400] slab_reclaimable 6623232 [ 718.332248][T22400] slab_unreclaimable 8302592 [ 718.332248][T22400] pgfault 201597 [ 718.332248][T22400] pgmajfault 0 [ 718.332248][T22400] workingset_refault 33 [ 718.332248][T22400] workingset_activate 0 [ 718.332248][T22400] workingset_nodereclaim 0 [ 718.332248][T22400] pgrefill 407 [ 718.332248][T22400] pgscan 4487 [ 718.332248][T22400] pgsteal 4166 [ 718.427127][T22400] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22399,uid=0 [ 718.442638][T22400] Memory cgroup out of memory: Killed process 22400 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 718.461999][ T1065] oom_reaper: reaped process 22400 (syz-executor.1), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB 06:29:30 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:30 executing program 0: socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa8c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100001c9, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000040)='net/snmp6\x00') preadv(r0, &(0x7f0000000480), 0x10000000000002a1, 0x0) 06:29:30 executing program 2: r0 = syz_open_dev$vbi(&(0x7f0000000140)='/dev/vbi#\x00', 0x1, 0x2) bind$isdn_base(r0, &(0x7f0000000280)={0x22, 0x15e, 0x0, 0x0, 0x3}, 0x6) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") readahead(r3, 0xa209, 0x0) r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") getsockopt$ARPT_SO_GET_REVISION_TARGET(r5, 0x0, 0x63, &(0x7f00000002c0)={'NETMAP\x00'}, &(0x7f0000000300)=0x1e) ioctl$RNDCLEARPOOL(r4, 0x5206, &(0x7f0000000400)) r6 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r6, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r6) r7 = accept$inet6(r6, 0x0, &(0x7f0000000440)) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000480)={'vcan0\x00', 0x0}) ioctl$sock_inet6_SIOCSIFDSTADDR(r7, 0x8918, &(0x7f00000004c0)={@empty, 0x34, r8}) mlockall(0x1) r9 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r9, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r9) ioctl$sock_bt_hidp_HIDPGETCONNINFO(r9, 0x800448d3, &(0x7f0000000340)={{0x4, 0x6, 0x6cb, 0x7f, 0x8, 0x3}, 0x14000000, 0x80000000, 0x8c1e, 0x1, 0x3, "146aff7f37ef70b9a15196d161bf4102c5853ec09e7d3eb379a7b5abd8a0cddce451128544304ad290e5d99792e56113c9b480c0a86cffebf946d710e811d88ea52277b081c117740bf083f631135e4f582ae865437d195558619925ec4698b278f674fa1646a702eff31e54c186aca05644ed912b005711c0a7efea48664f6b"}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0xfff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:30 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xfd, 0x0) 06:29:30 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r0) ioctl$VIDIOC_S_SELECTION(r0, 0xc040565f, &(0x7f0000000140)={0xc, 0x200, 0x1, {0x2, 0x7, 0x8, 0xc1}}) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) r3 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$void(r3, 0x0) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r3, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:30 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = creat(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) ioctl$sock_rose_SIOCRSCLRRT(r0, 0x89e4) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r1, 0x8010743f, &(0x7f0000000140)) 06:29:30 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:30 executing program 0: r0 = socket$netlink(0x10, 0x3, 0xc) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x2, &(0x7f0000000040)="93b7bdbf59885029e0ff6c3ab0401214e8f684423a516e5e31d7b501a228efb1859ac45efa6fce87d62fb93e96ef36f6d48c4fce2dfaffb675b29c3c6df80d8064470ccd79c12f4ad226516ec6447a07c0d667b9ce1b71d678490f6765dd42b0ab10b5291efd23425aad6b0d8368f6fe547e4273dddae8cadafc880c15b1413c2f424fd1745a386d3164df8bd07e731291cee048983a9352b439e4b153f6e489129726d0c246389c89113c300f6b57ab57504087bab5aa4856ec0d7992a3e56b850635834ffb81f31302f4cf761bc87c021e244eb63aff1f17476dd3c5237b078ef891d89e8b4c96c9fafda73f1ed6", 0xef) lsetxattr(0x0, &(0x7f0000000180)=@known='trusted.overlay.opaque\x00', &(0x7f00000001c0)='em0\'\x00', 0x5, 0x2) writev(r0, &(0x7f0000fb5ff0)=[{0x0}], 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000340)={0x0, 0x0}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000570600000fff07006706000002000000070600000ee60000bf2500000000000063350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad32010000000000950000000000000005000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) fdatasync(0xffffffffffffffff) r2 = socket(0x2, 0x0, 0x9) dup3(r1, r2, 0x0) fdatasync(0xffffffffffffffff) flistxattr(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x0, &(0x7f0000000940)=ANY=[], &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') r3 = socket$inet6(0xa, 0x802, 0x0) connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev}, 0x1c) sendmmsg(r3, &(0x7f0000005040), 0x15f, 0x0) r4 = accept4$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @local}, &(0x7f0000000380)=0x1c, 0x80000) sendto$inet6(r4, &(0x7f00000004c0)="02c08cb5c6ef098029ef8370403d2fc8b9eac24eb067882a78047503c7a21e04d3026e17d032f1cee9359359bcf6d26d5a67471afe0aa0c8513740e49fb20cc1946d3ff39b88b61936834c03a0138cd2ea8790fd96b3913cf7d42271fbfa420ed3bc4ce6a46cab4e00994d62cdc7117770e7614ee1481cbbc12b751022067ebe8151b6645aaa1f90fc529d77", 0x8c, 0x4, &(0x7f00000003c0)={0xa, 0x4e22, 0x2, @remote, 0x100}, 0x1c) sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, 0x0, 0x0) [ 718.904318][T22450] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 718.947511][T22450] CPU: 1 PID: 22450 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 718.956650][T22450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 718.966708][T22450] Call Trace: [ 718.970006][T22450] dump_stack+0x172/0x1f0 [ 718.974358][T22450] dump_header+0x177/0x1152 [ 718.978870][T22450] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 718.984681][T22450] ? ___ratelimit+0x2c8/0x595 [ 718.989359][T22450] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 718.995172][T22450] ? lockdep_hardirqs_on+0x418/0x5d0 [ 719.000465][T22450] ? trace_hardirqs_on+0x67/0x240 [ 719.005495][T22450] ? pagefault_out_of_memory+0x11c/0x11c [ 719.011131][T22450] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 719.016935][T22450] ? ___ratelimit+0x60/0x595 [ 719.021529][T22450] ? do_raw_spin_unlock+0x57/0x270 [ 719.026644][T22450] oom_kill_process.cold+0x10/0x15 [ 719.031760][T22450] out_of_memory+0x334/0x1340 [ 719.036437][T22450] ? lock_downgrade+0x920/0x920 [ 719.041296][T22450] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 719.047110][T22450] ? oom_killer_disable+0x280/0x280 [ 719.052323][T22450] mem_cgroup_out_of_memory+0x1d8/0x240 [ 719.057867][T22450] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 719.063503][T22450] ? do_raw_spin_unlock+0x57/0x270 [ 719.068619][T22450] ? _raw_spin_unlock+0x2d/0x50 [ 719.073480][T22450] try_charge+0xf4b/0x1440 [ 719.077912][T22450] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 719.083464][T22450] ? percpu_ref_tryget_live+0x111/0x290 [ 719.089015][T22450] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 719.095265][T22450] ? __kasan_check_read+0x11/0x20 [ 719.100299][T22450] ? get_mem_cgroup_from_mm+0x156/0x320 [ 719.105849][T22450] mem_cgroup_try_charge+0x136/0x590 [ 719.111139][T22450] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 719.117397][T22450] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 719.123045][T22450] __handle_mm_fault+0x1e34/0x3f20 [ 719.128191][T22450] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 719.133758][T22450] ? __kasan_check_read+0x11/0x20 [ 719.138796][T22450] handle_mm_fault+0x1b5/0x6c0 [ 719.143578][T22450] __get_user_pages+0x7d4/0x1b30 [ 719.148514][T22450] ? mark_held_locks+0xf0/0xf0 [ 719.153289][T22450] ? follow_page_mask+0x1cf0/0x1cf0 [ 719.158497][T22450] ? __mm_populate+0x270/0x380 [ 719.163273][T22450] ? __kasan_check_write+0x14/0x20 [ 719.168394][T22450] ? down_read+0x109/0x430 [ 719.172812][T22450] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 719.179052][T22450] populate_vma_page_range+0x20d/0x2a0 [ 719.184517][T22450] __mm_populate+0x204/0x380 [ 719.189111][T22450] ? populate_vma_page_range+0x2a0/0x2a0 [ 719.194743][T22450] ? __kasan_check_write+0x14/0x20 [ 719.199850][T22450] ? up_write+0x155/0x490 [ 719.204177][T22450] ? ns_capable_common+0x93/0x100 [ 719.209201][T22450] __x64_sys_mlockall+0x473/0x520 [ 719.214222][T22450] do_syscall_64+0xfa/0x760 [ 719.218726][T22450] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 719.224621][T22450] RIP: 0033:0x459879 [ 719.228525][T22450] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 06:29:31 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 719.248130][T22450] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 719.256540][T22450] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 719.264510][T22450] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 719.272474][T22450] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 719.280453][T22450] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 719.288416][T22450] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 719.313368][T22450] memory: usage 307200kB, limit 307200kB, failcnt 5308 [ 719.327182][T22450] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 719.364469][T22450] Memory cgroup stats for /syz3: [ 719.364595][T22450] anon 301559808 [ 719.364595][T22450] file 0 [ 719.364595][T22450] kernel_stack 917504 [ 719.364595][T22450] slab 7471104 [ 719.364595][T22450] sock 0 [ 719.364595][T22450] shmem 0 [ 719.364595][T22450] file_mapped 0 [ 719.364595][T22450] file_dirty 0 [ 719.364595][T22450] file_writeback 0 [ 719.364595][T22450] anon_thp 209715200 [ 719.364595][T22450] inactive_anon 250523648 [ 719.364595][T22450] active_anon 18186240 [ 719.364595][T22450] inactive_file 0 [ 719.364595][T22450] active_file 0 [ 719.364595][T22450] unevictable 32919552 [ 719.364595][T22450] slab_reclaimable 1351680 [ 719.364595][T22450] slab_unreclaimable 6119424 [ 719.364595][T22450] pgfault 780945 [ 719.364595][T22450] pgmajfault 0 [ 719.364595][T22450] workingset_refault 132 [ 719.364595][T22450] workingset_activate 66 [ 719.364595][T22450] workingset_nodereclaim 0 [ 719.364595][T22450] pgrefill 628 [ 719.364595][T22450] pgscan 663 [ 719.364595][T22450] pgsteal 165 06:29:31 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:31 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0xfe, 0x0) 06:29:31 executing program 0: r0 = socket$netlink(0x10, 0x3, 0xc) setsockopt$packet_buf(0xffffffffffffffff, 0x107, 0x2, &(0x7f0000000040)="93b7bdbf59885029e0ff6c3ab0401214e8f684423a516e5e31d7b501a228efb1859ac45efa6fce87d62fb93e96ef36f6d48c4fce2dfaffb675b29c3c6df80d8064470ccd79c12f4ad226516ec6447a07c0d667b9ce1b71d678490f6765dd42b0ab10b5291efd23425aad6b0d8368f6fe547e4273dddae8cadafc880c15b1413c2f424fd1745a386d3164df8bd07e731291cee048983a9352b439e4b153f6e489129726d0c246389c89113c300f6b57ab57504087bab5aa4856ec0d7992a3e56b850635834ffb81f31302f4cf761bc87c021e244eb63aff1f17476dd3c5237b078ef891d89e8b4c96c9fafda73f1ed6", 0xef) lsetxattr(0x0, &(0x7f0000000180)=@known='trusted.overlay.opaque\x00', &(0x7f00000001c0)='em0\'\x00', 0x5, 0x2) writev(r0, &(0x7f0000fb5ff0)=[{0x0}], 0x1) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000340)={0x0, 0x0}, 0x8) bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000570600000fff07006706000002000000070600000ee60000bf2500000000000063350000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ffad32010000000000950000000000000005000000000000009500000000000000"], &(0x7f0000000100)='GPL\x00'}, 0x48) fdatasync(0xffffffffffffffff) r2 = socket(0x2, 0x0, 0x9) dup3(r1, r2, 0x0) fdatasync(0xffffffffffffffff) flistxattr(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x0, &(0x7f0000000940)=ANY=[], &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70) syz_genetlink_get_family_id$tipc2(&(0x7f0000000200)='TIPCv2\x00') r3 = socket$inet6(0xa, 0x802, 0x0) connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @dev}, 0x1c) sendmmsg(r3, &(0x7f0000005040), 0x15f, 0x0) r4 = accept4$inet6(r3, &(0x7f0000000300)={0xa, 0x0, 0x0, @local}, &(0x7f0000000380)=0x1c, 0x80000) sendto$inet6(r4, &(0x7f00000004c0)="02c08cb5c6ef098029ef8370403d2fc8b9eac24eb067882a78047503c7a21e04d3026e17d032f1cee9359359bcf6d26d5a67471afe0aa0c8513740e49fb20cc1946d3ff39b88b61936834c03a0138cd2ea8790fd96b3913cf7d42271fbfa420ed3bc4ce6a46cab4e00994d62cdc7117770e7614ee1481cbbc12b751022067ebe8151b6645aaa1f90fc529d77", 0x8c, 0x4, &(0x7f00000003c0)={0xa, 0x4e22, 0x2, @remote, 0x100}, 0x1c) sendmsg$TIPC_NL_NET_GET(0xffffffffffffffff, 0x0, 0x0) [ 719.686826][T22450] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=14610,uid=0 06:29:31 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 719.800439][T22450] Memory cgroup out of memory: Killed process 14610 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 06:29:32 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 719.887547][T22452] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 719.906456][T22452] CPU: 1 PID: 22452 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 719.915577][T22452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 719.925626][T22452] Call Trace: [ 719.928922][T22452] dump_stack+0x172/0x1f0 [ 719.933254][T22452] dump_header+0x177/0x1152 [ 719.937767][T22452] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 719.943572][T22452] ? ___ratelimit+0x2c8/0x595 [ 719.948261][T22452] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 719.954071][T22452] ? lockdep_hardirqs_on+0x418/0x5d0 [ 719.959360][T22452] ? trace_hardirqs_on+0x67/0x240 [ 719.964393][T22452] ? pagefault_out_of_memory+0x11c/0x11c [ 719.970047][T22452] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 719.975860][T22452] ? ___ratelimit+0x60/0x595 [ 719.980448][T22452] ? do_raw_spin_unlock+0x57/0x270 [ 719.985565][T22452] oom_kill_process.cold+0x10/0x15 [ 719.990690][T22452] out_of_memory+0x334/0x1340 [ 719.995367][T22452] ? lock_downgrade+0x920/0x920 [ 720.000229][T22452] ? oom_killer_disable+0x280/0x280 [ 720.005443][T22452] mem_cgroup_out_of_memory+0x1d8/0x240 [ 720.010995][T22452] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 720.016649][T22452] ? do_raw_spin_unlock+0x57/0x270 [ 720.021770][T22452] ? _raw_spin_unlock+0x2d/0x50 [ 720.027326][T22452] try_charge+0xf4b/0x1440 [ 720.031761][T22452] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 720.037310][T22452] ? percpu_ref_tryget_live+0x111/0x290 [ 720.042864][T22452] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 720.049114][T22452] ? __kasan_check_read+0x11/0x20 [ 720.054158][T22452] ? get_mem_cgroup_from_mm+0x156/0x320 [ 720.059711][T22452] mem_cgroup_try_charge+0x136/0x590 [ 720.065003][T22452] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 720.071255][T22452] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 720.076893][T22452] __handle_mm_fault+0x1e34/0x3f20 [ 720.082013][T22452] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 720.087574][T22452] ? __kasan_check_read+0x11/0x20 [ 720.092613][T22452] handle_mm_fault+0x1b5/0x6c0 [ 720.097389][T22452] __get_user_pages+0x7d4/0x1b30 [ 720.102330][T22452] ? mark_held_locks+0xf0/0xf0 [ 720.107109][T22452] ? follow_page_mask+0x1cf0/0x1cf0 [ 720.112311][T22452] ? __mm_populate+0x270/0x380 [ 720.117105][T22452] ? __kasan_check_write+0x14/0x20 [ 720.122222][T22452] ? down_read+0x109/0x430 [ 720.126644][T22452] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 720.132893][T22452] populate_vma_page_range+0x20d/0x2a0 [ 720.138377][T22452] __mm_populate+0x204/0x380 [ 720.142971][T22452] ? populate_vma_page_range+0x2a0/0x2a0 [ 720.148601][T22452] ? __kasan_check_write+0x14/0x20 [ 720.153712][T22452] ? up_write+0x155/0x490 [ 720.158039][T22452] ? ns_capable_common+0x93/0x100 [ 720.163074][T22452] __x64_sys_mlockall+0x473/0x520 [ 720.168107][T22452] do_syscall_64+0xfa/0x760 [ 720.172623][T22452] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 720.178630][T22452] RIP: 0033:0x459879 [ 720.182526][T22452] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 720.202130][T22452] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 720.210542][T22452] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 720.218516][T22452] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 720.226491][T22452] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 720.234552][T22452] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 720.242531][T22452] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 720.258518][T22452] memory: usage 307200kB, limit 307200kB, failcnt 5813 [ 720.274391][T22452] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 720.291927][T22452] Memory cgroup stats for /syz2: [ 720.292039][T22452] anon 303419392 [ 720.292039][T22452] file 28672 [ 720.292039][T22452] kernel_stack 983040 [ 720.292039][T22452] slab 5509120 [ 720.292039][T22452] sock 0 [ 720.292039][T22452] shmem 0 [ 720.292039][T22452] file_mapped 0 [ 720.292039][T22452] file_dirty 0 [ 720.292039][T22452] file_writeback 0 [ 720.292039][T22452] anon_thp 207618048 [ 720.292039][T22452] inactive_anon 254726144 [ 720.292039][T22452] active_anon 12029952 [ 720.292039][T22452] inactive_file 0 [ 720.292039][T22452] active_file 0 [ 720.292039][T22452] unevictable 36978688 [ 720.292039][T22452] slab_reclaimable 1216512 [ 720.292039][T22452] slab_unreclaimable 4292608 [ 720.292039][T22452] pgfault 802461 [ 720.292039][T22452] pgmajfault 0 [ 720.292039][T22452] workingset_refault 198 [ 720.292039][T22452] workingset_activate 66 [ 720.292039][T22452] workingset_nodereclaim 0 [ 720.292039][T22452] pgrefill 1466 [ 720.292039][T22452] pgscan 1693 [ 720.292039][T22452] pgsteal 198 [ 720.393824][T22452] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22405,uid=0 [ 720.409595][T22452] Memory cgroup out of memory: Killed process 22405 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 720.436397][T22471] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 720.436950][ T1065] oom_reaper: reaped process 22405 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 720.461016][T22471] CPU: 0 PID: 22471 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 720.470135][T22471] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 720.480189][T22471] Call Trace: [ 720.483492][T22471] dump_stack+0x172/0x1f0 [ 720.487828][T22471] dump_header+0x177/0x1152 [ 720.492330][T22471] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 720.498129][T22471] ? ___ratelimit+0x2c8/0x595 [ 720.502806][T22471] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 720.508611][T22471] ? lockdep_hardirqs_on+0x418/0x5d0 [ 720.513896][T22471] ? trace_hardirqs_on+0x67/0x240 [ 720.518922][T22471] ? pagefault_out_of_memory+0x11c/0x11c [ 720.524558][T22471] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 720.530363][T22471] ? ___ratelimit+0x60/0x595 [ 720.534952][T22471] ? do_raw_spin_unlock+0x57/0x270 [ 720.540069][T22471] oom_kill_process.cold+0x10/0x15 [ 720.545194][T22471] out_of_memory+0x334/0x1340 [ 720.549870][T22471] ? lock_downgrade+0x920/0x920 [ 720.554723][T22471] ? oom_killer_disable+0x280/0x280 [ 720.559930][T22471] mem_cgroup_out_of_memory+0x1d8/0x240 [ 720.565477][T22471] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 720.571113][T22471] ? do_raw_spin_unlock+0x57/0x270 [ 720.576233][T22471] ? _raw_spin_unlock+0x2d/0x50 [ 720.581096][T22471] try_charge+0xf4b/0x1440 [ 720.585530][T22471] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 720.591078][T22471] ? find_held_lock+0x35/0x130 [ 720.595845][T22471] ? get_mem_cgroup_from_mm+0x139/0x320 [ 720.601405][T22471] ? lock_downgrade+0x920/0x920 [ 720.606259][T22471] ? percpu_ref_tryget_live+0x111/0x290 [ 720.611812][T22471] __memcg_kmem_charge_memcg+0x71/0xf0 [ 720.617281][T22471] ? memcg_kmem_put_cache+0x50/0x50 [ 720.622490][T22471] ? get_mem_cgroup_from_mm+0x156/0x320 [ 720.628048][T22471] __memcg_kmem_charge+0x13a/0x3a0 [ 720.633175][T22471] __alloc_pages_nodemask+0x4f7/0x900 [ 720.638558][T22471] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 720.644115][T22471] ? __alloc_pages_slowpath+0x2540/0x2540 [ 720.649834][T22471] ? percpu_ref_put_many+0xb6/0x190 [ 720.655035][T22471] ? lockdep_hardirqs_on+0x418/0x5d0 [ 720.660324][T22471] ? trace_hardirqs_on+0x67/0x240 [ 720.665456][T22471] ? __kasan_check_read+0x11/0x20 [ 720.670490][T22471] copy_process+0x3f8/0x6830 [ 720.675084][T22471] ? __kasan_check_read+0x11/0x20 [ 720.680114][T22471] ? __lock_acquire+0x16f2/0x4a00 [ 720.685149][T22471] ? __cleanup_sighand+0x60/0x60 [ 720.690097][T22471] ? __might_fault+0x12b/0x1e0 [ 720.694865][T22471] ? __might_fault+0x12b/0x1e0 [ 720.699640][T22471] _do_fork+0x146/0xfa0 [ 720.703801][T22471] ? copy_init_mm+0x20/0x20 [ 720.708313][T22471] ? __kasan_check_read+0x11/0x20 [ 720.713337][T22471] ? _copy_to_user+0x118/0x160 [ 720.718128][T22471] __x64_sys_clone+0x1ab/0x270 [ 720.722892][T22471] ? __ia32_sys_vfork+0xd0/0xd0 [ 720.727754][T22471] ? do_syscall_64+0x26/0x760 [ 720.732435][T22471] ? lockdep_hardirqs_on+0x418/0x5d0 [ 720.737730][T22471] ? trace_hardirqs_on+0x67/0x240 [ 720.742762][T22471] do_syscall_64+0xfa/0x760 [ 720.747277][T22471] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 720.753168][T22471] RIP: 0033:0x459879 [ 720.757063][T22471] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 720.776772][T22471] RSP: 002b:00007f4e2a90cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 720.785170][T22471] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 720.793125][T22471] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000000 [ 720.801091][T22471] RBP: 000000000075bfc8 R08: ffffffffffffffff R09: 0000000000000000 [ 720.809062][T22471] R10: 0000000020000240 R11: 0000000000000246 R12: 00007f4e2a90d6d4 [ 720.817031][T22471] R13: 00000000004bfd46 R14: 00000000004d1af8 R15: 00000000ffffffff [ 720.827426][T22471] memory: usage 307188kB, limit 307200kB, failcnt 1895 [ 720.834370][T22471] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 720.841574][T22471] Memory cgroup stats for /syz1: [ 720.841695][T22471] anon 294563840 [ 720.841695][T22471] file 122880 [ 720.841695][T22471] kernel_stack 917504 [ 720.841695][T22471] slab 14925824 [ 720.841695][T22471] sock 0 [ 720.841695][T22471] shmem 61440 [ 720.841695][T22471] file_mapped 0 [ 720.841695][T22471] file_dirty 0 [ 720.841695][T22471] file_writeback 0 [ 720.841695][T22471] anon_thp 125829120 [ 720.841695][T22471] inactive_anon 251604992 [ 720.841695][T22471] active_anon 5627904 [ 720.841695][T22471] inactive_file 90112 [ 720.841695][T22471] active_file 135168 [ 720.841695][T22471] unevictable 37351424 [ 720.841695][T22471] slab_reclaimable 6623232 [ 720.841695][T22471] slab_unreclaimable 8302592 [ 720.841695][T22471] pgfault 208263 [ 720.841695][T22471] pgmajfault 0 [ 720.841695][T22471] workingset_refault 33 [ 720.841695][T22471] workingset_activate 0 [ 720.841695][T22471] workingset_nodereclaim 0 [ 720.841695][T22471] pgrefill 407 [ 720.841695][T22471] pgscan 4520 [ 720.841695][T22471] pgsteal 4166 [ 720.937896][T22471] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22454,uid=0 [ 720.953679][T22471] Memory cgroup out of memory: Killed process 22454 (syz-executor.1) total-vm:72832kB, anon-rss:18224kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 721.021956][T22504] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 721.035505][T22504] CPU: 1 PID: 22504 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 721.044622][T22504] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 721.054667][T22504] Call Trace: [ 721.057955][T22504] dump_stack+0x172/0x1f0 [ 721.062285][T22504] dump_header+0x177/0x1152 [ 721.066785][T22504] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 721.072593][T22504] ? ___ratelimit+0x2c8/0x595 [ 721.077266][T22504] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 721.083068][T22504] ? lockdep_hardirqs_on+0x418/0x5d0 [ 721.088352][T22504] ? trace_hardirqs_on+0x67/0x240 [ 721.093380][T22504] ? pagefault_out_of_memory+0x11c/0x11c [ 721.099010][T22504] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 721.104814][T22504] ? ___ratelimit+0x60/0x595 [ 721.109402][T22504] ? do_raw_spin_unlock+0x57/0x270 [ 721.114513][T22504] oom_kill_process.cold+0x10/0x15 [ 721.119624][T22504] out_of_memory+0x334/0x1340 [ 721.124300][T22504] ? lock_downgrade+0x920/0x920 [ 721.129155][T22504] ? oom_killer_disable+0x280/0x280 [ 721.134369][T22504] mem_cgroup_out_of_memory+0x1d8/0x240 [ 721.139916][T22504] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 721.145551][T22504] ? do_raw_spin_unlock+0x57/0x270 [ 721.150660][T22504] ? _raw_spin_unlock+0x2d/0x50 [ 721.155513][T22504] try_charge+0xf4b/0x1440 [ 721.159942][T22504] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 721.165484][T22504] ? percpu_ref_tryget_live+0x111/0x290 [ 721.171052][T22504] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 721.177311][T22504] ? __kasan_check_read+0x11/0x20 [ 721.182344][T22504] ? get_mem_cgroup_from_mm+0x156/0x320 [ 721.187899][T22504] mem_cgroup_try_charge+0x136/0x590 [ 721.193190][T22504] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 721.199436][T22504] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 721.205164][T22504] wp_page_copy+0x41e/0x1590 [ 721.209754][T22504] ? find_held_lock+0x35/0x130 [ 721.214520][T22504] ? pmd_pfn+0x1d0/0x1d0 [ 721.218760][T22504] ? lock_downgrade+0x920/0x920 [ 721.223610][T22504] ? swp_swapcount+0x540/0x540 [ 721.228378][T22504] ? __kasan_check_read+0x11/0x20 [ 721.233400][T22504] ? do_raw_spin_unlock+0x57/0x270 [ 721.238517][T22504] do_wp_page+0x499/0x14d0 [ 721.242940][T22504] ? finish_mkwrite_fault+0x570/0x570 [ 721.248321][T22504] __handle_mm_fault+0x22f1/0x3f20 [ 721.253436][T22504] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 721.258992][T22504] ? __kasan_check_read+0x11/0x20 [ 721.264023][T22504] handle_mm_fault+0x1b5/0x6c0 [ 721.268792][T22504] __get_user_pages+0x7d4/0x1b30 [ 721.273723][T22504] ? mark_held_locks+0xf0/0xf0 [ 721.278498][T22504] ? follow_page_mask+0x1cf0/0x1cf0 [ 721.283696][T22504] ? __mm_populate+0x270/0x380 [ 721.288463][T22504] ? __kasan_check_write+0x14/0x20 [ 721.293568][T22504] ? down_read+0x109/0x430 [ 721.297980][T22504] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 721.304222][T22504] populate_vma_page_range+0x20d/0x2a0 [ 721.309688][T22504] __mm_populate+0x204/0x380 [ 721.314278][T22504] ? populate_vma_page_range+0x2a0/0x2a0 [ 721.319910][T22504] ? __kasan_check_write+0x14/0x20 [ 721.325019][T22504] ? up_write+0x155/0x490 [ 721.329348][T22504] ? ns_capable_common+0x93/0x100 [ 721.334373][T22504] __x64_sys_mlockall+0x473/0x520 [ 721.339399][T22504] do_syscall_64+0xfa/0x760 [ 721.343909][T22504] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 721.349794][T22504] RIP: 0033:0x459879 [ 721.353687][T22504] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 721.373284][T22504] RSP: 002b:00007fc0ba4e6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 721.381692][T22504] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 721.389662][T22504] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 721.397655][T22504] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 721.405623][T22504] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba4e76d4 [ 721.413593][T22504] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 721.436716][T22504] memory: usage 307180kB, limit 307200kB, failcnt 5352 [ 721.446745][T22504] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 721.456739][T22504] Memory cgroup stats for /syz3: [ 721.456859][T22504] anon 301215744 [ 721.456859][T22504] file 0 [ 721.456859][T22504] kernel_stack 1048576 [ 721.456859][T22504] slab 7606272 [ 721.456859][T22504] sock 0 [ 721.456859][T22504] shmem 0 [ 721.456859][T22504] file_mapped 0 [ 721.456859][T22504] file_dirty 0 [ 721.456859][T22504] file_writeback 0 [ 721.456859][T22504] anon_thp 201326592 [ 721.456859][T22504] inactive_anon 247726080 [ 721.456859][T22504] active_anon 18247680 [ 721.456859][T22504] inactive_file 0 [ 721.456859][T22504] active_file 0 [ 721.456859][T22504] unevictable 35373056 [ 721.456859][T22504] slab_reclaimable 1351680 [ 721.456859][T22504] slab_unreclaimable 6254592 [ 721.456859][T22504] pgfault 783387 [ 721.456859][T22504] pgmajfault 0 [ 721.456859][T22504] workingset_refault 132 [ 721.456859][T22504] workingset_activate 66 [ 721.456859][T22504] workingset_nodereclaim 0 [ 721.456859][T22504] pgrefill 628 [ 721.456859][T22504] pgscan 663 [ 721.456859][T22504] pgsteal 165 [ 721.550814][T22504] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22448,uid=0 [ 721.566405][T22504] Memory cgroup out of memory: Killed process 22448 (syz-executor.3) total-vm:72832kB, anon-rss:18016kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 721.584965][ T1065] oom_reaper: reaped process 22448 (syz-executor.3), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 721.596683][T22506] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 721.607362][T22506] CPU: 1 PID: 22506 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 721.616476][T22506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 721.626530][T22506] Call Trace: [ 721.629832][T22506] dump_stack+0x172/0x1f0 [ 721.634176][T22506] dump_header+0x177/0x1152 [ 721.638687][T22506] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 721.644497][T22506] ? ___ratelimit+0x2c8/0x595 [ 721.649183][T22506] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 721.654999][T22506] ? lockdep_hardirqs_on+0x418/0x5d0 [ 721.660296][T22506] ? trace_hardirqs_on+0x67/0x240 [ 721.665335][T22506] ? pagefault_out_of_memory+0x11c/0x11c [ 721.670974][T22506] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 721.676784][T22506] ? ___ratelimit+0x60/0x595 [ 721.681373][T22506] ? do_raw_spin_unlock+0x57/0x270 [ 721.686489][T22506] oom_kill_process.cold+0x10/0x15 [ 721.691602][T22506] out_of_memory+0x334/0x1340 [ 721.696289][T22506] ? lock_downgrade+0x920/0x920 [ 721.701145][T22506] ? oom_killer_disable+0x280/0x280 [ 721.706360][T22506] mem_cgroup_out_of_memory+0x1d8/0x240 [ 721.711907][T22506] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 721.717549][T22506] ? do_raw_spin_unlock+0x57/0x270 [ 721.722661][T22506] ? _raw_spin_unlock+0x2d/0x50 [ 721.727518][T22506] try_charge+0xf4b/0x1440 [ 721.731949][T22506] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 721.737492][T22506] ? percpu_ref_tryget_live+0x111/0x290 [ 721.743043][T22506] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 721.749293][T22506] ? __kasan_check_read+0x11/0x20 [ 721.754338][T22506] ? get_mem_cgroup_from_mm+0x156/0x320 [ 721.759897][T22506] mem_cgroup_try_charge+0x136/0x590 [ 721.765189][T22506] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 721.771445][T22506] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 721.777083][T22506] wp_page_copy+0x41e/0x1590 [ 721.781675][T22506] ? find_held_lock+0x35/0x130 [ 721.786445][T22506] ? pmd_pfn+0x1d0/0x1d0 [ 721.790698][T22506] ? lock_downgrade+0x920/0x920 [ 721.795555][T22506] ? swp_swapcount+0x540/0x540 [ 721.800456][T22506] ? __kasan_check_read+0x11/0x20 [ 721.805479][T22506] ? do_raw_spin_unlock+0x57/0x270 [ 721.810603][T22506] do_wp_page+0x499/0x14d0 [ 721.815035][T22506] ? finish_mkwrite_fault+0x570/0x570 [ 721.820419][T22506] __handle_mm_fault+0x22f1/0x3f20 [ 721.825534][T22506] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 721.831075][T22506] ? __kasan_check_read+0x11/0x20 [ 721.836087][T22506] handle_mm_fault+0x1b5/0x6c0 [ 721.840841][T22506] __get_user_pages+0x7d4/0x1b30 [ 721.845921][T22506] ? mark_held_locks+0xf0/0xf0 [ 721.850688][T22506] ? follow_page_mask+0x1cf0/0x1cf0 [ 721.855869][T22506] ? __mm_populate+0x270/0x380 [ 721.860619][T22506] ? __kasan_check_write+0x14/0x20 [ 721.865730][T22506] ? down_read+0x109/0x430 [ 721.870155][T22506] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 721.876392][T22506] populate_vma_page_range+0x20d/0x2a0 [ 721.881847][T22506] __mm_populate+0x204/0x380 [ 721.886428][T22506] ? populate_vma_page_range+0x2a0/0x2a0 [ 721.892043][T22506] ? __kasan_check_write+0x14/0x20 [ 721.897137][T22506] ? up_write+0x155/0x490 [ 721.901446][T22506] ? ns_capable_common+0x93/0x100 [ 721.906450][T22506] __x64_sys_mlockall+0x473/0x520 [ 721.911452][T22506] do_syscall_64+0xfa/0x760 [ 721.915933][T22506] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 721.921800][T22506] RIP: 0033:0x459879 [ 721.925684][T22506] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 721.945280][T22506] RSP: 002b:00007fe89cce7c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 721.953717][T22506] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 721.961666][T22506] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 721.969615][T22506] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 721.977564][T22506] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cce86d4 [ 721.985516][T22506] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 721.993977][T22506] memory: usage 298960kB, limit 307200kB, failcnt 5860 [ 722.000922][T22506] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 722.020789][T22506] Memory cgroup stats for /syz2: [ 722.020915][T22506] anon 295247872 [ 722.020915][T22506] file 28672 [ 722.020915][T22506] kernel_stack 851968 [ 722.020915][T22506] slab 5509120 [ 722.020915][T22506] sock 0 [ 722.020915][T22506] shmem 0 [ 722.020915][T22506] file_mapped 0 [ 722.020915][T22506] file_dirty 0 [ 722.020915][T22506] file_writeback 0 [ 722.020915][T22506] anon_thp 213909504 [ 722.020915][T22506] inactive_anon 240263168 [ 722.020915][T22506] active_anon 12029952 [ 722.020915][T22506] inactive_file 0 [ 722.020915][T22506] active_file 0 [ 722.020915][T22506] unevictable 43024384 [ 722.020915][T22506] slab_reclaimable 1216512 [ 722.020915][T22506] slab_unreclaimable 4292608 [ 722.020915][T22506] pgfault 805728 [ 722.020915][T22506] pgmajfault 0 [ 722.020915][T22506] workingset_refault 198 [ 722.020915][T22506] workingset_activate 66 [ 722.020915][T22506] workingset_nodereclaim 0 [ 722.020915][T22506] pgrefill 1466 [ 722.020915][T22506] pgscan 1693 [ 722.020915][T22506] pgsteal 198 [ 722.115586][T22506] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22447,uid=0 [ 722.131137][T22506] Memory cgroup out of memory: Killed process 22506 (syz-executor.2) total-vm:72832kB, anon-rss:18352kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 722.149763][ T1065] oom_reaper: reaped process 22506 (syz-executor.2), now anon-rss:18352kB, file-rss:54332kB, shmem-rss:0kB 06:29:34 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0xfffffffffffffffe}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r2) r3 = openat$cgroup_ro(r2, &(0x7f0000000140)='rdma.current\x00', 0x0, 0x0) sendmsg$inet(r3, &(0x7f0000000380)={&(0x7f0000000280)={0x2, 0x4e21, @multicast1}, 0x10, &(0x7f0000000340)=[{&(0x7f00000002c0)="7275a98e03ff3633170fbfa483ef", 0xe}, {&(0x7f0000000300)="90dbe93f4979e0735b9dc0e6d6848605f76ce26a279124c0da4ad6b36764adf03559a38eb052a9e7", 0x28}], 0x2, &(0x7f0000000440)=[@ip_tos_int={{0x14, 0x0, 0x1, 0x81}}, @ip_retopts={{0x50, 0x0, 0x7, {[@rr={0x7, 0x7, 0x0, [@multicast2]}, @noop, @generic={0x0, 0xb, "ab6c0a46507501cfb7"}, @end, @ra={0x94, 0x6, 0x9a3}, @ssrr={0x89, 0xb, 0x80, [@multicast2, @loopback]}, @lsrr={0x83, 0xf, 0xffff, [@remote, @broadcast, @multicast1]}, @generic={0x0, 0xa, "e1190f4749bfde9f"}]}}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x10000}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_retopts={{0x34, 0x0, 0x7, {[@lsrr={0x83, 0x1b, 0x100000000, [@remote, @local, @multicast2, @initdev={0xac, 0x1e, 0x0, 0x0}, @rand_addr=0x8000, @empty]}, @ra={0x94, 0x6, 0xa4}, @generic={0x88, 0x2}]}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x8000}}], 0xe8}, 0x1) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:34 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:34 executing program 0: perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0x1003e6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f00000002c0)={0x2, 0x0, @local}, 0x10) 06:29:34 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x102, 0x0) 06:29:34 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443b28030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:34 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x1) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec85cd91cde8c49f2c39685038c271248087deccf5edee8e4f92fd2321bc789bfa4f041419ea5569bdf4adcd677a2f9ffc"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000200)='\x96z1\xff\x02]\xa8$Nd\xff}\x00', 0xdb000, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f0000000600)) syz_open_pts(r3, 0x105000) write$binfmt_aout(r3, &(0x7f0000000240)=ANY=[], 0x35b) ioctl$TCSETA(r3, 0x5406, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x100000009b4b62b}) ioctl$TCSETXF(r3, 0x5434, &(0x7f0000000180)={0x80000001, 0x4, [0xf0d, 0x2, 0x6, 0x62fe, 0xffffffff7fffffff], 0x8}) socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$KVM_GET_SREGS(r0, 0x8138ae83, &(0x7f0000000440)) r4 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0x3, 0x101000) ioctl$KVM_CREATE_IRQCHIP(r4, 0xae60) mlockall(0x1) r5 = socket$vsock_dgram(0x28, 0x2, 0x0) ioctl$sock_netdev_private(r5, 0x89fe, &(0x7f0000000300)="2030766809d7642dbf87aeefd2274f4892464dc586fb62d2afb60a316529cf85aff60310c1fbae0d7994aec1adfd1b4b13d979276a5400f425d9a1f88a3167d1e3c65c51f9881750630585a6253ff29b12094257dd5efb52873446eacb44a19d0c9e01b10e8ddfcc78e15e1e68156b0d22f875ab7e87b8c0ca0c80c373bde9a192789e4558abc9d965a1b82c26b9b5b3dc9189") clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:29:34 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:34 executing program 0: mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x7ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x3f, 0x0) ioctl$RTC_AIE_OFF(0xffffffffffffffff, 0x7002) exit_group(0x0) umount2(0x0, 0x0) ioctl$TIOCGDEV(0xffffffffffffffff, 0x80045432, 0x0) perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000600000/0x4000)=nil, 0x4000, 0x0, 0x44031, 0xffffffffffffffff, 0x0) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) 06:29:34 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:35 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:35 executing program 0: r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ashmem\x00', 0x0, 0x0) ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffffe) mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x10, r0, 0x0) ioctl$ASHMEM_SET_NAME(r0, 0x40087708, &(0x7f00000011c0)='\x00\x00\x00\x80\x00\x00\x80\x00\x00') r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070") ioctl$ASHMEM_PURGE_ALL_CACHES(r0, 0x770a, 0x0) 06:29:35 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x103, 0x0) [ 723.512894][T22519] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 723.548402][T22519] CPU: 1 PID: 22519 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 723.557544][T22519] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 723.567594][T22519] Call Trace: [ 723.570889][T22519] dump_stack+0x172/0x1f0 [ 723.575224][T22519] dump_header+0x177/0x1152 [ 723.579731][T22519] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 723.585532][T22519] ? ___ratelimit+0x2c8/0x595 [ 723.590208][T22519] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 723.596012][T22519] ? lockdep_hardirqs_on+0x418/0x5d0 [ 723.601300][T22519] ? trace_hardirqs_on+0x67/0x240 [ 723.606328][T22519] ? pagefault_out_of_memory+0x11c/0x11c [ 723.611962][T22519] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 723.617764][T22519] ? ___ratelimit+0x60/0x595 [ 723.622349][T22519] ? do_raw_spin_unlock+0x57/0x270 [ 723.627467][T22519] oom_kill_process.cold+0x10/0x15 [ 723.632577][T22519] out_of_memory+0x334/0x1340 [ 723.637250][T22519] ? lock_downgrade+0x920/0x920 [ 723.642103][T22519] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 723.647911][T22519] ? oom_killer_disable+0x280/0x280 [ 723.653114][T22519] mem_cgroup_out_of_memory+0x1d8/0x240 [ 723.658656][T22519] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 723.664296][T22519] ? do_raw_spin_unlock+0x57/0x270 [ 723.669412][T22519] ? _raw_spin_unlock+0x2d/0x50 [ 723.674304][T22519] try_charge+0xf4b/0x1440 [ 723.678739][T22519] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 723.684291][T22519] ? percpu_ref_tryget_live+0x111/0x290 [ 723.689844][T22519] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 723.696088][T22519] ? __kasan_check_read+0x11/0x20 [ 723.701115][T22519] ? get_mem_cgroup_from_mm+0x156/0x320 [ 723.706667][T22519] mem_cgroup_try_charge+0x136/0x590 [ 723.711958][T22519] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 723.718205][T22519] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 723.723846][T22519] __handle_mm_fault+0x1e34/0x3f20 [ 723.728964][T22519] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 723.734525][T22519] ? __kasan_check_read+0x11/0x20 [ 723.739559][T22519] handle_mm_fault+0x1b5/0x6c0 [ 723.744327][T22519] __get_user_pages+0x7d4/0x1b30 [ 723.749259][T22519] ? mark_held_locks+0xf0/0xf0 [ 723.754032][T22519] ? follow_page_mask+0x1cf0/0x1cf0 [ 723.759223][T22519] ? __mm_populate+0x270/0x380 [ 723.763990][T22519] ? memset+0x32/0x40 [ 723.767976][T22519] populate_vma_page_range+0x20d/0x2a0 [ 723.773551][T22519] __mm_populate+0x204/0x380 [ 723.778147][T22519] ? populate_vma_page_range+0x2a0/0x2a0 [ 723.783779][T22519] ? __kasan_check_write+0x14/0x20 [ 723.788885][T22519] ? up_write+0x155/0x490 [ 723.793215][T22519] __x64_sys_mremap+0x7dc/0xb80 [ 723.798068][T22519] ? mremap_to+0x750/0x750 [ 723.802490][T22519] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 723.807949][T22519] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 723.813414][T22519] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 723.819477][T22519] ? do_syscall_64+0x26/0x760 [ 723.824159][T22519] ? lockdep_hardirqs_on+0x418/0x5d0 [ 723.829446][T22519] ? trace_hardirqs_on+0x67/0x240 [ 723.834477][T22519] do_syscall_64+0xfa/0x760 [ 723.838982][T22519] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 723.844872][T22519] RIP: 0033:0x459879 [ 723.848767][T22519] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 723.868379][T22519] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 723.876792][T22519] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 723.884788][T22519] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 723.892763][T22519] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 723.900729][T22519] R10: 0000000000000003 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 723.908697][T22519] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 723.919761][T22519] memory: usage 307200kB, limit 307200kB, failcnt 1922 [ 723.926782][T22519] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 723.934210][T22519] Memory cgroup stats for /syz1: [ 723.934336][T22519] anon 294699008 [ 723.934336][T22519] file 122880 [ 723.934336][T22519] kernel_stack 851968 [ 723.934336][T22519] slab 14929920 [ 723.934336][T22519] sock 0 [ 723.934336][T22519] shmem 61440 [ 723.934336][T22519] file_mapped 0 [ 723.934336][T22519] file_dirty 0 [ 723.934336][T22519] file_writeback 0 [ 723.934336][T22519] anon_thp 136314880 [ 723.934336][T22519] inactive_anon 252940288 [ 723.934336][T22519] active_anon 5545984 [ 723.934336][T22519] inactive_file 90112 [ 723.934336][T22519] active_file 135168 [ 723.934336][T22519] unevictable 36270080 [ 723.934336][T22519] slab_reclaimable 6623232 [ 723.934336][T22519] slab_unreclaimable 8306688 [ 723.934336][T22519] pgfault 212091 [ 723.934336][T22519] pgmajfault 0 [ 723.934336][T22519] workingset_refault 33 [ 723.934336][T22519] workingset_activate 0 [ 723.934336][T22519] workingset_nodereclaim 0 [ 723.934336][T22519] pgrefill 407 [ 723.934336][T22519] pgscan 4520 [ 723.934336][T22519] pgsteal 4166 [ 724.029625][T22519] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22516,uid=0 [ 724.045694][T22519] Memory cgroup out of memory: Killed process 22516 (syz-executor.1) total-vm:72700kB, anon-rss:17692kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 724.074118][T22525] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 724.097851][T22525] CPU: 0 PID: 22525 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 724.106990][T22525] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 724.117043][T22525] Call Trace: [ 724.120334][T22525] dump_stack+0x172/0x1f0 [ 724.124667][T22525] dump_header+0x177/0x1152 [ 724.129181][T22525] ? pagefault_out_of_memory+0x11c/0x11c [ 724.134816][T22525] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 724.140618][T22525] ? ___ratelimit+0x60/0x595 [ 724.145209][T22525] ? do_raw_spin_unlock+0x57/0x270 [ 724.150324][T22525] oom_kill_process.cold+0x10/0x15 [ 724.155437][T22525] out_of_memory+0x334/0x1340 [ 724.160118][T22525] ? retint_kernel+0x2b/0x2b [ 724.164710][T22525] ? oom_killer_disable+0x280/0x280 [ 724.169923][T22525] ? mem_cgroup_out_of_memory+0x16a/0x240 [ 724.175653][T22525] mem_cgroup_out_of_memory+0x1d8/0x240 [ 724.181200][T22525] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 724.186847][T22525] ? _raw_spin_unlock+0x41/0x50 [ 724.191703][T22525] try_charge+0xf4b/0x1440 [ 724.196132][T22525] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 724.201673][T22525] ? percpu_ref_tryget_live+0x111/0x290 [ 724.207222][T22525] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 724.213467][T22525] ? __kasan_check_read+0x11/0x20 [ 724.218503][T22525] ? get_mem_cgroup_from_mm+0x156/0x320 [ 724.224055][T22525] mem_cgroup_try_charge+0x136/0x590 [ 724.229338][T22525] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 724.229357][T22525] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 724.229375][T22525] __handle_mm_fault+0x1e34/0x3f20 [ 724.229395][T22525] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 724.246335][T22525] ? __this_cpu_preempt_check+0x3a/0x210 [ 724.257497][T22525] handle_mm_fault+0x1b5/0x6c0 [ 724.262264][T22525] __get_user_pages+0x7d4/0x1b30 [ 724.267215][T22525] ? follow_page_mask+0x1cf0/0x1cf0 [ 724.272419][T22525] ? __this_cpu_preempt_check+0x3a/0x210 [ 724.278057][T22525] ? retint_kernel+0x2b/0x2b [ 724.282658][T22525] populate_vma_page_range+0x20d/0x2a0 [ 724.288123][T22525] __mm_populate+0x204/0x380 [ 724.292716][T22525] ? populate_vma_page_range+0x2a0/0x2a0 [ 724.298350][T22525] ? up_write+0x1c8/0x490 [ 724.302671][T22525] __x64_sys_mremap+0x7dc/0xb80 [ 724.307499][T22525] ? retint_kernel+0x2b/0x2b [ 724.312066][T22525] ? trace_hardirqs_on_caller+0x6a/0x240 [ 724.317690][T22525] ? mremap_to+0x750/0x750 [ 724.322095][T22525] ? retint_kernel+0x2b/0x2b [ 724.326668][T22525] ? do_syscall_64+0xc0/0x760 [ 724.331324][T22525] do_syscall_64+0xfa/0x760 [ 724.335839][T22525] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 724.341716][T22525] RIP: 0033:0x459879 [ 724.345646][T22525] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 724.365226][T22525] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 724.373612][T22525] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 724.381567][T22525] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 724.389526][T22525] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 724.397568][T22525] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 724.405525][T22525] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 724.415409][T22525] memory: usage 307200kB, limit 307200kB, failcnt 5888 [ 724.422573][T22525] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 724.429606][T22525] Memory cgroup stats for /syz2: [ 724.430452][T22525] anon 303398912 [ 724.430452][T22525] file 28672 [ 724.430452][T22525] kernel_stack 917504 [ 724.430452][T22525] slab 5509120 [ 724.430452][T22525] sock 0 [ 724.430452][T22525] shmem 0 [ 724.430452][T22525] file_mapped 0 [ 724.430452][T22525] file_dirty 0 [ 724.430452][T22525] file_writeback 0 [ 724.430452][T22525] anon_thp 209715200 [ 724.430452][T22525] inactive_anon 243716096 [ 724.430452][T22525] active_anon 11882496 [ 724.430452][T22525] inactive_file 0 [ 724.430452][T22525] active_file 0 [ 724.430452][T22525] unevictable 47935488 [ 724.430452][T22525] slab_reclaimable 1216512 [ 724.430452][T22525] slab_unreclaimable 4292608 [ 724.430452][T22525] pgfault 812163 [ 724.430452][T22525] pgmajfault 0 [ 724.430452][T22525] workingset_refault 198 [ 724.430452][T22525] workingset_activate 66 [ 724.430452][T22525] workingset_nodereclaim 0 [ 724.430452][T22525] pgrefill 1466 [ 724.430452][T22525] pgscan 1693 [ 724.430452][T22525] pgsteal 198 [ 724.524506][T22525] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22523,uid=0 [ 724.541744][T22525] Memory cgroup out of memory: Killed process 22523 (syz-executor.2) total-vm:72832kB, anon-rss:17956kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 724.563704][ T1065] oom_reaper: reaped process 22523 (syz-executor.2), now anon-rss:17948kB, file-rss:54332kB, shmem-rss:0kB 06:29:36 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") getsockopt$bt_sco_SCO_CONNINFO(r0, 0x11, 0x2, &(0x7f0000000280)=""/66, &(0x7f0000000300)=0x42) ioctl$sock_inet_SIOCGIFNETMASK(r1, 0x891b, &(0x7f0000000140)={'hsr0\x00', {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) mlockall(0x1) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r4) clock_gettime(0x0, &(0x7f0000000380)={0x0, 0x0}) ioctl$VIDIOC_PREPARE_BUF(r4, 0xc058565d, &(0x7f0000000440)={0x5, 0x8, 0x4, 0x4, {r5, r6/1000+30000}, {0x4, 0x8, 0x7, 0xffffffffffff0490, 0x10000, 0x9, 'na7Z'}, 0x9, 0x4, @userptr=0x10000, 0x4}) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) ioctl$VIDIOC_SUBDEV_ENUM_FRAME_SIZE(r1, 0xc040564a, &(0x7f0000000340)={0x0, 0x0, 0x201f, 0x7f, 0x5, 0xdc, 0x200, 0x1}) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) r7 = openat$vim2m(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/video35\x00', 0x2, 0x0) ioctl$VIDIOC_G_MODULATOR(r7, 0xc0445636, &(0x7f00000004c0)={0x6f4d, "6a46a17e8fdfda7906366e643e0e19596b83fc13dce3f457381c4bd0d36769b3", 0x422, 0x7f, 0x0, 0x19, 0x2}) 06:29:36 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:36 executing program 0: perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x316, &(0x7f0000000040)={0x0}}, 0x0) r0 = socket(0x10, 0x80002, 0x0) sendmmsg$alg(r0, &(0x7f0000000180)=[{0x3, 0x1000000000000, &(0x7f0000000080), 0x0, &(0x7f0000000100)}], 0x492492492492642, 0x0) 06:29:36 executing program 3: select(0x40, &(0x7f0000000100)={0x1f, 0xffffffffffff3ea6, 0x5, 0x9, 0x8, 0x0, 0x2, 0x1f}, &(0x7f0000000200)={0x200, 0x5, 0x5, 0xfffffffffffffc01, 0x6, 0x401, 0x1, 0xf6}, &(0x7f0000000280)={0x101, 0x4, 0x6, 0x8, 0x7, 0x56f, 0x0, 0x9}, &(0x7f00000002c0)={0x77359400}) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:29:36 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") fdatasync(r3) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:36 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x104, 0x0) 06:29:36 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 725.051668][T22664] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 725.101514][T22664] CPU: 0 PID: 22664 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 725.110653][T22664] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 725.120706][T22664] Call Trace: [ 725.124003][T22664] dump_stack+0x172/0x1f0 [ 725.128451][T22664] dump_header+0x177/0x1152 [ 725.132960][T22664] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 725.138769][T22664] ? ___ratelimit+0x2c8/0x595 [ 725.143445][T22664] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 725.149261][T22664] ? lockdep_hardirqs_on+0x418/0x5d0 [ 725.154558][T22664] ? trace_hardirqs_on+0x67/0x240 [ 725.159590][T22664] ? pagefault_out_of_memory+0x11c/0x11c [ 725.165243][T22664] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 725.171065][T22664] ? ___ratelimit+0x60/0x595 [ 725.175662][T22664] ? do_raw_spin_unlock+0x57/0x270 [ 725.180781][T22664] oom_kill_process.cold+0x10/0x15 [ 725.185904][T22664] out_of_memory+0x334/0x1340 [ 725.190585][T22664] ? lock_downgrade+0x920/0x920 [ 725.195438][T22664] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 725.201253][T22664] ? oom_killer_disable+0x280/0x280 [ 725.206473][T22664] mem_cgroup_out_of_memory+0x1d8/0x240 [ 725.212023][T22664] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 725.217659][T22664] ? do_raw_spin_unlock+0x57/0x270 [ 725.222773][T22664] ? _raw_spin_unlock+0x2d/0x50 [ 725.227634][T22664] try_charge+0xf4b/0x1440 [ 725.232064][T22664] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 725.237609][T22664] ? percpu_ref_tryget_live+0x111/0x290 [ 725.243157][T22664] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 725.249400][T22664] ? __kasan_check_read+0x11/0x20 [ 725.254432][T22664] ? get_mem_cgroup_from_mm+0x156/0x320 [ 725.259992][T22664] mem_cgroup_try_charge+0x136/0x590 [ 725.265283][T22664] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 725.271533][T22664] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 725.277172][T22664] __handle_mm_fault+0x1e34/0x3f20 [ 725.282295][T22664] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 725.287856][T22664] ? __kasan_check_read+0x11/0x20 [ 725.292891][T22664] handle_mm_fault+0x1b5/0x6c0 [ 725.297668][T22664] __get_user_pages+0x7d4/0x1b30 [ 725.302609][T22664] ? mark_held_locks+0xf0/0xf0 [ 725.307486][T22664] ? follow_page_mask+0x1cf0/0x1cf0 [ 725.312685][T22664] ? __mm_populate+0x270/0x380 [ 725.317462][T22664] ? __kasan_check_write+0x14/0x20 [ 725.322576][T22664] ? down_read+0x109/0x430 [ 725.326995][T22664] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 725.333251][T22664] populate_vma_page_range+0x20d/0x2a0 [ 725.338719][T22664] __mm_populate+0x204/0x380 [ 725.343313][T22664] ? populate_vma_page_range+0x2a0/0x2a0 [ 725.348947][T22664] ? __kasan_check_write+0x14/0x20 [ 725.354059][T22664] ? up_write+0x155/0x490 [ 725.358391][T22664] ? ns_capable_common+0x93/0x100 [ 725.363421][T22664] __x64_sys_mlockall+0x473/0x520 [ 725.368459][T22664] do_syscall_64+0xfa/0x760 [ 725.372966][T22664] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 725.378856][T22664] RIP: 0033:0x459879 [ 725.382750][T22664] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 06:29:37 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 725.402368][T22664] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 725.410784][T22664] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 725.418755][T22664] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 725.426730][T22664] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 725.434701][T22664] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 725.442672][T22664] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 725.453637][T22664] memory: usage 307200kB, limit 307200kB, failcnt 1957 [ 725.464140][T22664] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 725.471710][T22664] Memory cgroup stats for /syz1: [ 725.471810][T22664] anon 294981632 [ 725.471810][T22664] file 122880 [ 725.471810][T22664] kernel_stack 851968 [ 725.471810][T22664] slab 14794752 [ 725.471810][T22664] sock 0 [ 725.471810][T22664] shmem 61440 [ 725.471810][T22664] file_mapped 0 [ 725.471810][T22664] file_dirty 0 [ 725.471810][T22664] file_writeback 0 [ 725.471810][T22664] anon_thp 136314880 [ 725.471810][T22664] inactive_anon 259022848 [ 725.471810][T22664] active_anon 5545984 [ 725.471810][T22664] inactive_file 90112 [ 725.471810][T22664] active_file 135168 [ 725.471810][T22664] unevictable 30593024 [ 725.471810][T22664] slab_reclaimable 6623232 [ 725.471810][T22664] slab_unreclaimable 8171520 [ 725.471810][T22664] pgfault 214533 [ 725.471810][T22664] pgmajfault 0 [ 725.471810][T22664] workingset_refault 33 [ 725.471810][T22664] workingset_activate 0 06:29:37 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000540)='/dev/audio\x00', 0x81200, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) r2 = perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000680)={{{@in=@remote, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@mcast1}}, &(0x7f0000000100)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000001f80)={'team0\x00', r3}) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000680)={&(0x7f00000005c0)={0x90, 0x0, 0x1, 0x70bd25, 0x25dfdbff, {}, [{{0x8, 0x1, r3}, {0x74, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0xffff}}}]}}]}, 0x90}, 0x1, 0x0, 0x0, 0x800}, 0x4000010) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)}], 0x1}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x13) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$fou(&(0x7f0000000180)='fou\x00') sendmsg$FOU_CMD_ADD(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, r6}, 0x14}}, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000200)={{{@in6, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6=@mcast1}}, &(0x7f0000000140)=0xe8) sendmsg$FOU_CMD_ADD(r4, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x42018000}, 0xc, &(0x7f0000000340)={&(0x7f0000000180)={0x2c, r6, 0x463bfc1e3bbc9ba5, 0x70bd2a, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}, @FOU_ATTR_IFINDEX={0x8, 0xb, r7}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0xde9bf9f795fb6bcf}]}, 0x2c}, 0x1, 0x0, 0x0, 0x240040c1}, 0x4000000) r8 = request_key(0x0, 0x0, 0x0, 0xfffffffffffffffa) keyctl$search(0xa, r8, 0x0, &(0x7f0000000380)={'syz', 0x1}, 0x0) fchdir(0xffffffffffffffff) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300)='/dev/hwrng\x00', 0x2000, 0x0) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000480)={0x210, @tick=0x5, 0x3e000200000000, {0x0, 0xfffffffefffffffc}, 0x0, 0x0, 0x2}) [ 725.471810][T22664] workingset_nodereclaim 0 [ 725.471810][T22664] pgrefill 407 [ 725.471810][T22664] pgscan 4520 [ 725.471810][T22664] pgsteal 4166 [ 725.579549][T22664] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22542,uid=0 [ 725.625361][T22664] Memory cgroup out of memory: Killed process 22542 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 725.644275][T12792] rpcbind: RPC call returned error 22 [ 725.675282][T22674] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 725.681280][ T1065] oom_reaper: reaped process 22542 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 725.697068][T22674] CPU: 1 PID: 22674 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 725.706190][T22674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 725.716243][T22674] Call Trace: [ 725.719530][T22674] dump_stack+0x172/0x1f0 [ 725.723855][T22674] dump_header+0x177/0x1152 [ 725.728357][T22674] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 725.734155][T22674] ? ___ratelimit+0x2c8/0x595 [ 725.738828][T22674] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 725.744636][T22674] ? lockdep_hardirqs_on+0x418/0x5d0 [ 725.749924][T22674] ? trace_hardirqs_on+0x67/0x240 [ 725.754965][T22674] ? pagefault_out_of_memory+0x11c/0x11c [ 725.760594][T22674] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 725.766399][T22674] ? ___ratelimit+0x60/0x595 [ 725.770984][T22674] ? do_raw_spin_unlock+0x57/0x270 [ 725.776098][T22674] oom_kill_process.cold+0x10/0x15 [ 725.781208][T22674] out_of_memory+0x334/0x1340 [ 725.785879][T22674] ? lock_downgrade+0x920/0x920 [ 725.790738][T22674] ? oom_killer_disable+0x280/0x280 [ 725.795946][T22674] mem_cgroup_out_of_memory+0x1d8/0x240 [ 725.801487][T22674] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 725.807127][T22674] ? do_raw_spin_unlock+0x57/0x270 [ 725.812240][T22674] ? _raw_spin_unlock+0x2d/0x50 [ 725.817096][T22674] try_charge+0xf4b/0x1440 [ 725.821529][T22674] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 725.827072][T22674] ? percpu_ref_tryget_live+0x111/0x290 [ 725.832628][T22674] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 725.838871][T22674] ? __kasan_check_read+0x11/0x20 [ 725.843907][T22674] ? get_mem_cgroup_from_mm+0x156/0x320 [ 725.849454][T22674] mem_cgroup_try_charge+0x136/0x590 [ 725.854738][T22674] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 725.860981][T22674] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 725.866615][T22674] __handle_mm_fault+0x1e34/0x3f20 [ 725.871735][T22674] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 725.877290][T22674] ? __kasan_check_read+0x11/0x20 [ 725.882318][T22674] handle_mm_fault+0x1b5/0x6c0 [ 725.887089][T22674] __get_user_pages+0x7d4/0x1b30 [ 725.892023][T22674] ? mark_held_locks+0xf0/0xf0 [ 725.896796][T22674] ? follow_page_mask+0x1cf0/0x1cf0 [ 725.901989][T22674] ? __mm_populate+0x270/0x380 [ 725.906765][T22674] ? __kasan_check_write+0x14/0x20 [ 725.911877][T22674] ? down_read+0x109/0x430 [ 725.916298][T22674] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 725.922541][T22674] populate_vma_page_range+0x20d/0x2a0 [ 725.928002][T22674] __mm_populate+0x204/0x380 [ 725.932592][T22674] ? populate_vma_page_range+0x2a0/0x2a0 [ 725.938327][T22674] ? __kasan_check_write+0x14/0x20 [ 725.943441][T22674] ? up_write+0x155/0x490 [ 725.947774][T22674] ? ns_capable_common+0x93/0x100 [ 725.952806][T22674] __x64_sys_mlockall+0x473/0x520 [ 725.957839][T22674] do_syscall_64+0xfa/0x760 [ 725.962348][T22674] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 725.968236][T22674] RIP: 0033:0x459879 06:29:38 executing program 0: r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000540)='/dev/audio\x00', 0x81200, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000000)='net/route\x00') preadv(r1, &(0x7f0000000480), 0x10000000000002a1, 0x10400003) r2 = perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb9, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000000680)={{{@in=@remote, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in=@dev}, 0x0, @in6=@mcast1}}, &(0x7f0000000100)=0xe8) ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000001f80)={'team0\x00', r3}) sendmsg$TEAM_CMD_NOOP(r0, &(0x7f00000006c0)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000000680)={&(0x7f00000005c0)={0x90, 0x0, 0x1, 0x70bd25, 0x25dfdbff, {}, [{{0x8, 0x1, r3}, {0x74, 0x2, [{0x38, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x8}, {0x8, 0x4, 0x3}}}, {0x38, 0x1, @notify_peers_count={{0x24, 0x1, 'notify_peers_count\x00'}, {0x8}, {0x8, 0x4, 0xffff}}}]}}]}, 0x90}, 0x1, 0x0, 0x0, 0x800}, 0x4000010) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000080)='rpc_pipefs\x00', 0x0, 0x0) perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x200000000, 0x2, 0x2}, 0x0, 0x0, 0xffffffffffffffff, 0x0) ioctl$sock_TIOCINQ(0xffffffffffffffff, 0x541b, 0x0) mount(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000)) sendmsg(0xffffffffffffffff, &(0x7f0000011fc8)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000100)}], 0x1}, 0x0) r4 = socket$netlink(0x10, 0x3, 0x13) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$fou(&(0x7f0000000180)='fou\x00') sendmsg$FOU_CMD_ADD(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, r6}, 0x14}}, 0x0) getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000200)={{{@in6, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6=@empty}, 0x0, @in6=@mcast1}}, &(0x7f0000000140)=0xe8) sendmsg$FOU_CMD_ADD(r4, &(0x7f0000000440)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x42018000}, 0xc, &(0x7f0000000340)={&(0x7f0000000180)={0x2c, r6, 0x463bfc1e3bbc9ba5, 0x70bd2a, 0x25dfdbfe, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}, @FOU_ATTR_IFINDEX={0x8, 0xb, r7}, @FOU_ATTR_IPPROTO={0x8, 0x3, 0xde9bf9f795fb6bcf}]}, 0x2c}, 0x1, 0x0, 0x0, 0x240040c1}, 0x4000000) r8 = request_key(0x0, 0x0, 0x0, 0xfffffffffffffffa) keyctl$search(0xa, r8, 0x0, &(0x7f0000000380)={'syz', 0x1}, 0x0) fchdir(0xffffffffffffffff) ioctl$sock_inet6_SIOCSIFADDR(0xffffffffffffffff, 0x8916, 0x0) openat$hwrng(0xffffffffffffff9c, &(0x7f0000000300)='/dev/hwrng\x00', 0x2000, 0x0) ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000480)={0x210, @tick=0x5, 0x3e000200000000, {0x0, 0xfffffffefffffffc}, 0x0, 0x0, 0x2}) [ 725.972132][T22674] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 725.991735][T22674] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 726.000153][T22674] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 726.008263][T22674] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 726.016238][T22674] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 06:29:38 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:38 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x105, 0x0) [ 726.024212][T22674] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 726.032187][T22674] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 726.117400][T22674] memory: usage 307200kB, limit 307200kB, failcnt 5928 [ 726.126842][T22674] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 726.141836][T22674] Memory cgroup stats for /syz2: [ 726.141972][T22674] anon 303566848 [ 726.141972][T22674] file 28672 [ 726.141972][T22674] kernel_stack 917504 [ 726.141972][T22674] slab 5509120 [ 726.141972][T22674] sock 0 [ 726.141972][T22674] shmem 0 [ 726.141972][T22674] file_mapped 0 [ 726.141972][T22674] file_dirty 0 [ 726.141972][T22674] file_writeback 0 [ 726.141972][T22674] anon_thp 209715200 [ 726.141972][T22674] inactive_anon 252637184 [ 726.141972][T22674] active_anon 11882496 [ 726.141972][T22674] inactive_file 0 [ 726.141972][T22674] active_file 0 [ 726.141972][T22674] unevictable 39149568 [ 726.141972][T22674] slab_reclaimable 1216512 [ 726.141972][T22674] slab_unreclaimable 4292608 [ 726.141972][T22674] pgfault 814605 [ 726.141972][T22674] pgmajfault 0 [ 726.141972][T22674] workingset_refault 198 [ 726.141972][T22674] workingset_activate 66 [ 726.141972][T22674] workingset_nodereclaim 0 [ 726.141972][T22674] pgrefill 1466 [ 726.141972][T22674] pgscan 1693 [ 726.141972][T22674] pgsteal 198 [ 726.147107][T22674] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22538,uid=0 [ 726.262952][ T8669] rpcbind: RPC call returned error 22 [ 726.275963][T22674] Memory cgroup out of memory: Killed process 22538 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 726.310569][T22662] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 726.320345][ T1065] oom_reaper: reaped process 22538 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 726.344013][T22662] CPU: 1 PID: 22662 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 726.353144][T22662] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 726.363201][T22662] Call Trace: [ 726.366496][T22662] dump_stack+0x172/0x1f0 [ 726.370830][T22662] dump_header+0x177/0x1152 [ 726.375332][T22662] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 726.381133][T22662] ? ___ratelimit+0x2c8/0x595 [ 726.385810][T22662] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 726.391617][T22662] ? lockdep_hardirqs_on+0x418/0x5d0 [ 726.396904][T22662] ? trace_hardirqs_on+0x67/0x240 [ 726.401933][T22662] ? pagefault_out_of_memory+0x11c/0x11c [ 726.407575][T22662] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 726.413375][T22662] ? ___ratelimit+0x60/0x595 [ 726.417963][T22662] ? do_raw_spin_unlock+0x57/0x270 [ 726.423078][T22662] oom_kill_process.cold+0x10/0x15 [ 726.428189][T22662] out_of_memory+0x334/0x1340 [ 726.432863][T22662] ? lock_downgrade+0x920/0x920 [ 726.437717][T22662] ? oom_killer_disable+0x280/0x280 [ 726.442929][T22662] mem_cgroup_out_of_memory+0x1d8/0x240 [ 726.448471][T22662] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 726.454110][T22662] ? do_raw_spin_unlock+0x57/0x270 [ 726.459230][T22662] ? _raw_spin_unlock+0x2d/0x50 [ 726.464076][T22662] try_charge+0xf4b/0x1440 [ 726.468521][T22662] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 726.474044][T22662] ? percpu_ref_tryget_live+0x111/0x290 [ 726.479570][T22662] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 726.485791][T22662] ? __kasan_check_read+0x11/0x20 [ 726.490799][T22662] ? get_mem_cgroup_from_mm+0x156/0x320 [ 726.496324][T22662] mem_cgroup_try_charge+0x136/0x590 [ 726.501593][T22662] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 726.507845][T22662] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 726.513484][T22662] __handle_mm_fault+0x1e34/0x3f20 [ 726.518607][T22662] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 726.524180][T22662] ? __kasan_check_read+0x11/0x20 [ 726.529225][T22662] handle_mm_fault+0x1b5/0x6c0 [ 726.533997][T22662] __get_user_pages+0x7d4/0x1b30 [ 726.538937][T22662] ? mark_held_locks+0xf0/0xf0 [ 726.543717][T22662] ? follow_page_mask+0x1cf0/0x1cf0 [ 726.548916][T22662] ? __mm_populate+0x270/0x380 [ 726.553686][T22662] ? __kasan_check_write+0x14/0x20 [ 726.558797][T22662] ? down_read+0x109/0x430 [ 726.563213][T22662] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 726.569453][T22662] populate_vma_page_range+0x20d/0x2a0 [ 726.574923][T22662] __mm_populate+0x204/0x380 [ 726.579517][T22662] ? populate_vma_page_range+0x2a0/0x2a0 [ 726.585154][T22662] ? __kasan_check_write+0x14/0x20 [ 726.590267][T22662] ? up_write+0x155/0x490 [ 726.594600][T22662] ? ns_capable_common+0x93/0x100 [ 726.599640][T22662] __x64_sys_mlockall+0x473/0x520 [ 726.604724][T22662] do_syscall_64+0xfa/0x760 [ 726.609240][T22662] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 726.615236][T22662] RIP: 0033:0x459879 [ 726.619132][T22662] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 726.638735][T22662] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 726.647158][T22662] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 726.655120][T22662] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 726.663069][T22662] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 726.671018][T22662] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 726.678975][T22662] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 726.692034][T22662] memory: usage 306704kB, limit 307200kB, failcnt 5395 [ 726.702558][T22662] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 726.709987][T22662] Memory cgroup stats for /syz3: [ 726.710095][T22662] anon 300552192 [ 726.710095][T22662] file 0 [ 726.710095][T22662] kernel_stack 917504 [ 726.710095][T22662] slab 8007680 [ 726.710095][T22662] sock 0 [ 726.710095][T22662] shmem 0 [ 726.710095][T22662] file_mapped 0 [ 726.710095][T22662] file_dirty 0 [ 726.710095][T22662] file_writeback 0 [ 726.710095][T22662] anon_thp 192937984 [ 726.710095][T22662] inactive_anon 250576896 [ 726.710095][T22662] active_anon 18112512 [ 726.710095][T22662] inactive_file 0 [ 726.710095][T22662] active_file 0 [ 726.710095][T22662] unevictable 31821824 [ 726.710095][T22662] slab_reclaimable 1351680 [ 726.710095][T22662] slab_unreclaimable 6656000 [ 726.710095][T22662] pgfault 793155 [ 726.710095][T22662] pgmajfault 0 [ 726.710095][T22662] workingset_refault 132 [ 726.710095][T22662] workingset_activate 66 [ 726.710095][T22662] workingset_nodereclaim 0 [ 726.710095][T22662] pgrefill 628 [ 726.710095][T22662] pgscan 696 [ 726.710095][T22662] pgsteal 165 06:29:38 executing program 0: perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r0 = syz_init_net_socket$llc(0x1a, 0x1, 0x0) bind$llc(r0, &(0x7f0000000080)={0x1a, 0x0, 0x0, 0x0, 0xa40}, 0x10) sendmsg$can_bcm(r0, &(0x7f0000000000)={&(0x7f0000000200), 0x10, &(0x7f00000002c0)={0x0}}, 0x0) sendmmsg(r0, &(0x7f0000001380), 0x3fffffffffffeed, 0x0) 06:29:38 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:38 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec6391e3055b07624131994a843fca6be8ec05cd91cde8c49f2c3968508cc1f21f15d466549b93852fc984c8756693a88b25203f9c34c8c194af8821b83322b74d43e909287f97f6339692c5a3830c60a21a19c75a672a427eda81b1f16ec98b53f6a194e6541cc26d386afdf537d35c021c980e4ceacca38e176d86db649d2f3d11a3b22e00"/186], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) syz_open_dev$sndtimer(&(0x7f0000000140)='/dev/snd/timer\x00', 0x0, 0x1110c0) [ 726.808925][T22662] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22543,uid=0 [ 726.825769][T22662] Memory cgroup out of memory: Killed process 22543 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 726.870928][T22691] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 726.897535][T22691] CPU: 1 PID: 22691 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 726.906660][T22691] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 726.906667][T22691] Call Trace: [ 726.906688][T22691] dump_stack+0x172/0x1f0 [ 726.906707][T22691] dump_header+0x177/0x1152 [ 726.906728][T22691] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 726.934644][T22691] ? ___ratelimit+0x2c8/0x595 [ 726.935762][ T1065] oom_reaper: reaped process 22543 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 726.939321][T22691] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 726.939339][T22691] ? lockdep_hardirqs_on+0x418/0x5d0 [ 726.939358][T22691] ? trace_hardirqs_on+0x67/0x240 [ 726.956160][T22691] ? pagefault_out_of_memory+0x11c/0x11c [ 726.956179][T22691] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 726.956196][T22691] ? ___ratelimit+0x60/0x595 [ 726.966470][T22691] ? do_raw_spin_unlock+0x57/0x270 [ 726.966492][T22691] oom_kill_process.cold+0x10/0x15 [ 726.966516][T22691] out_of_memory+0x334/0x1340 [ 726.982485][T22691] ? lock_downgrade+0x920/0x920 [ 726.982506][T22691] ? oom_killer_disable+0x280/0x280 [ 726.982536][T22691] mem_cgroup_out_of_memory+0x1d8/0x240 [ 727.002213][T22691] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 727.002235][T22691] ? do_raw_spin_unlock+0x57/0x270 [ 727.002258][T22691] ? _raw_spin_unlock+0x2d/0x50 [ 727.018590][T22691] try_charge+0xf4b/0x1440 [ 727.018619][T22691] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 727.018636][T22691] ? percpu_ref_tryget_live+0x111/0x290 [ 727.028574][T22691] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 727.028594][T22691] ? __kasan_check_read+0x11/0x20 [ 727.028613][T22691] ? get_mem_cgroup_from_mm+0x156/0x320 [ 727.028631][T22691] mem_cgroup_try_charge+0x136/0x590 [ 727.028652][T22691] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 727.038565][T22691] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 727.038585][T22691] wp_page_copy+0x41e/0x1590 [ 727.038601][T22691] ? find_held_lock+0x35/0x130 [ 727.038621][T22691] ? pmd_pfn+0x1d0/0x1d0 [ 727.038639][T22691] ? lock_downgrade+0x920/0x920 [ 727.061361][T22691] ? swp_swapcount+0x540/0x540 [ 727.061379][T22691] ? __kasan_check_read+0x11/0x20 [ 727.061392][T22691] ? do_raw_spin_unlock+0x57/0x270 [ 727.061411][T22691] do_wp_page+0x499/0x14d0 [ 727.072896][T22691] ? finish_mkwrite_fault+0x570/0x570 [ 727.072923][T22691] __handle_mm_fault+0x22f1/0x3f20 [ 727.072943][T22691] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 727.072970][T22691] ? __kasan_check_read+0x11/0x20 [ 727.087899][T22691] handle_mm_fault+0x1b5/0x6c0 [ 727.096954][T22691] __get_user_pages+0x7d4/0x1b30 [ 727.096968][T22691] ? mark_held_locks+0xf0/0xf0 [ 727.096993][T22691] ? follow_page_mask+0x1cf0/0x1cf0 [ 727.113396][T22691] ? __mm_populate+0x270/0x380 [ 727.113420][T22691] ? __kasan_check_write+0x14/0x20 [ 727.113436][T22691] ? down_read+0x109/0x430 [ 727.113457][T22691] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 727.128309][T22691] populate_vma_page_range+0x20d/0x2a0 [ 727.138859][T22691] __mm_populate+0x204/0x380 [ 727.138878][T22691] ? populate_vma_page_range+0x2a0/0x2a0 [ 727.138896][T22691] ? __kasan_check_write+0x14/0x20 [ 727.153331][T22691] ? up_write+0x155/0x490 [ 727.153348][T22691] ? ns_capable_common+0x93/0x100 [ 727.153371][T22691] __x64_sys_mlockall+0x473/0x520 [ 727.168396][T22691] do_syscall_64+0xfa/0x760 [ 727.189031][T22691] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 727.189043][T22691] RIP: 0033:0x459879 [ 727.189062][T22691] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 727.218551][T22691] RSP: 002b:00007f4e2a8ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 727.218565][T22691] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 727.218574][T22691] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 727.218582][T22691] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 727.218597][T22691] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a8ec6d4 [ 727.228337][T22691] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 727.317514][T22691] memory: usage 306372kB, limit 307200kB, failcnt 1978 [ 727.337435][T22691] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 727.357389][T22691] Memory cgroup stats for /syz1: [ 727.357506][T22691] anon 294780928 [ 727.357506][T22691] file 122880 [ 727.357506][T22691] kernel_stack 917504 [ 727.357506][T22691] slab 13979648 [ 727.357506][T22691] sock 0 [ 727.357506][T22691] shmem 61440 [ 727.357506][T22691] file_mapped 0 [ 727.357506][T22691] file_dirty 0 [ 727.357506][T22691] file_writeback 0 [ 727.357506][T22691] anon_thp 138412032 [ 727.357506][T22691] inactive_anon 254668800 [ 727.357506][T22691] active_anon 5545984 [ 727.357506][T22691] inactive_file 90112 [ 727.357506][T22691] active_file 135168 [ 727.357506][T22691] unevictable 34549760 [ 727.357506][T22691] slab_reclaimable 6488064 [ 727.357506][T22691] slab_unreclaimable 7491584 [ 727.357506][T22691] pgfault 215721 [ 727.357506][T22691] pgmajfault 0 [ 727.357506][T22691] workingset_refault 33 [ 727.357506][T22691] workingset_activate 0 [ 727.357506][T22691] workingset_nodereclaim 0 [ 727.357506][T22691] pgrefill 407 [ 727.357506][T22691] pgscan 4520 [ 727.357506][T22691] pgsteal 4166 [ 727.537449][T22691] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22663,uid=0 [ 727.571820][T22691] Memory cgroup out of memory: Killed process 22663 (syz-executor.1) total-vm:72832kB, anon-rss:18016kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 727.603021][ T1065] oom_reaper: reaped process 22663 (syz-executor.1), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 727.603245][T22816] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 727.625152][T22816] CPU: 1 PID: 22816 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 727.634268][T22816] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 727.644324][T22816] Call Trace: [ 727.647648][T22816] dump_stack+0x172/0x1f0 [ 727.651989][T22816] dump_header+0x177/0x1152 [ 727.656497][T22816] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 727.662301][T22816] ? ___ratelimit+0x2c8/0x595 [ 727.666978][T22816] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 727.672807][T22816] ? lockdep_hardirqs_on+0x418/0x5d0 [ 727.678094][T22816] ? trace_hardirqs_on+0x67/0x240 [ 727.683136][T22816] ? pagefault_out_of_memory+0x11c/0x11c [ 727.688764][T22816] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 727.694556][T22816] ? ___ratelimit+0x60/0x595 [ 727.699130][T22816] ? do_raw_spin_unlock+0x57/0x270 [ 727.704227][T22816] oom_kill_process.cold+0x10/0x15 [ 727.709337][T22816] out_of_memory+0x334/0x1340 [ 727.714021][T22816] ? lock_downgrade+0x920/0x920 [ 727.718870][T22816] ? oom_killer_disable+0x280/0x280 [ 727.724069][T22816] mem_cgroup_out_of_memory+0x1d8/0x240 [ 727.729601][T22816] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 727.735224][T22816] ? do_raw_spin_unlock+0x57/0x270 [ 727.740328][T22816] ? _raw_spin_unlock+0x2d/0x50 [ 727.745170][T22816] try_charge+0xf4b/0x1440 [ 727.749588][T22816] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 727.755118][T22816] ? percpu_ref_tryget_live+0x111/0x290 [ 727.760652][T22816] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 727.766879][T22816] ? __kasan_check_read+0x11/0x20 [ 727.771891][T22816] ? get_mem_cgroup_from_mm+0x156/0x320 [ 727.777423][T22816] mem_cgroup_try_charge+0x136/0x590 [ 727.782697][T22816] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 727.788921][T22816] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 727.794538][T22816] __handle_mm_fault+0x1e34/0x3f20 [ 727.799640][T22816] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 727.805178][T22816] ? __kasan_check_read+0x11/0x20 [ 727.810192][T22816] handle_mm_fault+0x1b5/0x6c0 [ 727.814958][T22816] __get_user_pages+0x7d4/0x1b30 [ 727.819882][T22816] ? mark_held_locks+0xf0/0xf0 [ 727.824638][T22816] ? follow_page_mask+0x1cf0/0x1cf0 [ 727.829816][T22816] ? __mm_populate+0x270/0x380 [ 727.834569][T22816] ? __kasan_check_write+0x14/0x20 [ 727.839680][T22816] ? down_read+0x109/0x430 [ 727.844078][T22816] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 727.850301][T22816] populate_vma_page_range+0x20d/0x2a0 [ 727.855744][T22816] __mm_populate+0x204/0x380 [ 727.860319][T22816] ? populate_vma_page_range+0x2a0/0x2a0 [ 727.865933][T22816] ? __kasan_check_write+0x14/0x20 [ 727.871026][T22816] ? up_write+0x155/0x490 [ 727.875339][T22816] ? ns_capable_common+0x93/0x100 [ 727.880348][T22816] __x64_sys_mlockall+0x473/0x520 [ 727.885358][T22816] do_syscall_64+0xfa/0x760 [ 727.889852][T22816] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 727.895724][T22816] RIP: 0033:0x459879 [ 727.899603][T22816] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 727.919190][T22816] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 727.927581][T22816] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 727.935541][T22816] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 727.943496][T22816] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 727.951450][T22816] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 727.959406][T22816] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 728.019344][T22816] memory: usage 307200kB, limit 307200kB, failcnt 5973 [ 728.026327][T22816] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 728.038246][T22816] Memory cgroup stats for /syz2: [ 728.038349][T22816] anon 302563328 [ 728.038349][T22816] file 28672 [ 728.038349][T22816] kernel_stack 983040 [ 728.038349][T22816] slab 6324224 [ 728.038349][T22816] sock 0 [ 728.038349][T22816] shmem 0 [ 728.038349][T22816] file_mapped 0 [ 728.038349][T22816] file_dirty 0 [ 728.038349][T22816] file_writeback 0 [ 728.038349][T22816] anon_thp 211812352 [ 728.038349][T22816] inactive_anon 254791680 [ 728.038349][T22816] active_anon 11882496 [ 728.038349][T22816] inactive_file 0 [ 728.038349][T22816] active_file 0 [ 728.038349][T22816] unevictable 36044800 [ 728.038349][T22816] slab_reclaimable 1216512 [ 728.038349][T22816] slab_unreclaimable 5107712 [ 728.038349][T22816] pgfault 818466 [ 728.038349][T22816] pgmajfault 0 [ 728.038349][T22816] workingset_refault 198 [ 728.038349][T22816] workingset_activate 66 [ 728.038349][T22816] workingset_nodereclaim 0 [ 728.038349][T22816] pgrefill 1466 [ 728.038349][T22816] pgscan 1693 [ 728.038349][T22816] pgsteal 231 [ 728.139283][T22816] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22705,uid=0 [ 728.155260][T22816] Memory cgroup out of memory: Killed process 22705 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 728.185414][ T1065] oom_reaper: reaped process 22705 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 728.196781][T22819] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 728.217100][T22819] CPU: 1 PID: 22819 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 728.226241][T22819] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 728.236296][T22819] Call Trace: [ 728.239614][T22819] dump_stack+0x172/0x1f0 [ 728.243949][T22819] dump_header+0x177/0x1152 [ 728.248455][T22819] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 728.254260][T22819] ? ___ratelimit+0x2c8/0x595 [ 728.258940][T22819] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 728.264750][T22819] ? lockdep_hardirqs_on+0x418/0x5d0 [ 728.270040][T22819] ? trace_hardirqs_on+0x67/0x240 [ 728.275061][T22819] ? pagefault_out_of_memory+0x11c/0x11c [ 728.280700][T22819] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 728.286510][T22819] ? ___ratelimit+0x60/0x595 [ 728.291105][T22819] ? do_raw_spin_unlock+0x57/0x270 [ 728.296220][T22819] oom_kill_process.cold+0x10/0x15 [ 728.301346][T22819] out_of_memory+0x334/0x1340 [ 728.306031][T22819] ? lock_downgrade+0x920/0x920 [ 728.310895][T22819] ? oom_killer_disable+0x280/0x280 [ 728.316106][T22819] mem_cgroup_out_of_memory+0x1d8/0x240 [ 728.321651][T22819] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 728.327293][T22819] ? do_raw_spin_unlock+0x57/0x270 [ 728.332405][T22819] ? _raw_spin_unlock+0x2d/0x50 [ 728.337260][T22819] try_charge+0xf4b/0x1440 [ 728.341688][T22819] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 728.347232][T22819] ? percpu_ref_tryget_live+0x111/0x290 [ 728.352784][T22819] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 728.359031][T22819] ? __kasan_check_read+0x11/0x20 [ 728.364062][T22819] ? get_mem_cgroup_from_mm+0x156/0x320 [ 728.369606][T22819] mem_cgroup_try_charge+0x136/0x590 [ 728.374890][T22819] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 728.381131][T22819] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 728.386763][T22819] wp_page_copy+0x41e/0x1590 [ 728.391353][T22819] ? find_held_lock+0x35/0x130 [ 728.396118][T22819] ? pmd_pfn+0x1d0/0x1d0 [ 728.400365][T22819] ? lock_downgrade+0x920/0x920 [ 728.405221][T22819] ? swp_swapcount+0x540/0x540 [ 728.409987][T22819] ? __kasan_check_read+0x11/0x20 [ 728.415010][T22819] ? do_raw_spin_unlock+0x57/0x270 [ 728.420129][T22819] do_wp_page+0x499/0x14d0 [ 728.424547][T22819] ? finish_mkwrite_fault+0x570/0x570 [ 728.429931][T22819] __handle_mm_fault+0x22f1/0x3f20 [ 728.435055][T22819] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 728.440610][T22819] ? __kasan_check_read+0x11/0x20 [ 728.445650][T22819] handle_mm_fault+0x1b5/0x6c0 [ 728.450435][T22819] __get_user_pages+0x7d4/0x1b30 [ 728.455376][T22819] ? mark_held_locks+0xf0/0xf0 [ 728.460140][T22819] ? follow_page_mask+0x1cf0/0x1cf0 [ 728.465322][T22819] ? __mm_populate+0x270/0x380 [ 728.470087][T22819] ? __kasan_check_write+0x14/0x20 [ 728.475180][T22819] ? down_read+0x109/0x430 [ 728.479579][T22819] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 728.485803][T22819] populate_vma_page_range+0x20d/0x2a0 [ 728.491247][T22819] __mm_populate+0x204/0x380 [ 728.495825][T22819] ? populate_vma_page_range+0x2a0/0x2a0 [ 728.501437][T22819] ? __kasan_check_write+0x14/0x20 [ 728.506528][T22819] ? up_write+0x155/0x490 [ 728.510837][T22819] ? ns_capable_common+0x93/0x100 [ 728.515849][T22819] __x64_sys_mlockall+0x473/0x520 [ 728.520860][T22819] do_syscall_64+0xfa/0x760 [ 728.525351][T22819] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 728.531235][T22819] RIP: 0033:0x459879 [ 728.535113][T22819] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 728.554695][T22819] RSP: 002b:00007fc0ba4e6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 728.563086][T22819] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 728.571048][T22819] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 728.579000][T22819] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 728.586958][T22819] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba4e76d4 [ 728.594919][T22819] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 728.609196][T22819] memory: usage 307100kB, limit 307200kB, failcnt 5429 [ 728.616204][T22819] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 728.623564][T22819] Memory cgroup stats for /syz3: [ 728.623933][T22819] anon 292913152 [ 728.623933][T22819] file 0 [ 728.623933][T22819] kernel_stack 917504 [ 728.623933][T22819] slab 8007680 [ 728.623933][T22819] sock 0 [ 728.623933][T22819] shmem 0 [ 728.623933][T22819] file_mapped 0 [ 728.623933][T22819] file_dirty 0 [ 728.623933][T22819] file_writeback 0 [ 728.623933][T22819] anon_thp 192937984 [ 728.623933][T22819] inactive_anon 241545216 [ 728.623933][T22819] active_anon 18112512 [ 728.623933][T22819] inactive_file 0 [ 728.623933][T22819] active_file 0 [ 728.623933][T22819] unevictable 33206272 [ 728.623933][T22819] slab_reclaimable 1351680 [ 728.623933][T22819] slab_unreclaimable 6656000 [ 728.623933][T22819] pgfault 797082 [ 728.623933][T22819] pgmajfault 0 [ 728.623933][T22819] workingset_refault 132 [ 728.623933][T22819] workingset_activate 66 [ 728.623933][T22819] workingset_nodereclaim 0 [ 728.623933][T22819] pgrefill 661 [ 728.623933][T22819] pgscan 696 [ 728.623933][T22819] pgsteal 165 [ 728.719514][T22819] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22660,uid=0 [ 728.735090][T22819] Memory cgroup out of memory: Killed process 22819 (syz-executor.3) total-vm:72832kB, anon-rss:18232kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 728.753283][ T1065] oom_reaper: reaped process 22819 (syz-executor.3), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 728.753590][T22815] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 728.776884][T22815] CPU: 1 PID: 22815 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 728.785999][T22815] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 728.796045][T22815] Call Trace: [ 728.799344][T22815] dump_stack+0x172/0x1f0 [ 728.803675][T22815] dump_header+0x177/0x1152 [ 728.808176][T22815] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 728.813973][T22815] ? ___ratelimit+0x2c8/0x595 [ 728.818751][T22815] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 728.824557][T22815] ? lockdep_hardirqs_on+0x418/0x5d0 [ 728.829845][T22815] ? trace_hardirqs_on+0x67/0x240 [ 728.834872][T22815] ? pagefault_out_of_memory+0x11c/0x11c [ 728.840505][T22815] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 728.846307][T22815] ? ___ratelimit+0x60/0x595 [ 728.850890][T22815] ? do_raw_spin_unlock+0x57/0x270 [ 728.856016][T22815] oom_kill_process.cold+0x10/0x15 [ 728.861124][T22815] out_of_memory+0x334/0x1340 [ 728.865815][T22815] ? lock_downgrade+0x920/0x920 06:29:40 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = socket$inet_tcp(0x2, 0x1, 0x0) vmsplice(r2, &(0x7f0000000740)=[{&(0x7f0000000100)="0d209e71a54292382bab8754fc590c3a92b9ae9dda6a0c0b21985665374b6c6490c4a180aee5b4d8ff46a1399570c3d6a2b9dfa23e0096b9283d", 0x3a}, {&(0x7f0000000280)="4356f87bfcc1282c3725404cd8c22a9292f987d5e01c25e5770843c3b13301959d21bb53aac3a950d5648888c47b4ff98d4c4686acd988bb944a7a5255abc3e20f8f3ba2976a23cd3e5913524f3671e526", 0x51}, {&(0x7f0000000200)}, {&(0x7f0000000300)="1fdd4d2f4e8eec727d93494d31af304152df4818920f9f165811085f5a03493c9b061df68db1b8d70894c0e2bdb1793cc76ac8bcbc326fbb4b6fd1c607814b754204087121b670672671ca171a24db6c903a11ef81dbeecbc1822213ad7be50e350cabd5d29583c46f7a64e530fc73d7639b098b4c3f7e2fa9150d2ddcc6ae2b61806c06c1347145823830867a57ab6340ca52a00df3fb66f2cd42b9f6c3cddd760144b76ac21ea3eb3c95a1a265", 0xae}, {&(0x7f0000000440)="c5d5aa68adfc17783a50c69f3190a53c63ff343fc40a602e87bf265995a8d6fb19dee16bdebc1a4e273472693be7406a2b93e9445c6355b6ba3767e63ab005c6ca910fbcd7e492d6b48b215a59e3f78496d5938ac37b97333e917db58f04e227b147e287c26d42da710dea8f4dd8fb80de6b883cda9549d83cb3d16c1453efed6b9fa8f967374f3a81465f7a1d248fc18a9d8d11bf21aa3f75bad11ebc3df2d711baf58e2a2cb19c693a70a5048a05b4c9b3a07795f60248f4596477c061ace1a9506cbeafb0d25ef24bcab53e3737f1e3fc976d01cf8a", 0xd7}, {&(0x7f00000003c0)="3ecf429c64e4b7a99ec410f45f30aa6449d0a80a7f337670f7bec046", 0x1c}, {&(0x7f0000000540)="ba86b4c27d687325572cdba6ca7f59b5ef215f99a5c0512d9131289dac55ab11745de63da236e7ce9b2be0c61906ba3bc152df083383400824007ac143f365bb8bc5370bbc96251f04932fe595f8c57991da20c6ddef065c83b94ca95535d62dac061d1b82102ea9d6226b4ded0e2a2cc5675ed2b5e95930f50b93bac403dffb2d619453f728d1e567f34db7298fd62482397e469c0e8438e6f1fda52b195ecabce8f7e540f2cd1a9eefdd473106d096c90c55806b5dd0254009837b9caa44e6b66c20d646dce5", 0xc7}, {&(0x7f0000000640)="b017ab4e135053b367c0fdfdb2fea0dd1e7787b9671fd5087c2f7afea1b9a0b8c9dcbc1afad8f423bf1ab7de68ed28ca5435771bd0fbc17f6eab159bb94466f1d2ad8c087585", 0x46}, {&(0x7f00000006c0)="9ad1", 0x2}, {&(0x7f0000000700)="fa2ac25e6a3af9be9a1f1dd370085b5bb8de71a7cd566bb93e5123956804", 0x1e}], 0xa, 0x8) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:29:40 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x106, 0x0) 06:29:40 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:40 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:40 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000140)) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 728.870672][T22815] ? oom_killer_disable+0x280/0x280 [ 728.875880][T22815] mem_cgroup_out_of_memory+0x1d8/0x240 [ 728.881426][T22815] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 728.887062][T22815] ? do_raw_spin_unlock+0x57/0x270 [ 728.892180][T22815] ? _raw_spin_unlock+0x2d/0x50 [ 728.897036][T22815] try_charge+0xf4b/0x1440 [ 728.901467][T22815] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 728.907016][T22815] ? find_held_lock+0x35/0x130 [ 728.911788][T22815] ? get_mem_cgroup_from_mm+0x139/0x320 [ 728.917348][T22815] ? lock_downgrade+0x920/0x920 [ 728.922196][T22815] ? percpu_ref_tryget_live+0x111/0x290 [ 728.927748][T22815] __memcg_kmem_charge_memcg+0x71/0xf0 [ 728.933213][T22815] ? memcg_kmem_put_cache+0x50/0x50 [ 728.938414][T22815] ? get_mem_cgroup_from_mm+0x156/0x320 [ 728.943965][T22815] __memcg_kmem_charge+0x13a/0x3a0 [ 728.949076][T22815] __alloc_pages_nodemask+0x4f7/0x900 [ 728.954464][T22815] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 728.960029][T22815] ? __alloc_pages_slowpath+0x2540/0x2540 [ 728.965748][T22815] ? percpu_ref_put_many+0xb6/0x190 [ 728.971051][T22815] ? lockdep_hardirqs_on+0x418/0x5d0 [ 728.976335][T22815] ? trace_hardirqs_on+0x67/0x240 [ 728.981366][T22815] copy_process+0x3f8/0x6830 [ 728.985962][T22815] ? debug_object_free+0x1f1/0x390 [ 728.991081][T22815] ? __cleanup_sighand+0x60/0x60 [ 728.996024][T22815] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 729.001826][T22815] ? debug_object_free+0x1f1/0x390 [ 729.006944][T22815] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 729.012755][T22815] ? lockdep_hardirqs_on+0x418/0x5d0 [ 729.018045][T22815] _do_fork+0x146/0xfa0 [ 729.022201][T22815] ? copy_init_mm+0x20/0x20 [ 729.026707][T22815] ? hrtimer_nanosleep+0x2c9/0x550 [ 729.031830][T22815] ? nanosleep_copyout+0x110/0x110 [ 729.036950][T22815] __x64_sys_clone+0x1ab/0x270 [ 729.041718][T22815] ? __ia32_sys_vfork+0xd0/0xd0 [ 729.046576][T22815] ? do_syscall_64+0x26/0x760 [ 729.051248][T22815] ? lockdep_hardirqs_on+0x418/0x5d0 [ 729.056540][T22815] ? trace_hardirqs_on+0x67/0x240 [ 729.061569][T22815] do_syscall_64+0xfa/0x760 [ 729.066079][T22815] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 729.071971][T22815] RIP: 0033:0x45c249 [ 729.075871][T22815] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 729.095560][T22815] RSP: 002b:00007ffe05a5b988 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 729.103983][T22815] RAX: ffffffffffffffda RBX: 00007fe89cce8700 RCX: 000000000045c249 [ 729.111965][T22815] RDX: 00007fe89cce89d0 RSI: 00007fe89cce7db0 RDI: 00000000003d0f00 [ 729.119940][T22815] RBP: 00007ffe05a5bba0 R08: 00007fe89cce8700 R09: 00007fe89cce8700 [ 729.127910][T22815] R10: 00007fe89cce89d0 R11: 0000000000000202 R12: 0000000000000000 [ 729.135878][T22815] R13: 00007ffe05a5ba3f R14: 0000000000020000 R15: 0000555556748c90 [ 729.151620][T22815] memory: usage 307168kB, limit 307200kB, failcnt 6008 [ 729.187761][T22815] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 729.195097][T22815] Memory cgroup stats for /syz2: [ 729.195211][T22815] anon 302317568 [ 729.195211][T22815] file 28672 [ 729.195211][T22815] kernel_stack 1048576 [ 729.195211][T22815] slab 6598656 [ 729.195211][T22815] sock 0 [ 729.195211][T22815] shmem 0 [ 729.195211][T22815] file_mapped 0 [ 729.195211][T22815] file_dirty 0 [ 729.195211][T22815] file_writeback 0 [ 729.195211][T22815] anon_thp 224395264 [ 729.195211][T22815] inactive_anon 247619584 [ 729.195211][T22815] active_anon 11882496 [ 729.195211][T22815] inactive_file 0 [ 729.195211][T22815] active_file 0 [ 729.195211][T22815] unevictable 42860544 [ 729.195211][T22815] slab_reclaimable 1216512 [ 729.195211][T22815] slab_unreclaimable 5382144 [ 729.195211][T22815] pgfault 819621 [ 729.195211][T22815] pgmajfault 0 [ 729.195211][T22815] workingset_refault 198 [ 729.195211][T22815] workingset_activate 66 [ 729.195211][T22815] workingset_nodereclaim 0 [ 729.195211][T22815] pgrefill 1466 [ 729.195211][T22815] pgscan 1693 [ 729.195211][T22815] pgsteal 231 [ 729.300753][T22815] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22815,uid=0 [ 729.323179][T22815] Memory cgroup out of memory: Killed process 22815 (syz-executor.2) total-vm:72832kB, anon-rss:18016kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 729.355618][ T1065] oom_reaper: reaped process 22815 (syz-executor.2), now anon-rss:18208kB, file-rss:54332kB, shmem-rss:0kB 06:29:41 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:41 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:41 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:41 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x80, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:41 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:41 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:42 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x107, 0x0) [ 730.080982][T22859] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 730.113062][T22859] CPU: 0 PID: 22859 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 730.122582][T22859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 730.132636][T22859] Call Trace: [ 730.135934][T22859] dump_stack+0x172/0x1f0 [ 730.140284][T22859] dump_header+0x177/0x1152 [ 730.144801][T22859] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 730.150616][T22859] ? ___ratelimit+0x2c8/0x595 [ 730.155299][T22859] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 730.161118][T22859] ? lockdep_hardirqs_on+0x418/0x5d0 [ 730.166404][T22859] ? trace_hardirqs_on+0x67/0x240 [ 730.171439][T22859] ? pagefault_out_of_memory+0x11c/0x11c [ 730.177081][T22859] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 730.182893][T22859] ? ___ratelimit+0x60/0x595 [ 730.187487][T22859] ? do_raw_spin_unlock+0x57/0x270 [ 730.192608][T22859] oom_kill_process.cold+0x10/0x15 [ 730.197727][T22859] out_of_memory+0x334/0x1340 [ 730.202411][T22859] ? lock_downgrade+0x920/0x920 [ 730.207266][T22859] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 730.213084][T22859] ? oom_killer_disable+0x280/0x280 [ 730.219434][T22859] mem_cgroup_out_of_memory+0x1d8/0x240 [ 730.224995][T22859] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 730.230638][T22859] ? do_raw_spin_unlock+0x57/0x270 [ 730.235761][T22859] ? _raw_spin_unlock+0x2d/0x50 [ 730.240620][T22859] try_charge+0xf4b/0x1440 [ 730.245053][T22859] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 730.250604][T22859] ? percpu_ref_tryget_live+0x111/0x290 [ 730.256159][T22859] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 730.262410][T22859] ? __kasan_check_read+0x11/0x20 [ 730.267445][T22859] ? get_mem_cgroup_from_mm+0x156/0x320 [ 730.273006][T22859] mem_cgroup_try_charge+0x136/0x590 [ 730.278299][T22859] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 730.284547][T22859] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 730.290190][T22859] wp_page_copy+0x41e/0x1590 [ 730.294785][T22859] ? find_held_lock+0x35/0x130 [ 730.299565][T22859] ? pmd_pfn+0x1d0/0x1d0 [ 730.303818][T22859] ? lock_downgrade+0x920/0x920 [ 730.308679][T22859] ? swp_swapcount+0x540/0x540 [ 730.313454][T22859] ? __kasan_check_read+0x11/0x20 [ 730.318483][T22859] ? do_raw_spin_unlock+0x57/0x270 [ 730.323617][T22859] do_wp_page+0x499/0x14d0 [ 730.328052][T22859] ? finish_mkwrite_fault+0x570/0x570 [ 730.333432][T22859] __handle_mm_fault+0x22f1/0x3f20 [ 730.338577][T22859] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 730.344151][T22859] ? __kasan_check_read+0x11/0x20 [ 730.349193][T22859] handle_mm_fault+0x1b5/0x6c0 [ 730.353973][T22859] __get_user_pages+0x7d4/0x1b30 [ 730.358920][T22859] ? mark_held_locks+0xf0/0xf0 [ 730.363698][T22859] ? follow_page_mask+0x1cf0/0x1cf0 [ 730.368901][T22859] ? __mm_populate+0x270/0x380 [ 730.373677][T22859] ? __kasan_check_write+0x14/0x20 [ 730.378796][T22859] ? down_read+0x109/0x430 [ 730.383216][T22859] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 730.389467][T22859] populate_vma_page_range+0x20d/0x2a0 [ 730.394941][T22859] __mm_populate+0x204/0x380 [ 730.399541][T22859] ? populate_vma_page_range+0x2a0/0x2a0 [ 730.405180][T22859] ? __kasan_check_write+0x14/0x20 [ 730.410294][T22859] ? up_write+0x155/0x490 [ 730.414628][T22859] ? ns_capable_common+0x93/0x100 [ 730.419665][T22859] __x64_sys_mlockall+0x473/0x520 [ 730.424697][T22859] do_syscall_64+0xfa/0x760 [ 730.429211][T22859] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 730.435107][T22859] RIP: 0033:0x459879 [ 730.439004][T22859] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 730.458621][T22859] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 730.467065][T22859] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 730.475044][T22859] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 730.483021][T22859] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 730.490991][T22859] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 730.498973][T22859] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 730.537120][T22859] memory: usage 307200kB, limit 307200kB, failcnt 5460 [ 730.546030][T22859] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 730.560971][T22859] Memory cgroup stats for /syz3: [ 730.561096][T22859] anon 301031424 [ 730.561096][T22859] file 0 [ 730.561096][T22859] kernel_stack 983040 [ 730.561096][T22859] slab 8007680 [ 730.561096][T22859] sock 0 [ 730.561096][T22859] shmem 0 [ 730.561096][T22859] file_mapped 0 [ 730.561096][T22859] file_dirty 0 [ 730.561096][T22859] file_writeback 0 [ 730.561096][T22859] anon_thp 195035136 [ 730.561096][T22859] inactive_anon 247463936 [ 730.561096][T22859] active_anon 18165760 [ 730.561096][T22859] inactive_file 0 [ 730.561096][T22859] active_file 0 [ 730.561096][T22859] unevictable 35467264 [ 730.561096][T22859] slab_reclaimable 1351680 [ 730.561096][T22859] slab_unreclaimable 6656000 [ 730.561096][T22859] pgfault 803979 [ 730.561096][T22859] pgmajfault 0 [ 730.561096][T22859] workingset_refault 132 [ 730.561096][T22859] workingset_activate 66 [ 730.561096][T22859] workingset_nodereclaim 0 [ 730.561096][T22859] pgrefill 661 [ 730.561096][T22859] pgscan 729 [ 730.561096][T22859] pgsteal 165 [ 730.668401][T22859] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22858,uid=0 [ 730.684184][T22859] Memory cgroup out of memory: Killed process 22858 (syz-executor.3) total-vm:72700kB, anon-rss:18224kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 730.702902][T22894] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 730.713444][T22894] CPU: 1 PID: 22894 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 730.722547][T22894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 730.732601][T22894] Call Trace: [ 730.735897][T22894] dump_stack+0x172/0x1f0 [ 730.740231][T22894] dump_header+0x177/0x1152 [ 730.744739][T22894] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 730.750541][T22894] ? ___ratelimit+0x2c8/0x595 [ 730.755217][T22894] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 730.761028][T22894] ? lockdep_hardirqs_on+0x418/0x5d0 [ 730.766315][T22894] ? trace_hardirqs_on+0x67/0x240 [ 730.771359][T22894] ? pagefault_out_of_memory+0x11c/0x11c [ 730.777098][T22894] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 730.782908][T22894] ? ___ratelimit+0x60/0x595 [ 730.787494][T22894] ? do_raw_spin_unlock+0x57/0x270 [ 730.792608][T22894] oom_kill_process.cold+0x10/0x15 [ 730.797724][T22894] out_of_memory+0x334/0x1340 [ 730.802406][T22894] ? lock_downgrade+0x920/0x920 [ 730.807265][T22894] ? oom_killer_disable+0x280/0x280 [ 730.812490][T22894] mem_cgroup_out_of_memory+0x1d8/0x240 [ 730.818044][T22894] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 730.823695][T22894] ? do_raw_spin_unlock+0x57/0x270 [ 730.828819][T22894] ? _raw_spin_unlock+0x2d/0x50 [ 730.833677][T22894] try_charge+0xf4b/0x1440 [ 730.838108][T22894] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 730.843664][T22894] ? percpu_ref_tryget_live+0x111/0x290 [ 730.849218][T22894] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 730.855463][T22894] ? __kasan_check_read+0x11/0x20 [ 730.860508][T22894] ? get_mem_cgroup_from_mm+0x156/0x320 [ 730.866061][T22894] mem_cgroup_try_charge+0x136/0x590 [ 730.871348][T22894] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 730.877594][T22894] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 730.883235][T22894] __handle_mm_fault+0x1e34/0x3f20 [ 730.888351][T22894] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 730.893914][T22894] ? __kasan_check_read+0x11/0x20 [ 730.898950][T22894] handle_mm_fault+0x1b5/0x6c0 [ 730.903722][T22894] __get_user_pages+0x7d4/0x1b30 [ 730.908662][T22894] ? mark_held_locks+0xf0/0xf0 [ 730.913439][T22894] ? follow_page_mask+0x1cf0/0x1cf0 [ 730.918638][T22894] ? __mm_populate+0x270/0x380 [ 730.923412][T22894] ? __kasan_check_write+0x14/0x20 [ 730.928527][T22894] ? down_read+0x109/0x430 [ 730.932959][T22894] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 730.939202][T22894] populate_vma_page_range+0x20d/0x2a0 [ 730.944671][T22894] __mm_populate+0x204/0x380 [ 730.949269][T22894] ? populate_vma_page_range+0x2a0/0x2a0 [ 730.954904][T22894] ? __kasan_check_write+0x14/0x20 [ 730.960009][T22894] ? up_write+0x155/0x490 [ 730.964337][T22894] ? ns_capable_common+0x93/0x100 [ 730.969364][T22894] __x64_sys_mlockall+0x473/0x520 [ 730.974387][T22894] do_syscall_64+0xfa/0x760 [ 730.978897][T22894] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 730.984790][T22894] RIP: 0033:0x459879 [ 730.988688][T22894] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 731.008291][T22894] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 731.016705][T22894] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 731.024672][T22894] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 731.032649][T22894] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 731.040621][T22894] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 731.048591][T22894] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff 06:29:43 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:43 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:43 executing program 3: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") setsockopt$ARPT_SO_SET_REPLACE(r0, 0x0, 0x60, &(0x7f0000001480)={'filter\x00', 0x7, 0x4, 0x430, 0x118, 0x118, 0x230, 0x348, 0x348, 0x348, 0x4, &(0x7f00000002c0), {[{{@uncond, 0xf0, 0x118}, @unspec=@MARK={0x28, 'MARK\x00', 0x2, {0x4, 0x489}}}, {{@arp={@initdev={0xac, 0x1e, 0x1, 0x0}, @multicast1, 0xffffffff, 0x0, @empty, {[0x0, 0x101, 0x0, 0xff, 0xff, 0xff]}, @mac=@remote, {[0xff, 0xff, 0xff, 0x0, 0x0, 0x1fe]}, 0x7, 0x6, 0x7fff, 0xff, 0x3, 0x7, 'ip6gre0\x00', 'teql0\x00', {}, {}, 0x0, 0x200}, 0xf0, 0x118}, @unspec=@AUDIT={0x28, 'AUDIT\x00'}}, {{@arp={@broadcast, @loopback, 0x0, 0x0, @empty, {[0xff, 0xff, 0x0, 0xa56765959683b5ee, 0x0, 0x17e]}, @mac=@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}, {[0xff, 0xff, 0x101, 0x1fe, 0x1fe]}, 0x1, 0x9, 0x9693, 0x67, 0x20, 0x6, 'bridge0\x00', 'veth1_to_bridge\x00', {}, {0x1fe}, 0x0, 0x33}, 0xf0, 0x118}, @unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x480) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) ioctl$EVIOCGABS2F(0xffffffffffffffff, 0x8018456f, &(0x7f0000000200)=""/62) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r4, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000100)={0xff, @multicast1, 0x4e20, 0x1, 'lc\x00', 0x6403182e649b66a1, 0x1, 0x6c}, 0x2c) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) fsetxattr$security_evm(0xffffffffffffffff, &(0x7f0000000280)='security.evm\x00', &(0x7f0000000440)=@v2={0x3, 0x2, 0x6, 0x1, 0x1000, "bd0e7b20b078c4e7e8aaa6750bd6dd210e71e2276425695c5e06f6f03f0f3fa080e763563703700a8b8e9169c20136c040fe8782d29b1dfcd054ea63b057f34fde45a9dc691573ab6dfdcc886527ab28e0d6287d02e7f5b515fe96b21d07a1e2c247b707336bfe2d8a5e0472b797fd16a8c0ff1f347d42ea539fefe804435941cafdd064275540ece7c0c0dce334377e1f824be2a43979cd173266a2c7b2e5be922ba15a41cd8d5689ca4f4bbe9249453baf53651ad7162b7de7db14f6fd9398408f83618966afe4640cfdbf8587b8c09f634e1d17ef6bee96d92fad1cf5597d4723b286db6ded9bb00ece12bc128041530dd3008b0cb3d84c6abaef18ebf0dd919858a6738d8f0642df7be910c8a49512acc274ebb65423b79cf5d23bf21cb76c8a5c61453bd414e0bed530494bdbfbfd288755e54702b5058ba5d3703ddce23c6b983e2096e7836877ee3b3a92b240bcc49be534e65d9725b66c77899e49aaef8b13e9990eda7176cf1832275cd1a4f5da9564e9af1b02ce056b9149049406c1c856190d737f167d49d91c2e49e4d2ce2a57f85218fa7f8a3e719de71c91c7d0b97bc8f83c54b7a9dd10f2793bb79b4fa6bbc9dacc9667b900769255b14b18b42b7ba103187ea9f108884048511e53f842d3cac23f231f1c7c0f0508a863a250a4bf44c761730acecaebc7083697d92f59f2b06aa1f37cd813578d0aff40044f32d88192dd50d08dc49374cea2bced848730a15d6577ce6f75132a4a56d67b4bcab5ff29ad61ecf9d131aa6795a41264a41ecf3f2aadef93f50eb85d78ddf70a58e508e7345d7b5bbc5fbe61673c95c7e3352750bff771c5bdd792bf87c7704e38e44c5df8ce4641cc2c784e67bf581bd1b2770e026b39776dc0574167fd518c5830cd675abaa6905f6e2d9280c4d504484b28b42b704f6b67ad89732299c3187807c00ec6c3677d56c6d6c49244729df8367db0edf26ab5408f2ef91a1d7ae306adee34d9f920c5bd722d2a52c8f3d8b44ab01e4502d249e0f08c83a193e851c8a7fa1f022c0adfdc59f33a3f2782259b86637d412f8b3d356db37aeef52a04d0b4337ef7f77c47275e152054447cb3a298f359a809cdb868d88a71613bfc7c08e8b9080d49dcdb6c3599b2031775de9ae7ccef959bf7c6297e4ea0c012eb35162af93c2cc55efe6108cacadeba3104de5871159a0daae615ab77aa5245ce2e208aa8b5e0c5395040a7e85b641dda1d11add002b21b85e2369e686a6a1e2ce27833f8b3e3174bf74c9d09a31c63fa7a13ad16146a10c0323633de6b6f6201409c876bbe9cafd9c75aa3e81c26625687b45d3ba76b5de91ee9ce50750e3c33fdb1e1cf8b8a5f6839cd72b78bcbbe1354786b979e4fdcc825314fbc31be5889bb2fce58249e5c801c22fc1fd668746113a8c1f9121982b649517a400fcc07f73ba0647e9fd2f8d9684e27e6ee318944d1bf998f00145fb17dbebab3c76b6cf9a72f439b0bd852fad640a820db8fb5333f4fd2abf82b2c6658eb723d4115a567199ddeaf2e63a06ac2b1f087853799424527c7959b30a99e7156ee12c90be20963dd5fea4f656b9b6e7989791a663fc9555fc2e70d2daf35af646bf23f31df69a4d210d67e649f155714e005fd0e7d82d00047722261d3ab400505fb8181136d52601c954b72e66b7c91f49546a8052ae575c4d82bb60d75969eec636fe497b18e6c00ba3475b29eb54a621cb735665805b029f0d2f6c3d6d6f925b41e881d4b6b8545d3f158f66d27945fe13cf6935cd20657838495edc7e8caac7041702b8dd91a69d0c0d681ff0d0f283ed3533ea5ef721d146c923cae19f87c21000cac6d4b7faecd68f935246eefebe4058f5e45aef2e062e10daa9bdbc6cd2cc26e7706fce649f1ae24360b42b2dead7d6897ca03a0015cf15deede9f2f646b757a629e12f95b468d92adf1c5d06b0f670e8796acfcd0b893583323044703fbdb5563bcd23e18caf557098aa2e4fd1df556a6be038c9f006b195c653ed56281c610fab399fbfa849fe8bfd10c48cfcfda3cb2184babd13130581dcc8128099fe78c77344a6f1e79b8f1f05eb53e8748c78dbfb5c23c3c036d50fa94d553b2cd87d56149d038a8dcd3ea41bb227303c9d08182975e199b5a3d021828a35b73ca519ff8d4f95a72161f346eb5218cb2c997a4c6b2413656103c1dc09fe9db609d4d0f863b56d141a99fcbfb757c8caf07ecbf1f01e5b7164c1d44c15a56beac1da25e191a747c4a05003d8ec7bed8e6a49437d08aafbee05c0b30db805dbdf2ed798560d36a681ea12eea36562cc616539dffbf345eab885c5bec432aaf7f83337ad4082ec6f098dc90e5520964ad68df8a9189a30ba4ea11f621bd617514223f339abec05ce13ccd630c841e172f5de8b95f523fdb609095b449863127fb5b99dbbd4616f6ab9520979bf38b460ba224062756cd930d572ca76726a0c22030c679a7f66487d312bb680c6551a9b659b0dc0457314a18aacb3da69582c1276f844ae4efd5f77aaee7cd236d95ba98f0b97356c9dd4abe329dcd2da905540eef22ae2f55551f41f18a85eebc75ea4bf817d3b3688cec7fc1149f62a1d16fa240cd8f0a0a8a872b8a08a413b2e9eeb59fe81436baec21ccffce9aee0476926b492714bfc4a9a5198ea0338c2fe89085fbc540b72b4f45887c8b336b98504ea8e7165f496c0ab30c79f1569011b21a9b6389c3d819b621a65379e93b812dd031d92a4e01978689559598362d2d001453c1a0a8cb65c2605d3e2d2a52ea234e7c9ad2621bfe643836a61e28623a4b01930ac2a86254f212c6632979cabef8d249067d7969e3280bacd74c84b0f2c885c03e251d2065f9f027d47ed4c471a4270c371fc0d6b7f12d449c4ab3fd78a2cb91f74ac1fdfc3b80c9acde3feaf0efbdc437d846ea8a144d6938eb8fbd8b5e43db56b6b06de418925c455edb808391c99d187fec34fc38c4955c95fee11ec445726b104f12a169a42386c80abd3c55456180f0870c0bb44693e21f0209a326024534e1ccdb7206e0fb29cabef32c19c4f02249d5c7f3822086321b562ee115dcfeb0d4d67e4b52c1c958973617ea6770c6b906e7ddf28e336bab53b678033f06b6d56e621e8c47446ab2a0c811ad8abd06403b26089ed02a7ffe6c1761a816ea64cf38d2214f5c10c193010a6c8ceacb85c78596b0911ae3aaa2f40ecbd422a53a29900e030defccf5bdce6e411267dda70071c0dce0c1db2df4378a59e389d484f4f07f13169251bdda5193392fa09e262bd3070713f2e716ea4379337536fa5fe83dff9cb71e21a495df53b55d4d7f73a1d05ea6d26ceba417ad6a40d22c48224ef483446647516f609a3c9464dfecb4f7b6f53fe799e4520a53ec7852f7ee361bf34751ea56737931b04cac0ef834f267e31021319247d186afb87b691764bc07f6fc3e53df02e29bd27ef8ff50b71dcb40dee009d27d4cd2fcabe801d91d10afce3da2c9145b323a4642bbef95aa4fdeea2d27c83160d30be52df8fa3d0fb9cc81f25158e359a70a31d8b0b2f7bfd27b2e813f2c03688ab2e9911c1fa6862e0e8a5db067b2c136248c308ff9a5547e657792a6899645628ef4fb9c4226bb9f48a83c259e411e195a1f89747d31056f57570c7d784ec9f8db03b3ce853034a8e9d3355cfa26b94a3f630e382b488001dd61a7e2c4c3caf9f1198f457ee20ebd99bff0c39fc394bf22ec71dce5f9387f420fcb3b35938ceeb91397b4362f70e4ffb8b4f17b676390314a3ddc6710bb260e61ddd16537bfab64c16dd70a52d38ba91851f539c3ef8c3061303b0d33b47d3bf32af97718745e7799b39cbd44c3232e1b528049adf50315dcbae73e473b9d0136da495710a73e523d50e6e1f2dadf30aac5a02da92d8a9dcad95911bf2d3202a249e5d3786a8bc26160b9c58ff570a752adcc92eecdc021e9017c84906d4035f667503f9a1e6d8ada0533ce005b2aecc8961feece01f7025706a826002dfcda6eb1daf6c9c11d857181328b6796d5a72a785cd989105cfae66f40b850b5fb2e7f83c776ddd15c3f4d2fe25bd083a991ec64b4d191b888c75f5ba1ad5b8a0e2f599bd1857af088f7ad455466b97d2d6fc122e1ce8751663f4c4dc655d4569bb706c0c8e4627d4ed4ab7db3136270a3640dfd95ef87dc548ab776cb2489c6755b07be23622567063a9aa2026855550271bf389140c887d4f8b32d177ba9f9bbda235b391a2d00ff5701550cde2d7d56914887c59fca89d9ee9ee95fde16e442c341ccf633757ab43956454271767b3428ffe09dc5d55a055d415a5f0a7cacc1b08532b69f103b9fbdccd10255a1a01c0e729831649acd59b3cc95f4c8794f3a141aef5f504ea10cdd304f01e536b9f97dccbf09be4f70cc4f5d22332a4b3a1203296aa55f4213c3458c028fe63f7fc4868b30eb7a3713f5e96fdd2987af4fe9212493ee4b16f3477cc2fb9ec868fbd3b66b7f3a13a4934aa88122c2866b29d5847c3e9b30987f2d6af31ad2f7897d3f6eec62baee9eacbcb1e2e3a9fc93634e040cefc258ba80cd6e1afcf5ae33475f354cca5ee6f6e58af3ab7788fba1d597123dfb6e24cdb641e890686347ec8df8738e15d6a07ebe314a95debc1d99538bb86f1aedfc5e75ee9a5b75f4b1b2a18d5a143705b92202aa166992537525f3b72853f957b53933d29e10dd18a4cd9fdadd02067c649414507b77b40f49903fa252e9bcf0410cd81f9704b277e6a35980e4d9bb1c087ed83fd6b68a61c01269bc9cc7b2928128da332daf17e7c220bbe164b1f5fc932c0334ac4708861f537fb4bbeddc6f8598a49dcfeea2ac29e3d93cb1b84381bc4c0ef69e836a229ef564d54167467603d4c119bc29b4ae2a1c40d0fffdd8182440f57913d934d323ad85abbff2b4d997bffbec0ae0c53f7a7f3df53a69c1c1531042472dc9bca951384177b9d01d4fd9d67fdd383800dd4279cf4559341ecaf57533f68d3557bd389d8845ff3456fa381dcc92dcc748f21f8d3db898b5040a74d8b300a511279a7e7727fd9419389a2b21293c45b86bfba9cb28657760e43a1f3d0e2c85cc2859c19d887afe383b21aa64946b52d084933dc7e7d0eadaae5bbacbe6c6bd8063908ecae51cc1b1cfee92833212961bf9fbd83c4791bc7c647768dc2e3874880f21646ee16b679768940ccecbc0017e495e28bf708d27541f400953f2586965e36b25781ded56a01794d05e58eb26ee84505858efe1a2017005c574a01077de5cdef9642e44f969a2375a37043b0516681b12a2720b37efdd2e11aab5e55be7094deec9685e19ce580cd84658bf09296884124c0cf8e3390b31f46d21285e5afb86496b4f53c197cf4e6275a29ee9a8074e46b5dcf73162ee4599e5da7d74c071458582db42c488785cc4f4a6211ba207d5cdc6d75c495f771e9110ac1ce8bd41679c7e633aa273ce0807d57ef6bced3070464f96fc08140edc9f6995de00318da12d90529f3f05c8aaba2fb98122337515422f584031f8b78910942e487c286f6f20ccf46fe5b5d31ab19baecd4952a0b3ee0349bf6e6d13cc29201f4738b68e93ef6762c276e344604de172895d1cddca0f7ff802c711bd2012a99d2fa1b04f4463c2158ba95594f22ea0a7cebf8fc61efeb54592f5ef6536635e6cb0820e9d886f92572df8135e63c6b64885d3fe933331c80519175d501459e63cf642744b067976224d6029af0e05b587dd51130926a38a3b4e5199b0f48f58efb6781e7b2afccc619ceae63b850594"}, 0x100a, 0x2) getsockopt$inet6_IPV6_FLOWLABEL_MGR(r5, 0x29, 0x20, &(0x7f0000000300)={@ipv4={[], [], @loopback}, 0x1ff, 0x1, 0x3, 0xc, 0x4, 0x3}, &(0x7f0000000340)=0x20) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000000000, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0xcf, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xfffffffffffffff9, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r1, 0x8010743f, &(0x7f0000000140)) [ 731.152815][T22894] memory: usage 307200kB, limit 307200kB, failcnt 6037 [ 731.166637][T22894] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 731.177068][T22894] Memory cgroup stats for /syz2: [ 731.177170][T22894] anon 302358528 [ 731.177170][T22894] file 28672 [ 731.177170][T22894] kernel_stack 917504 [ 731.177170][T22894] slab 6598656 [ 731.177170][T22894] sock 0 [ 731.177170][T22894] shmem 0 [ 731.177170][T22894] file_mapped 0 [ 731.177170][T22894] file_dirty 0 [ 731.177170][T22894] file_writeback 0 [ 731.177170][T22894] anon_thp 224395264 [ 731.177170][T22894] inactive_anon 254918656 [ 731.177170][T22894] active_anon 11911168 [ 731.177170][T22894] inactive_file 0 [ 731.177170][T22894] active_file 0 [ 731.177170][T22894] unevictable 35708928 [ 731.177170][T22894] slab_reclaimable 1216512 [ 731.177170][T22894] slab_unreclaimable 5382144 [ 731.177170][T22894] pgfault 820281 [ 731.177170][T22894] pgmajfault 0 [ 731.177170][T22894] workingset_refault 198 [ 731.177170][T22894] workingset_activate 66 [ 731.177170][T22894] workingset_nodereclaim 0 [ 731.177170][T22894] pgrefill 1499 [ 731.177170][T22894] pgscan 1726 [ 731.177170][T22894] pgsteal 231 06:29:43 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 731.320103][T22894] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2 [ 731.320145][T22894] ,task=syz-executor.2,pid=22822,uid=0 [ 731.320221][T22894] Memory cgroup out of memory: Killed process 22822 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 731.375249][T22866] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 731.382642][ T1065] oom_reaper: reaped process 22822 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 731.395473][T22866] CPU: 1 PID: 22866 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 731.405565][T22866] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 731.405572][T22866] Call Trace: [ 731.405595][T22866] dump_stack+0x172/0x1f0 [ 731.405616][T22866] dump_header+0x177/0x1152 [ 731.405635][T22866] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 731.433555][T22866] ? ___ratelimit+0x2c8/0x595 [ 731.438231][T22866] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 731.438251][T22866] ? lockdep_hardirqs_on+0x418/0x5d0 [ 731.438268][T22866] ? trace_hardirqs_on+0x67/0x240 [ 731.438286][T22866] ? pagefault_out_of_memory+0x11c/0x11c [ 731.438301][T22866] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 731.438314][T22866] ? ___ratelimit+0x60/0x595 [ 731.438324][T22866] ? do_raw_spin_unlock+0x57/0x270 [ 731.438342][T22866] oom_kill_process.cold+0x10/0x15 [ 731.449426][T22866] out_of_memory+0x334/0x1340 [ 731.449444][T22866] ? lock_downgrade+0x920/0x920 [ 731.449466][T22866] ? oom_killer_disable+0x280/0x280 [ 731.449497][T22866] mem_cgroup_out_of_memory+0x1d8/0x240 [ 731.460113][T22866] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 731.460134][T22866] ? do_raw_spin_unlock+0x57/0x270 [ 731.460153][T22866] ? _raw_spin_unlock+0x2d/0x50 [ 731.460173][T22866] try_charge+0xf4b/0x1440 [ 731.460197][T22866] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 731.460210][T22866] ? percpu_ref_tryget_live+0x111/0x290 [ 731.460232][T22866] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 731.470589][T22866] ? __kasan_check_read+0x11/0x20 [ 731.470613][T22866] ? get_mem_cgroup_from_mm+0x156/0x320 [ 731.470631][T22866] mem_cgroup_try_charge+0x136/0x590 [ 731.470649][T22866] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 731.470667][T22866] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 731.480848][T22866] wp_page_copy+0x41e/0x1590 [ 731.480865][T22866] ? find_held_lock+0x35/0x130 [ 731.480886][T22866] ? pmd_pfn+0x1d0/0x1d0 [ 731.480904][T22866] ? lock_downgrade+0x920/0x920 [ 731.480921][T22866] ? swp_swapcount+0x540/0x540 [ 731.480936][T22866] ? __kasan_check_read+0x11/0x20 [ 731.480948][T22866] ? do_raw_spin_unlock+0x57/0x270 [ 731.480967][T22866] do_wp_page+0x499/0x14d0 [ 731.490474][T22866] ? finish_mkwrite_fault+0x570/0x570 [ 731.490501][T22866] __handle_mm_fault+0x22f1/0x3f20 [ 731.490523][T22866] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 731.490553][T22866] ? __kasan_check_read+0x11/0x20 [ 731.490573][T22866] handle_mm_fault+0x1b5/0x6c0 [ 731.490592][T22866] __get_user_pages+0x7d4/0x1b30 [ 731.501291][T22866] ? mark_held_locks+0xf0/0xf0 [ 731.501320][T22866] ? follow_page_mask+0x1cf0/0x1cf0 [ 731.501333][T22866] ? __mm_populate+0x270/0x380 [ 731.501354][T22866] ? __kasan_check_write+0x14/0x20 [ 731.501370][T22866] ? down_read+0x109/0x430 [ 731.501387][T22866] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 731.501405][T22866] populate_vma_page_range+0x20d/0x2a0 [ 731.512118][T22866] __mm_populate+0x204/0x380 [ 731.512139][T22866] ? populate_vma_page_range+0x2a0/0x2a0 [ 731.512154][T22866] ? __kasan_check_write+0x14/0x20 [ 731.512169][T22866] ? up_write+0x155/0x490 [ 731.512181][T22866] ? ns_capable_common+0x93/0x100 [ 731.512201][T22866] __x64_sys_mlockall+0x473/0x520 [ 731.521430][T22866] do_syscall_64+0xfa/0x760 [ 731.521453][T22866] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 731.521466][T22866] RIP: 0033:0x459879 [ 731.521482][T22866] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 731.521490][T22866] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 731.521503][T22866] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 731.521516][T22866] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 731.532554][T22866] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 731.532563][T22866] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 731.532572][T22866] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 731.534730][T22912] IPVS: set_ctl: invalid protocol: 255 224.0.0.1:20000 [ 731.797396][T22866] memory: usage 306320kB, limit 307200kB, failcnt 1991 [ 731.804271][T22866] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 731.827752][T22866] Memory cgroup stats for /syz1: [ 731.827873][T22866] anon 295702528 [ 731.827873][T22866] file 122880 [ 731.827873][T22866] kernel_stack 983040 [ 731.827873][T22866] slab 13008896 [ 731.827873][T22866] sock 0 [ 731.827873][T22866] shmem 61440 [ 731.827873][T22866] file_mapped 0 [ 731.827873][T22866] file_dirty 0 [ 731.827873][T22866] file_writeback 0 [ 731.827873][T22866] anon_thp 136314880 [ 731.827873][T22866] inactive_anon 254877696 [ 731.827873][T22866] active_anon 5545984 [ 731.827873][T22866] inactive_file 90112 [ 731.827873][T22866] active_file 135168 [ 731.827873][T22866] unevictable 35373056 [ 731.827873][T22866] slab_reclaimable 6352896 [ 731.827873][T22866] slab_unreclaimable 6656000 [ 731.827873][T22866] pgfault 220110 [ 731.827873][T22866] pgmajfault 0 [ 731.827873][T22866] workingset_refault 33 [ 731.827873][T22866] workingset_activate 0 [ 731.827873][T22866] workingset_nodereclaim 0 [ 731.827873][T22866] pgrefill 407 [ 731.827873][T22866] pgscan 4520 [ 731.827873][T22866] pgsteal 4166 [ 731.925982][T22866] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22865,uid=0 [ 731.961801][T22866] Memory cgroup out of memory: Killed process 22865 (syz-executor.1) total-vm:72832kB, anon-rss:18224kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 731.980771][T22912] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 731.997475][T22912] CPU: 0 PID: 22912 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 732.006720][T22912] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 732.016780][T22912] Call Trace: [ 732.020164][T22912] dump_stack+0x172/0x1f0 [ 732.024501][T22912] dump_header+0x177/0x1152 [ 732.029009][T22912] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 732.034827][T22912] ? ___ratelimit+0x2c8/0x595 [ 732.039504][T22912] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 732.045314][T22912] ? lockdep_hardirqs_on+0x418/0x5d0 [ 732.050602][T22912] ? trace_hardirqs_on+0x67/0x240 [ 732.055632][T22912] ? pagefault_out_of_memory+0x11c/0x11c [ 732.061266][T22912] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 732.067072][T22912] ? ___ratelimit+0x60/0x595 [ 732.071661][T22912] ? do_raw_spin_unlock+0x57/0x270 [ 732.076779][T22912] oom_kill_process.cold+0x10/0x15 [ 732.081893][T22912] out_of_memory+0x334/0x1340 [ 732.086572][T22912] ? lock_downgrade+0x920/0x920 [ 732.091429][T22912] ? oom_killer_disable+0x280/0x280 [ 732.096638][T22912] mem_cgroup_out_of_memory+0x1d8/0x240 [ 732.102186][T22912] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 732.107823][T22912] ? do_raw_spin_unlock+0x57/0x270 [ 732.112939][T22912] ? _raw_spin_unlock+0x2d/0x50 [ 732.117791][T22912] try_charge+0xf4b/0x1440 [ 732.122220][T22912] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 732.127766][T22912] ? percpu_ref_tryget_live+0x111/0x290 [ 732.133316][T22912] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 732.139560][T22912] ? __kasan_check_read+0x11/0x20 [ 732.144587][T22912] ? get_mem_cgroup_from_mm+0x156/0x320 [ 732.150137][T22912] mem_cgroup_try_charge+0x136/0x590 [ 732.155422][T22912] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 732.161670][T22912] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 732.167323][T22912] __handle_mm_fault+0x1e34/0x3f20 [ 732.172443][T22912] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 732.178006][T22912] ? __kasan_check_read+0x11/0x20 [ 732.183044][T22912] handle_mm_fault+0x1b5/0x6c0 [ 732.187817][T22912] __get_user_pages+0x7d4/0x1b30 [ 732.192757][T22912] ? mark_held_locks+0xf0/0xf0 [ 732.197533][T22912] ? follow_page_mask+0x1cf0/0x1cf0 [ 732.202732][T22912] ? __mm_populate+0x270/0x380 [ 732.207515][T22912] ? __kasan_check_write+0x14/0x20 [ 732.212628][T22912] ? down_read+0x109/0x430 [ 732.217046][T22912] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 732.223293][T22912] populate_vma_page_range+0x20d/0x2a0 [ 732.228764][T22912] __mm_populate+0x204/0x380 [ 732.233361][T22912] ? populate_vma_page_range+0x2a0/0x2a0 [ 732.239003][T22912] ? __kasan_check_write+0x14/0x20 [ 732.244117][T22912] ? up_write+0x155/0x490 [ 732.248444][T22912] ? ns_capable_common+0x93/0x100 [ 732.253479][T22912] __x64_sys_mlockall+0x473/0x520 [ 732.258513][T22912] do_syscall_64+0xfa/0x760 [ 732.263027][T22912] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 732.268914][T22912] RIP: 0033:0x459879 [ 732.272806][T22912] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 732.292841][T22912] RSP: 002b:00007fc0ba4e6c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 732.301251][T22912] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 732.309223][T22912] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 732.317193][T22912] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 732.325164][T22912] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba4e76d4 [ 732.333137][T22912] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 732.370466][T22912] memory: usage 307192kB, limit 307200kB, failcnt 5477 [ 732.377461][T22912] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 732.384378][T22912] Memory cgroup stats for /syz3: [ 732.384498][T22912] anon 301105152 [ 732.384498][T22912] file 0 [ 732.384498][T22912] kernel_stack 983040 [ 732.384498][T22912] slab 8007680 [ 732.384498][T22912] sock 0 [ 732.384498][T22912] shmem 0 [ 732.384498][T22912] file_mapped 0 [ 732.384498][T22912] file_dirty 0 [ 732.384498][T22912] file_writeback 0 [ 732.384498][T22912] anon_thp 201326592 [ 732.384498][T22912] inactive_anon 250544128 [ 732.384498][T22912] active_anon 18165760 [ 732.384498][T22912] inactive_file 0 [ 732.384498][T22912] active_file 0 [ 732.384498][T22912] unevictable 32522240 [ 732.384498][T22912] slab_reclaimable 1351680 [ 732.384498][T22912] slab_unreclaimable 6656000 [ 732.384498][T22912] pgfault 805860 [ 732.384498][T22912] pgmajfault 0 [ 732.384498][T22912] workingset_refault 132 [ 732.384498][T22912] workingset_activate 66 [ 732.384498][T22912] workingset_nodereclaim 0 [ 732.384498][T22912] pgrefill 729 [ 732.384498][T22912] pgscan 797 [ 732.384498][T22912] pgsteal 165 [ 732.479899][T22912] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22861,uid=0 [ 732.495935][T22912] Memory cgroup out of memory: Killed process 22861 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 732.540256][T22894] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 732.557325][T22894] CPU: 0 PID: 22894 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 732.566451][T22894] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 732.576503][T22894] Call Trace: [ 732.579803][T22894] dump_stack+0x172/0x1f0 [ 732.584138][T22894] dump_header+0x177/0x1152 06:29:44 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:44 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:44 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x108, 0x0) [ 732.588651][T22894] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 732.594475][T22894] ? ___ratelimit+0x2c8/0x595 [ 732.599160][T22894] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 732.604972][T22894] ? lockdep_hardirqs_on+0x418/0x5d0 [ 732.610259][T22894] ? trace_hardirqs_on+0x67/0x240 [ 732.615296][T22894] ? pagefault_out_of_memory+0x11c/0x11c [ 732.620934][T22894] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 732.626745][T22894] ? ___ratelimit+0x60/0x595 [ 732.631342][T22894] ? do_raw_spin_unlock+0x57/0x270 06:29:44 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x80) ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1217592c26e1e33f0a9ac90d6f847652c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca"], 0x9) r0 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r0, 0x5206, &(0x7f0000000400)) r1 = socket$inet6_udplite(0xa, 0x2, 0x88) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB], 0x1) close(r2) r3 = socket$inet_tcp(0x2, 0x1, 0x0) r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x101000, 0x0) getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x2e94cbcff8f4ba30, &(0x7f0000000080)={@multicast2, @rand_addr, 0x0}, &(0x7f00000000c0)=0xc) sendmsg$nl_route(r4, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x28000}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)=@ipv6_getaddr={0x40, 0x16, 0x8, 0x70bd2c, 0x25dfdbff, {0xa, 0x28, 0x8, 0xfd, r5}, [@IFA_ADDRESS={0x14, 0x1, @initdev={0xfe, 0x88, [], 0x1, 0x0}}, @IFA_LOCAL={0x14, 0x2, @mcast2}]}, 0x40}, 0x1, 0x0, 0x0, 0x8040}, 0x20000814) r6 = socket$inet_tcp(0x2, 0x1, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0}, &(0x7f0000cab000)=0xc) setfsuid(r7) setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000300)={{{@in=@broadcast, @in6=@initdev={0xfe, 0x88, [], 0x8, 0x0}, 0x4e22, 0x3, 0x4e21, 0x2, 0x2, 0x80, 0x60, 0x56, r5, r7}, {0x2, 0x81, 0x0, 0x2, 0x4, 0x3, 0x7, 0x2d72}, {0x2, 0x6, 0x5, 0x1}, 0x273bd49b, 0x0, 0x1, 0x1, 0x0, 0x3}, {{@in6=@loopback, 0x4d6, 0x3c}, 0xa, @in=@loopback, 0x34ff, 0x1, 0x0, 0x5, 0x80000001, 0x800, 0xfffffffffffffff9}}, 0xe8) write$P9_RLINK(r2, &(0x7f0000000140)={0x7, 0x47, 0x2}, 0x7) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40090d1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x4, 0x0, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r1, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 732.636468][T22894] oom_kill_process.cold+0x10/0x15 [ 732.641591][T22894] out_of_memory+0x334/0x1340 [ 732.646279][T22894] ? lock_downgrade+0x920/0x920 [ 732.651146][T22894] ? oom_killer_disable+0x280/0x280 [ 732.656357][T22894] mem_cgroup_out_of_memory+0x1d8/0x240 [ 732.661928][T22894] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 732.667567][T22894] ? do_raw_spin_unlock+0x57/0x270 [ 732.672688][T22894] ? _raw_spin_unlock+0x2d/0x50 [ 732.677566][T22894] try_charge+0xf4b/0x1440 [ 732.681991][T22894] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 732.687541][T22894] ? percpu_ref_tryget_live+0x111/0x290 [ 732.693099][T22894] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 732.699352][T22894] ? __kasan_check_read+0x11/0x20 [ 732.704390][T22894] ? get_mem_cgroup_from_mm+0x156/0x320 [ 732.709947][T22894] mem_cgroup_try_charge+0x136/0x590 [ 732.715234][T22894] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 732.721482][T22894] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 732.727119][T22894] __handle_mm_fault+0x1e34/0x3f20 [ 732.732243][T22894] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 732.737812][T22894] ? __kasan_check_read+0x11/0x20 [ 732.742848][T22894] handle_mm_fault+0x1b5/0x6c0 [ 732.747619][T22894] __get_user_pages+0x7d4/0x1b30 [ 732.752563][T22894] ? mark_held_locks+0xf0/0xf0 [ 732.757334][T22894] ? follow_page_mask+0x1cf0/0x1cf0 [ 732.757349][T22894] ? __mm_populate+0x270/0x380 [ 732.757371][T22894] ? memset+0x32/0x40 [ 732.757391][T22894] populate_vma_page_range+0x20d/0x2a0 [ 732.757410][T22894] __mm_populate+0x204/0x380 [ 732.757429][T22894] ? populate_vma_page_range+0x2a0/0x2a0 [ 732.757447][T22894] ? up_write+0x1c8/0x490 [ 732.757470][T22894] __x64_sys_mremap+0x7dc/0xb80 [ 732.776810][T22894] ? mremap_to+0x750/0x750 [ 732.776837][T22894] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 732.776852][T22894] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 732.776874][T22894] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 732.806043][T22894] ? do_syscall_64+0x26/0x760 [ 732.806060][T22894] ? lockdep_hardirqs_on+0x418/0x5d0 [ 732.806078][T22894] ? trace_hardirqs_on+0x67/0x240 [ 732.827490][T22894] do_syscall_64+0xfa/0x760 [ 732.827514][T22894] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 732.827525][T22894] RIP: 0033:0x459879 [ 732.827540][T22894] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 732.827548][T22894] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 732.827560][T22894] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 732.827568][T22894] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 732.827577][T22894] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 732.827585][T22894] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 732.827593][T22894] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 732.867410][T22894] memory: usage 307200kB, limit 307200kB, failcnt 6092 [ 732.986847][T22894] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 732.996428][T22894] Memory cgroup stats for /syz2: [ 732.996548][T22894] anon 302268416 [ 732.996548][T22894] file 28672 [ 732.996548][T22894] kernel_stack 983040 [ 732.996548][T22894] slab 6598656 [ 732.996548][T22894] sock 0 [ 732.996548][T22894] shmem 0 [ 732.996548][T22894] file_mapped 0 [ 732.996548][T22894] file_dirty 0 [ 732.996548][T22894] file_writeback 0 [ 732.996548][T22894] anon_thp 226492416 [ 732.996548][T22894] inactive_anon 246697984 [ 732.996548][T22894] active_anon 11911168 [ 732.996548][T22894] inactive_file 0 [ 732.996548][T22894] active_file 0 [ 732.996548][T22894] unevictable 43823104 [ 732.996548][T22894] slab_reclaimable 1216512 [ 732.996548][T22894] slab_unreclaimable 5382144 [ 732.996548][T22894] pgfault 821700 [ 732.996548][T22894] pgmajfault 0 [ 732.996548][T22894] workingset_refault 198 [ 732.996548][T22894] workingset_activate 66 [ 732.996548][T22894] workingset_nodereclaim 0 [ 732.996548][T22894] pgrefill 1499 [ 732.996548][T22894] pgscan 1726 [ 732.996548][T22894] pgsteal 231 [ 733.124856][T22894] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22884,uid=0 [ 733.155746][T22894] Memory cgroup out of memory: Killed process 22894 (syz-executor.2) total-vm:72700kB, anon-rss:17028kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 733.194274][ T1065] oom_reaper: reaped process 22894 (syz-executor.2), now anon-rss:17020kB, file-rss:54332kB, shmem-rss:0kB [ 733.259225][T22908] IPVS: set_ctl: invalid protocol: 255 224.0.0.1:20000 06:29:45 executing program 2: mkdir(&(0x7f0000000140)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e09c1dc97ba8a70ad1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8661b8db3d2145a0e661203ec"], 0x9) r1 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x1, 0x2) ioctl$VIDIOC_CREATE_BUFS(r1, 0xc100565c, &(0x7f0000000440)={0x0, 0x9, 0x1, {0xb, @sdr={0x0, 0x1}}}) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x3, 0x11, r1, 0x40000) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) sendto$unix(r2, &(0x7f0000000280)="2b4fe1a09b5d6d0667d01768d0dd6cdf93ab7764aca5682e4122b296c46ce30fa1654f09c312759fc3c6df9d2c3dccbd3ddbcd0863e06c294fa2d2cbc8c2109789c22ab61a8089f9", 0x48, 0x800, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:45 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x109, 0x0) 06:29:45 executing program 0: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:45 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 733.430921][T22921] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 733.464212][T22921] CPU: 0 PID: 22921 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 733.473354][T22921] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 733.473360][T22921] Call Trace: [ 733.473381][T22921] dump_stack+0x172/0x1f0 [ 733.473401][T22921] dump_header+0x177/0x1152 [ 733.495524][T22921] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 733.501354][T22921] ? ___ratelimit+0x2c8/0x595 [ 733.506051][T22921] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 733.511856][T22921] ? lockdep_hardirqs_on+0x418/0x5d0 [ 733.517140][T22921] ? trace_hardirqs_on+0x67/0x240 [ 733.517159][T22921] ? pagefault_out_of_memory+0x11c/0x11c 06:29:45 executing program 0: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 733.517179][T22921] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 733.533603][T22921] ? ___ratelimit+0x60/0x595 [ 733.538197][T22921] ? do_raw_spin_unlock+0x57/0x270 [ 733.543579][T22921] oom_kill_process.cold+0x10/0x15 [ 733.548698][T22921] out_of_memory+0x334/0x1340 [ 733.553371][T22921] ? lock_downgrade+0x920/0x920 [ 733.553392][T22921] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 733.553410][T22921] ? oom_killer_disable+0x280/0x280 [ 733.569240][T22921] mem_cgroup_out_of_memory+0x1d8/0x240 [ 733.574792][T22921] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 733.580435][T22921] ? do_raw_spin_unlock+0x57/0x270 [ 733.585549][T22921] ? _raw_spin_unlock+0x2d/0x50 [ 733.585574][T22921] try_charge+0xf4b/0x1440 [ 733.585597][T22921] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 733.600380][T22921] ? percpu_ref_tryget_live+0x111/0x290 [ 733.605941][T22921] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 733.612194][T22921] ? __kasan_check_read+0x11/0x20 [ 733.617228][T22921] ? get_mem_cgroup_from_mm+0x156/0x320 [ 733.622771][T22921] mem_cgroup_try_charge+0x136/0x590 [ 733.622790][T22921] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 733.622810][T22921] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 733.622828][T22921] wp_page_copy+0x41e/0x1590 [ 733.644518][T22921] ? find_held_lock+0x35/0x130 [ 733.644543][T22921] ? pmd_pfn+0x1d0/0x1d0 [ 733.644564][T22921] ? lock_downgrade+0x920/0x920 [ 733.658371][T22921] ? swp_swapcount+0x540/0x540 [ 733.663129][T22921] ? __kasan_check_read+0x11/0x20 [ 733.668143][T22921] ? do_raw_spin_unlock+0x57/0x270 [ 733.668163][T22921] do_wp_page+0x499/0x14d0 [ 733.668183][T22921] ? finish_mkwrite_fault+0x570/0x570 [ 733.668208][T22921] __handle_mm_fault+0x22f1/0x3f20 [ 733.668230][T22921] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 733.668260][T22921] ? __kasan_check_read+0x11/0x20 [ 733.668282][T22921] handle_mm_fault+0x1b5/0x6c0 [ 733.688210][T22921] __get_user_pages+0x7d4/0x1b30 [ 733.688227][T22921] ? mark_held_locks+0xf0/0xf0 [ 733.688252][T22921] ? follow_page_mask+0x1cf0/0x1cf0 [ 733.688263][T22921] ? __mm_populate+0x270/0x380 [ 733.688286][T22921] ? __kasan_check_write+0x14/0x20 [ 733.688302][T22921] ? down_read+0x109/0x430 [ 733.688317][T22921] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 733.688335][T22921] populate_vma_page_range+0x20d/0x2a0 [ 733.703604][T22921] __mm_populate+0x204/0x380 [ 733.723193][T22921] ? populate_vma_page_range+0x2a0/0x2a0 [ 733.723213][T22921] ? __kasan_check_write+0x14/0x20 [ 733.723225][T22921] ? up_write+0x155/0x490 [ 733.723243][T22921] ? ns_capable_common+0x93/0x100 [ 733.748962][T22921] __x64_sys_mlockall+0x473/0x520 [ 733.748982][T22921] do_syscall_64+0xfa/0x760 [ 733.749003][T22921] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 733.749015][T22921] RIP: 0033:0x459879 [ 733.749029][T22921] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 733.749036][T22921] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 733.749053][T22921] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 733.749062][T22921] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 06:29:45 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = creat(0x0, 0x0) r1 = syz_open_dev$media(&(0x7f0000000200)='/dev/media#\x00', 0xffffffffffffffeb, 0x40000) ioctl$DRM_IOCTL_DROP_MASTER(r1, 0x641f) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r3 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r3, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000100)=0x2) r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r4, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r2, 0x8010743f, &(0x7f0000000140)) [ 733.749070][T22921] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 733.749078][T22921] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 733.749086][T22921] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 733.837214][T22921] memory: usage 307200kB, limit 307200kB, failcnt 2033 06:29:46 executing program 0: ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 733.925781][T22921] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 733.952610][T22921] Memory cgroup stats for /syz1: [ 733.952726][T22921] anon 296529920 [ 733.952726][T22921] file 122880 [ 733.952726][T22921] kernel_stack 983040 [ 733.952726][T22921] slab 13008896 [ 733.952726][T22921] sock 0 [ 733.952726][T22921] shmem 61440 [ 733.952726][T22921] file_mapped 0 [ 733.952726][T22921] file_dirty 0 [ 733.952726][T22921] file_writeback 0 [ 733.952726][T22921] anon_thp 140509184 [ 733.952726][T22921] inactive_anon 253562880 [ 733.952726][T22921] active_anon 5505024 [ 733.952726][T22921] inactive_file 90112 [ 733.952726][T22921] active_file 135168 [ 733.952726][T22921] unevictable 37527552 [ 733.952726][T22921] slab_reclaimable 6352896 [ 733.952726][T22921] slab_unreclaimable 6656000 [ 733.952726][T22921] pgfault 223377 [ 733.952726][T22921] pgmajfault 0 [ 733.952726][T22921] workingset_refault 33 [ 733.952726][T22921] workingset_activate 0 [ 733.952726][T22921] workingset_nodereclaim 0 [ 733.952726][T22921] pgrefill 407 [ 733.952726][T22921] pgscan 4520 [ 733.952726][T22921] pgsteal 4166 [ 734.058628][T22921] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22920,uid=0 06:29:46 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:46 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 734.087056][T22921] Memory cgroup out of memory: Killed process 22920 (syz-executor.1) total-vm:72832kB, anon-rss:18224kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 06:29:46 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:46 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x10a, 0x0) 06:29:46 executing program 0: socket$inet_udplite(0x2, 0x2, 0x88) ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 734.450015][T22945] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 734.473579][T22945] CPU: 0 PID: 22945 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 734.482707][T22945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 734.492848][T22945] Call Trace: [ 734.496151][T22945] dump_stack+0x172/0x1f0 [ 734.500518][T22945] dump_header+0x177/0x1152 [ 734.505032][T22945] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 734.510838][T22945] ? ___ratelimit+0x2c8/0x595 [ 734.515509][T22945] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 734.521319][T22945] ? lockdep_hardirqs_on+0x418/0x5d0 [ 734.521335][T22945] ? trace_hardirqs_on+0x67/0x240 [ 734.521352][T22945] ? pagefault_out_of_memory+0x11c/0x11c [ 734.521367][T22945] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 734.521380][T22945] ? ___ratelimit+0x60/0x595 [ 734.521396][T22945] ? do_raw_spin_unlock+0x57/0x270 [ 734.552941][T22945] oom_kill_process.cold+0x10/0x15 [ 734.558061][T22945] out_of_memory+0x334/0x1340 [ 734.562742][T22945] ? lock_downgrade+0x920/0x920 [ 734.567605][T22945] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 734.573408][T22945] ? oom_killer_disable+0x280/0x280 [ 734.578620][T22945] mem_cgroup_out_of_memory+0x1d8/0x240 [ 734.584169][T22945] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 734.589808][T22945] ? do_raw_spin_unlock+0x57/0x270 [ 734.594928][T22945] ? _raw_spin_unlock+0x2d/0x50 [ 734.599789][T22945] try_charge+0xf4b/0x1440 [ 734.604216][T22945] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 734.609763][T22945] ? percpu_ref_tryget_live+0x111/0x290 [ 734.615313][T22945] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 734.621557][T22945] ? __kasan_check_read+0x11/0x20 [ 734.626592][T22945] ? get_mem_cgroup_from_mm+0x156/0x320 [ 734.632141][T22945] mem_cgroup_try_charge+0x136/0x590 [ 734.637429][T22945] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 734.643682][T22945] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 734.649326][T22945] __handle_mm_fault+0x1e34/0x3f20 [ 734.654448][T22945] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 734.660017][T22945] ? __kasan_check_read+0x11/0x20 [ 734.665053][T22945] handle_mm_fault+0x1b5/0x6c0 [ 734.669828][T22945] __get_user_pages+0x7d4/0x1b30 [ 734.674775][T22945] ? follow_page_mask+0x1cf0/0x1cf0 [ 734.679977][T22945] ? memset+0x32/0x40 [ 734.683962][T22945] populate_vma_page_range+0x20d/0x2a0 [ 734.689427][T22945] __mm_populate+0x204/0x380 [ 734.694028][T22945] ? populate_vma_page_range+0x2a0/0x2a0 [ 734.699663][T22945] ? __kasan_check_write+0x14/0x20 [ 734.704772][T22945] ? up_write+0x155/0x490 [ 734.709109][T22945] __x64_sys_mremap+0x7dc/0xb80 [ 734.713957][T22945] ? retint_kernel+0x2b/0x2b [ 734.718547][T22945] ? trace_hardirqs_on_caller+0x6a/0x240 [ 734.724187][T22945] ? mremap_to+0x750/0x750 [ 734.728611][T22945] ? retint_kernel+0x2b/0x2b [ 734.733218][T22945] ? do_syscall_64+0xc0/0x760 [ 734.737903][T22945] do_syscall_64+0xfa/0x760 [ 734.742414][T22945] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 734.748305][T22945] RIP: 0033:0x459879 [ 734.752200][T22945] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 734.771830][T22945] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 734.780248][T22945] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 734.788223][T22945] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 734.796195][T22945] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 734.804166][T22945] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 734.812140][T22945] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 734.828610][T22945] memory: usage 307200kB, limit 307200kB, failcnt 6146 [ 734.847359][T22945] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 734.857052][T22945] Memory cgroup stats for /syz2: [ 734.857159][T22945] anon 302215168 [ 734.857159][T22945] file 28672 [ 734.857159][T22945] kernel_stack 983040 [ 734.857159][T22945] slab 6733824 [ 734.857159][T22945] sock 0 [ 734.857159][T22945] shmem 0 [ 734.857159][T22945] file_mapped 0 [ 734.857159][T22945] file_dirty 0 [ 734.857159][T22945] file_writeback 0 [ 734.857159][T22945] anon_thp 222298112 [ 734.857159][T22945] inactive_anon 246640640 [ 734.857159][T22945] active_anon 11919360 [ 734.857159][T22945] inactive_file 0 [ 734.857159][T22945] active_file 0 [ 734.857159][T22945] unevictable 43806720 [ 734.857159][T22945] slab_reclaimable 1216512 [ 734.857159][T22945] slab_unreclaimable 5517312 [ 734.857159][T22945] pgfault 824802 [ 734.857159][T22945] pgmajfault 0 [ 734.857159][T22945] workingset_refault 198 [ 734.857159][T22945] workingset_activate 66 [ 734.857159][T22945] workingset_nodereclaim 0 [ 734.857159][T22945] pgrefill 1532 [ 734.857159][T22945] pgscan 1726 [ 734.857159][T22945] pgsteal 231 [ 734.951576][T22945] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22944,uid=0 [ 734.967880][T22945] Memory cgroup out of memory: Killed process 22944 (syz-executor.2) total-vm:72700kB, anon-rss:16888kB, file-rss:54348kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 734.986545][ T1065] oom_reaper: reaped process 22944 (syz-executor.2), now anon-rss:16880kB, file-rss:54344kB, shmem-rss:0kB [ 734.986649][T22966] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 735.008851][T22966] CPU: 1 PID: 22966 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 735.017959][T22966] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 735.028021][T22966] Call Trace: [ 735.031319][T22966] dump_stack+0x172/0x1f0 [ 735.035656][T22966] dump_header+0x177/0x1152 [ 735.040174][T22966] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 735.045984][T22966] ? ___ratelimit+0x2c8/0x595 [ 735.050661][T22966] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 735.056471][T22966] ? lockdep_hardirqs_on+0x418/0x5d0 [ 735.061756][T22966] ? trace_hardirqs_on+0x67/0x240 [ 735.066790][T22966] ? pagefault_out_of_memory+0x11c/0x11c [ 735.072431][T22966] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 735.078239][T22966] ? ___ratelimit+0x60/0x595 [ 735.082826][T22966] ? do_raw_spin_unlock+0x57/0x270 [ 735.087943][T22966] oom_kill_process.cold+0x10/0x15 [ 735.093061][T22966] out_of_memory+0x334/0x1340 [ 735.097760][T22966] ? lock_downgrade+0x920/0x920 06:29:47 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) r0 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r0, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r1) renameat(r0, &(0x7f0000000280)='./file0\x00', r1, &(0x7f00000002c0)='./file0\x00') socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="0978f0bd3fd5490000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d676243a68030da6b31ec3fca5630ec05cd91cde8"], 0x9) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) r4 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r5 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r5, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") dup3(r2, r5, 0x100000) r6 = dup(r4) ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r6, 0xc0305710, &(0x7f0000000140)={0x0, 0x5, 0x20, 0x3ff}) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:47 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:47 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc54ec1198bf2ae00000000009dd0de306b31ec3fca6be8ec05cd91cde8c49f2c396850dedc4a72812980ea8bb3e34df492e9119e2aae44f8809cdd32c7eac1fb99eadc80b11f9d001cb746a38427c31879ca3d8db4e8dcccaaa7407f7e720a94eb55f35486fa981dc4ecf48733fa17f349a00479a6aa9aefeec24f5a6ecd76d400b03f8f7510ceda227fc316071f03f2bbef810ba5aff45327198a4acc5b87384a7f14cbd42a2fa0e4aa8f87938beac7b09e0298c639693ac0"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") recvmsg(r3, &(0x7f00000008c0)={&(0x7f0000000380)=@tipc, 0x80, &(0x7f0000000140)=[{&(0x7f0000000440)=""/207, 0xcf}, {&(0x7f0000000540)=""/207, 0xcf}, {&(0x7f0000000640)=""/228, 0xe4}, {&(0x7f0000000740)=""/169, 0xa9}], 0x4, &(0x7f0000000800)=""/152, 0x98}, 0xbfda9d23d72ff378) clone(0xc4181000, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r4) ioctl$SIOCGETLINKNAME(r4, 0x89e0, &(0x7f0000000900)) 06:29:47 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 735.102616][T22966] ? oom_killer_disable+0x280/0x280 [ 735.107824][T22966] mem_cgroup_out_of_memory+0x1d8/0x240 [ 735.113363][T22966] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 735.118996][T22966] ? do_raw_spin_unlock+0x57/0x270 [ 735.124115][T22966] ? _raw_spin_unlock+0x2d/0x50 [ 735.128972][T22966] try_charge+0xf4b/0x1440 [ 735.133401][T22966] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 735.138952][T22966] ? percpu_ref_tryget_live+0x111/0x290 [ 735.144509][T22966] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 735.150761][T22966] ? __kasan_check_read+0x11/0x20 [ 735.155797][T22966] ? get_mem_cgroup_from_mm+0x156/0x320 [ 735.161348][T22966] mem_cgroup_try_charge+0x136/0x590 [ 735.166644][T22966] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 735.172893][T22966] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 735.178534][T22966] wp_page_copy+0x41e/0x1590 [ 735.183130][T22966] ? find_held_lock+0x35/0x130 [ 735.187900][T22966] ? pmd_pfn+0x1d0/0x1d0 [ 735.192149][T22966] ? lock_downgrade+0x920/0x920 [ 735.197001][T22966] ? swp_swapcount+0x540/0x540 [ 735.201770][T22966] ? __kasan_check_read+0x11/0x20 [ 735.206794][T22966] ? do_raw_spin_unlock+0x57/0x270 [ 735.211907][T22966] do_wp_page+0x499/0x14d0 [ 735.216335][T22966] ? finish_mkwrite_fault+0x570/0x570 [ 735.221733][T22966] __handle_mm_fault+0x22f1/0x3f20 [ 735.226860][T22966] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 735.232429][T22966] ? __kasan_check_read+0x11/0x20 [ 735.237470][T22966] handle_mm_fault+0x1b5/0x6c0 [ 735.242245][T22966] __get_user_pages+0x7d4/0x1b30 [ 735.247197][T22966] ? follow_page_mask+0x1cf0/0x1cf0 06:29:47 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 735.252412][T22966] ? __kasan_check_write+0x14/0x20 [ 735.257527][T22966] ? down_read+0x109/0x430 [ 735.261946][T22966] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 735.268199][T22966] populate_vma_page_range+0x20d/0x2a0 [ 735.273665][T22966] __mm_populate+0x204/0x380 [ 735.278349][T22966] ? populate_vma_page_range+0x2a0/0x2a0 [ 735.283988][T22966] ? __kasan_check_write+0x14/0x20 [ 735.289100][T22966] ? up_write+0x155/0x490 [ 735.293430][T22966] ? ns_capable_common+0x93/0x100 [ 735.298463][T22966] __x64_sys_mlockall+0x473/0x520 [ 735.303494][T22966] do_syscall_64+0xfa/0x760 [ 735.308007][T22966] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 735.313898][T22966] RIP: 0033:0x459879 [ 735.317794][T22966] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 735.337385][T22966] RSP: 002b:00007fc0ba507c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 735.337398][T22966] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 735.337406][T22966] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 735.337414][T22966] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 735.337422][T22966] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5086d4 [ 735.337431][T22966] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 735.341402][T22966] memory: usage 307200kB, limit 307200kB, failcnt 5506 [ 735.404443][T22966] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 735.404453][T22966] Memory cgroup stats for /syz3: [ 735.404551][T22966] anon 300879872 [ 735.404551][T22966] file 0 [ 735.404551][T22966] kernel_stack 983040 [ 735.404551][T22966] slab 8007680 [ 735.404551][T22966] sock 0 [ 735.404551][T22966] shmem 0 [ 735.404551][T22966] file_mapped 0 [ 735.404551][T22966] file_dirty 0 [ 735.404551][T22966] file_writeback 0 [ 735.404551][T22966] anon_thp 197132288 [ 735.404551][T22966] inactive_anon 247566336 [ 735.404551][T22966] active_anon 18231296 [ 735.404551][T22966] inactive_file 0 [ 735.404551][T22966] active_file 0 [ 735.404551][T22966] unevictable 35291136 [ 735.404551][T22966] slab_reclaimable 1351680 [ 735.404551][T22966] slab_unreclaimable 6656000 [ 735.404551][T22966] pgfault 815001 [ 735.404551][T22966] pgmajfault 0 [ 735.404551][T22966] workingset_refault 132 [ 735.404551][T22966] workingset_activate 66 [ 735.404551][T22966] workingset_nodereclaim 0 [ 735.404551][T22966] pgrefill 729 [ 735.404551][T22966] pgscan 797 [ 735.404551][T22966] pgsteal 165 [ 735.505786][T22966] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22951,uid=0 [ 735.523789][T22966] Memory cgroup out of memory: Killed process 22951 (syz-executor.3) total-vm:72832kB, anon-rss:18152kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 735.551749][ T1065] oom_reaper: reaped process 22951 (syz-executor.3), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 735.551895][T22977] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 735.593722][T22977] CPU: 1 PID: 22977 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 735.602855][T22977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 735.612925][T22977] Call Trace: [ 735.616206][T22977] dump_stack+0x172/0x1f0 [ 735.620523][T22977] dump_header+0x177/0x1152 [ 735.625008][T22977] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 735.630803][T22977] ? ___ratelimit+0x2c8/0x595 [ 735.635460][T22977] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 735.641267][T22977] ? lockdep_hardirqs_on+0x418/0x5d0 [ 735.646532][T22977] ? trace_hardirqs_on+0x67/0x240 [ 735.651539][T22977] ? pagefault_out_of_memory+0x11c/0x11c [ 735.657152][T22977] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 735.662941][T22977] ? ___ratelimit+0x60/0x595 [ 735.667509][T22977] ? do_raw_spin_unlock+0x57/0x270 [ 735.672603][T22977] oom_kill_process.cold+0x10/0x15 [ 735.677694][T22977] out_of_memory+0x334/0x1340 [ 735.682351][T22977] ? lock_downgrade+0x920/0x920 [ 735.687187][T22977] ? oom_killer_disable+0x280/0x280 [ 735.692374][T22977] mem_cgroup_out_of_memory+0x1d8/0x240 [ 735.697898][T22977] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 735.703513][T22977] ? do_raw_spin_unlock+0x57/0x270 [ 735.711126][T22977] ? _raw_spin_unlock+0x2d/0x50 [ 735.715961][T22977] try_charge+0xf4b/0x1440 [ 735.720377][T22977] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 735.725913][T22977] ? percpu_ref_tryget_live+0x111/0x290 [ 735.731444][T22977] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 735.737666][T22977] ? __kasan_check_read+0x11/0x20 [ 735.742678][T22977] ? get_mem_cgroup_from_mm+0x156/0x320 [ 735.748205][T22977] mem_cgroup_try_charge+0x136/0x590 [ 735.753486][T22977] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 735.759717][T22977] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 735.765331][T22977] __handle_mm_fault+0x1e34/0x3f20 [ 735.770425][T22977] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 735.775959][T22977] ? __kasan_check_read+0x11/0x20 [ 735.780973][T22977] handle_mm_fault+0x1b5/0x6c0 [ 735.785721][T22977] __get_user_pages+0x7d4/0x1b30 [ 735.790653][T22977] ? mark_held_locks+0xf0/0xf0 [ 735.795433][T22977] ? follow_page_mask+0x1cf0/0x1cf0 [ 735.800619][T22977] ? __mm_populate+0x270/0x380 [ 735.805380][T22977] ? __kasan_check_write+0x14/0x20 [ 735.810478][T22977] ? down_read+0x109/0x430 [ 735.814883][T22977] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 735.821110][T22977] populate_vma_page_range+0x20d/0x2a0 [ 735.826556][T22977] __mm_populate+0x204/0x380 [ 735.831130][T22977] ? populate_vma_page_range+0x2a0/0x2a0 [ 735.836740][T22977] ? __kasan_check_write+0x14/0x20 [ 735.841829][T22977] ? up_write+0x155/0x490 [ 735.846139][T22977] ? ns_capable_common+0x93/0x100 [ 735.851150][T22977] __x64_sys_mlockall+0x473/0x520 [ 735.856159][T22977] do_syscall_64+0xfa/0x760 [ 735.860649][T22977] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 735.866521][T22977] RIP: 0033:0x459879 [ 735.870398][T22977] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 735.889996][T22977] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 735.898396][T22977] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 735.906388][T22977] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 735.914339][T22977] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 735.922292][T22977] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 735.930243][T22977] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 736.017497][T22977] memory: usage 306904kB, limit 307200kB, failcnt 2051 [ 736.030988][T22977] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 736.053195][T22977] Memory cgroup stats for /syz1: [ 736.053302][T22977] anon 296968192 [ 736.053302][T22977] file 122880 [ 736.053302][T22977] kernel_stack 851968 [ 736.053302][T22977] slab 12468224 [ 736.053302][T22977] sock 0 [ 736.053302][T22977] shmem 61440 [ 736.053302][T22977] file_mapped 0 [ 736.053302][T22977] file_dirty 0 [ 736.053302][T22977] file_writeback 0 [ 736.053302][T22977] anon_thp 136314880 [ 736.053302][T22977] inactive_anon 259002368 [ 736.053302][T22977] active_anon 5505024 [ 736.053302][T22977] inactive_file 90112 [ 736.053302][T22977] active_file 135168 [ 736.053302][T22977] unevictable 32587776 [ 736.053302][T22977] slab_reclaimable 5812224 06:29:48 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:48 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x10b, 0x0) 06:29:48 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:48 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000100)=0x2fd) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) ioctl$LOOP_GET_STATUS64(0xffffffffffffffff, 0x4c05, &(0x7f0000000300)) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r3) ioctl$PPPIOCGIDLE(r3, 0x8010743f, &(0x7f0000000140)) [ 736.053302][T22977] slab_unreclaimable 6656000 [ 736.053302][T22977] pgfault 226314 [ 736.053302][T22977] pgmajfault 0 [ 736.053302][T22977] workingset_refault 33 [ 736.053302][T22977] workingset_activate 0 [ 736.053302][T22977] workingset_nodereclaim 0 [ 736.053302][T22977] pgrefill 407 [ 736.053302][T22977] pgscan 4520 [ 736.053302][T22977] pgsteal 4166 06:29:48 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x0, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 736.167212][T22977] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=22933,uid=0 [ 736.191213][T22977] Memory cgroup out of memory: Killed process 22933 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 736.247621][T22987] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 736.283529][T22987] CPU: 0 PID: 22987 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 736.292667][T22987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 736.302737][T22987] Call Trace: [ 736.304009][ T1065] oom_reaper: reaped process 22933 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 736.306027][T22987] dump_stack+0x172/0x1f0 [ 736.306051][T22987] dump_header+0x177/0x1152 [ 736.306073][T22987] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 736.331660][T22987] ? ___ratelimit+0x2c8/0x595 [ 736.336344][T22987] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 736.342157][T22987] ? lockdep_hardirqs_on+0x418/0x5d0 [ 736.347440][T22987] ? trace_hardirqs_on+0x67/0x240 [ 736.352467][T22987] ? pagefault_out_of_memory+0x11c/0x11c [ 736.358107][T22987] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 736.363913][T22987] ? ___ratelimit+0x60/0x595 [ 736.368496][T22987] ? do_raw_spin_unlock+0x57/0x270 [ 736.373614][T22987] oom_kill_process.cold+0x10/0x15 [ 736.378734][T22987] out_of_memory+0x334/0x1340 [ 736.383416][T22987] ? lock_downgrade+0x920/0x920 [ 736.388362][T22987] ? oom_killer_disable+0x280/0x280 [ 736.393577][T22987] mem_cgroup_out_of_memory+0x1d8/0x240 [ 736.399123][T22987] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 736.404759][T22987] ? do_raw_spin_unlock+0x57/0x270 [ 736.409874][T22987] ? _raw_spin_unlock+0x2d/0x50 [ 736.414731][T22987] try_charge+0xf4b/0x1440 [ 736.419161][T22987] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 736.424707][T22987] ? percpu_ref_tryget_live+0x111/0x290 [ 736.430260][T22987] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 736.436508][T22987] ? __kasan_check_read+0x11/0x20 [ 736.441542][T22987] ? get_mem_cgroup_from_mm+0x156/0x320 06:29:48 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 736.447095][T22987] mem_cgroup_try_charge+0x136/0x590 [ 736.452382][T22987] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 736.458626][T22987] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 736.464260][T22987] __handle_mm_fault+0x1e34/0x3f20 [ 736.469382][T22987] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 736.474959][T22987] ? __kasan_check_read+0x11/0x20 [ 736.479996][T22987] handle_mm_fault+0x1b5/0x6c0 [ 736.484768][T22987] __get_user_pages+0x7d4/0x1b30 [ 736.489706][T22987] ? mark_held_locks+0xf0/0xf0 [ 736.494487][T22987] ? follow_page_mask+0x1cf0/0x1cf0 [ 736.499684][T22987] ? __mm_populate+0x270/0x380 [ 736.504455][T22987] ? __kasan_check_write+0x14/0x20 [ 736.509572][T22987] ? down_read+0x109/0x430 [ 736.513995][T22987] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 736.520239][T22987] populate_vma_page_range+0x20d/0x2a0 [ 736.525723][T22987] __mm_populate+0x204/0x380 [ 736.530323][T22987] ? populate_vma_page_range+0x2a0/0x2a0 [ 736.535962][T22987] ? __kasan_check_write+0x14/0x20 [ 736.541075][T22987] ? up_write+0x155/0x490 [ 736.545409][T22987] ? ns_capable_common+0x93/0x100 [ 736.550450][T22987] __x64_sys_mlockall+0x473/0x520 [ 736.555478][T22987] do_syscall_64+0xfa/0x760 [ 736.559991][T22987] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 736.565884][T22987] RIP: 0033:0x459879 [ 736.569781][T22987] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 736.589509][T22987] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 736.597919][T22987] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 736.605889][T22987] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 736.613857][T22987] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 736.621829][T22987] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 736.629802][T22987] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 736.643666][T22987] memory: usage 307192kB, limit 307200kB, failcnt 6184 [ 736.650838][T22987] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 736.657945][T22987] Memory cgroup stats for /syz2: [ 736.658067][T22987] anon 302325760 [ 736.658067][T22987] file 28672 [ 736.658067][T22987] kernel_stack 983040 [ 736.658067][T22987] slab 6733824 [ 736.658067][T22987] sock 0 [ 736.658067][T22987] shmem 0 [ 736.658067][T22987] file_mapped 0 [ 736.658067][T22987] file_dirty 0 [ 736.658067][T22987] file_writeback 0 [ 736.658067][T22987] anon_thp 222298112 [ 736.658067][T22987] inactive_anon 252665856 [ 736.658067][T22987] active_anon 11919360 [ 736.658067][T22987] inactive_file 0 [ 736.658067][T22987] active_file 0 [ 736.658067][T22987] unevictable 37789696 [ 736.658067][T22987] slab_reclaimable 1216512 [ 736.658067][T22987] slab_unreclaimable 5517312 [ 736.658067][T22987] pgfault 826980 [ 736.658067][T22987] pgmajfault 0 [ 736.658067][T22987] workingset_refault 198 [ 736.658067][T22987] workingset_activate 66 [ 736.658067][T22987] workingset_nodereclaim 0 [ 736.658067][T22987] pgrefill 1565 [ 736.658067][T22987] pgscan 1759 06:29:48 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 736.658067][T22987] pgsteal 231 [ 736.752175][T22987] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22950,uid=0 [ 736.787717][T22987] Memory cgroup out of memory: Killed process 22950 (syz-executor.2) total-vm:72708kB, anon-rss:18220kB, file-rss:34828kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 736.817672][T22998] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 736.837578][T22998] CPU: 0 PID: 22998 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 736.846704][T22998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 736.856763][T22998] Call Trace: [ 736.860060][T22998] dump_stack+0x172/0x1f0 [ 736.864398][T22998] dump_header+0x177/0x1152 [ 736.868902][T22998] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 736.874703][T22998] ? ___ratelimit+0x2c8/0x595 [ 736.879380][T22998] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 736.885184][T22998] ? lockdep_hardirqs_on+0x418/0x5d0 [ 736.890469][T22998] ? trace_hardirqs_on+0x67/0x240 [ 736.895498][T22998] ? pagefault_out_of_memory+0x11c/0x11c [ 736.901138][T22998] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 736.906947][T22998] ? ___ratelimit+0x60/0x595 [ 736.911537][T22998] ? do_raw_spin_unlock+0x57/0x270 [ 736.916652][T22998] oom_kill_process.cold+0x10/0x15 [ 736.921878][T22998] out_of_memory+0x334/0x1340 [ 736.926553][T22998] ? lock_downgrade+0x920/0x920 [ 736.931408][T22998] ? oom_killer_disable+0x280/0x280 [ 736.936621][T22998] mem_cgroup_out_of_memory+0x1d8/0x240 [ 736.942177][T22998] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 736.947819][T22998] ? do_raw_spin_unlock+0x57/0x270 [ 736.952937][T22998] ? _raw_spin_unlock+0x2d/0x50 [ 736.957796][T22998] try_charge+0xf4b/0x1440 [ 736.962227][T22998] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 736.967780][T22998] ? percpu_ref_tryget_live+0x111/0x290 [ 736.973338][T22998] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 736.979589][T22998] ? __kasan_check_read+0x11/0x20 [ 736.984630][T22998] ? get_mem_cgroup_from_mm+0x156/0x320 [ 736.990182][T22998] mem_cgroup_try_charge+0x136/0x590 [ 736.993692][ T1065] oom_reaper: reaped process 22950 (syz-executor.2), now anon-rss:0kB, file-rss:34828kB, shmem-rss:0kB [ 736.995467][T22998] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 736.995490][T22998] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 737.018335][T22998] __handle_mm_fault+0x1e34/0x3f20 [ 737.023470][T22998] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 737.029033][T22998] ? __kasan_check_read+0x11/0x20 [ 737.034085][T22998] handle_mm_fault+0x1b5/0x6c0 [ 737.038851][T22998] __get_user_pages+0x7d4/0x1b30 [ 737.038867][T22998] ? mark_held_locks+0xf0/0xf0 [ 737.038891][T22998] ? follow_page_mask+0x1cf0/0x1cf0 [ 737.038901][T22998] ? __mm_populate+0x270/0x380 [ 737.038922][T22998] ? __kasan_check_write+0x14/0x20 [ 737.063643][T22998] ? down_read+0x109/0x430 [ 737.063660][T22998] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 737.063680][T22998] populate_vma_page_range+0x20d/0x2a0 [ 737.079757][T22998] __mm_populate+0x204/0x380 [ 737.084355][T22998] ? populate_vma_page_range+0x2a0/0x2a0 [ 737.089990][T22998] ? __kasan_check_write+0x14/0x20 [ 737.095102][T22998] ? up_write+0x155/0x490 [ 737.099434][T22998] ? ns_capable_common+0x93/0x100 [ 737.104464][T22998] __x64_sys_mlockall+0x473/0x520 [ 737.109493][T22998] do_syscall_64+0xfa/0x760 [ 737.114004][T22998] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 737.119894][T22998] RIP: 0033:0x459879 [ 737.123791][T22998] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 737.143398][T22998] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 737.151813][T22998] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 737.159790][T22998] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 737.167768][T22998] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 737.175748][T22998] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 737.183722][T22998] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 737.230629][T22998] memory: usage 307184kB, limit 307200kB, failcnt 5535 [ 737.237914][T22998] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 737.245059][T22998] Memory cgroup stats for /syz3: [ 737.245168][T22998] anon 301068288 [ 737.245168][T22998] file 0 [ 737.245168][T22998] kernel_stack 917504 [ 737.245168][T22998] slab 8007680 [ 737.245168][T22998] sock 0 [ 737.245168][T22998] shmem 0 [ 737.245168][T22998] file_mapped 0 [ 737.245168][T22998] file_dirty 0 [ 737.245168][T22998] file_writeback 0 [ 737.245168][T22998] anon_thp 199229440 [ 737.245168][T22998] inactive_anon 250728448 [ 737.245168][T22998] active_anon 18231296 [ 737.245168][T22998] inactive_file 0 [ 737.245168][T22998] active_file 0 [ 737.245168][T22998] unevictable 32497664 [ 737.245168][T22998] slab_reclaimable 1351680 [ 737.245168][T22998] slab_unreclaimable 6656000 [ 737.245168][T22998] pgfault 817905 [ 737.245168][T22998] pgmajfault 0 [ 737.245168][T22998] workingset_refault 132 [ 737.245168][T22998] workingset_activate 66 [ 737.245168][T22998] workingset_nodereclaim 0 [ 737.245168][T22998] pgrefill 796 [ 737.245168][T22998] pgscan 865 [ 737.245168][T22998] pgsteal 165 [ 737.340687][T22998] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22967,uid=0 [ 737.356727][T22998] Memory cgroup out of memory: Killed process 22967 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 737.440319][ T1065] oom_reaper: reaped process 22967 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 737.675198][T22987] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 737.698421][T22987] CPU: 1 PID: 22987 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 737.707540][T22987] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 737.717590][T22987] Call Trace: [ 737.720886][T22987] dump_stack+0x172/0x1f0 [ 737.725219][T22987] dump_header+0x177/0x1152 [ 737.729724][T22987] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 737.735520][T22987] ? ___ratelimit+0x2c8/0x595 [ 737.740189][T22987] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 737.745996][T22987] ? lockdep_hardirqs_on+0x418/0x5d0 [ 737.751284][T22987] ? trace_hardirqs_on+0x67/0x240 [ 737.756312][T22987] ? pagefault_out_of_memory+0x11c/0x11c [ 737.761945][T22987] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 737.767755][T22987] ? ___ratelimit+0x60/0x595 [ 737.772345][T22987] ? do_raw_spin_unlock+0x57/0x270 [ 737.777462][T22987] oom_kill_process.cold+0x10/0x15 [ 737.782583][T22987] out_of_memory+0x334/0x1340 [ 737.787261][T22987] ? lock_downgrade+0x920/0x920 [ 737.792117][T22987] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 737.797960][T22987] ? oom_killer_disable+0x280/0x280 [ 737.803179][T22987] mem_cgroup_out_of_memory+0x1d8/0x240 [ 737.808756][T22987] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 737.814397][T22987] ? do_raw_spin_unlock+0x57/0x270 [ 737.819513][T22987] ? _raw_spin_unlock+0x2d/0x50 [ 737.824375][T22987] try_charge+0xf4b/0x1440 [ 737.828811][T22987] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 737.834359][T22987] ? percpu_ref_tryget_live+0x111/0x290 [ 737.839910][T22987] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 737.846151][T22987] ? __kasan_check_read+0x11/0x20 [ 737.851197][T22987] ? get_mem_cgroup_from_mm+0x156/0x320 [ 737.856745][T22987] mem_cgroup_try_charge+0x136/0x590 [ 737.862031][T22987] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 737.868277][T22987] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 737.873913][T22987] __handle_mm_fault+0x1e34/0x3f20 [ 737.879028][T22987] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 737.884606][T22987] ? __kasan_check_read+0x11/0x20 [ 737.889639][T22987] handle_mm_fault+0x1b5/0x6c0 [ 737.894422][T22987] __get_user_pages+0x7d4/0x1b30 [ 737.899361][T22987] ? mark_held_locks+0xf0/0xf0 [ 737.904142][T22987] ? follow_page_mask+0x1cf0/0x1cf0 [ 737.909347][T22987] ? __mm_populate+0x270/0x380 [ 737.914125][T22987] ? memset+0x32/0x40 [ 737.918123][T22987] populate_vma_page_range+0x20d/0x2a0 [ 737.923579][T22987] __mm_populate+0x204/0x380 [ 737.928170][T22987] ? populate_vma_page_range+0x2a0/0x2a0 [ 737.933780][T22987] ? up_write+0x1c8/0x490 [ 737.938107][T22987] __x64_sys_mremap+0x7dc/0xb80 [ 737.942956][T22987] ? mremap_to+0x750/0x750 [ 737.947405][T22987] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 737.952877][T22987] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 737.958332][T22987] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 737.964391][T22987] ? do_syscall_64+0x26/0x760 [ 737.969066][T22987] ? lockdep_hardirqs_on+0x418/0x5d0 [ 737.974383][T22987] ? trace_hardirqs_on+0x67/0x240 [ 737.979408][T22987] do_syscall_64+0xfa/0x760 [ 737.983893][T22987] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 737.989763][T22987] RIP: 0033:0x459879 [ 737.993636][T22987] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 738.013242][T22987] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 738.021637][T22987] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 738.029588][T22987] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 738.037540][T22987] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 738.045489][T22987] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 738.053437][T22987] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 738.061876][T22987] memory: usage 307200kB, limit 307200kB, failcnt 6205 [ 738.068783][T22987] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 738.075656][T22987] Memory cgroup stats for /syz2: [ 738.075738][T22987] anon 302239744 [ 738.075738][T22987] file 28672 [ 738.075738][T22987] kernel_stack 983040 [ 738.075738][T22987] slab 6733824 [ 738.075738][T22987] sock 0 [ 738.075738][T22987] shmem 0 [ 738.075738][T22987] file_mapped 0 [ 738.075738][T22987] file_dirty 0 [ 738.075738][T22987] file_writeback 0 [ 738.075738][T22987] anon_thp 222298112 [ 738.075738][T22987] inactive_anon 247455744 [ 738.075738][T22987] active_anon 11919360 [ 738.075738][T22987] inactive_file 0 [ 738.075738][T22987] active_file 0 [ 738.075738][T22987] unevictable 42938368 [ 738.075738][T22987] slab_reclaimable 1216512 [ 738.075738][T22987] slab_unreclaimable 5517312 [ 738.075738][T22987] pgfault 828201 [ 738.075738][T22987] pgmajfault 0 [ 738.075738][T22987] workingset_refault 198 [ 738.075738][T22987] workingset_activate 66 [ 738.075738][T22987] workingset_nodereclaim 0 [ 738.075738][T22987] pgrefill 1565 [ 738.075738][T22987] pgscan 1759 [ 738.075738][T22987] pgsteal 231 [ 738.169746][T22987] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=22986,uid=0 [ 738.185336][T22987] Memory cgroup out of memory: Killed process 22986 (syz-executor.2) total-vm:72700kB, anon-rss:18016kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 738.204084][ T1065] oom_reaper: reaped process 22986 (syz-executor.2), now anon-rss:18008kB, file-rss:54332kB, shmem-rss:0kB [ 738.207539][T22998] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 738.226796][T22998] CPU: 0 PID: 22998 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 738.235908][T22998] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 738.245963][T22998] Call Trace: [ 738.249263][T22998] dump_stack+0x172/0x1f0 [ 738.253598][T22998] dump_header+0x177/0x1152 [ 738.258102][T22998] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 738.263905][T22998] ? ___ratelimit+0x2c8/0x595 [ 738.268589][T22998] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 738.274399][T22998] ? lockdep_hardirqs_on+0x418/0x5d0 [ 738.279696][T22998] ? trace_hardirqs_on+0x67/0x240 [ 738.284721][T22998] ? pagefault_out_of_memory+0x11c/0x11c [ 738.290365][T22998] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 738.296165][T22998] ? ___ratelimit+0x60/0x595 [ 738.300754][T22998] ? do_raw_spin_unlock+0x57/0x270 [ 738.305873][T22998] oom_kill_process.cold+0x10/0x15 [ 738.310978][T22998] out_of_memory+0x334/0x1340 [ 738.315630][T22998] ? lock_downgrade+0x920/0x920 [ 738.320466][T22998] ? oom_killer_disable+0x280/0x280 [ 738.325651][T22998] mem_cgroup_out_of_memory+0x1d8/0x240 [ 738.331177][T22998] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 738.336829][T22998] ? do_raw_spin_unlock+0x57/0x270 [ 738.341920][T22998] ? _raw_spin_unlock+0x2d/0x50 [ 738.346750][T22998] try_charge+0xf4b/0x1440 [ 738.351149][T22998] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 738.356920][T22998] ? percpu_ref_tryget_live+0x111/0x290 [ 738.362443][T22998] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 738.368662][T22998] ? __kasan_check_read+0x11/0x20 [ 738.373664][T22998] ? get_mem_cgroup_from_mm+0x156/0x320 [ 738.379185][T22998] mem_cgroup_try_charge+0x136/0x590 [ 738.384446][T22998] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 738.390666][T22998] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 738.396297][T22998] wp_page_copy+0x41e/0x1590 [ 738.400867][T22998] ? find_held_lock+0x35/0x130 [ 738.405610][T22998] ? pmd_pfn+0x1d0/0x1d0 [ 738.409833][T22998] ? lock_downgrade+0x920/0x920 [ 738.414700][T22998] ? swp_swapcount+0x540/0x540 [ 738.419440][T22998] ? __kasan_check_read+0x11/0x20 [ 738.424701][T22998] ? do_raw_spin_unlock+0x57/0x270 [ 738.429792][T22998] do_wp_page+0x499/0x14d0 [ 738.434195][T22998] ? finish_mkwrite_fault+0x570/0x570 [ 738.439550][T22998] __handle_mm_fault+0x22f1/0x3f20 [ 738.444643][T22998] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 738.450169][T22998] ? __kasan_check_read+0x11/0x20 [ 738.455174][T22998] handle_mm_fault+0x1b5/0x6c0 [ 738.459917][T22998] __get_user_pages+0x7d4/0x1b30 [ 738.464829][T22998] ? mark_held_locks+0xf0/0xf0 [ 738.469576][T22998] ? follow_page_mask+0x1cf0/0x1cf0 [ 738.474761][T22998] ? __mm_populate+0x270/0x380 [ 738.479503][T22998] ? __kasan_check_write+0x14/0x20 [ 738.484588][T22998] ? down_read+0x109/0x430 [ 738.488984][T22998] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 738.495200][T22998] populate_vma_page_range+0x20d/0x2a0 [ 738.500655][T22998] __mm_populate+0x204/0x380 [ 738.505224][T22998] ? populate_vma_page_range+0x2a0/0x2a0 [ 738.510832][T22998] ? __kasan_check_write+0x14/0x20 [ 738.515930][T22998] ? up_write+0x155/0x490 [ 738.520236][T22998] ? ns_capable_common+0x93/0x100 [ 738.525238][T22998] __x64_sys_mlockall+0x473/0x520 [ 738.530241][T22998] do_syscall_64+0xfa/0x760 [ 738.534747][T22998] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 738.540612][T22998] RIP: 0033:0x459879 [ 738.544485][T22998] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 738.564063][T22998] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 06:29:50 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140)='/dev/hwrng\x00', 0x0, 0x0) ioctl$FIONREAD(r2, 0x541b, &(0x7f0000000280)) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:50 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x10c, 0x0) 06:29:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:50 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:50 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08e1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 738.572450][T22998] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 738.580488][T22998] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 738.588433][T22998] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 738.596382][T22998] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 738.604332][T22998] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 738.614226][T22998] memory: usage 307200kB, limit 307200kB, failcnt 5570 [ 738.621293][T22998] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 738.659246][T22998] Memory cgroup stats for /syz3: [ 738.659382][T22998] anon 300998656 [ 738.659382][T22998] file 0 [ 738.659382][T22998] kernel_stack 1048576 [ 738.659382][T22998] slab 8007680 [ 738.659382][T22998] sock 0 [ 738.659382][T22998] shmem 0 [ 738.659382][T22998] file_mapped 0 [ 738.659382][T22998] file_dirty 0 [ 738.659382][T22998] file_writeback 0 [ 738.659382][T22998] anon_thp 199229440 [ 738.659382][T22998] inactive_anon 249544704 [ 738.659382][T22998] active_anon 18231296 [ 738.659382][T22998] inactive_file 0 [ 738.659382][T22998] active_file 0 [ 738.659382][T22998] unevictable 33304576 [ 738.659382][T22998] slab_reclaimable 1351680 [ 738.659382][T22998] slab_unreclaimable 6656000 [ 738.659382][T22998] pgfault 821172 [ 738.659382][T22998] pgmajfault 0 [ 738.659382][T22998] workingset_refault 132 [ 738.659382][T22998] workingset_activate 66 [ 738.659382][T22998] workingset_nodereclaim 0 [ 738.659382][T22998] pgrefill 862 [ 738.659382][T22998] pgscan 898 [ 738.659382][T22998] pgsteal 165 [ 738.773910][T22998] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=22997,uid=0 06:29:50 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 738.813913][T22998] Memory cgroup out of memory: Killed process 22997 (syz-executor.3) total-vm:72832kB, anon-rss:18224kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 738.858102][ T1065] oom_reaper: reaped process 22997 (syz-executor.3), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB 06:29:50 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, 0x0) move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 738.866368][T23032] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 738.888310][T23032] CPU: 0 PID: 23032 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 738.897433][T23032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 738.897440][T23032] Call Trace: [ 738.897462][T23032] dump_stack+0x172/0x1f0 [ 738.897482][T23032] dump_header+0x177/0x1152 [ 738.897499][T23032] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 738.897511][T23032] ? ___ratelimit+0x2c8/0x595 [ 738.897525][T23032] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 738.897541][T23032] ? lockdep_hardirqs_on+0x418/0x5d0 [ 738.897557][T23032] ? trace_hardirqs_on+0x67/0x240 [ 738.897571][T23032] ? pagefault_out_of_memory+0x11c/0x11c [ 738.897592][T23032] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 738.897606][T23032] ? ___ratelimit+0x60/0x595 [ 738.897618][T23032] ? do_raw_spin_unlock+0x57/0x270 [ 738.897636][T23032] oom_kill_process.cold+0x10/0x15 [ 738.897653][T23032] out_of_memory+0x334/0x1340 [ 738.897668][T23032] ? lock_downgrade+0x920/0x920 [ 738.897686][T23032] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 738.897708][T23032] ? oom_killer_disable+0x280/0x280 [ 738.915335][T23032] mem_cgroup_out_of_memory+0x1d8/0x240 [ 738.915351][T23032] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 738.915371][T23032] ? do_raw_spin_unlock+0x57/0x270 [ 738.925641][T23032] ? _raw_spin_unlock+0x2d/0x50 [ 738.925663][T23032] try_charge+0xf4b/0x1440 [ 738.925692][T23032] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 738.941394][T23032] ? percpu_ref_tryget_live+0x111/0x290 [ 738.941415][T23032] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 738.941432][T23032] ? __kasan_check_read+0x11/0x20 [ 738.941453][T23032] ? get_mem_cgroup_from_mm+0x156/0x320 [ 738.941472][T23032] mem_cgroup_try_charge+0x136/0x590 [ 738.941484][T23032] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 738.941502][T23032] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 738.952121][T23032] __handle_mm_fault+0x1e34/0x3f20 [ 738.952143][T23032] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 738.952174][T23032] ? __kasan_check_read+0x11/0x20 [ 738.952198][T23032] handle_mm_fault+0x1b5/0x6c0 [ 738.952215][T23032] __get_user_pages+0x7d4/0x1b30 [ 738.952229][T23032] ? mark_held_locks+0xf0/0xf0 [ 738.952254][T23032] ? follow_page_mask+0x1cf0/0x1cf0 [ 738.952266][T23032] ? __mm_populate+0x270/0x380 [ 738.952286][T23032] ? __kasan_check_write+0x14/0x20 [ 738.952305][T23032] ? down_read+0x109/0x430 [ 738.967745][T23032] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 738.967768][T23032] populate_vma_page_range+0x20d/0x2a0 [ 738.967788][T23032] __mm_populate+0x204/0x380 [ 738.967807][T23032] ? populate_vma_page_range+0x2a0/0x2a0 [ 738.967822][T23032] ? __kasan_check_write+0x14/0x20 [ 738.967835][T23032] ? up_write+0x155/0x490 [ 738.967851][T23032] ? ns_capable_common+0x93/0x100 [ 738.977618][T23032] __x64_sys_mlockall+0x473/0x520 [ 738.977637][T23032] do_syscall_64+0xfa/0x760 [ 738.977659][T23032] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 738.977670][T23032] RIP: 0033:0x459879 [ 738.977685][T23032] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 738.977692][T23032] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 738.977705][T23032] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 738.977712][T23032] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 738.977721][T23032] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 06:29:51 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) getsockopt$EBT_SO_GET_INIT_INFO(r2, 0x0, 0x82, &(0x7f0000000280)={'nat\x00'}, &(0x7f0000000100)=0x78) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) [ 738.977729][T23032] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 738.977737][T23032] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 739.202975][T23032] memory: usage 307200kB, limit 307200kB, failcnt 6219 [ 739.263030][T23032] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 739.281307][T23032] Memory cgroup stats for /syz2: [ 739.281422][T23032] anon 302366720 [ 739.281422][T23032] file 28672 [ 739.281422][T23032] kernel_stack 983040 [ 739.281422][T23032] slab 6733824 [ 739.281422][T23032] sock 0 [ 739.281422][T23032] shmem 0 [ 739.281422][T23032] file_mapped 0 [ 739.281422][T23032] file_dirty 0 [ 739.281422][T23032] file_writeback 0 [ 739.281422][T23032] anon_thp 220200960 [ 739.281422][T23032] inactive_anon 254738432 [ 739.281422][T23032] active_anon 11915264 [ 739.281422][T23032] inactive_file 0 06:29:51 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:51 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 739.281422][T23032] active_file 0 [ 739.281422][T23032] unevictable 35708928 [ 739.281422][T23032] slab_reclaimable 1216512 [ 739.281422][T23032] slab_unreclaimable 5517312 [ 739.281422][T23032] pgfault 829356 [ 739.281422][T23032] pgmajfault 0 [ 739.281422][T23032] workingset_refault 198 [ 739.281422][T23032] workingset_activate 66 [ 739.281422][T23032] workingset_nodereclaim 0 [ 739.281422][T23032] pgrefill 1565 [ 739.281422][T23032] pgscan 1759 [ 739.281422][T23032] pgsteal 231 [ 739.487767][T23032] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23013,uid=0 06:29:51 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:51 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 739.534251][T23032] Memory cgroup out of memory: Killed process 23013 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 739.769850][T23040] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 739.812298][T23040] CPU: 1 PID: 23040 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 739.821431][T23040] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 739.831479][T23040] Call Trace: [ 739.834775][T23040] dump_stack+0x172/0x1f0 [ 739.839105][T23040] dump_header+0x177/0x1152 [ 739.843712][T23040] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 739.849522][T23040] ? ___ratelimit+0x2c8/0x595 [ 739.854205][T23040] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 739.860014][T23040] ? lockdep_hardirqs_on+0x418/0x5d0 [ 739.865303][T23040] ? trace_hardirqs_on+0x67/0x240 [ 739.870330][T23040] ? pagefault_out_of_memory+0x11c/0x11c [ 739.875967][T23040] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 739.881798][T23040] ? ___ratelimit+0x60/0x595 [ 739.886388][T23040] ? do_raw_spin_unlock+0x57/0x270 [ 739.891500][T23040] oom_kill_process.cold+0x10/0x15 [ 739.896612][T23040] out_of_memory+0x334/0x1340 [ 739.901376][T23040] ? lock_downgrade+0x920/0x920 [ 739.906233][T23040] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 739.912049][T23040] ? oom_killer_disable+0x280/0x280 [ 739.917259][T23040] mem_cgroup_out_of_memory+0x1d8/0x240 [ 739.922813][T23040] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 739.928449][T23040] ? do_raw_spin_unlock+0x57/0x270 [ 739.933564][T23040] ? _raw_spin_unlock+0x2d/0x50 [ 739.938419][T23040] try_charge+0xf4b/0x1440 [ 739.942846][T23040] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 739.948388][T23040] ? percpu_ref_tryget_live+0x111/0x290 [ 739.953940][T23040] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 739.960190][T23040] ? __kasan_check_read+0x11/0x20 [ 739.965220][T23040] ? get_mem_cgroup_from_mm+0x156/0x320 [ 739.970771][T23040] mem_cgroup_try_charge+0x136/0x590 [ 739.976061][T23040] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 739.982304][T23040] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 739.987949][T23040] wp_page_copy+0x41e/0x1590 [ 739.992558][T23040] ? find_held_lock+0x35/0x130 [ 739.997335][T23040] ? pmd_pfn+0x1d0/0x1d0 [ 740.001585][T23040] ? lock_downgrade+0x920/0x920 [ 740.006440][T23040] ? swp_swapcount+0x540/0x540 [ 740.011207][T23040] ? __kasan_check_read+0x11/0x20 [ 740.016249][T23040] ? do_raw_spin_unlock+0x57/0x270 [ 740.021370][T23040] do_wp_page+0x499/0x14d0 [ 740.025792][T23040] ? finish_mkwrite_fault+0x570/0x570 [ 740.031178][T23040] __handle_mm_fault+0x22f1/0x3f20 [ 740.036297][T23040] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 740.041856][T23040] ? __kasan_check_read+0x11/0x20 [ 740.046891][T23040] handle_mm_fault+0x1b5/0x6c0 [ 740.051657][T23040] __get_user_pages+0x7d4/0x1b30 [ 740.056682][T23040] ? mark_held_locks+0xf0/0xf0 [ 740.061457][T23040] ? follow_page_mask+0x1cf0/0x1cf0 [ 740.066649][T23040] ? __mm_populate+0x270/0x380 [ 740.071416][T23040] ? __kasan_check_write+0x14/0x20 [ 740.076527][T23040] ? down_read+0x109/0x430 [ 740.080947][T23040] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 740.087194][T23040] populate_vma_page_range+0x20d/0x2a0 [ 740.092660][T23040] __mm_populate+0x204/0x380 [ 740.097253][T23040] ? populate_vma_page_range+0x2a0/0x2a0 [ 740.102889][T23040] ? __kasan_check_write+0x14/0x20 [ 740.108001][T23040] ? up_write+0x155/0x490 [ 740.112328][T23040] ? ns_capable_common+0x93/0x100 [ 740.117357][T23040] __x64_sys_mlockall+0x473/0x520 [ 740.122390][T23040] do_syscall_64+0xfa/0x760 [ 740.126903][T23040] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 740.132790][T23040] RIP: 0033:0x459879 [ 740.136688][T23040] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 740.156295][T23040] RSP: 002b:00007f4e2a90cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 740.164717][T23040] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 740.172709][T23040] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 740.180685][T23040] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 740.188656][T23040] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a90d6d4 [ 740.196626][T23040] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 740.210530][T23040] memory: usage 307200kB, limit 307200kB, failcnt 2085 [ 740.217633][T23040] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 740.234274][T23040] Memory cgroup stats for /syz1: [ 740.234394][T23040] anon 297615360 [ 740.234394][T23040] file 122880 [ 740.234394][T23040] kernel_stack 983040 [ 740.234394][T23040] slab 11984896 [ 740.234394][T23040] sock 0 [ 740.234394][T23040] shmem 61440 [ 740.234394][T23040] file_mapped 0 [ 740.234394][T23040] file_dirty 0 [ 740.234394][T23040] file_writeback 0 [ 740.234394][T23040] anon_thp 136314880 [ 740.234394][T23040] inactive_anon 254312448 [ 740.234394][T23040] active_anon 5550080 [ 740.234394][T23040] inactive_file 90112 [ 740.234394][T23040] active_file 135168 [ 740.234394][T23040] unevictable 37838848 [ 740.234394][T23040] slab_reclaimable 5812224 [ 740.234394][T23040] slab_unreclaimable 6172672 [ 740.234394][T23040] pgfault 231924 [ 740.234394][T23040] pgmajfault 0 [ 740.234394][T23040] workingset_refault 33 [ 740.234394][T23040] workingset_activate 0 [ 740.234394][T23040] workingset_nodereclaim 0 [ 740.234394][T23040] pgrefill 407 [ 740.234394][T23040] pgscan 4520 [ 740.234394][T23040] pgsteal 4166 [ 740.344209][T23040] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=23021,uid=0 [ 740.393445][T23040] Memory cgroup out of memory: Killed process 23021 (syz-executor.1) total-vm:72832kB, anon-rss:18152kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 740.419238][ T1065] oom_reaper: reaped process 23021 (syz-executor.1), now anon-rss:18160kB, file-rss:54332kB, shmem-rss:0kB [ 740.436490][T23057] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 740.467559][T23057] CPU: 1 PID: 23057 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 740.476692][T23057] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 740.486755][T23057] Call Trace: [ 740.490058][T23057] dump_stack+0x172/0x1f0 [ 740.494398][T23057] dump_header+0x177/0x1152 [ 740.498908][T23057] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 740.504717][T23057] ? ___ratelimit+0x2c8/0x595 [ 740.509402][T23057] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 740.515216][T23057] ? lockdep_hardirqs_on+0x418/0x5d0 [ 740.520487][T23057] ? trace_hardirqs_on+0x67/0x240 [ 740.525498][T23057] ? pagefault_out_of_memory+0x11c/0x11c [ 740.531123][T23057] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 740.536911][T23057] ? ___ratelimit+0x60/0x595 [ 740.541483][T23057] ? do_raw_spin_unlock+0x57/0x270 [ 740.546577][T23057] oom_kill_process.cold+0x10/0x15 [ 740.551673][T23057] out_of_memory+0x334/0x1340 [ 740.556334][T23057] ? lock_downgrade+0x920/0x920 [ 740.561172][T23057] ? oom_killer_disable+0x280/0x280 [ 740.566372][T23057] mem_cgroup_out_of_memory+0x1d8/0x240 [ 740.571899][T23057] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 740.577516][T23057] ? do_raw_spin_unlock+0x57/0x270 [ 740.582609][T23057] ? _raw_spin_unlock+0x2d/0x50 [ 740.587466][T23057] try_charge+0xf4b/0x1440 [ 740.591870][T23057] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 740.597395][T23057] ? percpu_ref_tryget_live+0x111/0x290 [ 740.602922][T23057] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 740.609150][T23057] ? __kasan_check_read+0x11/0x20 [ 740.614174][T23057] ? get_mem_cgroup_from_mm+0x156/0x320 [ 740.619703][T23057] mem_cgroup_try_charge+0x136/0x590 [ 740.624982][T23057] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 740.631207][T23057] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 740.636824][T23057] wp_page_copy+0x41e/0x1590 [ 740.641399][T23057] ? find_held_lock+0x35/0x130 [ 740.646156][T23057] ? pmd_pfn+0x1d0/0x1d0 [ 740.650381][T23057] ? lock_downgrade+0x920/0x920 [ 740.655213][T23057] ? swp_swapcount+0x540/0x540 [ 740.660072][T23057] ? __kasan_check_read+0x11/0x20 [ 740.665086][T23057] ? do_raw_spin_unlock+0x57/0x270 [ 740.670190][T23057] do_wp_page+0x499/0x14d0 [ 740.674590][T23057] ? finish_mkwrite_fault+0x570/0x570 [ 740.680038][T23057] __handle_mm_fault+0x22f1/0x3f20 [ 740.685138][T23057] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 740.690672][T23057] ? __kasan_check_read+0x11/0x20 [ 740.695684][T23057] handle_mm_fault+0x1b5/0x6c0 [ 740.700450][T23057] __get_user_pages+0x7d4/0x1b30 [ 740.705368][T23057] ? mark_held_locks+0xf0/0xf0 [ 740.710136][T23057] ? follow_page_mask+0x1cf0/0x1cf0 [ 740.715322][T23057] ? __mm_populate+0x270/0x380 [ 740.720073][T23057] ? __kasan_check_write+0x14/0x20 [ 740.725252][T23057] ? down_read+0x109/0x430 [ 740.729650][T23057] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 740.735873][T23057] populate_vma_page_range+0x20d/0x2a0 [ 740.741326][T23057] __mm_populate+0x204/0x380 [ 740.745902][T23057] ? populate_vma_page_range+0x2a0/0x2a0 [ 740.751519][T23057] ? __kasan_check_write+0x14/0x20 [ 740.756611][T23057] ? up_write+0x155/0x490 [ 740.760924][T23057] ? ns_capable_common+0x93/0x100 [ 740.765937][T23057] __x64_sys_mlockall+0x473/0x520 [ 740.770944][T23057] do_syscall_64+0xfa/0x760 [ 740.775436][T23057] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 740.781309][T23057] RIP: 0033:0x459879 [ 740.785189][T23057] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 740.804770][T23057] RSP: 002b:00007fc0ba507c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 740.813167][T23057] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 740.821129][T23057] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 740.829082][T23057] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 740.837032][T23057] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5086d4 [ 740.844983][T23057] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 740.946730][T23057] memory: usage 307176kB, limit 307200kB, failcnt 5605 [ 740.959267][T23057] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 740.966250][T23057] Memory cgroup stats for /syz3: [ 740.966351][T23057] anon 300924928 [ 740.966351][T23057] file 0 [ 740.966351][T23057] kernel_stack 1048576 [ 740.966351][T23057] slab 8007680 [ 740.966351][T23057] sock 0 [ 740.966351][T23057] shmem 0 [ 740.966351][T23057] file_mapped 0 [ 740.966351][T23057] file_dirty 0 [ 740.966351][T23057] file_writeback 0 [ 740.966351][T23057] anon_thp 197132288 [ 740.966351][T23057] inactive_anon 247377920 [ 740.966351][T23057] active_anon 18124800 [ 740.966351][T23057] inactive_file 0 [ 740.966351][T23057] active_file 0 [ 740.966351][T23057] unevictable 35356672 [ 740.966351][T23057] slab_reclaimable 1351680 [ 740.966351][T23057] slab_unreclaimable 6656000 [ 740.966351][T23057] pgfault 827541 [ 740.966351][T23057] pgmajfault 0 [ 740.966351][T23057] workingset_refault 132 [ 740.966351][T23057] workingset_activate 66 [ 740.966351][T23057] workingset_nodereclaim 0 [ 740.966351][T23057] pgrefill 895 [ 740.966351][T23057] pgscan 898 [ 740.966351][T23057] pgsteal 165 [ 741.063482][T23057] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23042,uid=0 [ 741.079090][T23057] Memory cgroup out of memory: Killed process 23042 (syz-executor.3) total-vm:72832kB, anon-rss:18220kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 741.098092][ T1065] oom_reaper: reaped process 23042 (syz-executor.3), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 741.111976][T23032] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 741.128988][T23032] CPU: 1 PID: 23032 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 741.138110][T23032] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 741.148267][T23032] Call Trace: [ 741.151573][T23032] dump_stack+0x172/0x1f0 [ 741.155913][T23032] dump_header+0x177/0x1152 [ 741.160444][T23032] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 741.166261][T23032] ? ___ratelimit+0x2c8/0x595 [ 741.170944][T23032] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 741.176761][T23032] ? lockdep_hardirqs_on+0x418/0x5d0 [ 741.182059][T23032] ? trace_hardirqs_on+0x67/0x240 [ 741.187087][T23032] ? pagefault_out_of_memory+0x11c/0x11c [ 741.192723][T23032] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 741.198532][T23032] ? ___ratelimit+0x60/0x595 [ 741.203118][T23032] ? do_raw_spin_unlock+0x57/0x270 [ 741.208236][T23032] oom_kill_process.cold+0x10/0x15 [ 741.213350][T23032] out_of_memory+0x334/0x1340 [ 741.218021][T23032] ? lock_downgrade+0x920/0x920 [ 741.222923][T23032] ? oom_killer_disable+0x280/0x280 [ 741.228147][T23032] mem_cgroup_out_of_memory+0x1d8/0x240 [ 741.233712][T23032] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 741.239337][T23032] ? do_raw_spin_unlock+0x57/0x270 [ 741.244438][T23032] ? _raw_spin_unlock+0x2d/0x50 [ 741.249289][T23032] try_charge+0xf4b/0x1440 [ 741.253736][T23032] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 741.259258][T23032] ? percpu_ref_tryget_live+0x111/0x290 [ 741.264785][T23032] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 741.271004][T23032] ? __kasan_check_read+0x11/0x20 [ 741.276008][T23032] ? get_mem_cgroup_from_mm+0x156/0x320 [ 741.281568][T23032] mem_cgroup_try_charge+0x136/0x590 [ 741.286831][T23032] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 741.293051][T23032] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 741.298664][T23032] __handle_mm_fault+0x1e34/0x3f20 [ 741.303753][T23032] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 741.309285][T23032] ? __kasan_check_read+0x11/0x20 [ 741.314298][T23032] handle_mm_fault+0x1b5/0x6c0 [ 741.319136][T23032] __get_user_pages+0x7d4/0x1b30 [ 741.324138][T23032] ? mark_held_locks+0xf0/0xf0 [ 741.328903][T23032] ? follow_page_mask+0x1cf0/0x1cf0 [ 741.334087][T23032] ? __mm_populate+0x270/0x380 [ 741.338835][T23032] ? memset+0x32/0x40 [ 741.342797][T23032] populate_vma_page_range+0x20d/0x2a0 [ 741.348244][T23032] __mm_populate+0x204/0x380 [ 741.352816][T23032] ? populate_vma_page_range+0x2a0/0x2a0 [ 741.358431][T23032] ? up_write+0x1c8/0x490 [ 741.362742][T23032] __x64_sys_mremap+0x7dc/0xb80 [ 741.367572][T23032] ? mremap_to+0x750/0x750 [ 741.371972][T23032] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 741.377404][T23032] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 741.382839][T23032] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 741.388896][T23032] ? do_syscall_64+0x26/0x760 [ 741.393550][T23032] ? lockdep_hardirqs_on+0x418/0x5d0 [ 741.398812][T23032] ? trace_hardirqs_on+0x67/0x240 [ 741.403837][T23032] do_syscall_64+0xfa/0x760 [ 741.408321][T23032] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 741.414187][T23032] RIP: 0033:0x459879 [ 741.418056][T23032] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 741.437651][T23032] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 741.446045][T23032] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 741.454019][T23032] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 741.461972][T23032] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 741.469955][T23032] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 741.477957][T23032] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 741.497339][T23032] memory: usage 307076kB, limit 307200kB, failcnt 6239 [ 741.509315][T23032] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 741.519202][T23032] Memory cgroup stats for /syz2: [ 741.519323][T23032] anon 302780416 [ 741.519323][T23032] file 28672 [ 741.519323][T23032] kernel_stack 983040 [ 741.519323][T23032] slab 6176768 [ 741.519323][T23032] sock 0 [ 741.519323][T23032] shmem 0 [ 741.519323][T23032] file_mapped 0 [ 741.519323][T23032] file_dirty 0 [ 741.519323][T23032] file_writeback 0 [ 741.519323][T23032] anon_thp 220200960 [ 741.519323][T23032] inactive_anon 246562816 [ 741.519323][T23032] active_anon 11915264 [ 741.519323][T23032] inactive_file 0 [ 741.519323][T23032] active_file 0 [ 741.519323][T23032] unevictable 44359680 [ 741.519323][T23032] slab_reclaimable 1216512 [ 741.519323][T23032] slab_unreclaimable 4960256 [ 741.519323][T23032] pgfault 831930 [ 741.519323][T23032] pgmajfault 0 [ 741.519323][T23032] workingset_refault 198 [ 741.519323][T23032] workingset_activate 66 [ 741.519323][T23032] workingset_nodereclaim 0 [ 741.519323][T23032] pgrefill 1565 [ 741.519323][T23032] pgscan 1759 [ 741.519323][T23032] pgsteal 231 [ 741.613406][T23032] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23031,uid=0 [ 741.629827][T23032] Memory cgroup out of memory: Killed process 23031 (syz-executor.2) total-vm:72700kB, anon-rss:17360kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 741.648384][ T1065] oom_reaper: reaped process 23031 (syz-executor.2), now anon-rss:17352kB, file-rss:54332kB, shmem-rss:0kB 06:29:53 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0x8, 0x1) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r2, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r2) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000140)=0x10000) 06:29:53 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x10d, 0x0) 06:29:53 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:53 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)) move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:53 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = creat(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) ioctl$KVM_PPC_ALLOCATE_HTAB(r0, 0xc004aea7, &(0x7f0000000140)=0x8) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev<\xec\x00\x00~dom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) setsockopt$netlink_NETLINK_RX_RING(r1, 0x10e, 0x6, &(0x7f0000000280)={0x3, 0x40, 0x40, 0x40}, 0x10) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r4, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:53 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) setsockopt$inet6_MCAST_MSFILTER(0xffffffffffffffff, 0x29, 0x30, &(0x7f0000000440)={0x5, {{0xa, 0x4e21, 0x9, @remote}}, 0x1, 0x4, [{{0xa, 0x4e23, 0x100000001, @mcast2, 0xf7}}, {{0xa, 0x4e20, 0x0, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x5}}, {{0xa, 0x4e22, 0x80000000, @loopback, 0xd3}}, {{0xa, 0x4e21, 0x40, @mcast2, 0x6}}]}, 0x290) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) ioctl$FUSE_DEV_IOC_CLONE(r0, 0x8004e500, &(0x7f0000000100)=r1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x0, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:29:53 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0b") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0b") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:54 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:54 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0b") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 742.066625][T23078] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 742.104924][T23078] CPU: 0 PID: 23078 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 742.114073][T23078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 742.114079][T23078] Call Trace: [ 742.114101][T23078] dump_stack+0x172/0x1f0 [ 742.114121][T23078] dump_header+0x177/0x1152 [ 742.114136][T23078] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 742.114148][T23078] ? ___ratelimit+0x2c8/0x595 [ 742.114161][T23078] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 742.114176][T23078] ? lockdep_hardirqs_on+0x418/0x5d0 [ 742.114191][T23078] ? trace_hardirqs_on+0x67/0x240 [ 742.114208][T23078] ? pagefault_out_of_memory+0x11c/0x11c [ 742.131840][T23078] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 742.131856][T23078] ? ___ratelimit+0x60/0x595 [ 742.131870][T23078] ? do_raw_spin_unlock+0x57/0x270 [ 742.131893][T23078] oom_kill_process.cold+0x10/0x15 [ 742.142158][T23078] out_of_memory+0x334/0x1340 [ 742.142172][T23078] ? lock_downgrade+0x920/0x920 [ 742.142190][T23078] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 742.142208][T23078] ? oom_killer_disable+0x280/0x280 [ 742.142234][T23078] mem_cgroup_out_of_memory+0x1d8/0x240 [ 742.142250][T23078] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 742.142267][T23078] ? do_raw_spin_unlock+0x57/0x270 [ 742.142282][T23078] ? _raw_spin_unlock+0x2d/0x50 [ 742.142303][T23078] try_charge+0xf4b/0x1440 [ 742.152757][T23078] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 742.152773][T23078] ? percpu_ref_tryget_live+0x111/0x290 [ 742.152791][T23078] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 742.152809][T23078] ? __kasan_check_read+0x11/0x20 [ 742.163112][T23078] ? get_mem_cgroup_from_mm+0x156/0x320 [ 742.163133][T23078] mem_cgroup_try_charge+0x136/0x590 [ 742.163149][T23078] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 742.163167][T23078] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 742.174571][T23078] __handle_mm_fault+0x1e34/0x3f20 [ 742.174595][T23078] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 742.174624][T23078] ? __kasan_check_read+0x11/0x20 [ 742.174645][T23078] handle_mm_fault+0x1b5/0x6c0 [ 742.184312][T23078] __get_user_pages+0x7d4/0x1b30 [ 742.184329][T23078] ? mark_held_locks+0xf0/0xf0 [ 742.184357][T23078] ? follow_page_mask+0x1cf0/0x1cf0 [ 742.184373][T23078] ? __mm_populate+0x270/0x380 [ 742.194124][T23078] ? __kasan_check_write+0x14/0x20 [ 742.194141][T23078] ? down_read+0x109/0x430 [ 742.194159][T23078] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 742.194177][T23078] populate_vma_page_range+0x20d/0x2a0 [ 742.204791][T23078] __mm_populate+0x204/0x380 [ 742.204811][T23078] ? populate_vma_page_range+0x2a0/0x2a0 [ 742.204828][T23078] ? __kasan_check_write+0x14/0x20 [ 742.204845][T23078] ? up_write+0x155/0x490 [ 742.215543][T23078] ? ns_capable_common+0x93/0x100 [ 742.215566][T23078] __x64_sys_mlockall+0x473/0x520 [ 742.215585][T23078] do_syscall_64+0xfa/0x760 [ 742.215608][T23078] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 742.215618][T23078] RIP: 0033:0x459879 [ 742.215632][T23078] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 742.215639][T23078] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 742.226357][T23078] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 742.226367][T23078] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 742.226375][T23078] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 742.226384][T23078] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 742.226393][T23078] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 742.237066][T23078] memory: usage 307200kB, limit 307200kB, failcnt 6264 [ 742.247740][T23078] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 742.264177][T23078] Memory cgroup stats for /syz2: [ 742.264290][T23078] anon 302858240 [ 742.264290][T23078] file 28672 [ 742.264290][T23078] kernel_stack 917504 [ 742.264290][T23078] slab 6176768 [ 742.264290][T23078] sock 0 [ 742.264290][T23078] shmem 0 [ 742.264290][T23078] file_mapped 0 [ 742.264290][T23078] file_dirty 0 [ 742.264290][T23078] file_writeback 0 [ 742.264290][T23078] anon_thp 220200960 [ 742.264290][T23078] inactive_anon 252690432 [ 742.264290][T23078] active_anon 11911168 [ 742.264290][T23078] inactive_file 0 [ 742.264290][T23078] active_file 0 [ 742.264290][T23078] unevictable 38309888 [ 742.264290][T23078] slab_reclaimable 1216512 [ 742.264290][T23078] slab_unreclaimable 4960256 [ 742.264290][T23078] pgfault 833745 [ 742.264290][T23078] pgmajfault 0 [ 742.264290][T23078] workingset_refault 198 [ 742.264290][T23078] workingset_activate 66 [ 742.264290][T23078] workingset_nodereclaim 0 [ 742.264290][T23078] pgrefill 1565 [ 742.264290][T23078] pgscan 1759 [ 742.264290][T23078] pgsteal 231 [ 742.275782][T23078] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23061,uid=0 [ 742.292563][T23078] Memory cgroup out of memory: Killed process 23061 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 742.323559][T23071] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 742.328183][ T1065] oom_reaper: reaped process 23061 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 742.339745][T23071] CPU: 0 PID: 23071 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 742.347972][T23071] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 742.347979][T23071] Call Trace: [ 742.347999][T23071] dump_stack+0x172/0x1f0 [ 742.348021][T23071] dump_header+0x177/0x1152 [ 742.348036][T23071] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 742.348047][T23071] ? ___ratelimit+0x2c8/0x595 [ 742.348061][T23071] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 742.348076][T23071] ? lockdep_hardirqs_on+0x418/0x5d0 [ 742.348097][T23071] ? trace_hardirqs_on+0x67/0x240 [ 742.358802][T23071] ? pagefault_out_of_memory+0x11c/0x11c [ 742.358820][T23071] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 742.358834][T23071] ? ___ratelimit+0x60/0x595 [ 742.358845][T23071] ? do_raw_spin_unlock+0x57/0x270 [ 742.358863][T23071] oom_kill_process.cold+0x10/0x15 [ 742.358880][T23071] out_of_memory+0x334/0x1340 [ 742.358893][T23071] ? lock_downgrade+0x920/0x920 [ 742.358916][T23071] ? oom_killer_disable+0x280/0x280 [ 742.368232][T23071] mem_cgroup_out_of_memory+0x1d8/0x240 [ 742.368250][T23071] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 742.368268][T23071] ? do_raw_spin_unlock+0x57/0x270 [ 742.368286][T23071] ? _raw_spin_unlock+0x2d/0x50 [ 742.368303][T23071] try_charge+0xf4b/0x1440 [ 742.368328][T23071] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 742.377803][T23071] ? percpu_ref_tryget_live+0x111/0x290 [ 742.377824][T23071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 742.377841][T23071] ? __kasan_check_read+0x11/0x20 [ 742.377861][T23071] ? get_mem_cgroup_from_mm+0x156/0x320 [ 742.377879][T23071] mem_cgroup_try_charge+0x136/0x590 [ 742.377893][T23071] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 742.377916][T23071] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 742.387662][T23071] __handle_mm_fault+0x1e34/0x3f20 [ 742.387686][T23071] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 742.387715][T23071] ? __kasan_check_read+0x11/0x20 [ 742.387737][T23071] handle_mm_fault+0x1b5/0x6c0 [ 742.387756][T23071] __get_user_pages+0x7d4/0x1b30 [ 742.387770][T23071] ? mark_held_locks+0xf0/0xf0 [ 742.387794][T23071] ? follow_page_mask+0x1cf0/0x1cf0 [ 742.387804][T23071] ? __mm_populate+0x270/0x380 [ 742.387824][T23071] ? __kasan_check_write+0x14/0x20 [ 742.415803][T23071] ? down_read+0x109/0x430 [ 742.415823][T23071] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 742.415843][T23071] populate_vma_page_range+0x20d/0x2a0 [ 742.415862][T23071] __mm_populate+0x204/0x380 [ 742.431804][T23071] ? populate_vma_page_range+0x2a0/0x2a0 [ 742.431822][T23071] ? __kasan_check_write+0x14/0x20 [ 742.431836][T23071] ? up_write+0x155/0x490 [ 742.431849][T23071] ? ns_capable_common+0x93/0x100 [ 742.431869][T23071] __x64_sys_mlockall+0x473/0x520 [ 742.431887][T23071] do_syscall_64+0xfa/0x760 [ 742.431906][T23071] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 742.431921][T23071] RIP: 0033:0x459879 [ 742.447829][T23071] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 742.447838][T23071] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 742.447876][T23071] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 742.447883][T23071] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 742.447892][T23071] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 742.447900][T23071] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 742.447909][T23071] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 742.552249][T23071] memory: usage 307200kB, limit 307200kB, failcnt 2101 [ 742.614751][T23071] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 742.656371][T23071] Memory cgroup stats for /syz1: [ 742.656478][T23071] anon 298209280 [ 742.656478][T23071] file 122880 [ 742.656478][T23071] kernel_stack 851968 [ 742.656478][T23071] slab 11382784 [ 742.656478][T23071] sock 0 [ 742.656478][T23071] shmem 61440 [ 742.656478][T23071] file_mapped 0 [ 742.656478][T23071] file_dirty 0 [ 742.656478][T23071] file_writeback 0 [ 742.656478][T23071] anon_thp 134217728 [ 742.656478][T23071] inactive_anon 259002368 [ 742.656478][T23071] active_anon 5550080 [ 742.656478][T23071] inactive_file 90112 [ 742.656478][T23071] active_file 135168 [ 742.656478][T23071] unevictable 33828864 [ 742.656478][T23071] slab_reclaimable 5677056 [ 742.656478][T23071] slab_unreclaimable 5705728 [ 742.656478][T23071] pgfault 235158 [ 742.656478][T23071] pgmajfault 0 [ 742.656478][T23071] workingset_refault 33 [ 742.656478][T23071] workingset_activate 0 [ 742.656478][T23071] workingset_nodereclaim 0 [ 742.656478][T23071] pgrefill 441 [ 742.656478][T23071] pgscan 4553 [ 742.656478][T23071] pgsteal 4166 [ 742.675588][T23071] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=23041,uid=0 [ 742.703764][T23071] Memory cgroup out of memory: Killed process 23041 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 743.134080][T23069] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 743.168351][T23069] CPU: 0 PID: 23069 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 743.170404][ T1065] oom_reaper: reaped process 23041 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 743.177475][T23069] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 743.177482][T23069] Call Trace: [ 743.177505][T23069] dump_stack+0x172/0x1f0 [ 743.177525][T23069] dump_header+0x177/0x1152 [ 743.177541][T23069] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 743.177552][T23069] ? ___ratelimit+0x2c8/0x595 [ 743.177565][T23069] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 743.177580][T23069] ? lockdep_hardirqs_on+0x418/0x5d0 [ 743.177599][T23069] ? trace_hardirqs_on+0x67/0x240 [ 743.237216][T23069] ? pagefault_out_of_memory+0x11c/0x11c [ 743.242857][T23069] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 743.248685][T23069] ? ___ratelimit+0x60/0x595 [ 743.253278][T23069] ? do_raw_spin_unlock+0x57/0x270 [ 743.258394][T23069] oom_kill_process.cold+0x10/0x15 [ 743.263513][T23069] out_of_memory+0x334/0x1340 [ 743.268192][T23069] ? lock_downgrade+0x920/0x920 [ 743.273050][T23069] ? oom_killer_disable+0x280/0x280 [ 743.278261][T23069] mem_cgroup_out_of_memory+0x1d8/0x240 [ 743.283807][T23069] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 743.289444][T23069] ? do_raw_spin_unlock+0x57/0x270 [ 743.294558][T23069] ? _raw_spin_unlock+0x2d/0x50 [ 743.299424][T23069] try_charge+0xf4b/0x1440 [ 743.303855][T23069] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 743.309400][T23069] ? percpu_ref_tryget_live+0x111/0x290 [ 743.314947][T23069] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 743.321197][T23069] ? __kasan_check_read+0x11/0x20 [ 743.326240][T23069] ? get_mem_cgroup_from_mm+0x156/0x320 [ 743.331792][T23069] mem_cgroup_try_charge+0x136/0x590 [ 743.337090][T23069] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 743.343338][T23069] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 743.348977][T23069] __handle_mm_fault+0x1e34/0x3f20 [ 743.354094][T23069] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 743.359642][T23069] ? __kasan_check_read+0x11/0x20 [ 743.359665][T23069] handle_mm_fault+0x1b5/0x6c0 [ 743.359683][T23069] __get_user_pages+0x7d4/0x1b30 [ 743.374387][T23069] ? mark_held_locks+0xf0/0xf0 [ 743.379170][T23069] ? follow_page_mask+0x1cf0/0x1cf0 06:29:55 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47b") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:55 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 743.384357][T23069] ? __mm_populate+0x270/0x380 [ 743.384379][T23069] ? __kasan_check_write+0x14/0x20 [ 743.394214][T23069] ? down_read+0x109/0x430 [ 743.398632][T23069] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 743.404878][T23069] populate_vma_page_range+0x20d/0x2a0 [ 743.410347][T23069] __mm_populate+0x204/0x380 [ 743.414944][T23069] ? populate_vma_page_range+0x2a0/0x2a0 [ 743.420585][T23069] ? __kasan_check_write+0x14/0x20 [ 743.425703][T23069] ? up_write+0x155/0x490 [ 743.430034][T23069] ? ns_capable_common+0x93/0x100 [ 743.435072][T23069] __x64_sys_mlockall+0x473/0x520 [ 743.440192][T23069] do_syscall_64+0xfa/0x760 [ 743.444707][T23069] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 743.450595][T23069] RIP: 0033:0x459879 [ 743.454487][T23069] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 743.474086][T23069] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 743.474100][T23069] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 743.474107][T23069] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 743.474115][T23069] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 743.474123][T23069] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 743.474132][T23069] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 743.596983][T23069] memory: usage 307200kB, limit 307200kB, failcnt 5644 [ 743.604653][T23069] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 743.623946][T23069] Memory cgroup stats for /syz3: [ 743.624064][T23069] anon 301088768 [ 743.624064][T23069] file 0 [ 743.624064][T23069] kernel_stack 917504 [ 743.624064][T23069] slab 8007680 [ 743.624064][T23069] sock 0 [ 743.624064][T23069] shmem 0 [ 743.624064][T23069] file_mapped 0 [ 743.624064][T23069] file_dirty 0 [ 743.624064][T23069] file_writeback 0 [ 743.624064][T23069] anon_thp 199229440 [ 743.624064][T23069] inactive_anon 250486784 [ 743.624064][T23069] active_anon 18145280 [ 743.624064][T23069] inactive_file 0 [ 743.624064][T23069] active_file 0 [ 743.624064][T23069] unevictable 32382976 [ 743.624064][T23069] slab_reclaimable 1351680 [ 743.624064][T23069] slab_unreclaimable 6656000 [ 743.624064][T23069] pgfault 830973 [ 743.624064][T23069] pgmajfault 0 [ 743.624064][T23069] workingset_refault 132 [ 743.624064][T23069] workingset_activate 66 [ 743.624064][T23069] workingset_nodereclaim 0 [ 743.624064][T23069] pgrefill 895 [ 743.624064][T23069] pgscan 898 [ 743.624064][T23069] pgsteal 165 [ 743.725133][T23069] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23058,uid=0 [ 743.750775][T23069] Memory cgroup out of memory: Killed process 23058 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 743.815894][T23078] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 743.838634][T23078] CPU: 0 PID: 23078 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 743.847773][T23078] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 743.857826][T23078] Call Trace: [ 743.861118][T23078] dump_stack+0x172/0x1f0 [ 743.865449][T23078] dump_header+0x177/0x1152 [ 743.869965][T23078] ? pagefault_out_of_memory+0x11c/0x11c [ 743.875600][T23078] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 743.881402][T23078] ? ___ratelimit+0x60/0x595 [ 743.885991][T23078] ? do_raw_spin_unlock+0x57/0x270 [ 743.891104][T23078] oom_kill_process.cold+0x10/0x15 [ 743.896216][T23078] out_of_memory+0x334/0x1340 [ 743.900894][T23078] ? __this_cpu_preempt_check+0x3a/0x210 [ 743.906528][T23078] ? retint_kernel+0x2b/0x2b [ 743.911125][T23078] ? oom_killer_disable+0x280/0x280 [ 743.916334][T23078] mem_cgroup_out_of_memory+0x1d8/0x240 [ 743.921879][T23078] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 743.927519][T23078] ? do_raw_spin_unlock+0x57/0x270 [ 743.932634][T23078] ? _raw_spin_unlock+0x2d/0x50 [ 743.937499][T23078] try_charge+0xf4b/0x1440 [ 743.941936][T23078] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 743.947488][T23078] ? percpu_ref_tryget_live+0x111/0x290 [ 743.953038][T23078] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 743.959310][T23078] ? __kasan_check_read+0x11/0x20 [ 743.964346][T23078] ? get_mem_cgroup_from_mm+0x156/0x320 [ 743.969895][T23078] mem_cgroup_try_charge+0x136/0x590 [ 743.975188][T23078] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 743.981437][T23078] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 743.987079][T23078] __handle_mm_fault+0x1e34/0x3f20 [ 743.992300][T23078] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 743.997861][T23078] ? __kasan_check_read+0x11/0x20 [ 744.002897][T23078] handle_mm_fault+0x1b5/0x6c0 [ 744.007769][T23078] __get_user_pages+0x7d4/0x1b30 [ 744.012702][T23078] ? mark_held_locks+0xf0/0xf0 [ 744.017479][T23078] ? follow_page_mask+0x1cf0/0x1cf0 [ 744.022686][T23078] ? __mm_populate+0x270/0x380 [ 744.027464][T23078] ? memset+0x32/0x40 [ 744.031450][T23078] populate_vma_page_range+0x20d/0x2a0 [ 744.036919][T23078] __mm_populate+0x204/0x380 [ 744.041517][T23078] ? populate_vma_page_range+0x2a0/0x2a0 [ 744.047158][T23078] ? up_write+0x1c8/0x490 [ 744.051498][T23078] __x64_sys_mremap+0x7dc/0xb80 [ 744.056358][T23078] ? mremap_to+0x750/0x750 [ 744.060794][T23078] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 744.066256][T23078] ? trace_hardirqs_on_thunk+0x1a/0x20 [ 744.071723][T23078] ? entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 744.077794][T23078] ? do_syscall_64+0x26/0x760 [ 744.082472][T23078] ? lockdep_hardirqs_on+0x418/0x5d0 [ 744.087758][T23078] ? trace_hardirqs_on+0x67/0x240 [ 744.092788][T23078] do_syscall_64+0xfa/0x760 [ 744.097299][T23078] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 744.103189][T23078] RIP: 0033:0x459879 [ 744.107084][T23078] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 744.126684][T23078] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 744.135098][T23078] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 744.143071][T23078] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 744.151045][T23078] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 744.159021][T23078] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 744.166990][T23078] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 744.176086][T23078] memory: usage 307200kB, limit 307200kB, failcnt 6298 [ 744.184431][T23078] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 744.199601][T23078] Memory cgroup stats for /syz2: [ 744.200451][T23078] anon 302747648 [ 744.200451][T23078] file 28672 [ 744.200451][T23078] kernel_stack 917504 [ 744.200451][T23078] slab 6176768 [ 744.200451][T23078] sock 0 [ 744.200451][T23078] shmem 0 [ 744.200451][T23078] file_mapped 0 [ 744.200451][T23078] file_dirty 0 [ 744.200451][T23078] file_writeback 0 [ 744.200451][T23078] anon_thp 224395264 [ 744.200451][T23078] inactive_anon 246542336 [ 744.200451][T23078] active_anon 11911168 [ 744.200451][T23078] inactive_file 0 [ 744.200451][T23078] active_file 0 [ 744.200451][T23078] unevictable 44482560 [ 744.200451][T23078] slab_reclaimable 1216512 [ 744.200451][T23078] slab_unreclaimable 4960256 [ 744.200451][T23078] pgfault 834669 [ 744.200451][T23078] pgmajfault 0 [ 744.200451][T23078] workingset_refault 198 [ 744.200451][T23078] workingset_activate 66 [ 744.200451][T23078] workingset_nodereclaim 0 [ 744.200451][T23078] pgrefill 1565 [ 744.200451][T23078] pgscan 1759 [ 744.200451][T23078] pgsteal 231 [ 744.205670][T23078] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23075,uid=0 [ 744.320772][T23078] Memory cgroup out of memory: Killed process 23075 (syz-executor.2) total-vm:72700kB, anon-rss:17488kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 744.345579][ T1065] oom_reaper: reaped process 23075 (syz-executor.2), now anon-rss:17480kB, file-rss:54332kB, shmem-rss:0kB [ 744.346283][T23102] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 744.367519][T23102] CPU: 0 PID: 23102 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 744.376626][T23102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 744.386681][T23102] Call Trace: [ 744.389979][T23102] dump_stack+0x172/0x1f0 [ 744.394316][T23102] dump_header+0x177/0x1152 [ 744.398820][T23102] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 744.404629][T23102] ? ___ratelimit+0x2c8/0x595 [ 744.409312][T23102] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 744.415241][T23102] ? lockdep_hardirqs_on+0x418/0x5d0 [ 744.420528][T23102] ? trace_hardirqs_on+0x67/0x240 [ 744.425553][T23102] ? pagefault_out_of_memory+0x11c/0x11c [ 744.431186][T23102] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 744.436989][T23102] ? ___ratelimit+0x60/0x595 [ 744.441578][T23102] ? do_raw_spin_unlock+0x57/0x270 [ 744.446700][T23102] oom_kill_process.cold+0x10/0x15 [ 744.451814][T23102] out_of_memory+0x334/0x1340 [ 744.456495][T23102] ? lock_downgrade+0x920/0x920 [ 744.461355][T23102] ? oom_killer_disable+0x280/0x280 [ 744.466563][T23102] mem_cgroup_out_of_memory+0x1d8/0x240 [ 744.472109][T23102] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 744.477747][T23102] ? do_raw_spin_unlock+0x57/0x270 [ 744.482861][T23102] ? _raw_spin_unlock+0x2d/0x50 [ 744.487737][T23102] try_charge+0xf4b/0x1440 [ 744.492166][T23102] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 744.497714][T23102] ? percpu_ref_tryget_live+0x111/0x290 [ 744.503263][T23102] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 744.509502][T23102] ? __kasan_check_read+0x11/0x20 [ 744.514535][T23102] ? get_mem_cgroup_from_mm+0x156/0x320 [ 744.520080][T23102] mem_cgroup_try_charge+0x136/0x590 [ 744.525363][T23102] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 744.531612][T23102] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 744.537248][T23102] wp_page_copy+0x41e/0x1590 [ 744.541840][T23102] ? find_held_lock+0x35/0x130 [ 744.546618][T23102] ? pmd_pfn+0x1d0/0x1d0 [ 744.550864][T23102] ? lock_downgrade+0x920/0x920 [ 744.555723][T23102] ? swp_swapcount+0x540/0x540 [ 744.560490][T23102] ? __kasan_check_read+0x11/0x20 [ 744.565513][T23102] ? do_raw_spin_unlock+0x57/0x270 [ 744.570643][T23102] do_wp_page+0x499/0x14d0 [ 744.575069][T23102] ? finish_mkwrite_fault+0x570/0x570 [ 744.580449][T23102] __handle_mm_fault+0x22f1/0x3f20 [ 744.585575][T23102] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 744.591138][T23102] ? __kasan_check_read+0x11/0x20 [ 744.596173][T23102] handle_mm_fault+0x1b5/0x6c0 [ 744.600943][T23102] __get_user_pages+0x7d4/0x1b30 [ 744.605878][T23102] ? mark_held_locks+0xf0/0xf0 [ 744.610660][T23102] ? follow_page_mask+0x1cf0/0x1cf0 [ 744.615855][T23102] ? __mm_populate+0x270/0x380 [ 744.620631][T23102] ? __kasan_check_write+0x14/0x20 [ 744.625744][T23102] ? down_read+0x109/0x430 [ 744.630156][T23102] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 744.636406][T23102] populate_vma_page_range+0x20d/0x2a0 [ 744.641871][T23102] __mm_populate+0x204/0x380 [ 744.646465][T23102] ? populate_vma_page_range+0x2a0/0x2a0 [ 744.652098][T23102] ? __kasan_check_write+0x14/0x20 [ 744.657206][T23102] ? up_write+0x155/0x490 [ 744.661534][T23102] ? ns_capable_common+0x93/0x100 [ 744.666560][T23102] __x64_sys_mlockall+0x473/0x520 [ 744.671589][T23102] do_syscall_64+0xfa/0x760 [ 744.676108][T23102] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 744.681994][T23102] RIP: 0033:0x459879 [ 744.685888][T23102] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 744.705489][T23102] RSP: 002b:00007f4e2a8ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 744.713902][T23102] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 744.721871][T23102] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 744.729843][T23102] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 744.737812][T23102] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a8ec6d4 [ 744.745777][T23102] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 744.761711][T23102] memory: usage 307080kB, limit 307200kB, failcnt 2119 [ 744.768874][T23102] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 744.775833][T23102] Memory cgroup stats for /syz1: [ 744.775954][T23102] anon 298024960 [ 744.775954][T23102] file 122880 [ 744.775954][T23102] kernel_stack 917504 [ 744.775954][T23102] slab 11382784 [ 744.775954][T23102] sock 0 [ 744.775954][T23102] shmem 61440 [ 744.775954][T23102] file_mapped 0 [ 744.775954][T23102] file_dirty 0 [ 744.775954][T23102] file_writeback 0 [ 744.775954][T23102] anon_thp 132120576 [ 744.775954][T23102] inactive_anon 255021056 [ 744.775954][T23102] active_anon 5550080 06:29:56 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0) getsockopt$IP_VS_SO_GET_TIMEOUT(r1, 0x0, 0x486, &(0x7f00000003c0), &(0x7f0000000440)=0xc) openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) r2 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r2, &(0x7f00000004c0)=ANY=[@ANYBLOB="ae4f7e85ad419804263f7ec0d6ee294d043f0517aeb4cd2f0de4b7ccf7202d014eb3148f0d8d5a94a0c4d7e4707dc32891fb3423e9240c320ec255a4e58ffa2674a90e189999a8c5930b34c7ee6a07bfdca1b8a7a77bab54d814e9c30f7d90db423ff4a0551354e870b9425f58263e6ecbd1aeb8afdeea9c780c97"], 0x1) close(r2) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={r2, &(0x7f0000000280)="62a7e0c817ebba2f02f1775f8e80e647ac5c870547760b92f74f8f66ffb51ec410e6334e3de88d01dea3467fd914f263187a23c14d30c68842d790a521112dff3695d17183d2eabad8bca55ef3735e66707c77bf1333a8fe840aa4a48a056ba12de0eebf535f633de56d16d79a1e5edda86ed45ba6d771b39921ccdcf7d460fef3414aaf459a782b913287a30ea04ee0fb1f7cfd254fc2659092e530661fdf93eab00bd685eb3de1050b2ebd97953946b095", &(0x7f0000000340)=""/73}, 0x18) r3 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r3, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r3) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000480)=0x2) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x0, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) r6 = eventfd(0x0) ioctl$KVM_HYPERV_EVENTFD(r5, 0x4018aebd, &(0x7f0000000040)={0x0, r6}) ioctl$KVM_HYPERV_EVENTFD(r5, 0x4018aebd, &(0x7f0000000080)={0x0, 0xffffffffffffffff, 0x1}) ioctl$KVM_GET_NR_MMU_PAGES(r5, 0xae45, 0x7f) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:56 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x10e, 0x0) 06:29:56 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:56 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47b") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 744.775954][T23102] inactive_file 90112 [ 744.775954][T23102] active_file 135168 [ 744.775954][T23102] unevictable 37498880 [ 744.775954][T23102] slab_reclaimable 5677056 [ 744.775954][T23102] slab_unreclaimable 5705728 [ 744.775954][T23102] pgfault 237897 [ 744.775954][T23102] pgmajfault 0 [ 744.775954][T23102] workingset_refault 33 [ 744.775954][T23102] workingset_activate 0 [ 744.775954][T23102] workingset_nodereclaim 0 [ 744.775954][T23102] pgrefill 441 [ 744.775954][T23102] pgscan 4553 [ 744.775954][T23102] pgsteal 4166 [ 744.932368][T23102] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=23067,uid=0 [ 744.970189][T23102] Memory cgroup out of memory: Killed process 23102 (syz-executor.1) total-vm:72832kB, anon-rss:18232kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 745.005533][ T1065] oom_reaper: reaped process 23102 (syz-executor.1), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB 06:29:57 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:29:57 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bfbae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:29:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47b") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:57 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:57 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) 06:29:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf0") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 745.434683][T23221] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 745.472082][T23221] CPU: 1 PID: 23221 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 745.481224][T23221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 745.491281][T23221] Call Trace: [ 745.494580][T23221] dump_stack+0x172/0x1f0 [ 745.498921][T23221] dump_header+0x177/0x1152 [ 745.503435][T23221] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 745.509246][T23221] ? ___ratelimit+0x2c8/0x595 [ 745.513927][T23221] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 745.519739][T23221] ? lockdep_hardirqs_on+0x418/0x5d0 [ 745.525033][T23221] ? trace_hardirqs_on+0x67/0x240 [ 745.530068][T23221] ? pagefault_out_of_memory+0x11c/0x11c [ 745.535707][T23221] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 745.541515][T23221] ? ___ratelimit+0x60/0x595 [ 745.546107][T23221] ? do_raw_spin_unlock+0x57/0x270 [ 745.551224][T23221] oom_kill_process.cold+0x10/0x15 [ 745.556339][T23221] out_of_memory+0x334/0x1340 [ 745.561017][T23221] ? lock_downgrade+0x920/0x920 [ 745.565870][T23221] ? mem_cgroup_unmark_under_oom+0x8d/0xb0 [ 745.571676][T23221] ? oom_killer_disable+0x280/0x280 [ 745.576887][T23221] mem_cgroup_out_of_memory+0x1d8/0x240 [ 745.582431][T23221] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 745.588067][T23221] ? do_raw_spin_unlock+0x57/0x270 [ 745.593180][T23221] ? _raw_spin_unlock+0x2d/0x50 [ 745.598037][T23221] try_charge+0xf4b/0x1440 [ 745.602462][T23221] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 745.608002][T23221] ? percpu_ref_tryget_live+0x111/0x290 [ 745.613553][T23221] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 745.619794][T23221] ? __kasan_check_read+0x11/0x20 [ 745.624824][T23221] ? get_mem_cgroup_from_mm+0x156/0x320 [ 745.630372][T23221] mem_cgroup_try_charge+0x136/0x590 [ 745.635661][T23221] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 745.642010][T23221] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 745.647657][T23221] __handle_mm_fault+0x1e34/0x3f20 [ 745.652784][T23221] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 745.658430][T23221] ? __kasan_check_read+0x11/0x20 [ 745.663463][T23221] handle_mm_fault+0x1b5/0x6c0 [ 745.668232][T23221] __get_user_pages+0x7d4/0x1b30 [ 745.673168][T23221] ? mark_held_locks+0xf0/0xf0 [ 745.677941][T23221] ? follow_page_mask+0x1cf0/0x1cf0 06:29:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf0") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 745.683244][T23221] ? __mm_populate+0x270/0x380 [ 745.688015][T23221] ? __kasan_check_write+0x14/0x20 [ 745.693124][T23221] ? down_read+0x109/0x430 [ 745.697545][T23221] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 745.703790][T23221] populate_vma_page_range+0x20d/0x2a0 [ 745.709259][T23221] __mm_populate+0x204/0x380 [ 745.713861][T23221] ? populate_vma_page_range+0x2a0/0x2a0 [ 745.719493][T23221] ? __kasan_check_write+0x14/0x20 [ 745.724605][T23221] ? up_write+0x155/0x490 [ 745.728929][T23221] ? ns_capable_common+0x93/0x100 [ 745.733963][T23221] __x64_sys_mlockall+0x473/0x520 [ 745.738998][T23221] do_syscall_64+0xfa/0x760 [ 745.743513][T23221] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 745.749414][T23221] RIP: 0033:0x459879 [ 745.753306][T23221] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 745.772913][T23221] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 745.781335][T23221] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 745.789300][T23221] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 745.797276][T23221] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 745.805242][T23221] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 745.813212][T23221] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 745.828428][T23221] memory: usage 307200kB, limit 307200kB, failcnt 5675 06:29:57 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf0") move_pages(0x0, 0x2000000000000040, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 745.855314][T23221] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 745.899768][T23221] Memory cgroup stats for /syz3: [ 745.899877][T23221] anon 300453888 [ 745.899877][T23221] file 0 [ 745.899877][T23221] kernel_stack 917504 [ 745.899877][T23221] slab 8560640 [ 745.899877][T23221] sock 0 [ 745.899877][T23221] shmem 0 [ 745.899877][T23221] file_mapped 0 [ 745.899877][T23221] file_dirty 0 [ 745.899877][T23221] file_writeback 0 [ 745.899877][T23221] anon_thp 201326592 [ 745.899877][T23221] inactive_anon 250617856 [ 745.899877][T23221] active_anon 18157568 [ 745.899877][T23221] inactive_file 0 [ 745.899877][T23221] active_file 0 [ 745.899877][T23221] unevictable 31723520 [ 745.899877][T23221] slab_reclaimable 1351680 [ 745.899877][T23221] slab_unreclaimable 7208960 [ 745.899877][T23221] pgfault 833184 [ 745.899877][T23221] pgmajfault 0 [ 745.899877][T23221] workingset_refault 132 [ 745.899877][T23221] workingset_activate 66 [ 745.899877][T23221] workingset_nodereclaim 0 [ 745.899877][T23221] pgrefill 895 [ 745.899877][T23221] pgscan 898 [ 745.899877][T23221] pgsteal 165 [ 746.014601][T23221] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23104,uid=0 [ 746.031865][T23221] Memory cgroup out of memory: Killed process 23104 (syz-executor.3) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 746.065828][T23216] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 746.066369][ T1065] oom_reaper: reaped process 23104 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 746.082830][T23216] CPU: 0 PID: 23216 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 746.096238][T23216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 746.106297][T23216] Call Trace: [ 746.109708][T23216] dump_stack+0x172/0x1f0 [ 746.114180][T23216] dump_header+0x177/0x1152 [ 746.118687][T23216] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 746.124487][T23216] ? ___ratelimit+0x2c8/0x595 [ 746.129210][T23216] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 746.135100][T23216] ? lockdep_hardirqs_on+0x418/0x5d0 [ 746.140378][T23216] ? trace_hardirqs_on+0x67/0x240 [ 746.145423][T23216] ? pagefault_out_of_memory+0x11c/0x11c [ 746.151057][T23216] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 746.156861][T23216] ? ___ratelimit+0x60/0x595 [ 746.161452][T23216] ? do_raw_spin_unlock+0x57/0x270 [ 746.166567][T23216] oom_kill_process.cold+0x10/0x15 [ 746.172316][T23216] out_of_memory+0x334/0x1340 [ 746.176997][T23216] ? lock_downgrade+0x920/0x920 [ 746.181859][T23216] ? oom_killer_disable+0x280/0x280 [ 746.187072][T23216] mem_cgroup_out_of_memory+0x1d8/0x240 [ 746.192626][T23216] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 746.198268][T23216] ? do_raw_spin_unlock+0x57/0x270 [ 746.203381][T23216] ? _raw_spin_unlock+0x2d/0x50 [ 746.208234][T23216] try_charge+0xf4b/0x1440 [ 746.212660][T23216] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 746.218205][T23216] ? percpu_ref_tryget_live+0x111/0x290 [ 746.223759][T23216] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 746.230091][T23216] ? __kasan_check_read+0x11/0x20 [ 746.235122][T23216] ? get_mem_cgroup_from_mm+0x156/0x320 [ 746.240755][T23216] mem_cgroup_try_charge+0x136/0x590 [ 746.246041][T23216] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 746.252283][T23216] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 746.257925][T23216] __handle_mm_fault+0x1e34/0x3f20 [ 746.263046][T23216] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 746.268602][T23216] ? __this_cpu_preempt_check+0x3a/0x210 [ 746.274243][T23216] ? retint_kernel+0x2b/0x2b [ 746.278852][T23216] ? sync_mm_rss+0x9f/0x1c0 [ 746.283352][T23216] ? sync_mm_rss+0xa4/0x1c0 [ 746.287865][T23216] handle_mm_fault+0x1b5/0x6c0 [ 746.292636][T23216] __get_user_pages+0x7d4/0x1b30 [ 746.297589][T23216] ? follow_page_mask+0x1cf0/0x1cf0 [ 746.302789][T23216] ? retint_kernel+0x2b/0x2b [ 746.307389][T23216] ? populate_vma_page_range+0x1b4/0x2a0 [ 746.313027][T23216] populate_vma_page_range+0x20d/0x2a0 [ 746.318676][T23216] __mm_populate+0x204/0x380 [ 746.323269][T23216] ? populate_vma_page_range+0x2a0/0x2a0 [ 746.328934][T23216] ? up_write+0x1c8/0x490 [ 746.333277][T23216] __x64_sys_mremap+0x7dc/0xb80 [ 746.338135][T23216] ? lockdep_hardirqs_on+0x418/0x5d0 [ 746.343420][T23216] ? retint_kernel+0x2b/0x2b [ 746.348020][T23216] ? mremap_to+0x750/0x750 [ 746.352447][T23216] ? retint_kernel+0x2b/0x2b [ 746.357053][T23216] do_syscall_64+0xfa/0x760 [ 746.361564][T23216] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 746.367455][T23216] RIP: 0033:0x459879 [ 746.371516][T23216] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 746.391125][T23216] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 [ 746.399539][T23216] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 746.408039][T23216] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 746.416010][T23216] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 746.423981][T23216] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 746.431950][T23216] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 746.509465][T23216] memory: usage 307148kB, limit 307200kB, failcnt 6336 [ 746.516431][T23216] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 746.523686][T23216] Memory cgroup stats for /syz2: [ 746.523804][T23216] anon 302485504 [ 746.523804][T23216] file 28672 [ 746.523804][T23216] kernel_stack 983040 [ 746.523804][T23216] slab 6549504 [ 746.523804][T23216] sock 0 [ 746.523804][T23216] shmem 0 [ 746.523804][T23216] file_mapped 0 [ 746.523804][T23216] file_dirty 0 [ 746.523804][T23216] file_writeback 0 [ 746.523804][T23216] anon_thp 224395264 [ 746.523804][T23216] inactive_anon 246685696 [ 746.523804][T23216] active_anon 11968512 [ 746.523804][T23216] inactive_file 0 [ 746.523804][T23216] active_file 0 [ 746.523804][T23216] unevictable 43782144 [ 746.523804][T23216] slab_reclaimable 1351680 [ 746.523804][T23216] slab_unreclaimable 5197824 [ 746.523804][T23216] pgfault 837276 [ 746.523804][T23216] pgmajfault 0 [ 746.523804][T23216] workingset_refault 198 [ 746.523804][T23216] workingset_activate 66 [ 746.523804][T23216] workingset_nodereclaim 0 [ 746.523804][T23216] pgrefill 1565 [ 746.523804][T23216] pgscan 1759 [ 746.523804][T23216] pgsteal 231 [ 746.618808][T23216] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23215,uid=0 [ 746.667400][T23216] Memory cgroup out of memory: Killed process 23215 (syz-executor.2) total-vm:72700kB, anon-rss:17164kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 746.707868][T23243] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 746.707966][ T1065] [ 746.718239][T23243] CPU: 0 PID: 23243 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 746.720355][ T1065] ============================================ [ 746.729434][T23243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 746.735553][ T1065] WARNING: possible recursive locking detected [ 746.745580][T23243] Call Trace: [ 746.751701][ T1065] 5.3.0-rc6-next-20190830 #75 Not tainted [ 746.754967][T23243] dump_stack+0x172/0x1f0 [ 746.760643][ T1065] -------------------------------------------- [ 746.764951][T23243] dump_header+0x177/0x1152 [ 746.771066][ T1065] oom_reaper/1065 is trying to acquire lock: [ 746.775546][T23243] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 746.781483][ T1065] ffffffff8904ff60 (mmu_notifier_invalidate_range_start){+.+.}, at: __mmu_notifier_invalidate_range_end+0x0/0x360 [ 746.787267][T23243] ? ___ratelimit+0x2c8/0x595 [ 746.799197][ T1065] [ 746.799197][ T1065] but task is already holding lock: [ 746.803855][T23243] ? _raw_spin_unlock_irqrestore+0x6b/0xe0 [ 746.811182][ T1065] ffffffff8904ff60 (mmu_notifier_invalidate_range_start){+.+.}, at: __oom_reap_task_mm+0x196/0x490 [ 746.817404][T23243] ? lockdep_hardirqs_on+0x418/0x5d0 [ 746.828025][ T1065] [ 746.828025][ T1065] other info that might help us debug this: [ 746.833287][T23243] ? trace_hardirqs_on+0x67/0x240 [ 746.841309][ T1065] Possible unsafe locking scenario: [ 746.841309][ T1065] [ 746.846312][T23243] ? pagefault_out_of_memory+0x11c/0x11c [ 746.853725][ T1065] CPU0 [ 746.859340][T23243] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 746.862585][ T1065] ---- [ 746.868365][T23243] ? ___ratelimit+0x60/0x595 [ 746.871612][ T1065] lock(mmu_notifier_invalidate_range_start); [ 746.876180][T23243] ? do_raw_spin_unlock+0x57/0x270 [ 746.882291][ T1065] lock(mmu_notifier_invalidate_range_start); [ 746.887395][T23243] oom_kill_process.cold+0x10/0x15 [ 746.893505][ T1065] [ 746.893505][ T1065] *** DEADLOCK *** [ 746.893505][ T1065] [ 746.898594][T23243] out_of_memory+0x334/0x1340 [ 746.906702][ T1065] May be due to missing lock nesting notation [ 746.906702][ T1065] [ 746.911354][T23243] ? lock_downgrade+0x920/0x920 [ 746.919640][ T1065] 2 locks held by oom_reaper/1065: [ 746.924462][T23243] ? oom_killer_disable+0x280/0x280 [ 746.929532][ T1065] #0: ffff88805d94f010 (&mm->mmap_sem#2){++++}, at: oom_reaper+0x3a7/0x1320 [ 746.934721][T23243] mem_cgroup_out_of_memory+0x1d8/0x240 [ 746.943437][ T1065] #1: ffffffff8904ff60 (mmu_notifier_invalidate_range_start){+.+.}, at: __oom_reap_task_mm+0x196/0x490 [ 746.948960][T23243] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 746.960025][ T1065] [ 746.960025][ T1065] stack backtrace: [ 746.971555][T23243] ? do_raw_spin_unlock+0x57/0x270 [ 746.976664][T23243] ? _raw_spin_unlock+0x2d/0x50 [ 746.981507][T23243] try_charge+0xf4b/0x1440 [ 746.985916][T23243] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 746.991455][T23243] ? percpu_ref_tryget_live+0x111/0x290 [ 746.996988][T23243] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 747.003218][T23243] ? __kasan_check_read+0x11/0x20 [ 747.008239][T23243] ? get_mem_cgroup_from_mm+0x156/0x320 [ 747.013771][T23243] mem_cgroup_try_charge+0x136/0x590 [ 747.019044][T23243] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 747.025274][T23243] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 747.030895][T23243] wp_page_copy+0x41e/0x1590 [ 747.035473][T23243] ? find_held_lock+0x35/0x130 [ 747.040224][T23243] ? pmd_pfn+0x1d0/0x1d0 [ 747.044472][T23243] ? lock_downgrade+0x920/0x920 [ 747.049316][T23243] ? swp_swapcount+0x540/0x540 [ 747.054065][T23243] ? __kasan_check_read+0x11/0x20 [ 747.059076][T23243] ? do_raw_spin_unlock+0x57/0x270 [ 747.064177][T23243] do_wp_page+0x499/0x14d0 [ 747.068582][T23243] ? finish_mkwrite_fault+0x570/0x570 [ 747.073957][T23243] __handle_mm_fault+0x22f1/0x3f20 [ 747.079060][T23243] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 747.084597][T23243] ? __kasan_check_read+0x11/0x20 [ 747.089612][T23243] handle_mm_fault+0x1b5/0x6c0 [ 747.094365][T23243] __get_user_pages+0x7d4/0x1b30 [ 747.099287][T23243] ? mark_held_locks+0xf0/0xf0 [ 747.104047][T23243] ? follow_page_mask+0x1cf0/0x1cf0 [ 747.109245][T23243] ? __mm_populate+0x270/0x380 [ 747.114008][T23243] ? __kasan_check_write+0x14/0x20 [ 747.119114][T23243] ? down_read+0x109/0x430 [ 747.123528][T23243] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 747.129779][T23243] populate_vma_page_range+0x20d/0x2a0 [ 747.135244][T23243] __mm_populate+0x204/0x380 [ 747.139823][T23243] ? populate_vma_page_range+0x2a0/0x2a0 [ 747.145441][T23243] ? __kasan_check_write+0x14/0x20 [ 747.150537][T23243] ? up_write+0x155/0x490 [ 747.154853][T23243] ? ns_capable_common+0x93/0x100 [ 747.159867][T23243] __x64_sys_mlockall+0x473/0x520 [ 747.164894][T23243] do_syscall_64+0xfa/0x760 [ 747.169394][T23243] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 747.175271][T23243] RIP: 0033:0x459879 [ 747.179158][T23243] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 747.198765][T23243] RSP: 002b:00007f4e2a8ebc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 747.207176][T23243] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 747.215131][T23243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 747.223088][T23243] RBP: 000000000075c070 R08: 0000000000000000 R09: 0000000000000000 [ 747.231046][T23243] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a8ec6d4 [ 747.239000][T23243] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 747.246977][ T1065] CPU: 1 PID: 1065 Comm: oom_reaper Not tainted 5.3.0-rc6-next-20190830 #75 [ 747.255648][ T1065] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 747.265699][ T1065] Call Trace: [ 747.268992][ T1065] dump_stack+0x172/0x1f0 [ 747.273318][ T1065] __lock_acquire.cold+0x15d/0x385 [ 747.278432][ T1065] ? mark_held_locks+0xf0/0xf0 [ 747.283192][ T1065] ? unmap_page_range+0x1df4/0x2380 [ 747.288387][ T1065] lock_acquire+0x190/0x410 [ 747.292890][ T1065] ? __mmu_notifier_invalidate_range_start+0x210/0x210 [ 747.299736][ T1065] __mmu_notifier_invalidate_range_end+0x3c/0x360 [ 747.306151][ T1065] ? __mmu_notifier_invalidate_range_start+0x210/0x210 [ 747.313001][ T1065] ? __mmu_notifier_invalidate_range_start+0x1a5/0x210 [ 747.319856][ T1065] __oom_reap_task_mm+0x3fa/0x490 [ 747.324880][ T1065] ? process_shares_mm+0x130/0x130 [ 747.329985][ T1065] ? oom_reaper+0x3a7/0x1320 [ 747.334675][ T1065] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 747.340915][ T1065] ? rcu_read_lock_sched_held+0x9c/0xd0 [ 747.346453][ T1065] ? rcu_read_lock_any_held.part.0+0x50/0x50 [ 747.352423][ T1065] ? __kasan_check_read+0x11/0x20 [ 747.357437][ T1065] ? do_raw_spin_unlock+0x57/0x270 [ 747.362544][ T1065] oom_reaper+0x2b2/0x1320 [ 747.366952][ T1065] ? __oom_reap_task_mm+0x490/0x490 [ 747.372147][ T1065] ? trace_hardirqs_on+0x67/0x240 [ 747.377171][ T1065] ? finish_wait+0x260/0x260 [ 747.381764][ T1065] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 747.388005][ T1065] ? __kthread_parkme+0x108/0x1c0 [ 747.393040][ T1065] ? __kasan_check_read+0x11/0x20 [ 747.398068][ T1065] kthread+0x361/0x430 [ 747.402136][ T1065] ? __oom_reap_task_mm+0x490/0x490 [ 747.407330][ T1065] ? kthread_cancel_delayed_work_sync+0x20/0x20 [ 747.413573][ T1065] ret_from_fork+0x24/0x30 [ 747.523005][ T1065] oom_reaper: reaped process 23215 (syz-executor.2), now anon-rss:17156kB, file-rss:54332kB, shmem-rss:0kB [ 747.534633][T23243] memory: usage 307200kB, limit 307200kB, failcnt 2145 [ 747.544186][T23243] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 747.551414][T23243] Memory cgroup stats for /syz1: [ 747.551535][T23243] anon 298618880 [ 747.551535][T23243] file 122880 [ 747.551535][T23243] kernel_stack 917504 [ 747.551535][T23243] slab 10969088 [ 747.551535][T23243] sock 0 [ 747.551535][T23243] shmem 61440 [ 747.551535][T23243] file_mapped 0 [ 747.551535][T23243] file_dirty 0 [ 747.551535][T23243] file_writeback 0 [ 747.551535][T23243] anon_thp 125829120 [ 747.551535][T23243] inactive_anon 253407232 [ 747.551535][T23243] active_anon 5578752 [ 747.551535][T23243] inactive_file 90112 [ 747.551535][T23243] active_file 135168 [ 747.551535][T23243] unevictable 39481344 [ 747.551535][T23243] slab_reclaimable 5677056 [ 747.551535][T23243] slab_unreclaimable 5292032 [ 747.551535][T23243] pgfault 245388 06:29:59 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x10f, 0x0) 06:29:59 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x0, 0x0, &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:29:59 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 747.551535][T23243] pgmajfault 0 [ 747.551535][T23243] workingset_refault 33 [ 747.551535][T23243] workingset_activate 0 [ 747.551535][T23243] workingset_nodereclaim 0 [ 747.551535][T23243] pgrefill 441 [ 747.551535][T23243] pgscan 4553 [ 747.551535][T23243] pgsteal 4166 [ 747.614564][ T3890] kobject: 'loop2' (000000008e5a3901): kobject_uevent_env 06:29:59 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r1, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r1) getpeername$tipc(r1, &(0x7f00000003c0)=@id, &(0x7f0000000440)=0x10) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e01685c97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) mlockall(0x1) r4 = creat(&(0x7f0000000280)='./file0\x00', 0x1) write$binfmt_script(r4, &(0x7f00000002c0)=ANY=[@ANYBLOB="01"], 0x1) close(r4) ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000340)={0x0, 0x0}) ioctl$DRM_IOCTL_GEM_FLINK(r4, 0xc008640a, &(0x7f0000000380)={0x0, r5}) r6 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r6, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") ioctl$GIO_FONT(r0, 0x4b60, &(0x7f0000000280)=""/172) r7 = syz_open_dev$char_usb(0xc, 0xb4, 0x80) sendfile(r6, r7, &(0x7f0000000140), 0x3) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 747.671918][ T3890] kobject: 'loop2' (000000008e5a3901): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 747.675437][T23243] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=23226,uid=0 [ 747.698213][T23250] kobject: 'bond530' (0000000055b230f4): kobject_add_internal: parent: 'net', set: 'devices' [ 747.712366][T23250] kobject: 'bond530' (0000000055b230f4): kobject_uevent_env [ 747.726935][T23250] kobject: 'bond530' (0000000055b230f4): fill_kobj_path: path = '/devices/virtual/net/bond530' [ 747.740139][T23250] kobject: 'queues' (000000003b174a6d): kobject_add_internal: parent: 'bond530', set: '' [ 747.741054][T23243] Memory cgroup out of memory: Killed process 23226 (syz-executor.1) total-vm:72832kB, anon-rss:18120kB, file-rss:54332kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 747.751188][T23250] kobject: 'queues' (000000003b174a6d): kobject_uevent_env [ 747.777333][T23250] kobject: 'queues' (000000003b174a6d): kobject_uevent_env: filter function caused the event to drop! [ 747.780401][T23221] syz-executor.3 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 747.788582][T23250] kobject: 'rx-0' (000000002eb550ed): kobject_add_internal: parent: 'queues', set: 'queues' [ 747.809167][T23250] kobject: 'rx-0' (000000002eb550ed): kobject_uevent_env [ 747.817264][T23250] kobject: 'rx-0' (000000002eb550ed): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-0' [ 747.831706][T23250] kobject: 'rx-1' (00000000aea292bb): kobject_add_internal: parent: 'queues', set: 'queues' [ 747.837875][T23221] CPU: 0 PID: 23221 Comm: syz-executor.3 Not tainted 5.3.0-rc6-next-20190830 #75 [ 747.842462][T23250] kobject: 'rx-1' (00000000aea292bb): kobject_uevent_env [ 747.850866][T23221] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 747.850871][T23221] Call Trace: [ 747.850890][T23221] dump_stack+0x172/0x1f0 [ 747.850907][T23221] dump_header+0x177/0x1152 [ 747.850918][T23221] ? ___ratelimit+0xf8/0x595 [ 747.850930][T23221] ? trace_hardirqs_on+0x67/0x240 [ 747.850942][T23221] ? pagefault_out_of_memory+0x11c/0x11c [ 747.850955][T23221] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 747.850970][T23221] ? ___ratelimit+0x60/0x595 [ 747.871784][T23250] kobject: 'rx-1' (00000000aea292bb): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-1' [ 747.875576][T23221] ? do_raw_spin_unlock+0x57/0x270 [ 747.875593][T23221] oom_kill_process.cold+0x10/0x15 [ 747.875608][T23221] out_of_memory+0x334/0x1340 [ 747.891235][T23250] kobject: 'rx-2' (0000000079279108): kobject_add_internal: parent: 'queues', set: 'queues' [ 747.895271][T23221] ? lock_downgrade+0x920/0x920 [ 747.895287][T23221] ? oom_killer_disable+0x280/0x280 [ 747.895306][T23221] mem_cgroup_out_of_memory+0x1d8/0x240 [ 747.914728][T23250] kobject: 'rx-2' (0000000079279108): kobject_uevent_env [ 747.916732][T23221] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 747.916752][T23221] ? do_raw_spin_unlock+0x57/0x270 [ 747.931143][T23250] kobject: 'rx-2' (0000000079279108): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-2' [ 747.931605][T23221] ? _raw_spin_unlock+0x2d/0x50 [ 747.956319][T23250] kobject: 'rx-3' (00000000465da6ec): kobject_add_internal: parent: 'queues', set: 'queues' [ 747.957164][T23221] try_charge+0xf4b/0x1440 [ 747.972198][T23250] kobject: 'rx-3' (00000000465da6ec): kobject_uevent_env [ 747.974865][T23221] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 747.974877][T23221] ? percpu_ref_tryget_live+0x111/0x290 [ 747.974895][T23221] ? get_mem_cgroup_from_mm+0x16/0x320 [ 747.986174][T23250] kobject: 'rx-3' (00000000465da6ec): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-3' [ 747.990824][T23221] ? get_mem_cgroup_from_mm+0x156/0x320 [ 747.990840][T23221] mem_cgroup_try_charge+0x136/0x590 [ 747.990855][T23221] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 747.990872][T23221] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 748.001172][T23250] kobject: 'rx-4' (000000008e432c1d): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.005319][T23221] wp_page_copy+0x41e/0x1590 06:30:00 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 748.005338][T23221] ? page_trans_huge_mapcount+0x166/0x450 [ 748.005355][T23221] ? pmd_pfn+0x1d0/0x1d0 [ 748.012519][T23250] kobject: 'rx-4' (000000008e432c1d): kobject_uevent_env [ 748.017880][T23221] ? lock_downgrade+0x920/0x920 [ 748.017896][T23221] ? swp_swapcount+0x540/0x540 [ 748.017910][T23221] ? __kasan_check_read+0x11/0x20 [ 748.017925][T23221] ? do_raw_spin_unlock+0x57/0x270 [ 748.023558][T23250] kobject: 'rx-4' (000000008e432c1d): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-4' [ 748.028878][T23221] do_wp_page+0x499/0x14d0 [ 748.028895][T23221] ? finish_mkwrite_fault+0x570/0x570 [ 748.028912][T23221] __handle_mm_fault+0x22f1/0x3f20 [ 748.028926][T23221] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 748.028942][T23221] ? __kasan_check_read+0x11/0x20 [ 748.040203][T23250] kobject: 'rx-5' (00000000ada2ddeb): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.045535][T23221] ? do_raw_spin_unlock+0x57/0x270 [ 748.045555][T23221] ? trace_hardirqs_on+0x67/0x240 [ 748.045573][T23221] handle_mm_fault+0x1b5/0x6c0 [ 748.051503][T23250] kobject: 'rx-5' (00000000ada2ddeb): kobject_uevent_env [ 748.057057][T23221] __get_user_pages+0x7d4/0x1b30 [ 748.057072][T23221] ? mark_held_locks+0xf0/0xf0 [ 748.057087][T23221] ? follow_page_mask+0x1cf0/0x1cf0 [ 748.057097][T23221] ? __mm_populate+0x270/0x380 [ 748.057113][T23221] ? __kasan_check_write+0x14/0x20 [ 748.057127][T23221] ? down_read+0x109/0x430 [ 748.057143][T23221] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 748.057158][T23221] populate_vma_page_range+0x20d/0x2a0 [ 748.057173][T23221] __mm_populate+0x204/0x380 [ 748.057187][T23221] ? populate_vma_page_range+0x2a0/0x2a0 [ 748.057198][T23221] ? __kasan_check_write+0x14/0x20 [ 748.057206][T23221] ? up_write+0x155/0x490 [ 748.057223][T23221] ? ns_capable_common+0x93/0x100 [ 748.063063][T23250] kobject: 'rx-5' (00000000ada2ddeb): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-5' [ 748.072879][T23221] __x64_sys_mlockall+0x473/0x520 [ 748.072895][T23221] do_syscall_64+0xfa/0x760 [ 748.072912][T23221] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 748.072921][T23221] RIP: 0033:0x459879 [ 748.072933][T23221] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 748.072945][T23221] RSP: 002b:00007fc0ba528c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 748.077708][T23250] kobject: 'rx-6' (00000000a4f9c7ab): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.083204][T23221] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 748.083212][T23221] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 748.083220][T23221] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 748.083227][T23221] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fc0ba5296d4 [ 748.083240][T23221] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 748.087599][T23250] kobject: 'rx-6' (00000000a4f9c7ab): kobject_uevent_env [ 748.101474][T23221] memory: usage 307200kB, limit 307200kB, failcnt 5742 [ 748.108215][T23250] kobject: 'rx-6' (00000000a4f9c7ab): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-6' [ 748.112684][T23221] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 748.114527][T23250] kobject: 'rx-7' (0000000001a9b7ec): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.129388][ T3890] kobject: 'loop1' (00000000555da25a): kobject_uevent_env [ 748.132416][T23250] kobject: 'rx-7' (0000000001a9b7ec): kobject_uevent_env [ 748.135374][ T3890] kobject: 'loop1' (00000000555da25a): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 748.195037][T23221] Memory cgroup stats for /syz3: [ 748.195144][T23221] anon 285302784 [ 748.195144][T23221] file 0 [ 748.195144][T23221] kernel_stack 983040 [ 748.195144][T23221] slab 8142848 [ 748.195144][T23221] sock 0 [ 748.195144][T23221] shmem 0 [ 748.195144][T23221] file_mapped 0 [ 748.195144][T23221] file_dirty 0 [ 748.195144][T23221] file_writeback 0 [ 748.195144][T23221] anon_thp 190840832 [ 748.195144][T23221] inactive_anon 234012672 [ 748.195144][T23221] active_anon 18223104 [ 748.195144][T23221] inactive_file 0 [ 748.195144][T23221] active_file 0 [ 748.195144][T23221] unevictable 33226752 [ 748.195144][T23221] slab_reclaimable 1351680 [ 748.195144][T23221] slab_unreclaimable 6791168 [ 748.195144][T23221] pgfault 839718 [ 748.195144][T23221] pgmajfault 0 [ 748.195144][T23221] workingset_refault 132 [ 748.195144][T23221] workingset_activate 66 [ 748.195144][T23221] workingset_nodereclaim 0 [ 748.195144][T23221] pgrefill 895 [ 748.195144][T23221] pgscan 898 [ 748.195144][T23221] pgsteal 165 [ 748.209755][T23250] kobject: 'rx-7' (0000000001a9b7ec): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-7' [ 748.229238][T23221] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz3,mems_allowed=0-1,oom_memcg=/syz3,task_memcg=/syz3,task=syz-executor.3,pid=23218,uid=0 [ 748.240183][T23250] kobject: 'rx-8' (000000009b1d6c80): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.244461][T23221] Memory cgroup out of memory: Killed process 23221 (syz-executor.3) total-vm:72832kB, anon-rss:18232kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 748.250097][T23250] kobject: 'rx-8' (000000009b1d6c80): kobject_uevent_env [ 748.261368][T23257] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 748.267948][ T1065] oom_reaper: reaped process 23221 (syz-executor.3), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 748.273883][T23257] CPU: 0 PID: 23257 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 748.276475][T23250] kobject: 'rx-8' (000000009b1d6c80): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-8' [ 748.279877][T23257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 748.279882][T23257] Call Trace: [ 748.279901][T23257] dump_stack+0x172/0x1f0 [ 748.279918][T23257] dump_header+0x177/0x1152 [ 748.279931][T23257] ? ___ratelimit+0xf8/0x595 [ 748.279945][T23257] ? trace_hardirqs_on+0x67/0x240 [ 748.279959][T23257] ? pagefault_out_of_memory+0x11c/0x11c [ 748.279979][T23257] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 748.301895][T23250] kobject: 'rx-9' (0000000047845890): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.307933][T23257] ? ___ratelimit+0x60/0x595 [ 748.307945][T23257] ? do_raw_spin_unlock+0x57/0x270 [ 748.307960][T23257] oom_kill_process.cold+0x10/0x15 [ 748.307976][T23257] out_of_memory+0x334/0x1340 [ 748.320467][T23250] kobject: 'rx-9' (0000000047845890): kobject_uevent_env [ 748.325956][T23257] ? lock_downgrade+0x920/0x920 [ 748.325971][T23257] ? oom_killer_disable+0x280/0x280 [ 748.325989][T23257] ? __kasan_check_read+0x11/0x20 [ 748.334038][T23250] kobject: 'rx-9' (0000000047845890): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-9' 06:30:00 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x45c2650de9d3fbfb) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) 06:30:00 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20ncci\x00', 0x101200, 0x0) write$P9_RWALK(r1, &(0x7f0000000200)={0x3d, 0x6f, 0x1, {0x4, [{0x4, 0x4, 0x2}, {0xcc, 0x4, 0x4}, {0x4, 0x3}, {0x30, 0x4, 0x1}]}}, 0x3d) r2 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r2, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r3, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) [ 748.341886][T23257] mem_cgroup_out_of_memory+0x1d8/0x240 [ 748.341901][T23257] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 748.341916][T23257] ? do_raw_spin_unlock+0x57/0x270 [ 748.341932][T23257] ? _raw_spin_unlock+0x2d/0x50 [ 748.341945][T23257] try_charge+0xf4b/0x1440 [ 748.341965][T23257] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 748.352218][T23250] kobject: 'rx-10' (0000000059803a4b): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.357864][T23257] ? percpu_ref_tryget_live+0x111/0x290 [ 748.357879][T23257] ? get_mem_cgroup_from_mm+0x16/0x320 [ 748.357897][T23257] ? get_mem_cgroup_from_mm+0x156/0x320 [ 748.357911][T23257] mem_cgroup_try_charge+0x136/0x590 [ 748.357931][T23257] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 748.365024][T23250] kobject: 'rx-10' (0000000059803a4b): kobject_uevent_env [ 748.371746][T23257] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 748.371764][T23257] __handle_mm_fault+0x1e34/0x3f20 [ 748.371781][T23257] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 748.371794][T23257] ? __kasan_check_read+0x11/0x20 [ 748.371805][T23257] ? do_raw_spin_unlock+0x57/0x270 [ 748.371823][T23257] ? trace_hardirqs_on+0x67/0x240 [ 748.385143][T23250] kobject: 'rx-10' (0000000059803a4b): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-10' [ 748.389717][T23257] handle_mm_fault+0x1b5/0x6c0 [ 748.389733][T23257] __get_user_pages+0x7d4/0x1b30 [ 748.389752][T23257] ? mark_held_locks+0xf0/0xf0 [ 748.402139][T23250] kobject: 'rx-11' (000000002dcdb8ad): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.406868][T23257] ? follow_page_mask+0x1cf0/0x1cf0 [ 748.406878][T23257] ? __mm_populate+0x270/0x380 [ 748.406895][T23257] ? __kasan_check_write+0x14/0x20 [ 748.414037][T23250] kobject: 'rx-11' (000000002dcdb8ad): kobject_uevent_env [ 748.424007][T23257] ? down_read+0x109/0x430 [ 748.424025][T23257] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 748.424039][T23257] populate_vma_page_range+0x20d/0x2a0 [ 748.424055][T23257] __mm_populate+0x204/0x380 [ 748.424069][T23257] ? populate_vma_page_range+0x2a0/0x2a0 [ 748.424086][T23257] ? __kasan_check_write+0x14/0x20 [ 748.431255][T23250] kobject: 'rx-11' (000000002dcdb8ad): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-11' [ 748.517329][T23257] ? up_write+0x155/0x490 [ 748.517342][T23257] ? ns_capable_common+0x93/0x100 [ 748.517362][T23257] __x64_sys_mlockall+0x473/0x520 [ 748.517378][T23257] do_syscall_64+0xfa/0x760 [ 748.517396][T23257] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 748.517406][T23257] RIP: 0033:0x459879 [ 748.517421][T23257] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 748.517427][T23257] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 748.517439][T23257] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 748.517446][T23257] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 748.517455][T23257] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 748.517462][T23257] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 748.517469][T23257] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 748.534982][T23257] memory: usage 307200kB, limit 307200kB, failcnt 6383 [ 748.637058][T23250] kobject: 'rx-12' (00000000791a073b): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.639737][T23257] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 748.643676][T23250] kobject: 'rx-12' (00000000791a073b): kobject_uevent_env [ 748.647948][T23257] Memory cgroup stats for /syz2: [ 748.648044][T23257] anon 302395392 [ 748.648044][T23257] file 28672 [ 748.648044][T23257] kernel_stack 917504 [ 748.648044][T23257] slab 6549504 [ 748.648044][T23257] sock 0 [ 748.648044][T23257] shmem 0 [ 748.648044][T23257] file_mapped 0 [ 748.648044][T23257] file_dirty 0 [ 748.648044][T23257] file_writeback 0 [ 748.648044][T23257] anon_thp 224395264 [ 748.648044][T23257] inactive_anon 252788736 [ 748.648044][T23257] active_anon 11968512 [ 748.648044][T23257] inactive_file 0 [ 748.648044][T23257] active_file 0 [ 748.648044][T23257] unevictable 37945344 [ 748.648044][T23257] slab_reclaimable 1351680 [ 748.648044][T23257] slab_unreclaimable 5197824 [ 748.648044][T23257] pgfault 839520 [ 748.648044][T23257] pgmajfault 0 [ 748.648044][T23257] workingset_refault 198 [ 748.648044][T23257] workingset_activate 66 [ 748.648044][T23257] workingset_nodereclaim 0 [ 748.648044][T23257] pgrefill 1664 [ 748.648044][T23257] pgscan 1858 [ 748.648044][T23257] pgsteal 231 [ 748.724857][T23250] kobject: 'rx-12' (00000000791a073b): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-12' [ 748.728563][ T3890] kobject: 'loop3' (00000000547b5d7d): kobject_uevent_env [ 748.740967][T23250] kobject: 'rx-13' (000000005bd4b12c): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.744003][ T3890] kobject: 'loop3' (00000000547b5d7d): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 748.760486][T23250] kobject: 'rx-13' (000000005bd4b12c): kobject_uevent_env [ 748.775735][T23257] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23229,uid=0 [ 748.793669][T23250] kobject: 'rx-13' (000000005bd4b12c): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-13' [ 748.811505][T23257] Memory cgroup out of memory: Killed process 23229 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 748.815264][T23250] kobject: 'rx-14' (00000000ea980a47): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.851871][T23263] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 748.859864][T23250] kobject: 'rx-14' (00000000ea980a47): kobject_uevent_env [ 748.877483][T23263] CPU: 0 PID: 23263 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 748.885306][T23250] kobject: 'rx-14' (00000000ea980a47): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-14' [ 748.886959][T23263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 748.886964][T23263] Call Trace: [ 748.886984][T23263] dump_stack+0x172/0x1f0 [ 748.887003][T23263] dump_header+0x177/0x1152 [ 748.894783][T23250] kobject: 'rx-15' (00000000f27b1c24): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.898488][T23263] ? ___ratelimit+0xf8/0x595 [ 748.898503][T23263] ? trace_hardirqs_on+0x67/0x240 [ 748.898519][T23263] ? pagefault_out_of_memory+0x11c/0x11c [ 748.898534][T23263] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 748.898545][T23263] ? ___ratelimit+0x60/0x595 [ 748.898557][T23263] ? do_raw_spin_unlock+0x57/0x270 [ 748.898569][T23263] oom_kill_process.cold+0x10/0x15 [ 748.898585][T23263] out_of_memory+0x334/0x1340 [ 748.907526][T23250] kobject: 'rx-15' (00000000f27b1c24): kobject_uevent_env [ 748.910244][T23263] ? lock_downgrade+0x920/0x920 [ 748.910267][T23263] ? oom_killer_disable+0x280/0x280 [ 748.914919][T23250] kobject: 'rx-15' (00000000f27b1c24): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/rx-15' [ 748.920518][T23263] ? __kasan_check_read+0x11/0x20 [ 748.920537][T23263] mem_cgroup_out_of_memory+0x1d8/0x240 [ 748.920550][T23263] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 748.920565][T23263] ? do_raw_spin_unlock+0x57/0x270 [ 748.920584][T23263] ? _raw_spin_unlock+0x2d/0x50 [ 748.920599][T23263] try_charge+0xf4b/0x1440 [ 748.920615][T23263] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 748.920626][T23263] ? percpu_ref_tryget_live+0x111/0x290 [ 748.920639][T23263] ? get_mem_cgroup_from_mm+0x16/0x320 [ 748.920658][T23263] ? get_mem_cgroup_from_mm+0x156/0x320 [ 748.920670][T23263] mem_cgroup_try_charge+0x136/0x590 [ 748.920684][T23263] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 748.920698][T23263] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 748.920713][T23263] __handle_mm_fault+0x1e34/0x3f20 [ 748.920727][T23263] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 748.920742][T23263] ? __kasan_check_read+0x11/0x20 [ 748.928778][T23250] kobject: 'tx-0' (00000000259450a3): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.937091][T23263] ? do_raw_spin_unlock+0x57/0x270 [ 748.937115][T23263] ? trace_hardirqs_on+0x67/0x240 [ 748.943040][T23250] kobject: 'tx-0' (00000000259450a3): kobject_uevent_env [ 748.946512][T23263] handle_mm_fault+0x1b5/0x6c0 [ 748.946526][T23263] __get_user_pages+0x7d4/0x1b30 [ 748.946543][T23263] ? mark_held_locks+0xf0/0xf0 [ 748.953048][T23250] kobject: 'tx-0' (00000000259450a3): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-0' [ 748.956026][T23263] ? follow_page_mask+0x1cf0/0x1cf0 [ 748.956035][T23263] ? __mm_populate+0x270/0x380 [ 748.956053][T23263] ? __kasan_check_write+0x14/0x20 [ 748.963647][T23250] kobject: 'tx-1' (00000000af430c79): kobject_add_internal: parent: 'queues', set: 'queues' [ 748.965799][T23263] ? down_read+0x109/0x430 [ 748.965814][T23263] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 748.965832][T23263] populate_vma_page_range+0x20d/0x2a0 [ 748.988295][T23250] kobject: 'tx-1' (00000000af430c79): kobject_uevent_env [ 748.993806][T23263] __mm_populate+0x204/0x380 [ 748.993821][T23263] ? populate_vma_page_range+0x2a0/0x2a0 [ 748.993837][T23263] ? __kasan_check_write+0x14/0x20 [ 749.003669][T23250] kobject: 'tx-1' (00000000af430c79): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-1' [ 749.009738][T23263] ? up_write+0x155/0x490 [ 749.009750][T23263] ? ns_capable_common+0x93/0x100 06:30:01 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = creat(&(0x7f0000000000)='./bus\x00', 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000280)={'bcsf0\x00'}) socket$inet(0x10, 0x0, 0x0) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) write$UHID_CREATE2(r0, &(0x7f00000002c0)={0xb, 'syz0\x00', 'syz0\x00', 'syz1\x00', 0x0, 0x200000000001f, 0xfff, 0x6, 0xd336, 0x1000000000004}, 0x118) fanotify_init(0x2, 0x40000) close(r1) r2 = socket$netlink(0x10, 0x3, 0xa) connect$netlink(r2, &(0x7f0000000000)=@kern={0x10, 0x0, 0x0, 0x14800008}, 0xc) r3 = open(&(0x7f00000000c0)='./bus\x00', 0x800000141042, 0x0) ftruncate(r3, 0x200006) sendfile(r1, r3, 0x0, 0x8000fffffffe) r4 = syz_open_dev$adsp(0x0, 0x0, 0x20100) ioctl$DRM_IOCTL_MODE_SETCRTC(r4, 0xc06864a2, &(0x7f00000000c0)={&(0x7f0000000040)=[0x8001, 0x7, 0x0, 0x7ff, 0x7, 0x0], 0x6, 0x7ff, 0xb786, 0x3, 0x20, 0x0, {0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7efdb587, 0x0, 0x4430, 0x5, 0x81, 0x0, 0xad, 0x0, "e7b6692e5bc6d9f386b35755d02e52ac7247d3de2f614b84ffa15bd7c1e27bed"}}) r5 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r5, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000440)=ANY=[@ANYBLOB="090000006f020000004583e08a31c97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a680c885e8bf1e3965e3cb229961f82c4730da6b31ec3fca6be8ec05cd91cde8c49f6a8068500aac9119ee69e7bbf6f7567ce540a26d5ef8dc6b9f7b98dcf9e9f85defb552474e892a7ab896eba2181a2d8a0f223e50989981084c88c43974227be5aa65"], 0x9) r6 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r6, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) [ 749.009767][T23263] __x64_sys_mlockall+0x473/0x520 [ 749.009783][T23263] do_syscall_64+0xfa/0x760 [ 749.009800][T23263] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 749.009815][T23263] RIP: 0033:0x459879 [ 749.020412][T23250] kobject: 'tx-2' (00000000ac65925a): kobject_add_internal: parent: 'queues', set: 'queues' [ 749.025736][T23263] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 749.025743][T23263] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 749.025755][T23263] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 749.025768][T23263] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 749.034206][T23250] kobject: 'tx-2' (00000000ac65925a): kobject_uevent_env [ 749.040533][T23263] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 749.040541][T23263] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 749.040549][T23263] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 749.315737][T23263] memory: usage 307200kB, limit 307200kB, failcnt 2156 [ 749.320549][T23250] kobject: 'tx-2' (00000000ac65925a): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-2' [ 749.333083][T23263] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 749.334715][T23250] kobject: 'tx-3' (0000000017361410): kobject_add_internal: parent: 'queues', set: 'queues' [ 749.342605][T23263] Memory cgroup stats for /syz1: [ 749.342812][T23263] anon 298778624 [ 749.342812][T23263] file 122880 [ 749.342812][T23263] kernel_stack 851968 [ 749.342812][T23263] slab 10969088 [ 749.342812][T23263] sock 0 [ 749.342812][T23263] shmem 61440 [ 749.342812][T23263] file_mapped 0 [ 749.342812][T23263] file_dirty 0 [ 749.342812][T23263] file_writeback 0 [ 749.342812][T23263] anon_thp 134217728 [ 749.342812][T23263] inactive_anon 258949120 [ 749.342812][T23263] active_anon 5578752 [ 749.342812][T23263] inactive_file 90112 [ 749.342812][T23263] active_file 135168 [ 749.342812][T23263] unevictable 34328576 [ 749.342812][T23263] slab_reclaimable 5677056 [ 749.342812][T23263] slab_unreclaimable 5292032 [ 749.342812][T23263] pgfault 246675 [ 749.342812][T23263] pgmajfault 0 [ 749.342812][T23263] workingset_refault 33 [ 749.342812][T23263] workingset_activate 0 [ 749.342812][T23263] workingset_nodereclaim 0 [ 749.342812][T23263] pgrefill 509 [ 749.342812][T23263] pgscan 4621 [ 749.342812][T23263] pgsteal 4166 [ 749.345421][T23250] kobject: 'tx-3' (0000000017361410): kobject_uevent_env [ 749.352327][T23263] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=23242,uid=0 [ 749.355798][T23250] kobject: 'tx-3' (0000000017361410): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-3' [ 749.361734][T23263] Memory cgroup out of memory: Killed process 23242 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 749.371628][T23250] kobject: 'tx-4' (000000004c3429db): kobject_add_internal: parent: 'queues', set: 'queues' [ 749.503379][ T1065] oom_reaper: reaped process 23242 (syz-executor.1), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 749.527485][T23250] kobject: 'tx-4' (000000004c3429db): kobject_uevent_env [ 749.696835][ T3890] kobject: 'loop3' (00000000547b5d7d): kobject_uevent_env [ 749.705445][T23250] kobject: 'tx-4' (000000004c3429db): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-4' [ 749.726265][ T3890] kobject: 'loop3' (00000000547b5d7d): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 749.784842][T23250] kobject: 'tx-5' (000000000e9f87c0): kobject_add_internal: parent: 'queues', set: 'queues' [ 749.987266][T23255] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 750.002651][T23250] kobject: 'tx-5' (000000000e9f87c0): kobject_uevent_env [ 750.009991][T23250] kobject: 'tx-5' (000000000e9f87c0): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-5' [ 750.021379][T23250] kobject: 'tx-6' (0000000042cead71): kobject_add_internal: parent: 'queues', set: 'queues' [ 750.031759][T23250] kobject: 'tx-6' (0000000042cead71): kobject_uevent_env [ 750.039241][T23250] kobject: 'tx-6' (0000000042cead71): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-6' [ 750.040663][T23255] CPU: 0 PID: 23255 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 750.050825][T23250] kobject: 'tx-7' (000000007216846c): kobject_add_internal: parent: 'queues', set: 'queues' [ 750.059544][T23255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 750.059549][T23255] Call Trace: [ 750.059568][T23255] dump_stack+0x172/0x1f0 [ 750.059584][T23255] dump_header+0x177/0x1152 [ 750.059596][T23255] ? ___ratelimit+0xf8/0x595 [ 750.059613][T23255] ? trace_hardirqs_on+0x67/0x240 [ 750.069967][T23250] kobject: 'tx-7' (000000007216846c): kobject_uevent_env [ 750.079687][T23255] ? pagefault_out_of_memory+0x11c/0x11c [ 750.079702][T23255] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 750.079713][T23255] ? ___ratelimit+0x60/0x595 [ 750.079725][T23255] ? do_raw_spin_unlock+0x57/0x270 [ 750.079742][T23255] oom_kill_process.cold+0x10/0x15 [ 750.083178][T23250] kobject: 'tx-7' (000000007216846c): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-7' [ 750.087306][T23255] out_of_memory+0x334/0x1340 [ 750.087318][T23255] ? lock_downgrade+0x920/0x920 [ 750.087333][T23255] ? oom_killer_disable+0x280/0x280 [ 750.087355][T23255] mem_cgroup_out_of_memory+0x1d8/0x240 [ 750.092032][T23250] kobject: 'tx-8' (00000000f6d9eef2): kobject_add_internal: parent: 'queues', set: 'queues' [ 750.096390][T23255] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 750.096403][T23255] ? do_raw_spin_unlock+0x57/0x270 [ 750.096421][T23255] ? _raw_spin_unlock+0x2d/0x50 [ 750.101692][T23250] kobject: 'tx-8' (00000000f6d9eef2): kobject_uevent_env [ 750.108410][T23255] try_charge+0xf4b/0x1440 [ 750.108429][T23255] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 750.108441][T23255] ? get_mem_cgroup_from_mm+0x139/0x320 [ 750.108457][T23255] ? __kasan_check_read+0x11/0x20 [ 750.114228][T23250] kobject: 'tx-8' (00000000f6d9eef2): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-8' [ 750.119846][T23255] ? lock_downgrade+0x920/0x920 [ 750.119859][T23255] ? percpu_ref_tryget_live+0x111/0x290 [ 750.119875][T23255] __memcg_kmem_charge_memcg+0x71/0xf0 [ 750.119887][T23255] ? memcg_kmem_put_cache+0x50/0x50 [ 750.119905][T23255] ? get_mem_cgroup_from_mm+0x156/0x320 [ 750.124684][T23250] kobject: 'tx-9' (0000000061eeac10): kobject_add_internal: parent: 'queues', set: 'queues' [ 750.129567][T23255] __memcg_kmem_charge+0x13a/0x3a0 [ 750.129582][T23255] __alloc_pages_nodemask+0x4f7/0x900 [ 750.129596][T23255] ? __alloc_pages_slowpath+0x2540/0x2540 [ 750.129606][T23255] ? percpu_ref_put_many+0xb6/0x190 [ 750.129619][T23255] ? trace_hardirqs_on+0x67/0x240 [ 750.129639][T23255] copy_process+0x3f8/0x6830 [ 750.138599][T23250] kobject: 'tx-9' (0000000061eeac10): kobject_uevent_env [ 750.145809][T23255] ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20 [ 750.145828][T23255] ? hrtimer_try_to_cancel+0x8a/0x5e0 [ 750.158171][T23250] kobject: 'tx-9' (0000000061eeac10): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-9' [ 750.160492][T23255] ? __cleanup_sighand+0x60/0x60 [ 750.160507][T23255] ? __kasan_check_write+0x14/0x20 [ 750.160525][T23255] ? rwlock_bug.part.0+0x90/0x90 [ 750.167406][T23250] kobject: 'tx-10' (00000000ed7aae6a): kobject_add_internal: parent: 'queues', set: 'queues' [ 750.176095][T23255] ? debug_object_free+0x59/0x390 [ 750.176111][T23255] _do_fork+0x146/0xfa0 [ 750.176130][T23255] ? copy_init_mm+0x20/0x20 [ 750.190735][T23250] kobject: 'tx-10' (00000000ed7aae6a): kobject_uevent_env [ 750.191689][T23255] ? hrtimer_nanosleep+0x2c9/0x550 [ 750.191706][T23255] ? nanosleep_copyout+0x110/0x110 [ 750.219840][T23250] kobject: 'tx-10' (00000000ed7aae6a): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-10' [ 750.230236][T23255] __x64_sys_clone+0x1ab/0x270 [ 750.230251][T23255] ? __ia32_sys_vfork+0xd0/0xd0 [ 750.230269][T23255] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 750.230287][T23255] ? trace_hardirqs_off_caller+0x65/0x230 [ 750.253830][T23250] kobject: 'tx-11' (000000004f470f7c): kobject_add_internal: parent: 'queues', set: 'queues' [ 750.256783][T23255] ? trace_hardirqs_on+0x67/0x240 [ 750.256802][T23255] do_syscall_64+0xfa/0x760 [ 750.290352][T23250] kobject: 'tx-11' (000000004f470f7c): kobject_uevent_env [ 750.293519][T23255] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 750.293533][T23255] RIP: 0033:0x45c249 [ 750.302556][T23250] kobject: 'tx-11' (000000004f470f7c): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-11' [ 750.305106][T23255] Code: ff 48 85 f6 0f 84 27 8e fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c fe 8d fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 750.305112][T23255] RSP: 002b:00007ffe05a5b988 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 750.316983][T23250] kobject: 'tx-12' (00000000622991b0): kobject_add_internal: parent: 'queues', set: 'queues' [ 750.327761][T23255] RAX: ffffffffffffffda RBX: 00007fe89ccc7700 RCX: 000000000045c249 [ 750.327768][T23255] RDX: 00007fe89ccc79d0 RSI: 00007fe89ccc6db0 RDI: 00000000003d0f00 [ 750.327775][T23255] RBP: 00007ffe05a5bba0 R08: 00007fe89ccc7700 R09: 00007fe89ccc7700 [ 750.327782][T23255] R10: 00007fe89ccc79d0 R11: 0000000000000202 R12: 0000000000000000 [ 750.327789][T23255] R13: 00007ffe05a5ba3f R14: 0000000000020000 R15: 0000555556748db0 [ 750.599679][T23250] kobject: 'tx-12' (00000000622991b0): kobject_uevent_env [ 750.606944][T23250] kobject: 'tx-12' (00000000622991b0): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-12' [ 750.618764][T23250] kobject: 'tx-13' (00000000486ef1af): kobject_add_internal: parent: 'queues', set: 'queues' [ 750.629470][T23250] kobject: 'tx-13' (00000000486ef1af): kobject_uevent_env [ 750.636684][T23250] kobject: 'tx-13' (00000000486ef1af): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-13' [ 750.648652][T23250] kobject: 'tx-14' (00000000cfd15b7a): kobject_add_internal: parent: 'queues', set: 'queues' [ 750.662346][T23250] kobject: 'tx-14' (00000000cfd15b7a): kobject_uevent_env [ 750.667390][T23255] memory: usage 307152kB, limit 307200kB, failcnt 6421 [ 750.671338][T23250] kobject: 'tx-14' (00000000cfd15b7a): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-14' [ 750.676754][T23255] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 750.690043][T23250] kobject: 'tx-15' (0000000023a1e8c6): kobject_add_internal: parent: 'queues', set: 'queues' [ 750.697982][T23255] Memory cgroup stats for /syz2: [ 750.698073][T23255] anon 302292992 [ 750.698073][T23255] file 28672 [ 750.698073][T23255] kernel_stack 983040 [ 750.698073][T23255] slab 6684672 [ 750.698073][T23255] sock 0 [ 750.698073][T23255] shmem 0 [ 750.698073][T23255] file_mapped 0 [ 750.698073][T23255] file_dirty 0 [ 750.698073][T23255] file_writeback 0 [ 750.698073][T23255] anon_thp 213909504 [ 750.698073][T23255] inactive_anon 245239808 [ 750.698073][T23255] active_anon 11968512 [ 750.698073][T23255] inactive_file 0 [ 750.698073][T23255] active_file 0 [ 750.698073][T23255] unevictable 44969984 [ 750.698073][T23255] slab_reclaimable 1351680 [ 750.698073][T23255] slab_unreclaimable 5332992 [ 750.698073][T23255] pgfault 842721 [ 750.698073][T23255] pgmajfault 0 [ 750.698073][T23255] workingset_refault 198 [ 750.698073][T23255] workingset_activate 66 [ 750.698073][T23255] workingset_nodereclaim 0 [ 750.698073][T23255] pgrefill 1829 [ 750.698073][T23255] pgscan 2023 [ 750.698073][T23255] pgsteal 231 06:30:02 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 750.704961][T23250] kobject: 'tx-15' (0000000023a1e8c6): kobject_uevent_env [ 750.718503][T23255] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23255,uid=0 [ 750.799056][T23250] kobject: 'tx-15' (0000000023a1e8c6): fill_kobj_path: path = '/devices/virtual/net/bond530/queues/tx-15' [ 750.833419][T23250] kobject: 'batman_adv' (000000004f966823): kobject_add_internal: parent: 'bond530', set: '' 06:30:02 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x0, 0x0, &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:30:02 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x110, 0x0) [ 750.862411][T23255] Memory cgroup out of memory: Killed process 23255 (syz-executor.2) total-vm:72964kB, anon-rss:18012kB, file-rss:54332kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 06:30:03 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x0, 0x0, &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 750.904596][ T3890] kobject: 'loop4' (0000000098d672ee): kobject_uevent_env [ 750.937573][ T3890] kobject: 'loop4' (0000000098d672ee): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 750.940415][T23517] kobject: 'bond531' (000000003aae6c00): kobject_add_internal: parent: 'net', set: 'devices' [ 750.965173][ T1065] oom_reaper: reaped process 23255 (syz-executor.2), now anon-rss:18200kB, file-rss:54332kB, shmem-rss:0kB [ 750.965203][T23263] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 750.977928][T23517] kobject: 'bond531' (000000003aae6c00): kobject_uevent_env [ 750.997135][T23263] CPU: 1 PID: 23263 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 751.006252][T23263] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 751.016305][T23263] Call Trace: [ 751.019599][T23263] dump_stack+0x172/0x1f0 [ 751.023931][T23263] dump_header+0x177/0x1152 [ 751.028437][T23263] ? ___ratelimit+0xf8/0x595 [ 751.033024][T23263] ? trace_hardirqs_on+0x67/0x240 [ 751.038044][T23263] ? pagefault_out_of_memory+0x11c/0x11c [ 751.043679][T23263] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 751.049489][T23263] ? ___ratelimit+0x60/0x595 [ 751.054080][T23263] ? do_raw_spin_unlock+0x57/0x270 [ 751.059187][T23263] oom_kill_process.cold+0x10/0x15 [ 751.064292][T23263] out_of_memory+0x334/0x1340 [ 751.068963][T23263] ? lock_downgrade+0x920/0x920 [ 751.073811][T23263] ? oom_killer_disable+0x280/0x280 [ 751.079003][T23263] ? __kasan_check_read+0x11/0x20 [ 751.084032][T23263] mem_cgroup_out_of_memory+0x1d8/0x240 [ 751.084771][T23517] kobject: 'bond531' (000000003aae6c00): fill_kobj_path: path = '/devices/virtual/net/bond531' [ 751.089574][T23263] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 751.089589][T23263] ? do_raw_spin_unlock+0x57/0x270 [ 751.089605][T23263] ? _raw_spin_unlock+0x2d/0x50 [ 751.089619][T23263] try_charge+0xf4b/0x1440 [ 751.089643][T23263] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 751.100645][T23517] kobject: 'queues' (00000000c113de21): kobject_add_internal: parent: 'bond531', set: '' [ 751.105548][T23263] ? percpu_ref_tryget_live+0x111/0x290 [ 751.105564][T23263] ? get_mem_cgroup_from_mm+0x16/0x320 [ 751.105586][T23263] ? get_mem_cgroup_from_mm+0x156/0x320 [ 751.110980][T23517] kobject: 'queues' (00000000c113de21): kobject_uevent_env [ 751.115509][T23263] mem_cgroup_try_charge+0x136/0x590 [ 751.115524][T23263] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 751.115540][T23263] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 751.120183][T23517] kobject: 'queues' (00000000c113de21): kobject_uevent_env: filter function caused the event to drop! [ 751.125463][T23263] do_huge_pmd_wp_page_fallback+0x24c/0x1740 [ 751.125482][T23263] ? defrag_store+0x360/0x360 [ 751.125501][T23263] ? lock_downgrade+0x920/0x920 [ 751.136152][T23517] kobject: 'rx-0' (0000000004f19e20): kobject_add_internal: parent: 'queues', set: 'queues' [ 751.141333][T23263] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 751.141349][T23263] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 751.141365][T23263] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 751.141378][T23263] ? alloc_pages_vma+0x122/0x3f0 [ 751.141397][T23263] do_huge_pmd_wp_page+0x7ff/0x2300 [ 751.147357][T23517] kobject: 'rx-0' (0000000004f19e20): kobject_uevent_env [ 751.152363][T23263] ? __split_huge_pmd+0x2810/0x2810 [ 751.152377][T23263] ? release_pages+0xd9a/0x1a50 [ 751.152395][T23263] ? pmd_val+0x85/0x100 [ 751.159706][T23517] kobject: 'rx-0' (0000000004f19e20): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-0' [ 751.164829][T23263] ? add_mm_counter_fast.part.0+0x40/0x40 [ 751.164844][T23263] ? __kasan_check_read+0x11/0x20 [ 751.164862][T23263] __handle_mm_fault+0x14cf/0x3f20 [ 751.171619][T23517] kobject: 'rx-1' (0000000023378988): kobject_add_internal: parent: 'queues', set: 'queues' [ 751.176692][T23263] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 751.176705][T23263] ? __kasan_check_read+0x11/0x20 [ 751.176732][T23263] ? trace_hardirqs_on+0x67/0x240 [ 751.188097][T23517] kobject: 'rx-1' (0000000023378988): kobject_uevent_env [ 751.193607][T23263] handle_mm_fault+0x1b5/0x6c0 [ 751.193622][T23263] __get_user_pages+0x7d4/0x1b30 [ 751.193641][T23263] ? mark_held_locks+0xf0/0xf0 [ 751.198600][T23517] kobject: 'rx-1' (0000000023378988): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-1' [ 751.203120][T23263] ? follow_page_mask+0x1cf0/0x1cf0 [ 751.203130][T23263] ? __mm_populate+0x270/0x380 [ 751.203148][T23263] ? __kasan_check_write+0x14/0x20 [ 751.213524][T23517] kobject: 'rx-2' (000000001ecd4d4d): kobject_add_internal: parent: 'queues', set: 'queues' [ 751.219480][T23263] ? down_read+0x109/0x430 [ 751.219498][T23263] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 751.219519][T23263] populate_vma_page_range+0x20d/0x2a0 [ 751.226040][T23517] kobject: 'rx-2' (000000001ecd4d4d): kobject_uevent_env [ 751.231959][T23263] __mm_populate+0x204/0x380 [ 751.231975][T23263] ? populate_vma_page_range+0x2a0/0x2a0 06:30:03 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000140)='/\x00\x00\x00\x00\x00\xeb\xff\xffcom\x00', 0x268041, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 751.231987][T23263] ? __kasan_check_write+0x14/0x20 [ 751.232003][T23263] ? up_write+0x155/0x490 [ 751.237196][T23517] kobject: 'rx-2' (000000001ecd4d4d): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-2' [ 751.242081][T23263] ? ns_capable_common+0x93/0x100 [ 751.242099][T23263] __x64_sys_mlockall+0x473/0x520 [ 751.242114][T23263] do_syscall_64+0xfa/0x760 [ 751.242134][T23263] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 751.249473][T23517] kobject: 'rx-3' (00000000168c9800): kobject_add_internal: parent: 'queues', set: 'queues' [ 751.254288][T23263] RIP: 0033:0x459879 [ 751.254303][T23263] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 751.254314][T23263] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 751.259598][T23517] kobject: 'rx-3' (00000000168c9800): kobject_uevent_env [ 751.263268][T23263] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 751.263275][T23263] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 751.263283][T23263] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 751.263290][T23263] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 751.263303][T23263] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 751.274856][T23517] kobject: 'rx-3' (00000000168c9800): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-3' [ 751.418582][ T3890] kobject: 'loop2' (000000008e5a3901): kobject_uevent_env 06:30:03 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x8, 0x0, 0x0, 0x0, 0x0, @perf_bp, 0x0, 0x0, 0x5, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) [ 751.428031][T23517] kobject: 'rx-4' (00000000b0929a00): kobject_add_internal: parent: 'queues', set: 'queues' [ 751.455247][ T3890] kobject: 'loop2' (000000008e5a3901): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 751.460336][T23517] kobject: 'rx-4' (00000000b0929a00): kobject_uevent_env [ 751.593063][T23517] kobject: 'rx-4' (00000000b0929a00): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-4' [ 751.604362][T23517] kobject: 'rx-5' (00000000ee828816): kobject_add_internal: parent: 'queues', set: 'queues' [ 751.615220][T23517] kobject: 'rx-5' (00000000ee828816): kobject_uevent_env [ 751.622574][T23517] kobject: 'rx-5' (00000000ee828816): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-5' [ 751.631402][ T3890] kobject: 'loop3' (00000000547b5d7d): kobject_uevent_env [ 751.633886][T23517] kobject: 'rx-6' (00000000f35911e0): kobject_add_internal: parent: 'queues', set: 'queues' [ 751.650991][T23517] kobject: 'rx-6' (00000000f35911e0): kobject_uevent_env [ 751.658086][T23517] kobject: 'rx-6' (00000000f35911e0): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-6' [ 751.665494][ T3890] kobject: 'loop3' (00000000547b5d7d): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 751.669371][T23517] kobject: 'rx-7' (0000000026c3fb46): kobject_add_internal: parent: 'queues', set: 'queues' [ 751.735313][T23517] kobject: 'rx-7' (0000000026c3fb46): kobject_uevent_env [ 751.744787][T23263] memory: usage 300444kB, limit 307200kB, failcnt 2409 06:30:03 executing program 4: mmap(&(0x7f0000011000/0x2000)=nil, 0x2000, 0x4, 0x31, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x0) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000040)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000000c0)={{&(0x7f0000012000/0x2000)=nil, 0x2000}, 0x1}) syz_open_dev$evdev(&(0x7f0000012fee)='/.%v/\x11%put/event#\x00', 0x0, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca50d5e0bcfe47bf070") recvmmsg(0xffffffffffffffff, &(0x7f0000003140)=[{{&(0x7f00000000c0)=@ipx, 0x80, 0x0, 0xfffffff4, 0x0, 0x77}}], 0x1, 0x0, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000080)='fdinfo/3\x00') preadv(r2, &(0x7f00000017c0), 0x111, 0x0) [ 751.776642][T23517] kobject: 'rx-7' (0000000026c3fb46): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-7' [ 751.801129][ T3890] kobject: 'loop4' (0000000098d672ee): kobject_uevent_env [ 751.811007][T23263] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 751.827265][ T3890] kobject: 'loop4' (0000000098d672ee): fill_kobj_path: path = '/devices/virtual/block/loop4' [ 751.828497][T23263] Memory cgroup stats for /syz1: [ 751.828645][T23263] anon 286683136 [ 751.828645][T23263] file 122880 [ 751.828645][T23263] kernel_stack 851968 [ 751.828645][T23263] slab 10473472 [ 751.828645][T23263] sock 0 [ 751.828645][T23263] shmem 61440 [ 751.828645][T23263] file_mapped 0 [ 751.828645][T23263] file_dirty 0 [ 751.828645][T23263] file_writeback 0 [ 751.828645][T23263] anon_thp 134217728 [ 751.828645][T23263] inactive_anon 244469760 [ 751.828645][T23263] active_anon 5578752 [ 751.828645][T23263] inactive_file 90112 [ 751.828645][T23263] active_file 135168 [ 751.828645][T23263] unevictable 36577280 [ 751.828645][T23263] slab_reclaimable 5541888 [ 751.828645][T23263] slab_unreclaimable 4931584 [ 751.828645][T23263] pgfault 249150 [ 751.828645][T23263] pgmajfault 0 [ 751.828645][T23263] workingset_refault 33 [ 751.828645][T23263] workingset_activate 0 [ 751.828645][T23263] workingset_nodereclaim 0 [ 751.828645][T23263] pgrefill 575 [ 751.828645][T23263] pgscan 4654 [ 751.828645][T23263] pgsteal 4166 [ 751.861816][T23263] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=23262,uid=0 [ 751.949622][T23517] kobject: 'rx-8' (0000000013ad3081): kobject_add_internal: parent: 'queues', set: 'queues' [ 751.965846][T23517] kobject: 'rx-8' (0000000013ad3081): kobject_uevent_env [ 751.982971][T23517] kobject: 'rx-8' (0000000013ad3081): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-8' [ 752.009556][T23517] kobject: 'rx-9' (00000000174484f2): kobject_add_internal: parent: 'queues', set: 'queues' [ 752.032029][T23517] kobject: 'rx-9' (00000000174484f2): kobject_uevent_env [ 752.043388][T23517] kobject: 'rx-9' (00000000174484f2): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-9' [ 752.055087][T23517] kobject: 'rx-10' (000000009e84c741): kobject_add_internal: parent: 'queues', set: 'queues' [ 752.065741][T23517] kobject: 'rx-10' (000000009e84c741): kobject_uevent_env [ 752.073337][T23517] kobject: 'rx-10' (000000009e84c741): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-10' [ 752.085138][T23517] kobject: 'rx-11' (000000007dc7d3c1): kobject_add_internal: parent: 'queues', set: 'queues' [ 752.095781][T23517] kobject: 'rx-11' (000000007dc7d3c1): kobject_uevent_env [ 752.103383][T23517] kobject: 'rx-11' (000000007dc7d3c1): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-11' [ 752.122686][T23517] kobject: 'rx-12' (0000000002706826): kobject_add_internal: parent: 'queues', set: 'queues' [ 752.138587][T23517] kobject: 'rx-12' (0000000002706826): kobject_uevent_env [ 752.149195][T23517] kobject: 'rx-12' (0000000002706826): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-12' [ 752.165520][T23517] kobject: 'rx-13' (000000000471faa3): kobject_add_internal: parent: 'queues', set: 'queues' [ 752.176313][T23517] kobject: 'rx-13' (000000000471faa3): kobject_uevent_env [ 752.183897][T23517] kobject: 'rx-13' (000000000471faa3): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-13' [ 752.201809][T23263] Memory cgroup out of memory: Killed process 23263 (syz-executor.1) total-vm:72832kB, anon-rss:18232kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:204800kB oom_score_adj:1000 [ 752.209882][T23517] kobject: 'rx-14' (00000000bd29965e): kobject_add_internal: parent: 'queues', set: 'queues' [ 752.224163][ T1065] oom_reaper: reaped process 23263 (syz-executor.1), now anon-rss:18232kB, file-rss:54332kB, shmem-rss:0kB [ 752.242538][T23529] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 752.247453][T23517] kobject: 'rx-14' (00000000bd29965e): kobject_uevent_env [ 752.259532][T23529] CPU: 0 PID: 23529 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 752.262495][T23517] kobject: 'rx-14' (00000000bd29965e): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-14' [ 752.268898][T23529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 752.268903][T23529] Call Trace: [ 752.268925][T23529] dump_stack+0x172/0x1f0 [ 752.268941][T23529] dump_header+0x177/0x1152 [ 752.268953][T23529] ? ___ratelimit+0xf8/0x595 [ 752.268970][T23529] ? trace_hardirqs_on+0x67/0x240 [ 752.268987][T23529] ? pagefault_out_of_memory+0x11c/0x11c [ 752.283064][T23517] kobject: 'rx-15' (00000000361d253f): kobject_add_internal: parent: 'queues', set: 'queues' [ 752.290283][T23529] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 752.290295][T23529] ? ___ratelimit+0x60/0x595 [ 752.290308][T23529] ? do_raw_spin_unlock+0x57/0x270 [ 752.290323][T23529] oom_kill_process.cold+0x10/0x15 [ 752.290335][T23529] out_of_memory+0x334/0x1340 [ 752.290353][T23529] ? lock_downgrade+0x920/0x920 [ 752.294023][T23517] kobject: 'rx-15' (00000000361d253f): kobject_uevent_env [ 752.297928][T23529] ? oom_killer_disable+0x280/0x280 [ 752.297942][T23529] ? __kasan_check_read+0x11/0x20 [ 752.297961][T23529] mem_cgroup_out_of_memory+0x1d8/0x240 [ 752.297978][T23529] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 752.297993][T23529] ? do_raw_spin_unlock+0x57/0x270 [ 752.298006][T23529] ? _raw_spin_unlock+0x2d/0x50 [ 752.298023][T23529] try_charge+0xf4b/0x1440 [ 752.305094][T23517] kobject: 'rx-15' (00000000361d253f): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/rx-15' [ 752.307071][T23529] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 752.307084][T23529] ? percpu_ref_tryget_live+0x111/0x290 [ 752.307101][T23529] ? get_mem_cgroup_from_mm+0x16/0x320 [ 752.312630][T23517] kobject: 'tx-0' (0000000041d7e15d): kobject_add_internal: parent: 'queues', set: 'queues' [ 752.317801][T23529] ? get_mem_cgroup_from_mm+0x156/0x320 [ 752.317816][T23529] mem_cgroup_try_charge+0x136/0x590 [ 752.317833][T23529] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 752.317847][T23529] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 752.317863][T23529] __handle_mm_fault+0x1e34/0x3f20 [ 752.317881][T23529] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 752.330882][T23517] kobject: 'tx-0' (0000000041d7e15d): kobject_uevent_env [ 752.333800][T23529] ? __kasan_check_read+0x11/0x20 [ 752.333815][T23529] ? do_raw_spin_unlock+0x57/0x270 06:30:04 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r0 = creat(0x0, 0x0) r1 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000280)={0x0, @in={{0x2, 0x4e24, @remote}}, 0x400, 0x3}, &(0x7f0000000140)=0x90) setsockopt$inet_sctp_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000340)=r2, 0x4) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r3 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r3, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r4, 0x5206, &(0x7f0000000400)) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r5, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 752.333836][T23529] ? trace_hardirqs_on+0x67/0x240 [ 752.338833][T23517] kobject: 'tx-0' (0000000041d7e15d): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-0' [ 752.343520][T23529] handle_mm_fault+0x1b5/0x6c0 [ 752.343536][T23529] __get_user_pages+0x7d4/0x1b30 [ 752.343556][T23529] ? mark_held_locks+0xf0/0xf0 [ 752.351504][T23517] kobject: 'tx-1' (000000005f41c5cc): kobject_add_internal: parent: 'queues', set: 'queues' [ 752.353301][T23529] ? follow_page_mask+0x1cf0/0x1cf0 [ 752.353313][T23529] ? __mm_populate+0x270/0x380 [ 752.353330][T23529] ? memset+0x32/0x40 [ 752.358638][T23517] kobject: 'tx-1' (000000005f41c5cc): kobject_uevent_env [ 752.365240][T23529] populate_vma_page_range+0x20d/0x2a0 [ 752.365256][T23529] __mm_populate+0x204/0x380 [ 752.365273][T23529] ? populate_vma_page_range+0x2a0/0x2a0 [ 752.373260][T23517] kobject: 'tx-1' (000000005f41c5cc): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-1' [ 752.375468][T23529] ? up_write+0x1c8/0x490 [ 752.375486][T23529] __x64_sys_mremap+0x7dc/0xb80 [ 752.375503][T23529] ? mremap_to+0x750/0x750 [ 752.381527][T23517] kobject: 'tx-2' (00000000e33c9457): kobject_add_internal: parent: 'queues', set: 'queues' [ 752.386654][T23529] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 752.386667][T23529] ? __x64_sys_clock_gettime+0x16d/0x240 [ 752.386689][T23529] ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe [ 752.394501][T23517] kobject: 'tx-2' (00000000e33c9457): kobject_uevent_env [ 752.396604][T23529] ? trace_hardirqs_off_caller+0x65/0x230 [ 752.396617][T23529] ? trace_hardirqs_on+0x67/0x240 [ 752.396638][T23529] do_syscall_64+0xfa/0x760 [ 752.401391][T23517] kobject: 'tx-2' (00000000e33c9457): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-2' [ 752.412303][T23529] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 752.412314][T23529] RIP: 0033:0x459879 [ 752.412328][T23529] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 752.412335][T23529] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000019 06:30:04 executing program 3: r0 = syz_open_dev$mouse(&(0x7f00000003c0)='/dev/input/mouse#\x00', 0x4, 0x80000) mmap$IORING_OFF_SQES(&(0x7f000037f000/0x1000)=nil, 0x1000, 0x2000002, 0x50, r0, 0x10000000) mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) r1 = creat(0x0, 0x0) r2 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r3 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) preadv(r1, &(0x7f0000000200)=[{&(0x7f0000000280)=""/183, 0xb7}, {&(0x7f0000000340)=""/101, 0x65}], 0x2, 0x48) ioctl$SNDRV_TIMER_IOCTL_INFO(r3, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r4 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r4, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000100)='/dev/sequencer\x00', 0x0, 0x0) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r2, 0x8010743f, &(0x7f0000000140)) [ 752.412345][T23529] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000000459879 [ 752.412352][T23529] RDX: 0000000000800000 RSI: 0000000000002000 RDI: 0000000020a94000 [ 752.412359][T23529] RBP: 000000000075bf20 R08: 0000000020130000 R09: 0000000000000000 [ 752.412366][T23529] R10: 0000000000000003 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 752.412373][T23529] R13: 00000000004c5f0f R14: 00000000004daaf8 R15: 00000000ffffffff [ 752.495940][ T3890] kobject: 'loop1' (00000000555da25a): kobject_uevent_env [ 752.591806][T23529] memory: usage 307200kB, limit 307200kB, failcnt 6466 [ 752.603484][ T3890] kobject: 'loop1' (00000000555da25a): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 752.629611][T23529] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 752.692984][T23517] kobject: 'tx-3' (000000007ddd75e1): kobject_add_internal: parent: 'queues', set: 'queues' [ 752.712735][T23529] Memory cgroup stats for /syz2: [ 752.712831][T23529] anon 302284800 [ 752.712831][T23529] file 28672 [ 752.712831][T23529] kernel_stack 983040 [ 752.712831][T23529] slab 6684672 [ 752.712831][T23529] sock 0 [ 752.712831][T23529] shmem 0 [ 752.712831][T23529] file_mapped 0 [ 752.712831][T23529] file_dirty 0 [ 752.712831][T23529] file_writeback 0 [ 752.712831][T23529] anon_thp 213909504 [ 752.712831][T23529] inactive_anon 243777536 [ 752.712831][T23529] active_anon 11931648 [ 752.712831][T23529] inactive_file 0 [ 752.712831][T23529] active_file 0 [ 752.712831][T23529] unevictable 46866432 [ 752.712831][T23529] slab_reclaimable 1351680 [ 752.712831][T23529] slab_unreclaimable 5332992 [ 752.712831][T23529] pgfault 847902 [ 752.712831][T23529] pgmajfault 0 [ 752.712831][T23529] workingset_refault 198 [ 752.712831][T23529] workingset_activate 66 [ 752.712831][T23529] workingset_nodereclaim 0 [ 752.712831][T23529] pgrefill 1928 [ 752.712831][T23529] pgscan 2122 [ 752.712831][T23529] pgsteal 231 [ 752.722877][ T3890] kobject: 'loop3' (00000000547b5d7d): kobject_uevent_env [ 752.730554][T23529] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23528,uid=0 [ 752.732337][T23517] kobject: 'tx-3' (000000007ddd75e1): kobject_uevent_env [ 752.740708][T23529] Memory cgroup out of memory: Killed process 23528 (syz-executor.2) total-vm:72700kB, anon-rss:16900kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 752.755811][ T3890] kobject: 'loop3' (00000000547b5d7d): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 752.797370][T23517] kobject: 'tx-3' (000000007ddd75e1): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-3' [ 752.935540][ T1065] oom_reaper: reaped process 23528 (syz-executor.2), now anon-rss:17108kB, file-rss:54332kB, shmem-rss:0kB [ 752.947154][T23517] kobject: 'tx-4' (00000000f0cdb496): kobject_add_internal: parent: 'queues', set: 'queues' [ 752.958316][T23517] kobject: 'tx-4' (00000000f0cdb496): kobject_uevent_env [ 752.965441][T23517] kobject: 'tx-4' (00000000f0cdb496): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-4' [ 752.977066][T23517] kobject: 'tx-5' (000000009c98c3a1): kobject_add_internal: parent: 'queues', set: 'queues' [ 752.988059][T23517] kobject: 'tx-5' (000000009c98c3a1): kobject_uevent_env [ 752.995199][T23517] kobject: 'tx-5' (000000009c98c3a1): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-5' [ 753.011728][T23517] kobject: 'tx-6' (000000005eb42d07): kobject_add_internal: parent: 'queues', set: 'queues' [ 753.022189][T23517] kobject: 'tx-6' (000000005eb42d07): kobject_uevent_env [ 753.029420][T23517] kobject: 'tx-6' (000000005eb42d07): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-6' 06:30:05 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x18}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) [ 753.040806][T23517] kobject: 'tx-7' (0000000088f30137): kobject_add_internal: parent: 'queues', set: 'queues' [ 753.051197][T23517] kobject: 'tx-7' (0000000088f30137): kobject_uevent_env [ 753.081287][T23517] kobject: 'tx-7' (0000000088f30137): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-7' [ 753.119024][T23517] kobject: 'tx-8' (00000000ab3519f0): kobject_add_internal: parent: 'queues', set: 'queues' [ 753.137579][T23517] kobject: 'tx-8' (00000000ab3519f0): kobject_uevent_env [ 753.145272][T23517] kobject: 'tx-8' (00000000ab3519f0): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-8' [ 753.157077][ T3890] kobject: 'loop2' (000000008e5a3901): kobject_uevent_env [ 753.172602][T23517] kobject: 'tx-9' (00000000edf0d646): kobject_add_internal: parent: 'queues', set: 'queues' [ 753.175996][ T3890] kobject: 'loop2' (000000008e5a3901): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 753.196355][T23517] kobject: 'tx-9' (00000000edf0d646): kobject_uevent_env [ 753.226924][T23517] kobject: 'tx-9' (00000000edf0d646): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-9' [ 753.285061][T23517] kobject: 'tx-10' (0000000006138e06): kobject_add_internal: parent: 'queues', set: 'queues' [ 753.325678][T23517] kobject: 'tx-10' (0000000006138e06): kobject_uevent_env [ 753.353307][T23517] kobject: 'tx-10' (0000000006138e06): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-10' [ 753.407783][T23517] kobject: 'tx-11' (00000000186221f7): kobject_add_internal: parent: 'queues', set: 'queues' [ 753.408087][T23658] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 753.447498][T23517] kobject: 'tx-11' (00000000186221f7): kobject_uevent_env [ 753.456931][T23517] kobject: 'tx-11' (00000000186221f7): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-11' [ 753.471321][T23658] CPU: 0 PID: 23658 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 753.480445][T23658] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 753.490489][T23658] Call Trace: [ 753.493777][T23658] dump_stack+0x172/0x1f0 [ 753.498208][T23658] dump_header+0x177/0x1152 [ 753.502709][T23658] ? ___ratelimit+0xf8/0x595 [ 753.507291][T23658] ? trace_hardirqs_on+0x67/0x240 [ 753.512310][T23658] ? pagefault_out_of_memory+0x11c/0x11c [ 753.517942][T23658] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 753.523747][T23658] ? ___ratelimit+0x60/0x595 [ 753.528504][T23658] ? do_raw_spin_unlock+0x57/0x270 [ 753.533624][T23658] oom_kill_process.cold+0x10/0x15 [ 753.538730][T23658] out_of_memory+0x334/0x1340 [ 753.543402][T23658] ? lock_downgrade+0x920/0x920 [ 753.548246][T23658] ? oom_killer_disable+0x280/0x280 [ 753.553438][T23658] ? __kasan_check_read+0x11/0x20 [ 753.558459][T23658] mem_cgroup_out_of_memory+0x1d8/0x240 [ 753.563999][T23658] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 753.569637][T23658] ? do_raw_spin_unlock+0x57/0x270 [ 753.574750][T23658] ? _raw_spin_unlock+0x2d/0x50 [ 753.579602][T23658] try_charge+0xf4b/0x1440 [ 753.581596][T23517] kobject: 'tx-12' (000000002654505e): kobject_add_internal: parent: 'queues', set: 'queues' [ 753.584016][T23658] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 753.584034][T23658] ? percpu_ref_tryget_live+0x111/0x290 [ 753.595247][T23517] kobject: 'tx-12' (000000002654505e): kobject_uevent_env [ 753.599680][T23658] ? get_mem_cgroup_from_mm+0x16/0x320 [ 753.599698][T23658] ? get_mem_cgroup_from_mm+0x156/0x320 [ 753.599712][T23658] mem_cgroup_try_charge+0x136/0x590 [ 753.599728][T23658] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 753.599742][T23658] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 753.599757][T23658] __handle_mm_fault+0x1e34/0x3f20 [ 753.599771][T23658] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 753.599787][T23658] ? __kasan_check_read+0x11/0x20 [ 753.607977][T23517] kobject: 'tx-12' (000000002654505e): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-12' [ 753.612401][T23658] ? do_raw_spin_unlock+0x57/0x270 [ 753.612421][T23658] ? trace_hardirqs_on+0x67/0x240 [ 753.619743][T23517] kobject: 'tx-13' (00000000bd92509e): kobject_add_internal: parent: 'queues', set: 'queues' [ 753.623384][T23658] handle_mm_fault+0x1b5/0x6c0 [ 753.623404][T23658] __get_user_pages+0x7d4/0x1b30 [ 753.630099][T23517] kobject: 'tx-13' (00000000bd92509e): kobject_uevent_env [ 753.634881][T23658] ? mark_held_locks+0xf0/0xf0 [ 753.634905][T23658] ? follow_page_mask+0x1cf0/0x1cf0 [ 753.642531][T23517] kobject: 'tx-13' (00000000bd92509e): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-13' [ 753.645603][T23658] ? __mm_populate+0x270/0x380 [ 753.645620][T23658] ? __kasan_check_write+0x14/0x20 [ 753.645638][T23658] ? down_read+0x109/0x430 [ 753.652362][T23517] kobject: 'tx-14' (00000000ee184a87): kobject_add_internal: parent: 'queues', set: 'queues' [ 753.656189][T23658] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 06:30:05 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x3, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) [ 753.656211][T23658] populate_vma_page_range+0x20d/0x2a0 [ 753.670403][T23517] kobject: 'tx-14' (00000000ee184a87): kobject_uevent_env [ 753.672555][T23658] __mm_populate+0x204/0x380 [ 753.672568][T23658] ? populate_vma_page_range+0x2a0/0x2a0 [ 753.672584][T23658] ? __kasan_check_write+0x14/0x20 [ 753.677968][T23517] kobject: 'tx-14' (00000000ee184a87): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-14' [ 753.687710][T23658] ? up_write+0x155/0x490 [ 753.687723][T23658] ? ns_capable_common+0x93/0x100 06:30:05 executing program 5: r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000e00)=@newlink={0x3c, 0x10, 0x601, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, @bond={{0xc, 0x1, 'bond\x00'}, {0xc, 0x2, [@IFLA_BOND_AD_USER_PORT_KEY={0x8, 0x9}]}}}]}, 0x3c}}, 0x0) [ 753.687740][T23658] __x64_sys_mlockall+0x473/0x520 [ 753.687755][T23658] do_syscall_64+0xfa/0x760 [ 753.687774][T23658] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 753.687784][T23658] RIP: 0033:0x459879 [ 753.687798][T23658] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 753.687809][T23658] RSP: 002b:00007fe89cd29c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 753.695338][T23517] kobject: 'tx-15' (000000005daf7131): kobject_add_internal: parent: 'queues', set: 'queues' [ 753.697482][T23658] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 753.697490][T23658] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 753.697496][T23658] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 753.697503][T23658] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd2a6d4 [ 753.697510][T23658] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 753.700491][T23658] memory: usage 307200kB, limit 307200kB, failcnt 6494 [ 753.705199][T23517] kobject: 'tx-15' (000000005daf7131): kobject_uevent_env [ 753.711111][T23658] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 753.717132][T23517] kobject: 'tx-15' (000000005daf7131): fill_kobj_path: path = '/devices/virtual/net/bond531/queues/tx-15' [ 753.727682][T23658] Memory cgroup stats for /syz2: [ 753.727898][T23658] anon 302374912 [ 753.727898][T23658] file 28672 [ 753.727898][T23658] kernel_stack 917504 [ 753.727898][T23658] slab 6684672 [ 753.727898][T23658] sock 0 [ 753.727898][T23658] shmem 0 [ 753.727898][T23658] file_mapped 0 [ 753.727898][T23658] file_dirty 0 [ 753.727898][T23658] file_writeback 0 [ 753.727898][T23658] anon_thp 216006656 [ 753.727898][T23658] inactive_anon 252833792 [ 753.727898][T23658] active_anon 11931648 [ 753.727898][T23658] inactive_file 0 [ 753.727898][T23658] active_file 0 [ 753.727898][T23658] unevictable 37851136 [ 753.727898][T23658] slab_reclaimable 1351680 [ 753.727898][T23658] slab_unreclaimable 5332992 [ 753.727898][T23658] pgfault 849552 [ 753.727898][T23658] pgmajfault 0 [ 753.727898][T23658] workingset_refault 198 [ 753.727898][T23658] workingset_activate 66 [ 753.727898][T23658] workingset_nodereclaim 0 [ 753.727898][T23658] pgrefill 1961 [ 753.727898][T23658] pgscan 2188 [ 753.727898][T23658] pgsteal 231 [ 753.734230][T23517] kobject: 'batman_adv' (00000000b9b9eb93): kobject_add_internal: parent: 'bond531', set: '' [ 753.740928][T23658] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23532,uid=0 06:30:06 executing program 0: r0 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070") move_pages(0x0, 0x3, &(0x7f0000000000)=[&(0x7f000000b000/0x9000)=nil, &(0x7f0000000000/0xd000)=nil, &(0x7f0000ffb000/0x4000)=nil], &(0x7f0000000140)=[0x0], &(0x7f0000000180), 0x0) 06:30:06 executing program 1: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r0 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r0, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000400)) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(r2, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/\x00', 0x2, 0x0) [ 753.902204][T23766] kobject: 'bond532' (00000000e595c7b7): kobject_add_internal: parent: 'net', set: 'devices' [ 753.962849][T23658] Memory cgroup out of memory: Killed process 23532 (syz-executor.2) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:159744kB oom_score_adj:1000 [ 754.032305][T23766] kobject: 'bond532' (00000000e595c7b7): kobject_uevent_env [ 754.095160][ T3890] kobject: 'loop1' (00000000555da25a): kobject_uevent_env [ 754.105679][ T3890] kobject: 'loop1' (00000000555da25a): fill_kobj_path: path = '/devices/virtual/block/loop1' [ 754.119980][T23766] kobject: 'bond532' (00000000e595c7b7): fill_kobj_path: path = '/devices/virtual/net/bond532' [ 754.147507][T23766] kobject: 'queues' (00000000902691a5): kobject_add_internal: parent: 'bond532', set: '' 06:30:06 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) preadv(0xffffffffffffffff, &(0x7f00000025c0)=[{&(0x7f0000000280)=""/68, 0x44}, {&(0x7f0000000300)=""/77, 0x4d}, {&(0x7f0000000440)=""/187, 0xbb}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/129, 0x81}, {&(0x7f00000015c0)=""/4096, 0x1000}, {&(0x7f0000000380)=""/86, 0x56}], 0x7, 0x0) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x976, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x7}, 0x0, 0xfffffffffffffffb, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) [ 754.175948][ T3890] kobject: 'loop3' (00000000547b5d7d): kobject_uevent_env [ 754.185908][ T1065] oom_reaper: reaped process 23532 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 754.190095][ T3890] kobject: 'loop3' (00000000547b5d7d): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 754.202129][T23766] kobject: 'queues' (00000000902691a5): kobject_uevent_env [ 754.221473][T23766] kobject: 'queues' (00000000902691a5): kobject_uevent_env: filter function caused the event to drop! [ 754.245149][T23771] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 754.263274][T23766] kobject: 'rx-0' (00000000bf285a50): kobject_add_internal: parent: 'queues', set: 'queues' [ 754.274082][T23771] CPU: 1 PID: 23771 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 754.283348][T23771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 754.293415][T23771] Call Trace: [ 754.296786][T23771] dump_stack+0x172/0x1f0 [ 754.301124][T23771] dump_header+0x177/0x1152 [ 754.305634][T23771] ? ___ratelimit+0xf8/0x595 [ 754.310229][T23771] ? trace_hardirqs_on+0x67/0x240 [ 754.315260][T23771] ? pagefault_out_of_memory+0x11c/0x11c [ 754.320902][T23771] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 754.326712][T23771] ? ___ratelimit+0x60/0x595 [ 754.331313][T23771] ? do_raw_spin_unlock+0x57/0x270 [ 754.336587][T23771] oom_kill_process.cold+0x10/0x15 [ 754.341710][T23771] out_of_memory+0x334/0x1340 [ 754.346397][T23771] ? lock_downgrade+0x920/0x920 [ 754.351255][T23771] ? oom_killer_disable+0x280/0x280 [ 754.356454][T23771] ? __kasan_check_read+0x11/0x20 [ 754.361580][T23771] mem_cgroup_out_of_memory+0x1d8/0x240 [ 754.367134][T23771] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 754.372771][T23771] ? do_raw_spin_unlock+0x57/0x270 [ 754.377889][T23771] ? _raw_spin_unlock+0x2d/0x50 [ 754.382749][T23771] try_charge+0xf4b/0x1440 [ 754.387175][T23771] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 754.392722][T23771] ? percpu_ref_tryget_live+0x111/0x290 [ 754.398275][T23771] ? get_mem_cgroup_from_mm+0x16/0x320 [ 754.403744][T23771] ? get_mem_cgroup_from_mm+0x156/0x320 [ 754.409289][T23771] mem_cgroup_try_charge+0x136/0x590 [ 754.414593][T23771] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 754.420841][T23771] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 754.426481][T23771] __handle_mm_fault+0x1e34/0x3f20 [ 754.431600][T23771] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 754.437149][T23771] ? __kasan_check_read+0x11/0x20 [ 754.442185][T23771] ? do_raw_spin_unlock+0x57/0x270 [ 754.447314][T23771] ? trace_hardirqs_on+0x67/0x240 [ 754.452348][T23771] handle_mm_fault+0x1b5/0x6c0 [ 754.457118][T23771] __get_user_pages+0x7d4/0x1b30 [ 754.462064][T23771] ? mark_held_locks+0xf0/0xf0 [ 754.466845][T23771] ? follow_page_mask+0x1cf0/0x1cf0 [ 754.472052][T23771] ? __mm_populate+0x270/0x380 [ 754.476829][T23771] ? __kasan_check_write+0x14/0x20 [ 754.481945][T23771] ? down_read+0x109/0x430 [ 754.486368][T23771] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 754.492617][T23771] populate_vma_page_range+0x20d/0x2a0 [ 754.498087][T23771] __mm_populate+0x204/0x380 [ 754.502685][T23771] ? populate_vma_page_range+0x2a0/0x2a0 [ 754.508320][T23771] ? __kasan_check_write+0x14/0x20 [ 754.513437][T23771] ? up_write+0x155/0x490 [ 754.517771][T23771] ? ns_capable_common+0x93/0x100 [ 754.522807][T23771] __x64_sys_mlockall+0x473/0x520 [ 754.527840][T23771] do_syscall_64+0xfa/0x760 [ 754.532354][T23771] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 754.538246][T23771] RIP: 0033:0x459879 [ 754.542148][T23771] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 754.554919][T23766] kobject: 'rx-0' (00000000bf285a50): kobject_uevent_env [ 754.561753][T23771] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 754.561767][T23771] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 754.561775][T23771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 754.561782][T23771] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 754.561789][T23771] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 754.561795][T23771] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 754.570835][T23771] memory: usage 307044kB, limit 307200kB, failcnt 2443 [ 754.622249][T23766] kobject: 'rx-0' (00000000bf285a50): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-0' [ 754.624842][T23771] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 754.643276][T23771] Memory cgroup stats for /syz1: [ 754.643507][T23771] anon 298840064 [ 754.643507][T23771] file 122880 [ 754.643507][T23771] kernel_stack 917504 [ 754.643507][T23771] slab 10473472 [ 754.643507][T23771] sock 0 [ 754.643507][T23771] shmem 61440 [ 754.643507][T23771] file_mapped 0 [ 754.643507][T23771] file_dirty 0 [ 754.643507][T23771] file_writeback 0 [ 754.643507][T23771] anon_thp 140509184 [ 754.643507][T23771] inactive_anon 268660736 [ 754.643507][T23771] active_anon 5492736 [ 754.643507][T23771] inactive_file 90112 [ 754.643507][T23771] active_file 135168 [ 754.643507][T23771] unevictable 24739840 [ 754.643507][T23771] slab_reclaimable 5541888 [ 754.643507][T23771] slab_unreclaimable 4931584 [ 754.643507][T23771] pgfault 253407 [ 754.643507][T23771] pgmajfault 0 [ 754.643507][T23771] workingset_refault 33 [ 754.643507][T23771] workingset_activate 0 [ 754.643507][T23771] workingset_nodereclaim 0 [ 754.643507][T23771] pgrefill 575 [ 754.643507][T23771] pgscan 4654 [ 754.643507][T23771] pgsteal 4166 [ 754.667356][T23766] kobject: 'rx-1' (0000000072acbe22): kobject_add_internal: parent: 'queues', set: 'queues' [ 754.739507][T23771] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=23696,uid=0 [ 754.755639][T23766] kobject: 'rx-1' (0000000072acbe22): kobject_uevent_env [ 754.764862][T23771] Memory cgroup out of memory: Killed process 23696 (syz-executor.1) total-vm:72832kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 754.772096][T23766] kobject: 'rx-1' (0000000072acbe22): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-1' [ 754.814974][T23777] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 754.827474][T23766] kobject: 'rx-2' (00000000b460cabe): kobject_add_internal: parent: 'queues', set: 'queues' [ 754.829802][T23777] CPU: 0 PID: 23777 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 754.846651][T23777] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 754.848599][T23766] kobject: 'rx-2' (00000000b460cabe): kobject_uevent_env [ 754.856702][T23777] Call Trace: [ 754.856720][T23777] dump_stack+0x172/0x1f0 [ 754.856739][T23777] dump_header+0x177/0x1152 [ 754.876875][T23777] ? ___ratelimit+0xf8/0x595 [ 754.877882][T23766] kobject: 'rx-2' (00000000b460cabe): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-2' [ 754.881465][T23777] ? trace_hardirqs_on+0x67/0x240 [ 754.881482][T23777] ? pagefault_out_of_memory+0x11c/0x11c [ 754.892723][T23766] kobject: 'rx-3' (0000000028120500): kobject_add_internal: parent: 'queues', set: 'queues' [ 754.897575][T23777] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 754.897587][T23777] ? ___ratelimit+0x60/0x595 [ 754.897598][T23777] ? do_raw_spin_unlock+0x57/0x270 [ 754.897610][T23777] oom_kill_process.cold+0x10/0x15 [ 754.897626][T23777] out_of_memory+0x334/0x1340 [ 754.903321][T23766] kobject: 'rx-3' (0000000028120500): kobject_uevent_env [ 754.913278][T23777] ? lock_downgrade+0x920/0x920 [ 754.913295][T23777] ? oom_killer_disable+0x280/0x280 [ 754.913312][T23777] mem_cgroup_out_of_memory+0x1d8/0x240 [ 754.913329][T23777] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 754.919178][T23766] kobject: 'rx-3' (0000000028120500): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-3' [ 754.923686][T23777] ? do_raw_spin_unlock+0x57/0x270 [ 754.923704][T23777] ? _raw_spin_unlock+0x2d/0x50 [ 754.928922][T23766] kobject: 'rx-4' (000000005fb5f9f6): kobject_add_internal: parent: 'queues', set: 'queues' [ 754.933948][T23777] try_charge+0xf4b/0x1440 [ 754.933967][T23777] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 754.938714][T23766] kobject: 'rx-4' (000000005fb5f9f6): kobject_uevent_env [ 754.945625][T23777] ? percpu_ref_tryget_live+0x111/0x290 [ 754.945644][T23777] ? get_mem_cgroup_from_mm+0x16/0x320 [ 754.950549][T23766] kobject: 'rx-4' (000000005fb5f9f6): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-4' [ 754.955658][T23777] ? get_mem_cgroup_from_mm+0x156/0x320 [ 754.955674][T23777] mem_cgroup_try_charge+0x136/0x590 [ 754.961337][T23766] kobject: 'rx-5' (00000000d7f0b46a): kobject_add_internal: parent: 'queues', set: 'queues' [ 754.966820][T23777] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 754.966837][T23777] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 754.978031][T23766] kobject: 'rx-5' (00000000d7f0b46a): kobject_uevent_env [ 754.983013][T23777] wp_page_copy+0x41e/0x1590 [ 754.983029][T23777] ? page_trans_huge_mapcount+0x166/0x450 [ 754.987976][T23766] kobject: 'rx-5' (00000000d7f0b46a): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-5' [ 754.997932][T23777] ? pmd_pfn+0x1d0/0x1d0 [ 754.997949][T23777] ? lock_downgrade+0x920/0x920 [ 754.997963][T23777] ? swp_swapcount+0x540/0x540 [ 754.997981][T23777] ? __kasan_check_read+0x11/0x20 [ 755.002515][T23766] kobject: 'rx-6' (00000000e0226641): kobject_add_internal: parent: 'queues', set: 'queues' [ 755.007913][T23777] ? do_raw_spin_unlock+0x57/0x270 [ 755.007927][T23777] do_wp_page+0x499/0x14d0 [ 755.007942][T23777] ? finish_mkwrite_fault+0x570/0x570 [ 755.007962][T23777] __handle_mm_fault+0x22f1/0x3f20 [ 755.015245][T23766] kobject: 'rx-6' (00000000e0226641): kobject_uevent_env [ 755.020670][T23777] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 755.020681][T23777] ? __kasan_check_read+0x11/0x20 [ 755.020698][T23777] ? do_raw_spin_unlock+0x57/0x270 [ 755.020715][T23777] ? trace_hardirqs_on+0x67/0x240 [ 755.020732][T23777] handle_mm_fault+0x1b5/0x6c0 [ 755.026275][T23766] kobject: 'rx-6' (00000000e0226641): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-6' [ 755.037354][T23777] __get_user_pages+0x7d4/0x1b30 [ 755.037367][T23777] ? mark_held_locks+0xf0/0xf0 [ 755.037384][T23777] ? follow_page_mask+0x1cf0/0x1cf0 [ 755.037394][T23777] ? __mm_populate+0x270/0x380 [ 755.037410][T23777] ? __kasan_check_write+0x14/0x20 [ 755.043067][T23766] kobject: 'rx-7' (00000000fd85badd): kobject_add_internal: parent: 'queues', set: 'queues' [ 755.048207][T23777] ? down_read+0x109/0x430 06:30:07 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6bb1ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) mlockall(0x0) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) [ 755.048223][T23777] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 755.048237][T23777] populate_vma_page_range+0x20d/0x2a0 [ 755.048253][T23777] __mm_populate+0x204/0x380 [ 755.058423][T23766] kobject: 'rx-7' (00000000fd85badd): kobject_uevent_env [ 755.064527][T23777] ? populate_vma_page_range+0x2a0/0x2a0 [ 755.064543][T23777] ? __kasan_check_write+0x14/0x20 [ 755.070232][T23766] kobject: 'rx-7' (00000000fd85badd): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-7' [ 755.077158][T23777] ? up_write+0x155/0x490 [ 755.077169][T23777] ? ns_capable_common+0x93/0x100 [ 755.077187][T23777] __x64_sys_mlockall+0x473/0x520 [ 755.081901][T23766] kobject: 'rx-8' (00000000f1534700): kobject_add_internal: parent: 'queues', set: 'queues' [ 755.087550][T23777] do_syscall_64+0xfa/0x760 [ 755.087566][T23777] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 755.087580][T23777] RIP: 0033:0x459879 [ 755.098764][T23766] kobject: 'rx-8' (00000000f1534700): kobject_uevent_env [ 755.102887][T23777] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 755.102901][T23777] RSP: 002b:00007fe89cd08c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 755.107825][T23766] kobject: 'rx-8' (00000000f1534700): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-8' [ 755.112476][T23777] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 755.112483][T23777] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 755.112495][T23777] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000 [ 755.117635][T23766] kobject: 'rx-9' (00000000cc11bdde): kobject_add_internal: parent: 'queues', set: 'queues' [ 755.127535][T23777] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fe89cd096d4 [ 755.127542][T23777] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 755.219891][T23777] memory: usage 307200kB, limit 307200kB, failcnt 6571 [ 755.227508][T23766] kobject: 'rx-9' (00000000cc11bdde): kobject_uevent_env [ 755.241519][ T3890] kobject: 'loop3' (00000000547b5d7d): kobject_uevent_env [ 755.245986][T23766] kobject: 'rx-9' (00000000cc11bdde): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-9' [ 755.249898][ T3890] kobject: 'loop3' (00000000547b5d7d): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 755.254717][T23766] kobject: 'rx-10' (00000000c04b2f1f): kobject_add_internal: parent: 'queues', set: 'queues' [ 755.263782][T23777] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 755.265516][T23766] kobject: 'rx-10' (00000000c04b2f1f): kobject_uevent_env [ 755.290405][T23777] Memory cgroup stats for /syz2: [ 755.290501][T23777] anon 302252032 [ 755.290501][T23777] file 28672 [ 755.290501][T23777] kernel_stack 983040 [ 755.290501][T23777] slab 6684672 [ 755.290501][T23777] sock 0 [ 755.290501][T23777] shmem 0 [ 755.290501][T23777] file_mapped 0 [ 755.290501][T23777] file_dirty 0 [ 755.290501][T23777] file_writeback 0 [ 755.290501][T23777] anon_thp 211812352 [ 755.290501][T23777] inactive_anon 244539392 [ 755.290501][T23777] active_anon 11931648 [ 755.290501][T23777] inactive_file 0 [ 755.290501][T23777] active_file 0 [ 755.290501][T23777] unevictable 45907968 [ 755.290501][T23777] slab_reclaimable 1351680 [ 755.290501][T23777] slab_unreclaimable 5332992 [ 755.290501][T23777] pgfault 854370 [ 755.290501][T23777] pgmajfault 0 [ 755.290501][T23777] workingset_refault 198 [ 755.290501][T23777] workingset_activate 66 [ 755.290501][T23777] workingset_nodereclaim 0 [ 755.290501][T23777] pgrefill 1961 [ 755.290501][T23777] pgscan 2188 [ 755.290501][T23777] pgsteal 231 [ 755.294344][T23766] kobject: 'rx-10' (00000000c04b2f1f): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-10' [ 755.317301][T23777] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz2,mems_allowed=0-1,oom_memcg=/syz2,task_memcg=/syz2,task=syz-executor.2,pid=23657,uid=0 [ 755.347252][T23766] kobject: 'rx-11' (000000008f9f66f9): kobject_add_internal: parent: 'queues', set: 'queues' [ 755.351324][T23777] Memory cgroup out of memory: Killed process 23657 (syz-executor.2) total-vm:72832kB, anon-rss:18160kB, file-rss:54336kB, shmem-rss:0kB, UID:0 pgtables:200704kB oom_score_adj:1000 [ 755.365340][T23766] kobject: 'rx-11' (000000008f9f66f9): kobject_uevent_env [ 755.454804][ T3890] kobject: 'loop3' (00000000547b5d7d): kobject_uevent_env [ 755.454837][ T3890] kobject: 'loop3' (00000000547b5d7d): fill_kobj_path: path = '/devices/virtual/block/loop3' [ 755.465161][T23771] syz-executor.1 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 755.532125][T23766] kobject: 'rx-11' (000000008f9f66f9): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-11' [ 755.575756][T23771] CPU: 1 PID: 23771 Comm: syz-executor.1 Not tainted 5.3.0-rc6-next-20190830 #75 [ 755.606834][T23766] kobject: 'rx-12' (00000000deb2a683): kobject_add_internal: parent: 'queues', set: 'queues' [ 755.610108][T23771] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 755.610113][T23771] Call Trace: [ 755.610133][T23771] dump_stack+0x172/0x1f0 [ 755.610151][T23771] dump_header+0x177/0x1152 [ 755.610162][T23771] ? ___ratelimit+0xf8/0x595 [ 755.610180][T23771] ? trace_hardirqs_on+0x67/0x240 [ 755.628618][T23766] kobject: 'rx-12' (00000000deb2a683): kobject_uevent_env [ 755.635052][T23771] ? pagefault_out_of_memory+0x11c/0x11c [ 755.635068][T23771] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 755.635084][T23771] ? ___ratelimit+0x60/0x595 [ 755.642629][T23766] kobject: 'rx-12' (00000000deb2a683): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-12' [ 755.652306][T23771] ? do_raw_spin_unlock+0x57/0x270 [ 755.652323][T23771] oom_kill_process.cold+0x10/0x15 [ 755.652337][T23771] out_of_memory+0x334/0x1340 [ 755.652356][T23771] ? lock_downgrade+0x920/0x920 06:30:07 executing program 2: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) setsockopt(r0, 0x3f, 0x0, &(0x7f0000000280)="625a55c806747711311499f819f3c8930cfe26b45070c8619cbe13dd96dfb30101fc28e7687f5f20a723aeae8dcc6a4946ed308eb95ef1cca238f4094a3d81d6c420b45ccf9b605fbe0a114ddfd3c450f333c336684c6e09301383b3f36ea59c395059092ca3f654ba6c03afc525879d43e7a71301c74d1aca74", 0x7a) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f00000000c0)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc97ba8276dd1212c68080dc56ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c396850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x101, 0x0, @perf_bp, 0x0, 0x0, 0x0, 0x6f8a179ab593d3a, 0xb3b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0xaa6dffd01ce3a153) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) fsetxattr$security_smack_entry(0xffffffffffffffff, &(0x7f0000000100)='security.SMACK64\x00', &(0x7f0000000200)='/dev/urandom\x00', 0xd, 0x1) 06:30:07 executing program 3: mkdir(&(0x7f00000000c0)='./file0\x00', 0x0) creat(0x0, 0x0) r0 = syz_open_dev$vcsn(&(0x7f00000001c0)='/dev/vcs#\x00', 0x0, 0x8000) socket$inet_udplite(0x2, 0x2, 0x88) ioctl$UI_BEGIN_FF_ERASE(0xffffffffffffffff, 0xc00c55ca, 0x0) setsockopt$IP_VS_SO_SET_DEL(0xffffffffffffffff, 0x0, 0x484, 0x0, 0x0) r1 = syz_open_dev$sndtimer(&(0x7f0000003a80)='/dev/snd/timer\x00', 0x0, 0x0) ioctl$SNDRV_TIMER_IOCTL_INFO(r1, 0x80e85411, 0x0) timer_create(0x0, 0x0, 0x0) write$P9_RWALK(0xffffffffffffffff, &(0x7f0000000280)=ANY=[@ANYBLOB="090000006f020000004583e08a1dc37ba8276d03000000000000000c42c02a6ea4da3ec6cd6ec1198bf2ae0c9d67d443a68030da6b31ec3fca6be8ec05cd91cde8c49f2c392850"], 0x9) r2 = openat$random(0xffffffffffffff9c, &(0x7f0000000180)='/dev/urandom\x00', 0x80400, 0x0) ioctl$RNDCLEARPOOL(r2, 0x5206, &(0x7f0000000400)) socket$inet6_udplite(0xa, 0x2, 0x88) r3 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl(r3, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070") setsockopt$inet_mreq(r3, 0x0, 0x23, &(0x7f0000000100)={@multicast2, @broadcast}, 0x8) mlockall(0x1) clone(0x0, 0x0, 0xfffffffffffffffe, &(0x7f0000000240), 0xffffffffffffffff) perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000000), 0x8}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0) mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) ioctl$PPPIOCGIDLE(r0, 0x8010743f, &(0x7f0000000140)) [ 755.663040][T23766] kobject: 'rx-13' (00000000c57d5c01): kobject_add_internal: parent: 'queues', set: 'queues' [ 755.673927][T23771] ? oom_killer_disable+0x280/0x280 [ 755.673942][T23771] ? __kasan_check_read+0x11/0x20 [ 755.673959][T23771] mem_cgroup_out_of_memory+0x1d8/0x240 [ 755.673976][T23771] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 755.683571][T23766] kobject: 'rx-13' (00000000c57d5c01): kobject_uevent_env [ 755.693202][T23771] ? do_raw_spin_unlock+0x57/0x270 [ 755.693219][T23771] ? _raw_spin_unlock+0x2d/0x50 [ 755.693235][T23771] try_charge+0xf4b/0x1440 [ 755.693256][T23771] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 755.703745][T23766] kobject: 'rx-13' (00000000c57d5c01): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-13' [ 755.706571][T23771] ? percpu_ref_tryget_live+0x111/0x290 [ 755.706588][T23771] ? get_mem_cgroup_from_mm+0x16/0x320 [ 755.706608][T23771] ? get_mem_cgroup_from_mm+0x156/0x320 [ 755.711427][T23766] kobject: 'rx-14' (00000000c25cf6e1): kobject_add_internal: parent: 'queues', set: 'queues' [ 755.715411][T23771] mem_cgroup_try_charge+0x136/0x590 [ 755.715429][T23771] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 755.715445][T23771] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 755.720504][T23766] kobject: 'rx-14' (00000000c25cf6e1): kobject_uevent_env [ 755.725033][T23771] __handle_mm_fault+0x1e34/0x3f20 [ 755.725050][T23771] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 755.725061][T23771] ? __kasan_check_read+0x11/0x20 [ 755.725078][T23771] ? do_raw_spin_unlock+0x57/0x270 [ 755.732558][T23766] kobject: 'rx-14' (00000000c25cf6e1): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-14' [ 755.737790][T23771] ? trace_hardirqs_on+0x67/0x240 [ 755.737808][T23771] handle_mm_fault+0x1b5/0x6c0 [ 755.737823][T23771] __get_user_pages+0x7d4/0x1b30 [ 755.737834][T23771] ? mark_held_locks+0xf0/0xf0 [ 755.737851][T23771] ? follow_page_mask+0x1cf0/0x1cf0 [ 755.744103][T23766] kobject: 'rx-15' (0000000037fe11e4): kobject_add_internal: parent: 'queues', set: 'queues' [ 755.748214][T23771] ? __mm_populate+0x270/0x380 [ 755.748233][T23771] ? __kasan_check_write+0x14/0x20 [ 755.748247][T23771] ? down_read+0x109/0x430 [ 755.748263][T23771] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 755.748279][T23771] populate_vma_page_range+0x20d/0x2a0 [ 755.760022][T23766] kobject: 'rx-15' (0000000037fe11e4): kobject_uevent_env [ 755.764640][T23771] __mm_populate+0x204/0x380 [ 755.764656][T23771] ? populate_vma_page_range+0x2a0/0x2a0 [ 755.764672][T23771] ? __kasan_check_write+0x14/0x20 [ 755.770233][T23766] kobject: 'rx-15' (0000000037fe11e4): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/rx-15' [ 755.774545][T23771] ? up_write+0x155/0x490 [ 755.774558][T23771] ? ns_capable_common+0x93/0x100 [ 755.774574][T23771] __x64_sys_mlockall+0x473/0x520 [ 755.774593][T23771] do_syscall_64+0xfa/0x760 [ 755.779872][T23766] kobject: 'tx-0' (00000000a08cde4b): kobject_add_internal: parent: 'queues', set: 'queues' [ 755.789568][T23771] entry_SYSCALL_64_after_hwframe+0x49/0xbe [ 755.789579][T23771] RIP: 0033:0x459879 [ 755.789592][T23771] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 755.789599][T23771] RSP: 002b:00007f4e2a92dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000097 [ 755.789616][T23771] RAX: ffffffffffffffda RBX: 0000000000000001 RCX: 0000000000459879 [ 755.795365][T23766] kobject: 'tx-0' (00000000a08cde4b): kobject_uevent_env [ 755.799799][T23771] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001 [ 755.799807][T23771] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000 [ 755.799813][T23771] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f4e2a92e6d4 [ 755.799820][T23771] R13: 00000000004c5d72 R14: 00000000004da7f8 R15: 00000000ffffffff [ 755.817322][T23771] memory: usage 307196kB, limit 307200kB, failcnt 2481 [ 755.826140][ T3890] kobject: 'loop2' (000000008e5a3901): kobject_uevent_env [ 755.828813][T23771] swap: usage 0kB, limit 9007199254740988kB, failcnt 0 [ 755.828817][T23771] Memory cgroup stats for /syz1: [ 755.828922][T23771] anon 299241472 [ 755.828922][T23771] file 122880 [ 755.828922][T23771] kernel_stack 917504 [ 755.828922][T23771] slab 10473472 [ 755.828922][T23771] sock 0 [ 755.828922][T23771] shmem 61440 [ 755.828922][T23771] file_mapped 0 [ 755.828922][T23771] file_dirty 0 [ 755.828922][T23771] file_writeback 0 [ 755.828922][T23771] anon_thp 140509184 [ 755.828922][T23771] inactive_anon 259063808 [ 755.828922][T23771] active_anon 5492736 [ 755.828922][T23771] inactive_file 90112 [ 755.828922][T23771] active_file 135168 [ 755.828922][T23771] unevictable 34877440 [ 755.828922][T23771] slab_reclaimable 5541888 [ 755.828922][T23771] slab_unreclaimable 4931584 [ 755.828922][T23771] pgfault 255882 [ 755.828922][T23771] pgmajfault 0 [ 755.828922][T23771] workingset_refault 33 [ 755.828922][T23771] workingset_activate 0 [ 755.828922][T23771] workingset_nodereclaim 0 [ 755.828922][T23771] pgrefill 575 [ 755.828922][T23771] pgscan 4654 [ 755.828922][T23771] pgsteal 4166 [ 755.837312][ T3890] kobject: 'loop2' (000000008e5a3901): fill_kobj_path: path = '/devices/virtual/block/loop2' [ 755.838940][T23771] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=syz1,mems_allowed=0-1,oom_memcg=/syz1,task_memcg=/syz1,task=syz-executor.1,pid=23654,uid=0 [ 755.865674][T23766] kobject: 'tx-0' (00000000a08cde4b): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/tx-0' [ 755.919488][T23771] Memory cgroup out of memory: Killed process 23654 (syz-executor.1) total-vm:72708kB, anon-rss:18232kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:163840kB oom_score_adj:1000 [ 755.924101][T23766] kobject: 'tx-1' (000000006287580d): kobject_add_internal: parent: 'queues', set: 'queues' [ 756.006584][T23993] syz-executor.2 invoked oom-killer: gfp_mask=0xcc0(GFP_KERNEL), order=0, oom_score_adj=1000 [ 756.007972][T23766] kobject: 'tx-1' (000000006287580d): kobject_uevent_env [ 756.067331][T23993] CPU: 1 PID: 23993 Comm: syz-executor.2 Not tainted 5.3.0-rc6-next-20190830 #75 [ 756.068605][T23766] kobject: 'tx-1' (000000006287580d): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/tx-1' [ 756.088138][T23993] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 756.088143][T23993] Call Trace: [ 756.088164][T23993] dump_stack+0x172/0x1f0 [ 756.088180][T23993] dump_header+0x177/0x1152 [ 756.088191][T23993] ? ___ratelimit+0xf8/0x595 [ 756.088209][T23993] ? trace_hardirqs_on+0x67/0x240 [ 756.096752][T23766] kobject: 'tx-2' (000000007f43720d): kobject_add_internal: parent: 'queues', set: 'queues' [ 756.104585][T23993] ? pagefault_out_of_memory+0x11c/0x11c [ 756.104606][T23993] ? _raw_spin_unlock_irqrestore+0xa4/0xe0 [ 756.104621][T23993] ? ___ratelimit+0x60/0x595 [ 756.111833][T23766] kobject: 'tx-2' (000000007f43720d): kobject_uevent_env [ 756.119595][T23993] ? do_raw_spin_unlock+0x57/0x270 [ 756.119616][T23993] oom_kill_process.cold+0x10/0x15 [ 756.119632][T23993] out_of_memory+0x334/0x1340 [ 756.127672][T23766] kobject: 'tx-2' (000000007f43720d): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/tx-2' [ 756.135564][T23993] ? lock_downgrade+0x920/0x920 [ 756.135584][T23993] ? oom_killer_disable+0x280/0x280 [ 756.143695][T23766] kobject: 'tx-3' (000000005322a148): kobject_add_internal: parent: 'queues', set: 'queues' [ 756.150383][T23993] ? __kasan_check_read+0x11/0x20 [ 756.150400][T23993] mem_cgroup_out_of_memory+0x1d8/0x240 [ 756.150417][T23993] ? mem_cgroup_nr_lru_pages+0x1b0/0x1b0 [ 756.157696][T23766] kobject: 'tx-3' (000000005322a148): kobject_uevent_env [ 756.164351][T23993] ? do_raw_spin_unlock+0x57/0x270 [ 756.164370][T23993] ? _raw_spin_unlock+0x2d/0x50 [ 756.169574][T23766] kobject: 'tx-3' (000000005322a148): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/tx-3' [ 756.259571][T23993] try_charge+0xf4b/0x1440 [ 756.259591][T23993] ? mem_cgroup_oom_trylock+0x1a0/0x1a0 [ 756.259607][T23993] ? percpu_ref_tryget_live+0x111/0x290 [ 756.259627][T23993] ? get_mem_cgroup_from_mm+0x16/0x320 [ 756.269929][T23766] kobject: 'tx-4' (00000000141e3693): kobject_add_internal: parent: 'queues', set: 'queues' [ 756.285198][T23993] ? get_mem_cgroup_from_mm+0x156/0x320 [ 756.285212][T23993] mem_cgroup_try_charge+0x136/0x590 [ 756.285234][T23993] ? __sanitizer_cov_trace_const_cmp2+0x18/0x20 [ 756.296596][T23766] kobject: 'tx-4' (00000000141e3693): kobject_uevent_env [ 756.314183][T23993] mem_cgroup_try_charge_delay+0x1f/0xa0 [ 756.314199][T23993] __handle_mm_fault+0x1e34/0x3f20 [ 756.314218][T23993] ? vmf_insert_mixed_mkwrite+0x40/0x40 [ 756.324419][T23766] kobject: 'tx-4' (00000000141e3693): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/tx-4' [ 756.334511][T23993] ? __kasan_check_read+0x11/0x20 [ 756.334525][T23993] ? do_raw_spin_unlock+0x57/0x270 [ 756.334545][T23993] ? trace_hardirqs_on+0x67/0x240 [ 756.341704][T23766] kobject: 'tx-5' (000000002501c6c8): kobject_add_internal: parent: 'queues', set: 'queues' [ 756.350647][T23993] handle_mm_fault+0x1b5/0x6c0 [ 756.350661][T23993] __get_user_pages+0x7d4/0x1b30 [ 756.350679][T23993] ? mark_held_locks+0xf0/0xf0 [ 756.361961][T23766] kobject: 'tx-5' (000000002501c6c8): kobject_uevent_env [ 756.371816][T23993] ? follow_page_mask+0x1cf0/0x1cf0 [ 756.371825][T23993] ? __mm_populate+0x270/0x380 [ 756.371843][T23993] ? __kasan_check_write+0x14/0x20 [ 756.375163][T23766] kobject: 'tx-5' (000000002501c6c8): fill_kobj_path: path = '/devices/virtual/net/bond532/queues/tx-5' [ 756.379431][T23993] ? down_read+0x109/0x430 [ 756.379447][T23993] ? __sanitizer_cov_trace_const_cmp4+0x16/0x20 [ 756.379464][T23993] populate_vma_page_range+0x20d/0x2a0 [ 756.384150][T23766