0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000004c0)=[{&(0x7f0000000280)=""/183, 0xb7}, {&(0x7f0000000340)=""/40, 0x28}, {&(0x7f0000000380)=""/191, 0xbf}, {&(0x7f0000000480)=""/13, 0xd}], 0x4, 0xffffdffd, 0x0) 22:38:24 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:24 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:24 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:24 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:24 executing program 3: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) [ 1853.810602][ T368] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0 [ 1853.879232][ T368] CPU: 1 PID: 368 Comm: syz-executor.1 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1853.889230][ T368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1853.899285][ T368] Call Trace: [ 1853.902580][ T368] dump_stack+0x14a/0x1ce [ 1853.906900][ T368] ? devkmsg_release+0x11c/0x11c [ 1853.911838][ T368] ? show_regs_print_info+0x12/0x12 [ 1853.917232][ T368] ? radix_tree_cpu_dead+0x160/0x160 [ 1853.922506][ T368] ? _raw_spin_lock+0xa1/0x170 [ 1853.927267][ T368] ? _raw_spin_trylock_bh+0x190/0x190 [ 1853.932633][ T368] dump_header+0xdb/0x700 [ 1853.936958][ T368] oom_kill_process+0xd3/0x280 [ 1853.941711][ T368] out_of_memory+0x5b6/0x890 [ 1853.946297][ T368] ? unregister_oom_notifier+0x20/0x20 [ 1853.951748][ T368] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1853.957291][ T368] ? get_page_from_freelist+0x7c0/0x7c0 [ 1853.963093][ T368] ? __zone_watermark_ok+0x91/0x280 [ 1853.968296][ T368] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1853.973669][ T368] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1853.979221][ T368] ? schedule_preempt_disabled+0x20/0x20 [ 1853.984851][ T368] ? _raw_spin_lock+0xa1/0x170 [ 1853.989610][ T368] pte_alloc_one+0x1b/0xb0 [ 1853.994024][ T368] __pte_alloc+0x1d/0x1d0 [ 1853.998355][ T368] copy_page_range+0x1452/0x1710 [ 1854.003340][ T368] ? print_bad_pte+0x650/0x650 [ 1854.008182][ T368] ? init_admin_reserve+0xc0/0xc0 [ 1854.013198][ T368] ? vma_gap_callbacks_rotate+0x1d5/0x210 [ 1854.018912][ T368] dup_mmap+0x870/0xc00 [ 1854.023060][ T368] ? __delayed_free_task+0x20/0x20 [ 1854.028167][ T368] ? mm_init+0x5c6/0x720 [ 1854.032401][ T368] dup_mm+0x98/0x300 [ 1854.036290][ T368] copy_process+0x2052/0x5110 [ 1854.040961][ T368] ? fork_idle+0x290/0x290 [ 1854.045369][ T368] _do_fork+0x196/0x920 [ 1854.049515][ T368] ? finish_fault+0x230/0x230 [ 1854.054209][ T368] ? dup_mm+0x300/0x300 [ 1854.058356][ T368] ? ktime_get_raw+0x130/0x130 [ 1854.063113][ T368] __x64_sys_clone+0x25e/0x2c0 [ 1854.067872][ T368] ? __ia32_sys_vfork+0x110/0x110 [ 1854.072885][ T368] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1854.078511][ T368] ? do_user_addr_fault+0x55c/0x9f0 [ 1854.083703][ T368] do_syscall_64+0xcb/0x150 [ 1854.088202][ T368] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1854.094085][ T368] RIP: 0033:0x45b75a [ 1854.097967][ T368] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 1854.117821][ T368] RSP: 002b:00007ffc481612a0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1854.126221][ T368] RAX: ffffffffffffffda RBX: 00007ffc481612a0 RCX: 000000000045b75a [ 1854.134716][ T368] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1854.142679][ T368] RBP: 00007ffc481612e0 R08: 0000000000000001 R09: 000000000233c940 [ 1854.150622][ T368] R10: 000000000233cc10 R11: 0000000000000246 R12: 0000000000000001 [ 1854.158564][ T368] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffc48161330 [ 1854.297013][ T368] Mem-Info: [ 1854.306157][ T368] active_anon:1412443 inactive_anon:6774 isolated_anon:0 [ 1854.306157][ T368] active_file:425 inactive_file:429 isolated_file:32 [ 1854.306157][ T368] unevictable:0 dirty:27 writeback:0 unstable:0 [ 1854.306157][ T368] slab_reclaimable:8860 slab_unreclaimable:77993 [ 1854.306157][ T368] mapped:57881 shmem:6853 pagetables:38710 bounce:0 [ 1854.306157][ T368] free:10951 free_pcp:4 free_cma:0 [ 1854.386518][ T368] Node 0 active_anon:5649772kB inactive_anon:27096kB active_file:1580kB inactive_file:1656kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:231024kB dirty:108kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1854.448930][ T368] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1854.504404][ T368] lowmem_reserve[]: 0 2912 6416 6416 [ 1854.515456][ T368] DMA32 free:24196kB min:4644kB low:7624kB high:10604kB active_anon:2814424kB inactive_anon:3540kB active_file:16kB inactive_file:208kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14144kB pagetables:30476kB bounce:0kB free_pcp:1488kB local_pcp:112kB free_cma:0kB [ 1854.547134][ T368] lowmem_reserve[]: 0 0 3504 3504 [ 1854.553569][ T368] Normal free:17684kB min:5592kB low:9180kB high:12768kB active_anon:2819312kB inactive_anon:23556kB active_file:1320kB inactive_file:2348kB unevictable:0kB writepending:20kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:31904kB pagetables:124360kB bounce:0kB free_pcp:960kB local_pcp:452kB free_cma:0kB [ 1854.589502][ T368] lowmem_reserve[]: 0 0 0 0 [ 1854.600491][ T368] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1854.614685][ T368] DMA32: 622*4kB (UME) 266*8kB (UME) 113*16kB (UME) 22*32kB (UME) 15*64kB (UME) 12*128kB (UM) 6*256kB (UM) 2*512kB (UM) 7*1024kB (UM) 2*2048kB (UM) 0*4096kB = 23448kB [ 1854.632171][ T368] Normal: 691*4kB (MEH) 322*8kB (UME) 160*16kB (UME) 142*32kB (MH) 34*64kB (UM) 16*128kB (UM) 3*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17436kB [ 1854.648341][ T368] 7947 total pagecache pages [ 1854.656784][ T368] 0 pages in swap cache [ 1854.667172][ T368] Swap cache stats: add 0, delete 0, find 0/0 [ 1854.677565][ T368] Free swap = 0kB [ 1854.682297][ T368] Total swap = 0kB [ 1854.701549][ T368] 1965979 pages RAM 22:38:25 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:25 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x8000054, 0x2, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_INFO(0xffffffffffffffff, 0x80e85411, &(0x7f0000000280)) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:25 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = getpid() sched_setattr(r2, &(0x7f0000000080)={0x38, 0x3, 0xaa9309cf447bd15a, 0x0, 0x5, 0x0, 0x4}, 0x0) syz_open_procfs(r2, &(0x7f0000000040)='fd\x00') r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) timerfd_gettime(r4, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) [ 1854.709893][ T368] 0 pages HighMem/MovableOnly [ 1854.716870][ T368] 318829 pages reserved [ 1854.730553][ T368] 0 pages cma reserved [ 1854.736439][ T368] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=23053,uid=0 22:38:25 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:25 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, 0x0, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x8001}, @BATADV_ATTR_HARD_IFINDEX={0x8}]}, 0x44}, 0x1, 0x0, 0x0, 0x844}, 0x0) sendmsg$BATADV_CMD_SET_HARDIF(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x28, 0x0, 0x400, 0x70bd27, 0x25dfdbfb, {}, [@BATADV_ATTR_GW_BANDWIDTH_UP={0x8, 0x32, 0x401}, @BATADV_ATTR_ORIG_ADDRESS={0xa, 0x9, @broadcast}]}, 0x28}, 0x1, 0x0, 0x0, 0x4010}, 0x20000800) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:25 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:25 executing program 3: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:25 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:25 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1855.048262][T23116] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 1855.060584][T23116] CPU: 1 PID: 23116 Comm: syz-executor.1 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1855.070813][T23116] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1855.080845][T23116] Call Trace: [ 1855.084112][T23116] dump_stack+0x14a/0x1ce [ 1855.088414][T23116] ? devkmsg_release+0x11c/0x11c [ 1855.093322][T23116] ? show_regs_print_info+0x12/0x12 [ 1855.098491][T23116] ? radix_tree_cpu_dead+0x160/0x160 [ 1855.103745][T23116] ? _raw_spin_lock+0xa1/0x170 [ 1855.108506][T23116] ? _raw_spin_trylock_bh+0x190/0x190 [ 1855.113851][T23116] dump_header+0xdb/0x700 [ 1855.118153][T23116] oom_kill_process+0xd3/0x280 [ 1855.123066][T23116] out_of_memory+0x5b6/0x890 [ 1855.127628][T23116] ? unregister_oom_notifier+0x20/0x20 [ 1855.133072][T23116] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1855.138592][T23116] ? get_page_from_freelist+0x7c0/0x7c0 [ 1855.144126][T23116] ? switch_mm_irqs_off+0x4d7/0x9a0 [ 1855.149301][T23116] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1855.154659][T23116] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1855.160180][T23116] ? _raw_spin_unlock_irq+0x5/0x20 [ 1855.165260][T23116] ? finish_task_switch+0x235/0x4c0 [ 1855.170428][T23116] wp_page_copy+0x1fe/0x1120 [ 1855.174993][T23116] ? add_mm_rss_vec+0x270/0x270 [ 1855.179814][T23116] do_wp_page+0x68b/0x1530 [ 1855.184207][T23116] ? do_swap_page+0x1560/0x1560 [ 1855.189031][T23116] ? handle_mm_fault+0x66d/0x41e0 [ 1855.194027][T23116] handle_mm_fault+0xfa5/0x41e0 [ 1855.199024][T23116] ? finish_fault+0x230/0x230 [ 1855.204632][T23116] ? down_read_trylock+0x17a/0x1d0 [ 1855.209712][T23116] ? vmacache_update+0x9f/0xf0 [ 1855.214447][T23116] do_user_addr_fault+0x48a/0x9f0 [ 1855.219442][T23116] page_fault+0x2f/0x40 [ 1855.223575][T23116] RIP: 0033:0x40fbfc [ 1855.227440][T23116] Code: 74 28 41 8b 07 85 c0 0f 85 11 01 00 00 41 83 c5 01 48 81 c3 a0 00 00 00 41 83 fd 10 75 d7 bf 03 2b 4c 00 31 c0 e8 44 32 ff ff 43 f8 01 44 89 6b f4 48 89 df c6 43 15 00 c7 43 fc 00 00 00 00 [ 1855.247028][T23116] RSP: 002b:00007ffc48161130 EFLAGS: 00010246 [ 1855.253067][T23116] RAX: 0000000000000001 RBX: 000000000118cf4c RCX: 00007ffc481611f8 [ 1855.261023][T23116] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000 [ 1855.268967][T23116] RBP: 000000000118cf40 R08: 00007ffc48161200 R09: 0000000001190060 [ 1855.276907][T23116] R10: 0000000000000075 R11: 0000000000000006 R12: 0000000001190008 [ 1855.284866][T23116] R13: 0000000000000000 R14: 0000000000000c8a R15: 000000000118cf4c [ 1855.461949][T23116] Mem-Info: [ 1855.466591][T23116] active_anon:1411865 inactive_anon:6774 isolated_anon:0 [ 1855.466591][T23116] active_file:183 inactive_file:156 isolated_file:32 [ 1855.466591][T23116] unevictable:0 dirty:22 writeback:0 unstable:0 [ 1855.466591][T23116] slab_reclaimable:8860 slab_unreclaimable:78050 [ 1855.466591][T23116] mapped:57296 shmem:6853 pagetables:38774 bounce:0 [ 1855.466591][T23116] free:11796 free_pcp:49 free_cma:0 [ 1855.504896][T23116] Node 0 active_anon:5647532kB inactive_anon:27096kB active_file:668kB inactive_file:624kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:229108kB dirty:24kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1855.537851][T23116] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1855.585750][T23116] lowmem_reserve[]: 0 2912 6416 6416 [ 1855.591934][T23116] DMA32 free:18128kB min:4644kB low:7624kB high:10604kB active_anon:2821592kB inactive_anon:3540kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14176kB pagetables:30396kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1855.625220][T23116] lowmem_reserve[]: 0 0 3504 3504 [ 1855.630863][T23116] Normal free:13728kB min:9688kB low:13276kB high:16864kB active_anon:2825940kB inactive_anon:23556kB active_file:664kB inactive_file:624kB unevictable:0kB writepending:24kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32000kB pagetables:124608kB bounce:0kB free_pcp:516kB local_pcp:288kB free_cma:0kB [ 1855.663150][T23116] lowmem_reserve[]: 0 0 0 0 [ 1855.667807][T23116] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1855.684130][T23116] DMA32: 185*4kB (UME) 86*8kB (UME) 18*16kB (UE) 11*32kB (UME) 13*64kB (UME) 13*128kB (UM) 5*256kB (M) 2*512kB (UM) 7*1024kB (UM) 2*2048kB (UM) 0*4096kB = 18132kB [ 1855.703603][T23116] Normal: 642*4kB (ME) 293*8kB (UME) 48*16kB (ME) 107*32kB (UM) 32*64kB (UM) 14*128kB (UM) 2*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 13456kB [ 1855.718860][T23116] 7210 total pagecache pages [ 1855.723588][T23116] 0 pages in swap cache [ 1855.727859][T23116] Swap cache stats: add 0, delete 0, find 0/0 [ 1855.734070][T23116] Free swap = 0kB [ 1855.737906][T23116] Total swap = 0kB [ 1855.741728][T23116] 1965979 pages RAM [ 1855.745671][T23116] 0 pages HighMem/MovableOnly [ 1855.750466][T23116] 318829 pages reserved [ 1855.772012][T23116] 0 pages cma reserved [ 1855.780781][T23116] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=5855,uid=0 [ 1855.802616][T23116] Out of memory: Killed process 5855 (syz-executor.0) total-vm:85348kB, anon-rss:10216kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 1855.846621][ T23] oom_reaper: reaped process 5855 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 22:38:26 executing program 3 (fault-call:7 fault-nth:0): recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:26 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1857.188107][ T348] syz-fuzzer invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 1857.198874][ T348] CPU: 1 PID: 348 Comm: syz-fuzzer Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1857.208482][ T348] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1857.218509][ T348] Call Trace: [ 1857.221775][ T348] dump_stack+0x14a/0x1ce [ 1857.226072][ T348] ? devkmsg_release+0x11c/0x11c [ 1857.231032][ T348] ? show_regs_print_info+0x12/0x12 [ 1857.236201][ T348] ? radix_tree_cpu_dead+0x160/0x160 [ 1857.241452][ T348] ? _raw_spin_lock+0xa1/0x170 [ 1857.246182][ T348] ? _raw_spin_trylock_bh+0x190/0x190 [ 1857.251523][ T348] dump_header+0xdb/0x700 [ 1857.255828][ T348] oom_kill_process+0xd3/0x280 [ 1857.260562][ T348] out_of_memory+0x5b6/0x890 [ 1857.265118][ T348] ? unregister_oom_notifier+0x20/0x20 [ 1857.270584][ T348] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1857.276106][ T348] ? get_page_from_freelist+0x7c0/0x7c0 [ 1857.281622][ T348] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1857.286971][ T348] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1857.292492][ T348] pagecache_get_page+0x50f/0x880 [ 1857.297486][ T348] filemap_fault+0x14cb/0x1a30 [ 1857.302217][ T348] ? __down_read+0xf1/0x210 [ 1857.306739][ T348] ? generic_file_read_iter+0x20b0/0x20b0 [ 1857.312428][ T348] ? is_mmconf_reserved+0x420/0x420 [ 1857.317591][ T348] ext4_filemap_fault+0x7b/0x90 [ 1857.322411][ T348] handle_mm_fault+0x29ca/0x41e0 [ 1857.328013][ T348] ? finish_fault+0x230/0x230 [ 1857.332659][ T348] ? get_timespec64+0x11f/0x1d0 [ 1857.337533][ T348] ? down_read_trylock+0x17a/0x1d0 [ 1857.342609][ T348] ? __x64_sys_nanosleep+0x60/0x60 [ 1857.347686][ T348] ? vmacache_find+0x205/0x4b0 [ 1857.352421][ T348] do_user_addr_fault+0x48a/0x9f0 [ 1857.357425][ T348] page_fault+0x2f/0x40 [ 1857.361564][ T348] RIP: 0033:0x468a8d [ 1857.365442][ T348] Code: Bad RIP value. [ 1857.369480][ T348] RSP: 002b:000000c00004df18 EFLAGS: 00010202 [ 1857.375516][ T348] RAX: 0000000000000000 RBX: 0000000000004e20 RCX: 0000000000468a8d [ 1857.383721][ T348] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000c00004df18 [ 1857.391852][ T348] RBP: 000000c00004df28 R08: 00000000002cd141 R09: 00007ffeb36a90b8 [ 1857.399811][ T348] R10: 0000000000000000 R11: 0000000000000202 R12: 0000000000439470 [ 1857.407755][ T348] R13: 0000000000000000 R14: 0000000000ad74e0 R15: 0000000000000000 [ 1857.417985][ T348] Mem-Info: [ 1857.421116][ T348] active_anon:1414166 inactive_anon:6774 isolated_anon:0 [ 1857.421116][ T348] active_file:32 inactive_file:90 isolated_file:0 [ 1857.421116][ T348] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1857.421116][ T348] slab_reclaimable:8851 slab_unreclaimable:77903 [ 1857.421116][ T348] mapped:56998 shmem:6853 pagetables:38725 bounce:0 [ 1857.421116][ T348] free:10000 free_pcp:113 free_cma:0 [ 1857.458883][ T348] Node 0 active_anon:5656664kB inactive_anon:27096kB active_file:228kB inactive_file:72kB unevictable:0kB isolated(anon):0kB isolated(file):224kB mapped:228392kB dirty:0kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1857.482980][ T348] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1857.509054][ T348] lowmem_reserve[]: 0 2912 6416 6416 [ 1857.514379][ T348] DMA32 free:18684kB min:4644kB low:7624kB high:10604kB active_anon:2820780kB inactive_anon:3540kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14176kB pagetables:30384kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1857.543149][ T348] lowmem_reserve[]: 0 0 3504 3504 [ 1857.548200][ T348] Normal free:5556kB min:5592kB low:9180kB high:12768kB active_anon:2835884kB inactive_anon:23556kB active_file:252kB inactive_file:224kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:31872kB pagetables:124516kB bounce:0kB free_pcp:620kB local_pcp:0kB free_cma:0kB [ 1857.583580][ T348] lowmem_reserve[]: 0 0 0 0 [ 1857.588102][ T348] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1857.601413][ T348] DMA32: 56*4kB (UME) 69*8kB (UE) 15*16kB (E) 10*32kB (UME) 21*64kB (UME) 13*128kB (UM) 5*256kB (M) 2*512kB (UM) 7*1024kB (UM) 2*2048kB (UM) 0*4096kB = 17912kB [ 1857.617404][ T348] Normal: 31*4kB (UE) 57*8kB (ME) 13*16kB (UME) 9*32kB (U) 10*64kB (M) 22*128kB (UM) 4*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5556kB [ 1857.631846][ T348] 6924 total pagecache pages [ 1857.636423][ T348] 0 pages in swap cache [ 1857.640567][ T348] Swap cache stats: add 0, delete 0, find 0/0 [ 1857.646647][ T348] Free swap = 0kB [ 1857.650347][ T348] Total swap = 0kB [ 1857.654057][ T348] 1965979 pages RAM [ 1857.657858][ T348] 0 pages HighMem/MovableOnly [ 1857.662521][ T348] 318829 pages reserved [ 1857.666650][ T348] 0 pages cma reserved [ 1857.670697][ T348] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=23093,uid=0 [ 1857.684839][ T348] Out of memory: Killed process 23093 (syz-executor.5) total-vm:85480kB, anon-rss:13372kB, file-rss:34668kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1857.705719][ T23] oom_reaper: reaped process 23093 (syz-executor.5), now anon-rss:0kB, file-rss:34668kB, shmem-rss:0kB 22:38:28 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x94], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1858.442067][ T349] syz-fuzzer invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 1858.452931][ T349] CPU: 0 PID: 349 Comm: syz-fuzzer Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1858.462548][ T349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1858.472680][ T349] Call Trace: [ 1858.475971][ T349] dump_stack+0x14a/0x1ce [ 1858.480302][ T349] ? devkmsg_release+0x11c/0x11c [ 1858.485215][ T349] ? show_regs_print_info+0x12/0x12 [ 1858.490381][ T349] ? radix_tree_cpu_dead+0x160/0x160 [ 1858.495637][ T349] ? _raw_spin_lock+0xa1/0x170 [ 1858.500511][ T349] ? _raw_spin_trylock_bh+0x190/0x190 [ 1858.505878][ T349] dump_header+0xdb/0x700 [ 1858.510200][ T349] oom_kill_process+0xd3/0x280 [ 1858.515057][ T349] out_of_memory+0x5b6/0x890 [ 1858.519623][ T349] ? unregister_oom_notifier+0x20/0x20 [ 1858.525056][ T349] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1858.530576][ T349] ? get_page_from_freelist+0x7c0/0x7c0 [ 1858.536250][ T349] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1858.541616][ T349] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1858.547142][ T349] pagecache_get_page+0x50f/0x880 [ 1858.552137][ T349] filemap_fault+0x14cb/0x1a30 [ 1858.556887][ T349] ? __down_read+0xf1/0x210 [ 1858.561358][ T349] ? generic_file_read_iter+0x20b0/0x20b0 [ 1858.567046][ T349] ext4_filemap_fault+0x7b/0x90 [ 1858.571868][ T349] handle_mm_fault+0x29ca/0x41e0 [ 1858.576778][ T349] ? finish_fault+0x230/0x230 [ 1858.581445][ T349] ? down_read_trylock+0x17a/0x1d0 [ 1858.586537][ T349] ? vmacache_find+0x47a/0x4b0 [ 1858.591275][ T349] do_user_addr_fault+0x48a/0x9f0 [ 1858.596270][ T349] page_fault+0x2f/0x40 [ 1858.600396][ T349] RIP: 0033:0x41f64a [ 1858.604262][ T349] Code: 31 ff eb 09 48 ff c7 d1 eb 48 83 c6 08 48 83 ff 08 0f 8d f3 00 00 00 48 39 ce 0f 83 ea 00 00 00 0f ba e3 00 73 de 4c 8d 04 16 <4d> 8b 00 4d 85 c0 74 d2 48 89 7c 24 40 4c 89 44 24 38 48 89 74 24 [ 1858.623835][ T349] RSP: 002b:000000c00004fe20 EFLAGS: 00010283 [ 1858.629886][ T349] RAX: 00007f8e051b7000 RBX: 0000000000000021 RCX: 0000000000040000 [ 1858.637839][ T349] RDX: 0000000001048880 RSI: 0000000000010780 RDI: 0000000000000000 [ 1858.645791][ T349] RBP: 000000c00004fe70 R08: 0000000001059000 R09: 0000000000000076 [ 1858.653738][ T349] R10: 0000000001825888 R11: 00000000000000d3 R12: 0000000000000003 [ 1858.661770][ T349] R13: 01ffffffffffffff R14: 0000000000ad7140 R15: 0000000000000039 [ 1858.670618][ T349] Mem-Info: [ 1858.677726][ T349] active_anon:1413166 inactive_anon:6774 isolated_anon:0 [ 1858.677726][ T349] active_file:367 inactive_file:388 isolated_file:64 [ 1858.677726][ T349] unevictable:0 dirty:15 writeback:0 unstable:0 [ 1858.677726][ T349] slab_reclaimable:8843 slab_unreclaimable:78110 [ 1858.677726][ T349] mapped:57716 shmem:6853 pagetables:38698 bounce:0 [ 1858.677726][ T349] free:10197 free_pcp:68 free_cma:0 [ 1858.716182][ T349] Node 0 active_anon:5652664kB inactive_anon:27096kB active_file:1388kB inactive_file:1808kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:230928kB dirty:60kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1858.741400][ T349] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1858.768027][ T349] lowmem_reserve[]: 0 2912 6416 6416 [ 1858.773476][ T349] DMA32 free:18524kB min:4644kB low:7624kB high:10604kB active_anon:2819908kB inactive_anon:3540kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14048kB pagetables:30336kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1858.802315][ T349] lowmem_reserve[]: 0 0 3504 3504 [ 1858.807476][ T349] Normal free:5432kB min:5592kB low:9180kB high:12768kB active_anon:2832756kB inactive_anon:23556kB active_file:792kB inactive_file:1784kB unevictable:0kB writepending:60kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:31872kB pagetables:124456kB bounce:0kB free_pcp:1400kB local_pcp:492kB free_cma:0kB [ 1858.838336][ T349] lowmem_reserve[]: 0 0 0 0 [ 1858.842973][ T349] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1858.862866][ T349] DMA32: 173*4kB (UME) 77*8kB (UME) 44*16kB (UME) 32*32kB (UME) 24*64kB (UME) 11*128kB (M) 5*256kB (M) 2*512kB (UM) 6*1024kB (M) 2*2048kB (UM) 0*4096kB = 18524kB [ 1858.880217][ T349] Normal: 65*4kB (ME) 53*8kB (UME) 13*16kB (ME) 14*32kB (UM) 11*64kB (M) 22*128kB (M) 4*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5884kB [ 1858.895112][ T349] 7352 total pagecache pages [ 1858.899804][ T349] 0 pages in swap cache [ 1858.904075][ T349] Swap cache stats: add 0, delete 0, find 0/0 [ 1858.910275][ T349] Free swap = 0kB [ 1858.914120][ T349] Total swap = 0kB [ 1858.917947][ T349] 1965979 pages RAM [ 1858.922009][ T349] 0 pages HighMem/MovableOnly [ 1858.926918][ T349] 318829 pages reserved [ 1858.931213][ T349] 0 pages cma reserved [ 1858.935445][ T349] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=23129,uid=0 [ 1858.949672][ T349] Out of memory: Killed process 23129 (syz-executor.4) total-vm:85744kB, anon-rss:13128kB, file-rss:33080kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 1858.970812][ T23] oom_reaper: reaped process 23129 (syz-executor.4), now anon-rss:0kB, file-rss:33692kB, shmem-rss:0kB 22:38:29 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:29 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:29 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x6, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x9, 0x56, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:29 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x9) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r1 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={0x0}}, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=@newtfilter={0x24, 0x2a, 0xd27}, 0x24}}, 0x0) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$SNDRV_TIMER_IOCTL_GPARAMS(r3, 0x40485404, &(0x7f0000000040)={{0x1, 0x2, 0xf87d, 0x0, 0xff}, 0x40, 0xffffffffffffffb8}) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) timerfd_gettime(r5, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) timerfd_gettime(r7, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') 22:38:29 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:29 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:29 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x8, 0x0, 0x0) 22:38:30 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:30 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:30 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:31 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x2, 0x0) 22:38:31 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r0 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r1, &(0x7f00000017c0), 0x375, 0x0, 0x0) r2 = dup(0xffffffffffffffff) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r3, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r3, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:31 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) ioctl$PPPIOCGCHAN(r3, 0x80047437, &(0x7f0000000280)) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:31 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:31 executing program 5: fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f0000000000)="3bab4c9fba51f0fce20c3507ebc5ccabb2bc7f36164e15d8b16316e66be056bc48168433c517bd969023a6a4ac8967475292a3ab1fe6f66db21af63523c94b75d17afdb24d20e32e7ccc8a772031c05f3f2563f46f99d7d5da191ee0f67abd81073c082371f106f0f927d94fdeeeb7", 0x6f}, {&(0x7f0000000080)="c970c39cd1b8e3d09f6f8474e2c26e85689713d86938bedbddeadeaba7d9543e406a849db083", 0x26}], 0x2, 0x3) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)={0x5, 0x6, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r2, 0x0, 0x0}, 0x20) ioctl$LOOP_CHANGE_FD(r0, 0x4c06, r2) r3 = dup(r1) timerfd_gettime(r3, 0x0) 22:38:31 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x3, 0x0) 22:38:31 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:31 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r0 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r1, &(0x7f00000017c0), 0x375, 0x0, 0x0) r2 = dup(0xffffffffffffffff) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r3, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r3, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:31 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) syz_open_dev$rtc(&(0x7f0000000040)='/dev/rtc#\x00', 0x3ff, 0x61e000) timerfd_gettime(r3, 0x0) r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)={0x5, 0x6, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r4, 0x0, 0x0}, 0x20) write$binfmt_elf32(r4, &(0x7f0000000140)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0xdc, 0xaa, 0x5, 0x401, 0x0, 0x3e, 0xfff, 0x369, 0x38, 0x37e, 0x0, 0x2, 0x20, 0x1, 0x5, 0x7428, 0x3}, [{0x3, 0x0, 0x4, 0x9, 0x4, 0x81, 0x1000, 0x6}], "24bf7d4b32cd04803eb8922dd7a12363186cad697b3f87e0e662ee3ce7c5ad9a540d4f94dde8b11f36f426ef54ec7b23207224392f72c6ee0aba1e115222b43b1443c671712cd16377ad90655c992ab7390ed93d2006de5da1d5834ab103a3b4bbb84ceac175fb43616265c7f75c036f11deab96231783b20c4dca9e3a3d17cfa49c2c86357f388f91df555ad7bdef19f0ee6395579a59244e9583f10e6ab575a174737b9cdd", [[], [], [], [], [], [], [], [], [], []]}, 0xafe) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:38:32 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=0x0, @ANYBLOB="1e9cc2ca7eaa4a8e87b8f3e1fcfb31009e0d296481074d8f9cde971331b455cc0d9f895a300445deaf9ad0cec4efcd3307c74a7b4ef1234bc045c009ecd89162adda84c0317ba709c176bd2a07f01cc2cce434e720a6042def938034e045b7d75e"], 0x24}}, 0x0) sendmsg$MPTCP_PM_CMD_GET_ADDR(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000440)={&(0x7f0000000300)=ANY=[@ANYBLOB="cc000000", @ANYRES16=0x0, @ANYBLOB="08002dbd7000fcdbdf250300000000000000000001004e2300001400040000000000000000000000ffffac1414c01c0001800800060002000000050002000400000008000700", @ANYRES32=0x0, @ANYBLOB="0c000180060001000a00000008000300080000000800030001000000400001801400040020010000000000000000000000000002060001000a000000060005004e24000005000200ff00000008000700", @ANYRES32=0x0, @ANYBLOB="060005004e2200000800020001000000080002000100000008000300070000000800030005000000"], 0xcc}, 0x1, 0x0, 0x0, 0x60040000}, 0x18090) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:32 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1862.204030][T23201] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1862.216712][T23201] CPU: 1 PID: 23201 Comm: syz-executor.3 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1862.226847][T23201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1862.236874][T23201] Call Trace: [ 1862.240137][T23201] dump_stack+0x14a/0x1ce [ 1862.244433][T23201] ? devkmsg_release+0x11c/0x11c [ 1862.249337][T23201] ? show_regs_print_info+0x12/0x12 [ 1862.254506][T23201] ? radix_tree_cpu_dead+0x160/0x160 [ 1862.259758][T23201] ? _raw_spin_lock+0xa1/0x170 [ 1862.264581][T23201] ? _raw_spin_trylock_bh+0x190/0x190 [ 1862.269921][T23201] dump_header+0xdb/0x700 [ 1862.274270][T23201] oom_kill_process+0xd3/0x280 [ 1862.279001][T23201] out_of_memory+0x5b6/0x890 [ 1862.283570][T23201] ? unregister_oom_notifier+0x20/0x20 [ 1862.289062][T23201] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1862.294611][T23201] ? get_page_from_freelist+0x7c0/0x7c0 [ 1862.300136][T23201] ? __zone_watermark_ok+0x91/0x280 [ 1862.305317][T23201] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1862.310671][T23201] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1862.316185][T23201] ? copy_process+0x5a4/0x5110 [ 1862.320926][T23201] ? kmem_cache_alloc+0x1d5/0x260 [ 1862.325929][T23201] copy_process+0x5f3/0x5110 [ 1862.330486][T23201] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1862.336191][T23201] ? _raw_spin_lock+0xa1/0x170 [ 1862.340921][T23201] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1862.346696][T23201] ? __lru_cache_add+0x1a1/0x1f0 [ 1862.351607][T23201] ? fork_idle+0x290/0x290 [ 1862.356000][T23201] _do_fork+0x196/0x920 [ 1862.360137][T23201] ? finish_fault+0x230/0x230 [ 1862.364798][T23201] ? up_write+0xa1/0x190 [ 1862.369017][T23201] ? dup_mm+0x300/0x300 [ 1862.373148][T23201] __x64_sys_clone+0x25e/0x2c0 [ 1862.377883][T23201] ? __ia32_sys_vfork+0x110/0x110 [ 1862.382929][T23201] ? do_user_addr_fault+0x55c/0x9f0 [ 1862.388092][T23201] do_syscall_64+0xcb/0x150 [ 1862.392567][T23201] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1862.398427][T23201] RIP: 0033:0x45fb59 [ 1862.402297][T23201] Code: Bad RIP value. [ 1862.406329][T23201] RSP: 002b:00007ffdc5ab0428 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1862.414704][T23201] RAX: ffffffffffffffda RBX: 00007fde32b31700 RCX: 000000000045fb59 [ 1862.422732][T23201] RDX: 00007fde32b319d0 RSI: 00007fde32b30db0 RDI: 00000000003d0f00 [ 1862.430790][T23201] RBP: 00007ffdc5ab0650 R08: 00007fde32b31700 R09: 00007fde32b31700 [ 1862.438732][T23201] R10: 00007fde32b319d0 R11: 0000000000000202 R12: 0000000000000000 [ 1862.446674][T23201] R13: 00007ffdc5ab04df R14: 00007fde32b319c0 R15: 000000000118cf4c [ 1862.475619][T23201] Mem-Info: [ 1862.478772][T23201] active_anon:1414031 inactive_anon:6774 isolated_anon:0 [ 1862.478772][T23201] active_file:32 inactive_file:0 isolated_file:28 [ 1862.478772][T23201] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1862.478772][T23201] slab_reclaimable:8837 slab_unreclaimable:77873 [ 1862.478772][T23201] mapped:57016 shmem:6853 pagetables:38860 bounce:0 [ 1862.478772][T23201] free:9999 free_pcp:0 free_cma:0 [ 1862.523597][T23201] Node 0 active_anon:5656124kB inactive_anon:27096kB active_file:0kB inactive_file:0kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:228064kB dirty:0kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1862.547861][T23201] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1862.574071][T23201] lowmem_reserve[]: 0 2912 6416 6416 [ 1862.579397][T23201] DMA32 free:18608kB min:4644kB low:7624kB high:10604kB active_anon:2818036kB inactive_anon:3540kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14208kB pagetables:30548kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1862.608157][T23201] lowmem_reserve[]: 0 0 3504 3504 [ 1862.613258][T23201] Normal free:5424kB min:5592kB low:9180kB high:12768kB active_anon:2838896kB inactive_anon:23556kB active_file:8kB inactive_file:176kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:31904kB pagetables:124896kB bounce:0kB free_pcp:128kB local_pcp:0kB free_cma:0kB [ 1862.642499][T23201] lowmem_reserve[]: 0 0 0 0 [ 1862.647009][T23201] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1862.660316][T23201] DMA32: 312*4kB (UME) 156*8kB (UME) 72*16kB (UME) 39*32kB (UME) 24*64kB (UME) 11*128kB (M) 6*256kB (UM) 2*512kB (UM) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 18592kB [ 1862.677198][T23201] Normal: 32*4kB (ME) 26*8kB (ME) 8*16kB (ME) 6*32kB (UM) 16*64kB (UM) 23*128kB (UM) 0*256kB 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 5136kB [ 1862.692428][T23201] 6876 total pagecache pages [ 1862.697003][T23201] 0 pages in swap cache [ 1862.701143][T23201] Swap cache stats: add 0, delete 0, find 0/0 [ 1862.707194][T23201] Free swap = 0kB [ 1862.710879][T23201] Total swap = 0kB [ 1862.714909][T23201] 1965979 pages RAM [ 1862.718700][T23201] 0 pages HighMem/MovableOnly [ 1862.723369][T23201] 318829 pages reserved [ 1862.727500][T23201] 0 pages cma reserved [ 1862.731836][T23201] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.3,pid=23127,uid=0 [ 1862.745952][T23201] Out of memory: Killed process 23127 (syz-executor.3) total-vm:85348kB, anon-rss:11304kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 1862.765734][ T23] oom_reaper: reaped process 23127 (syz-executor.3), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1862.786750][T23195] syz-executor.5 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1862.808335][T23195] CPU: 0 PID: 23195 Comm: syz-executor.5 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1862.818492][T23195] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1862.828522][T23195] Call Trace: [ 1862.831788][T23195] dump_stack+0x14a/0x1ce [ 1862.836089][T23195] ? devkmsg_release+0x11c/0x11c [ 1862.840996][T23195] ? show_regs_print_info+0x12/0x12 [ 1862.847814][T23195] ? radix_tree_cpu_dead+0x160/0x160 [ 1862.853068][T23195] ? _raw_spin_lock+0xa1/0x170 [ 1862.857804][T23195] ? _raw_spin_trylock_bh+0x190/0x190 [ 1862.863440][T23195] dump_header+0xdb/0x700 [ 1862.867743][T23195] oom_kill_process+0xd3/0x280 [ 1862.872478][T23195] out_of_memory+0x5b6/0x890 [ 1862.877039][T23195] ? unregister_oom_notifier+0x20/0x20 [ 1862.882470][T23195] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1862.887989][T23195] ? get_page_from_freelist+0x7c0/0x7c0 [ 1862.893505][T23195] ? __zone_watermark_ok+0x91/0x280 [ 1862.898676][T23195] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1862.904018][T23195] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1862.909532][T23195] ? copy_process+0x5a4/0x5110 [ 1862.914264][T23195] ? kmem_cache_alloc+0x1d5/0x260 [ 1862.919266][T23195] copy_process+0x5f3/0x5110 [ 1862.923829][T23195] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1862.929520][T23195] ? _raw_spin_lock+0xa1/0x170 [ 1862.934253][T23195] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1862.940115][T23195] ? __lru_cache_add+0x1a1/0x1f0 [ 1862.945022][T23195] ? fork_idle+0x290/0x290 [ 1862.949412][T23195] _do_fork+0x196/0x920 [ 1862.953641][T23195] ? finish_fault+0x230/0x230 [ 1862.958288][T23195] ? up_write+0xa1/0x190 [ 1862.962502][T23195] ? dup_mm+0x300/0x300 [ 1862.966629][T23195] __x64_sys_clone+0x25e/0x2c0 [ 1862.971363][T23195] ? __ia32_sys_vfork+0x110/0x110 [ 1862.976359][T23195] ? do_user_addr_fault+0x55c/0x9f0 [ 1862.981545][T23195] do_syscall_64+0xcb/0x150 [ 1862.986033][T23195] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1862.991924][T23195] RIP: 0033:0x45fb59 [ 1862.995819][T23195] Code: Bad RIP value. [ 1862.999857][T23195] RSP: 002b:00007ffd6eaa9058 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1863.008237][T23195] RAX: ffffffffffffffda RBX: 00007f3e160eb700 RCX: 000000000045fb59 [ 1863.016197][T23195] RDX: 00007f3e160eb9d0 RSI: 00007f3e160eadb0 RDI: 00000000003d0f00 [ 1863.024145][T23195] RBP: 00007ffd6eaa9280 R08: 00007f3e160eb700 R09: 00007f3e160eb700 22:38:33 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r0 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r1, &(0x7f00000017c0), 0x375, 0x0, 0x0) r2 = dup(0xffffffffffffffff) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r3, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r3, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) [ 1863.032108][T23195] R10: 00007f3e160eb9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1863.040050][T23195] R13: 00007ffd6eaa910f R14: 00007f3e160eb9c0 R15: 000000000118d12c 22:38:33 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1863.398503][T23195] Mem-Info: [ 1863.401754][T23195] active_anon:1413292 inactive_anon:6774 isolated_anon:0 [ 1863.401754][T23195] active_file:261 inactive_file:240 isolated_file:32 [ 1863.401754][T23195] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1863.401754][T23195] slab_reclaimable:8837 slab_unreclaimable:77695 [ 1863.401754][T23195] mapped:57487 shmem:6853 pagetables:38861 bounce:0 [ 1863.401754][T23195] free:9957 free_pcp:634 free_cma:0 [ 1863.439671][T23195] Node 0 active_anon:5653168kB inactive_anon:27096kB active_file:1044kB inactive_file:960kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:229848kB dirty:0kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1863.463897][T23195] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1863.501230][T23195] lowmem_reserve[]: 0 2912 6416 6416 [ 1863.506554][T23195] DMA32 free:18816kB min:4644kB low:7624kB high:10604kB active_anon:2817936kB inactive_anon:3540kB active_file:0kB inactive_file:120kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14240kB pagetables:30524kB bounce:0kB free_pcp:32kB local_pcp:12kB free_cma:0kB [ 1863.536811][T23195] lowmem_reserve[]: 0 0 3504 3504 [ 1863.550038][T23195] Normal free:5668kB min:5592kB low:9180kB high:12768kB active_anon:2835308kB inactive_anon:23556kB active_file:676kB inactive_file:1548kB unevictable:0kB writepending:116kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:31904kB pagetables:124812kB bounce:0kB free_pcp:1536kB local_pcp:1028kB free_cma:0kB [ 1863.580136][T23195] lowmem_reserve[]: 0 0 0 0 [ 1863.584902][T23195] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1863.598668][T23195] DMA32: 296*4kB (UME) 156*8kB (UME) 72*16kB (ME) 42*32kB (ME) 24*64kB (UME) 12*128kB (UM) 6*256kB (UM) 1*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 18240kB [ 1863.615145][T23195] Normal: 32*4kB (ME) 29*8kB (UME) 12*16kB (ME) 6*32kB (UM) 13*64kB (UM) 24*128kB (UM) 1*256kB (U) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 5416kB [ 1863.630101][T23195] 7594 total pagecache pages [ 1863.634933][T23195] 0 pages in swap cache [ 1863.639083][T23195] Swap cache stats: add 0, delete 0, find 0/0 [ 1863.645152][T23195] Free swap = 0kB [ 1863.648856][T23195] Total swap = 0kB [ 1863.654218][T23195] 1965979 pages RAM [ 1863.658024][T23195] 0 pages HighMem/MovableOnly [ 1863.662708][T23195] 318829 pages reserved [ 1863.666847][T23195] 0 pages cma reserved [ 1863.670904][T23195] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=5149,uid=0 [ 1863.684924][T23195] Out of memory: Killed process 5149 (syz-executor.2) total-vm:85348kB, anon-rss:10148kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 1864.105130][T23211] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1864.116854][T23211] CPU: 0 PID: 23211 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1864.127001][T23211] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1864.137048][T23211] Call Trace: [ 1864.140339][T23211] dump_stack+0x14a/0x1ce [ 1864.144666][T23211] ? devkmsg_release+0x11c/0x11c [ 1864.149595][T23211] ? show_regs_print_info+0x12/0x12 [ 1864.154771][T23211] ? radix_tree_cpu_dead+0x160/0x160 [ 1864.160030][T23211] ? _raw_spin_lock+0xa1/0x170 [ 1864.164767][T23211] ? _raw_spin_trylock_bh+0x190/0x190 [ 1864.170110][T23211] dump_header+0xdb/0x700 [ 1864.174413][T23211] oom_kill_process+0xd3/0x280 [ 1864.179148][T23211] out_of_memory+0x5b6/0x890 [ 1864.183709][T23211] ? unregister_oom_notifier+0x20/0x20 [ 1864.189141][T23211] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1864.194661][T23211] ? get_page_from_freelist+0x7c0/0x7c0 [ 1864.200177][T23211] ? __zone_watermark_ok+0x91/0x280 [ 1864.205347][T23211] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1864.210692][T23211] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1864.216206][T23211] ? filemap_fault+0x1a30/0x1a30 [ 1864.221118][T23211] alloc_slab_page+0x3a/0x3a0 [ 1864.225810][T23211] new_slab+0x408/0x450 [ 1864.229936][T23211] ? should_fail+0x18e/0x860 [ 1864.234497][T23211] ? getname_flags+0xb8/0x610 [ 1864.239146][T23211] ___slab_alloc+0x2e0/0x450 [ 1864.243707][T23211] ? getname_flags+0xb8/0x610 [ 1864.248354][T23211] ? getname_flags+0xb8/0x610 [ 1864.254735][T23211] kmem_cache_alloc+0x23f/0x260 [ 1864.259556][T23211] getname_flags+0xb8/0x610 [ 1864.264038][T23211] user_path_at_empty+0x28/0x50 [ 1864.268894][T23211] ksys_chdir+0xa4/0x260 [ 1864.273107][T23211] ? __fpregs_load_activate+0x2d3/0x390 [ 1864.278621][T23211] ? __ia32_sys_access+0x60/0x60 [ 1864.283528][T23211] ? switch_fpu_return+0x10/0x10 [ 1864.288436][T23211] ? do_user_addr_fault+0x521/0x9f0 [ 1864.293866][T23211] __x64_sys_chdir+0x34/0x40 [ 1864.298429][T23211] do_syscall_64+0xcb/0x150 [ 1864.302907][T23211] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1864.308772][T23211] RIP: 0033:0x45c777 [ 1864.312649][T23211] Code: Bad RIP value. [ 1864.316696][T23211] RSP: 002b:00007ffd47501d58 EFLAGS: 00000246 ORIG_RAX: 0000000000000050 [ 1864.325099][T23211] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045c777 [ 1864.333047][T23211] RDX: 0000000000000001 RSI: 0000000000747e70 RDI: 00007ffd47501da0 [ 1864.340991][T23211] RBP: 0000000000000000 R08: 0000000000000001 R09: 000000000196f940 [ 1864.348947][T23211] R10: 000000000196fc10 R11: 0000000000000246 R12: 0000000000000000 [ 1864.356901][T23211] R13: 00007ffd47501d90 R14: 0000000000000000 R15: 00007ffd47501da0 [ 1864.382041][T23211] Mem-Info: [ 1864.385548][T23211] active_anon:1413740 inactive_anon:6774 isolated_anon:0 [ 1864.385548][T23211] active_file:133 inactive_file:288 isolated_file:22 [ 1864.385548][T23211] unevictable:0 dirty:9 writeback:0 unstable:0 [ 1864.385548][T23211] slab_reclaimable:8837 slab_unreclaimable:77815 [ 1864.385548][T23211] mapped:57388 shmem:6853 pagetables:38807 bounce:0 [ 1864.385548][T23211] free:10031 free_pcp:168 free_cma:0 [ 1864.423839][T23211] Node 0 active_anon:5654960kB inactive_anon:27096kB active_file:712kB inactive_file:768kB unevictable:0kB isolated(anon):0kB isolated(file):88kB mapped:229352kB dirty:36kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1864.448627][T23211] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1864.475584][T23211] lowmem_reserve[]: 0 2912 6416 6416 [ 1864.481522][T23211] DMA32 free:18452kB min:4644kB low:7624kB high:10604kB active_anon:2818192kB inactive_anon:3540kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14112kB pagetables:30524kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1864.517245][T23211] lowmem_reserve[]: 0 0 3504 3504 [ 1864.523026][T23211] Normal free:6496kB min:5592kB low:9180kB high:12768kB active_anon:2836772kB inactive_anon:23556kB active_file:128kB inactive_file:260kB unevictable:0kB writepending:56kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:31904kB pagetables:124704kB bounce:0kB free_pcp:1224kB local_pcp:28kB free_cma:0kB [ 1864.553120][T23211] lowmem_reserve[]: 0 0 0 0 [ 1864.557713][T23211] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1864.572019][T23211] DMA32: 271*4kB (UME) 155*8kB (UME) 73*16kB (UME) 57*32kB (UME) 25*64kB (UME) 12*128kB (UM) 6*256kB (UM) 1*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 18692kB [ 1864.588454][T23211] Normal: 150*4kB (UME) 70*8kB (UME) 36*16kB (UME) 5*32kB (UM) 2*64kB (U) 21*128kB (UM) 3*256kB (UM) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 5992kB [ 1864.603642][T23211] 7173 total pagecache pages [ 1864.608336][T23211] 0 pages in swap cache [ 1864.612606][T23211] Swap cache stats: add 0, delete 0, find 0/0 [ 1864.618779][T23211] Free swap = 0kB [ 1864.622709][T23211] Total swap = 0kB [ 1864.626504][T23211] 1965979 pages RAM [ 1864.630975][T23211] 0 pages HighMem/MovableOnly [ 1864.639128][T23211] 318829 pages reserved [ 1864.643424][T23211] 0 pages cma reserved 22:38:34 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x4, 0x0) [ 1864.647601][T23211] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=23195,uid=0 [ 1864.661965][T23211] Out of memory: Killed process 23195 (syz-executor.5) total-vm:85612kB, anon-rss:16372kB, file-rss:33928kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 22:38:35 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:35 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) read$hiddev(r0, &(0x7f0000000140)=""/139, 0x8b) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)={0x5, 0x6, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r4, 0x0, 0x0}, 0x20) r5 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r7 = dup(r6) getsockname$packet(r7, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r8, @ANYBLOB="3de415712a715b7576be78259225bb0073"], 0x24}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000300)={'sit0\x00', &(0x7f0000000280)={'ip6_vti0\x00', r8, 0x29, 0x7f, 0x6, 0x2, 0x1, @mcast1, @private1={0xfc, 0x1, [], 0x1}, 0x1, 0x40, 0xc497, 0xfff}}) sendmsg$TEAM_CMD_OPTIONS_SET(r3, &(0x7f0000000600)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000005c0)={&(0x7f0000000640)={0x268, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {}, [{{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0x38, 0x1, @activeport={{0x24, 0x1, 'activeport\x00'}, {0x5}, {0x8}}}]}}, {{0x8}, {0xc4, 0x2, 0x0, 0x1, [{0x40, 0x1, @queue_id={{{0x24, 0x1, 'queue_id\x00'}, {0x5}, {0x8, 0x4, 0x3}}, {0x8}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}, {0x40, 0x1, @name={{0x24, 0x1, 'mode\x00'}, {0x5}, {0x10, 0x4, 'loadbalance\x00'}}}]}}, {{0x8}, {0x3c, 0x2, 0x0, 0x1, [{0xffffffffffffff41, 0x1, @mcast_rejoin_interval={{0x24, 0x1, 'mcast_rejoin_interval\x00'}, {0x5}, {0x8, 0x4, 0x54}}}]}}, {{0x8}, {0xf8, 0x2, 0x0, 0x1, [{0x38, 0x1, @notify_peers_interval={{0x24, 0x1, 'notify_peers_interval\x00'}, {0x5}, {0x8, 0x4, 0x1f}}}, {0x44, 0x1, @bpf_hash_func={{0x24, 0x1, 'bpf_hash_func\x00'}, {0x5}, {0x14, 0x4, [{0xf5, 0xfe, 0x81, 0x1be0}, {0x6, 0x29, 0x0, 0xffff}]}}}, {0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24, 0x1, 'lb_tx_hash_to_port_mapping\x00'}, {0x5}, {0x8, 0x4, r9}}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24, 0x1, 'lb_stats_refresh_interval\x00'}, {0x5}, {0x8, 0x4, 0x3}}}]}}]}, 0x268}, 0x1, 0x0, 0x0, 0x800}, 0x40081) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r4, 0xf503, 0x0) 22:38:35 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000300)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9, 0x0, 0x0, 0x80000000, 0x0, 0x1}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) r2 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000280)='/dev/hwrng\x00', 0x40000, 0x0) ioctl$PPPIOCSFLAGS(r2, 0x40047459, &(0x7f00000002c0)=0x80000) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x10000, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000280), 0x0) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) clone(0xc2a68903, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:35 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:35 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x5, 0x0) 22:38:35 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:35 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x6, 0x0) [ 1865.103916][T23255] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1865.117622][T23255] CPU: 1 PID: 23255 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1865.127782][T23255] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1865.137834][T23255] Call Trace: [ 1865.141125][T23255] dump_stack+0x14a/0x1ce [ 1865.145456][T23255] ? devkmsg_release+0x11c/0x11c [ 1865.150396][T23255] ? show_regs_print_info+0x12/0x12 [ 1865.155593][T23255] ? radix_tree_cpu_dead+0x160/0x160 [ 1865.160875][T23255] ? _raw_spin_lock+0xa1/0x170 [ 1865.165642][T23255] ? _raw_spin_trylock_bh+0x190/0x190 [ 1865.171024][T23255] dump_header+0xdb/0x700 [ 1865.175442][T23255] oom_kill_process+0xd3/0x280 [ 1865.180211][T23255] out_of_memory+0x5b6/0x890 [ 1865.184808][T23255] ? unregister_oom_notifier+0x20/0x20 [ 1865.190270][T23255] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1865.195830][T23255] ? get_page_from_freelist+0x7c0/0x7c0 [ 1865.202163][T23255] ? __zone_watermark_ok+0x91/0x280 [ 1865.207370][T23255] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1865.212747][T23255] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1865.218309][T23255] ? copy_process+0x5a4/0x5110 [ 1865.223077][T23255] ? kmem_cache_alloc+0x1d5/0x260 [ 1865.228102][T23255] copy_process+0x5f3/0x5110 [ 1865.232704][T23255] ? search_process_keyrings_rcu+0x260/0x260 [ 1865.238694][T23255] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 1865.244762][T23255] ? fork_idle+0x290/0x290 [ 1865.249185][T23255] _do_fork+0x196/0x920 [ 1865.253343][T23255] ? switch_mm+0x100/0x100 [ 1865.257760][T23255] ? dup_mm+0x300/0x300 [ 1865.261917][T23255] ? ktime_get_raw+0x130/0x130 [ 1865.266687][T23255] __x64_sys_clone+0x25e/0x2c0 [ 1865.271715][T23255] ? __ia32_sys_vfork+0x110/0x110 [ 1865.276750][T23255] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1865.282387][T23255] do_syscall_64+0xcb/0x150 [ 1865.286895][T23255] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1865.292783][T23255] RIP: 0033:0x45d189 [ 1865.296678][T23255] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1865.316278][T23255] RSP: 002b:00007fe26cb9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1865.324684][T23255] RAX: ffffffffffffffda RBX: 0000000000001f40 RCX: 000000000045d189 [ 1865.332910][T23255] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 00000000c2a68903 [ 1865.340879][T23255] RBP: 000000000118d0d0 R08: ffffffffffffffff R09: 0000000000000000 [ 1865.348847][T23255] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118d08c [ 1865.356813][T23255] R13: 00007ffc8d239f3f R14: 00007fe26cb9e9c0 R15: 000000000118d08c [ 1865.399640][T23255] Mem-Info: [ 1865.452437][T23255] active_anon:1410291 inactive_anon:6774 isolated_anon:8 [ 1865.452437][T23255] active_file:618 inactive_file:994 isolated_file:51 [ 1865.452437][T23255] unevictable:0 dirty:24 writeback:15 unstable:0 [ 1865.452437][T23255] slab_reclaimable:8837 slab_unreclaimable:78088 [ 1865.452437][T23255] mapped:58380 shmem:6853 pagetables:38995 bounce:0 [ 1865.452437][T23255] free:11652 free_pcp:196 free_cma:0 [ 1865.588067][T23255] Node 0 active_anon:5643852kB inactive_anon:27096kB active_file:2488kB inactive_file:2732kB unevictable:0kB isolated(anon):0kB isolated(file):200kB mapped:232232kB dirty:76kB writeback:8kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1865.621995][T23255] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1865.697440][T23255] lowmem_reserve[]: 0 2912 6416 6416 [ 1865.722839][T23255] DMA32 free:17732kB min:4644kB low:7624kB high:10604kB active_anon:2820028kB inactive_anon:3540kB active_file:16kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14016kB pagetables:30432kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 1865.822913][T23255] lowmem_reserve[]: 0 0 3504 3504 [ 1865.828253][T23255] Normal free:25292kB min:5592kB low:9180kB high:12768kB active_anon:2810640kB inactive_anon:23556kB active_file:2060kB inactive_file:1928kB unevictable:0kB writepending:84kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32288kB pagetables:125096kB bounce:0kB free_pcp:2484kB local_pcp:764kB free_cma:0kB [ 1865.858463][T23255] lowmem_reserve[]: 0 0 0 0 [ 1865.863568][T23255] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1865.877619][T23255] DMA32: 184*4kB (UME) 134*8kB (UME) 74*16kB (UME) 57*32kB (UME) 25*64kB (UME) 13*128kB (UM) 6*256kB (UM) 1*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 18320kB [ 1865.895069][T23255] Normal: 720*4kB (UMEH) 679*8kB (UMEH) 320*16kB (UMEH) 179*32kB (UMH) 23*64kB (M) 7*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 21528kB [ 1865.911594][T23255] 9073 total pagecache pages [ 1865.916919][T23255] 0 pages in swap cache 22:38:36 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x7, 0x0) 22:38:36 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1865.921578][T23255] Swap cache stats: add 0, delete 0, find 0/0 [ 1865.927989][T23255] Free swap = 0kB [ 1865.953149][T23255] Total swap = 0kB [ 1865.991377][T23255] 1965979 pages RAM [ 1866.003463][T23255] 0 pages HighMem/MovableOnly [ 1866.020915][T23255] 318829 pages reserved [ 1866.031027][T23255] 0 pages cma reserved [ 1866.040074][T23255] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=6786,uid=0 [ 1866.059331][T23255] Out of memory: Killed process 6786 (syz-executor.0) total-vm:85480kB, anon-rss:10112kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 22:38:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:36 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r1 = getpid() r2 = syz_open_procfs(r1, &(0x7f00000013c0)='net/nf_conntrack\x00') bpf$PROG_LOAD(0x5, &(0x7f0000001400)={0x7, 0x4, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4040, 0x0, 0x0, 0x0, 0x9}, [@func={0x85, 0x0, 0x1, 0x0, 0x3}]}, &(0x7f0000000300)='GPL\x00', 0x9, 0x1000, &(0x7f0000000340)=""/4096, 0x41100, 0x0, [], r0, 0x13, 0xffffffffffffffff, 0x8, &(0x7f0000001340)={0x3, 0x5}, 0x8, 0x10, &(0x7f0000001380)={0x3, 0xe, 0x264, 0x345}, 0x10, 0x0, r2}, 0x78) sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r3 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r3, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6, 0x0, 0x400000}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r6 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r6, 0x0) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r7, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:36 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:36 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000040)=[{&(0x7f0000000140)="f7a013ca1a2bca637eb599b00cc18c87e735b54b92e94ea8fa5cd913b96b6b8522664b095be082f53b307831bf882fba90d8d8883080f4da7ea4d701728b56c3dbd2a02b4a704cb625136de6be5226fdc8f8c799701210c226a4d6fcee974a3575f429d6f8c0c5ac0af053c9863d2969c47ec2f3387b7333efb273fdd5c3e1ec76c64d9ba49a53d83477df131d804c088a66afc1043edf327c0b5afe90aec96a47c9222dadabcbf669d01b35417a5a85e61d17b30ca49200000000000000040000", 0xc1}, {&(0x7f0000001340)="c4f269515a85c6e4ffb4a012156f4afa8085a769e595b4e6b69466b8d24ef63cbf799d2e907f85accddb3da9c5f60333769f93a72b51981959c3aff6ad437db87493fcfae0fa749e5314141f3561fac9165fed401e8c5768d427aa02aa87089aeab66f2f60bcef49fc3f40712973c6da52c69953671e8189ad3c3d2eb0ef68bd86147cfa91c452164327575801e79edd37846a3fbf88c86c553bebab5981b3ca4a2c8a0ccbf57f66fba98caa9f20a682265d7b261eeb071e4012b56705edace2876921c33c5fd99679fafa0a0e34aebffa16dfee6e5ee7ee936b9714a9b9344ee68d60b3d6cffba4963d45325f9267933b8d6167fe83dbd6ad5579a7215fef35cde48a310ab52046ea861932f1a59bbee2bee7c69c076b50ffcdda35e368620e2ebccad403ce1a412592bd6fe9631d78b7985ac9e76786da3e9ec5083ed956fcf479db7ff2f7ae6bcf2ec4ba90685abca11bcd5caaf1af75139e136faf7ac4965de21dacb7dcdc51dcd873fe9d463fbf6b89346abfb3b48f5cc65a6b3c8df27c7302d25be0ef06b73ff9cf277c58eac59799cde86616eba80a1b2979be4cf1fabdba7aa57037b988f484f67b833109e34a3e0608b0a3f6f1f2526d677c3f4bf1f27313a13a8bd2c67167107e60ccaa1973d6fa6b3a48c4402fe90c0bcd35d984bce9ad2924e35311c48b2b5cc1b4aa87186ccb8a1c9b4edb88cc20b9654f45da91105143547549297151f0cc8056d6cf48ea64d639941cd008eec5f9646db0f5bd726cb131e3d08d7dad79a62c4d397e4470372459e9eb32f531364f626c6c5195b0d506218a14621e42395587ceac14d9fe3ad80f9c9959b6ee51e7e0d42c1eaf0b6d27e170d6ae29b4b029def975441b044c02426bc393e54291454c9382ff3809b8c4e94560816a9a701f623fc0681b06aafdac79085f7aeeef7d6afa115e599393ade2dab53ebd1e3b5fdbb915075aaafa9931c7a08eaf9f86a0038bcbf49ab96e67c59fecf23132c497db43199db78cc67bc0bb157f03ae96c16ec88a302df0d08c308c5e086787420ef36c12110926286cb2ec50a84db03684dd747ef5b4a279967f9b0149841576bfd90cd16c370d376f2e5b938a3b27b9f5ba2c385e3869aea135132b96ca02f9d42e132dab0c9c61da1019d263f914c1235f609b200ba5230ef4558d826f3a6396e2c900a7dff618d489fc61c1b898ea5ab4760479f8642f448e2fe283dfcf21428d7b930edc97d1092f4cc0d57c04ea94914108a301e5d94fd05cace825a3b27aa96a0c3a9893d39f2c6f1f9e2030a3aff9b83bb4e2f7859cf55ae4d88e3fa880e5c4b6b37a26ef3e9f914fc8ddd08eead99f4f73e97757b2760e197c66239d23e6434b377dce232d1a792f49b98b9e0024cdbf8da089e7a76ac6725479d2d5121a588e21cafbd836a31b3568249100015ae466cfcb84cc99a46b74442c432cb9b6e758c833bbaa2939758df39bf27df3fe25fdc4df4aaf71fb002204f24ca519c16446ac3432d5e8e9fa535b80d60ec7090798e994b9c685be632a97ef247182d70ae8b38cd62f40a94230164e8ff3c9e528a492b8313a6c49d325d213a8656ab18b454c645d3b69d9ab00ea72a5c885af3d715181494803edffda3e83f6aa16e1cbbf4c1338093338bc8ea11a5cf314e715bca1ea6e99f42a40d23ee059852a7ea6cd15b21cd095398eb49bc7df27885411e366bee84ed1af7540797d8ef96de44ee46b773679991d3aa1ffbff868eab76942844036930d727bfb9ae42aab003fe436db934b8793207326ed42694f400d2cb7e7b55ea9bb10585af2875ff0dbba70ebc07ac61efe6044f924e4b2e42f4582dbf281a22270c92668bf255f89583718c3b550a6c66f2d108025b3880e14e24c95739c04bf05754802bbe2c2e401331c18a210bd2678720e0c784725a94ef756ff9d55066caedbaa8bb42bc54fcdd5b694db9ff0a068c8dc5e61facd9d1f97e9ea7eb612fe717c0441caed6b79f699dce87dede223591cc063d35244190a777cebcaf23746fd88c53efedc7ef3d6dee8bd9b97034223f08b028ad6cbb43aa1821fc67ae2605ec51b12936ae821b404e820c0fd90f17d1d6f4bbc7d67228baeecf2e55051854af6ca22c7a271721155c3a3db1713d5bf7d92191bca87d9a5b87b9818d219e77dee054cb42debe93504c3df320ea59d484d602137c3164aca7b0ae3d538d278940c7ac1604782d6cb7390b959c0a5d03deaf970224bc35fad26f6a5633f374d3035a065faf8889b286c716e606f753b6221abb1264ce2c33fe59aece426dd56cae4e65338bc74df5f364f1e3358002fa624699e27a6a8b94ef2d37b74264e629c69ebe050aea0e65f84dd951eb08cfbe76bcf5fc1a1fb3383fe31c67d37b468e2bd465753f8c4c7f1145f3078a02277f040b8dc8d8ed047d8fe827a76ccd1708bf6155d15323b3565c5e7cf8323b54b3909c5068439336ed1f27639a1094693df7cf7aeceb2287d03576e39051e5a84bd07856c3d2396865a2711648e49b007ffff4fd1fa7450b1574b86914b34a2af210ba2a0139354743e47e82a9e1a5c764cbe8dda9ec5bd832e185f755b0bb16b96ceae798158b06d8e34b614fa8f54b343b8e593544cf7c49f915cd139aec6cb6ea45b8ea76347c8a854245923bf18314cba7c9e38863dbe7eb0d05b66aa45dbb70fdd0a37eba0a424e21141a0d67b71f9cd8d29c4873001f066b588cb1aecbd90acea1093d9bcb4c9ab1a513223709271306e8a418486fc669f17d3d73a5d2cdaf0c9bf9f78a112bf4714fd867e0dd0539acc6d0853dd9d1d8f935d19666d3a3867557758e3d05bcd4eb06586962226c83e4b90f3f0b32a07addaf426842d9faf9fe0cb0013cc32f48042392b3d65580c83468348bb176c6443e5acfc928bd4f88a01daa7c5288a53d96b4c0b2d9500743c1e360bfbb509792667a8272e0cd993bc0a495805e849321b0a44c6ac90fc6160f1751cf3cbc2c251d8912c0e651330d5d2005ddb259d7d1b2a75a3539643ba73f00fbb934d7dcd6c345667c85c617eacdbb3614ed107398994a6933823d9e731d13e52bac26b17b59c6a0246a6b85bf23db07488e7dd27e70c19c703671df23011e4091c74e5213a197bc0a85fd2b31ce194d72448c6e2008bfbfab4902810c143017b135801490e66485586aeb4f5bc38f314b00d2b8ff00a078468c909a42448a625f8ca2fe0aae4ce1612920a91979e0c31ee2336293874572bdaed0f5cf6f733c3c4dbbe4754b1bbda4db45598c45fd4121803ef6ae6bd5c79ce0217ca0ee8170de3fb8d503ba9ef70c078cf0a3942a36f3e6986fbef5f09b26ec2eb568b6ad8fc8082eca0a054106320304e04e7cc2f99b27a26e9d3b666dbdc1664127fa7cd75ae8d7de803ad75aa4602b74f5d1403a310078bc4b596d270c43ea81f0b867a791fd2001f99fff0b145a4b9a896aa53970227509fcdc996fa56f9e971408691fc6b4c876f84b846c88eced6c14ebeb94851e51d3945943c3ad8d9ab8d30ba191b14e3c777b35cf2a63f8f4738eecc7bed1bb87ce35a50061ed0f8a78182e5ff7a44b2fd924578d621712559b68e34dc7fe2ad93dafafb16f286a4033aff22e091b7eb8ad6400c4b928907c70025b597ac65d79a065b513739e71e07ef64326727efb6207ffe44d7c2e6093b7f208541fbdd3ec8dc00a02f8592e7410d55c9369422697134d6e3868de00d728b37566becc9b2776ce3da7f4dc8783dd14a6a15ebb01ede69cf80b3f867b00eef145a4e939d38e0565450b9a33f4676f46e931fff581980b22c5ebe017c9dd1642a55de7f6268051b2adec59d4242061a990bc64762c4eaa2785ff6a55f6a29bf4441e36c2208c9a399f95c9a5fd28949b25e7a4d95ceb3896d9bfb05973a585769e41c68ec1b1d500c59ef2bca1977780a2c1e35af87cf327fc4524cc489539abe325a856221d9e59f5f40d9898e1889c8723df9f4c7cecef476bbbf515958201b94f904d97ecd8b613b070022b11889432731ab046721a86ca3a7bee79c13c428584618341b46108a05c93f8cf0ad5fc8c6ab3ac50c1e73c0cfb741179c78d8ab62fb24b85992aaa82e0f617aef6a69836a1a30c787facc1e9eb4cd011d1102311e7c2eeea088c5262bf982fb7e7b1dd82c67318f2b881b0043c07a1c0e51b03611035e69df15701135112cc468f45dce02525f024e09a6703a41e6cd9146ede7c8a578c188aebd58de3ad2bbc47ca96612b691f99ff1cd500fa3a29c1722e65eb5018b5521936920400bc0433f5a63dee35d3b3bed3bb64ffc0b34cf83c10d235dc3205dff269dfc16bea945aefa94204f2fc6d1e9915d9ee527cfa85f50674882ba8edf1100136231b09499fce688c93faf0ee8a0f580e754e2478f6aea0755bf144c63814b7bf972c177b68f1d96aa25d38aca32ae8b8960273a65e5a63b94a4458de758e7196ed7c13ee61bd678fb8bf3b310422fd2b7f4c0986942ef901e1a178008618d561e55d89ceb090d753499466ce40f20870afeeee08b36fd9ba21a274570570889bc2fc953615d1ca77a6ca526c8da13eb5498c3f13a36f32bb33aee1b127abbed80ef88095f0b629157fcb456979ff27d3e0cd7a183cab49103b5a554cadaf6461e09b3e3e9130b907a7eb55aa4d5d3bfc7de42885e15a484b9bc62c0a44008669515994e77d59e5b19eaa426e547a19efdf2bb1e136f6d3fd504bc52cf9b8c2b57fa7f87a231a903c5c3cf505d929b6eaf5e3647cef154506cf79e9c2a06f101dad77fac6107e3f43473f5c3d333b4cb404cbf8600092adcc904aa35aca4174debca3ab1c97e6f6faed29e3a54b627db8f2a9713973e3cf20cf490cd31decd910ebef4e34a81cb33b750c51ce7290afaf9c513bf38ffcd36ce7ab27a882a20aa8dd33e7ad03996c6624e54ec528fcac8587370e1efd936c80975915d805a84bc1963f93ee0a49f7696cd6ab6a30c46d98b34bd8a27700d94afd42ba2f6206519a9378ed320ffe88cbd6be7347f53f6f689de83cff13bc342a17edd1f39ba46e4f4d90a06f0527273860b1c650eaee678a1d6fb67dfbdc38524be6366af9305fa7d38c577e29018d4518b96b5f2c068dd3afa9d1c9ec41808b9c74e2471f0fbbbafba1e7a8729553233ca33d98965bd41fee50c4f3022140752f89453c3fad0b0e1fff50534fb9d4a2cf9ca7c1f3d02b5331399e2111ae5b8f169607d4b55ca8a0d40be30107ec71727bc02796e275fb5e6f106844e358821f3cb9c299e32a4036dbb3cc94f5696785ba1057dad36b6a90bb50ea35f77742a6ba7db3c4539a839a01ab256fcc6523154fd28a29fb02d3cb0dafc6280d034be91ad4d72183162642e63d0a99334e6412df5410fb117a77017971719091e9b8aa6e5b0578c87dcb2255332e52c0ee23daf46a4a5f94da59a7db8ca453ce47e26ad75272edfc99b676829e05b72414e1a82d814fa05a111430655d9494296211c89f6df6090e80786e7edde862fa95592866e22f3fa44b0c399f1437d902cad0eef968ad81a92cc525697338325ce7e2ef1f71e7a9a6599cea29d1d0974a13a734fe84b9a17ab6859b0b39a3b14ba1dab7bc1b9be10e6c479e843888d2164ce340fc5592c7f5f28398c659d678b3129bc94e98f705c52fee4502c423dd379325f7c06d6b221c584a2744566d821cfe623fc09e22ff36c153863382d499539b85f25e5cb59806d413cfaa5bd46e44c04eb0e56c9359b222b5c29422309a8616ab4bcdf70c93ad1c134445512e8", 0x1000}, {&(0x7f0000001240)="fdd8fbd103e657503526963422be62d7ebb341a425007e09bffe77f6abe9dc5b14f4172cca3a25a2279b26b307cb7fd6feefad7b0b1a6bbabb7a9428fa482a22df87702b5fb486df91656bbdd0c1f3ecf611638d5cad4029a59ca4f733cf039f341a0bfb9987000b6d2852ff1240e854a2ed545dce0e9f6017066715ff9a8c768bffe59e3d5a8089a3544dcf38002dc2d672cae62aae0ba2733407bd10b6779601ff439ee2923ca0271f98b5cd8aa0387cb5293c536b2d02e0e34631763871c45e594782f5ef247ab7b50d2877f20787d88c5d872e85bdf6227822683dc75c50e01c285e", 0xe4}], 0x3, 0x1) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:38:36 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x8, 0x0) 22:38:36 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:36 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0xfffffffffffffe74, 0x2, 0x0, 0x1, 0xa, 0x0, 0x5, 0x306}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000380)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000400)={&(0x7f00000005c0)=ANY=[@ANYRES32, @ANYRES16=0x0, @ANYRES32], 0x34}, 0x1, 0x0, 0x0, 0x8048081}, 0x4) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x3, 0x800000000000, 0x0, 0x0, 0x1f, 0x16, "51ad217803e89213f4bc26d3c4cdf3a4e2e16bca14be391d16f7f01c48ba7cd5e0eb5ead8105f9da244c50587d2c17c1b36a8a06e69d3b00175121b09744a3d8", "db31f7b73746de8e9329a07e4e04b4813699401fe0d58f6fcb319ce5463d15225419692b244d8c360361f6385736b84a31b3a55002e23336589353cde506d17b", "4ce8b5ea551ecd2c1a453fd06f4e88ecbc53016ed3bb37bea719164e5b224a37", [0x142, 0x7]}) preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:37 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x9, 0x0) 22:38:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:37 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xa, 0x0) 22:38:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:37 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xb, 0x0) 22:38:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:37 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x5, 0x0, 0x0, 0x0, 0x0, 0x200000}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x28}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = openat(r2, &(0x7f0000000280)='./file0\x00', 0x2000, 0x122) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r4, 0x0, 0x61, &(0x7f00000002c0)={'filter\x00', 0x4}, 0x68) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:37 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:37 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000340)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000001c0)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) write(r3, &(0x7f0000000340), 0x41395527) r4 = dup(0xffffffffffffffff) timerfd_gettime(r4, 0x0) ioctl$BLKREPORTZONE(r4, 0xc0101282, &(0x7f00000002c0)={0x8, 0x1, 0x0, [{0x6c00000000000, 0x2, 0x4, 0x3f, 0x7, 0xb6}]}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:37 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xc, 0x0) 22:38:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:37 executing program 4: socket$inet_udplite(0x2, 0x2, 0x88) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9, 0x0, 0x100000000, 0x10000000000}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000011, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) setsockopt$XDP_TX_RING(r2, 0x11b, 0x3, &(0x7f0000000280)=0xc0, 0x4) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:37 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RTC_VL_CLR(r3, 0x7014) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_icmp(0x2, 0x2, 0x1) r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)={0x5, 0x6, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r5, 0x0, 0x0}, 0x20) r6 = dup(r4) timerfd_gettime(r6, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:38:37 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xd, 0x0) 22:38:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:37 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xe, 0x0) 22:38:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x94], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:37 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x10, 0x0) [ 1867.670744][T23371] syz-executor.4 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 1867.684539][T23371] CPU: 0 PID: 23371 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1867.694682][T23371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1867.704727][T23371] Call Trace: [ 1867.708014][T23371] dump_stack+0x14a/0x1ce [ 1867.712331][T23371] ? devkmsg_release+0x11c/0x11c [ 1867.718200][T23371] ? show_regs_print_info+0x12/0x12 [ 1867.723367][T23371] ? radix_tree_cpu_dead+0x160/0x160 [ 1867.728620][T23371] ? _raw_spin_lock+0xa1/0x170 [ 1867.733355][T23371] ? _raw_spin_trylock_bh+0x190/0x190 [ 1867.739393][T23371] dump_header+0xdb/0x700 [ 1867.743697][T23371] oom_kill_process+0xd3/0x280 [ 1867.748434][T23371] out_of_memory+0x5b6/0x890 [ 1867.753010][T23371] ? unregister_oom_notifier+0x20/0x20 [ 1867.758465][T23371] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1867.763987][T23371] ? get_page_from_freelist+0x7c0/0x7c0 [ 1867.769509][T23371] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1867.774851][T23371] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1867.780367][T23371] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1867.786059][T23371] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 1867.792630][T23371] ? __perf_event_task_sched_in+0x4f7/0x560 [ 1867.798493][T23371] wp_page_copy+0x1cb/0x1120 [ 1867.803054][T23371] ? perf_pmu_sched_task+0x370/0x370 [ 1867.808309][T23371] ? switch_mm_irqs_off+0x2bf/0x9a0 [ 1867.813477][T23371] ? add_mm_rss_vec+0x270/0x270 [ 1867.818300][T23371] ? _raw_spin_unlock_irq+0x5/0x20 [ 1867.823382][T23371] ? finish_task_switch+0x235/0x4c0 [ 1867.828550][T23371] ? vm_normal_page+0x1c9/0x1d0 [ 1867.833372][T23371] do_wp_page+0x4c1/0x1530 [ 1867.837763][T23371] ? _raw_spin_lock+0xa1/0x170 [ 1867.842498][T23371] ? do_swap_page+0x1560/0x1560 [ 1867.847319][T23371] ? ttwu_do_wakeup+0x154/0x5b0 [ 1867.852141][T23371] handle_mm_fault+0xfa5/0x41e0 [ 1867.856967][T23371] ? finish_fault+0x230/0x230 [ 1867.861616][T23371] ? down_read_trylock+0x17a/0x1d0 [ 1867.866697][T23371] ? vmacache_find+0x205/0x4b0 [ 1867.871448][T23371] do_user_addr_fault+0x48a/0x9f0 [ 1867.876442][T23371] page_fault+0x2f/0x40 [ 1867.880570][T23371] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 1867.887127][T23371] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 1867.906701][T23371] RSP: 0018:ffff888037067888 EFLAGS: 00010206 [ 1867.912737][T23371] RAX: ffffffff81f86901 RBX: 0000000020035500 RCX: 0000000000000500 [ 1867.921897][T23371] RDX: 0000000000001000 RSI: ffff888113288b00 RDI: 0000000020035000 [ 1867.929847][T23371] RBP: ffff888037067da8 R08: dffffc0000000000 R09: ffffed1022651200 [ 1867.937793][T23371] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 1867.945735][T23371] R13: 0000000000001000 R14: ffff888113288000 R15: 0000000020034500 [ 1867.953687][T23371] ? copyout+0x51/0xb0 [ 1867.957747][T23371] copyout+0x8e/0xb0 [ 1867.961615][T23371] copy_page_to_iter+0x393/0xbd0 [ 1867.966525][T23371] pipe_to_user+0xa3/0x130 [ 1867.970917][T23371] __splice_from_pipe+0x2d3/0x870 [ 1867.975916][T23371] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 1867.981431][T23371] do_vmsplice+0x252/0xee0 [ 1867.985819][T23371] ? avc_ss_reset+0x3a0/0x3a0 [ 1867.990467][T23371] ? write_pipe_buf+0x1d0/0x1d0 [ 1867.995289][T23371] ? __rcu_read_lock+0x50/0x50 [ 1868.000024][T23371] ? check_stack_object+0x5a/0x90 [ 1868.005018][T23371] ? _copy_from_user+0xa4/0xe0 [ 1868.009752][T23371] ? rw_copy_check_uvector+0x2b3/0x310 [ 1868.015185][T23371] ? import_iovec+0x1c2/0x380 [ 1868.019832][T23371] ? dup_iter+0x110/0x110 [ 1868.024134][T23371] ? do_vfs_ioctl+0x780/0x1750 [ 1868.028869][T23371] __se_sys_vmsplice+0x1fb/0x300 [ 1868.033781][T23371] ? __x64_sys_vmsplice+0xa0/0xa0 [ 1868.038775][T23371] ? put_timespec64+0x109/0x150 [ 1868.043600][T23371] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1868.049206][T23371] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 1868.054900][T23371] do_syscall_64+0xcb/0x150 [ 1868.059375][T23371] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1868.065237][T23371] RIP: 0033:0x45d189 [ 1868.069104][T23371] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1868.088694][T23371] RSP: 002b:00007fe26cb9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 1868.097085][T23371] RAX: ffffffffffffffda RBX: 0000000000035800 RCX: 000000000045d189 [ 1868.105036][T23371] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000005 [ 1868.112982][T23371] RBP: 000000000118d0c8 R08: 0000000000000000 R09: 0000000000000000 [ 1868.120924][T23371] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118d08c [ 1868.128869][T23371] R13: 00007ffc8d239f3f R14: 00007fe26cb9e9c0 R15: 000000000118d08c [ 1868.160817][T23371] Mem-Info: [ 1868.164242][T23371] active_anon:1412880 inactive_anon:6774 isolated_anon:0 [ 1868.164242][T23371] active_file:155 inactive_file:144 isolated_file:21 [ 1868.164242][T23371] unevictable:0 dirty:6 writeback:0 unstable:0 [ 1868.164242][T23371] slab_reclaimable:8836 slab_unreclaimable:77323 [ 1868.164242][T23371] mapped:57243 shmem:6853 pagetables:38993 bounce:0 [ 1868.164242][T23371] free:11061 free_pcp:234 free_cma:0 [ 1868.202445][T23371] Node 0 active_anon:5651520kB inactive_anon:27096kB active_file:620kB inactive_file:576kB unevictable:0kB isolated(anon):0kB isolated(file):84kB mapped:228972kB dirty:24kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1868.226804][T23371] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1868.253653][T23371] lowmem_reserve[]: 0 2912 6416 6416 [ 1868.258969][T23371] DMA32 free:17460kB min:4644kB low:7624kB high:10604kB active_anon:2822736kB inactive_anon:3540kB active_file:28kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14080kB pagetables:30624kB bounce:0kB free_pcp:16kB local_pcp:4kB free_cma:0kB [ 1868.293647][T23371] lowmem_reserve[]: 0 0 3504 3504 [ 1868.298713][T23371] Normal free:10880kB min:17880kB low:21468kB high:25056kB active_anon:2828416kB inactive_anon:23556kB active_file:904kB inactive_file:804kB unevictable:0kB writepending:24kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32416kB pagetables:125348kB bounce:0kB free_pcp:1072kB local_pcp:488kB free_cma:0kB [ 1868.328746][T23371] lowmem_reserve[]: 0 0 0 0 [ 1868.333350][T23371] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1868.346800][T23371] DMA32: 149*4kB (UME) 68*8kB (UME) 37*16kB (UE) 63*32kB (UE) 21*64kB (UME) 20*128kB (UM) 6*256kB (UM) 1*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 17892kB [ 1868.362991][T23371] Normal: 49*4kB (UMEH) 90*8kB (UMEH) 81*16kB (UMEH) 193*32kB (MH) 22*64kB (MH) 4*128kB (UH) 1*256kB (H) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 10564kB [ 1868.378282][T23371] 7112 total pagecache pages [ 1868.383049][T23371] 0 pages in swap cache [ 1868.387347][T23371] Swap cache stats: add 0, delete 0, find 0/0 [ 1868.393573][T23371] Free swap = 0kB [ 1868.397426][T23371] Total swap = 0kB [ 1868.401289][T23371] 1965979 pages RAM [ 1868.405216][T23371] 0 pages HighMem/MovableOnly [ 1868.410026][T23371] 318829 pages reserved [ 1868.442589][T23371] 0 pages cma reserved [ 1868.446849][T23371] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=23332,uid=0 [ 1868.462476][T23371] Out of memory: Killed process 23332 (syz-executor.2) total-vm:85744kB, anon-rss:13388kB, file-rss:35048kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 1868.483890][ T23] oom_reaper: reaped process 23332 (syz-executor.2), now anon-rss:0kB, file-rss:34812kB, shmem-rss:0kB 22:38:39 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:39 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f00000002c0)=0x3) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:39 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x11, 0x0) 22:38:40 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r2, 0x29, 0x41, &(0x7f0000000280)={'nat\x00', 0x5, [{}, {}, {}, {}, {}]}, 0x78) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:40 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:40 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x12, 0x0) 22:38:40 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:40 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) prctl$PR_GET_FPEXC(0xb, &(0x7f00000003c0)) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)=ANY=[@ANYBLOB="4000000000080102000000010073797a30000000000500030001000008090001001b2a7a3000"/53], 0x40}, 0x1, 0x0, 0x0, 0x8000}, 0x24004801) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1870.109530][T23418] syz-executor.4 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 1870.177497][T23418] CPU: 1 PID: 23418 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1870.187686][T23418] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1870.197739][T23418] Call Trace: [ 1870.201014][T23418] dump_stack+0x14a/0x1ce [ 1870.205336][T23418] ? devkmsg_release+0x11c/0x11c [ 1870.210246][T23418] ? show_regs_print_info+0x12/0x12 [ 1870.215500][T23418] ? radix_tree_cpu_dead+0x160/0x160 [ 1870.220760][T23418] ? _raw_spin_lock+0xa1/0x170 [ 1870.225525][T23418] ? _raw_spin_trylock_bh+0x190/0x190 [ 1870.230875][T23418] dump_header+0xdb/0x700 [ 1870.235179][T23418] oom_kill_process+0xd3/0x280 [ 1870.239923][T23418] out_of_memory+0x5b6/0x890 [ 1870.244486][T23418] ? unregister_oom_notifier+0x20/0x20 [ 1870.249919][T23418] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1870.255441][T23418] ? get_page_from_freelist+0x7c0/0x7c0 [ 1870.260963][T23418] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1870.266308][T23418] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1870.271846][T23418] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1870.277551][T23418] ? ___preempt_schedule+0x16/0x20 [ 1870.282634][T23418] ? __lru_cache_add+0x198/0x1f0 [ 1870.287542][T23418] wp_page_copy+0x1cb/0x1120 [ 1870.292105][T23418] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 1870.298148][T23418] ? add_mm_rss_vec+0x270/0x270 [ 1870.302968][T23418] ? perf_pmu_sched_task+0x370/0x370 [ 1870.308237][T23418] ? switch_mm_irqs_off+0x4d7/0x9a0 [ 1870.313405][T23418] ? vm_normal_page+0x1c9/0x1d0 [ 1870.318226][T23418] do_wp_page+0x4c1/0x1530 [ 1870.322616][T23418] ? switch_mm+0x100/0x100 [ 1870.327004][T23418] ? _raw_spin_lock+0xa1/0x170 [ 1870.331736][T23418] ? do_swap_page+0x1560/0x1560 [ 1870.336559][T23418] ? __schedule+0x920/0xef0 [ 1870.341050][T23418] handle_mm_fault+0xfa5/0x41e0 [ 1870.345887][T23418] ? finish_fault+0x230/0x230 [ 1870.350550][T23418] ? _raw_spin_unlock+0x5/0x20 [ 1870.355303][T23418] ? __mutex_lock+0xb03/0xc90 [ 1870.359971][T23418] ? down_read_trylock+0x17a/0x1d0 [ 1870.365065][T23418] ? vmacache_find+0x47a/0x4b0 [ 1870.369802][T23418] do_user_addr_fault+0x48a/0x9f0 [ 1870.374802][T23418] page_fault+0x2f/0x40 [ 1870.378931][T23418] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 1870.385503][T23418] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 1870.405080][T23418] RSP: 0018:ffff888024f4f888 EFLAGS: 00010206 [ 1870.411117][T23418] RAX: ffffffff81f86901 RBX: 0000000020202500 RCX: 0000000000000500 [ 1870.419059][T23418] RDX: 0000000000001000 RSI: ffff8881d0a9cb00 RDI: 0000000020202000 [ 1870.427011][T23418] RBP: ffff888024f4fda8 R08: dffffc0000000000 R09: ffffed103a153a00 [ 1870.436004][T23418] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 1870.443949][T23418] R13: 0000000000001000 R14: ffff8881d0a9c000 R15: 0000000020201500 [ 1870.451901][T23418] ? copyout+0x51/0xb0 [ 1870.455944][T23418] copyout+0x8e/0xb0 [ 1870.459813][T23418] copy_page_to_iter+0x393/0xbd0 [ 1870.464724][T23418] pipe_to_user+0xa3/0x130 [ 1870.469110][T23418] __splice_from_pipe+0x2d3/0x870 [ 1870.474108][T23418] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 1870.479625][T23418] do_vmsplice+0x252/0xee0 [ 1870.484029][T23418] ? avc_ss_reset+0x3a0/0x3a0 [ 1870.488677][T23418] ? write_pipe_buf+0x1d0/0x1d0 [ 1870.493499][T23418] ? __rcu_read_lock+0x50/0x50 [ 1870.498232][T23418] ? check_stack_object+0x5a/0x90 [ 1870.503226][T23418] ? _copy_from_user+0xa4/0xe0 [ 1870.507964][T23418] ? rw_copy_check_uvector+0x2b3/0x310 [ 1870.513409][T23418] ? import_iovec+0x1c2/0x380 [ 1870.518058][T23418] ? dup_iter+0x110/0x110 [ 1870.522457][T23418] ? do_vfs_ioctl+0x780/0x1750 [ 1870.527211][T23418] __se_sys_vmsplice+0x1fb/0x300 [ 1870.532129][T23418] ? __x64_sys_vmsplice+0xa0/0xa0 [ 1870.537324][T23418] ? put_timespec64+0x109/0x150 [ 1870.542166][T23418] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1870.547770][T23418] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 1870.553459][T23418] do_syscall_64+0xcb/0x150 [ 1870.557935][T23418] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1870.563802][T23418] RIP: 0033:0x45d189 [ 1870.567670][T23418] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1870.587259][T23418] RSP: 002b:00007fe26cb9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 1870.595643][T23418] RAX: ffffffffffffffda RBX: 0000000000035800 RCX: 000000000045d189 [ 1870.603588][T23418] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000005 [ 1870.611533][T23418] RBP: 000000000118d0c8 R08: 0000000000000000 R09: 0000000000000000 [ 1870.619474][T23418] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118d08c [ 1870.627504][T23418] R13: 00007ffc8d239f3f R14: 00007fe26cb9e9c0 R15: 000000000118d08c [ 1870.723369][T23418] Mem-Info: [ 1870.736377][T23418] active_anon:1412481 inactive_anon:6774 isolated_anon:0 [ 1870.736377][T23418] active_file:109 inactive_file:151 isolated_file:33 [ 1870.736377][T23418] unevictable:0 dirty:33 writeback:10 unstable:0 [ 1870.736377][T23418] slab_reclaimable:8823 slab_unreclaimable:77219 [ 1870.736377][T23418] mapped:57319 shmem:6853 pagetables:38992 bounce:0 [ 1870.736377][T23418] free:11734 free_pcp:48 free_cma:0 [ 1870.830571][T23418] Node 0 active_anon:5649924kB inactive_anon:27096kB active_file:336kB inactive_file:240kB unevictable:0kB isolated(anon):0kB isolated(file):276kB mapped:228876kB dirty:132kB writeback:40kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1870.855218][T23418] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1870.881593][T23418] lowmem_reserve[]: 0 2912 6416 6416 [ 1870.887018][T23418] DMA32 free:17692kB min:4644kB low:7624kB high:10604kB active_anon:2823020kB inactive_anon:3540kB active_file:20kB inactive_file:128kB unevictable:0kB writepending:8kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14272kB pagetables:30620kB bounce:0kB free_pcp:4kB local_pcp:0kB free_cma:0kB [ 1870.922219][T23418] lowmem_reserve[]: 0 0 3504 3504 [ 1870.927437][T23418] Normal free:14256kB min:13784kB low:17372kB high:20960kB active_anon:2826904kB inactive_anon:23556kB active_file:316kB inactive_file:348kB unevictable:0kB writepending:164kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32096kB pagetables:125348kB bounce:0kB free_pcp:412kB local_pcp:0kB free_cma:0kB [ 1870.964025][T23418] lowmem_reserve[]: 0 0 0 0 [ 1870.969064][T23418] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1871.000534][T23418] DMA32: 205*4kB (UMEH) 89*8kB (UMEH) 44*16kB (UME) 35*32kB (UME) 19*64kB (UME) 24*128kB (UM) 6*256kB (UM) 1*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 17884kB [ 1871.026679][T23418] Normal: 538*4kB (UME) 266*8kB (UME) 234*16kB (UME) 98*32kB (UM) 27*64kB (UM) 6*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 13912kB [ 1871.048343][T23418] 6991 total pagecache pages [ 1871.055101][T23418] 0 pages in swap cache [ 1871.059569][T23418] Swap cache stats: add 0, delete 0, find 0/0 [ 1871.065932][T23418] Free swap = 0kB [ 1871.069899][T23418] Total swap = 0kB [ 1871.074099][T23418] 1965979 pages RAM [ 1871.078157][T23418] 0 pages HighMem/MovableOnly [ 1871.090549][T23418] 318829 pages reserved [ 1871.094714][T23418] 0 pages cma reserved [ 1871.098769][T23418] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=13707,uid=0 [ 1871.134405][T23418] Out of memory: Killed process 13707 (syz-executor.2) total-vm:85348kB, anon-rss:10100kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 1871.175657][ T23] oom_reaper: reaped process 13707 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 22:38:41 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x25, 0x0) 22:38:41 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xcf, 0x0) 22:38:42 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x300, 0x0) 22:38:42 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x500, 0x0) 22:38:42 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x600, 0x0) 22:38:42 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x700, 0x0) 22:38:42 executing program 0: getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:42 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f00000002c0)={0x38, 0x1, 0x9, 0x0, 0x6, 0x0, 0x4}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20) ioctl$EXT4_IOC_ALLOC_DA_BLKS(0xffffffffffffffff, 0x660c) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f0000000600)=[{&(0x7f0000000080)}, {&(0x7f0000000300)=""/58, 0x3a}, {&(0x7f0000000340)=""/157, 0x9d}, {&(0x7f0000000400)=""/8, 0x8}, {&(0x7f0000000440)=""/3, 0x3}, {&(0x7f0000000680)=""/195, 0xc3}, {&(0x7f0000000580)=""/83, 0x53}], 0x7, 0x0, 0x0) 22:38:42 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x900, 0x0) 22:38:42 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x0, &(0x7f0000000140)}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x1058) bind$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e21, 0x3, @local, 0x3}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:42 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xa00, 0x0) 22:38:42 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xb00, 0x0) 22:38:42 executing program 0: getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:42 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1872.154630][ T371] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 1872.200484][ T371] CPU: 1 PID: 371 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1872.210593][ T371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1872.220726][ T371] Call Trace: [ 1872.224021][ T371] dump_stack+0x14a/0x1ce [ 1872.228345][ T371] ? devkmsg_release+0x11c/0x11c [ 1872.233280][ T371] ? show_regs_print_info+0x12/0x12 [ 1872.238475][ T371] ? radix_tree_cpu_dead+0x160/0x160 [ 1872.244104][ T371] ? _raw_spin_lock+0xa1/0x170 [ 1872.248871][ T371] ? _raw_spin_trylock_bh+0x190/0x190 [ 1872.254244][ T371] dump_header+0xdb/0x700 [ 1872.258571][ T371] oom_kill_process+0xd3/0x280 [ 1872.263331][ T371] out_of_memory+0x5b6/0x890 [ 1872.267914][ T371] ? unregister_oom_notifier+0x20/0x20 [ 1872.273350][ T371] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1872.278871][ T371] ? get_page_from_freelist+0x7c0/0x7c0 [ 1872.284389][ T371] ? __zone_watermark_ok+0x91/0x280 [ 1872.289575][ T371] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1872.294919][ T371] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1872.300437][ T371] ? copy_process+0x5a4/0x5110 [ 1872.305185][ T371] ? kmem_cache_alloc+0x1d5/0x260 [ 1872.310180][ T371] copy_process+0x5f3/0x5110 [ 1872.314743][ T371] ? _raw_spin_unlock+0x5/0x20 [ 1872.319477][ T371] ? do_swap_page+0x1560/0x1560 [ 1872.324302][ T371] ? fork_idle+0x290/0x290 [ 1872.328691][ T371] _do_fork+0x196/0x920 [ 1872.332829][ T371] ? finish_fault+0x230/0x230 [ 1872.337479][ T371] ? dup_mm+0x300/0x300 [ 1872.341637][ T371] ? ktime_get_raw+0x130/0x130 [ 1872.346373][ T371] __x64_sys_clone+0x25e/0x2c0 [ 1872.351121][ T371] ? __ia32_sys_vfork+0x110/0x110 [ 1872.356565][ T371] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1872.362285][ T371] ? do_user_addr_fault+0x55c/0x9f0 [ 1872.367461][ T371] do_syscall_64+0xcb/0x150 [ 1872.371942][ T371] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1872.377810][ T371] RIP: 0033:0x45b75a [ 1872.381702][ T371] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 1872.401278][ T371] RSP: 002b:00007ffd47501d10 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1872.409658][ T371] RAX: ffffffffffffffda RBX: 00007ffd47501d10 RCX: 000000000045b75a [ 1872.417626][ T371] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1872.425573][ T371] RBP: 00007ffd47501d50 R08: 0000000000000001 R09: 000000000196f940 [ 1872.433532][ T371] R10: 000000000196fc10 R11: 0000000000000246 R12: 0000000000000001 [ 1872.441536][ T371] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffd47501da0 [ 1872.515350][ T371] Mem-Info: [ 1872.518623][ T371] active_anon:1413593 inactive_anon:6774 isolated_anon:0 [ 1872.518623][ T371] active_file:259 inactive_file:231 isolated_file:17 [ 1872.518623][ T371] unevictable:0 dirty:44 writeback:2 unstable:0 [ 1872.518623][ T371] slab_reclaimable:8822 slab_unreclaimable:77041 [ 1872.518623][ T371] mapped:57507 shmem:6853 pagetables:39098 bounce:0 [ 1872.518623][ T371] free:10619 free_pcp:0 free_cma:0 [ 1872.562718][ T371] Node 0 active_anon:5654380kB inactive_anon:27096kB active_file:764kB inactive_file:624kB unevictable:0kB isolated(anon):0kB isolated(file):132kB mapped:229508kB dirty:116kB writeback:72kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1872.597453][ T371] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1872.652174][ T371] lowmem_reserve[]: 0 2912 6416 6416 [ 1872.663262][ T371] DMA32 free:18168kB min:4644kB low:7624kB high:10604kB active_anon:2823156kB inactive_anon:3540kB active_file:216kB inactive_file:364kB unevictable:0kB writepending:92kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14144kB pagetables:30544kB bounce:0kB free_pcp:36kB local_pcp:12kB free_cma:0kB [ 1872.743716][ T371] lowmem_reserve[]: 0 0 3504 3504 [ 1872.752259][ T371] Normal free:8560kB min:5592kB low:9180kB high:12768kB active_anon:2831024kB inactive_anon:23556kB active_file:408kB inactive_file:728kB unevictable:0kB writepending:196kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32128kB pagetables:125540kB bounce:0kB free_pcp:948kB local_pcp:376kB free_cma:0kB [ 1872.791120][ T371] lowmem_reserve[]: 0 0 0 0 [ 1872.797502][ T371] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1872.811845][ T371] DMA32: 299*4kB (UMEH) 121*8kB (UMEH) 36*16kB (UMEH) 30*32kB (UMEH) 23*64kB (UME) 18*128kB (UM) 7*256kB (UM) 2*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 18484kB [ 1872.828901][ T371] Normal: 34*4kB (UE) 62*8kB (ME) 28*16kB (UME) 148*32kB (M) 22*64kB (UM) 3*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 7608kB [ 1872.867734][ T371] 7671 total pagecache pages [ 1872.882622][ T371] 0 pages in swap cache [ 1872.889400][ T371] Swap cache stats: add 0, delete 0, find 0/0 [ 1872.895657][ T371] Free swap = 0kB [ 1872.899495][ T371] Total swap = 0kB [ 1872.903565][ T371] 1965979 pages RAM [ 1872.907479][ T371] 0 pages HighMem/MovableOnly [ 1872.912860][ T371] 318829 pages reserved [ 1872.917146][ T371] 0 pages cma reserved [ 1872.921407][ T371] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=23465,uid=0 22:38:43 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:43 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) ioctl$PPPIOCGFLAGS(0xffffffffffffffff, 0x8004745a, &(0x7f00000002c0)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x800000000000000) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') sendmsg$IPCTNL_MSG_EXP_GET_STATS_CPU(r3, &(0x7f00000003c0)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000380)={&(0x7f0000000400)={0x14, 0x3, 0x2, 0x5, 0x0, 0x0, {0x14a77e57662f349a, 0x0, 0xa}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40044}, 0x4005) preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1873.308295][T23463] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1873.321064][T23463] CPU: 1 PID: 23463 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1873.331217][T23463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1873.341252][T23463] Call Trace: [ 1873.344524][T23463] dump_stack+0x14a/0x1ce [ 1873.348824][T23463] ? devkmsg_release+0x11c/0x11c [ 1873.353852][T23463] ? show_regs_print_info+0x12/0x12 [ 1873.359033][T23463] ? radix_tree_cpu_dead+0x160/0x160 [ 1873.364296][T23463] ? _raw_spin_lock+0xa1/0x170 [ 1873.369036][T23463] ? _raw_spin_trylock_bh+0x190/0x190 [ 1873.374414][T23463] dump_header+0xdb/0x700 [ 1873.378754][T23463] oom_kill_process+0xd3/0x280 [ 1873.383500][T23463] out_of_memory+0x5b6/0x890 [ 1873.388067][T23463] ? unregister_oom_notifier+0x20/0x20 [ 1873.393500][T23463] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1873.399041][T23463] ? get_page_from_freelist+0x7c0/0x7c0 [ 1873.404557][T23463] ? __zone_watermark_ok+0x91/0x280 [ 1873.409729][T23463] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1873.415074][T23463] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1873.420610][T23463] ? copy_process+0x5a4/0x5110 [ 1873.425352][T23463] ? copy_process+0x5a4/0x5110 [ 1873.430102][T23463] ? kmem_cache_alloc+0x1d5/0x260 [ 1873.435099][T23463] copy_process+0x5f3/0x5110 [ 1873.439684][T23463] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1873.445389][T23463] ? _raw_spin_lock+0xa1/0x170 [ 1873.450124][T23463] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1873.455902][T23463] ? __lru_cache_add+0x1a1/0x1f0 [ 1873.460815][T23463] ? fork_idle+0x290/0x290 [ 1873.465205][T23463] _do_fork+0x196/0x920 [ 1873.469357][T23463] ? finish_fault+0x230/0x230 [ 1873.474438][T23463] ? up_write+0xa1/0x190 [ 1873.478666][T23463] ? dup_mm+0x300/0x300 [ 1873.482794][T23463] __x64_sys_clone+0x25e/0x2c0 [ 1873.487591][T23463] ? __ia32_sys_vfork+0x110/0x110 [ 1873.492605][T23463] ? do_user_addr_fault+0x55c/0x9f0 [ 1873.497794][T23463] do_syscall_64+0xcb/0x150 [ 1873.502284][T23463] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1873.508151][T23463] RIP: 0033:0x45fb59 [ 1873.512018][T23463] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1873.531593][T23463] RSP: 002b:00007ffc8d239e88 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1873.539994][T23463] RAX: ffffffffffffffda RBX: 00007fe26cbbf700 RCX: 000000000045fb59 [ 1873.547938][T23463] RDX: 00007fe26cbbf9d0 RSI: 00007fe26cbbedb0 RDI: 00000000003d0f00 [ 1873.555880][T23463] RBP: 00007ffc8d23a0b0 R08: 00007fe26cbbf700 R09: 00007fe26cbbf700 [ 1873.563822][T23463] R10: 00007fe26cbbf9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1873.571764][T23463] R13: 00007ffc8d239f3f R14: 00007fe26cbbf9c0 R15: 000000000118cfec [ 1873.580577][T23463] Mem-Info: [ 1873.584233][T23463] active_anon:1411803 inactive_anon:6774 isolated_anon:0 [ 1873.584233][T23463] active_file:48 inactive_file:230 isolated_file:32 [ 1873.584233][T23463] unevictable:0 dirty:7 writeback:9 unstable:0 [ 1873.584233][T23463] slab_reclaimable:8821 slab_unreclaimable:77103 [ 1873.584233][T23463] mapped:57165 shmem:6853 pagetables:39018 bounce:0 [ 1873.584233][T23463] free:12531 free_pcp:72 free_cma:0 [ 1873.622285][T23463] Node 0 active_anon:5647252kB inactive_anon:27096kB active_file:388kB inactive_file:536kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:228536kB dirty:28kB writeback:36kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1873.647304][T23463] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1873.674152][T23463] lowmem_reserve[]: 0 2912 6416 6416 [ 1873.679713][T23463] DMA32 free:21320kB min:4644kB low:7624kB high:10604kB active_anon:2820176kB inactive_anon:3540kB active_file:12kB inactive_file:0kB unevictable:0kB writepending:12kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14208kB pagetables:30524kB bounce:0kB free_pcp:48kB local_pcp:0kB free_cma:0kB [ 1873.708802][T23463] lowmem_reserve[]: 0 0 3504 3504 [ 1873.714282][T23463] Normal free:10428kB min:5592kB low:9180kB high:12768kB active_anon:2827132kB inactive_anon:23556kB active_file:552kB inactive_file:2376kB unevictable:0kB writepending:52kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32160kB pagetables:125832kB bounce:0kB free_pcp:712kB local_pcp:388kB free_cma:0kB [ 1873.744368][T23463] lowmem_reserve[]: 0 0 0 0 [ 1873.749563][T23463] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1873.763920][T23463] DMA32: 314*4kB (UMEH) 148*8kB (UMEH) 78*16kB (UMEH) 29*32kB (UMEH) 23*64kB (UME) 23*128kB (UM) 12*256kB (UM) 2*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 21320kB [ 1873.781284][T23463] Normal: 34*4kB (UE) 26*8kB (ME) 166*16kB (UME) 125*32kB (M) 22*64kB (M) 2*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8664kB [ 1873.796893][T23463] 8252 total pagecache pages [ 1873.827572][T23463] 0 pages in swap cache [ 1873.852145][T23463] Swap cache stats: add 0, delete 0, find 0/0 [ 1873.896298][T23463] Free swap = 0kB [ 1873.900042][T23463] Total swap = 0kB [ 1873.906039][T23463] 1965979 pages RAM [ 1873.930274][T23463] 0 pages HighMem/MovableOnly [ 1873.934966][T23463] 318829 pages reserved [ 1873.950272][T23463] 0 pages cma reserved [ 1873.954359][T23463] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=10705,uid=0 [ 1874.010293][T23463] Out of memory: Killed process 10705 (syz-executor.5) total-vm:85348kB, anon-rss:10096kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 1874.051983][ T23] oom_reaper: reaped process 10705 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 22:38:44 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xc00, 0x0) 22:38:44 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:44 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xd00, 0x0) 22:38:44 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:44 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xe00, 0x0) 22:38:44 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x1100, 0x0) 22:38:44 executing program 0: getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:44 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:44 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) r4 = add_key$fscrypt_provisioning(&(0x7f0000000280)='fscrypt-provisioning\x00', &(0x7f00000002c0)={'syz', 0x0}, &(0x7f0000000300)={0x1, 0x0, "0125a9079c051afafe36913e3b3833e00ed97a5a72ddf4d308e35f44f16fdbde4b47dd26c1b459f6feef4bf95fb29911bd6af744f390fdcf4711729116e0652eef1b4c33a87731812d9e2e416e5ea7434d923141325b9a87daed1781ba059837b1bf8515b521"}, 0x6e, 0xfffffffffffffffa) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000380)={{0x2, 0x0, @descriptor="3fa168875f4d1387"}, 0xf2, r4, [], "6ba2f0629ab276940ede8b49a24e00f3d230a986162ade8074563beabdb149a266b4ca6d97f0b4312eda9736075ee9919dfb0934d4b17fa558681a7806b4311b1168ade542135521c0d716330efe9ecbceac3ceabdd60e18998a8cfda7b7a53f8207651aa32f76ed8d58e3edae97719e4881918c430d40231bb8dbe6dc0681394a4be1891fb3140366c1d3546ebd0a3925e97e2b7feeee800b500b0fa9cc8056dcfc578d4e7513ad0dabb7c07a4d27e1255fb26a5ed3fd32d23d5b35ed8726c8af21de674aed692553c08f66375377105910958d2c181aa1dc287d3c3fca1b6d1548cb703e8962a879ec921eb540dbbf68ad"}) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:44 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:45 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1874.985325][T23529] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1875.026551][T23529] CPU: 0 PID: 23529 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1875.036693][T23529] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1875.046730][T23529] Call Trace: [ 1875.050022][T23529] dump_stack+0x14a/0x1ce [ 1875.054344][T23529] ? devkmsg_release+0x11c/0x11c [ 1875.059283][T23529] ? show_regs_print_info+0x12/0x12 [ 1875.064592][T23529] ? radix_tree_cpu_dead+0x160/0x160 [ 1875.069872][T23529] ? _raw_spin_lock+0xa1/0x170 [ 1875.074632][T23529] ? _raw_spin_trylock_bh+0x190/0x190 [ 1875.079999][T23529] dump_header+0xdb/0x700 [ 1875.084328][T23529] oom_kill_process+0xd3/0x280 [ 1875.089089][T23529] out_of_memory+0x5b6/0x890 [ 1875.093678][T23529] ? unregister_oom_notifier+0x20/0x20 [ 1875.099138][T23529] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1875.104694][T23529] ? get_page_from_freelist+0x7c0/0x7c0 [ 1875.110500][T23529] ? __zone_watermark_ok+0x91/0x280 [ 1875.116306][T23529] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1875.121675][T23529] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1875.127214][T23529] ? copy_process+0x5a4/0x5110 [ 1875.132057][T23529] ? copy_process+0x5a4/0x5110 [ 1875.136813][T23529] ? kmem_cache_alloc+0x1d5/0x260 [ 1875.141845][T23529] copy_process+0x5f3/0x5110 [ 1875.146434][T23529] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1875.152150][T23529] ? _raw_spin_lock+0xa1/0x170 [ 1875.156907][T23529] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1875.162706][T23529] ? __lru_cache_add+0x1a1/0x1f0 [ 1875.167639][T23529] ? fork_idle+0x290/0x290 [ 1875.172051][T23529] _do_fork+0x196/0x920 [ 1875.176204][T23529] ? finish_fault+0x230/0x230 [ 1875.180876][T23529] ? up_write+0xa1/0x190 [ 1875.185119][T23529] ? dup_mm+0x300/0x300 [ 1875.189272][T23529] __x64_sys_clone+0x25e/0x2c0 [ 1875.194032][T23529] ? __ia32_sys_vfork+0x110/0x110 [ 1875.199071][T23529] ? do_user_addr_fault+0x55c/0x9f0 [ 1875.204264][T23529] do_syscall_64+0xcb/0x150 [ 1875.208766][T23529] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1875.214650][T23529] RIP: 0033:0x45fb59 [ 1875.218538][T23529] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1875.238134][T23529] RSP: 002b:00007ffc8d239e88 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1875.246537][T23529] RAX: ffffffffffffffda RBX: 00007fe26cbbf700 RCX: 000000000045fb59 [ 1875.254501][T23529] RDX: 00007fe26cbbf9d0 RSI: 00007fe26cbbedb0 RDI: 00000000003d0f00 [ 1875.262465][T23529] RBP: 00007ffc8d23a0b0 R08: 00007fe26cbbf700 R09: 00007fe26cbbf700 [ 1875.270428][T23529] R10: 00007fe26cbbf9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1875.278394][T23529] R13: 00007ffc8d239f3f R14: 00007fe26cbbf9c0 R15: 000000000118cfec [ 1875.290344][T23529] Mem-Info: [ 1875.293981][T23529] active_anon:1413561 inactive_anon:6774 isolated_anon:0 [ 1875.293981][T23529] active_file:134 inactive_file:363 isolated_file:0 [ 1875.293981][T23529] unevictable:0 dirty:3 writeback:0 unstable:0 [ 1875.293981][T23529] slab_reclaimable:8821 slab_unreclaimable:76981 [ 1875.293981][T23529] mapped:57367 shmem:6853 pagetables:39074 bounce:0 [ 1875.293981][T23529] free:10587 free_pcp:130 free_cma:0 [ 1875.332608][T23529] Node 0 active_anon:5654244kB inactive_anon:27096kB active_file:1148kB inactive_file:1032kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:230068kB dirty:12kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1875.357420][T23529] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1875.384073][T23529] lowmem_reserve[]: 0 2912 6416 6416 [ 1875.389667][T23529] DMA32 free:18348kB min:4644kB low:7624kB high:10604kB active_anon:2823604kB inactive_anon:3540kB active_file:212kB inactive_file:60kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14336kB pagetables:30644kB bounce:0kB free_pcp:28kB local_pcp:0kB free_cma:0kB [ 1875.419092][T23529] lowmem_reserve[]: 0 0 3504 3504 [ 1875.424477][T23529] Normal free:7596kB min:5592kB low:9180kB high:12768kB active_anon:2830116kB inactive_anon:23556kB active_file:1256kB inactive_file:640kB unevictable:0kB writepending:4kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32096kB pagetables:125652kB bounce:0kB free_pcp:1736kB local_pcp:232kB free_cma:0kB [ 1875.454578][T23529] lowmem_reserve[]: 0 0 0 0 [ 1875.459417][T23529] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1875.473036][T23529] DMA32: 267*4kB (UMEH) 95*8kB (UMEH) 46*16kB (UMEH) 41*32kB (UME) 17*64kB (UME) 13*128kB (UM) 11*256kB (UM) 2*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 18660kB [ 1875.489883][T23529] Normal: 95*4kB (UME) 28*8kB (UME) 89*16kB (UME) 126*32kB (UM) 24*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 7596kB [ 1875.504175][T23529] 7465 total pagecache pages [ 1875.509036][T23529] 0 pages in swap cache [ 1875.513543][T23529] Swap cache stats: add 0, delete 0, find 0/0 [ 1875.519901][T23529] Free swap = 0kB [ 1875.523913][T23529] Total swap = 0kB [ 1875.527897][T23529] 1965979 pages RAM [ 1875.538896][T23529] 0 pages HighMem/MovableOnly [ 1875.551660][T23529] 318829 pages reserved [ 1875.555836][T23529] 0 pages cma reserved [ 1875.559902][T23529] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=11089,uid=0 [ 1875.574333][T23529] Out of memory: Killed process 11089 (syz-executor.0) total-vm:85348kB, anon-rss:10084kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 1875.596808][ T23] oom_reaper: reaped process 11089 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1875.759726][ T137] systemd-journal invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 1875.770900][ T137] CPU: 1 PID: 137 Comm: systemd-journal Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1875.781558][ T137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1875.791609][ T137] Call Trace: [ 1875.794900][ T137] dump_stack+0x14a/0x1ce [ 1875.799231][ T137] ? devkmsg_release+0x11c/0x11c [ 1875.804167][ T137] ? show_regs_print_info+0x12/0x12 [ 1875.809358][ T137] ? radix_tree_cpu_dead+0x160/0x160 [ 1875.814638][ T137] ? _raw_spin_lock+0xa1/0x170 [ 1875.819406][ T137] ? _raw_spin_trylock_bh+0x190/0x190 [ 1875.824776][ T137] dump_header+0xdb/0x700 [ 1875.829106][ T137] oom_kill_process+0xd3/0x280 [ 1875.833884][ T137] out_of_memory+0x5b6/0x890 [ 1875.838478][ T137] ? unregister_oom_notifier+0x20/0x20 [ 1875.843937][ T137] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1875.849609][ T137] ? get_page_from_freelist+0x7c0/0x7c0 [ 1875.855157][ T137] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1875.860531][ T137] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1875.866077][ T137] pagecache_get_page+0x50f/0x880 [ 1875.871102][ T137] filemap_fault+0x14cb/0x1a30 [ 1875.875869][ T137] ? __down_read+0xf1/0x210 [ 1875.880376][ T137] ? generic_file_read_iter+0x20b0/0x20b0 [ 1875.886095][ T137] ? ep_show_fdinfo+0x320/0x320 [ 1875.890948][ T137] ext4_filemap_fault+0x7b/0x90 [ 1875.895796][ T137] handle_mm_fault+0x29ca/0x41e0 [ 1875.901344][ T137] ? finish_fault+0x230/0x230 [ 1875.906020][ T137] ? down_read_trylock+0x17a/0x1d0 [ 1875.911127][ T137] ? vmacache_find+0x205/0x4b0 [ 1875.915976][ T137] do_user_addr_fault+0x48a/0x9f0 [ 1875.921085][ T137] page_fault+0x2f/0x40 [ 1875.925236][ T137] RIP: 0033:0x7f04fb8c2410 [ 1875.929671][ T137] Code: Bad RIP value. [ 1875.933728][ T137] RSP: 002b:00007fffa7943578 EFLAGS: 00010246 [ 1875.939787][ T137] RAX: 00007f04fbcb56c0 RBX: 00007fffa7943e20 RCX: 0000000000000020 [ 1875.947800][ T137] RDX: 0000000000000000 RSI: 00007fffa7943580 RDI: 00007fffa7943e20 [ 1875.955769][ T137] RBP: 00007f04fbcb56c0 R08: 0000000000000008 R09: 00007fffa79dc118 [ 1875.963738][ T137] R10: 0000000000055a68 R11: 0000000000000246 R12: 00007fffa79435dc [ 1875.971706][ T137] R13: 0000000000000094 R14: 000055e387f10958 R15: 0005acc9f784a507 [ 1876.010155][ T137] Mem-Info: [ 1876.030113][ T137] active_anon:1414040 inactive_anon:6774 isolated_anon:0 [ 1876.030113][ T137] active_file:81 inactive_file:92 isolated_file:6 [ 1876.030113][ T137] unevictable:0 dirty:4 writeback:0 unstable:0 [ 1876.030113][ T137] slab_reclaimable:8821 slab_unreclaimable:76882 [ 1876.030113][ T137] mapped:57171 shmem:6853 pagetables:39075 bounce:0 [ 1876.030113][ T137] free:10414 free_pcp:529 free_cma:0 [ 1876.069387][ T137] Node 0 active_anon:5656160kB inactive_anon:27096kB active_file:208kB inactive_file:264kB unevictable:0kB isolated(anon):0kB isolated(file):24kB mapped:228584kB dirty:16kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1876.095224][ T137] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1876.121317][ T137] lowmem_reserve[]: 0 2912 6416 6416 [ 1876.126705][ T137] DMA32 free:18488kB min:4644kB low:7624kB high:10604kB active_anon:2823688kB inactive_anon:3540kB active_file:12kB inactive_file:336kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14304kB pagetables:30648kB bounce:0kB free_pcp:404kB local_pcp:132kB free_cma:0kB [ 1876.180384][ T137] lowmem_reserve[]: 0 0 3504 3504 [ 1876.185728][ T137] Normal free:8272kB min:17880kB low:21468kB high:25056kB active_anon:2832588kB inactive_anon:23556kB active_file:416kB inactive_file:524kB unevictable:0kB writepending:16kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32096kB pagetables:125652kB bounce:0kB free_pcp:40kB local_pcp:32kB free_cma:0kB [ 1876.215607][ T137] lowmem_reserve[]: 0 0 0 0 [ 1876.220557][ T137] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1876.234498][ T137] DMA32: 15*4kB (MEH) 30*8kB (UMEH) 31*16kB (UE) 38*32kB (UMEH) 18*64kB (UME) 13*128kB (UM) 8*256kB (UM) 4*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 17116kB [ 1876.251218][ T137] Normal: 214*4kB (UME) 135*8kB (UME) 80*16kB (UME) 114*32kB (UM) 21*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8208kB [ 1876.265954][ T137] 7019 total pagecache pages [ 1876.271118][ T137] 0 pages in swap cache [ 1876.275713][ T137] Swap cache stats: add 0, delete 0, find 0/0 [ 1876.282522][ T137] Free swap = 0kB [ 1876.286749][ T137] Total swap = 0kB [ 1876.291451][ T137] 1965979 pages RAM [ 1876.295861][ T137] 0 pages HighMem/MovableOnly [ 1876.309798][ T137] 318829 pages reserved [ 1876.314266][ T137] 0 pages cma reserved [ 1876.318470][ T137] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=23494,uid=0 [ 1876.332790][ T137] Out of memory: Killed process 23494 (syz-executor.2) total-vm:85612kB, anon-rss:16524kB, file-rss:34312kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1876.353777][ T23] oom_reaper: reaped process 23494 (syz-executor.2), now anon-rss:0kB, file-rss:34556kB, shmem-rss:0kB 22:38:47 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x1200, 0x0) 22:38:47 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1877.009211][T23520] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1877.040005][T23520] CPU: 1 PID: 23520 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1877.050169][T23520] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1877.060210][T23520] Call Trace: [ 1877.063686][T23520] dump_stack+0x14a/0x1ce [ 1877.067995][T23520] ? devkmsg_release+0x11c/0x11c [ 1877.072916][T23520] ? show_regs_print_info+0x12/0x12 [ 1877.078099][T23520] ? radix_tree_cpu_dead+0x160/0x160 [ 1877.083373][T23520] ? _raw_spin_lock+0xa1/0x170 [ 1877.088127][T23520] ? _raw_spin_trylock_bh+0x190/0x190 [ 1877.093473][T23520] dump_header+0xdb/0x700 [ 1877.097776][T23520] oom_kill_process+0xd3/0x280 [ 1877.102511][T23520] out_of_memory+0x5b6/0x890 [ 1877.108028][T23520] ? unregister_oom_notifier+0x20/0x20 [ 1877.113462][T23520] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1877.118982][T23520] ? get_page_from_freelist+0x7c0/0x7c0 [ 1877.124496][T23520] ? __zone_watermark_ok+0x91/0x280 [ 1877.129695][T23520] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1877.135040][T23520] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1877.140555][T23520] ? copy_process+0x5a4/0x5110 [ 1877.145289][T23520] ? kmem_cache_alloc+0x1d5/0x260 [ 1877.150284][T23520] copy_process+0x5f3/0x5110 [ 1877.154847][T23520] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1877.160537][T23520] ? _raw_spin_lock+0xa1/0x170 [ 1877.165270][T23520] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1877.171062][T23520] ? __lru_cache_add+0x1a1/0x1f0 [ 1877.175970][T23520] ? fork_idle+0x290/0x290 [ 1877.180357][T23520] _do_fork+0x196/0x920 [ 1877.184659][T23520] ? finish_fault+0x230/0x230 [ 1877.189313][T23520] ? up_write+0xa1/0x190 [ 1877.194048][T23520] ? dup_mm+0x300/0x300 [ 1877.198176][T23520] __x64_sys_clone+0x25e/0x2c0 [ 1877.202911][T23520] ? __ia32_sys_vfork+0x110/0x110 [ 1877.207904][T23520] ? do_user_addr_fault+0x55c/0x9f0 [ 1877.213074][T23520] do_syscall_64+0xcb/0x150 [ 1877.217550][T23520] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1877.223411][T23520] RIP: 0033:0x45fb59 [ 1877.227277][T23520] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1877.246849][T23520] RSP: 002b:00007ffd47501a68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1877.255233][T23520] RAX: ffffffffffffffda RBX: 00007f76464a3700 RCX: 000000000045fb59 [ 1877.263884][T23520] RDX: 00007f76464a39d0 RSI: 00007f76464a2db0 RDI: 00000000003d0f00 [ 1877.271921][T23520] RBP: 00007ffd47501c90 R08: 00007f76464a3700 R09: 00007f76464a3700 [ 1877.279863][T23520] R10: 00007f76464a39d0 R11: 0000000000000202 R12: 0000000000000000 [ 1877.287804][T23520] R13: 00007ffd47501b1f R14: 00007f76464a39c0 R15: 000000000118d08c [ 1877.401577][T23520] Mem-Info: [ 1877.404908][T23520] active_anon:1412595 inactive_anon:6774 isolated_anon:0 [ 1877.404908][T23520] active_file:127 inactive_file:107 isolated_file:0 [ 1877.404908][T23520] unevictable:0 dirty:20 writeback:9 unstable:0 [ 1877.404908][T23520] slab_reclaimable:8821 slab_unreclaimable:77117 [ 1877.404908][T23520] mapped:57334 shmem:6853 pagetables:39020 bounce:0 [ 1877.404908][T23520] free:10781 free_pcp:841 free_cma:0 [ 1877.443112][T23520] Node 0 active_anon:5650380kB inactive_anon:27096kB active_file:408kB inactive_file:296kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:229036kB dirty:80kB writeback:36kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1877.469926][T23520] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1877.497675][T23520] lowmem_reserve[]: 0 2912 6416 6416 [ 1877.505617][T23520] DMA32 free:18840kB min:4644kB low:7624kB high:10604kB active_anon:2817672kB inactive_anon:3540kB active_file:1076kB inactive_file:2540kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14208kB pagetables:30652kB bounce:0kB free_pcp:628kB local_pcp:0kB free_cma:0kB [ 1877.539185][T23520] lowmem_reserve[]: 0 0 3504 3504 [ 1877.544837][T23520] Normal free:5460kB min:5592kB low:9180kB high:12768kB active_anon:2832708kB inactive_anon:23556kB active_file:1028kB inactive_file:1188kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:31968kB pagetables:125428kB bounce:0kB free_pcp:1212kB local_pcp:60kB free_cma:0kB [ 1877.599940][T23520] lowmem_reserve[]: 0 0 0 0 [ 1877.604483][T23520] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1877.636437][T23520] DMA32: 7*4kB (UE) 140*8kB (UMEH) 71*16kB (UME) 40*32kB (UMEH) 26*64kB (UMEH) 19*128kB (UM) 14*256kB (UM) 4*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 21484kB [ 1877.679090][T23520] Normal: 149*4kB (UME) 72*8kB (UME) 51*16kB (UME) 100*32kB (UM) 21*64kB (M) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6660kB [ 1877.708528][T23520] 7327 total pagecache pages [ 1877.713554][T23520] 0 pages in swap cache [ 1877.717921][T23520] Swap cache stats: add 0, delete 0, find 0/0 [ 1877.725362][T23520] Free swap = 0kB [ 1877.729798][T23520] Total swap = 0kB [ 1877.734382][T23520] 1965979 pages RAM [ 1877.738862][T23520] 0 pages HighMem/MovableOnly [ 1877.745255][T23520] 318829 pages reserved [ 1877.751663][T23520] 0 pages cma reserved [ 1877.756848][T23520] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=23520,uid=0 [ 1877.773126][T23520] Out of memory: Killed process 23520 (syz-executor.0) total-vm:85348kB, anon-rss:16496kB, file-rss:33664kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1877.796708][ T23] oom_reaper: reaped process 23520 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 22:38:47 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20) flistxattr(0xffffffffffffffff, &(0x7f00000002c0)=""/203, 0xcb) 22:38:48 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:48 executing program 0: getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000240)) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:48 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:48 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x1de5, 0x0) 22:38:48 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:48 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x2500, 0x0) [ 1878.608694][T23550] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1878.621884][T23550] CPU: 1 PID: 23550 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1878.632557][T23550] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1878.642596][T23550] Call Trace: [ 1878.645881][T23550] dump_stack+0x14a/0x1ce [ 1878.650183][T23550] ? devkmsg_release+0x11c/0x11c [ 1878.655107][T23550] ? show_regs_print_info+0x12/0x12 [ 1878.660278][T23550] ? radix_tree_cpu_dead+0x160/0x160 [ 1878.665707][T23550] ? _raw_spin_lock+0xa1/0x170 [ 1878.670443][T23550] ? _raw_spin_trylock_bh+0x190/0x190 [ 1878.675808][T23550] dump_header+0xdb/0x700 [ 1878.680109][T23550] oom_kill_process+0xd3/0x280 [ 1878.684843][T23550] out_of_memory+0x5b6/0x890 [ 1878.689406][T23550] ? unregister_oom_notifier+0x20/0x20 [ 1878.695791][T23550] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1878.701309][T23550] ? get_page_from_freelist+0x7c0/0x7c0 [ 1878.706824][T23550] ? __zone_watermark_ok+0x91/0x280 [ 1878.711996][T23550] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1878.717346][T23550] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1878.722861][T23550] ? copy_process+0x5a4/0x5110 [ 1878.727596][T23550] ? copy_process+0x5a4/0x5110 [ 1878.732329][T23550] ? kmem_cache_alloc+0x1d5/0x260 [ 1878.737323][T23550] copy_process+0x5f3/0x5110 [ 1878.741888][T23550] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1878.747584][T23550] ? _raw_spin_lock+0xa1/0x170 [ 1878.752319][T23550] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1878.758096][T23550] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 1878.764131][T23550] ? fork_idle+0x290/0x290 [ 1878.768517][T23550] _do_fork+0x196/0x920 [ 1878.772644][T23550] ? switch_mm+0x100/0x100 [ 1878.777031][T23550] ? dup_mm+0x300/0x300 [ 1878.781160][T23550] __x64_sys_clone+0x25e/0x2c0 [ 1878.785893][T23550] ? __ia32_sys_vfork+0x110/0x110 [ 1878.790888][T23550] ? __fpregs_load_activate+0x2d3/0x390 [ 1878.796425][T23550] do_syscall_64+0xcb/0x150 [ 1878.800902][T23550] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1878.806768][T23550] RIP: 0033:0x45fb59 [ 1878.810634][T23550] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1878.830211][T23550] RSP: 002b:00007ffd47501a68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1878.838594][T23550] RAX: ffffffffffffffda RBX: 00007f76464a3700 RCX: 000000000045fb59 [ 1878.846553][T23550] RDX: 00007f76464a39d0 RSI: 00007f76464a2db0 RDI: 00000000003d0f00 [ 1878.854524][T23550] RBP: 00007ffd47501c90 R08: 00007f76464a3700 R09: 00007f76464a3700 [ 1878.862466][T23550] R10: 00007f76464a39d0 R11: 0000000000000202 R12: 0000000000000000 [ 1878.870407][T23550] R13: 00007ffd47501b1f R14: 00007f76464a39c0 R15: 000000000118d08c [ 1878.909905][T23550] Mem-Info: [ 1878.913988][T23550] active_anon:1413336 inactive_anon:6774 isolated_anon:0 [ 1878.913988][T23550] active_file:459 inactive_file:468 isolated_file:59 [ 1878.913988][T23550] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1878.913988][T23550] slab_reclaimable:8819 slab_unreclaimable:77031 [ 1878.913988][T23550] mapped:57944 shmem:6853 pagetables:39044 bounce:0 [ 1878.913988][T23550] free:10097 free_pcp:358 free_cma:0 [ 1878.966776][T23550] Node 0 active_anon:5654444kB inactive_anon:27096kB active_file:1664kB inactive_file:1624kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:231576kB dirty:0kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1879.008139][T23550] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1879.034544][T23550] lowmem_reserve[]: 0 2912 6416 6416 [ 1879.040297][T23550] DMA32 free:17920kB min:4644kB low:7624kB high:10604kB active_anon:2819108kB inactive_anon:3540kB active_file:552kB inactive_file:1364kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14368kB pagetables:30844kB bounce:0kB free_pcp:1624kB local_pcp:344kB free_cma:0kB [ 1879.070195][T23550] lowmem_reserve[]: 0 0 3504 3504 [ 1879.075653][T23550] Normal free:6780kB min:5592kB low:9180kB high:12768kB active_anon:2834248kB inactive_anon:23556kB active_file:432kB inactive_file:256kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32000kB pagetables:125332kB bounce:0kB free_pcp:580kB local_pcp:252kB free_cma:0kB [ 1879.105592][T23550] lowmem_reserve[]: 0 0 0 0 [ 1879.110509][T23550] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1879.131081][T23550] DMA32: 231*4kB (UME) 105*8kB (UMEH) 48*16kB (UMEH) 21*32kB (UME) 11*64kB (UMEH) 11*128kB (U) 12*256kB (UM) 5*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 19140kB [ 1879.150536][T23550] Normal: 63*4kB (UME) 50*8kB (UE) 59*16kB (UME) 120*32kB (UM) 21*64kB (M) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6908kB [ 1879.166640][T23550] 7014 total pagecache pages [ 1879.172147][T23550] 0 pages in swap cache [ 1879.176945][T23550] Swap cache stats: add 0, delete 0, find 0/0 [ 1879.184041][T23550] Free swap = 0kB [ 1879.188422][T23550] Total swap = 0kB [ 1879.193083][T23550] 1965979 pages RAM [ 1879.197609][T23550] 0 pages HighMem/MovableOnly [ 1879.209482][T23550] 318829 pages reserved [ 1879.214211][T23550] 0 pages cma reserved [ 1879.218857][T23550] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=23547,uid=0 [ 1879.234094][T23550] Out of memory: Killed process 23547 (syz-executor.2) total-vm:85612kB, anon-rss:16564kB, file-rss:34240kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1879.259237][ T23] oom_reaper: reaped process 23547 (syz-executor.2), now anon-rss:0kB, file-rss:34312kB, shmem-rss:0kB 22:38:49 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:49 executing program 0: getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000240)) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:49 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x4000, 0x0) 22:38:50 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xcf00, 0x0) 22:38:50 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:50 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x0, 0x20}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_inet_SIOCGIFDSTADDR(r2, 0x8917, &(0x7f00000002c0)={'syzkaller0\x00', {0x2, 0x4e24, @multicast2}}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) r3 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) keyctl$read(0xb, r3, &(0x7f0000000100)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1879.941568][ T378] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 1879.977026][ T378] CPU: 1 PID: 378 Comm: syz-executor.3 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1879.987017][ T378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1879.997050][ T378] Call Trace: [ 1880.000321][ T378] dump_stack+0x14a/0x1ce [ 1880.004623][ T378] ? devkmsg_release+0x11c/0x11c [ 1880.009639][ T378] ? show_regs_print_info+0x12/0x12 [ 1880.014806][ T378] ? radix_tree_cpu_dead+0x160/0x160 [ 1880.020059][ T378] ? _raw_spin_lock+0xa1/0x170 [ 1880.024794][ T378] ? _raw_spin_trylock_bh+0x190/0x190 [ 1880.030138][ T378] dump_header+0xdb/0x700 [ 1880.034438][ T378] oom_kill_process+0xd3/0x280 [ 1880.039174][ T378] out_of_memory+0x5b6/0x890 [ 1880.043737][ T378] ? unregister_oom_notifier+0x20/0x20 [ 1880.049166][ T378] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1880.054688][ T378] ? get_page_from_freelist+0x7c0/0x7c0 [ 1880.060204][ T378] ? __zone_watermark_ok+0x91/0x280 [ 1880.065376][ T378] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1880.070719][ T378] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1880.076236][ T378] ? copy_process+0x5a4/0x5110 [ 1880.081057][ T378] ? kmem_cache_alloc+0x1d5/0x260 [ 1880.086053][ T378] copy_process+0x5f3/0x5110 [ 1880.090612][ T378] ? _raw_spin_unlock+0x5/0x20 [ 1880.095348][ T378] ? do_swap_page+0x1560/0x1560 [ 1880.100169][ T378] ? fork_idle+0x290/0x290 [ 1880.104581][ T378] _do_fork+0x196/0x920 [ 1880.108724][ T378] ? finish_fault+0x230/0x230 [ 1880.113371][ T378] ? dup_mm+0x300/0x300 [ 1880.117497][ T378] ? ktime_get_raw+0x130/0x130 [ 1880.122246][ T378] __x64_sys_clone+0x25e/0x2c0 [ 1880.126981][ T378] ? __ia32_sys_vfork+0x110/0x110 [ 1880.132063][ T378] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1880.137665][ T378] ? do_user_addr_fault+0x55c/0x9f0 [ 1880.142834][ T378] do_syscall_64+0xcb/0x150 [ 1880.147311][ T378] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1880.153197][ T378] RIP: 0033:0x45b75a [ 1880.157068][ T378] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 1880.176672][ T378] RSP: 002b:00007ffdc5ab06d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1880.185065][ T378] RAX: ffffffffffffffda RBX: 00007ffdc5ab06d0 RCX: 000000000045b75a [ 1880.193009][ T378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1880.200961][ T378] RBP: 00007ffdc5ab0710 R08: 0000000000000001 R09: 000000000171b940 [ 1880.208903][ T378] R10: 000000000171bc10 R11: 0000000000000246 R12: 0000000000000001 [ 1880.216861][ T378] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffdc5ab0760 [ 1880.244712][ T378] Mem-Info: [ 1880.258396][ T378] active_anon:1413873 inactive_anon:6774 isolated_anon:0 [ 1880.258396][ T378] active_file:369 inactive_file:608 isolated_file:42 [ 1880.258396][ T378] unevictable:0 dirty:19 writeback:0 unstable:0 [ 1880.258396][ T378] slab_reclaimable:8819 slab_unreclaimable:76926 [ 1880.258396][ T378] mapped:57848 shmem:6853 pagetables:39065 bounce:0 [ 1880.258396][ T378] free:9797 free_pcp:157 free_cma:0 [ 1880.312697][ T378] Node 0 active_anon:5655492kB inactive_anon:27096kB active_file:1576kB inactive_file:1676kB unevictable:0kB isolated(anon):0kB isolated(file):168kB mapped:230992kB dirty:76kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1880.337842][ T378] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1880.375111][ T378] lowmem_reserve[]: 0 2912 6416 6416 [ 1880.382550][ T378] DMA32 free:18652kB min:4644kB low:7624kB high:10604kB active_anon:2819912kB inactive_anon:3540kB active_file:368kB inactive_file:64kB unevictable:0kB writepending:128kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14336kB pagetables:30912kB bounce:0kB free_pcp:1468kB local_pcp:164kB free_cma:0kB [ 1880.412297][ T378] lowmem_reserve[]: 0 0 3504 3504 [ 1880.417345][ T378] Normal free:5500kB min:5592kB low:9180kB high:12768kB active_anon:2834480kB inactive_anon:23556kB active_file:452kB inactive_file:140kB unevictable:0kB writepending:56kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:31968kB pagetables:125348kB bounce:0kB free_pcp:1864kB local_pcp:404kB free_cma:0kB [ 1880.447103][ T378] lowmem_reserve[]: 0 0 0 0 [ 1880.451655][ T378] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1880.464981][ T378] DMA32: 287*4kB (UME) 99*8kB (UMEH) 39*16kB (UMEH) 13*32kB (UEH) 9*64kB (MEH) 13*128kB (UMH) 18*256kB (UM) 5*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 20580kB [ 1880.482021][ T378] Normal: 366*4kB (UME) 79*8kB (UME) 58*16kB (UME) 89*32kB (UM) 23*64kB (M) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 7472kB [ 1880.496800][ T378] 6957 total pagecache pages [ 1880.502159][ T378] 0 pages in swap cache [ 1880.506956][ T378] Swap cache stats: add 0, delete 0, find 0/0 [ 1880.513739][ T378] Free swap = 0kB [ 1880.517926][ T378] Total swap = 0kB [ 1880.521729][ T378] 1965979 pages RAM [ 1880.525512][ T378] 0 pages HighMem/MovableOnly [ 1880.530481][ T378] 318829 pages reserved [ 1880.534696][ T378] 0 pages cma reserved [ 1880.538806][ T378] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=23574,uid=0 [ 1880.552955][ T378] Out of memory: Killed process 23574 (syz-executor.0) total-vm:85348kB, anon-rss:16216kB, file-rss:33900kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1880.576011][ T23] oom_reaper: reaped process 23574 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 22:38:51 executing program 0: getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000000240)) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:51 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x2c, 0x0, 0x100, 0x70bd2a, 0x25dfdbff, {}, [@ETHTOOL_A_COALESCE_RATE_SAMPLE_INTERVAL={0x8, 0x17, 0xa35a}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_LOW={0x8, 0xf, 0xfff}, @ETHTOOL_A_COALESCE_RX_MAX_FRAMES_IRQ={0x8, 0x5, 0x80}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44040}, 0x800) sendmsg$ETHTOOL_MSG_CHANNELS_SET(0xffffffffffffffff, &(0x7f0000000340)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, 0x0, 0x100, 0x70bd2b, 0x25dfdbfe, {}, [@ETHTOOL_A_CHANNELS_COMBINED_COUNT={0x8, 0x9, 0x5}, @ETHTOOL_A_CHANNELS_TX_COUNT={0x8, 0x7, 0x6}]}, 0x24}, 0x1, 0x0, 0x0, 0x8054}, 0x5) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x3, 0x3, 0x0, 0x10000, 0xffffffffffff8001, 0xffffffff}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1881.154020][T23590] syz-executor.0 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 1881.201156][T23590] CPU: 0 PID: 23590 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1881.211322][T23590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1881.221353][T23590] Call Trace: [ 1881.224625][T23590] dump_stack+0x14a/0x1ce [ 1881.228946][T23590] ? devkmsg_release+0x11c/0x11c [ 1881.233858][T23590] ? show_regs_print_info+0x12/0x12 [ 1881.239024][T23590] ? radix_tree_cpu_dead+0x160/0x160 [ 1881.244277][T23590] ? _raw_spin_lock+0xa1/0x170 [ 1881.249022][T23590] ? _raw_spin_trylock_bh+0x190/0x190 [ 1881.254364][T23590] dump_header+0xdb/0x700 [ 1881.258663][T23590] oom_kill_process+0xd3/0x280 [ 1881.263395][T23590] out_of_memory+0x5b6/0x890 [ 1881.267968][T23590] ? unregister_oom_notifier+0x20/0x20 [ 1881.273412][T23590] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1881.278930][T23590] ? get_page_from_freelist+0x7c0/0x7c0 [ 1881.284455][T23590] ? flush_tlb_func_common+0x45/0x580 [ 1881.289815][T23590] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1881.295170][T23590] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1881.300685][T23590] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1881.306375][T23590] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 1881.312410][T23590] ? __perf_event_task_sched_in+0x4f7/0x560 [ 1881.318270][T23590] wp_page_copy+0x1cb/0x1120 [ 1881.322917][T23590] ? perf_pmu_sched_task+0x370/0x370 [ 1881.328168][T23590] ? switch_mm_irqs_off+0x2bf/0x9a0 [ 1881.333349][T23590] ? add_mm_rss_vec+0x270/0x270 [ 1881.338171][T23590] ? _raw_spin_unlock_irq+0x5/0x20 [ 1881.343268][T23590] ? finish_task_switch+0x235/0x4c0 [ 1881.348461][T23590] ? vm_normal_page+0x1c9/0x1d0 [ 1881.353299][T23590] do_wp_page+0x4c1/0x1530 [ 1881.357699][T23590] ? _raw_spin_lock+0xa1/0x170 [ 1881.362434][T23590] ? do_swap_page+0x1560/0x1560 [ 1881.367252][T23590] ? ttwu_do_wakeup+0x154/0x5b0 [ 1881.372111][T23590] handle_mm_fault+0xfa5/0x41e0 [ 1881.376933][T23590] ? __cgroup_account_cputime+0x2ba/0x2e0 [ 1881.382621][T23590] ? finish_fault+0x230/0x230 [ 1881.387265][T23590] ? update_curr+0x584/0x740 [ 1881.391840][T23590] ? down_read_trylock+0x17a/0x1d0 [ 1881.396920][T23590] ? _raw_spin_unlock_irq+0x5/0x20 [ 1881.402000][T23590] ? vmacache_find+0x205/0x4b0 [ 1881.406736][T23590] do_user_addr_fault+0x48a/0x9f0 [ 1881.411744][T23590] page_fault+0x2f/0x40 [ 1881.415883][T23590] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 1881.422439][T23590] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 1881.442012][T23590] RSP: 0018:ffff888027107888 EFLAGS: 00010206 [ 1881.448058][T23590] RAX: ffffffff81f86901 RBX: 0000000020878500 RCX: 0000000000000500 [ 1881.456012][T23590] RDX: 0000000000001000 RSI: ffff88800e368b00 RDI: 0000000020878000 [ 1881.463955][T23590] RBP: ffff888027107da8 R08: dffffc0000000000 R09: ffffed1001c6d200 [ 1881.471899][T23590] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 1881.479842][T23590] R13: 0000000000001000 R14: ffff88800e368000 R15: 0000000020877500 [ 1881.487791][T23590] ? copyout+0x51/0xb0 [ 1881.491857][T23590] copyout+0x8e/0xb0 [ 1881.495735][T23590] copy_page_to_iter+0x393/0xbd0 [ 1881.500643][T23590] pipe_to_user+0xa3/0x130 [ 1881.505028][T23590] __splice_from_pipe+0x2d3/0x870 [ 1881.510050][T23590] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 1881.515583][T23590] do_vmsplice+0x252/0xee0 [ 1881.519988][T23590] ? avc_ss_reset+0x3a0/0x3a0 [ 1881.524635][T23590] ? write_pipe_buf+0x1d0/0x1d0 [ 1881.529630][T23590] ? __rcu_read_lock+0x50/0x50 [ 1881.534363][T23590] ? check_stack_object+0x5a/0x90 [ 1881.539376][T23590] ? _copy_from_user+0xa4/0xe0 [ 1881.544111][T23590] ? rw_copy_check_uvector+0x2b3/0x310 [ 1881.549538][T23590] ? import_iovec+0x1c2/0x380 [ 1881.554184][T23590] ? dup_iter+0x110/0x110 [ 1881.558485][T23590] ? do_vfs_ioctl+0x780/0x1750 [ 1881.563233][T23590] __se_sys_vmsplice+0x1fb/0x300 [ 1881.568141][T23590] ? __x64_sys_vmsplice+0xa0/0xa0 [ 1881.573134][T23590] ? put_timespec64+0x109/0x150 [ 1881.577974][T23590] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1881.583576][T23590] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 1881.589266][T23590] do_syscall_64+0xcb/0x150 [ 1881.593744][T23590] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1881.599607][T23590] RIP: 0033:0x45d189 [ 1881.603472][T23590] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1881.623047][T23590] RSP: 002b:00007f76464c3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 1881.631428][T23590] RAX: ffffffffffffffda RBX: 0000000000035800 RCX: 000000000045d189 [ 1881.639370][T23590] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003 [ 1881.647311][T23590] RBP: 000000000118d028 R08: 0000000000000000 R09: 0000000000000000 [ 1881.655265][T23590] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cfec [ 1881.663238][T23590] R13: 00007ffd47501b1f R14: 00007f76464c49c0 R15: 000000000118cfec [ 1881.689601][T23590] Mem-Info: [ 1881.693068][T23590] active_anon:1412621 inactive_anon:6774 isolated_anon:0 [ 1881.693068][T23590] active_file:475 inactive_file:648 isolated_file:88 [ 1881.693068][T23590] unevictable:0 dirty:8 writeback:10 unstable:0 [ 1881.693068][T23590] slab_reclaimable:8818 slab_unreclaimable:76985 [ 1881.693068][T23590] mapped:57966 shmem:6853 pagetables:39073 bounce:0 [ 1881.693068][T23590] free:10495 free_pcp:577 free_cma:0 [ 1881.731129][T23590] Node 0 active_anon:5650484kB inactive_anon:27096kB active_file:1900kB inactive_file:2592kB unevictable:0kB isolated(anon):0kB isolated(file):356kB mapped:231764kB dirty:32kB writeback:40kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1881.755934][T23590] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1881.782171][T23590] lowmem_reserve[]: 0 2912 6416 6416 [ 1881.787692][T23590] DMA32 free:17656kB min:4644kB low:7624kB high:10604kB active_anon:2818584kB inactive_anon:3540kB active_file:852kB inactive_file:1708kB unevictable:0kB writepending:32kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14368kB pagetables:30852kB bounce:0kB free_pcp:1752kB local_pcp:576kB free_cma:0kB [ 1881.823780][T23590] lowmem_reserve[]: 0 0 3504 3504 [ 1881.829083][T23590] Normal free:8924kB min:9688kB low:13276kB high:16864kB active_anon:2832000kB inactive_anon:23556kB active_file:484kB inactive_file:484kB unevictable:0kB writepending:40kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32000kB pagetables:125440kB bounce:0kB free_pcp:412kB local_pcp:0kB free_cma:0kB [ 1881.858807][T23590] lowmem_reserve[]: 0 0 0 0 [ 1881.863563][T23590] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1881.877173][T23590] DMA32: 139*4kB (UME) 72*8kB (UMEH) 38*16kB (UMEH) 15*32kB (UME) 10*64kB (MEH) 8*128kB (UMH) 19*256kB (UM) 5*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 19500kB [ 1881.893918][T23590] Normal: 150*4kB (UMEH) 130*8kB (UMEH) 163*16kB (UME) 116*32kB (UMH) 23*64kB (UM) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9560kB [ 1881.909066][T23590] 7368 total pagecache pages [ 1881.913901][T23590] 0 pages in swap cache [ 1881.918257][T23590] Swap cache stats: add 0, delete 0, find 0/0 [ 1881.924581][T23590] Free swap = 0kB [ 1881.928509][T23590] Total swap = 0kB [ 1881.932438][T23590] 1965979 pages RAM [ 1881.936435][T23590] 0 pages HighMem/MovableOnly [ 1881.941405][T23590] 318829 pages reserved [ 1881.945749][T23590] 0 pages cma reserved [ 1881.950083][T23590] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=16228,uid=0 [ 1881.964451][T23590] Out of memory: Killed process 16228 (syz-executor.2) total-vm:85348kB, anon-rss:10036kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 1882.966663][T23592] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1882.990907][T23592] CPU: 0 PID: 23592 Comm: syz-executor.1 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1883.001070][T23592] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1883.011113][T23592] Call Trace: [ 1883.014404][T23592] dump_stack+0x14a/0x1ce [ 1883.018731][T23592] ? devkmsg_release+0x11c/0x11c [ 1883.023666][T23592] ? show_regs_print_info+0x12/0x12 [ 1883.028858][T23592] ? radix_tree_cpu_dead+0x160/0x160 [ 1883.034140][T23592] ? _raw_spin_lock+0xa1/0x170 [ 1883.038897][T23592] ? _raw_spin_trylock_bh+0x190/0x190 [ 1883.044265][T23592] dump_header+0xdb/0x700 [ 1883.048591][T23592] oom_kill_process+0xd3/0x280 [ 1883.053351][T23592] out_of_memory+0x5b6/0x890 [ 1883.057932][T23592] ? unregister_oom_notifier+0x20/0x20 [ 1883.063385][T23592] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1883.068929][T23592] ? get_page_from_freelist+0x7c0/0x7c0 [ 1883.074467][T23592] ? __zone_watermark_ok+0x91/0x280 [ 1883.079665][T23592] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1883.085031][T23592] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1883.090568][T23592] ? copy_process+0x5a4/0x5110 [ 1883.095323][T23592] ? copy_process+0x5a4/0x5110 [ 1883.100087][T23592] ? kmem_cache_alloc+0x1d5/0x260 [ 1883.105103][T23592] copy_process+0x5f3/0x5110 [ 1883.109685][T23592] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1883.115393][T23592] ? _raw_spin_lock+0xa1/0x170 [ 1883.120149][T23592] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1883.125947][T23592] ? __lru_cache_add+0x1a1/0x1f0 [ 1883.130884][T23592] ? fork_idle+0x290/0x290 [ 1883.135293][T23592] _do_fork+0x196/0x920 [ 1883.139444][T23592] ? finish_fault+0x230/0x230 [ 1883.144111][T23592] ? up_write+0xa1/0x190 [ 1883.148347][T23592] ? dup_mm+0x300/0x300 [ 1883.152504][T23592] __x64_sys_clone+0x25e/0x2c0 [ 1883.157262][T23592] ? __ia32_sys_vfork+0x110/0x110 [ 1883.162282][T23592] ? do_user_addr_fault+0x55c/0x9f0 [ 1883.167477][T23592] do_syscall_64+0xcb/0x150 [ 1883.171981][T23592] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1883.177863][T23592] RIP: 0033:0x45fb59 [ 1883.181752][T23592] Code: Bad RIP value. [ 1883.185802][T23592] RSP: 002b:00007ffc48160ff8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1883.194211][T23592] RAX: ffffffffffffffda RBX: 00007f76f00ab700 RCX: 000000000045fb59 [ 1883.202170][T23592] RDX: 00007f76f00ab9d0 RSI: 00007f76f00aadb0 RDI: 00000000003d0f00 [ 1883.210132][T23592] RBP: 00007ffc48161220 R08: 00007f76f00ab700 R09: 00007f76f00ab700 [ 1883.218094][T23592] R10: 00007f76f00ab9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1883.226054][T23592] R13: 00007ffc481610af R14: 00007f76f00ab9c0 R15: 000000000118cf4c [ 1883.244894][T23592] Mem-Info: [ 1883.251559][T23592] active_anon:1414332 inactive_anon:6774 isolated_anon:0 [ 1883.251559][T23592] active_file:73 inactive_file:84 isolated_file:35 [ 1883.251559][T23592] unevictable:0 dirty:4 writeback:0 unstable:0 [ 1883.251559][T23592] slab_reclaimable:8817 slab_unreclaimable:76861 [ 1883.251559][T23592] mapped:57267 shmem:6853 pagetables:39071 bounce:0 [ 1883.251559][T23592] free:9939 free_pcp:489 free_cma:0 [ 1883.291828][T23592] Node 0 active_anon:5657328kB inactive_anon:27096kB active_file:292kB inactive_file:332kB unevictable:0kB isolated(anon):0kB isolated(file):20kB mapped:228968kB dirty:16kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1883.316358][T23592] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1883.342545][T23592] lowmem_reserve[]: 0 2912 6416 6416 [ 1883.348047][T23592] DMA32 free:19144kB min:4644kB low:7624kB high:10604kB active_anon:2822264kB inactive_anon:3540kB active_file:0kB inactive_file:80kB unevictable:0kB writepending:4kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14240kB pagetables:30884kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1883.377917][T23592] lowmem_reserve[]: 0 0 3504 3504 [ 1883.383171][T23592] Normal free:6220kB min:5592kB low:9180kB high:12768kB active_anon:2834732kB inactive_anon:23556kB active_file:32kB inactive_file:528kB unevictable:0kB writepending:4kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:31968kB pagetables:125400kB bounce:0kB free_pcp:892kB local_pcp:384kB free_cma:0kB [ 1883.413778][T23592] lowmem_reserve[]: 0 0 0 0 [ 1883.418479][T23592] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1883.432138][T23592] DMA32: 11*4kB (UE) 18*8kB (UMEH) 20*16kB (UMEH) 22*32kB (UMEH) 31*64kB (UMEH) 6*128kB (UMH) 18*256kB (UM) 5*512kB (M) 6*1024kB (M) 1*2048kB (M) 0*4096kB = 19324kB [ 1883.448640][T23592] Normal: 146*4kB (ME) 65*8kB (ME) 13*16kB (UME) 95*32kB (UM) 26*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6016kB [ 1883.462506][T23592] 6920 total pagecache pages [ 1883.467072][T23592] 0 pages in swap cache [ 1883.471219][T23592] Swap cache stats: add 0, delete 0, find 0/0 [ 1883.477253][T23592] Free swap = 0kB [ 1883.481008][T23592] Total swap = 0kB [ 1883.484702][T23592] 1965979 pages RAM [ 1883.488474][T23592] 0 pages HighMem/MovableOnly [ 1883.493344][T23592] 318829 pages reserved [ 1883.497492][T23592] 0 pages cma reserved [ 1883.501581][T23592] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=23593,uid=0 [ 1883.515743][T23592] Out of memory: Killed process 23593 (syz-executor.0) total-vm:85348kB, anon-rss:16560kB, file-rss:34840kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 22:38:53 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xe51d, 0x0) 22:38:54 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:54 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x0) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:55 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x4) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') dup(0xffffffffffffffff) ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000300)={0x0, {0x2, 0x4e20, @remote}, {0x2, 0x4e23, @remote}, {0x2, 0x4e23, @broadcast}, 0x10e, 0x0, 0x0, 0x0, 0x2, &(0x7f00000002c0)='veth1_to_bridge\x00', 0xf7, 0xaf, 0x5}) preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:55 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x100000, 0x0) [ 1884.669709][T23612] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1884.698073][T23612] CPU: 1 PID: 23612 Comm: syz-executor.3 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1884.708243][T23612] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1884.718291][T23612] Call Trace: [ 1884.721582][T23612] dump_stack+0x14a/0x1ce [ 1884.725908][T23612] ? devkmsg_release+0x11c/0x11c [ 1884.730842][T23612] ? show_regs_print_info+0x12/0x12 [ 1884.736034][T23612] ? radix_tree_cpu_dead+0x160/0x160 [ 1884.741309][T23612] ? _raw_spin_lock+0xa1/0x170 [ 1884.746066][T23612] ? _raw_spin_trylock_bh+0x190/0x190 [ 1884.751439][T23612] dump_header+0xdb/0x700 [ 1884.755767][T23612] oom_kill_process+0xd3/0x280 [ 1884.760526][T23612] out_of_memory+0x5b6/0x890 [ 1884.765114][T23612] ? unregister_oom_notifier+0x20/0x20 [ 1884.770569][T23612] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1884.776113][T23612] ? get_page_from_freelist+0x7c0/0x7c0 [ 1884.781655][T23612] ? __zone_watermark_ok+0x91/0x280 [ 1884.786849][T23612] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1884.792196][T23612] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1884.797713][T23612] ? copy_process+0x5a4/0x5110 [ 1884.802466][T23612] ? copy_process+0x5a4/0x5110 [ 1884.807199][T23612] ? kmem_cache_alloc+0x1d5/0x260 [ 1884.812193][T23612] copy_process+0x5f3/0x5110 [ 1884.816757][T23612] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1884.822446][T23612] ? _raw_spin_lock+0xa1/0x170 [ 1884.827197][T23612] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1884.832991][T23612] ? __lru_cache_add+0x1a1/0x1f0 [ 1884.837910][T23612] ? fork_idle+0x290/0x290 [ 1884.842308][T23612] _do_fork+0x196/0x920 [ 1884.846439][T23612] ? finish_fault+0x230/0x230 [ 1884.851094][T23612] ? up_write+0xa1/0x190 [ 1884.855308][T23612] ? dup_mm+0x300/0x300 [ 1884.859441][T23612] __x64_sys_clone+0x25e/0x2c0 [ 1884.864183][T23612] ? __ia32_sys_vfork+0x110/0x110 [ 1884.869179][T23612] ? do_user_addr_fault+0x55c/0x9f0 [ 1884.874367][T23612] do_syscall_64+0xcb/0x150 [ 1884.878853][T23612] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1884.884717][T23612] RIP: 0033:0x45fb59 [ 1884.888592][T23612] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1884.908169][T23612] RSP: 002b:00007ffdc5ab0428 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1884.916564][T23612] RAX: ffffffffffffffda RBX: 00007fde32b31700 RCX: 000000000045fb59 [ 1884.924507][T23612] RDX: 00007fde32b319d0 RSI: 00007fde32b30db0 RDI: 00000000003d0f00 [ 1884.932467][T23612] RBP: 00007ffdc5ab0650 R08: 00007fde32b31700 R09: 00007fde32b31700 [ 1884.940424][T23612] R10: 00007fde32b319d0 R11: 0000000000000202 R12: 0000000000000000 [ 1884.948366][T23612] R13: 00007ffdc5ab04df R14: 00007fde32b319c0 R15: 000000000118cf4c [ 1884.957032][T23612] Mem-Info: [ 1884.960350][T23612] active_anon:1412072 inactive_anon:6774 isolated_anon:0 [ 1884.960350][T23612] active_file:153 inactive_file:85 isolated_file:48 [ 1884.960350][T23612] unevictable:0 dirty:4 writeback:0 unstable:0 [ 1884.960350][T23612] slab_reclaimable:8817 slab_unreclaimable:77311 [ 1884.960350][T23612] mapped:57375 shmem:6853 pagetables:39019 bounce:0 [ 1884.960350][T23612] free:11898 free_pcp:194 free_cma:0 [ 1885.006403][T23612] Node 0 active_anon:5648288kB inactive_anon:27096kB active_file:512kB inactive_file:1140kB unevictable:0kB isolated(anon):0kB isolated(file):308kB mapped:229800kB dirty:16kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1885.031151][T23612] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1885.057603][T23612] lowmem_reserve[]: 0 2912 6416 6416 [ 1885.074486][T23612] DMA32 free:18176kB min:4644kB low:7624kB high:10604kB active_anon:2818312kB inactive_anon:3540kB active_file:460kB inactive_file:2932kB unevictable:0kB writepending:4kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14240kB pagetables:30680kB bounce:0kB free_pcp:732kB local_pcp:280kB free_cma:0kB [ 1885.143499][T23612] lowmem_reserve[]: 0 0 3504 3504 [ 1885.154340][T23612] Normal free:10224kB min:17880kB low:21468kB high:25056kB active_anon:2829976kB inactive_anon:23556kB active_file:568kB inactive_file:248kB unevictable:0kB writepending:12kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32032kB pagetables:125396kB bounce:0kB free_pcp:220kB local_pcp:76kB free_cma:0kB [ 1885.195358][T23612] lowmem_reserve[]: 0 0 0 0 [ 1885.205230][T23612] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1885.218922][T23612] DMA32: 40*4kB (UMEH) 25*8kB (UMEH) 20*16kB (UEH) 11*32kB (MEH) 38*64kB (UMEH) 9*128kB (UMH) 17*256kB (M) 5*512kB (M) 5*1024kB (M) 1*2048kB (U) 0*4096kB = 18696kB [ 1885.257141][T23612] Normal: 413*4kB (UME) 203*8kB (UME) 152*16kB (UME) 114*32kB (UM) 24*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 10892kB [ 1885.275012][T23612] 7610 total pagecache pages [ 1885.279925][T23612] 0 pages in swap cache [ 1885.284271][T23612] Swap cache stats: add 0, delete 0, find 0/0 [ 1885.290661][T23612] Free swap = 0kB [ 1885.294629][T23612] Total swap = 0kB [ 1885.298461][T23612] 1965979 pages RAM [ 1885.302641][T23612] 0 pages HighMem/MovableOnly [ 1885.307647][T23612] 318829 pages reserved [ 1885.312170][T23612] 0 pages cma reserved [ 1885.316448][T23612] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=23598,uid=0 [ 1885.333522][T23612] Out of memory: Killed process 23598 (syz-executor.4) total-vm:85744kB, anon-rss:16572kB, file-rss:34368kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 22:38:55 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xf0ff7f, 0x0) [ 1885.355544][ T23] oom_reaper: reaped process 23598 (syz-executor.4), now anon-rss:0kB, file-rss:34344kB, shmem-rss:0kB 22:38:56 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x1, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) ioctl$TCSETX(r2, 0x5433, &(0x7f0000000280)={0x6, 0xc5bc, [0x3, 0x0, 0x20, 0x8000, 0x9], 0x5}) set_robust_list(&(0x7f0000000400)={&(0x7f0000000300)={&(0x7f00000002c0)}, 0x5, &(0x7f00000003c0)={&(0x7f0000000380)}}, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) timer_settime(0x0, 0x1, &(0x7f0000000340), 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') 22:38:56 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x1000000, 0x0) 22:38:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:56 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x2000000, 0x0) 22:38:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:56 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x3000000, 0x0) 22:38:56 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1885.921722][T23623] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1885.984576][T23623] CPU: 1 PID: 23623 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1885.994761][T23623] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1886.004803][T23623] Call Trace: [ 1886.008089][T23623] dump_stack+0x14a/0x1ce [ 1886.012388][T23623] ? devkmsg_release+0x11c/0x11c [ 1886.017293][T23623] ? show_regs_print_info+0x12/0x12 [ 1886.022821][T23623] ? radix_tree_cpu_dead+0x160/0x160 [ 1886.028073][T23623] ? _raw_spin_lock+0xa1/0x170 [ 1886.032806][T23623] ? _raw_spin_trylock_bh+0x190/0x190 [ 1886.038147][T23623] dump_header+0xdb/0x700 [ 1886.042449][T23623] oom_kill_process+0xd3/0x280 [ 1886.047181][T23623] out_of_memory+0x5b6/0x890 [ 1886.051740][T23623] ? unregister_oom_notifier+0x20/0x20 [ 1886.057171][T23623] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1886.062706][T23623] ? get_page_from_freelist+0x7c0/0x7c0 [ 1886.068236][T23623] ? __zone_watermark_ok+0x91/0x280 [ 1886.073407][T23623] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1886.078837][T23623] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1886.084443][T23623] ? copy_process+0x5a4/0x5110 [ 1886.089175][T23623] ? kmem_cache_alloc+0x1d5/0x260 [ 1886.094171][T23623] copy_process+0x5f3/0x5110 [ 1886.098734][T23623] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1886.104434][T23623] ? _raw_spin_lock+0xa1/0x170 [ 1886.109169][T23623] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1886.115123][T23623] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 1886.121160][T23623] ? fork_idle+0x290/0x290 [ 1886.125547][T23623] _do_fork+0x196/0x920 [ 1886.129674][T23623] ? switch_mm+0x100/0x100 [ 1886.134087][T23623] ? dup_mm+0x300/0x300 [ 1886.138658][T23623] __x64_sys_clone+0x25e/0x2c0 [ 1886.143401][T23623] ? __ia32_sys_vfork+0x110/0x110 [ 1886.148413][T23623] ? __fpregs_load_activate+0x2d3/0x390 [ 1886.153930][T23623] do_syscall_64+0xcb/0x150 [ 1886.158421][T23623] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1886.164297][T23623] RIP: 0033:0x45fb59 [ 1886.168163][T23623] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1886.187739][T23623] RSP: 002b:00007ffd47501a68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1886.196119][T23623] RAX: ffffffffffffffda RBX: 00007f7646482700 RCX: 000000000045fb59 [ 1886.204076][T23623] RDX: 00007f76464829d0 RSI: 00007f7646481db0 RDI: 00000000003d0f00 [ 1886.212032][T23623] RBP: 00007ffd47501c90 R08: 00007f7646482700 R09: 00007f7646482700 [ 1886.219975][T23623] R10: 00007f76464829d0 R11: 0000000000000202 R12: 0000000000000000 [ 1886.228003][T23623] R13: 00007ffd47501b1f R14: 00007f76464829c0 R15: 000000000118d12c [ 1886.255799][T23623] Mem-Info: [ 1886.266410][T23623] active_anon:1411853 inactive_anon:6774 isolated_anon:0 [ 1886.266410][T23623] active_file:457 inactive_file:510 isolated_file:32 [ 1886.266410][T23623] unevictable:0 dirty:30 writeback:0 unstable:0 [ 1886.266410][T23623] slab_reclaimable:8817 slab_unreclaimable:77050 [ 1886.266410][T23623] mapped:58081 shmem:6853 pagetables:39085 bounce:0 [ 1886.266410][T23623] free:11711 free_pcp:50 free_cma:0 [ 1886.304663][T23623] Node 0 active_anon:5647412kB inactive_anon:27096kB active_file:1828kB inactive_file:2040kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:232224kB dirty:120kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1886.329672][T23623] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1886.397770][T23623] lowmem_reserve[]: 0 2912 6416 6416 [ 1886.442405][T23623] DMA32 free:17512kB min:4644kB low:7624kB high:10604kB active_anon:2819988kB inactive_anon:3540kB active_file:1040kB inactive_file:1484kB unevictable:0kB writepending:148kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14336kB pagetables:30856kB bounce:0kB free_pcp:144kB local_pcp:144kB free_cma:0kB [ 1886.511374][T23623] lowmem_reserve[]: 0 0 3504 3504 [ 1886.516876][T23623] Normal free:10476kB min:13784kB low:17372kB high:20960kB active_anon:2830128kB inactive_anon:23556kB active_file:852kB inactive_file:648kB unevictable:0kB writepending:64kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32192kB pagetables:125640kB bounce:0kB free_pcp:296kB local_pcp:256kB free_cma:0kB [ 1886.553845][T23623] lowmem_reserve[]: 0 0 0 0 [ 1886.558543][T23623] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1886.572111][T23623] DMA32: 155*4kB (UMEH) 43*8kB (UMEH) 29*16kB (UMEH) 30*32kB (UMEH) 24*64kB (UMEH) 9*128kB (UMH) 18*256kB (UM) 5*512kB (M) 6*1024kB (UM) 0*2048kB 0*4096kB = 18388kB [ 1886.588783][T23623] Normal: 237*4kB (UME) 34*8kB (UME) 174*16kB (UME) 180*32kB (UM) 22*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 11172kB [ 1886.603202][T23623] 7417 total pagecache pages [ 1886.607928][T23623] 0 pages in swap cache [ 1886.612263][T23623] Swap cache stats: add 0, delete 0, find 0/0 [ 1886.618451][T23623] Free swap = 0kB [ 1886.622514][T23623] Total swap = 0kB [ 1886.626385][T23623] 1965979 pages RAM [ 1886.630427][T23623] 0 pages HighMem/MovableOnly [ 1886.635265][T23623] 318829 pages reserved [ 1886.639745][T23623] 0 pages cma reserved [ 1886.643936][T23623] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=23621,uid=0 [ 1886.658174][T23623] Out of memory: Killed process 23621 (syz-executor.2) total-vm:85480kB, anon-rss:14444kB, file-rss:34968kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1886.679023][ T23] oom_reaper: reaped process 23621 (syz-executor.2), now anon-rss:0kB, file-rss:34824kB, shmem-rss:0kB 22:38:57 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x4000000, 0x0) 22:38:57 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x0) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:38:57 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x800, 0x0, 0x0, 0x10001}]}) getpid() sched_setattr(0x0, &(0x7f0000000540)={0x38, 0x2, 0x0, 0x642, 0x3, 0x7, 0x0, 0x2}, 0x0) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000780)=[{&(0x7f0000000300)="6f54d12dab7c3126cf93672b64a37d36bce853288cbf5ed4b2b6b1ab80757fb0b92fa8738fd45ee4d2d5f2b8a1b14228128b080c5b62c0d2b85149dd2efe11d30fe85b2305a0956849f38fec0061134278e3e2c9304a2e80bf7e58cf5f05000000b23d78cb7babc1a300a9615791f6ef037130841719854855b54e48715df5b41b74", 0x82}, {&(0x7f00000003c0)="4fb0e10e4755c825b37de4390d8e0ea2062a9a7fa7cf19085afcafd0177bea3582a48aaa73db5e82edf2967549144bf739bbc73229ca4c30c4f8087788e692166269fd417b56c152e8c1281b970c8950f2d4af8dd14278b2af36b79fe39370b1698d6546af4db0b9785bf7f99deeadc12b40ae34cadc0eda36e94dde98a893f0ab010315310286710677f16d61427f15d6ae95ff3dd01c9f30395ce88f1854f147a21634f7b91606bc22f05468e87778e2fd0e0c00e71c41eb19efea0c4678e1565ec8200a5bc03a9d2706244fbeed8609262abf05d932a28c2b4ff072e873d8e50a17d5002e58c5501c3d4ae719b7d7773ed43b499dc312fe8a", 0xfa}, {&(0x7f00000004c0)="ed8015798fef491d87744d736a6f8225f06524743a71310428d9bf4020fc61c66c1fdb3b127012e401136053c89d7976b5422e4c00fe1422a2b7f2219f8cad2bd2f6a320e448a240ffa1e00ca9dffbd2e8bd2f786b7b30859c50", 0x5a}, {&(0x7f0000000540)}, {&(0x7f0000000580)="6a9d70de1cf08183228bf7f410d118c079eb88379416312f71adbd37cc12d7213e2089811fb449970b42f5265634c7c56572e6c490055eaf139cbef2f52cfb5ea0c51b7da7eb25f7e17f807baed47723f708086d2c4d8e15846e8c084c3eca5b8d8702483d59ef1dbd0b70bcbde96e12060ddea90b73e242664b05fd20975bf67c6969b730f6be27313ed520c2e838439b753237b9bcce87abafce4501d66cf35ba98b365b10a92e023e7554279c47a06749e2d64c474093fbb6735e477a58dd48f505b9dd8465c0f0293ad38399df448f9c690abcd2ef6bb36103590f374fb6ee80bed90da3febd83f9", 0xea}, {&(0x7f0000000800)="a3fedeafea10aec6972df18873ffd5c1a88e18489f409f7f529b5335539a656cca16cacfff2ce49c893ef293b66622730bc8b86882732192d21dc339b21f965a1e686ec5f8fcae49ed9b8195f7d3a6a9fdec5ec5639f19b2568565d5e569451f5747518c7feb5f0d05240e7419d97ad448b60b8b809a7abc8d07901d579dd7dafb6f2ad7612b847f143b3c7b6d2ee311553e8deb92deb5c348b0cd2aa0a46b87f541cbf1580e31f61ce106ad49bd029aa3de0e02d86719d991d0d2f741082f0e22be", 0xc2}, {&(0x7f00000006c0)="fbe20ce05a7ac2854ec1031212536d5af90ca39b799b98509d2be5f3a4e1e894abaf6e2cc23e890c8df39bafcd415bec6d3559454852de14e33b07ee2fcdbcad577cd54fc1d280b5716685801b114407e8f0b7f02c34bd6870942fb6334db70a94a97296178e91ece6a741f00045dbb9084fb242f77123cc2c984159099c9116a6f7b8e0ad21a5e4c8d7517dee8df89d769240174d30338f43d06f0f7dab7750978dbdd54deeb4879eb2", 0xaa}], 0x7, 0xf) r3 = getpid() sched_setattr(r3, &(0x7f00000002c0)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) sched_setattr(r3, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6, 0x80000001, 0x0, 0x0, 0x0, 0x4}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:57 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x5000000, 0x0) 22:38:57 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1887.273678][T23656] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1887.286046][T23656] CPU: 1 PID: 23656 Comm: syz-executor.2 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1887.296188][T23656] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1887.306267][T23656] Call Trace: [ 1887.309544][T23656] dump_stack+0x14a/0x1ce [ 1887.314105][T23656] ? devkmsg_release+0x11c/0x11c [ 1887.319011][T23656] ? show_regs_print_info+0x12/0x12 [ 1887.324201][T23656] ? radix_tree_cpu_dead+0x160/0x160 [ 1887.329461][T23656] ? _raw_spin_lock+0xa1/0x170 [ 1887.334209][T23656] ? _raw_spin_trylock_bh+0x190/0x190 [ 1887.339564][T23656] dump_header+0xdb/0x700 [ 1887.343863][T23656] oom_kill_process+0xd3/0x280 [ 1887.348942][T23656] out_of_memory+0x5b6/0x890 [ 1887.353503][T23656] ? unregister_oom_notifier+0x20/0x20 [ 1887.358931][T23656] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1887.364451][T23656] ? get_page_from_freelist+0x7c0/0x7c0 [ 1887.370056][T23656] ? __zone_watermark_ok+0x91/0x280 [ 1887.375322][T23656] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1887.380666][T23656] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1887.386184][T23656] ? copy_process+0x5a4/0x5110 [ 1887.390914][T23656] ? kmem_cache_alloc+0x1d5/0x260 [ 1887.395905][T23656] copy_process+0x5f3/0x5110 [ 1887.400640][T23656] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1887.406342][T23656] ? _raw_spin_lock+0xa1/0x170 [ 1887.411076][T23656] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1887.417037][T23656] ? __lru_cache_add+0x1a1/0x1f0 [ 1887.421963][T23656] ? fork_idle+0x290/0x290 [ 1887.426351][T23656] _do_fork+0x196/0x920 [ 1887.430477][T23656] ? finish_fault+0x230/0x230 [ 1887.435139][T23656] ? up_write+0xa1/0x190 [ 1887.439352][T23656] ? dup_mm+0x300/0x300 [ 1887.443565][T23656] __x64_sys_clone+0x25e/0x2c0 [ 1887.448297][T23656] ? __ia32_sys_vfork+0x110/0x110 [ 1887.453306][T23656] ? do_user_addr_fault+0x55c/0x9f0 [ 1887.458487][T23656] do_syscall_64+0xcb/0x150 [ 1887.462980][T23656] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1887.468852][T23656] RIP: 0033:0x45fb59 [ 1887.472725][T23656] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1887.492310][T23656] RSP: 002b:00007ffffd03cc78 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1887.500703][T23656] RAX: ffffffffffffffda RBX: 00007fdec7a94700 RCX: 000000000045fb59 [ 1887.508653][T23656] RDX: 00007fdec7a949d0 RSI: 00007fdec7a93db0 RDI: 00000000003d0f00 [ 1887.516594][T23656] RBP: 00007ffffd03cea0 R08: 00007fdec7a94700 R09: 00007fdec7a94700 [ 1887.524540][T23656] R10: 00007fdec7a949d0 R11: 0000000000000202 R12: 0000000000000000 [ 1887.533196][T23656] R13: 00007ffffd03cd2f R14: 00007fdec7a949c0 R15: 000000000118d08c [ 1887.547995][T23656] Mem-Info: [ 1887.551949][T23656] active_anon:1410974 inactive_anon:6774 isolated_anon:0 [ 1887.551949][T23656] active_file:329 inactive_file:544 isolated_file:57 [ 1887.551949][T23656] unevictable:0 dirty:56 writeback:0 unstable:0 [ 1887.551949][T23656] slab_reclaimable:8817 slab_unreclaimable:77215 [ 1887.551949][T23656] mapped:57809 shmem:6853 pagetables:39098 bounce:0 [ 1887.551949][T23656] free:12527 free_pcp:111 free_cma:0 [ 1887.673131][T23656] Node 0 active_anon:5644196kB inactive_anon:27096kB active_file:2016kB inactive_file:2616kB unevictable:0kB isolated(anon):0kB isolated(file):132kB mapped:232236kB dirty:24kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1887.735514][T23656] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1887.762919][T23656] lowmem_reserve[]: 0 2912 6416 6416 [ 1887.780121][T23656] DMA32 free:22708kB min:8740kB low:11720kB high:14700kB active_anon:2814892kB inactive_anon:3540kB active_file:416kB inactive_file:268kB unevictable:0kB writepending:140kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14336kB pagetables:30956kB bounce:0kB free_pcp:344kB local_pcp:80kB free_cma:0kB [ 1887.879166][T23656] lowmem_reserve[]: 0 0 3504 3504 [ 1887.889959][T23656] Normal free:10856kB min:5592kB low:9180kB high:12768kB active_anon:2829004kB inactive_anon:23556kB active_file:848kB inactive_file:1264kB unevictable:0kB writepending:84kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32064kB pagetables:125436kB bounce:0kB free_pcp:224kB local_pcp:120kB free_cma:0kB [ 1888.027798][T23656] lowmem_reserve[]: 0 0 0 0 [ 1888.041564][T23656] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1888.085587][T23656] DMA32: 81*4kB (UMEH) 50*8kB (UMEH) 47*16kB (UMEH) 55*32kB (UMEH) 41*64kB (UMEH) 10*128kB (UMH) 17*256kB (M) 5*512kB (M) 5*1024kB (M) 0*2048kB 0*4096kB = 19172kB [ 1888.143546][T23656] Normal: 110*4kB (UME) 42*8kB (UME) 16*16kB (UME) 108*32kB (UM) 23*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5960kB [ 1888.190642][T23656] 7356 total pagecache pages [ 1888.195399][T23656] 0 pages in swap cache [ 1888.200040][T23656] Swap cache stats: add 0, delete 0, find 0/0 [ 1888.206258][T23656] Free swap = 0kB [ 1888.210237][T23656] Total swap = 0kB [ 1888.214251][T23656] 1965979 pages RAM [ 1888.218205][T23656] 0 pages HighMem/MovableOnly [ 1888.223133][T23656] 318829 pages reserved [ 1888.227431][T23656] 0 pages cma reserved [ 1888.231939][T23656] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=13880,uid=0 [ 1888.246299][T23656] Out of memory: Killed process 13880 (syz-executor.2) total-vm:85348kB, anon-rss:10036kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 1888.268650][ T23] oom_reaper: reaped process 13880 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 22:38:59 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000300)=@filter={'filter\x00', 0xe, 0x4, 0x4f0, 0xffffffff, 0x0, 0x0, 0x1d8, 0xffffffff, 0xffffffff, 0x420, 0x420, 0x420, 0xffffffff, 0x4, &(0x7f00000002c0), {[{{@ipv6={@local, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', [0xffffffff, 0xff000000, 0xffffff, 0xff], [0x0, 0xff, 0xff000000, 0xff000000], 'team_slave_1\x00', 'erspan0\x00', {}, {0xff}, 0x1d, 0x3, 0x0, 0x40}, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@multicast1, [0x0, 0x0, 0xff000000, 0xff0000ff], 0x4e23, 0x4e20, 0x4e21, 0x4e23, 0x401, 0x8, 0x7fffffff, 0x3, 0x9}}}, {{@ipv6={@empty, @mcast1, [0xffffffff, 0xff000000, 0xff000000, 0xff], [0x0, 0xff000000, 0xffffffff, 0xffffffff], 'ip6gre0\x00', 'macvlan1\x00', {0xff}, {0xff}, 0x1d, 0x28, 0x4, 0x9}, 0x0, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x3}}}, {{@ipv6={@dev={0xfe, 0x80, [], 0x1b}, @loopback, [0xffffff00, 0x0, 0x0, 0xff000000], [0x0, 0xff000000, 0xffffffff, 0xffffffff], 'ip6erspan0\x00', 'netpci0\x00', {}, {}, 0x4, 0x3, 0x0, 0xb0}, 0x0, 0x120, 0x248, 0x0, {}, [@common=@frag={{0x30, 'frag\x00'}, {[0x0, 0x5], 0xffffffff, 0x14, 0x3}}, @common=@dst={{0x48, 'dst\x00'}, {0x1, 0x4, 0x0, [0xffc5, 0x3, 0xa61, 0x81, 0x1400, 0x400, 0x1f, 0x100, 0xcde, 0x8, 0x6, 0x1, 0x4, 0xfff, 0x8, 0x7], 0xb}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x40000000, 'system_u:system_r:kernel_t:s0\x00'}}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x550) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:59 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) syz_genetlink_get_family_id$tipc(&(0x7f0000000280)='TIPC\x00') vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:38:59 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x6000000, 0x0) 22:38:59 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x94], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:38:59 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, 0x0) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) [ 1890.953985][ T368] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 1890.965837][ T368] CPU: 0 PID: 368 Comm: syz-executor.1 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1890.975808][ T368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1890.985854][ T368] Call Trace: [ 1890.989155][ T368] dump_stack+0x14a/0x1ce [ 1890.993572][ T368] ? devkmsg_release+0x11c/0x11c [ 1890.998506][ T368] ? show_regs_print_info+0x12/0x12 [ 1891.003692][ T368] ? radix_tree_cpu_dead+0x160/0x160 [ 1891.008962][ T368] ? _raw_spin_lock+0xa1/0x170 [ 1891.013701][ T368] ? _raw_spin_trylock_bh+0x190/0x190 [ 1891.019050][ T368] dump_header+0xdb/0x700 [ 1891.023355][ T368] oom_kill_process+0xd3/0x280 [ 1891.028095][ T368] out_of_memory+0x5b6/0x890 [ 1891.032661][ T368] ? unregister_oom_notifier+0x20/0x20 [ 1891.038171][ T368] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1891.043702][ T368] ? get_page_from_freelist+0x7c0/0x7c0 [ 1891.050152][ T368] ? __zone_watermark_ok+0x91/0x280 [ 1891.055336][ T368] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1891.060694][ T368] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1891.066223][ T368] ? copy_process+0x5a4/0x5110 [ 1891.070967][ T368] ? kmem_cache_alloc+0x1d5/0x260 [ 1891.075968][ T368] copy_process+0x5f3/0x5110 [ 1891.080535][ T368] ? _raw_spin_unlock+0x5/0x20 [ 1891.085285][ T368] ? do_swap_page+0x1560/0x1560 [ 1891.090112][ T368] ? fork_idle+0x290/0x290 [ 1891.094506][ T368] _do_fork+0x196/0x920 [ 1891.098638][ T368] ? finish_fault+0x230/0x230 [ 1891.103293][ T368] ? dup_mm+0x300/0x300 [ 1891.107432][ T368] ? ktime_get_raw+0x130/0x130 [ 1891.112171][ T368] __x64_sys_clone+0x25e/0x2c0 [ 1891.116910][ T368] ? __ia32_sys_vfork+0x110/0x110 [ 1891.122042][ T368] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1891.127657][ T368] ? do_user_addr_fault+0x55c/0x9f0 [ 1891.132834][ T368] do_syscall_64+0xcb/0x150 [ 1891.137319][ T368] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1891.143184][ T368] RIP: 0033:0x45b75a [ 1891.147054][ T368] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 1891.166638][ T368] RSP: 002b:00007ffc481612a0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1891.175026][ T368] RAX: ffffffffffffffda RBX: 00007ffc481612a0 RCX: 000000000045b75a [ 1891.182975][ T368] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1891.190922][ T368] RBP: 00007ffc481612e0 R08: 0000000000000001 R09: 000000000233c940 [ 1891.198869][ T368] R10: 000000000233cc10 R11: 0000000000000246 R12: 0000000000000001 [ 1891.206814][ T368] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffc48161330 [ 1891.221774][ T368] Mem-Info: [ 1891.224919][ T368] active_anon:1413710 inactive_anon:6774 isolated_anon:0 [ 1891.224919][ T368] active_file:45 inactive_file:43 isolated_file:24 [ 1891.224919][ T368] unevictable:0 dirty:2 writeback:0 unstable:0 [ 1891.224919][ T368] slab_reclaimable:8818 slab_unreclaimable:77024 [ 1891.224919][ T368] mapped:57214 shmem:6853 pagetables:39152 bounce:0 [ 1891.224919][ T368] free:10499 free_pcp:301 free_cma:0 [ 1891.263051][ T368] Node 0 active_anon:5654840kB inactive_anon:27096kB active_file:568kB inactive_file:828kB unevictable:0kB isolated(anon):0kB isolated(file):96kB mapped:229756kB dirty:8kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1891.287720][ T368] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1891.314304][ T368] lowmem_reserve[]: 0 2912 6416 6416 [ 1891.319936][ T368] DMA32 free:19972kB min:4644kB low:7624kB high:10604kB active_anon:2816508kB inactive_anon:3540kB active_file:212kB inactive_file:488kB unevictable:0kB writepending:4kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14336kB pagetables:31156kB bounce:0kB free_pcp:1572kB local_pcp:332kB free_cma:0kB [ 1891.349788][ T368] lowmem_reserve[]: 0 0 3504 3504 [ 1891.355206][ T368] Normal free:5436kB min:5592kB low:9180kB high:12768kB active_anon:2837456kB inactive_anon:23556kB active_file:476kB inactive_file:688kB unevictable:0kB writepending:4kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32000kB pagetables:125452kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1891.384949][ T368] lowmem_reserve[]: 0 0 0 0 [ 1891.389720][ T368] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1891.403350][ T368] DMA32: 7*4kB (UEH) 16*8kB (UMEH) 31*16kB (UMEH) 54*32kB (UMEH) 27*64kB (UMEH) 16*128kB (MH) 22*256kB (M) 8*512kB (UM) 4*1024kB (M) 0*2048kB 0*4096kB = 19980kB [ 1891.419899][ T368] Normal: 191*4kB (UME) 60*8kB (UME) 28*16kB (UME) 61*32kB (UM) 23*64kB (UM) 2*128kB (M) 0*256kB 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 5884kB [ 1891.434867][ T368] 7247 total pagecache pages [ 1891.439805][ T368] 0 pages in swap cache [ 1891.444157][ T368] Swap cache stats: add 0, delete 0, find 0/0 [ 1891.450516][ T368] Free swap = 0kB [ 1891.455053][ T368] Total swap = 0kB [ 1891.459415][ T368] 1965979 pages RAM [ 1891.463213][ T368] 0 pages HighMem/MovableOnly [ 1891.467875][ T368] 318829 pages reserved [ 1891.472333][ T368] 0 pages cma reserved [ 1891.476393][ T368] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=23679,uid=0 [ 1891.490848][ T368] Out of memory: Killed process 23679 (syz-executor.4) total-vm:85876kB, anon-rss:16592kB, file-rss:34828kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 22:39:02 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1892.310891][T23694] syz-executor.0 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 1892.325765][T23694] CPU: 1 PID: 23694 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1892.335889][T23694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1892.345917][T23694] Call Trace: [ 1892.349191][T23694] dump_stack+0x14a/0x1ce [ 1892.353516][T23694] ? devkmsg_release+0x11c/0x11c [ 1892.358427][T23694] ? show_regs_print_info+0x12/0x12 [ 1892.363769][T23694] ? radix_tree_cpu_dead+0x160/0x160 [ 1892.369032][T23694] ? _raw_spin_lock+0xa1/0x170 [ 1892.373771][T23694] ? _raw_spin_trylock_bh+0x190/0x190 [ 1892.379119][T23694] dump_header+0xdb/0x700 [ 1892.383421][T23694] oom_kill_process+0xd3/0x280 [ 1892.388154][T23694] out_of_memory+0x5b6/0x890 [ 1892.392747][T23694] ? unregister_oom_notifier+0x20/0x20 [ 1892.398185][T23694] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1892.403723][T23694] ? get_page_from_freelist+0x7c0/0x7c0 [ 1892.409269][T23694] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1892.414612][T23694] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1892.420141][T23694] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1892.425832][T23694] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1892.431610][T23694] ? __lru_cache_add+0x1a1/0x1f0 [ 1892.436520][T23694] wp_page_copy+0x1cb/0x1120 [ 1892.441083][T23694] ? add_mm_rss_vec+0x270/0x270 [ 1892.445914][T23694] ? vm_normal_page+0x1c9/0x1d0 [ 1892.450733][T23694] do_wp_page+0x4c1/0x1530 [ 1892.455119][T23694] ? psi_task_change+0x92d/0xe30 [ 1892.460026][T23694] ? _raw_spin_lock+0xa1/0x170 [ 1892.464763][T23694] ? do_swap_page+0x1560/0x1560 [ 1892.469584][T23694] ? update_misfit_status+0x5e0/0x5e0 [ 1892.474936][T23694] handle_mm_fault+0xfa5/0x41e0 [ 1892.479760][T23694] ? finish_fault+0x230/0x230 [ 1892.484416][T23694] ? trace_event_raw_event_sched_switch+0x4a0/0x4a0 [ 1892.490979][T23694] ? down_read_trylock+0x17a/0x1d0 [ 1892.496071][T23694] ? vmacache_find+0x2d2/0x4b0 [ 1892.500822][T23694] do_user_addr_fault+0x48a/0x9f0 [ 1892.505829][T23694] page_fault+0x2f/0x40 [ 1892.509975][T23694] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 1892.516537][T23694] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 1892.536138][T23694] RSP: 0018:ffff88802496f888 EFLAGS: 00010206 [ 1892.542179][T23694] RAX: ffffffff81f86901 RBX: 0000000020759500 RCX: 0000000000000500 [ 1892.550125][T23694] RDX: 0000000000001000 RSI: ffff88801875ab00 RDI: 0000000020759000 [ 1892.559893][T23694] RBP: ffff88802496fda8 R08: dffffc0000000000 R09: ffffed10030eb600 [ 1892.567836][T23694] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 1892.575781][T23694] R13: 0000000000001000 R14: ffff88801875a000 R15: 0000000020758500 [ 1892.583752][T23694] ? copyout+0x51/0xb0 [ 1892.587807][T23694] copyout+0x8e/0xb0 [ 1892.591678][T23694] copy_page_to_iter+0x393/0xbd0 [ 1892.596605][T23694] pipe_to_user+0xa3/0x130 [ 1892.601253][T23694] __splice_from_pipe+0x2d3/0x870 [ 1892.606693][T23694] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 1892.612209][T23694] do_vmsplice+0x252/0xee0 [ 1892.616605][T23694] ? __rcu_read_lock+0x50/0x50 [ 1892.621437][T23694] ? avc_ss_reset+0x3a0/0x3a0 [ 1892.626088][T23694] ? filemap_map_pages+0x10ca/0x1140 [ 1892.631343][T23694] ? write_pipe_buf+0x1d0/0x1d0 [ 1892.636165][T23694] ? __rcu_read_lock+0x50/0x50 [ 1892.640899][T23694] ? check_stack_object+0x5a/0x90 [ 1892.645895][T23694] ? _copy_from_user+0xa4/0xe0 [ 1892.651411][T23694] ? rw_copy_check_uvector+0x2b3/0x310 [ 1892.656841][T23694] ? import_iovec+0x1c2/0x380 [ 1892.661489][T23694] ? dup_iter+0x110/0x110 [ 1892.666675][T23694] ? do_vfs_ioctl+0x780/0x1750 [ 1892.671586][T23694] __se_sys_vmsplice+0x1fb/0x300 [ 1892.676637][T23694] ? __x64_sys_vmsplice+0xa0/0xa0 [ 1892.681632][T23694] ? put_timespec64+0x109/0x150 [ 1892.686463][T23694] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1892.692076][T23694] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 1892.697767][T23694] do_syscall_64+0xcb/0x150 [ 1892.702244][T23694] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1892.710539][T23694] RIP: 0033:0x45d189 [ 1892.714405][T23694] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1892.734156][T23694] RSP: 002b:00007f76464c3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 1892.742556][T23694] RAX: ffffffffffffffda RBX: 0000000000035800 RCX: 000000000045d189 [ 1892.750499][T23694] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003 [ 1892.758442][T23694] RBP: 000000000118d028 R08: 0000000000000000 R09: 0000000000000000 [ 1892.766390][T23694] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cfec [ 1892.774333][T23694] R13: 00007ffd47501b1f R14: 00007f76464c49c0 R15: 000000000118cfec [ 1892.783071][T23694] Mem-Info: [ 1892.786304][T23694] active_anon:1414618 inactive_anon:6774 isolated_anon:0 [ 1892.786304][T23694] active_file:17 inactive_file:53 isolated_file:0 [ 1892.786304][T23694] unevictable:0 dirty:2 writeback:0 unstable:0 [ 1892.786304][T23694] slab_reclaimable:8819 slab_unreclaimable:77033 [ 1892.786304][T23694] mapped:57157 shmem:6853 pagetables:39156 bounce:0 [ 1892.786304][T23694] free:10008 free_pcp:33 free_cma:0 [ 1892.840617][T23694] Node 0 active_anon:5645072kB inactive_anon:27096kB active_file:100kB inactive_file:752kB unevictable:0kB isolated(anon):0kB isolated(file):40kB mapped:228704kB dirty:8kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1892.865764][T23694] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1892.891943][T23694] lowmem_reserve[]: 0 2912 6416 6416 [ 1892.897621][T23694] DMA32 free:26496kB min:4644kB low:7624kB high:10604kB active_anon:2810100kB inactive_anon:3540kB active_file:0kB inactive_file:20kB unevictable:0kB writepending:4kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14432kB pagetables:31280kB bounce:0kB free_pcp:1964kB local_pcp:456kB free_cma:0kB [ 1892.927230][T23694] lowmem_reserve[]: 0 0 3504 3504 [ 1892.932835][T23694] Normal free:9380kB min:5592kB low:9180kB high:12768kB active_anon:2832244kB inactive_anon:23556kB active_file:0kB inactive_file:424kB unevictable:0kB writepending:4kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32032kB pagetables:125344kB bounce:0kB free_pcp:1760kB local_pcp:448kB free_cma:0kB [ 1893.019387][T23694] lowmem_reserve[]: 0 0 0 0 [ 1893.024833][T23694] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1893.038186][T23694] DMA32: 181*4kB (MEH) 171*8kB (UMEH) 142*16kB (UME) 87*32kB (UMEH) 55*64kB (MEH) 20*128kB (MH) 22*256kB (M) 7*512kB (M) 4*1024kB (M) 0*2048kB 0*4096kB = 26540kB [ 1893.054761][T23694] Normal: 124*4kB (ME) 168*8kB (UME) 130*16kB (UME) 102*32kB (UMH) 20*64kB (UM) 3*128kB (UM) 0*256kB 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 9360kB [ 1893.070446][T23694] 7341 total pagecache pages [ 1893.075149][T23694] 0 pages in swap cache [ 1893.079477][T23694] Swap cache stats: add 0, delete 0, find 0/0 [ 1893.085976][T23694] Free swap = 0kB [ 1893.090053][T23694] Total swap = 0kB [ 1893.094032][T23694] 1965979 pages RAM [ 1893.097875][T23694] 0 pages HighMem/MovableOnly [ 1893.102699][T23694] 318829 pages reserved [ 1893.106917][T23694] 0 pages cma reserved [ 1893.111518][T23694] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=23682,uid=0 22:39:03 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$LOOP_SET_FD(0xffffffffffffffff, 0x4c00, r3) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:04 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x4, 0x80000000}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000340)={&(0x7f00000002c0)={0x7c, 0xd, 0x6, 0x300, 0x0, 0x0, {0xca2633f48e774a1e, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_TYPENAME={0x13, 0x3, 'hash:net,iface\x00'}, @IPSET_ATTR_TYPENAME={0xe, 0x3, 'bitmap:ip\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:04 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x7000000, 0x0) [ 1894.098435][ T23] oom_reaper: reaped process 23683 (syz-executor.0), now anon-rss:0kB, file-rss:33964kB, shmem-rss:0kB 22:39:04 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1894.507646][T23712] syz-executor.4 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 1894.553325][T23712] CPU: 0 PID: 23712 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1894.563491][T23712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1894.573553][T23712] Call Trace: [ 1894.576862][T23712] dump_stack+0x14a/0x1ce [ 1894.581200][T23712] ? devkmsg_release+0x11c/0x11c [ 1894.586137][T23712] ? show_regs_print_info+0x12/0x12 [ 1894.591331][T23712] ? radix_tree_cpu_dead+0x160/0x160 [ 1894.596611][T23712] ? _raw_spin_lock+0xa1/0x170 [ 1894.601374][T23712] ? _raw_spin_trylock_bh+0x190/0x190 [ 1894.606741][T23712] dump_header+0xdb/0x700 [ 1894.611068][T23712] oom_kill_process+0xd3/0x280 [ 1894.615827][T23712] out_of_memory+0x5b6/0x890 [ 1894.620423][T23712] ? unregister_oom_notifier+0x20/0x20 [ 1894.625880][T23712] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1894.631412][T23712] ? get_page_from_freelist+0x7c0/0x7c0 [ 1894.636936][T23712] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1894.642282][T23712] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1894.648059][T23712] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1894.653750][T23712] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 1894.659786][T23712] ? __perf_event_task_sched_in+0x4f7/0x560 [ 1894.665668][T23712] wp_page_copy+0x1cb/0x1120 [ 1894.670228][T23712] ? perf_pmu_sched_task+0x370/0x370 [ 1894.675485][T23712] ? switch_mm_irqs_off+0x4d7/0x9a0 [ 1894.680656][T23712] ? add_mm_rss_vec+0x270/0x270 [ 1894.685502][T23712] ? _raw_spin_unlock_irq+0x5/0x20 [ 1894.690600][T23712] ? finish_task_switch+0x235/0x4c0 [ 1894.695769][T23712] ? vm_normal_page+0x1c9/0x1d0 [ 1894.700592][T23712] do_wp_page+0x4c1/0x1530 [ 1894.704981][T23712] ? _raw_spin_lock+0xa1/0x170 [ 1894.709715][T23712] ? do_swap_page+0x1560/0x1560 [ 1894.714536][T23712] ? ttwu_do_wakeup+0x154/0x5b0 [ 1894.719361][T23712] handle_mm_fault+0xfa5/0x41e0 [ 1894.724200][T23712] ? finish_fault+0x230/0x230 [ 1894.729310][T23712] ? down_read_trylock+0x17a/0x1d0 [ 1894.734481][T23712] ? vmacache_find+0x3a2/0x4b0 [ 1894.739218][T23712] do_user_addr_fault+0x48a/0x9f0 [ 1894.744306][T23712] page_fault+0x2f/0x40 [ 1894.748454][T23712] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 1894.755278][T23712] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 1894.774864][T23712] RSP: 0018:ffff88800e8bf888 EFLAGS: 00010206 [ 1894.781352][T23712] RAX: ffffffff81f86901 RBX: 0000000020475500 RCX: 0000000000000500 [ 1894.789299][T23712] RDX: 0000000000001000 RSI: ffff8881d536db00 RDI: 0000000020475000 [ 1894.797334][T23712] RBP: ffff88800e8bfda8 R08: dffffc0000000000 R09: ffffed103aa6dc00 [ 1894.805278][T23712] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 1894.813225][T23712] R13: 0000000000001000 R14: ffff8881d536d000 R15: 0000000020474500 [ 1894.821182][T23712] ? copyout+0x51/0xb0 [ 1894.825758][T23712] copyout+0x8e/0xb0 [ 1894.829624][T23712] copy_page_to_iter+0x393/0xbd0 [ 1894.834535][T23712] pipe_to_user+0xa3/0x130 [ 1894.838925][T23712] __splice_from_pipe+0x2d3/0x870 [ 1894.843922][T23712] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 1894.849439][T23712] do_vmsplice+0x252/0xee0 [ 1894.853827][T23712] ? avc_ss_reset+0x3a0/0x3a0 [ 1894.858914][T23712] ? write_pipe_buf+0x1d0/0x1d0 [ 1894.863736][T23712] ? __rcu_read_lock+0x50/0x50 [ 1894.868488][T23712] ? check_stack_object+0x5a/0x90 [ 1894.873498][T23712] ? _copy_from_user+0xa4/0xe0 [ 1894.878233][T23712] ? rw_copy_check_uvector+0x2b3/0x310 [ 1894.883673][T23712] ? import_iovec+0x1c2/0x380 [ 1894.888323][T23712] ? dup_iter+0x110/0x110 [ 1894.892648][T23712] ? do_vfs_ioctl+0x780/0x1750 [ 1894.897470][T23712] __se_sys_vmsplice+0x1fb/0x300 [ 1894.902383][T23712] ? __x64_sys_vmsplice+0xa0/0xa0 [ 1894.907382][T23712] ? put_timespec64+0x109/0x150 [ 1894.912207][T23712] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1894.917826][T23712] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 1894.923516][T23712] do_syscall_64+0xcb/0x150 [ 1894.927993][T23712] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1894.933856][T23712] RIP: 0033:0x45d189 [ 1894.937725][T23712] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1894.959233][T23712] RSP: 002b:00007fe26cb9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 1894.967617][T23712] RAX: ffffffffffffffda RBX: 0000000000035800 RCX: 000000000045d189 [ 1894.975561][T23712] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004 [ 1894.983507][T23712] RBP: 000000000118d0c8 R08: 0000000000000000 R09: 0000000000000000 [ 1894.991451][T23712] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118d08c [ 1894.999396][T23712] R13: 00007ffc8d239f3f R14: 00007fe26cb9e9c0 R15: 000000000118d08c [ 1895.052216][T23712] Mem-Info: [ 1895.055688][T23712] active_anon:1413076 inactive_anon:6774 isolated_anon:0 [ 1895.055688][T23712] active_file:486 inactive_file:529 isolated_file:8 [ 1895.055688][T23712] unevictable:0 dirty:46 writeback:0 unstable:0 [ 1895.055688][T23712] slab_reclaimable:8821 slab_unreclaimable:77154 [ 1895.055688][T23712] mapped:58149 shmem:6853 pagetables:39125 bounce:0 [ 1895.055688][T23712] free:10302 free_pcp:0 free_cma:0 [ 1895.107704][T23712] Node 0 active_anon:5652304kB inactive_anon:27096kB active_file:1944kB inactive_file:2012kB unevictable:0kB isolated(anon):0kB isolated(file):32kB mapped:232396kB dirty:184kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1895.167349][T23712] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1895.207715][T23712] lowmem_reserve[]: 0 2912 6416 6416 [ 1895.227153][T23712] DMA32 free:20772kB min:8740kB low:11720kB high:14700kB active_anon:2814932kB inactive_anon:3540kB active_file:1224kB inactive_file:476kB unevictable:0kB writepending:84kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14496kB pagetables:31044kB bounce:0kB free_pcp:104kB local_pcp:80kB free_cma:0kB [ 1895.302284][T23712] lowmem_reserve[]: 0 0 3504 3504 [ 1895.320121][T23712] Normal free:6044kB min:13784kB low:17372kB high:20960kB active_anon:2836596kB inactive_anon:23556kB active_file:504kB inactive_file:664kB unevictable:0kB writepending:100kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32064kB pagetables:125456kB bounce:0kB free_pcp:88kB local_pcp:64kB free_cma:0kB [ 1895.368985][T23712] lowmem_reserve[]: 0 0 0 0 [ 1895.373914][T23712] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1895.387695][T23712] DMA32: 232*4kB (UMEH) 68*8kB (UMEH) 38*16kB (UMEH) 51*32kB (UME) 51*64kB (MEH) 24*128kB (UMH) 21*256kB (UM) 7*512kB (M) 3*1024kB (UM) 0*2048kB 0*4096kB = 22080kB [ 1895.404920][T23712] Normal: 349*4kB (UME) 103*8kB (UME) 58*16kB (UME) 37*32kB (UM) 23*64kB (UM) 2*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 6572kB [ 1895.420322][T23712] 7180 total pagecache pages [ 1895.425393][T23712] 0 pages in swap cache [ 1895.429975][T23712] Swap cache stats: add 0, delete 0, find 0/0 [ 1895.436462][T23712] Free swap = 0kB [ 1895.440568][T23712] Total swap = 0kB [ 1895.444678][T23712] 1965979 pages RAM [ 1895.448906][T23712] 0 pages HighMem/MovableOnly [ 1895.453988][T23712] 318829 pages reserved [ 1895.458543][T23712] 0 pages cma reserved [ 1895.467610][T23712] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=23705,uid=0 [ 1895.483857][T23712] Out of memory: Killed process 23705 (syz-executor.2) total-vm:85744kB, anon-rss:13368kB, file-rss:34944kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 1895.505702][ T23] oom_reaper: reaped process 23705 (syz-executor.2), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB 22:39:06 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x8000000, 0x0) 22:39:06 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20) ioctl$F2FS_IOC_GET_PIN_FILE(0xffffffffffffffff, 0x8004f50e, &(0x7f00000002c0)) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1896.577018][T23708] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1896.599749][T23708] CPU: 1 PID: 23708 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1896.609903][T23708] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1896.619936][T23708] Call Trace: [ 1896.623213][T23708] dump_stack+0x14a/0x1ce [ 1896.627509][T23708] ? devkmsg_release+0x11c/0x11c [ 1896.632418][T23708] ? show_regs_print_info+0x12/0x12 [ 1896.637584][T23708] ? radix_tree_cpu_dead+0x160/0x160 [ 1896.642837][T23708] ? _raw_spin_lock+0xa1/0x170 [ 1896.647567][T23708] ? _raw_spin_trylock_bh+0x190/0x190 [ 1896.652910][T23708] dump_header+0xdb/0x700 [ 1896.657210][T23708] oom_kill_process+0xd3/0x280 [ 1896.661944][T23708] out_of_memory+0x5b6/0x890 [ 1896.666504][T23708] ? unregister_oom_notifier+0x20/0x20 [ 1896.671934][T23708] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1896.677453][T23708] ? get_page_from_freelist+0x7c0/0x7c0 [ 1896.682968][T23708] ? __zone_watermark_ok+0x91/0x280 [ 1896.688134][T23708] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1896.693479][T23708] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1896.698994][T23708] ? copy_process+0x5a4/0x5110 [ 1896.703727][T23708] ? kmem_cache_alloc+0x1d5/0x260 [ 1896.708719][T23708] copy_process+0x5f3/0x5110 [ 1896.713281][T23708] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1896.718970][T23708] ? _raw_spin_lock+0xa1/0x170 [ 1896.723706][T23708] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1896.729566][T23708] ? __lru_cache_add+0x1a1/0x1f0 [ 1896.734474][T23708] ? fork_idle+0x290/0x290 [ 1896.738860][T23708] ? cpus_share_cache+0xd0/0xd0 [ 1896.743679][T23708] _do_fork+0x196/0x920 [ 1896.747821][T23708] ? finish_fault+0x230/0x230 [ 1896.752478][T23708] ? up_write+0x180/0x190 [ 1896.756775][T23708] ? dup_mm+0x300/0x300 [ 1896.760900][T23708] __x64_sys_clone+0x25e/0x2c0 [ 1896.765635][T23708] ? __ia32_sys_vfork+0x110/0x110 [ 1896.770644][T23708] ? do_user_addr_fault+0x55c/0x9f0 [ 1896.775826][T23708] do_syscall_64+0xcb/0x150 [ 1896.780301][T23708] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1896.786167][T23708] RIP: 0033:0x45fb59 [ 1896.790036][T23708] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1896.809609][T23708] RSP: 002b:00007ffc8d239e88 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1896.818002][T23708] RAX: ffffffffffffffda RBX: 00007fe26cb5c700 RCX: 000000000045fb59 [ 1896.825944][T23708] RDX: 00007fe26cb5c9d0 RSI: 00007fe26cb5bdb0 RDI: 00000000003d0f00 [ 1896.833898][T23708] RBP: 00007ffc8d23a0b0 R08: 00007fe26cb5c700 R09: 00007fe26cb5c700 [ 1896.841937][T23708] R10: 00007fe26cb5c9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1896.849877][T23708] R13: 00007ffc8d239f3f R14: 00007fe26cb5c9c0 R15: 000000000118d1cc [ 1896.858921][T23708] Mem-Info: [ 1896.868361][T23708] active_anon:1412806 inactive_anon:6774 isolated_anon:0 [ 1896.868361][T23708] active_file:365 inactive_file:812 isolated_file:101 [ 1896.868361][T23708] unevictable:0 dirty:19 writeback:18 unstable:0 [ 1896.868361][T23708] slab_reclaimable:8828 slab_unreclaimable:77010 [ 1896.868361][T23708] mapped:58090 shmem:6853 pagetables:39102 bounce:0 [ 1896.868361][T23708] free:10488 free_pcp:62 free_cma:0 [ 1896.959338][T23708] Node 0 active_anon:5651240kB inactive_anon:27096kB active_file:596kB inactive_file:660kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:229608kB dirty:76kB writeback:72kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1896.986219][T23708] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1897.030571][T23708] lowmem_reserve[]: 0 2912 6416 6416 [ 1897.036022][T23708] DMA32 free:20424kB min:4644kB low:7624kB high:10604kB active_anon:2818516kB inactive_anon:3540kB active_file:200kB inactive_file:172kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14432kB pagetables:30872kB bounce:0kB free_pcp:124kB local_pcp:0kB free_cma:0kB [ 1897.066370][T23708] lowmem_reserve[]: 0 0 3504 3504 [ 1897.071572][T23708] Normal free:9976kB min:9688kB low:13276kB high:16864kB active_anon:2832768kB inactive_anon:23556kB active_file:344kB inactive_file:828kB unevictable:0kB writepending:4kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32064kB pagetables:125552kB bounce:0kB free_pcp:308kB local_pcp:0kB free_cma:0kB [ 1897.106378][T23708] lowmem_reserve[]: 0 0 0 0 [ 1897.115282][T23708] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1897.138615][T23708] DMA32: 75*4kB (UMEH) 34*8kB (UEH) 32*16kB (UMEH) 21*32kB (UMEH) 32*64kB (UMEH) 25*128kB (UMH) 20*256kB (M) 7*512kB (M) 3*1024kB (UM) 0*2048kB 0*4096kB = 18780kB [ 1897.157047][T23708] Normal: 33*4kB (ME) 23*8kB (E) 8*16kB (UE) 71*32kB (UM) 21*64kB (UM) 2*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 4828kB [ 1897.173412][T23708] 7060 total pagecache pages [ 1897.178340][T23708] 0 pages in swap cache [ 1897.182779][T23708] Swap cache stats: add 0, delete 0, find 0/0 [ 1897.189152][T23708] Free swap = 0kB [ 1897.193168][T23708] Total swap = 0kB [ 1897.197184][T23708] 1965979 pages RAM [ 1897.201329][T23708] 0 pages HighMem/MovableOnly [ 1897.206323][T23708] 318829 pages reserved [ 1897.210826][T23708] 0 pages cma reserved [ 1897.215197][T23708] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=23720,uid=0 [ 1897.280010][T23733] syz-executor.2 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1897.299725][T23733] CPU: 0 PID: 23733 Comm: syz-executor.2 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1897.309960][T23733] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1897.319995][T23733] Call Trace: [ 1897.323281][T23733] dump_stack+0x14a/0x1ce [ 1897.327586][T23733] ? devkmsg_release+0x11c/0x11c [ 1897.332496][T23733] ? show_regs_print_info+0x12/0x12 [ 1897.337661][T23733] ? radix_tree_cpu_dead+0x160/0x160 [ 1897.342914][T23733] ? _raw_spin_lock+0xa1/0x170 [ 1897.347647][T23733] ? _raw_spin_trylock_bh+0x190/0x190 [ 1897.352989][T23733] dump_header+0xdb/0x700 [ 1897.357289][T23733] oom_kill_process+0xd3/0x280 [ 1897.362033][T23733] out_of_memory+0x5b6/0x890 [ 1897.366591][T23733] ? unregister_oom_notifier+0x20/0x20 [ 1897.372021][T23733] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1897.377540][T23733] ? get_page_from_freelist+0x7c0/0x7c0 [ 1897.383052][T23733] ? __zone_watermark_ok+0x91/0x280 [ 1897.388219][T23733] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1897.393576][T23733] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1897.399096][T23733] ? filemap_fault+0x1a30/0x1a30 [ 1897.404004][T23733] alloc_slab_page+0x3a/0x3a0 [ 1897.408650][T23733] new_slab+0x408/0x450 [ 1897.412775][T23733] ? should_fail+0x18e/0x860 [ 1897.417334][T23733] ? getname_flags+0xb8/0x610 [ 1897.421980][T23733] ___slab_alloc+0x2e0/0x450 [ 1897.426541][T23733] ? getname_flags+0xb8/0x610 [ 1897.431185][T23733] ? getname_flags+0xb8/0x610 [ 1897.435828][T23733] kmem_cache_alloc+0x23f/0x260 [ 1897.440649][T23733] getname_flags+0xb8/0x610 [ 1897.445120][T23733] user_path_at_empty+0x28/0x50 [ 1897.450116][T23733] ksys_chdir+0xa4/0x260 [ 1897.454338][T23733] ? __fpregs_load_activate+0x2d3/0x390 [ 1897.459851][T23733] ? __ia32_sys_access+0x60/0x60 [ 1897.464759][T23733] ? switch_fpu_return+0x10/0x10 [ 1897.469665][T23733] ? do_user_addr_fault+0x521/0x9f0 [ 1897.474833][T23733] __x64_sys_chdir+0x34/0x40 [ 1897.479394][T23733] do_syscall_64+0xcb/0x150 [ 1897.483873][T23733] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1897.489738][T23733] RIP: 0033:0x45c777 [ 1897.493716][T23733] Code: Bad RIP value. [ 1897.498197][T23733] RSP: 002b:00007ffffd03cf68 EFLAGS: 00000246 ORIG_RAX: 0000000000000050 [ 1897.506675][T23733] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045c777 [ 1897.514639][T23733] RDX: 0000000000000001 RSI: 0000000000747e70 RDI: 00007ffffd03cfb0 [ 1897.522605][T23733] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000001e74940 [ 1897.530552][T23733] R10: 0000000001e74c10 R11: 0000000000000246 R12: 0000000000000001 [ 1897.538500][T23733] R13: 00007ffffd03cfa0 R14: 0000000000000000 R15: 00007ffffd03cfb0 [ 1897.549885][T23733] Mem-Info: [ 1897.553027][T23733] active_anon:1414595 inactive_anon:6774 isolated_anon:0 [ 1897.553027][T23733] active_file:21 inactive_file:15 isolated_file:0 [ 1897.553027][T23733] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1897.553027][T23733] slab_reclaimable:8832 slab_unreclaimable:77022 [ 1897.553027][T23733] mapped:57163 shmem:6853 pagetables:39133 bounce:0 [ 1897.553027][T23733] free:10144 free_pcp:2 free_cma:0 [ 1897.598115][T23733] Node 0 active_anon:5658380kB inactive_anon:27096kB active_file:84kB inactive_file:60kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:228652kB dirty:0kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1897.628216][T23733] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1897.657415][T23733] lowmem_reserve[]: 0 2912 6416 6416 [ 1897.666002][T23733] DMA32 free:18656kB min:4644kB low:7624kB high:10604kB active_anon:2820576kB inactive_anon:3540kB active_file:52kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14272kB pagetables:30876kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1897.696436][T23733] lowmem_reserve[]: 0 0 3504 3504 [ 1897.712136][T23733] Normal free:5220kB min:5592kB low:9180kB high:12768kB active_anon:2837804kB inactive_anon:23556kB active_file:40kB inactive_file:268kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32096kB pagetables:125656kB bounce:0kB free_pcp:960kB local_pcp:520kB free_cma:0kB [ 1897.741890][T23733] lowmem_reserve[]: 0 0 0 0 [ 1897.746445][T23733] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1897.760025][T23733] DMA32: 46*4kB (UMEH) 35*8kB (UMEH) 33*16kB (UMEH) 26*32kB (UMEH) 29*64kB (UMEH) 25*128kB (UMH) 20*256kB (M) 7*512kB (M) 3*1024kB (UM) 0*2048kB 0*4096kB = 18656kB [ 1897.776618][T23733] Normal: 116*4kB (UME) 82*8kB (UME) 12*16kB (UME) 78*32kB (UM) 22*64kB (UM) 2*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 5984kB [ 1897.791549][T23733] 6894 total pagecache pages [ 1897.796249][T23733] 0 pages in swap cache [ 1897.800474][T23733] Swap cache stats: add 0, delete 0, find 0/0 [ 1897.806526][T23733] Free swap = 0kB [ 1897.810686][T23733] Total swap = 0kB [ 1897.814397][T23733] 1965979 pages RAM [ 1897.818232][T23733] 0 pages HighMem/MovableOnly [ 1897.822886][T23733] 318829 pages reserved [ 1897.827150][T23733] 0 pages cma reserved [ 1897.831688][T23733] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=23713,uid=0 [ 1897.845770][T23733] Out of memory: Killed process 23713 (syz-executor.0) total-vm:85348kB, anon-rss:12100kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 22:39:08 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x1058) ioctl$sock_SIOCSIFVLAN_GET_VLAN_EGRESS_PRIORITY_CMD(0xffffffffffffffff, 0x8983, &(0x7f0000000280)) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:08 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:08 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:08 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x9000000, 0x0) 22:39:08 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xa000000, 0x0) 22:39:08 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1898.773474][ T137] systemd-journal invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1898.788510][ T137] CPU: 0 PID: 137 Comm: systemd-journal Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1898.798585][ T137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1898.808630][ T137] Call Trace: [ 1898.811926][ T137] dump_stack+0x14a/0x1ce [ 1898.816255][ T137] ? devkmsg_release+0x11c/0x11c [ 1898.821196][ T137] ? show_regs_print_info+0x12/0x12 [ 1898.826391][ T137] ? radix_tree_cpu_dead+0x160/0x160 [ 1898.831677][ T137] ? _raw_spin_lock+0xa1/0x170 [ 1898.836440][ T137] ? _raw_spin_trylock_bh+0x190/0x190 [ 1898.841810][ T137] dump_header+0xdb/0x700 [ 1898.846139][ T137] oom_kill_process+0xd3/0x280 [ 1898.850899][ T137] out_of_memory+0x5b6/0x890 [ 1898.855490][ T137] ? unregister_oom_notifier+0x20/0x20 [ 1898.860954][ T137] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1898.866493][ T137] ? 0xffffffffa00a0000 [ 1898.870665][ T137] ? get_page_from_freelist+0x7c0/0x7c0 [ 1898.876209][ T137] ? __zone_watermark_ok+0x91/0x280 [ 1898.881417][ T137] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1898.886870][ T137] ? __kasan_kmalloc+0x12c/0x1c0 [ 1898.891814][ T137] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1898.897361][ T137] alloc_slab_page+0x3a/0x3a0 [ 1898.902041][ T137] new_slab+0x408/0x450 [ 1898.906195][ T137] ? should_fail+0x18e/0x860 [ 1898.910779][ T137] ___slab_alloc+0x2e0/0x450 [ 1898.915365][ T137] ? getname_flags+0xb8/0x610 [ 1898.920042][ T137] ? getname_flags+0xb8/0x610 [ 1898.924716][ T137] kmem_cache_alloc+0x23f/0x260 [ 1898.929563][ T137] getname_flags+0xb8/0x610 [ 1898.934059][ T137] ? security_prepare_creds+0x197/0x220 [ 1898.939598][ T137] user_path_at_empty+0x28/0x50 [ 1898.944445][ T137] do_faccessat+0x306/0x800 [ 1898.948947][ T137] ? __ia32_sys_fallocate+0x100/0x100 [ 1898.955702][ T137] do_syscall_64+0xcb/0x150 [ 1898.961174][ T137] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1898.967062][ T137] RIP: 0033:0x7f04faf719c7 [ 1898.971516][ T137] Code: Bad RIP value. [ 1898.975580][ T137] RSP: 002b:00007fffa7943108 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 [ 1898.983985][ T137] RAX: ffffffffffffffda RBX: 00007fffa7946020 RCX: 00007f04faf719c7 [ 1898.991951][ T137] RDX: 00007f04fb9e2a00 RSI: 0000000000000000 RDI: 000055e387f129a3 [ 1898.999927][ T137] RBP: 00007fffa7943140 R08: 0000000000000000 R09: 0000000000000000 [ 1899.007897][ T137] R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 [ 1899.015979][ T137] R13: 0000000000000000 R14: 00007fffa7946020 R15: 00007fffa7943630 [ 1899.024977][ T137] Mem-Info: [ 1899.028534][ T137] active_anon:1412783 inactive_anon:6774 isolated_anon:0 [ 1899.028534][ T137] active_file:87 inactive_file:79 isolated_file:35 [ 1899.028534][ T137] unevictable:0 dirty:7 writeback:0 unstable:0 [ 1899.028534][ T137] slab_reclaimable:8835 slab_unreclaimable:77296 [ 1899.028534][ T137] mapped:57359 shmem:6853 pagetables:39186 bounce:0 [ 1899.028534][ T137] free:11040 free_pcp:208 free_cma:0 [ 1899.067165][ T137] Node 0 active_anon:5634632kB inactive_anon:27096kB active_file:348kB inactive_file:1916kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:230236kB dirty:28kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1899.096905][ T137] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1899.124108][ T137] lowmem_reserve[]: 0 2912 6416 6416 22:39:09 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000002c0)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x3}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:09 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = syz_open_dev$usbmon(&(0x7f0000000280)='/dev/usbmon#\x00', 0x0, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$MON_IOCH_MFLUSH(r4, 0x4018920a, 0x74a000) r7 = dup(r3) timerfd_gettime(r7, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20) r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)={0x5, 0x6, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r8, 0x0, 0x0}, 0x20) r9 = io_uring_setup(0x5333, &(0x7f0000003fc0)={0x0, 0x4ad4, 0x4, 0x2, 0x15a, 0x0, r7}) sendmmsg$unix(r2, &(0x7f0000004100)=[{&(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000080)="54ce4f62f4b2", 0x6}, {&(0x7f00000001c0)="615b1d027ef70f23b0578b19f778528600fa42b946d6814e40f61c81b3b345141b4fcc3a4b88c64a873f9108560b7f4942b1b536e7", 0x35}, {&(0x7f00000002c0)="6445c6c40e2873a5c1ed6392ef0373da4857bf4b6ca11fa8dafef934b5e7d2bc620c7de77f6bc91d58d16103b1d5e24e302db0afa01acb27c5d00e120faeb7ea3b1b6b5f7bea9bd41754824cd84dce982adafecfac4dec0b9cb95887e9d80e01d72179236946fc21055f962de1b3b64313af51a7a2d2226d2661c53fe2c814c962691fd048fc8a8bdf56d207cb9e69044430dc7fc3cd63f3a2fc3a70efd07e7259960338f899518ef688a9362d5207fa3166e3b3", 0xb4}, {&(0x7f0000000380)="c307b5af71ae3337cd6d47a70569eb30c10ca46b8598e11fc5628e93c28036ac80e0cd8ac1f3a0c722b721013e7adb51606e8b3a59b3c4b3196112dd25b2aca21e38e70a159ab7146dce49387d398d1b05a025e7a7d89fa817c224f344606092ef3d74fa18c8cad909e58326c0d8ae6599acb71369528258124dd8b43f92e67afbf2e6f6a34b96f3b0e76b1c3488fef312d5d73fc7105832c80ce691831396082933896ed51cebe64ef2e2cc75124ce760ce6f437e48a2bb1bc4486bfed19e8b1ff8b5642138854767ca", 0xca}, {&(0x7f0000000480)="4fc979ed8b32a6ff1a1d251313bff60317440428db297b4d6dbc72422dff671b69a89b179a91a727d973ff5dd13d05ef2285b303800caca0882649caa8649b99e1095134525ee1f00fcd32b11a14675d39d353ede79206d4ec3a7734d0bd3f4bcda50887c205e8f89916998c733854822e7efb0a80c4c14d6be814b235a14a687037a5b2ecffb2d409bbc1829526b0c23d57ce815bae5f5a27dff376662518a6dc0496f44b5a76780fd8ee8a60709c1e382b346694ef705a3fd4d198086a5967f2d8fb964bbf21422b11e17bf0787473400847", 0xd3}], 0x5, &(0x7f00000007c0)=[@rights={{0x10}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [r6, 0xffffffffffffffff, 0xffffffffffffffff, r3, r6, r7, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [r7, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe8, 0x20004000}, {&(0x7f00000008c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000940)="8cebe4e34b6e3d08206e4c3f45fdae4965b0c3e374f400406fca1b64191bf188530346655ee36e489c7c97c80bf061dccacbe495377c34723f36f1464bf07f9e091c2ab727f1caa2ab11644623761867d3e1cdb0e38bee47c5270895b365ad972e389d75e4136e0621306d7929eb11216e4aa7467c1b410608eb435a4c315d3edc14fd3acf", 0x85}, {&(0x7f0000000a00)="cd1fff751f0d2367e0fe6c9a85b627deff3fa5116ca30591", 0x18}, {&(0x7f0000000a40)="524a9aadf6c5b85136d12681bec3258367654315e0c7493d06d0469f01f3a2e1711b75ebaee8711b6fa00f43c2", 0x2d}], 0x3, &(0x7f0000001cc0)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [r3, r0, 0xffffffffffffffff, r5]}}, @rights={{0x1c, 0x1, 0x1, [r2, r4, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0x100}, {&(0x7f0000001e00)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002440)=[{&(0x7f0000001e80)="b2fca5e5", 0x4}, {&(0x7f0000001ec0)="a5b3d51859fb71c06f5acd45ec8544d68463f81bfaa5c85b2e95c14d5eaac780161bcd332f040c723c680b182abafd652eabca36c2909b33fc756fb8d3e80b6760f360b2a32dc57a93a8df6c720b9e6f43192bcc9baca1", 0x57}, {&(0x7f0000001f40)="e5b41c", 0x3}, {&(0x7f0000001f80)="67a225055371698d35820deb4f28c01740dac084fbfbe5cbe3c28995b3e916fdf93c1e285e3a0c3906bb84863d4a288bf04656b257dc1fdbba70d84ebd7eb47d6a4531b628ce9a31728adbc4fdf7d616958d643aba5774ef81bbdfd5fcbb654e9885096010c6c5ff9100f73b049678c5b5afabe88bdc4bdec652ca8b40656393da47d5963df0840d4773cf63b5a2ddb706e9de1ddfe3c5cf9a335c72ecd9437a418266943ad175a75b3e359a42763e558b92ce26630655c0af200201da4eab049c309bb919e89add61406791a68de72eaa34759215406e227a75779737083c8b89ec48c26d17abd3f2539172bcf7125add4ba0f06bbaa769", 0xf8}, {&(0x7f0000002080)="bcf664d874263dfba6e394de7eb6bd74a422032ceed66dfe7d8990cfa675e788407df23436db6dd85935adcc35188cddd52ecb43a8419f1a9089b01b04668ec98d9779e0838df5cff21d197ce26a4ce6e275edb9d2d02d7f7d1ef3f9980102db57a294dec50eb711622b9748f11f032f20e459f8936fdf39bd09537e97da915273fd478c1ebe5a25c4143d9a76d4d33476b34c9a76611324d8bf4ee1918896d218b4710fa59e5ba3f392fede63121429158c2ed65ceb5c08700b97f651cbd9d1da389a5a3e346760203301a152a9a61a109ead251bba792dd24bc07999a8", 0xde}, {&(0x7f0000002180)="c9bf599c50506578bb5bbc2e3c769f7151adc92b0c579146d6b200af86eff876dd1d4fb80db363faebdd7b17c4b3d4cb413a3a5cd71e58f64bacef0d14780bd34fea834309a4a02d8296020b0f80ffb3fa7a5763e2a5a49be9d1e0c8aa8745b1be3a33a39ba252bebe4f2bafac45fa3c9935e9249cb9c26a9ebeeb", 0x7b}, {&(0x7f0000002200)="00038a2ce62174f533d2ee88812e1a0fed2b7f62ab1fa0cf3b0c5d11632bb4a898e20afa56f1cf8e0897f7158c84525e178fbe26d27d64140c7ca1341854e7ad22f2f468ca04bc92c94da65a7f531c", 0x4f}, {&(0x7f0000002280)="0f8b87a53303955e4b06ed601ef1ea25d0f17c6fe1f4bd1936d0968852c315d570b05f0feddf4febfd7fe067a573315b760140ff63900f6ac2cfcec00c778bf01da77660852e6e445c812a576198e88c4b95280bad72ebcc184c5a5bedbc8a3bed1c73db4adcdac600409e2b37c7b5ae19ed3ed78c73d872dee689514e7b0ab26136182e777f37b66ef0b97d80861837bb3606e04f2a6811b394a4d21c3bfa01a9d09411ef3c92be7965b9103d8b02f1a171a90f619860a6ff7d3da1fe5bf32207b61abd8e7373bd63bd2ef616a34f", 0xcf}, {&(0x7f0000002380)="99878c792871ba2a467cb7927dc7ae4da29790ea1f91481319f3121cebaf099ea9607333062a961d1682a0ce8f97e0ae3a9a323b0fe8409ff28056f7bafd63ed51965c4465c1f693f80d634e12ce7ec884ec4e1ab2c66cb5677019a437131cfdce1d6a13a3642897f6b43bdae9e5a81078a1128868cfb8a3615656de8f40612c4c15bb282201423ae43c6b8aad74ba22f11368b6e2f7630f9e2635be96c2d6475aa742aafc0ec8a29347d152d8535b3e09f950ba", 0xb4}], 0x9, &(0x7f0000003800)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x78, 0x4000000}, {&(0x7f0000003880)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000003a40)=[{&(0x7f0000003900)="e867daa823a8534fc196d373b05c669064ce378ce26b53a2feef3e930d4455ee40d4fc083867185c845ffc8503c735cde29c8a9da4f0361164ea0479a14e2f2dd85b254ec2f779cd004dc5be63fdd9859c1572b62ad481ea8b2d40167cd39212e86e3f4a9047b07f8b0f9912ea5c8caa345ded35e0baa630783af63f03a2048d48c2320f96d502a81c76c1f5d203b0d8cfbec995eb484c7c2b9ebf4656973b419b6a920f1bdc32a05b3c914132d9fd58fa4fbdd6414965", 0xb7}, {&(0x7f00000039c0)="041794f6b38efa6e5c37e387dd897c58c333a0cc8d0d6dba7d46ab5338fa2ae6667c457746279a83b31f84976869a9f73bb2758d1c1798c9584618ed34b4a31932eb99a5f4417de3d7704b00399d26a95213fa8b83c1d93c494a8677325aa8dd52c45cf61777310877a96e", 0x6b}], 0x2, &(0x7f0000003bc0)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r6]}}, @cred={{0x1c}}, @rights={{0x10}}], 0x68, 0x20004830}, {&(0x7f0000003c40)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000003d40)=[{&(0x7f0000003cc0)="c4877caf558049effd4f4ee844a1c9891bf11427c67ce24cdebe17769f7e65", 0x1f}, {&(0x7f0000003d00)="ca9a21b41fdc78fce38b12df9d4a4faf68a54f1ffe9a64126dc173880056c3e469491a624cc04714b928f69090", 0x2d}], 0x2, &(0x7f0000004040)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [r1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r4, r8, r9]}}], 0xb0, 0x1}], 0x5, 0x8000) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000040)={0x100, 0x5, 0x8, 0x4, 0x4}) [ 1899.208223][ T137] DMA32 free:25312kB min:4644kB low:7624kB high:10604kB active_anon:2806652kB inactive_anon:3540kB active_file:1492kB inactive_file:1608kB unevictable:0kB writepending:16kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14400kB pagetables:31308kB bounce:0kB free_pcp:2628kB local_pcp:1180kB free_cma:0kB [ 1899.238332][ T137] lowmem_reserve[]: 0 0 3504 3504 [ 1899.243730][ T137] Normal free:10908kB min:5592kB low:9180kB high:12768kB active_anon:2830368kB inactive_anon:23556kB active_file:1368kB inactive_file:1608kB unevictable:0kB writepending:12kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32160kB pagetables:125436kB bounce:0kB free_pcp:876kB local_pcp:328kB free_cma:0kB [ 1899.273928][ T137] lowmem_reserve[]: 0 0 0 0 [ 1899.279157][ T137] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB 22:39:09 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) [ 1899.293472][ T137] DMA32: 96*4kB (UMH) 79*8kB (MEH) 161*16kB (UMEH) 144*32kB (UMEH) 58*64kB (UMEH) 36*128kB (UMH) 20*256kB (M) 7*512kB (M) 1*1024kB (U) 0*2048kB 0*4096kB = 26248kB [ 1899.323125][ T137] Normal: 31*4kB (E) 26*8kB (UME) 105*16kB (UME) 151*32kB (UM) 21*64kB (UM) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 8828kB 22:39:09 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1899.362612][ T137] 8719 total pagecache pages [ 1899.368548][ T137] 0 pages in swap cache [ 1899.373452][ T137] Swap cache stats: add 0, delete 0, find 0/0 [ 1899.380810][ T137] Free swap = 0kB [ 1899.400240][ T137] Total swap = 0kB [ 1899.406594][ T137] 1965979 pages RAM 22:39:09 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x50, 0x1, 0x9}, 0x0) r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000280)='/dev/urandom\x00', 0x151200, 0x0) socket$inet6(0xa, 0x2, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$inet6(r2, &(0x7f00000004c0)=[{{&(0x7f00000000c0)={0xa, 0x4e20, 0x0, @mcast1={0xff, 0x4}}, 0x1c, 0x0}}, {{&(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000400)=[{&(0x7f0000000300)="1d0ba4ce605b2b26c75dc1920424dc1a92df89c00ac17b85a08c67d2591faca62e024bad63e28273451fc70b5ac5de46eeb94311160fd5a6262dab507de21ca1f28a3cc0e39a7d509860142295de22942a964cba093f9fd925b03447f681e0296e0b480ceb5a59cb530bc62439a16d59f85ec1a3c46da1e9909a1b9306e9492e1f988086b8fe2be79d98a9b0f3171e27c7cafb37b7db0a8a5e81671ceeb19872b95b29f153a21355c40406b72823cc435d679be17339430bb33edd59cd6954f580fb34ae585acf59baaf912feb9d48c7d74947b97e3fab6a58a6028caa1b0f62f9ca8233ccb4", 0xe6}], 0x1, &(0x7f0000000440)=[@tclass={{0x14, 0x29, 0x43, 0x6}}, @hoplimit={{0x14, 0x29, 0x34, 0x6}}, @hopopts={{0x40, 0x29, 0x36, {0x2b, 0x4, [], [@hao={0xc9, 0x10, @mcast2}, @hao={0xc9, 0x10, @loopback}]}}}], 0x70}}], 0x2, 0x200080c1) recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0), 0x0, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40002020, &(0x7f0000000200)={0xa, 0x0, 0x5, @private1={0xfc, 0x1, [], 0x1}, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x4a) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x800000, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1899.413321][ T137] 0 pages HighMem/MovableOnly [ 1899.430774][ T137] 318829 pages reserved [ 1899.441600][ T137] 0 pages cma reserved 22:39:10 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:10 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xb000000, 0x0) [ 1899.459162][ T137] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=23733,uid=0 [ 1899.587091][ T137] systemd-journal invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1899.657995][ T137] CPU: 1 PID: 137 Comm: systemd-journal Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1899.668064][ T137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1899.678165][ T137] Call Trace: [ 1899.681448][ T137] dump_stack+0x14a/0x1ce [ 1899.685852][ T137] ? devkmsg_release+0x11c/0x11c [ 1899.690778][ T137] ? show_regs_print_info+0x12/0x12 [ 1899.695957][ T137] ? radix_tree_cpu_dead+0x160/0x160 [ 1899.701222][ T137] ? _raw_spin_lock+0xa1/0x170 [ 1899.705973][ T137] ? _raw_spin_trylock_bh+0x190/0x190 [ 1899.711504][ T137] dump_header+0xdb/0x700 [ 1899.715819][ T137] oom_kill_process+0xd3/0x280 [ 1899.720561][ T137] out_of_memory+0x5b6/0x890 [ 1899.725237][ T137] ? unregister_oom_notifier+0x20/0x20 [ 1899.730684][ T137] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1899.736211][ T137] ? 0xffffffffa00a0000 [ 1899.740349][ T137] ? get_page_from_freelist+0x7c0/0x7c0 [ 1899.745875][ T137] ? __zone_watermark_ok+0x91/0x280 [ 1899.751066][ T137] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1899.756438][ T137] ? __kasan_kmalloc+0x12c/0x1c0 [ 1899.761375][ T137] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1899.766924][ T137] alloc_slab_page+0x3a/0x3a0 [ 1899.771609][ T137] new_slab+0x408/0x450 [ 1899.775766][ T137] ? should_fail+0x18e/0x860 [ 1899.780351][ T137] ___slab_alloc+0x2e0/0x450 [ 1899.784945][ T137] ? getname_flags+0xb8/0x610 [ 1899.789623][ T137] ? getname_flags+0xb8/0x610 [ 1899.794295][ T137] kmem_cache_alloc+0x23f/0x260 [ 1899.799151][ T137] getname_flags+0xb8/0x610 [ 1899.803656][ T137] ? security_prepare_creds+0x197/0x220 [ 1899.809202][ T137] user_path_at_empty+0x28/0x50 [ 1899.814054][ T137] do_faccessat+0x306/0x800 [ 1899.818558][ T137] ? __ia32_sys_fallocate+0x100/0x100 [ 1899.823935][ T137] do_syscall_64+0xcb/0x150 [ 1899.828443][ T137] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1899.834335][ T137] RIP: 0033:0x7f04faf719c7 [ 1899.838755][ T137] Code: Bad RIP value. [ 1899.842815][ T137] RSP: 002b:00007fffa7943108 EFLAGS: 00000246 ORIG_RAX: 0000000000000015 [ 1899.851254][ T137] RAX: ffffffffffffffda RBX: 00007fffa7946020 RCX: 00007f04faf719c7 [ 1899.859226][ T137] RDX: 00007f04fb9e2a00 RSI: 0000000000000000 RDI: 000055e387f129a3 [ 1899.867193][ T137] RBP: 00007fffa7943140 R08: 0000000000000000 R09: 0000000000000000 [ 1899.875157][ T137] R10: 0000000000000069 R11: 0000000000000246 R12: 0000000000000000 [ 1899.883128][ T137] R13: 0000000000000000 R14: 00007fffa7946020 R15: 00007fffa7943630 [ 1899.955940][ T137] Mem-Info: [ 1899.959101][ T137] active_anon:1413357 inactive_anon:6774 isolated_anon:0 [ 1899.959101][ T137] active_file:322 inactive_file:330 isolated_file:44 [ 1899.959101][ T137] unevictable:0 dirty:20 writeback:3 unstable:0 [ 1899.959101][ T137] slab_reclaimable:8835 slab_unreclaimable:77205 [ 1899.959101][ T137] mapped:57821 shmem:6853 pagetables:39126 bounce:0 [ 1899.959101][ T137] free:9691 free_pcp:524 free_cma:0 [ 1899.996804][ T137] Node 0 active_anon:5653428kB inactive_anon:27096kB active_file:1288kB inactive_file:1164kB unevictable:0kB isolated(anon):0kB isolated(file):148kB mapped:230984kB dirty:80kB writeback:12kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1900.022003][ T137] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1900.047963][ T137] lowmem_reserve[]: 0 2912 6416 6416 [ 1900.053269][ T137] DMA32 free:18640kB min:4644kB low:7624kB high:10604kB active_anon:2816200kB inactive_anon:3540kB active_file:936kB inactive_file:1300kB unevictable:0kB writepending:52kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14368kB pagetables:31068kB bounce:0kB free_pcp:1440kB local_pcp:0kB free_cma:0kB [ 1900.114182][ T137] lowmem_reserve[]: 0 0 3504 3504 [ 1900.119375][ T137] Normal free:5732kB min:5592kB low:9180kB high:12768kB active_anon:2837192kB inactive_anon:23556kB active_file:936kB inactive_file:1052kB unevictable:0kB writepending:40kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32064kB pagetables:125436kB bounce:0kB free_pcp:244kB local_pcp:236kB free_cma:0kB [ 1900.152043][ T137] lowmem_reserve[]: 0 0 0 0 [ 1900.157130][ T137] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1900.175734][ T137] DMA32: 427*4kB (UMH) 174*8kB (UMEH) 78*16kB (UMEH) 43*32kB (UMEH) 15*64kB (UMEH) 37*128kB (UMH) 20*256kB (M) 7*512kB (M) 1*1024kB (U) 0*2048kB 0*4096kB = 21148kB [ 1900.193145][ T137] Normal: 74*4kB (UMEH) 48*8kB (UMEH) 17*16kB (UME) 51*32kB (UMH) 20*64kB (UM) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 4504kB [ 1900.208908][ T137] 7268 total pagecache pages [ 1900.214059][ T137] 0 pages in swap cache [ 1900.218685][ T137] Swap cache stats: add 0, delete 0, find 0/0 [ 1900.225388][ T137] Free swap = 0kB [ 1900.257806][ T137] Total swap = 0kB [ 1900.290763][ T137] 1965979 pages RAM [ 1900.295650][ T137] 0 pages HighMem/MovableOnly [ 1900.301247][ T137] 318829 pages reserved [ 1900.306075][ T137] 0 pages cma reserved [ 1900.310744][ T137] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=13669,uid=0 22:39:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f0000000240)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000380)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x0, 0x10000004, 0x1, 0x9, 0x0, 0x400}, 0x0) socket$inet6(0xa, 0x2, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) setsockopt$packet_fanout_data(r2, 0x107, 0x16, &(0x7f00000003c0)={0x0, &(0x7f00000001c0)}, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008080400", @ANYRES32=0x0, @ANYBLOB="18ed750a64fff879259264dea804b1760221665d688d3973d1f75903e3d9915148649831f9be73043889a6eab3aba173574ded3b8aa41e1b4f408d34044a7f1cd0fe572e9429060912f5f14d3e42fb2923103b9b959da6c7d95688e10b2f47c43cd424fa179fe8daf667f2a662fb10d811e1a81837704361d0325e9acf0ba17df223f63b24a3dd3ff7f77b77cd73ddbc5b02c26682584865d914807de327a6278ced52f940c7ca1f416d42b87bd9b55f71dacc06712937b16ba356408a69816bf1d9112654b5a1b91239b5225031616b34123013a4ef57294ac1b02d05ccaf3e096549f59fa7d26d6d0d7811ee9fd9789390fd7ffdf4970e5647dda8ce6baac992aa8205a562c3513c3dbcbe0e203b0515be69b1f02bcc3c4be422ab930b59f0a51d608366d156"], 0x24}}, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000340)={'syztnl2\x00', &(0x7f00000002c0)={'ip6gre0\x00', 0x0, 0x2f, 0x7f, 0x4, 0xfffffff8, 0x1, @initdev={0xfe, 0x88, [], 0x0, 0x0}, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x8000, 0x700, 0x4, 0x5}}) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r3 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r3, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r4, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1900.352847][ T137] Out of memory: Killed process 13669 (syz-executor.2) total-vm:85348kB, anon-rss:10036kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 1900.374600][ T23] oom_reaper: reaped process 13669 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 22:39:10 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xc000000, 0x0) 22:39:11 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0), 0x0, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) [ 1900.739750][ T371] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 1900.761977][ T371] CPU: 0 PID: 371 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1900.771968][ T371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1900.782017][ T371] Call Trace: [ 1900.785306][ T371] dump_stack+0x14a/0x1ce [ 1900.789624][ T371] ? devkmsg_release+0x11c/0x11c [ 1900.794549][ T371] ? show_regs_print_info+0x12/0x12 [ 1900.799723][ T371] ? radix_tree_cpu_dead+0x160/0x160 [ 1900.805001][ T371] ? _raw_spin_lock+0xa1/0x170 [ 1900.810000][ T371] ? _raw_spin_trylock_bh+0x190/0x190 [ 1900.815355][ T371] dump_header+0xdb/0x700 [ 1900.819656][ T371] oom_kill_process+0xd3/0x280 [ 1900.824391][ T371] out_of_memory+0x5b6/0x890 [ 1900.828971][ T371] ? unregister_oom_notifier+0x20/0x20 [ 1900.834402][ T371] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1900.839925][ T371] ? get_page_from_freelist+0x7c0/0x7c0 [ 1900.845461][ T371] ? __zone_watermark_ok+0x91/0x280 [ 1900.850632][ T371] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1900.855991][ T371] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1900.861547][ T371] ? copy_process+0x5a4/0x5110 [ 1900.866454][ T371] ? kmem_cache_alloc+0x1d5/0x260 [ 1900.871451][ T371] copy_process+0x5f3/0x5110 [ 1900.876015][ T371] ? filemap_fault+0x1a30/0x1a30 [ 1900.880952][ T371] ? fork_idle+0x290/0x290 [ 1900.885342][ T371] _do_fork+0x196/0x920 [ 1900.889470][ T371] ? finish_fault+0x230/0x230 [ 1900.894116][ T371] ? dup_mm+0x300/0x300 [ 1900.898243][ T371] __x64_sys_clone+0x25e/0x2c0 [ 1900.902994][ T371] ? __ia32_sys_vfork+0x110/0x110 [ 1900.907993][ T371] ? do_user_addr_fault+0x55c/0x9f0 [ 1900.913162][ T371] do_syscall_64+0xcb/0x150 [ 1900.917635][ T371] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1900.923504][ T371] RIP: 0033:0x45b75a [ 1900.927372][ T371] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 1900.946963][ T371] RSP: 002b:00007ffd47501d10 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1900.957009][ T371] RAX: ffffffffffffffda RBX: 00007ffd47501d10 RCX: 000000000045b75a [ 1900.964968][ T371] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1900.972914][ T371] RBP: 00007ffd47501d50 R08: 0000000000000001 R09: 000000000196f940 [ 1900.980872][ T371] R10: 000000000196fc10 R11: 0000000000000246 R12: 0000000000000001 [ 1900.988819][ T371] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffd47501da0 [ 1901.087851][ T371] Mem-Info: [ 1901.091005][ T371] active_anon:1413024 inactive_anon:6774 isolated_anon:0 [ 1901.091005][ T371] active_file:227 inactive_file:237 isolated_file:35 [ 1901.091005][ T371] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1901.091005][ T371] slab_reclaimable:8835 slab_unreclaimable:77196 [ 1901.091005][ T371] mapped:57631 shmem:6853 pagetables:39123 bounce:0 [ 1901.091005][ T371] free:10797 free_pcp:75 free_cma:0 [ 1901.133726][ T371] Node 0 active_anon:5652176kB inactive_anon:27096kB active_file:992kB inactive_file:956kB unevictable:0kB isolated(anon):0kB isolated(file):140kB mapped:230456kB dirty:0kB writeback:56kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1901.158748][ T371] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1901.186122][ T371] lowmem_reserve[]: 0 2912 6416 6416 [ 1901.192924][ T371] DMA32 free:20888kB min:4644kB low:7624kB high:10604kB active_anon:2814988kB inactive_anon:3540kB active_file:524kB inactive_file:344kB unevictable:0kB writepending:128kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14432kB pagetables:31088kB bounce:0kB free_pcp:272kB local_pcp:0kB free_cma:0kB [ 1901.224174][ T371] lowmem_reserve[]: 0 0 3504 3504 [ 1901.230070][ T371] Normal free:6120kB min:5592kB low:9180kB high:12768kB active_anon:2836596kB inactive_anon:23556kB active_file:504kB inactive_file:712kB unevictable:0kB writepending:76kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32000kB pagetables:125440kB bounce:0kB free_pcp:228kB local_pcp:228kB free_cma:0kB [ 1901.264595][ T371] lowmem_reserve[]: 0 0 0 0 [ 1901.269681][ T371] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1901.283576][ T371] DMA32: 429*4kB (UMH) 77*8kB (UMEH) 42*16kB (UMEH) 13*32kB (UMEH) 22*64kB (UMEH) 43*128kB (MH) 23*256kB (M) 8*512kB (M) 1*1024kB (U) 0*2048kB 0*4096kB = 21340kB [ 1901.300121][ T371] Normal: 78*4kB (UME) 90*8kB (UME) 42*16kB (UME) 82*32kB (UM) 22*64kB (UM) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 6376kB [ 1901.315072][ T371] 7253 total pagecache pages [ 1901.319996][ T371] 0 pages in swap cache [ 1901.324273][ T371] Swap cache stats: add 0, delete 0, find 0/0 [ 1901.330745][ T371] Free swap = 0kB [ 1901.334782][ T371] Total swap = 0kB [ 1901.338800][ T371] 1965979 pages RAM [ 1901.342710][ T371] 0 pages HighMem/MovableOnly [ 1901.347495][ T371] 318829 pages reserved [ 1901.351988][ T371] 0 pages cma reserved [ 1901.359089][ T371] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=23760,uid=0 [ 1901.373839][ T371] Out of memory: Killed process 23760 (syz-executor.5) total-vm:85480kB, anon-rss:16540kB, file-rss:34416kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1901.398535][ T23] oom_reaper: reaped process 23760 (syz-executor.5), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB 22:39:11 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0x7, &(0x7f0000000040)={0x1, 0xffffffff, 0x10001, 0x101}, 0x10) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) r6 = accept4(r3, &(0x7f0000000340)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @local}}}, &(0x7f00000003c0)=0x80, 0x80000) r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000440)='IPVS\x00') sendmsg$IPVS_CMD_GET_SERVICE(r6, &(0x7f0000000500)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000004c0)={&(0x7f0000000480)={0x2c, r7, 0x20, 0x70bd27, 0x25dfdbfd, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0xfffffffb}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x80000000}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40000000}, 0x400c000) timerfd_gettime(r5, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) [ 1901.739679][T23792] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1901.762865][T23792] CPU: 1 PID: 23792 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1901.773102][T23792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1901.783568][T23792] Call Trace: [ 1901.786847][T23792] dump_stack+0x14a/0x1ce [ 1901.791149][T23792] ? devkmsg_release+0x11c/0x11c [ 1901.796058][T23792] ? show_regs_print_info+0x12/0x12 [ 1901.801862][T23792] ? radix_tree_cpu_dead+0x160/0x160 [ 1901.807117][T23792] ? _raw_spin_lock+0xa1/0x170 [ 1901.811855][T23792] ? _raw_spin_trylock_bh+0x190/0x190 [ 1901.817201][T23792] dump_header+0xdb/0x700 [ 1901.821517][T23792] oom_kill_process+0xd3/0x280 [ 1901.826252][T23792] out_of_memory+0x5b6/0x890 [ 1901.830819][T23792] ? unregister_oom_notifier+0x20/0x20 [ 1901.836250][T23792] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1901.841773][T23792] ? get_page_from_freelist+0x7c0/0x7c0 [ 1901.847287][T23792] ? __zone_watermark_ok+0x91/0x280 [ 1901.852458][T23792] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1901.857803][T23792] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1901.863327][T23792] ? copy_process+0x5a4/0x5110 [ 1901.868061][T23792] ? kmem_cache_alloc+0x1d5/0x260 [ 1901.873057][T23792] copy_process+0x5f3/0x5110 [ 1901.877708][T23792] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1901.883400][T23792] ? _raw_spin_lock+0xa1/0x170 [ 1901.888138][T23792] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1901.893915][T23792] ? __lru_cache_add+0x1a1/0x1f0 [ 1901.898823][T23792] ? fork_idle+0x290/0x290 [ 1901.903212][T23792] _do_fork+0x196/0x920 [ 1901.907340][T23792] ? finish_fault+0x230/0x230 [ 1901.911986][T23792] ? up_write+0xa1/0x190 [ 1901.916201][T23792] ? dup_mm+0x300/0x300 [ 1901.920330][T23792] __x64_sys_clone+0x25e/0x2c0 [ 1901.925071][T23792] ? __ia32_sys_vfork+0x110/0x110 [ 1901.930067][T23792] ? do_user_addr_fault+0x55c/0x9f0 [ 1901.935252][T23792] do_syscall_64+0xcb/0x150 [ 1901.939729][T23792] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1901.945610][T23792] RIP: 0033:0x45fb59 [ 1901.949663][T23792] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1901.969258][T23792] RSP: 002b:00007ffc8d239e88 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1901.978682][T23792] RAX: ffffffffffffffda RBX: 00007fe26cbbf700 RCX: 000000000045fb59 [ 1901.986627][T23792] RDX: 00007fe26cbbf9d0 RSI: 00007fe26cbbedb0 RDI: 00000000003d0f00 [ 1901.994569][T23792] RBP: 00007ffc8d23a0b0 R08: 00007fe26cbbf700 R09: 00007fe26cbbf700 [ 1902.002515][T23792] R10: 00007fe26cbbf9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1902.010460][T23792] R13: 00007ffc8d239f3f R14: 00007fe26cbbf9c0 R15: 000000000118cfec [ 1902.027973][T23792] Mem-Info: [ 1902.031676][T23792] active_anon:1412555 inactive_anon:6774 isolated_anon:0 [ 1902.031676][T23792] active_file:247 inactive_file:424 isolated_file:64 [ 1902.031676][T23792] unevictable:0 dirty:23 writeback:0 unstable:0 [ 1902.031676][T23792] slab_reclaimable:8835 slab_unreclaimable:77234 [ 1902.031676][T23792] mapped:57805 shmem:6853 pagetables:39119 bounce:0 [ 1902.031676][T23792] free:10803 free_pcp:173 free_cma:0 [ 1902.093659][T23792] Node 0 active_anon:5650220kB inactive_anon:27096kB active_file:876kB inactive_file:1488kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:230720kB dirty:0kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1902.118871][T23792] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1902.145964][T23792] lowmem_reserve[]: 0 2912 6416 6416 [ 1902.152283][T23792] DMA32 free:21460kB min:4644kB low:7624kB high:10604kB active_anon:2813240kB inactive_anon:3540kB active_file:684kB inactive_file:688kB unevictable:0kB writepending:28kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14368kB pagetables:31156kB bounce:0kB free_pcp:904kB local_pcp:40kB free_cma:0kB [ 1902.182529][T23792] lowmem_reserve[]: 0 0 3504 3504 [ 1902.188544][T23792] Normal free:5644kB min:5592kB low:9180kB high:12768kB active_anon:2835684kB inactive_anon:23556kB active_file:652kB inactive_file:1140kB unevictable:0kB writepending:64kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32000kB pagetables:125320kB bounce:0kB free_pcp:584kB local_pcp:312kB free_cma:0kB [ 1902.227061][T23792] lowmem_reserve[]: 0 0 0 0 [ 1902.232449][T23792] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1902.246959][T23792] DMA32: 395*4kB (UMH) 68*8kB (UMEH) 38*16kB (UMEH) 26*32kB (UMEH) 30*64kB (UMEH) 46*128kB (UMH) 24*256kB (UM) 9*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 22124kB [ 1902.264126][T23792] Normal: 43*4kB (UME) 48*8kB (UE) 14*16kB (UE) 88*32kB (UM) 22*64kB (UM) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 5644kB [ 1902.280139][T23792] 7468 total pagecache pages [ 1902.285459][T23792] 0 pages in swap cache [ 1902.291622][T23792] Swap cache stats: add 0, delete 0, find 0/0 [ 1902.298585][T23792] Free swap = 0kB [ 1902.302989][T23792] Total swap = 0kB [ 1902.307499][T23792] 1965979 pages RAM [ 1902.312137][T23792] 0 pages HighMem/MovableOnly [ 1902.317622][T23792] 318829 pages reserved [ 1902.322591][T23792] 0 pages cma reserved [ 1902.327447][T23792] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=23785,uid=0 [ 1902.342717][T23792] Out of memory: Killed process 23785 (syz-executor.2) total-vm:85348kB, anon-rss:16480kB, file-rss:34112kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1902.366023][ T23] oom_reaper: reaped process 23785 (syz-executor.2), now anon-rss:0kB, file-rss:34032kB, shmem-rss:0kB 22:39:12 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @private2={0xfc, 0x2, [], 0x1}, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1902.775579][T23807] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1902.797723][T23807] CPU: 0 PID: 23807 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1902.807876][T23807] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1902.817911][T23807] Call Trace: [ 1902.821183][T23807] dump_stack+0x14a/0x1ce [ 1902.825486][T23807] ? devkmsg_release+0x11c/0x11c [ 1902.830394][T23807] ? show_regs_print_info+0x12/0x12 [ 1902.835563][T23807] ? radix_tree_cpu_dead+0x160/0x160 [ 1902.840818][T23807] ? _raw_spin_lock+0xa1/0x170 [ 1902.845554][T23807] ? _raw_spin_trylock_bh+0x190/0x190 [ 1902.851002][T23807] dump_header+0xdb/0x700 [ 1902.855392][T23807] oom_kill_process+0xd3/0x280 [ 1902.860130][T23807] out_of_memory+0x5b6/0x890 [ 1902.864691][T23807] ? unregister_oom_notifier+0x20/0x20 [ 1902.870121][T23807] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1902.875643][T23807] ? get_page_from_freelist+0x7c0/0x7c0 [ 1902.881171][T23807] ? __zone_watermark_ok+0x91/0x280 [ 1902.886439][T23807] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1902.891794][T23807] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1902.897313][T23807] ? copy_process+0x5a4/0x5110 [ 1902.902050][T23807] ? kmem_cache_alloc+0x1d5/0x260 [ 1902.907044][T23807] copy_process+0x5f3/0x5110 [ 1902.911607][T23807] ? lookup_user_key_possessed+0x40/0x40 [ 1902.917224][T23807] ? fixup_exception+0x92/0xd0 [ 1902.921979][T23807] ? __up_read+0x6f/0x1b0 [ 1902.926293][T23807] ? fork_idle+0x290/0x290 [ 1902.930681][T23807] ? do_user_addr_fault+0x9d6/0x9f0 [ 1902.935850][T23807] _do_fork+0x196/0x920 [ 1902.939977][T23807] ? page_fault+0x2f/0x40 [ 1902.944279][T23807] ? dup_mm+0x300/0x300 [ 1902.948406][T23807] ? ktime_get_raw+0x130/0x130 [ 1902.953141][T23807] __x64_sys_clone+0x25e/0x2c0 [ 1902.957880][T23807] ? __ia32_sys_vfork+0x110/0x110 [ 1902.962875][T23807] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1902.968481][T23807] do_syscall_64+0xcb/0x150 [ 1902.972958][T23807] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1902.978823][T23807] RIP: 0033:0x45d189 [ 1902.982692][T23807] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1903.002269][T23807] RSP: 002b:00007fe26cb9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1903.010666][T23807] RAX: ffffffffffffffda RBX: 0000000000001f40 RCX: 000000000045d189 [ 1903.018613][T23807] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000103 [ 1903.026557][T23807] RBP: 000000000118d0d0 R08: ffffffffffffffff R09: 0000000000000000 [ 1903.034518][T23807] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118d08c [ 1903.042463][T23807] R13: 00007ffc8d239f3f R14: 00007fe26cb9e9c0 R15: 000000000118d08c [ 1903.057113][T23807] Mem-Info: [ 1903.060317][T23807] active_anon:1411942 inactive_anon:6774 isolated_anon:0 [ 1903.060317][T23807] active_file:21 inactive_file:210 isolated_file:32 [ 1903.060317][T23807] unevictable:0 dirty:27 writeback:0 unstable:0 [ 1903.060317][T23807] slab_reclaimable:8835 slab_unreclaimable:77134 [ 1903.060317][T23807] mapped:57314 shmem:6853 pagetables:39148 bounce:0 [ 1903.060317][T23807] free:12019 free_pcp:148 free_cma:0 [ 1903.098141][T23807] Node 0 active_anon:5647768kB inactive_anon:27096kB active_file:84kB inactive_file:840kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:229256kB dirty:108kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1903.141258][T23807] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1903.179923][T23807] lowmem_reserve[]: 0 2912 6416 6416 [ 1903.185374][T23807] DMA32 free:25240kB min:8740kB low:11720kB high:14700kB active_anon:2811976kB inactive_anon:3540kB active_file:72kB inactive_file:500kB unevictable:0kB writepending:20kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14496kB pagetables:31272kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1903.218513][T23807] lowmem_reserve[]: 0 0 3504 3504 [ 1903.224335][T23807] Normal free:7348kB min:5592kB low:9180kB high:12768kB active_anon:2835204kB inactive_anon:23556kB active_file:488kB inactive_file:740kB unevictable:0kB writepending:52kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32000kB pagetables:125320kB bounce:0kB free_pcp:264kB local_pcp:0kB free_cma:0kB [ 1903.254635][T23807] lowmem_reserve[]: 0 0 0 0 [ 1903.259650][T23807] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1903.273473][T23807] DMA32: 40*4kB (UH) 124*8kB (UMEH) 75*16kB (UMEH) 82*32kB (UMEH) 56*64kB (UMEH) 45*128kB (UMH) 22*256kB (UM) 9*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 24560kB [ 1903.292953][T23807] Normal: 187*4kB (UME) 106*8kB (UME) 31*16kB (UME) 101*32kB (UM) 22*64kB (UM) 1*128kB (U) 0*256kB 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 7372kB [ 1903.308711][T23807] 7096 total pagecache pages [ 1903.313595][T23807] 0 pages in swap cache [ 1903.367657][T23807] Swap cache stats: add 0, delete 0, find 0/0 [ 1903.374208][T23807] Free swap = 0kB [ 1903.387664][T23807] Total swap = 0kB [ 1903.391399][T23807] 1965979 pages RAM [ 1903.395370][T23807] 0 pages HighMem/MovableOnly [ 1903.407650][T23807] 318829 pages reserved [ 1903.411819][T23807] 0 pages cma reserved [ 1903.415886][T23807] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=23792,uid=0 [ 1903.481455][T23807] Out of memory: Killed process 23792 (syz-executor.4) total-vm:85480kB, anon-rss:13216kB, file-rss:34136kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 1903.522119][ T23] oom_reaper: reaped process 23792 (syz-executor.4), now anon-rss:0kB, file-rss:34112kB, shmem-rss:0kB 22:39:14 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xd000000, 0x0) 22:39:14 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000140)={0x2, &(0x7f0000000280)=[{0x0, 0x38, 0x81, 0x7}, {0x3, 0x1, 0x80, 0x4}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) getsockopt$sock_buf(0xffffffffffffffff, 0x1, 0x6, &(0x7f00000047c0)=""/65, &(0x7f0000004840)=0x41) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0)='nl80211\x00') sendmsg$NL80211_CMD_GET_INTERFACE(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000340)={&(0x7f0000000480)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="00042bbd7000fddbdf25050000000800030022bacda93858019dc56ad0755370bdc8619fd354a8bedcbd0c41899d85c1f0a53f09b1dc45c69878ba621646cde3c6d47230452bbeb19daa60b0c9eabf17b4ea4bceb9665bf896293fd1ae213d21655a074df3b000"/113, @ANYRES32=0x0, @ANYBLOB="0c009900858f00000200000008000100ffffffff"], 0x30}}, 0x801) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x100, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x9}, 0x1c) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1904.532122][ T23] oom_reaper: reaped process 23797 (syz-executor.5), now anon-rss:0kB, file-rss:33952kB, shmem-rss:0kB 22:39:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:15 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xe000000, 0x0) 22:39:15 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x10000000, 0x0) 22:39:15 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0), 0x0, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:15 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000), 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) r4 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r5) r6 = socket$netlink(0x10, 0x3, 0x0) getsockopt$sock_cred(r6, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, 0x0}, &(0x7f0000cab000)=0xc) setresgid(0x0, 0x0, r7) r8 = socket$inet_udplite(0x2, 0x2, 0x88) getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000000240)={0x0, 0x0}, &(0x7f0000000280)=0x5) setuid(r9) getegid() write$FUSE_DIRENTPLUS(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYRESDEC, @ANYRESOCT], 0xfffffffffffffe9b) 22:39:15 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x11000000, 0x0) 22:39:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:15 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x12000000, 0x0) 22:39:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:15 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0), 0x0, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:15 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000e40)={&(0x7f00000003c0)=@kern={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f00000009c0)=[{&(0x7f0000000400)={0x234, 0x14, 0x8, 0x70bd27, 0x25dfdbfc, "", [@typed={0x8, 0x6f, 0x0, 0x0, @ipv4=@remote}, @generic="313f31a9b9a8166b6584d8edce3d72a77c7f2fcdce452d4e273e62adfc5d293b19dc1f8dd4270595167dab830caeb923a283015c6fd590b5ee541a1d279f7e3bad3c2e129152e6c1232e965dbcfb9e63af62185124a6e81fd0b88a10c5a681756bcbd9db0adce502df4abb5e53f510ed849808f13767f70aa249397639c59e827631a5db847556c52df6d4e6212493f32e8eda550adca4a9b63b27ea01169cf870728fba6791", @generic="192fb05f5a8f438c23d8f0d248fc0721da2cc34e31a3c81bf98bf38b0fbf4723cedd4bacfcbe82a1d56192f47ba501ef023af1852d108ed66a2f8874e6d38760d53136dce2538fa7e0c6e8d4751ed5a1f55c0dd447a8ebff689278109bd9d48415f568454f722dc392c2987a104d19f85cadd1f0c5ebf1e2f07db288cf5040ac2fe9b23628c3917aa8b55bd4effc0a64d2cadc551524f3c1d3a6fd71b87bec4e9fa67e897d90303951ab570c2bb9126b7cd4ccc651822c453eee63554fbeebe6e71741722769d5b3ed6fba1b641f3fb44cb7823d8030a1487e0dcda9db74a30c", @generic="93a5407c16b9b7564454758e20670ff2468ddc7a95b340a382cfaa9acd44a886069d6de6546756c579dd83b515fea55aa10b71e693019d8a886b10793a27ebbbb065047f2d6c147fdd6064a4f5b63a60268df2973aa6aedccb681eb0163514f96333dcd2ef8b051106be60a3c1718eb958b260fe56aa12356c4807fb81674ff5a28488bf870726022daa1e7f79194084e1ad98c851f0"]}, 0x234}, {&(0x7f0000000640)={0x35c, 0x25, 0x200, 0x70bd29, 0x25dfdbfe, "", [@typed={0xc, 0x76, 0x0, 0x0, @u64=0x2}, @nested={0x2f9, 0x79, 0x0, 0x1, [@typed={0xc, 0x71, 0x0, 0x0, @u64=0x8}, @generic="0a38f9ffac750bbca9839ee52a4894149e9b6383b2d27a44e220fa36bd60cfc431f6a4d2254adb7ca33a9163f826a7273612e1eeb845cb49a82a1599bdb6c4cbede5f08bdcae04644a6aef7a5257546d2c8813d9b12e4260a25fe063ffd15df84fb2f9f57f9cf3d5f18075b3c3749d24814ee77bb0d34799f43425929ac99c5b84b981212614fcb9b86f12d5eb3e1f1510002c4c457f466ca2c31140bcf121ee13e8", @typed={0x8, 0x51, 0x0, 0x0, @u32=0x54e}, @generic="b212edf1424e5664ec819f30399db3837bc069585deeb03363567b0a5159f2c90b3b2f42481dfa4a7c0390c3cc0119a6f0dd4641f32904725b1c2817558c66c1c81075cedd842a8b1feb733ee753320275754c3c8f7a44155a67f52adbef2928948bf9c44a1513facb3c622dde2c672d4e33de2a5e08873c24d955e965a5cb474c341e26df029fa530a5c6431a3f649cd875613d811591838a1d701236c9ca125ab40856d5626a99c695965dc6c621e95ec5c29e95afb7539a79805341748c699cb16624823cc20a31c9c1cafe3468298bed69c346f9a9bce3e8613416d466b87e896309df1993c426b27ee681b49b45bf4a2578263e614bc3f9", @typed={0x8, 0x3d, 0x0, 0x0, @u32=0x7f}, @typed={0x8, 0x3a, 0x0, 0x0, @ipv4=@multicast1}, @generic="6be04c8f4ee3df1a6e9302a99797334dfadd5e03cfc99cd203b9abb4a32e638e1977144e1338e442c35b78fa14dfa4e79f5cb369ef722e", @generic="c4af6ccd843b8fd8da78c6cce338b2d1586d80d7e2e4ed1c877f834f73418d5eb53437ff62847f9b48ce55bb8612d2c38f5cbc502f79beae5d40e2478d8d5b02dc3ba541c988b3853aca9bfa0c80d4c67f348dc3176fbeabd587bcdd52ed811df77e3762f81a10984165cb7ebff85bf57e7b84901d52798c4f080dd742ca1da8e3ea4043aab0834300b1d2b5020281fdbe75aac9d8ec10c5d8cb02e978dd5c376e01f1aec65797aff6fbe71e2a8878f89b5a9b76f37a4e25e294aba4c541a6feede5ea2aeba6754d5665860c38082cb095e33b44fb945e80dd0548bdf6b505acb217ba97c37f927923caa693dbdc8ef4db99c78b2351", @typed={0x4, 0x8}, @typed={0x4, 0x2d}]}, @generic="5b5539302441276205bcc4fce2333de0e592bab291bc5f88a93137c7c22f86994238ab9cfd7a3cd735ea79e56884052470265057166a12868dfc27187fb0dbe687b040"]}, 0x35c}], 0x2, &(0x7f0000000d40)=[@cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, r0, r3, r2, r3, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x24, 0x1, 0x1, [r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0]}}], 0xe8, 0x4000}, 0x84) write$binfmt_script(r2, &(0x7f00000002c0)={'#! ', './file0', [{0x20, 'stack\x00'}, {0x20, '/+!'}, {0x20, 'stack\x00'}, {0x20, '-#{6#}!(^@'}, {0x20, '$[(!('}, {0x20, 'stack\x00'}, {0x20, 'stack\x00'}, {0x20, ']+'}, {0x20, 'stack\x00'}], 0xa, "b068cf00385a39181e5f6bb8e6a184b1c92cc4cef5238d6c5e1c9c564a5cf7e336be76f2f8c11e8b2af1ac1656507579b29899c87d3205108eec16d3db65501af3ead454e5ad926b83dae1f5d9b705d97b3874a30a144511bf72adaec261b49ae17e497acf3911b88821d57eaac602326e847391dcacc65a9995af40169b08bd70b59983a5"}, 0xcb) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:15 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300)='nl80211\x00') sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x2c, r1, 0x300, 0x70bd2b, 0x25dfdbff, {}, [@NL80211_STA_WME_MAX_SP={0x15, 0x2, "c8688b708f5f75b29d7fc8e7a8ecf645e8"}]}, 0x2c}, 0x1, 0x0, 0x0, 0x40}, 0x8810) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:15 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x1bd2ff7f, 0x0) 22:39:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1905.190375][T23878] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1905.232128][T23878] CPU: 1 PID: 23878 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1905.242288][T23878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1905.252332][T23878] Call Trace: [ 1905.255601][T23878] dump_stack+0x14a/0x1ce [ 1905.259903][T23878] ? devkmsg_release+0x11c/0x11c [ 1905.264808][T23878] ? show_regs_print_info+0x12/0x12 [ 1905.269978][T23878] ? radix_tree_cpu_dead+0x160/0x160 [ 1905.275688][T23878] ? _raw_spin_lock+0xa1/0x170 [ 1905.280422][T23878] ? _raw_spin_trylock_bh+0x190/0x190 [ 1905.285766][T23878] dump_header+0xdb/0x700 [ 1905.290066][T23878] oom_kill_process+0xd3/0x280 [ 1905.294800][T23878] out_of_memory+0x5b6/0x890 [ 1905.299371][T23878] ? unregister_oom_notifier+0x20/0x20 [ 1905.304800][T23878] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1905.310321][T23878] ? get_page_from_freelist+0x7c0/0x7c0 [ 1905.315838][T23878] ? __zone_watermark_ok+0x91/0x280 [ 1905.321017][T23878] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1905.326377][T23878] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1905.331915][T23878] ? copy_process+0x5a4/0x5110 [ 1905.336677][T23878] ? kmem_cache_alloc+0x1d5/0x260 [ 1905.341760][T23878] copy_process+0x5f3/0x5110 [ 1905.346447][T23878] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1905.352146][T23878] ? _raw_spin_lock+0xa1/0x170 [ 1905.356883][T23878] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1905.362663][T23878] ? __lru_cache_add+0x1a1/0x1f0 [ 1905.367587][T23878] ? fork_idle+0x290/0x290 [ 1905.371973][T23878] _do_fork+0x196/0x920 [ 1905.376101][T23878] ? finish_fault+0x230/0x230 [ 1905.380747][T23878] ? up_write+0xa1/0x190 [ 1905.384957][T23878] ? dup_mm+0x300/0x300 [ 1905.389084][T23878] __x64_sys_clone+0x25e/0x2c0 [ 1905.393819][T23878] ? __ia32_sys_vfork+0x110/0x110 [ 1905.398815][T23878] ? do_user_addr_fault+0x55c/0x9f0 [ 1905.404007][T23878] do_syscall_64+0xcb/0x150 [ 1905.408485][T23878] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1905.414351][T23878] RIP: 0033:0x45fb59 [ 1905.418231][T23878] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1905.437807][T23878] RSP: 002b:00007ffc8d239e88 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1905.446197][T23878] RAX: ffffffffffffffda RBX: 00007fe26cbe0700 RCX: 000000000045fb59 [ 1905.454139][T23878] RDX: 00007fe26cbe09d0 RSI: 00007fe26cbdfdb0 RDI: 00000000003d0f00 [ 1905.462082][T23878] RBP: 00007ffc8d23a0b0 R08: 00007fe26cbe0700 R09: 00007fe26cbe0700 [ 1905.470025][T23878] R10: 00007fe26cbe09d0 R11: 0000000000000202 R12: 0000000000000000 [ 1905.477968][T23878] R13: 00007ffc8d239f3f R14: 00007fe26cbe09c0 R15: 000000000118cf4c [ 1905.569385][T23878] Mem-Info: [ 1905.572890][T23878] active_anon:1411247 inactive_anon:6774 isolated_anon:0 [ 1905.572890][T23878] active_file:653 inactive_file:584 isolated_file:40 [ 1905.572890][T23878] unevictable:0 dirty:8 writeback:9 unstable:0 [ 1905.572890][T23878] slab_reclaimable:8839 slab_unreclaimable:77346 [ 1905.572890][T23878] mapped:58355 shmem:6853 pagetables:39178 bounce:0 [ 1905.572890][T23878] free:11644 free_pcp:93 free_cma:0 [ 1905.619383][T23878] Node 0 active_anon:5644988kB inactive_anon:27096kB active_file:2724kB inactive_file:1828kB unevictable:0kB isolated(anon):0kB isolated(file):208kB mapped:233120kB dirty:32kB writeback:36kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1905.677469][T23878] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1905.713302][T23878] lowmem_reserve[]: 0 2912 6416 6416 [ 1905.718669][T23878] DMA32 free:23392kB min:12836kB low:15816kB high:18796kB active_anon:2808544kB inactive_anon:3540kB active_file:1008kB inactive_file:824kB unevictable:0kB writepending:32kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14432kB pagetables:30868kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1905.777741][T23878] lowmem_reserve[]: 0 0 3504 3504 [ 1905.791125][T23878] Normal free:7784kB min:9688kB low:13276kB high:16864kB active_anon:2836164kB inactive_anon:23556kB active_file:1120kB inactive_file:988kB unevictable:0kB writepending:36kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32128kB pagetables:125844kB bounce:0kB free_pcp:784kB local_pcp:716kB free_cma:0kB [ 1905.834969][T23878] lowmem_reserve[]: 0 0 0 0 [ 1905.839516][T23878] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1905.887432][T23878] DMA32: 350*4kB (UMEH) 86*8kB (UMEH) 59*16kB (UMEH) 129*32kB (UME) 52*64kB (UMEH) 43*128kB (UMH) 20*256kB (M) 7*512kB (UM) 0*1024kB 0*2048kB 0*4096kB = 24696kB [ 1905.927427][T23878] Normal: 282*4kB (UME) 88*8kB (UME) 44*16kB (UME) 110*32kB (UME) 27*64kB (UM) 3*128kB (UM) 0*256kB 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 8680kB [ 1905.959164][T23878] 7318 total pagecache pages [ 1905.971141][T23878] 0 pages in swap cache [ 1905.981595][T23878] Swap cache stats: add 0, delete 0, find 0/0 [ 1905.996350][T23878] Free swap = 0kB [ 1906.006245][T23878] Total swap = 0kB [ 1906.017903][T23878] 1965979 pages RAM [ 1906.047713][T23878] 0 pages HighMem/MovableOnly [ 1906.114592][T23878] 318829 pages reserved [ 1906.126066][T23878] 0 pages cma reserved [ 1906.136218][T23878] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=13405,uid=0 [ 1906.153386][T23878] Out of memory: Killed process 13405 (syz-executor.2) total-vm:85348kB, anon-rss:10036kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 1906.194603][ T23] oom_reaper: reaped process 13405 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 22:39:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:17 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x25000000, 0x0) 22:39:17 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x1, 0x9}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9, 0x0, 0x80000000, 0x0, 0x0, 0xfffffffc}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) write$cgroup_devices(0xffffffffffffffff, &(0x7f00000002c0)=ANY=[@ANYBLOB="62202a3a2a21726d00b3dac38401fd08d8cfb908007fc6f9d0417889db70cd36c7292f00de1a836ebc44e2f63c8cc6cf47f365b7e7b0f05e2222e6f28ee562103d3d3da4174196a0fe371bb9afbdffc2e960940b5ef74c072616c541c4082c10b79f02febe9cf1b1277c3a37e54b3d81d827be08ea66db084c62c4cc4ec0884a98d49d22eab05044199788e66c9300eab336533a1c08783c83a048d7beac59296e17717361f298f05754eba3405eee541501ad2b96a7995270860eaf89c91eadd6b7da5503db54cc7d417146d6663a56c31f1aef365efe88a2eace83072424a83c31b6b116f638f99a06ca28ef666725e8e8aa3d60c49f4987b2e89d1f8499df5680f8e2440c0915d523827aa5b24a605c521d0daa7a767fc1058a76b8cbc237e24412a932f1288025d69decdb9a16f93a296f9f1d7550b5afb4a5401a07083b84b429681235ba75f9dfa1d8c74c8f433235ee8974205d32ccfc1d1d8e9d72564b3ab97be8"], 0x9) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:17 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) signalfd4(r1, &(0x7f0000000280)={[0x8000]}, 0x8, 0x80000) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:17 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) r2 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r2, 0x0, 0x60, &(0x7f00000000c0)={'filter\x00', 0x7, 0x4, 0x418, 0x220, 0xe0, 0x220, 0x330, 0x330, 0x330, 0x4, 0x0, {[{{@arp={@dev, @local, 0x0, 0x0, 0x0, 0x0, {@mac}, {@mac}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'tunl0\x00', 'veth1_macvtap\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @mac, @multicast2, @dev}}}, {{@arp={@rand_addr, @private, 0x0, 0x0, 0x0, 0x0, {@mac=@random="426f21ca5d81"}, {@mac=@broadcast}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0_to_bond\x00', 'veth1_macvtap\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@local, @empty, @private, @private}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@mac=@random="05c0f1ce3e23", @mac=@remote, @dev}}}], {{[], 0xc0, 0xe8}, {0x28}}}}, 0x468) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) timerfd_gettime(r4, 0x0) getsockopt$inet_IP_IPSEC_POLICY(r4, 0x0, 0x10, &(0x7f0000000540)={{{@in6=@dev, @in=@dev}}, {{@in=@dev}, 0x0, @in6=@empty}}, &(0x7f0000000040)=0xe8) r5 = getpid() sched_setattr(r5, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000a40)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000200000000000c09695000000000000002ba728041598d6fbd30cb599e83d24a381d36bb3019c13bd2321afb56fa54f36fb0b71d0e6adfe226bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652fbc0dc8cedf3ceb9fbfbf9b0a4def23d410f6296b0db6cf529a2255b6b079e38032a8343881dcc7b1b85f453d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f1ab3e89cf6c662ed4048d3b3e22278d00031e5388e85c867ddd58211d6ececb0cd2b6d357b8580218ce74e467725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b24efa000000000000000000e0ff00000000000000000000003e4bcf8500000000000000000000000000b27cf3d1848a54d7132be1ffb0adf9deab29ea3323aa9fdfb52faf649c3bfdbc6ec664b91a6844efdebb7b3de8f6333f6c962b9f292324f41ab11f12fb1e2c494034127de79f40159e800ea2474b542d35a30b23bcee46762c2093bcc9eae5ee3e980026c96f80ee1a744d9a485c5989b8e633e3296e52d3370688c19322b95a2315b395000000000000000000000000020a40f135429e817e01e732000000001420d1a66e9b7ff12c96cf4f5bb64a74fc10070f62b6a5c67a8c59b29adcd9b4c116fbf54d055275eb505c98c8dfa61fa426cc78ca0cce5989dcbb0d156d34e53531251e502cbdf73101881e6222c601918400a6baac649f2f3c094a91f1d31c79eed85de58202d456a9b794c0fe5f167728867f22575e5525985d37c7e99b984ee1775b2370f0858a2adf13098b629db6009dd69916cbb5d407001dd62cadc9e23f46faf1906d6294071b19178dca12e5bd15ad4a4cad7a1f6000ffd6aa200500000000000000000000000000000000005d417b5d3af5e10bc5ce0eba2f8c646cfec7fc872c996dd0c0e8fa0edb00"], &(0x7f0000000140)='GPL\x00'}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r6, 0xc0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r7}, 0xc) syz_open_procfs(0x0, &(0x7f0000000640)='mounts\x00') r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r9 = dup(r8) timerfd_gettime(r9, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:39:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:17 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x94], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:17 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x40000000, 0x0) [ 1907.052880][T23916] syz-executor.5 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1907.093746][T23916] CPU: 0 PID: 23916 Comm: syz-executor.5 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1907.103912][T23916] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1907.113954][T23916] Call Trace: [ 1907.117243][T23916] dump_stack+0x14a/0x1ce [ 1907.121571][T23916] ? devkmsg_release+0x11c/0x11c [ 1907.126503][T23916] ? show_regs_print_info+0x12/0x12 [ 1907.131694][T23916] ? radix_tree_cpu_dead+0x160/0x160 [ 1907.136971][T23916] ? _raw_spin_lock+0xa1/0x170 [ 1907.141725][T23916] ? _raw_spin_trylock_bh+0x190/0x190 [ 1907.147071][T23916] dump_header+0xdb/0x700 [ 1907.151389][T23916] oom_kill_process+0xd3/0x280 [ 1907.156127][T23916] out_of_memory+0x5b6/0x890 [ 1907.160688][T23916] ? unregister_oom_notifier+0x20/0x20 [ 1907.166121][T23916] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1907.171643][T23916] ? get_page_from_freelist+0x7c0/0x7c0 [ 1907.177157][T23916] ? __zone_watermark_ok+0x91/0x280 [ 1907.182366][T23916] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1907.187711][T23916] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1907.193228][T23916] ? copy_process+0x5a4/0x5110 [ 1907.197961][T23916] ? kmem_cache_alloc+0x1d5/0x260 [ 1907.202954][T23916] copy_process+0x5f3/0x5110 [ 1907.207516][T23916] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1907.213205][T23916] ? _raw_spin_lock+0xa1/0x170 [ 1907.217939][T23916] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1907.223713][T23916] ? __lru_cache_add+0x1a1/0x1f0 [ 1907.228621][T23916] ? fork_idle+0x290/0x290 [ 1907.233008][T23916] _do_fork+0x196/0x920 [ 1907.237135][T23916] ? finish_fault+0x230/0x230 [ 1907.241783][T23916] ? up_write+0xa1/0x190 [ 1907.245995][T23916] ? dup_mm+0x300/0x300 [ 1907.250125][T23916] __x64_sys_clone+0x25e/0x2c0 [ 1907.255566][T23916] ? __ia32_sys_vfork+0x110/0x110 [ 1907.260562][T23916] ? do_user_addr_fault+0x55c/0x9f0 [ 1907.265742][T23916] do_syscall_64+0xcb/0x150 [ 1907.270230][T23916] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1907.276103][T23916] RIP: 0033:0x45fb59 [ 1907.279968][T23916] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1907.299538][T23916] RSP: 002b:00007ffd6eaa9058 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1907.307946][T23916] RAX: ffffffffffffffda RBX: 00007f3e1610c700 RCX: 000000000045fb59 [ 1907.315886][T23916] RDX: 00007f3e1610c9d0 RSI: 00007f3e1610bdb0 RDI: 00000000003d0f00 [ 1907.323826][T23916] RBP: 00007ffd6eaa9280 R08: 00007f3e1610c700 R09: 00007f3e1610c700 [ 1907.331766][T23916] R10: 00007f3e1610c9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1907.339718][T23916] R13: 00007ffd6eaa910f R14: 00007f3e1610c9c0 R15: 000000000118d08c [ 1907.391819][T23916] Mem-Info: [ 1907.403969][T23916] active_anon:1414299 inactive_anon:6774 isolated_anon:0 [ 1907.403969][T23916] active_file:414 inactive_file:438 isolated_file:62 [ 1907.403969][T23916] unevictable:0 dirty:24 writeback:4 unstable:0 [ 1907.403969][T23916] slab_reclaimable:8839 slab_unreclaimable:76975 [ 1907.403969][T23916] mapped:57996 shmem:6853 pagetables:39156 bounce:0 [ 1907.403969][T23916] free:9193 free_pcp:277 free_cma:0 [ 1907.470919][T23916] Node 0 active_anon:5657196kB inactive_anon:27096kB active_file:1196kB inactive_file:1160kB unevictable:0kB isolated(anon):0kB isolated(file):156kB mapped:231284kB dirty:96kB writeback:16kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1907.495644][T23916] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1907.521737][T23916] lowmem_reserve[]: 0 2912 6416 6416 [ 1907.527183][T23916] DMA32 free:18300kB min:4644kB low:7624kB high:10604kB active_anon:2813288kB inactive_anon:3540kB active_file:1000kB inactive_file:856kB unevictable:0kB writepending:36kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14240kB pagetables:30960kB bounce:0kB free_pcp:452kB local_pcp:0kB free_cma:0kB [ 1907.556580][T23916] lowmem_reserve[]: 0 0 3504 3504 [ 1907.561815][T23916] Normal free:4560kB min:5592kB low:9180kB high:12768kB active_anon:2843960kB inactive_anon:23556kB active_file:208kB inactive_file:292kB unevictable:0kB writepending:4kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32224kB pagetables:125664kB bounce:0kB free_pcp:220kB local_pcp:0kB free_cma:0kB [ 1907.592475][T23916] lowmem_reserve[]: 0 0 0 0 [ 1907.601667][T23916] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1907.629948][T23916] DMA32: 175*4kB (UMEH) 104*8kB (UMEH) 56*16kB (UMEH) 12*32kB (UME) 6*64kB (UME) 16*128kB (UMH) 13*256kB (M) 5*512kB (UM) 1*1024kB (M) 1*2048kB (M) 1*4096kB (M) = 18300kB [ 1907.665183][T23916] Normal: 113*4kB (UME) 64*8kB (UME) 37*16kB (UME) 16*32kB (UME) 19*64kB (UM) 4*128kB (UM) 2*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4308kB [ 1907.699379][T23916] 7469 total pagecache pages [ 1907.727281][T23916] 0 pages in swap cache [ 1907.731449][T23916] Swap cache stats: add 0, delete 0, find 0/0 [ 1907.747277][T23916] Free swap = 0kB [ 1907.751623][T23916] Total swap = 0kB [ 1907.755436][T23916] 1965979 pages RAM [ 1907.760619][T23916] 0 pages HighMem/MovableOnly [ 1907.765334][T23916] 318829 pages reserved [ 1907.769913][T23916] 0 pages cma reserved [ 1907.774106][T23916] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=23914,uid=0 [ 1907.804292][T23916] Out of memory: Killed process 23914 (syz-executor.2) total-vm:85744kB, anon-rss:16556kB, file-rss:35076kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 22:39:18 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:18 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x3, &(0x7f0000000300)=[{0x0, 0x0, 0x81}, {0x800, 0x3, 0x6, 0x3e}, {0x8000, 0x3, 0x3f}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) read$eventfd(0xffffffffffffffff, &(0x7f00000002c0), 0x8) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) fcntl$setownex(r3, 0xf, &(0x7f0000000280)={0x1, r0}) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/8, 0x8) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:18 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) preadv(r5, &(0x7f00000003c0)=[{&(0x7f00000002c0)=""/98, 0x62}, {&(0x7f0000000340)=""/104, 0x68}], 0x2, 0x4, 0x7fffffff) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:18 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x7fffd21b, 0x0) 22:39:18 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:18 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = getpid() sched_setattr(r2, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r3 = socket$inet_udplite(0x2, 0x2, 0x88) r4 = dup(r3) ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200) r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000a40)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff5070000000000000200000000000c09695000000000000002ba728041598d6fbd30cb599e83d24a381d36bb3019c13bd2321afb56fa54f36fb0b71d0e6adfe226bd917487960717142fa9ea4318123741c0a0e168c1886d0d4d94f2f4e345c652fbc0dc8cedf3ceb9fbfbf9b0a4def23d410f6296b0db6cf529a2255b6b079e38032a8343881dcc7b1b85f453d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f1ab3e89cf6c662ed4048d3b3e22278d00031e5388e85c867ddd58211d6ececb0cd2b6d357b8580218ce74e467725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b24efa000000000000000000e0ff00000000000000000000003e4bcf8500000000000000000000000000b27cf3d1848a54d7132be1ffb0adf9deab29ea3323aa9fdfb52faf649c3bfdbc6ec664b91a6844efdebb7b3de8f6333f6c962b9f292324f41ab11f12fb1e2c494034127de79f40159e800ea2474b542d35a30b23bcee46762c2093bcc9eae5ee3e980026c96f80ee1a744d9a485c5989b8e633e3296e52d3370688c19322b95a2315b395000000000000000000000000020a40f135429e817e01e732000000001420d1a66e9b7ff12c96cf4f5bb64a74fc10070f62b6a5c67a8c59b29adcd9b4c116fbf54d055275eb505c98c8dfa61fa426cc78ca0cce5989dcbb0d156d34e53531251e502cbdf73101881e6222c601918400a6baac649f2f3c094a91f1d31c79eed85de58202d456a9b794c0fe5f167728867f22575e5525985d37c7e99b984ee1775b2370f0858a2adf13098b629db6009dd69916cbb5d407001dd62cadc9e23f46faf1906d6294071b19178dca12e5bd15ad4a4cad7a1f6000ffd6aa200500000000000000000000000000000000005d417b5d3af5e10bc5ce0eba2f8c646cfec7fc872c996dd0c0e8fa0edb00"], &(0x7f0000000140)='GPL\x00'}, 0x48) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r5, 0xc0, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, 0x10) bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000080)={r6}, 0xc) bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={r2, r4, 0x0, 0x1, &(0x7f0000000080)='\x00', r6}, 0x30) syz_open_procfs(r7, &(0x7f0000000040)='net/route\x00') r8 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r9 = dup(r8) timerfd_gettime(r9, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:39:18 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:18 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x7ffff000, 0x0) 22:39:18 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xcf000000, 0x0) [ 1908.487394][T23960] syz-executor.4 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 1908.501391][T23960] CPU: 1 PID: 23960 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1908.511644][T23960] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1908.521676][T23960] Call Trace: [ 1908.524950][T23960] dump_stack+0x14a/0x1ce [ 1908.529276][T23960] ? devkmsg_release+0x11c/0x11c [ 1908.534193][T23960] ? show_regs_print_info+0x12/0x12 [ 1908.539361][T23960] ? radix_tree_cpu_dead+0x160/0x160 [ 1908.544611][T23960] ? _raw_spin_lock+0xa1/0x170 [ 1908.549343][T23960] ? _raw_spin_trylock_bh+0x190/0x190 [ 1908.554685][T23960] dump_header+0xdb/0x700 [ 1908.558988][T23960] oom_kill_process+0xd3/0x280 [ 1908.563724][T23960] out_of_memory+0x5b6/0x890 [ 1908.568377][T23960] ? unregister_oom_notifier+0x20/0x20 [ 1908.573809][T23960] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1908.579430][T23960] ? get_page_from_freelist+0x7c0/0x7c0 [ 1908.584953][T23960] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1908.590293][T23960] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1908.595808][T23960] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1908.601514][T23960] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 1908.607551][T23960] ? __perf_event_task_sched_in+0x4f7/0x560 [ 1908.613412][T23960] wp_page_copy+0x1cb/0x1120 [ 1908.617974][T23960] ? perf_pmu_sched_task+0x370/0x370 [ 1908.623242][T23960] ? switch_mm_irqs_off+0x2bf/0x9a0 [ 1908.628412][T23960] ? add_mm_rss_vec+0x270/0x270 [ 1908.633234][T23960] ? _raw_spin_unlock_irq+0x5/0x20 [ 1908.638316][T23960] ? finish_task_switch+0x235/0x4c0 [ 1908.643485][T23960] ? vm_normal_page+0x1c9/0x1d0 [ 1908.648308][T23960] do_wp_page+0x4c1/0x1530 [ 1908.652852][T23960] ? _raw_spin_lock+0xa1/0x170 [ 1908.657602][T23960] ? do_swap_page+0x1560/0x1560 [ 1908.662431][T23960] ? ttwu_do_wakeup+0x154/0x5b0 [ 1908.667253][T23960] handle_mm_fault+0xfa5/0x41e0 [ 1908.672078][T23960] ? __cgroup_account_cputime+0x2ba/0x2e0 [ 1908.677768][T23960] ? finish_fault+0x230/0x230 [ 1908.682445][T23960] ? update_curr+0x584/0x740 [ 1908.687008][T23960] ? down_read_trylock+0x17a/0x1d0 [ 1908.692089][T23960] ? _raw_spin_unlock_irq+0x5/0x20 [ 1908.697169][T23960] ? vmacache_find+0x3a2/0x4b0 [ 1908.701903][T23960] do_user_addr_fault+0x48a/0x9f0 [ 1908.706898][T23960] page_fault+0x2f/0x40 [ 1908.711028][T23960] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 1908.717596][T23960] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 1908.737187][T23960] RSP: 0018:ffff8880467df888 EFLAGS: 00010206 [ 1908.746001][T23960] RAX: ffffffff81f86901 RBX: 000000002053d500 RCX: 0000000000000500 [ 1908.754119][T23960] RDX: 0000000000001000 RSI: ffff88818a9c8b00 RDI: 000000002053d000 [ 1908.762075][T23960] RBP: ffff8880467dfda8 R08: dffffc0000000000 R09: ffffed1031539200 [ 1908.770018][T23960] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 1908.777958][T23960] R13: 0000000000001000 R14: ffff88818a9c8000 R15: 000000002053c500 [ 1908.785929][T23960] ? copyout+0x51/0xb0 [ 1908.791284][T23960] copyout+0x8e/0xb0 [ 1908.795162][T23960] copy_page_to_iter+0x393/0xbd0 [ 1908.800081][T23960] pipe_to_user+0xa3/0x130 [ 1908.804465][T23960] __splice_from_pipe+0x2d3/0x870 [ 1908.809466][T23960] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 1908.814980][T23960] do_vmsplice+0x252/0xee0 [ 1908.819369][T23960] ? avc_ss_reset+0x3a0/0x3a0 [ 1908.824019][T23960] ? write_pipe_buf+0x1d0/0x1d0 [ 1908.828853][T23960] ? __rcu_read_lock+0x50/0x50 [ 1908.833586][T23960] ? check_stack_object+0x5a/0x90 [ 1908.838598][T23960] ? _copy_from_user+0xa4/0xe0 [ 1908.843333][T23960] ? rw_copy_check_uvector+0x2b3/0x310 [ 1908.848763][T23960] ? import_iovec+0x1c2/0x380 [ 1908.853411][T23960] ? dup_iter+0x110/0x110 [ 1908.857718][T23960] ? do_vfs_ioctl+0x780/0x1750 [ 1908.862463][T23960] __se_sys_vmsplice+0x1fb/0x300 [ 1908.867385][T23960] ? __x64_sys_vmsplice+0xa0/0xa0 [ 1908.872389][T23960] ? put_timespec64+0x109/0x150 [ 1908.877216][T23960] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1908.882819][T23960] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 1908.888508][T23960] do_syscall_64+0xcb/0x150 [ 1908.892983][T23960] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1908.898848][T23960] RIP: 0033:0x45d189 [ 1908.902715][T23960] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1908.922382][T23960] RSP: 002b:00007fe26cb9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 1908.930782][T23960] RAX: ffffffffffffffda RBX: 0000000000035800 RCX: 000000000045d189 [ 1908.938826][T23960] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000004 [ 1908.946770][T23960] RBP: 000000000118d0c8 R08: 0000000000000000 R09: 0000000000000000 [ 1908.954727][T23960] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118d08c [ 1908.962673][T23960] R13: 00007ffc8d239f3f R14: 00007fe26cb9e9c0 R15: 000000000118d08c [ 1908.995481][T23960] Mem-Info: [ 1909.031309][T23960] active_anon:1413283 inactive_anon:6774 isolated_anon:0 [ 1909.031309][T23960] active_file:352 inactive_file:673 isolated_file:85 [ 1909.031309][T23960] unevictable:0 dirty:17 writeback:0 unstable:0 [ 1909.031309][T23960] slab_reclaimable:8838 slab_unreclaimable:77025 [ 1909.031309][T23960] mapped:58095 shmem:6853 pagetables:39284 bounce:0 [ 1909.031309][T23960] free:9823 free_pcp:246 free_cma:0 [ 1909.085968][T23960] Node 0 active_anon:5653132kB inactive_anon:27096kB active_file:1408kB inactive_file:2692kB unevictable:0kB isolated(anon):0kB isolated(file):224kB mapped:232280kB dirty:68kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1909.150517][T23960] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1909.184702][T23960] lowmem_reserve[]: 0 2912 6416 6416 [ 1909.196433][T23960] DMA32 free:17108kB min:4644kB low:7624kB high:10604kB active_anon:2813048kB inactive_anon:3540kB active_file:1016kB inactive_file:760kB unevictable:0kB writepending:40kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14816kB pagetables:31460kB bounce:0kB free_pcp:16kB local_pcp:16kB free_cma:0kB [ 1909.228105][T23960] lowmem_reserve[]: 0 0 3504 3504 [ 1909.233480][T23960] Normal free:3996kB min:9688kB low:13276kB high:16864kB active_anon:2841308kB inactive_anon:23556kB active_file:980kB inactive_file:1248kB unevictable:0kB writepending:28kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32128kB pagetables:125676kB bounce:0kB free_pcp:1064kB local_pcp:284kB free_cma:0kB [ 1909.265682][T23960] lowmem_reserve[]: 0 0 0 0 [ 1909.270885][T23960] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1909.284829][T23960] DMA32: 70*4kB (UMEH) 38*8kB (UMEH) 29*16kB (UMEH) 7*32kB (UE) 5*64kB (UME) 26*128kB (UMH) 14*256kB (UM) 4*512kB (UM) 1*1024kB (M) 1*2048kB (M) 1*4096kB (M) = 17720kB [ 1909.302133][T23960] Normal: 117*4kB (UME) 75*8kB (ME) 36*16kB (UME) 11*32kB (UME) 25*64kB (M) 2*128kB (M) 2*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4364kB [ 1909.317366][T23960] 7551 total pagecache pages [ 1909.322588][T23960] 0 pages in swap cache [ 1909.327369][T23960] Swap cache stats: add 0, delete 0, find 0/0 [ 1909.334048][T23960] Free swap = 0kB [ 1909.338348][T23960] Total swap = 0kB [ 1909.342643][T23960] 1965979 pages RAM [ 1909.347037][T23960] 0 pages HighMem/MovableOnly [ 1909.369987][T23960] 318829 pages reserved [ 1909.374789][T23960] 0 pages cma reserved [ 1909.387436][T23960] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=31057,uid=0 [ 1909.402201][T23960] Out of memory: Killed process 31057 (syz-executor.5) total-vm:85480kB, anon-rss:9972kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 1910.199868][T23968] syz-executor.5 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 1910.213716][T23968] CPU: 0 PID: 23968 Comm: syz-executor.5 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1910.223868][T23968] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1910.233899][T23968] Call Trace: [ 1910.237181][T23968] dump_stack+0x14a/0x1ce [ 1910.241482][T23968] ? devkmsg_release+0x11c/0x11c [ 1910.246388][T23968] ? show_regs_print_info+0x12/0x12 [ 1910.251566][T23968] ? radix_tree_cpu_dead+0x160/0x160 [ 1910.256816][T23968] ? _raw_spin_lock+0xa1/0x170 [ 1910.261635][T23968] ? _raw_spin_trylock_bh+0x190/0x190 [ 1910.266993][T23968] dump_header+0xdb/0x700 [ 1910.271294][T23968] oom_kill_process+0xd3/0x280 [ 1910.276025][T23968] out_of_memory+0x5b6/0x890 [ 1910.280601][T23968] ? unregister_oom_notifier+0x20/0x20 [ 1910.286028][T23968] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1910.291572][T23968] ? get_page_from_freelist+0x7c0/0x7c0 [ 1910.297096][T23968] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1910.302437][T23968] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1910.307953][T23968] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1910.313640][T23968] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1910.319432][T23968] ? __lru_cache_add+0x1a1/0x1f0 [ 1910.324356][T23968] wp_page_copy+0x1cb/0x1120 [ 1910.328926][T23968] ? add_mm_rss_vec+0x270/0x270 [ 1910.333759][T23968] ? _raw_spin_unlock_irq+0x5/0x20 [ 1910.338840][T23968] ? finish_task_switch+0x235/0x4c0 [ 1910.344013][T23968] ? vm_normal_page+0x1c9/0x1d0 [ 1910.348962][T23968] do_wp_page+0x4c1/0x1530 [ 1910.353359][T23968] ? _raw_spin_lock+0xa1/0x170 [ 1910.358098][T23968] ? do_swap_page+0x1560/0x1560 [ 1910.362923][T23968] ? ttwu_do_wakeup+0x154/0x5b0 [ 1910.367745][T23968] handle_mm_fault+0xfa5/0x41e0 [ 1910.372566][T23968] ? finish_fault+0x230/0x230 [ 1910.377218][T23968] ? __perf_event_task_sched_in+0x4f7/0x560 [ 1910.383082][T23968] ? down_read_trylock+0x17a/0x1d0 [ 1910.388163][T23968] ? switch_mm+0x100/0x100 [ 1910.392549][T23968] ? _raw_spin_unlock_irq+0x5/0x20 [ 1910.397643][T23968] ? vmacache_find+0x47a/0x4b0 [ 1910.402716][T23968] do_user_addr_fault+0x48a/0x9f0 [ 1910.407712][T23968] page_fault+0x2f/0x40 [ 1910.411843][T23968] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 1910.418400][T23968] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 1910.437980][T23968] RSP: 0018:ffff888046417888 EFLAGS: 00010206 [ 1910.444108][T23968] RAX: ffffffff81f86901 RBX: 00000000202c0500 RCX: 0000000000000500 [ 1910.452266][T23968] RDX: 0000000000001000 RSI: ffff888164fb3b00 RDI: 00000000202c0000 [ 1910.460322][T23968] RBP: ffff888046417da8 R08: dffffc0000000000 R09: ffffed102c9f6800 [ 1910.468265][T23968] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 1910.476228][T23968] R13: 0000000000001000 R14: ffff888164fb3000 R15: 00000000202bf500 [ 1910.484201][T23968] ? copyout+0x51/0xb0 [ 1910.488246][T23968] copyout+0x8e/0xb0 [ 1910.492119][T23968] copy_page_to_iter+0x393/0xbd0 [ 1910.497132][T23968] pipe_to_user+0xa3/0x130 [ 1910.501603][T23968] __splice_from_pipe+0x2d3/0x870 [ 1910.506625][T23968] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 1910.512148][T23968] do_vmsplice+0x252/0xee0 [ 1910.516548][T23968] ? avc_ss_reset+0x3a0/0x3a0 [ 1910.521197][T23968] ? write_pipe_buf+0x1d0/0x1d0 [ 1910.526038][T23968] ? __rcu_read_lock+0x50/0x50 [ 1910.530787][T23968] ? check_stack_object+0x5a/0x90 [ 1910.535784][T23968] ? _copy_from_user+0xa4/0xe0 [ 1910.540535][T23968] ? rw_copy_check_uvector+0x2b3/0x310 [ 1910.545964][T23968] ? import_iovec+0x1c2/0x380 [ 1910.550633][T23968] ? dup_iter+0x110/0x110 [ 1910.554943][T23968] ? do_vfs_ioctl+0x780/0x1750 [ 1910.559698][T23968] __se_sys_vmsplice+0x1fb/0x300 [ 1910.564695][T23968] ? __x64_sys_vmsplice+0xa0/0xa0 [ 1910.569692][T23968] ? put_timespec64+0x109/0x150 [ 1910.574516][T23968] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1910.580137][T23968] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 1910.585830][T23968] do_syscall_64+0xcb/0x150 [ 1910.590323][T23968] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1910.596209][T23968] RIP: 0033:0x45d189 [ 1910.600086][T23968] Code: Bad RIP value. [ 1910.604124][T23968] RSP: 002b:00007f3e1612cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 1910.612504][T23968] RAX: ffffffffffffffda RBX: 0000000000035800 RCX: 000000000045d189 [ 1910.620464][T23968] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003 [ 1910.628422][T23968] RBP: 000000000118d028 R08: 0000000000000000 R09: 0000000000000000 [ 1910.636368][T23968] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cfec [ 1910.644337][T23968] R13: 00007ffd6eaa910f R14: 00007f3e1612d9c0 R15: 000000000118cfec [ 1910.657028][T23968] Mem-Info: [ 1910.660278][T23968] active_anon:1414445 inactive_anon:6774 isolated_anon:0 [ 1910.660278][T23968] active_file:0 inactive_file:76 isolated_file:12 [ 1910.660278][T23968] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1910.660278][T23968] slab_reclaimable:8838 slab_unreclaimable:76921 [ 1910.660278][T23968] mapped:57295 shmem:6853 pagetables:39261 bounce:0 [ 1910.660278][T23968] free:9794 free_pcp:151 free_cma:0 [ 1910.698481][T23968] Node 0 active_anon:5657780kB inactive_anon:27096kB active_file:300kB inactive_file:360kB unevictable:0kB isolated(anon):0kB isolated(file):48kB mapped:229280kB dirty:0kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1910.722963][T23968] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1910.749304][T23968] lowmem_reserve[]: 0 2912 6416 6416 [ 1910.755087][T23968] DMA32 free:18488kB min:4644kB low:7624kB high:10604kB active_anon:2814148kB inactive_anon:3540kB active_file:0kB inactive_file:4kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14816kB pagetables:31460kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1910.801302][T23968] lowmem_reserve[]: 0 0 3504 3504 [ 1910.806379][T23968] Normal free:13288kB min:5592kB low:9180kB high:12768kB active_anon:2833552kB inactive_anon:23556kB active_file:0kB inactive_file:604kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32160kB pagetables:125584kB bounce:0kB free_pcp:1912kB local_pcp:404kB free_cma:0kB [ 1910.835987][T23968] lowmem_reserve[]: 0 0 0 0 [ 1910.840475][T23968] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1910.853746][T23968] DMA32: 293*4kB (UMEH) 137*8kB (UMEH) 153*16kB (UMEH) 57*32kB (UME) 11*64kB (UME) 26*128kB (UMH) 14*256kB (UM) 4*512kB (UM) 1*1024kB (M) 1*2048kB (M) 1*4096kB (M) = 23372kB [ 1910.870937][T23968] Normal: 396*4kB (UMEH) 219*8kB (UMEH) 185*16kB (UMEH) 142*32kB (UMEH) 35*64kB (UM) 7*128kB (UM) 2*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 14488kB [ 1910.886595][T23968] 6888 total pagecache pages [ 1910.891198][T23968] 0 pages in swap cache [ 1910.895320][T23968] Swap cache stats: add 0, delete 0, find 0/0 [ 1910.901472][T23968] Free swap = 0kB [ 1910.905246][T23968] Total swap = 0kB [ 1910.909214][T23968] 1965979 pages RAM [ 1910.913025][T23968] 0 pages HighMem/MovableOnly [ 1910.917719][T23968] 318829 pages reserved [ 1910.921858][T23968] 0 pages cma reserved [ 1910.927209][T23968] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=23944,uid=0 [ 1911.018682][ T378] syz-executor.3 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 1911.029945][ T378] CPU: 1 PID: 378 Comm: syz-executor.3 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1911.039917][ T378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1911.049968][ T378] Call Trace: [ 1911.053259][ T378] dump_stack+0x14a/0x1ce [ 1911.057577][ T378] ? devkmsg_release+0x11c/0x11c [ 1911.062509][ T378] ? show_regs_print_info+0x12/0x12 [ 1911.067691][ T378] ? radix_tree_cpu_dead+0x160/0x160 [ 1911.073010][ T378] ? _raw_spin_lock+0xa1/0x170 [ 1911.077751][ T378] ? _raw_spin_trylock_bh+0x190/0x190 [ 1911.083103][ T378] dump_header+0xdb/0x700 [ 1911.087412][ T378] oom_kill_process+0xd3/0x280 [ 1911.092159][ T378] out_of_memory+0x5b6/0x890 [ 1911.096718][ T378] ? unregister_oom_notifier+0x20/0x20 [ 1911.102151][ T378] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1911.107672][ T378] ? get_page_from_freelist+0x7c0/0x7c0 [ 1911.113190][ T378] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1911.118531][ T378] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1911.124046][ T378] pagecache_get_page+0x50f/0x880 [ 1911.129047][ T378] filemap_fault+0x14cb/0x1a30 [ 1911.133781][ T378] ? __down_read+0xf1/0x210 [ 1911.138257][ T378] ? generic_file_read_iter+0x20b0/0x20b0 [ 1911.143950][ T378] ? is_mmconf_reserved+0x420/0x420 [ 1911.149122][ T378] ext4_filemap_fault+0x7b/0x90 [ 1911.153945][ T378] handle_mm_fault+0x29ca/0x41e0 [ 1911.158856][ T378] ? finish_fault+0x230/0x230 [ 1911.163501][ T378] ? get_timespec64+0x11f/0x1d0 [ 1911.168333][ T378] ? down_read_trylock+0x17a/0x1d0 [ 1911.173428][ T378] ? __x64_sys_nanosleep+0x60/0x60 [ 1911.178519][ T378] ? vmacache_find+0x205/0x4b0 [ 1911.183268][ T378] do_user_addr_fault+0x48a/0x9f0 [ 1911.188278][ T378] page_fault+0x2f/0x40 [ 1911.192414][ T378] RIP: 0033:0x45b630 [ 1911.196399][ T378] Code: Bad RIP value. [ 1911.200436][ T378] RSP: 002b:00007ffdc5ab06f8 EFLAGS: 00010246 [ 1911.206497][ T378] RAX: 0000000000000000 RBX: 00000000001d1e46 RCX: 000000000045b630 [ 1911.214543][ T378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00007ffdc5ab0700 [ 1911.222507][ T378] RBP: 0000000000003988 R08: 0000000000000001 R09: 000000000171b940 [ 1911.230459][ T378] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 1911.238402][ T378] R13: 00007ffdc5ab0750 R14: 00000000001d1e46 R15: 00007ffdc5ab0760 [ 1911.246805][ T378] Mem-Info: [ 1911.249962][ T378] active_anon:1414302 inactive_anon:6774 isolated_anon:0 [ 1911.249962][ T378] active_file:99 inactive_file:107 isolated_file:32 [ 1911.249962][ T378] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1911.249962][ T378] slab_reclaimable:8838 slab_unreclaimable:76938 [ 1911.249962][ T378] mapped:57320 shmem:6853 pagetables:39236 bounce:0 [ 1911.249962][ T378] free:9938 free_pcp:93 free_cma:0 [ 1911.287547][ T378] Node 0 active_anon:5657208kB inactive_anon:27096kB active_file:336kB inactive_file:100kB unevictable:0kB isolated(anon):0kB isolated(file):80kB mapped:229380kB dirty:0kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1911.311747][ T378] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1911.337927][ T378] lowmem_reserve[]: 0 2912 6416 6416 [ 1911.343307][ T378] DMA32 free:18484kB min:4644kB low:7624kB high:10604kB active_anon:2813896kB inactive_anon:3540kB active_file:0kB inactive_file:80kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14720kB pagetables:31472kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1911.374589][ T378] lowmem_reserve[]: 0 0 3504 3504 [ 1911.380069][ T378] Normal free:5868kB min:5592kB low:9180kB high:12768kB active_anon:2843224kB inactive_anon:23556kB active_file:444kB inactive_file:424kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32032kB pagetables:125472kB bounce:0kB free_pcp:500kB local_pcp:124kB free_cma:0kB [ 1911.409831][ T378] lowmem_reserve[]: 0 0 0 0 [ 1911.414720][ T378] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1911.428423][ T378] DMA32: 58*4kB (UMEH) 37*8kB (UMEH) 30*16kB (UEH) 28*32kB (UME) 13*64kB (UME) 27*128kB (UMH) 13*256kB (M) 4*512kB (UM) 1*1024kB (M) 1*2048kB (M) 1*4096kB (M) = 18736kB [ 1911.445655][ T378] Normal: 36*4kB (UE) 25*8kB (ME) 33*16kB (UME) 12*32kB (UME) 29*64kB (UM) 5*128kB (M) 4*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 4776kB [ 1911.466956][ T378] 7073 total pagecache pages [ 1911.471556][ T378] 0 pages in swap cache [ 1911.475699][ T378] Swap cache stats: add 0, delete 0, find 0/0 [ 1911.487004][ T378] Free swap = 0kB [ 1911.490735][ T378] Total swap = 0kB [ 1911.494444][ T378] 1965979 pages RAM [ 1911.506771][ T378] 0 pages HighMem/MovableOnly [ 1911.511486][ T378] 318829 pages reserved [ 1911.515629][ T378] 0 pages cma reserved [ 1911.526943][ T378] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=23942,uid=0 [ 1911.546976][ T378] Out of memory: Killed process 23942 (syz-executor.0) total-vm:85480kB, anon-rss:15424kB, file-rss:33920kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1911.581794][ T23] oom_reaper: reaped process 23942 (syz-executor.0), now anon-rss:0kB, file-rss:33920kB, shmem-rss:0kB 22:39:22 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000280)={0x38, 0x2, 0x0, 0x1, 0x9, 0x0, 0x38cb}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) ptrace$pokeuser(0x6, 0x0, 0x4, 0xfff) 22:39:22 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xe51d0000, 0x0) 22:39:22 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:22 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x5, &(0x7f00000003c0)=[{}, {0xff, 0x0, 0x8, 0xffffffff}, {0x20, 0x2, 0x81, 0x6789}, {0x1000, 0x1, 0x0, 0x8001}, {0x0, 0x2, 0x8, 0x4c}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000140)={0x38, 0x5, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$USBDEVFS_BULK(0xffffffffffffffff, 0xc0185502, &(0x7f0000000380)={{{0xb, 0x1}}, 0xaf, 0x1, &(0x7f00000002c0)="5f215fac208bc6583de88cfde645b6051b933a8685a66103b8c693fdfc6952f02a4d200e5217cdd5df156774cb8a60874f7f872cc6881aedef341a6371ca7ca4a7a5c1baaca8c537d4127f3ec709f9653a82d7bcec90faa020f48b307ae58bc4a2a0d03a01df31d339c55271b64a74845569ae75c077818525bff29561d0d74eb7adcc1dfe53255a308efadbabb773034d9ef4d0ff0c9248fab89839a1d4a0f0a922194f0a8c170a74a7bde1e132da"}) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40000000, &(0x7f0000000200)={0xa, 0x0, 0x2005, @remote, 0x156aec5c}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:22 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:22 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000080)=[{&(0x7f0000000000)="52038c9c9b4ef80f4c91a090ab09d64f65f3708ce36d9aed35784f1200000000", 0x20}], 0x1, 0x2) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = dup(r2) ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r3, 0x54a2) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) timerfd_gettime(r5, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:39:22 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0xffffff7f, 0x0) 22:39:22 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:22 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:22 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:22 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:22 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x2) 22:39:23 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:23 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000180)={0x1, &(0x7f0000000280)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:23 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(0x0) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r0 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r1, &(0x7f00000017c0), 0x375, 0x0, 0x0) r2 = dup(0xffffffffffffffff) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r3, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r3, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) [ 1913.035599][T24033] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1913.048213][T24033] CPU: 0 PID: 24033 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1913.058353][T24033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1913.068408][T24033] Call Trace: [ 1913.071680][T24033] dump_stack+0x14a/0x1ce [ 1913.075981][T24033] ? devkmsg_release+0x11c/0x11c [ 1913.081415][T24033] ? show_regs_print_info+0x12/0x12 [ 1913.086582][T24033] ? radix_tree_cpu_dead+0x160/0x160 [ 1913.091853][T24033] ? _raw_spin_lock+0xa1/0x170 [ 1913.096606][T24033] ? _raw_spin_trylock_bh+0x190/0x190 [ 1913.101950][T24033] dump_header+0xdb/0x700 [ 1913.106255][T24033] oom_kill_process+0xd3/0x280 [ 1913.111005][T24033] out_of_memory+0x5b6/0x890 [ 1913.117652][T24033] ? unregister_oom_notifier+0x20/0x20 [ 1913.123082][T24033] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1913.128600][T24033] ? get_page_from_freelist+0x7c0/0x7c0 [ 1913.134120][T24033] ? __zone_watermark_ok+0x91/0x280 [ 1913.139290][T24033] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1913.144632][T24033] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1913.150148][T24033] ? copy_process+0x5a4/0x5110 [ 1913.154894][T24033] ? kmem_cache_alloc+0x1d5/0x260 [ 1913.159890][T24033] copy_process+0x5f3/0x5110 [ 1913.164454][T24033] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1913.170154][T24033] ? _raw_spin_lock+0xa1/0x170 [ 1913.174885][T24033] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1913.180678][T24033] ? __lru_cache_add+0x1a1/0x1f0 [ 1913.185590][T24033] ? fork_idle+0x290/0x290 [ 1913.189976][T24033] _do_fork+0x196/0x920 [ 1913.194103][T24033] ? finish_fault+0x230/0x230 [ 1913.198768][T24033] ? up_write+0xa1/0x190 [ 1913.202995][T24033] ? dup_mm+0x300/0x300 [ 1913.207124][T24033] __x64_sys_clone+0x25e/0x2c0 [ 1913.213196][T24033] ? __ia32_sys_vfork+0x110/0x110 [ 1913.218193][T24033] ? do_user_addr_fault+0x55c/0x9f0 [ 1913.223375][T24033] do_syscall_64+0xcb/0x150 [ 1913.227863][T24033] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1913.233736][T24033] RIP: 0033:0x45fb59 [ 1913.238225][T24033] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1913.257899][T24033] RSP: 002b:00007ffc8d239e88 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1913.266278][T24033] RAX: ffffffffffffffda RBX: 00007fe26cbbf700 RCX: 000000000045fb59 [ 1913.274222][T24033] RDX: 00007fe26cbbf9d0 RSI: 00007fe26cbbedb0 RDI: 00000000003d0f00 [ 1913.282176][T24033] RBP: 00007ffc8d23a0b0 R08: 00007fe26cbbf700 R09: 00007fe26cbbf700 [ 1913.290154][T24033] R10: 00007fe26cbbf9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1913.298104][T24033] R13: 00007ffc8d239f3f R14: 00007fe26cbbf9c0 R15: 000000000118cfec [ 1913.307706][T24033] Mem-Info: [ 1913.312873][T24033] active_anon:1411744 inactive_anon:6774 isolated_anon:0 [ 1913.312873][T24033] active_file:48 inactive_file:351 isolated_file:3 [ 1913.312873][T24033] unevictable:0 dirty:23 writeback:0 unstable:0 [ 1913.312873][T24033] slab_reclaimable:8835 slab_unreclaimable:77098 [ 1913.312873][T24033] mapped:57405 shmem:6853 pagetables:39257 bounce:0 [ 1913.312873][T24033] free:12284 free_pcp:52 free_cma:0 [ 1913.357917][T24033] Node 0 active_anon:5646876kB inactive_anon:27096kB active_file:192kB inactive_file:3004kB unevictable:0kB isolated(anon):0kB isolated(file):12kB mapped:230720kB dirty:92kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1913.383400][T24033] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1913.410284][T24033] lowmem_reserve[]: 0 2912 6416 6416 [ 1913.417073][T24033] DMA32 free:21076kB min:4644kB low:7624kB high:10604kB active_anon:2810300kB inactive_anon:3540kB active_file:56kB inactive_file:12kB unevictable:0kB writepending:28kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14624kB pagetables:31332kB bounce:0kB free_pcp:356kB local_pcp:184kB free_cma:0kB [ 1913.448193][T24033] lowmem_reserve[]: 0 0 3504 3504 [ 1913.454559][T24033] Normal free:9384kB min:9688kB low:13276kB high:16864kB active_anon:2836676kB inactive_anon:23556kB active_file:616kB inactive_file:2820kB unevictable:0kB writepending:64kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32032kB pagetables:125696kB bounce:0kB free_pcp:1156kB local_pcp:440kB free_cma:0kB [ 1913.486384][T24033] lowmem_reserve[]: 0 0 0 0 [ 1913.516510][T24033] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1913.556132][T24033] DMA32: 3*4kB (EH) 42*8kB (UMEH) 36*16kB (UMEH) 70*32kB (UME) 14*64kB (UME) 26*128kB (MH) 14*256kB (UM) 3*512kB (M) 2*1024kB (UM) 2*2048kB (UM) 0*4096kB = 18652kB [ 1913.574514][T24033] Normal: 54*4kB (ME) 66*8kB (UME) 28*16kB (UME) 109*32kB (UME) 67*64kB (UM) 5*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9864kB [ 1913.590029][T24033] 7944 total pagecache pages [ 1913.595148][T24033] 0 pages in swap cache [ 1913.600091][T24033] Swap cache stats: add 0, delete 0, find 0/0 [ 1913.611014][T24033] Free swap = 0kB [ 1913.617410][T24033] Total swap = 0kB [ 1913.639011][T24033] 1965979 pages RAM [ 1913.643380][T24033] 0 pages HighMem/MovableOnly [ 1913.648630][T24033] 318829 pages reserved [ 1913.653304][T24033] 0 pages cma reserved [ 1913.657738][T24033] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=23992,uid=0 [ 1913.672228][T24033] Out of memory: Killed process 23992 (syz-executor.2) total-vm:85612kB, anon-rss:16556kB, file-rss:34640kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1913.699709][ T23] oom_reaper: reaped process 23992 (syz-executor.2), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB 22:39:24 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:24 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x2, 0x6, 0x0, 0x0, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:24 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x1}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$PPPIOCSCOMPRESS(r2, 0x4010744d) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:24 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(0x0) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r0 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r1, &(0x7f00000017c0), 0x375, 0x0, 0x0) r2 = dup(0xffffffffffffffff) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r3, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r3, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:24 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x3) 22:39:24 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$MON_IOCG_STATS(r2, 0x80089203, &(0x7f0000000040)) r4 = dup(r3) timerfd_gettime(r4, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) prctl$PR_GET_FPEXC(0xb, &(0x7f0000000080)) 22:39:24 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:24 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(0x0) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r0 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r1, &(0x7f00000017c0), 0x375, 0x0, 0x0) r2 = dup(0xffffffffffffffff) getsockname$packet(r2, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r3, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r3, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:24 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x4) 22:39:24 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:24 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:24 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:25 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:25 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x5) 22:39:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f00000002c0)="0b61f697bf87e2ea97dc65ecc35a9fe05943e082e5dee59ad08985feea24d750f5ee6026420c6866cbb697c598fe3e15dcc975e25d3cb00f5cd30d7bfeb164a777a7f1d1240843c853ace9f2de47068317b18e59553635d9198d045950fed2a0e2ac98fca6269d04677815a7a7c2be2f4ad55d56e9963d3bc76e72221358e23e03833967816c9c6ab212448011b06d5f81526db9379dabf2170e259fe3b0e1b877db168c1db5c74fbd2de45fcaab8bb1f3765d64f2421e5ab44d8749a64f09c2a7cf7b9debc0f3e7c4bb0000000000000000", 0x128) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:25 executing program 4: write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x1058) accept4$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x0, 0x0, @private0}, &(0x7f00000002c0)=0x1c, 0x180000) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(r0, &(0x7f0000000300)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:25 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) write$cgroup_devices(r3, &(0x7f0000000040)={'c', ' *:* ', 'r\x00'}, 0x8) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) timerfd_gettime(r5, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:39:25 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:26 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x6) 22:39:26 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:26 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x7) 22:39:26 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1916.156061][T24081] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1916.169056][T24081] CPU: 1 PID: 24081 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1916.179244][T24081] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1916.189284][T24081] Call Trace: [ 1916.192572][T24081] dump_stack+0x14a/0x1ce [ 1916.196896][T24081] ? devkmsg_release+0x11c/0x11c [ 1916.201837][T24081] ? show_regs_print_info+0x12/0x12 [ 1916.207023][T24081] ? radix_tree_cpu_dead+0x160/0x160 [ 1916.212298][T24081] ? _raw_spin_lock+0xa1/0x170 [ 1916.217059][T24081] ? _raw_spin_trylock_bh+0x190/0x190 [ 1916.222434][T24081] dump_header+0xdb/0x700 [ 1916.226759][T24081] oom_kill_process+0xd3/0x280 [ 1916.231516][T24081] out_of_memory+0x5b6/0x890 [ 1916.236098][T24081] ? unregister_oom_notifier+0x20/0x20 [ 1916.241550][T24081] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1916.247073][T24081] ? get_page_from_freelist+0x7c0/0x7c0 [ 1916.252590][T24081] ? __zone_watermark_ok+0x91/0x280 [ 1916.257775][T24081] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1916.263117][T24081] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1916.268630][T24081] ? copy_process+0x5a4/0x5110 [ 1916.273363][T24081] ? kmem_cache_alloc+0x1d5/0x260 [ 1916.278356][T24081] copy_process+0x5f3/0x5110 [ 1916.283006][T24081] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1916.288695][T24081] ? _raw_spin_lock+0xa1/0x170 [ 1916.293442][T24081] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1916.299219][T24081] ? __lru_cache_add+0x1a1/0x1f0 [ 1916.304126][T24081] ? fork_idle+0x290/0x290 [ 1916.308537][T24081] _do_fork+0x196/0x920 [ 1916.312664][T24081] ? finish_fault+0x230/0x230 [ 1916.317323][T24081] ? up_write+0xa1/0x190 [ 1916.321537][T24081] ? dup_mm+0x300/0x300 [ 1916.325676][T24081] __x64_sys_clone+0x25e/0x2c0 [ 1916.330428][T24081] ? __ia32_sys_vfork+0x110/0x110 [ 1916.335425][T24081] ? do_user_addr_fault+0x55c/0x9f0 [ 1916.340622][T24081] do_syscall_64+0xcb/0x150 [ 1916.345095][T24081] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1916.350966][T24081] RIP: 0033:0x45fb59 [ 1916.354831][T24081] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1916.374423][T24081] RSP: 002b:00007ffd47501a68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1916.382807][T24081] RAX: ffffffffffffffda RBX: 00007f76464c4700 RCX: 000000000045fb59 [ 1916.390748][T24081] RDX: 00007f76464c49d0 RSI: 00007f76464c3db0 RDI: 00000000003d0f00 [ 1916.398687][T24081] RBP: 00007ffd47501c90 R08: 00007f76464c4700 R09: 00007f76464c4700 [ 1916.406627][T24081] R10: 00007f76464c49d0 R11: 0000000000000202 R12: 0000000000000000 [ 1916.414568][T24081] R13: 00007ffd47501b1f R14: 00007f76464c49c0 R15: 000000000118cfec [ 1916.443393][T24081] Mem-Info: [ 1916.446819][T24081] active_anon:1413723 inactive_anon:6774 isolated_anon:0 [ 1916.446819][T24081] active_file:98 inactive_file:237 isolated_file:51 [ 1916.446819][T24081] unevictable:0 dirty:15 writeback:0 unstable:0 [ 1916.446819][T24081] slab_reclaimable:8831 slab_unreclaimable:76902 [ 1916.446819][T24081] mapped:57401 shmem:6853 pagetables:39435 bounce:0 [ 1916.446819][T24081] free:9934 free_pcp:451 free_cma:0 [ 1916.494933][T24081] Node 0 active_anon:5654892kB inactive_anon:27096kB active_file:160kB inactive_file:40kB unevictable:0kB isolated(anon):0kB isolated(file):52kB mapped:229204kB dirty:60kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1916.519089][T24081] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1916.545312][T24081] lowmem_reserve[]: 0 2912 6416 6416 [ 1916.550663][T24081] DMA32 free:18180kB min:4644kB low:7624kB high:10604kB active_anon:2811268kB inactive_anon:3540kB active_file:28kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14560kB pagetables:31648kB bounce:0kB free_pcp:324kB local_pcp:4kB free_cma:0kB [ 1916.579824][T24081] lowmem_reserve[]: 0 0 3504 3504 [ 1916.584963][T24081] Normal free:6440kB min:5592kB low:9180kB high:12768kB active_anon:2843608kB inactive_anon:23556kB active_file:160kB inactive_file:148kB unevictable:0kB writepending:12kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32256kB pagetables:125924kB bounce:0kB free_pcp:1868kB local_pcp:792kB free_cma:0kB [ 1916.614744][T24081] lowmem_reserve[]: 0 0 0 0 [ 1916.619395][T24081] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1916.632812][T24081] DMA32: 43*4kB (UEH) 53*8kB (UMEH) 27*16kB (UMEH) 84*32kB (UME) 26*64kB (UME) 30*128kB (UMH) 15*256kB (UM) 4*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 18180kB [ 1916.649490][T24081] Normal: 176*4kB (UMEH) 67*8kB (UMEH) 29*16kB (UMEH) 18*32kB (UMEH) 49*64kB (UMH) 8*128kB (UMH) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6440kB [ 1916.670370][T24081] 7134 total pagecache pages [ 1916.675070][T24081] 0 pages in swap cache [ 1916.679436][T24081] Swap cache stats: add 0, delete 0, find 0/0 [ 1916.685634][T24081] Free swap = 0kB [ 1916.689509][T24081] Total swap = 0kB [ 1916.693368][T24081] 1965979 pages RAM [ 1916.697631][T24081] 0 pages HighMem/MovableOnly [ 1916.702537][T24081] 318829 pages reserved [ 1916.706716][T24081] 0 pages cma reserved [ 1916.710772][T24081] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=24089,uid=0 [ 1916.724895][T24081] Out of memory: Killed process 24089 (syz-executor.5) total-vm:85348kB, anon-rss:15688kB, file-rss:33424kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1916.746374][ T23] oom_reaper: reaped process 24089 (syz-executor.5), now anon-rss:0kB, file-rss:33796kB, shmem-rss:0kB [ 1917.090946][T24122] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1917.107060][T24122] CPU: 0 PID: 24122 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1917.117210][T24122] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1917.127254][T24122] Call Trace: [ 1917.130542][T24122] dump_stack+0x14a/0x1ce [ 1917.134874][T24122] ? devkmsg_release+0x11c/0x11c [ 1917.139809][T24122] ? show_regs_print_info+0x12/0x12 [ 1917.144994][T24122] ? radix_tree_cpu_dead+0x160/0x160 [ 1917.150255][T24122] ? _raw_spin_lock+0xa1/0x170 [ 1917.155031][T24122] ? _raw_spin_trylock_bh+0x190/0x190 [ 1917.160376][T24122] dump_header+0xdb/0x700 [ 1917.164675][T24122] oom_kill_process+0xd3/0x280 [ 1917.169412][T24122] out_of_memory+0x5b6/0x890 [ 1917.173976][T24122] ? unregister_oom_notifier+0x20/0x20 [ 1917.179420][T24122] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1917.184966][T24122] ? get_page_from_freelist+0x7c0/0x7c0 [ 1917.190505][T24122] ? __zone_watermark_ok+0x91/0x280 [ 1917.195703][T24122] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1917.201074][T24122] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1917.206617][T24122] ? copy_process+0x5a4/0x5110 [ 1917.211376][T24122] ? kmem_cache_alloc+0x1d5/0x260 [ 1917.216394][T24122] copy_process+0x5f3/0x5110 [ 1917.220968][T24122] ? search_process_keyrings_rcu+0x260/0x260 [ 1917.226918][T24122] ? __up_read+0x6f/0x1b0 [ 1917.231218][T24122] ? fork_idle+0x290/0x290 [ 1917.235603][T24122] ? keyctl_keyring_move+0x5a/0x100 [ 1917.240772][T24122] _do_fork+0x196/0x920 [ 1917.244899][T24122] ? __x64_sys_keyctl+0xc0/0xc0 [ 1917.249717][T24122] ? dup_mm+0x300/0x300 [ 1917.253924][T24122] ? ktime_get_raw+0x130/0x130 [ 1917.258783][T24122] __x64_sys_clone+0x25e/0x2c0 [ 1917.263540][T24122] ? __ia32_sys_vfork+0x110/0x110 [ 1917.268556][T24122] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1917.274175][T24122] do_syscall_64+0xcb/0x150 [ 1917.278682][T24122] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1917.284559][T24122] RIP: 0033:0x45d189 [ 1917.288452][T24122] Code: Bad RIP value. [ 1917.292485][T24122] RSP: 002b:00007f76464a2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1917.300862][T24122] RAX: ffffffffffffffda RBX: 0000000000001f40 RCX: 000000000045d189 [ 1917.308802][T24122] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000103 [ 1917.316758][T24122] RBP: 000000000118d0d0 R08: ffffffffffffffff R09: 0000000000000000 [ 1917.324708][T24122] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118d08c [ 1917.332650][T24122] R13: 00007ffd47501b1f R14: 00007f76464a39c0 R15: 000000000118d08c [ 1917.341277][T24122] Mem-Info: [ 1917.344404][T24122] active_anon:1413835 inactive_anon:6774 isolated_anon:0 [ 1917.344404][T24122] active_file:3 inactive_file:12 isolated_file:0 [ 1917.344404][T24122] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1917.344404][T24122] slab_reclaimable:8829 slab_unreclaimable:76924 [ 1917.344404][T24122] mapped:57314 shmem:6853 pagetables:39366 bounce:0 [ 1917.344404][T24122] free:10364 free_pcp:0 free_cma:0 [ 1917.388723][T24122] Node 0 active_anon:5655340kB inactive_anon:27096kB active_file:208kB inactive_file:532kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:229656kB dirty:0kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1917.446439][T24122] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1917.472763][T24122] lowmem_reserve[]: 0 2912 6416 6416 [ 1917.478074][T24122] DMA32 free:18816kB min:4644kB low:7624kB high:10604kB active_anon:2810380kB inactive_anon:3540kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14592kB pagetables:31648kB bounce:0kB free_pcp:504kB local_pcp:0kB free_cma:0kB [ 1917.507156][T24122] lowmem_reserve[]: 0 0 3504 3504 [ 1917.512209][T24122] Normal free:6092kB min:5592kB low:9180kB high:12768kB active_anon:2845696kB inactive_anon:23556kB active_file:64kB inactive_file:64kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32160kB pagetables:125816kB bounce:0kB free_pcp:232kB local_pcp:160kB free_cma:0kB [ 1917.549453][T24122] lowmem_reserve[]: 0 0 0 0 [ 1917.554283][T24122] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1917.567650][T24122] DMA32: 62*4kB (UMEH) 51*8kB (UMEH) 79*16kB (UMEH) 89*32kB (UME) 27*64kB (UME) 30*128kB (UMH) 15*256kB (UM) 4*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 19296kB [ 1917.585077][T24122] Normal: 37*4kB (ME) 42*8kB (UME) 34*16kB (UME) 14*32kB (UME) 41*64kB (UM) 8*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5124kB [ 1917.599454][T24122] 6919 total pagecache pages [ 1917.604034][T24122] 0 pages in swap cache [ 1917.608197][T24122] Swap cache stats: add 0, delete 0, find 0/0 [ 1917.614237][T24122] Free swap = 0kB [ 1917.617937][T24122] Total swap = 0kB [ 1917.621694][T24122] 1965979 pages RAM [ 1917.625464][T24122] 0 pages HighMem/MovableOnly [ 1917.630135][T24122] 318829 pages reserved [ 1917.634296][T24122] 0 pages cma reserved [ 1917.638383][T24122] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=24081,uid=0 [ 1917.652507][T24122] Out of memory: Killed process 24081 (syz-executor.0) total-vm:85480kB, anon-rss:16532kB, file-rss:33736kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1917.672616][ T23] oom_reaper: reaped process 24081 (syz-executor.0), now anon-rss:0kB, file-rss:34140kB, shmem-rss:0kB 22:39:28 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:28 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)={0x5, 0x6, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r1, 0x0, 0x0}, 0x20) vmsplice(r1, &(0x7f0000000400)=[{&(0x7f0000000640)="54dd9ec3ee14955ed117096bc317fc0e4fba3f27aaf944062c790f2a9542ba4b2b2c0fe92cb4ee41fe541dceafc6c84d786313e12cb129255c25e5f8225facb5c71b5a7e24076df1b13024f142add16668876e969fe2f7ba40618aead438d66323362535a27bd37edb119431bf12f1485054aa115ad01898bfb47e74614cfbe05ccd56083a2262357dd1368d06de66250a1158fee846c47a53ca0836d17ce672fee896cdaeb6439b8a0764c23db176352b05ccdcf22d15ec869b7703b68b44e495d618ee7c79e24bd4710500000089ad0fd2c2b0cb5bc2a41f14fc5af27b476de09d032bb58b21ab4bc6636e77866c5d6e546f513c46ef19b06bd1a7588e3e5da8c6418a22a7aa186dd7650b3d598707d99d9a080b771cb8015578f40711406299965afad2cde45d411d818192c4fa66ac3fe38740518332d556a5fcdfa305c9713f33cb7885e8a0076f522241666ebb86e842a5faa1be485381ab469cfcbe78a6b35272b36db073d21fb3a83124afaad8144fd306c2c24a58d744dd7cbc42482878b54c2f0cff33e6afbc118ba555baa97779db3aa8f4ae05631a4cd635698b473115e1248c4a0defe4247c3b8025ccb2671eafd51faac07cad9263b94a896b9298f502f8d5fc22b27b23fe23094ce533db1a656fb58f87a5ccc3f2fa9d42f0057b7c1522c29477c69a8ecf83ee1b", 0x1ef}, {&(0x7f0000000840)="a53f6ce812a173434a04ed722d260382bf7ea7b2c261111abfcac18a4efd6a4baec6ea0f83967c868ee18cac60d9aefaaaea2dbfa85d8e10ff99109b9f53f3fa1286fec98f2df47dbb6893419ac3e76b214ec18ab2c3bc8e01fe891d09f64505f63b21361f754649b5fcccb04dda0c735d2902f57d94e329dcf3ed4878417fac8c9b46a93916a784532151a4e4423c13a1a3bffca6a16bff0144d75ab142bd626b5562c3d7be8facccd09280a74a39b7cdba365811d991810a11c8299af3124d6f5b066a0ca8a8168744cd2e518a1eed67d1976f9ab5875b8865e5dcc5d5cfa8e9e30000000000000000000000000000000059f89f531df9b65ab8d135a9067283c9019ae795e475d1f1cba7c8a0d0", 0x10f}, {&(0x7f0000000200)="e4c6380a656bd9e8652f479861e337199e9839daaf6e23c3dd3effb395dbd67703000000c170e44e8ab7bc62e9a119192ad46d70dba4ee6364d761eddd4b1b189ab688f60b987ed9865f907faf2d5ab4ac5006b7bd65f6624204e7c73f22b7610000000000000000000000ea96488e85a403a84e9f3d2011efc407480124a088d449622a4b52f5a5e88474053cd7fc6117278cebb0b0075874d0482c5227f44ff8fb046d1ac709fbb2c46db7eae823a7d25cd02a3321eeef8d50b418821776939051bf646c92dbc36a54e2a55891d8787fb802ad5991bee1f31a60ed965648681c50310dd1c7206ec49d319242d53be683b56dad73d7146a6e392f205e9a", 0xfe}, {&(0x7f0000000340)="e6f3047eb5ad9af0ddfaa8ba331a8b9af3ca28e10960b10a1c6b8d01b66da12f2e6e8cbe796b973f1875882aab607bdd44fe56e4574a1b6fca07aadf8a86a2696b91e19afea2e89c5cff9dbb37a911b1aed7b25c41ae163ec230b153014e4c1d0438497a8005a6f6a4dd6f6f59488eb53323117aee9d24a75c749e29c0261d77d47f0000000000", 0x87}, {&(0x7f0000000080)="e026278933cdec6ceb146166cb0ae7d62ece902fa87a85ad741a97b5f1d8", 0x1e}], 0x5, 0x9) write$P9_RREADLINK(r0, &(0x7f00000004c0)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) timerfd_gettime(r5, 0x0) ioctl$BLKBSZGET(r5, 0x80081270, &(0x7f0000000480)) 22:39:28 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x7, 0x6, 0x0, 0x0, 0x0, 0x0, 0x853}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$INOTIFY_IOC_SETNEXTWD(0xffffffffffffffff, 0x40044900, 0x9b7) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:28 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() r1 = socket$inet6(0xa, 0x2, 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0) fcntl$lock(r2, 0x24, &(0x7f00000002c0)={0x2, 0x2, 0x0, 0x20, r0}) recvmmsg(r1, &(0x7f0000002bc0), 0x0, 0x100, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40000020, &(0x7f0000000200)={0xa, 0x0, 0x7, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000001540)=[{&(0x7f0000000440)="cf096348d137a0dd890ef9f0da54f46c65dc66067c74239ff63b8baae05cd60354803c0770c5108c583f14c2227ff0479d345e10de50b467bab3b64690d7b640c5fe4d2eb76a16fcef514fb1e84e1f4da549786049783b137d882ba5871744214a4814d41e0c3dd6b9f988140839ed90088fc25c3358947969ed44b96963f758d6da7fb0d3aa8cb1ea285b5d10f80d7048710320eb1170232f27b616877a1355b703f5d66f1cc8d17f1a33c4f6f9313fbb4862b918986c0449e14305fda8c644b6db0b28a68666987dfc098cc93b0fe7bb3abe4b4bcc3019c3ca97fdbb3ca281a56d243213aaeb825433a92ae24d7d66d14ad6e5707f68dd569c0000", 0xfc}, {&(0x7f0000000540)="02918eff753fe50719087ef986ac17e73f925ad66ed495bab3f6c331091f02a67074469a413b14c4dfafa6461c69ec28b7d21b5669e3152c516259af506f062fe4dd1d5f8e3303b05196f88fb8d547f1d8b2e649dee692f81c0b49bf1c6b156b2f7ed682b1ac6d4609c34cd3ffa03fbfef9063ce44bb924fa6036f7338553aeeb1d875d5108dea7ce43d629b7183c60f678aabeea0b96a69ead535b6fb430c196c37be60cf76e6707026106304bcd62768cae72cdf1fa4238c2f1196ae6773f103572d8749f2571daa573c804a03897559e62706b5c5c6a4d69533fc85834c07e891b9b7d11b6b97e7db51bd00de6dbf0e2f871d06888f95f7c1104ece32abb8de49b69c9eda7e46fdcbe09b2364e24a6a0d224e8a9ba2621485b44dbd6971585f1c0757ab01880dca43c6ba3c718e20b1bf5083138cf1703aba89e78792496742b9614eb9ad6944443398b6323b8e82c13bdb730a43afbe41d3ba4b9ea57344c0e2152f1a16876f812a053a99716081d00be4ddfe26cf0c3c454ef6b45c7642136fcc6a3e09cb1fa8e6173195b745818ce53786b36142513698f3a92b493907d466d7daa50acf66593c25e69f4a6359beb6af1faa48b1f9edf951b5ea1c00f771b0dfbc4beb5d7add85b8259ee85503f992198abaa286d086989bf6eaadfbe14c3465d7da5f52788efff0910d7d90bd4f5995d9a2e38c8fc60f9168457bf2c37611245d8d2351611412f5d444c864ea7426ac6fb536478290de0ee699cc2b27014537ac5ab34229c9ad03b1574932ad6846d84116f74d543de40791523a2dcbc33265bea7469f9c5cbc0ebd90b27497e5a98bab249f1ee8ac218a3451e7c490144f3b50b3ef4bc9c7c0cd40f8b68db3d61bb98304b0d03a66455c0e5a9c17d1f617a6261813eaafbce38b6a60a1842e142fc6364e53361d82019568a09ce7295ea945c6b9b61193e72f27ac7e733a12babbafb5c03703ec72a2fb4252b4b692d7953860cb178ebbbc3acd515629dbf087d57f2478dd3b037e4cf9f07bd9d606dc6f682a17a51e6b0ee9330d79b1bc636bf722059145c93d4ec3b5ecd51997fdf40eba64508853fdb5d77296241ba35a8e5e3e037c3146de9126a8a33cb8b96842a1adf5620c53f2d9cc5f58ea2241850d294cec72215718bffca98834a4511b3e21fea95d828e342f8fa20770c0f93bfa4a506c4737db975e6c0bddef3b6b53e09b452986a2e51cb48dbdae9933322f9d379ec6ec5652604f7b0d8aaa690feccfde7364858cbe9b7e2d009980e8bcc891479ab9b20a84246945cb13fdaa08c7e7757d7fe4b7987a501ab8c7a32e1ea865391d4f0969755367a17bc651f2b8fbf5cfebcacb48a7841677dd94b3b336879ebc7237869b24cb000a3081adcc6cef60543fbd2e44fce3ea957d8ea8c05a63ec13f51b8c59f6550402925f57b2b891ca42d1c71061ab237973aa5436387355b3a32e65ac028241f6068d5db22513150b6d1a89efdaac2364494b478c92bbb3fb5c2c6898e9dcda8a75c24a05e5038eb97300264cc499e618af8eb606c561a075d3fba08ce9115543c0f8e7836283704d1ea8dd8f9898f0a9534150a55426df7a8c0bfa5fce2576fbc273567ac55a3474d5e3f9792e7f1b0d522d65d4dc167733a720895bd2e0fb7f86be52d3adb380fbf606420052a6e0e178035bc57241ee717321a21e02a0449cda4e09af68bf33f8a08ad03f55323c1334e2737ddea58f17ae53ef7b9c830dca72863730cb842d9e44e38a4b714ae0af8c75902232fb801f268a8d1164617fe580fe1e2a8feab80d31d9aed29eeddd842bae11d392c5724c79f892ff134d1ec574b6fd09eccb4beaeb04f97d3bbd3f7bc357e3878e159bea8b9293672ade2a6f5d39c620629898226387430db655eac4bd833cfbc2496f85db79926b1601e7aace9b63d09dc256af30384c29e0e6c62cb6561d0226bd11cf8b22250ed577291652f77e085fbd698128826d07b3c0fe425a1a5d78bc4a685dc0c2561ad1473e18b7db610925f8559931517e0bea070f8b218d2e12cde9aecb4b634d79dce9054cec55f39731c52289b69ca745041f54d25a88e83de1975d6a9766762691b582b821bf8cdd8dcb756d8a13d97c3937023aca0b0620ed94167439fe9594cf96b4267a9f723a2bf9e3f69ca56f45a9dfb1999d47a14d49374ff22a81e31747f1547ffff200048b8dba423744c4daa6986395a30969b03f7369075c238b95a207be4aac4504b0f37e75ef2a49c0d7640ec8c0edebe1877bc684ab187e139d040b59ec571cdaefb35313b256a389f317397b5b5423d19c43f376fadd96e44eac22ddccb9140942163cc97fe91511ffbbf9db72629a8310c412b8c5ad911b57e38e4a7405a420437c4a03db5ee70e1ab3b75feea66de2276bc66d2995d1de681c3f4bd083081191963d36cd7328f2e611cc93588e3dfb47bd1040af94b1fc766a7b1a1746b002ad98160b324e90e0a5a6adc3d5e5869369f405fe1d8e136fac5d35b788f91cdfb4d36e8f0d7b7cfee83baf772d29d665e47c196b56173fc471e6ee7c8ce7a7f7090c7c2ff07cfac1384a84048961736fdfa91aa5689627bf615eb462d61bda3a35346c12aeeae76efddf83b64ac03d6836ab749d9c7ab85b2538e3f348be0b16717233d3b685c651b18be190849b69ef6cb426a08dabe8a29d4035fff011512cbe678edd62ffd7131f0ceb9da0249d9b9758b12654117d7c3cdde56838ac29bbe6a85c351b4cf19fd1acce5308f7419fe38ceccfdf55f053241c9a612e890a3d7feac1769e61e1fbbf4fe26c0127a00b384ea70cc1ef9937c85d3be2e5500c455a042692693202b8b03669bd7532a429bff80073ccf5a4aab1ece5c57ab0478fb8614a9e2f6f0d1f59b36cc0d916282fac9d823ada70c8f5dbd240fc64821c6d96aa9ea321f3bf84c9913bc0d615d0e4d9a06ae7c756f32153eecd3c2548ee51fdaa1f882f7b6fa3f99860ef2ce222fa28c94be14cac807b3e9394a931ea337893308f6a3a42e9fe0505ea7c9190605860a8c226fd3868de99a3df6190779c6d7bfa6f68d8d26fc34935a4cba2fa7b016c31d1963a858a6cb526ca364ae6284e8f15cea1519dd154e04aa6a556248eb036ac2d084d9a608fa3dd05bbab24d1315337a09f2682dfe36b5e98f6b5525ba7817261bb54344530a7e12caf261630e322741727f6d60198f2c138ae4480d31c0a6cbdec40fa4d5a9c3f80ddc31953e7a609fcdcd1b403bf5d684cd36ce8926ffa7fcf7333014e753b99fe3d44e127b9c5ead34fae0362af06a765998aa17d642ba7eb4d38d3f035ee44ab530787187e7cefac9d35573798c700b1a222abdb574502a93c1742ea1b002e50e9e949c1d6ce9758585dc8ab69b7ee0ac1d3085018f4ad9be58279075be4f381776438876965ddd8b2a3f7f9a1291da768c303e77b16959fd7ffff91d021fe977ae77c35b036d9447f8121f4874c39dd15f6884e5ffa03b36a1c09f9f78dc33eef63613aff236a7fe48e14ec121a856e8a5714143ee579d72d4a0f257c24a15d8807077e1a0f1050c3bb2c47653c937fcdd3c3b2c83bd49b6c3973533d76d82a705a6d3bb9c567a1d939329a1e066b9388d405b9367493d9db31c10728dcf8c97a5d77261259bcf56dd415fc0dc51e050064e5ed5f086df7953f473b2b0c428a4be996e7d869513a547f3a8ca06c58022085abb1d7767d627992da01e885adc52b53693b94b98fa0d9ac246244ce6dee29ff11786d7350d133c825bd863bf7eb6f43f075e6c29350bdd842fdd1ec20b4588c341d610acfc49f0996194c8ff65acdb0b155e426361ecf536ea38b6982edc45d09775e7981bb902c029d331be0e30fff2900e290896eedac0608fefc7740cf7fc3ba9aa8e5907c1cf7f285b5fae6fe02f381903854e2afffbad26fb1c86cff838209eb4ce0a68b494598fd8c07c9cab3fc1141de0a75ec0a0bc833881c7d8094e91e7166f270ef7399c23efc0c273eada6360d6d1432ff5e10a5738674ee7fccb91ea785ba7849a11a45a4eff2cd2b1695c80fd42095ee6c40df2eec45f0cfcbbdb3f245263d7a4fcc9429e0ec35c63ad89258e07259342d96995f50d1813114e6d836138803d4dafa9a9dddcdab320b27cb3e5847a07f372bd4c42ea1917511c154a08eaee08891c978ec169873bbdfa4b29a50b76df9f6402fe04c41997c798c089ae6d07235123e8aa4b9ba6bd60d1edf45f5d2da1859d86b542126a1b6174f41f58f2b6ff067b461ecf17deea408072d1f778097337416981ca25c63a902e96e9826d82ce1af918af46d4943537cb8323fc4906028ad3ecde536691cc052025c0c44917492f6030255f7c60be1e1cfe841dbe5d7fe0360abddc36a977e52c2e41c8745427d0e838dc914e4fdf6864bd32eb7d57e3375e97f82386fbfa1efc85e04e36f8cce62bf7e560616b54a3d0677785ae6ff76adeaeb9b9473750acbf40f07ebb94e8bf635be75581a4cdfa83af832f309f6d7ead7085fbbe2cd0f18f887d3ac4fdcdfc67356e106b8ec7b0cf99abef2c80360c31d6ae44418b8f866917b2917b331ffd4f828b48e116dece6b420c22a87a91f5a74825912a7e36be7868c5396c606a23e175fa74c0c95e5a78c360488dfe9483364854e0da6d67ad9256838ef3b20a1ca8d622813fd29135b57cd95ce44a78050531cf4775a0ea05cf316acc180218c2a4b71e9c619781cea53e4ec95b37f2198fe01fecc37968ba49c6990276c62f4f6f6e560d7aa699972d3531d7069f54237e1f33f9280e3817990371f0f5e61c7790ee70c890239739d00093c0f595c97d92af3077283964a335b78dd6bcad673106f28e8a7bcb223b001017d1c1eb9ac9c9ba845ea47991998c7e17ded6b5398f22f7bf751890ee3a5e1085bf3413d481fa6a14226f687b739bfecdfe43043522c58474ad17adef3d1f9e95b9c71e75e956d5779860f4381d2bfeb344b2d5b8319f4116026bddaef93b3c5e49a36463dcd12db8d48de82a7a7fc2dc5b269687b11ab519be78062b51f8cc0b8f05c3517e1f96eaf69ac79a2a064f2b365417ab9bedaf7d6aee3311bbf3c390c7e9c987a64969f920f67d08f6c2b48731804a4e6d6faebf37cbbdc9e93d2bbe111bf9fd70a8e1288bd3a546b82e06c79f59d4ba5d4c2d66089d5d46039abd0fcb06f860e0547f41e75a6c28c75f90c4ece84eb529bdb7feacd7e65781a1c9d54c342c9d9d3bc4dec523f3a04e6941d88c35f9cc7302965bc29e83d20646cf599536b9fc88172b1b467102afdac03e5eccb80109f089efca858dc41c4beb03846c6e4a7f13d18f3dbbe4784aae7e000d515eafddd9454e3b093d2efecbbcbf1de3d4105455a2153cd42f3cdf3e71a86713376160db024f4e245355a8fa041ba208db5c92b987b8f96b49f79c8479ab5d86c215b090f0aaefdc1d6995f57c0261c3a0e60d42e4133097e924e19a24b8fd0d2843ed691c33dec9fa44d781ca330d153014cd74b5b48f8995236b5c4fb0baa1d326069656db72585e74eafc350763abe9d1d9cf8f1b74dba977631545058927cd1fcb0597630ba37eec3acdf59e5a2024ea584519cd94c22630a0a1484adc4c02637bfcfb91d2497bcd8acd839b18ef2b8a1d3a92368f73d0d69b6b09c8c05f7b53218d7697e3bb6a184c7feb640f5452718e9cafba56f2cef277520368da3119c57b86165009b97706a34abe85e1df3ce9799793c9acef72ceb87b49d48de4a90daf775d619a45650d772d4f0767ab371bf36", 0x1000}], 0x2, 0x1) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000300)=""/175, 0xaf}], 0x1, 0x0, 0x0) getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, &(0x7f0000000040)={&(0x7f0000ffb000/0x3000)=nil, 0x3000}, &(0x7f0000000400)=0x10) 22:39:28 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:28 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x8) 22:39:28 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x9) 22:39:28 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:28 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() timerfd_gettime(0xffffffffffffffff, 0x0) ioctl$CHAR_RAW_GETSIZE64(0xffffffffffffffff, 0x80081272, &(0x7f0000000280)) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:28 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1918.668223][T24134] syz-executor.5 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1918.696206][T24134] CPU: 1 PID: 24134 Comm: syz-executor.5 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1918.706371][T24134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1918.716412][T24134] Call Trace: [ 1918.719684][T24134] dump_stack+0x14a/0x1ce [ 1918.723980][T24134] ? devkmsg_release+0x11c/0x11c [ 1918.728886][T24134] ? show_regs_print_info+0x12/0x12 [ 1918.734050][T24134] ? radix_tree_cpu_dead+0x160/0x160 [ 1918.739305][T24134] ? _raw_spin_lock+0xa1/0x170 [ 1918.744036][T24134] ? _raw_spin_trylock_bh+0x190/0x190 [ 1918.749376][T24134] dump_header+0xdb/0x700 [ 1918.753676][T24134] oom_kill_process+0xd3/0x280 [ 1918.760317][T24134] out_of_memory+0x5b6/0x890 [ 1918.764890][T24134] ? unregister_oom_notifier+0x20/0x20 [ 1918.770319][T24134] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1918.775836][T24134] ? get_page_from_freelist+0x7c0/0x7c0 [ 1918.781350][T24134] ? __zone_watermark_ok+0x91/0x280 [ 1918.786519][T24134] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1918.791861][T24134] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1918.797375][T24134] ? copy_process+0x5a4/0x5110 [ 1918.802107][T24134] ? kmem_cache_alloc+0x1d5/0x260 [ 1918.807100][T24134] copy_process+0x5f3/0x5110 [ 1918.811660][T24134] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1918.817348][T24134] ? _raw_spin_lock+0xa1/0x170 [ 1918.822081][T24134] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1918.827943][T24134] ? __lru_cache_add+0x1a1/0x1f0 [ 1918.832848][T24134] ? fork_idle+0x290/0x290 [ 1918.837233][T24134] _do_fork+0x196/0x920 [ 1918.841356][T24134] ? finish_fault+0x230/0x230 [ 1918.845999][T24134] ? up_write+0xa1/0x190 [ 1918.850214][T24134] ? dup_mm+0x300/0x300 [ 1918.854338][T24134] __x64_sys_clone+0x25e/0x2c0 [ 1918.859115][T24134] ? __ia32_sys_vfork+0x110/0x110 [ 1918.864110][T24134] ? do_user_addr_fault+0x55c/0x9f0 [ 1918.869278][T24134] do_syscall_64+0xcb/0x150 [ 1918.873763][T24134] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1918.879626][T24134] RIP: 0033:0x45fb59 [ 1918.883490][T24134] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1918.903149][T24134] RSP: 002b:00007ffd6eaa9058 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1918.911527][T24134] RAX: ffffffffffffffda RBX: 00007f3e1612d700 RCX: 000000000045fb59 [ 1918.919480][T24134] RDX: 00007f3e1612d9d0 RSI: 00007f3e1612cdb0 RDI: 00000000003d0f00 [ 1918.927424][T24134] RBP: 00007ffd6eaa9280 R08: 00007f3e1612d700 R09: 00007f3e1612d700 [ 1918.935365][T24134] R10: 00007f3e1612d9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1918.943489][T24134] R13: 00007ffd6eaa910f R14: 00007f3e1612d9c0 R15: 000000000118cfec [ 1918.955687][T24134] Mem-Info: [ 1918.959061][T24134] active_anon:1413969 inactive_anon:6774 isolated_anon:0 [ 1918.959061][T24134] active_file:110 inactive_file:246 isolated_file:58 [ 1918.959061][T24134] unevictable:0 dirty:2 writeback:0 unstable:0 [ 1918.959061][T24134] slab_reclaimable:8828 slab_unreclaimable:76599 [ 1918.959061][T24134] mapped:57590 shmem:6853 pagetables:39490 bounce:0 [ 1918.959061][T24134] free:10009 free_pcp:185 free_cma:0 [ 1918.997054][T24134] Node 0 active_anon:5655876kB inactive_anon:27096kB active_file:440kB inactive_file:1084kB unevictable:0kB isolated(anon):0kB isolated(file):240kB mapped:230360kB dirty:8kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1919.021559][T24134] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1919.047798][T24134] lowmem_reserve[]: 0 2912 6416 6416 [ 1919.053385][T24134] DMA32 free:18164kB min:4644kB low:7624kB high:10604kB active_anon:2812316kB inactive_anon:3540kB active_file:164kB inactive_file:36kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14688kB pagetables:31848kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 1919.090095][T24134] lowmem_reserve[]: 0 0 3504 3504 [ 1919.106599][T24134] Normal free:5464kB min:5592kB low:9180kB high:12768kB active_anon:2844012kB inactive_anon:23556kB active_file:480kB inactive_file:648kB unevictable:0kB writepending:8kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32192kB pagetables:126112kB bounce:0kB free_pcp:844kB local_pcp:16kB free_cma:0kB [ 1919.136256][T24134] lowmem_reserve[]: 0 0 0 0 [ 1919.141048][T24134] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1919.154909][T24134] DMA32: 11*4kB (UMEH) 31*8kB (UMEH) 17*16kB (UEH) 96*32kB (UME) 27*64kB (UME) 30*128kB (UMH) 15*256kB (UM) 4*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 18164kB [ 1919.173152][T24134] Normal: 38*4kB (UME) 28*8kB (UME) 34*16kB (UME) 44*32kB (UME) 39*64kB (UM) 5*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5464kB [ 1919.188036][T24134] 7160 total pagecache pages [ 1919.193053][T24134] 0 pages in swap cache [ 1919.197668][T24134] Swap cache stats: add 0, delete 0, find 0/0 [ 1919.204170][T24134] Free swap = 0kB [ 1919.208321][T24134] Total swap = 0kB [ 1919.212477][T24134] 1965979 pages RAM [ 1919.226680][T24134] 0 pages HighMem/MovableOnly [ 1919.233814][T24134] 318829 pages reserved [ 1919.243940][T24134] 0 pages cma reserved [ 1919.253002][T24134] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=24022,uid=0 [ 1919.285974][T24134] Out of memory: Killed process 24022 (syz-executor.4) total-vm:85480kB, anon-rss:10024kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 1919.309532][ T23] oom_reaper: reaped process 24022 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1919.584918][ T368] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 1919.597379][ T368] CPU: 1 PID: 368 Comm: syz-executor.1 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1919.607344][ T368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1919.617389][ T368] Call Trace: [ 1919.620684][ T368] dump_stack+0x14a/0x1ce [ 1919.625013][ T368] ? devkmsg_release+0x11c/0x11c [ 1919.629945][ T368] ? show_regs_print_info+0x12/0x12 [ 1919.635134][ T368] ? radix_tree_cpu_dead+0x160/0x160 [ 1919.640408][ T368] ? _raw_spin_lock+0xa1/0x170 [ 1919.645172][ T368] ? _raw_spin_trylock_bh+0x190/0x190 [ 1919.650547][ T368] dump_header+0xdb/0x700 [ 1919.654878][ T368] oom_kill_process+0xd3/0x280 [ 1919.659650][ T368] out_of_memory+0x5b6/0x890 [ 1919.664288][ T368] ? unregister_oom_notifier+0x20/0x20 [ 1919.669764][ T368] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1919.675308][ T368] ? get_page_from_freelist+0x7c0/0x7c0 [ 1919.680847][ T368] ? __zone_watermark_ok+0x91/0x280 [ 1919.686039][ T368] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1919.691406][ T368] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1919.696948][ T368] ? copy_process+0x5a4/0x5110 [ 1919.701706][ T368] ? kmem_cache_alloc+0x1d5/0x260 [ 1919.708814][ T368] copy_process+0x5f3/0x5110 [ 1919.713409][ T368] ? _raw_spin_unlock+0x5/0x20 [ 1919.718168][ T368] ? do_swap_page+0x1560/0x1560 [ 1919.723011][ T368] ? fork_idle+0x290/0x290 [ 1919.727418][ T368] _do_fork+0x196/0x920 [ 1919.731551][ T368] ? finish_fault+0x230/0x230 [ 1919.736211][ T368] ? dup_mm+0x300/0x300 [ 1919.740353][ T368] ? ktime_get_raw+0x130/0x130 [ 1919.745091][ T368] __x64_sys_clone+0x25e/0x2c0 [ 1919.749843][ T368] ? __ia32_sys_vfork+0x110/0x110 [ 1919.754847][ T368] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1919.760453][ T368] ? do_user_addr_fault+0x55c/0x9f0 [ 1919.765620][ T368] do_syscall_64+0xcb/0x150 [ 1919.770099][ T368] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1919.775960][ T368] RIP: 0033:0x45b75a [ 1919.779826][ T368] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 1919.799397][ T368] RSP: 002b:00007ffc481612a0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1919.807775][ T368] RAX: ffffffffffffffda RBX: 00007ffc481612a0 RCX: 000000000045b75a [ 1919.815716][ T368] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1919.823670][ T368] RBP: 00007ffc481612e0 R08: 0000000000000001 R09: 000000000233c940 [ 1919.831613][ T368] R10: 000000000233cc10 R11: 0000000000000246 R12: 0000000000000001 [ 1919.839556][ T368] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffc48161330 [ 1919.856312][ T368] Mem-Info: [ 1919.859802][ T368] active_anon:1413135 inactive_anon:6774 isolated_anon:0 [ 1919.859802][ T368] active_file:0 inactive_file:336 isolated_file:47 [ 1919.859802][ T368] unevictable:0 dirty:3 writeback:11 unstable:0 [ 1919.859802][ T368] slab_reclaimable:8828 slab_unreclaimable:76646 [ 1919.859802][ T368] mapped:57369 shmem:6853 pagetables:39442 bounce:0 [ 1919.859802][ T368] free:10529 free_pcp:531 free_cma:0 [ 1919.897857][ T368] Node 0 active_anon:5654040kB inactive_anon:27096kB active_file:200kB inactive_file:1912kB unevictable:0kB isolated(anon):0kB isolated(file):60kB mapped:230476kB dirty:12kB writeback:44kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1919.922799][ T368] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1919.953386][ T368] lowmem_reserve[]: 0 2912 6416 6416 [ 1919.958863][ T368] DMA32 free:18964kB min:4644kB low:7624kB high:10604kB active_anon:2810264kB inactive_anon:3540kB active_file:580kB inactive_file:768kB unevictable:0kB writepending:16kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14624kB pagetables:31744kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1919.988309][ T368] lowmem_reserve[]: 0 0 3504 3504 [ 1919.993715][ T368] Normal free:5436kB min:5592kB low:9180kB high:12768kB active_anon:2844920kB inactive_anon:23556kB active_file:0kB inactive_file:116kB unevictable:0kB writepending:40kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32224kB pagetables:126024kB bounce:0kB free_pcp:888kB local_pcp:248kB free_cma:0kB [ 1920.023371][ T368] lowmem_reserve[]: 0 0 0 0 [ 1920.028542][ T368] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1920.041871][ T368] DMA32: 56*4kB (MEH) 17*8kB (MEH) 17*16kB (MEH) 102*32kB (UME) 27*64kB (UME) 30*128kB (UMH) 15*256kB (UM) 4*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 18424kB [ 1920.058336][ T368] Normal: 37*4kB (UE) 36*8kB (UE) 27*16kB (UE) 39*32kB (ME) 39*64kB (UM) 5*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5252kB [ 1920.072439][ T368] 6919 total pagecache pages [ 1920.077030][ T368] 0 pages in swap cache [ 1920.081176][ T368] Swap cache stats: add 0, delete 0, find 0/0 [ 1920.087328][ T368] Free swap = 0kB [ 1920.091045][ T368] Total swap = 0kB [ 1920.094749][ T368] 1965979 pages RAM [ 1920.098566][ T368] 0 pages HighMem/MovableOnly [ 1920.103231][ T368] 318829 pages reserved [ 1920.107499][ T368] 0 pages cma reserved [ 1920.111568][ T368] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=24142,uid=0 [ 1920.125785][ T368] Out of memory: Killed process 24142 (syz-executor.0) total-vm:85348kB, anon-rss:16480kB, file-rss:33736kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1920.147299][ T23] oom_reaper: reaped process 24142 (syz-executor.0), now anon-rss:0kB, file-rss:33900kB, shmem-rss:0kB 22:39:30 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xa) 22:39:30 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:30 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:31 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xb) 22:39:31 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:31 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x94], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:31 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:32 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) close(0xffffffffffffffff) ioctl$TIOCL_SETVESABLANK(0xffffffffffffffff, 0x541c, &(0x7f0000000280)) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:32 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) mlock(&(0x7f0000ffc000/0x1000)=nil, 0x1000) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:32 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xc) 22:39:32 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000680)=[{&(0x7f0000000740)="aec372cbb3600128c31b2375357daf6832bd3445d040ac4a003f2b9a513c4e4d853470ce18957d086bff5e7baaa67d2764e30c80e69c12533b1abe726b23037a7b824549c4d1cf1758f19c00ce621c07304af7a6c458ee9c17208f3966a7d63e8da8cdc3039fbc5506bea9bcd9edbc3e0570db4993eccf3198d8842877efb6972da7ba92c34eefe7097ca4dfbb2a32d60c3c53b2efdab00b08e49b1ee162f2d433e664ed7f851e8988ca31c6eaff88cbf2e9c18f7cafc22365381462bbcf70ec32bdec439bd853210a6cd50717", 0xcd}, {&(0x7f0000000140)="bc37c3e361aec22e84cff27f466e278c8ecb5ef1f7811e37ec0741b011113375bd8f7a3df226e85ac5341e07f081c9064236416888ead40591fdbb91a090b95da18dec1d91a2b9ec11c7c21272e816a14c79c1504b6cb177fb6d5b51fd2f28993199860ba381672984f4c7ac95fbd8c3ff7ac89abf751e7dea0734bef431d73d57bb85c0daa6b4f1391701ef", 0x8c}, {&(0x7f0000000200)="dbd72c47b195eb607f59569db56508db99f56fd8e29e6888cbb6e78c07a49405cc05bab314d59a354c30f55134b328979d4390d51c3e3d6320ce2167a0a0ef2b06497101dec5c976e302ba9f7525d4df36420f8f488b2cc463a2511b6bdd63e29b6e7eaa514ed62f0ffaa49ff5758ec83d35bc38c4442330f038c7f272b637162f726cf3d46f", 0x86}, {&(0x7f0000000040)="d8fb48ceb9ee63d592f1e5abc82debaa7e1d1c22d59e5c4065a1b4f679734bb50c2c52cddc0f2c8982efc9a421d27340972af3be89758cdb101cb0eb409bee9e20ece2278127779e47193db44be9afa27d77e97074c0c3a05fcb27558f929c9e08884de298e68512a2e0c0b591123fa10156f1ca0682b67c40ff0925", 0x7c}, {&(0x7f00000002c0)="a4b6416002142fc35a243a5793038b914903cd5bd98c616af2c0825b8992a6c0fc9bfe14de2e98e3fdc70927cedbde96e7119dac3b1dd7d0e8515c12ed93d2ceb5df338efa7b63597fe9efc992b63d482ee6af13303406c7fa9730a6e690f3491594af23e38c4b277fcd01c07f8c345ae57ca8177709e0fd026d561bd3239b8012240dee5cb41c7917dd2ef056dd9783d6d8a9267cefa8def1b994e015b1b228897377471255fe3aba370ebd6676de94db042e9b1fd4cfed", 0xb8}, {&(0x7f0000000380)="b73093cae2c17dbeb11ed484024913d3ff119a02ca726d136c2896a8b40569a60b343569209ba9be27fb82a8358030da091a7c78ec61d326903d6462ecc749e44848a06618d09fbde7925ac0e057092d1d9bc7b6e7ca6b7853d2ea2ad00fd4e68ba2ffb4038cb65e1f", 0x69}, {&(0x7f0000000400)="fa9b8b478dfe0afad045f063abaada075ce37790a4e743fa5b80ee455ca16df51427a3d71ced9447c307cce0221d34013f31ac31a05f7e17bda285836579390fa0bd6a7012454f18befffd20b7c77791182d3a8116951ac2818bdaceddcb9fa17d41924273591187bb4e348cad8f4bdf22c388de0cb51f537b8590781e4b50cede210149dc6c417515cadb8fe22476379aa939e2600b3da6ed8f7fa42411ad9d0d23ceb62dfc53c4bb1a896f316756eab374b606a8", 0xb5}, {&(0x7f00000004c0)="7fa26eb6e12616f97e47f74e51d36120139fb9c6e1fd99dee99b21e4d1828dc82df88d25f46d4d90ec6fb712896a1b13a6b0fb927b7007e79bf073b9195d37b65508b64d9fd4fa62c81728119ad68cae5780049fcf9318cc555a66b39c1d90a698d8ce3e4644915f1afec3374636f9829c5dd6e010632323715527adfc1ae84cec79482de3374cf75c646c03c4a3eb0f60c170e05cf2dba301613fc5f9a5", 0x9e}, {&(0x7f0000000580)="5afe11ffe6605b8ee036624ff274b0a99328870afa", 0x15}, {&(0x7f00000005c0)="cf9da52f062cdf3c9b81c28628f3a55f0bb35271c3f368826135a4a8525217c97651a7306d5f8a8baa7afe726e709eb768abf962ed40988b6a37971b2ef2aba07a79e98a5197d3d6e02878cbe683d00291a2a65d85059b74584b9432d0cef5ea37dcd864028689a9871601d836fbd49920aadf4a476122a332272944c93c3aa169d86f421c34fdd523", 0x89}], 0xa, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:39:32 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:32 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:32 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:32 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xd) 22:39:32 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xe) [ 1921.893207][T24207] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1921.934068][T24207] CPU: 1 PID: 24207 Comm: syz-executor.3 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1921.944227][T24207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1921.954273][T24207] Call Trace: [ 1921.957567][T24207] dump_stack+0x14a/0x1ce [ 1921.961893][T24207] ? devkmsg_release+0x11c/0x11c [ 1921.966821][T24207] ? show_regs_print_info+0x12/0x12 [ 1921.972009][T24207] ? radix_tree_cpu_dead+0x160/0x160 [ 1921.977290][T24207] ? _raw_spin_lock+0xa1/0x170 [ 1921.982134][T24207] ? _raw_spin_trylock_bh+0x190/0x190 [ 1921.987501][T24207] dump_header+0xdb/0x700 [ 1921.991828][T24207] oom_kill_process+0xd3/0x280 [ 1921.996582][T24207] out_of_memory+0x5b6/0x890 [ 1922.001163][T24207] ? unregister_oom_notifier+0x20/0x20 [ 1922.006613][T24207] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1922.012151][T24207] ? get_page_from_freelist+0x7c0/0x7c0 [ 1922.017689][T24207] ? __zone_watermark_ok+0x91/0x280 [ 1922.022883][T24207] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1922.028255][T24207] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1922.033802][T24207] ? copy_process+0x5a4/0x5110 [ 1922.038645][T24207] ? copy_process+0x5a4/0x5110 [ 1922.043403][T24207] ? kmem_cache_alloc+0x1d5/0x260 [ 1922.048518][T24207] copy_process+0x5f3/0x5110 [ 1922.053111][T24207] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1922.058826][T24207] ? _raw_spin_lock+0xa1/0x170 [ 1922.063589][T24207] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1922.069388][T24207] ? __lru_cache_add+0x1a1/0x1f0 [ 1922.074320][T24207] ? fork_idle+0x290/0x290 [ 1922.078733][T24207] _do_fork+0x196/0x920 [ 1922.082885][T24207] ? finish_fault+0x230/0x230 [ 1922.087555][T24207] ? up_write+0xa1/0x190 [ 1922.091791][T24207] ? dup_mm+0x300/0x300 [ 1922.095952][T24207] __x64_sys_clone+0x25e/0x2c0 [ 1922.100711][T24207] ? __ia32_sys_vfork+0x110/0x110 [ 1922.105820][T24207] ? do_user_addr_fault+0x55c/0x9f0 [ 1922.111023][T24207] do_syscall_64+0xcb/0x150 [ 1922.117785][T24207] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1922.123670][T24207] RIP: 0033:0x45fb59 [ 1922.127641][T24207] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1922.147324][T24207] RSP: 002b:00007ffdc5ab0428 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1922.155730][T24207] RAX: ffffffffffffffda RBX: 00007fde32b10700 RCX: 000000000045fb59 [ 1922.163690][T24207] RDX: 00007fde32b109d0 RSI: 00007fde32b0fdb0 RDI: 00000000003d0f00 [ 1922.171654][T24207] RBP: 00007ffdc5ab0650 R08: 00007fde32b10700 R09: 00007fde32b10700 [ 1922.179621][T24207] R10: 00007fde32b109d0 R11: 0000000000000202 R12: 0000000000000000 [ 1922.188534][T24207] R13: 00007ffdc5ab04df R14: 00007fde32b109c0 R15: 000000000118cfec [ 1922.325994][T24207] Mem-Info: [ 1922.329881][T24207] active_anon:1412341 inactive_anon:6774 isolated_anon:0 [ 1922.329881][T24207] active_file:409 inactive_file:325 isolated_file:32 [ 1922.329881][T24207] unevictable:1 dirty:0 writeback:10 unstable:0 [ 1922.329881][T24207] slab_reclaimable:8827 slab_unreclaimable:76800 [ 1922.329881][T24207] mapped:57948 shmem:6853 pagetables:39565 bounce:0 [ 1922.329881][T24207] free:11038 free_pcp:1 free_cma:0 [ 1922.375154][T24207] Node 0 active_anon:5649364kB inactive_anon:27096kB active_file:1368kB inactive_file:1252kB unevictable:4kB isolated(anon):0kB isolated(file):128kB mapped:231792kB dirty:0kB writeback:40kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1922.477049][T24207] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1922.574603][T24207] lowmem_reserve[]: 0 2912 6416 6416 [ 1922.581184][T24207] DMA32 free:24328kB min:4644kB low:7624kB high:10604kB active_anon:2804216kB inactive_anon:3540kB active_file:20kB inactive_file:176kB unevictable:4kB writepending:0kB present:3129332kB managed:2983768kB mlocked:4kB kernel_stack:15136kB pagetables:31952kB bounce:0kB free_pcp:1720kB local_pcp:316kB free_cma:0kB [ 1922.612174][T24207] lowmem_reserve[]: 0 0 3504 3504 [ 1922.618920][T24207] Normal free:16240kB min:13784kB low:17372kB high:20960kB active_anon:2830204kB inactive_anon:23556kB active_file:1396kB inactive_file:1388kB unevictable:0kB writepending:20kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32192kB pagetables:126140kB bounce:0kB free_pcp:1960kB local_pcp:528kB free_cma:0kB [ 1922.650994][T24207] lowmem_reserve[]: 0 0 0 0 [ 1922.682204][T24207] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB 22:39:33 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/loop-control\x00', 0x32600, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1922.757469][T24207] DMA32: 69*4kB (UMEH) 78*8kB (UMEH) 60*16kB (UMEH) 85*32kB (UMEH) 27*64kB (UME) 30*128kB (UMH) 15*256kB (UM) 4*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 19108kB [ 1922.774857][T24207] Normal: 243*4kB (UMEH) 318*8kB (UME) 318*16kB (UME) 113*32kB (UME) 36*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 14524kB [ 1922.805768][T24207] 8359 total pagecache pages [ 1922.810543][T24207] 0 pages in swap cache [ 1922.814863][T24207] Swap cache stats: add 0, delete 0, find 0/0 [ 1922.821429][T24207] Free swap = 0kB [ 1922.836065][T24207] Total swap = 0kB [ 1922.839995][T24207] 1965979 pages RAM [ 1922.844675][T24207] 0 pages HighMem/MovableOnly [ 1922.851575][T24207] 318829 pages reserved [ 1922.873389][T24207] 0 pages cma reserved [ 1922.894451][T24207] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=7725,uid=0 [ 1922.914122][T24207] Out of memory: Killed process 7725 (syz-executor.2) total-vm:85348kB, anon-rss:9972kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 22:39:33 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1923.203748][T24190] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1923.240439][T24190] CPU: 0 PID: 24190 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1923.250600][T24190] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1923.260630][T24190] Call Trace: [ 1923.263898][T24190] dump_stack+0x14a/0x1ce [ 1923.268196][T24190] ? devkmsg_release+0x11c/0x11c [ 1923.273102][T24190] ? show_regs_print_info+0x12/0x12 [ 1923.278269][T24190] ? radix_tree_cpu_dead+0x160/0x160 [ 1923.283523][T24190] ? _raw_spin_lock+0xa1/0x170 [ 1923.288261][T24190] ? _raw_spin_trylock_bh+0x190/0x190 [ 1923.293604][T24190] dump_header+0xdb/0x700 [ 1923.297904][T24190] oom_kill_process+0xd3/0x280 [ 1923.302647][T24190] out_of_memory+0x5b6/0x890 [ 1923.307206][T24190] ? unregister_oom_notifier+0x20/0x20 [ 1923.312637][T24190] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1923.318153][T24190] ? get_page_from_freelist+0x7c0/0x7c0 [ 1923.323668][T24190] ? __zone_watermark_ok+0x91/0x280 [ 1923.328844][T24190] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1923.334184][T24190] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1923.339701][T24190] ? copy_process+0x5a4/0x5110 [ 1923.344444][T24190] ? kmem_cache_alloc+0x1d5/0x260 [ 1923.349437][T24190] copy_process+0x5f3/0x5110 [ 1923.354029][T24190] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1923.359728][T24190] ? _raw_spin_lock+0xa1/0x170 [ 1923.364465][T24190] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1923.370255][T24190] ? __lru_cache_add+0x1a1/0x1f0 [ 1923.375173][T24190] ? fork_idle+0x290/0x290 [ 1923.379992][T24190] _do_fork+0x196/0x920 [ 1923.384117][T24190] ? finish_fault+0x230/0x230 [ 1923.388776][T24190] ? up_write+0xa1/0x190 [ 1923.392988][T24190] ? dup_mm+0x300/0x300 [ 1923.397112][T24190] __x64_sys_clone+0x25e/0x2c0 [ 1923.401846][T24190] ? __ia32_sys_vfork+0x110/0x110 [ 1923.407380][T24190] ? do_user_addr_fault+0x55c/0x9f0 [ 1923.412546][T24190] do_syscall_64+0xcb/0x150 [ 1923.417019][T24190] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1923.422878][T24190] RIP: 0033:0x45fb59 [ 1923.426745][T24190] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1923.446331][T24190] RSP: 002b:00007ffd47501a68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1923.454720][T24190] RAX: ffffffffffffffda RBX: 00007f7646482700 RCX: 000000000045fb59 [ 1923.462661][T24190] RDX: 00007f76464829d0 RSI: 00007f7646481db0 RDI: 00000000003d0f00 [ 1923.470601][T24190] RBP: 00007ffd47501c90 R08: 00007f7646482700 R09: 00007f7646482700 [ 1923.478542][T24190] R10: 00007f76464829d0 R11: 0000000000000202 R12: 0000000000000000 [ 1923.486482][T24190] R13: 00007ffd47501b1f R14: 00007f76464829c0 R15: 000000000118d12c [ 1923.506124][T24190] Mem-Info: [ 1923.509612][T24190] active_anon:1409390 inactive_anon:6774 isolated_anon:0 [ 1923.509612][T24190] active_file:446 inactive_file:473 isolated_file:63 [ 1923.509612][T24190] unevictable:0 dirty:47 writeback:3 unstable:0 [ 1923.509612][T24190] slab_reclaimable:8826 slab_unreclaimable:76637 [ 1923.509612][T24190] mapped:58142 shmem:6853 pagetables:39409 bounce:0 [ 1923.509612][T24190] free:14272 free_pcp:62 free_cma:0 [ 1923.548147][T24190] Node 0 active_anon:5637560kB inactive_anon:27096kB active_file:1784kB inactive_file:1892kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:232568kB dirty:88kB writeback:112kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1923.574596][T24190] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1923.603123][T24190] lowmem_reserve[]: 0 2912 6416 6416 [ 1923.624206][T24190] DMA32 free:18532kB min:4644kB low:7624kB high:10604kB active_anon:2810100kB inactive_anon:3540kB active_file:972kB inactive_file:1084kB unevictable:0kB writepending:60kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14784kB pagetables:31716kB bounce:0kB free_pcp:680kB local_pcp:400kB free_cma:0kB [ 1923.674573][T24190] lowmem_reserve[]: 0 0 3504 3504 [ 1923.680992][T24190] Normal free:22044kB min:21976kB low:25564kB high:29152kB active_anon:2828468kB inactive_anon:23556kB active_file:300kB inactive_file:288kB unevictable:0kB writepending:140kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32128kB pagetables:125920kB bounce:0kB free_pcp:244kB local_pcp:244kB free_cma:0kB [ 1923.744974][T24190] lowmem_reserve[]: 0 0 0 0 [ 1923.749573][T24190] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1923.762902][T24190] DMA32: 5*4kB (MEH) 40*8kB (UEH) 40*16kB (UMEH) 79*32kB (UMEH) 30*64kB (UME) 30*128kB (UMH) 15*256kB (UM) 4*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 18228kB [ 1923.779332][T24190] Normal: 91*4kB (UMEH) 359*8kB (UME) 436*16kB (UME) 221*32kB (UME) 44*64kB (M) 5*128kB (M) 3*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 21508kB [ 1923.794662][T24190] 7135 total pagecache pages [ 1923.799257][T24190] 0 pages in swap cache [ 1923.803392][T24190] Swap cache stats: add 0, delete 0, find 0/0 [ 1923.809458][T24190] Free swap = 0kB [ 1923.813158][T24190] Total swap = 0kB [ 1923.816894][T24190] 1965979 pages RAM [ 1923.820679][T24190] 0 pages HighMem/MovableOnly [ 1923.825323][T24190] 318829 pages reserved [ 1923.829474][T24190] 0 pages cma reserved 22:39:34 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x10) [ 1923.833530][T24190] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=24190,uid=0 [ 1923.847619][T24190] Out of memory: Killed process 24190 (syz-executor.0) total-vm:85480kB, anon-rss:9956kB, file-rss:34808kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 1923.868147][ T23] oom_reaper: reaped process 24190 (syz-executor.0), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB 22:39:34 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x11) 22:39:34 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:34 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:34 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:34 executing program 5: r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/key-users\x00', 0x0, 0x0) getsockopt$inet_buf(r0, 0x0, 0x27, &(0x7f0000000080), &(0x7f0000000140)) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) timerfd_gettime(r4, 0x0) r5 = mmap$IORING_OFF_SQ_RING(&(0x7f0000000000/0x1000)=nil, 0x1000, 0x3, 0x4010, 0xffffffffffffffff, 0x0) syz_io_uring_complete(r5) r6 = syz_io_uring_complete(r5) r7 = socket$nl_route(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) r9 = dup(r8) getsockname$packet(r9, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@ipv6_getroute={0x24, 0x18, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@RTA_OIF={0x8, 0x4, r10}]}, 0x24}}, 0x0) sendmsg$nl_route_sched(r6, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="340000002600080025bd7000fcdbdf250000000063c724a7845aa3779e8c6427679b068be92603268d1ddfc67123221caa75619db1ba25800631e4dbc76ee8f30887b0179574fce63f312d7f01ba90f58c9eb94a559b0949922aa820586e99b8fdf8edd8d7fdf89d9f723e86479379b650ae", @ANYRES32=r10, @ANYBLOB="05000d0009000a000100030004000a0004000a0004000a0004000a00"], 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x4000) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:39:34 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x12) 22:39:34 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:34 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x25) 22:39:34 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1924.419058][T24259] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000 [ 1924.465655][T24259] CPU: 1 PID: 24259 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1924.475932][T24259] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1924.485978][T24259] Call Trace: [ 1924.489249][T24259] dump_stack+0x14a/0x1ce [ 1924.493549][T24259] ? devkmsg_release+0x11c/0x11c [ 1924.498456][T24259] ? show_regs_print_info+0x12/0x12 [ 1924.503638][T24259] ? radix_tree_cpu_dead+0x160/0x160 [ 1924.508893][T24259] ? _raw_spin_lock+0xa1/0x170 [ 1924.513625][T24259] ? _raw_spin_trylock_bh+0x190/0x190 [ 1924.518971][T24259] dump_header+0xdb/0x700 [ 1924.523372][T24259] oom_kill_process+0xd3/0x280 [ 1924.528105][T24259] out_of_memory+0x5b6/0x890 [ 1924.532695][T24259] ? unregister_oom_notifier+0x20/0x20 [ 1924.538150][T24259] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1924.543670][T24259] ? get_page_from_freelist+0x7c0/0x7c0 [ 1924.549193][T24259] ? __zone_watermark_ok+0x91/0x280 [ 1924.554365][T24259] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1924.559708][T24259] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1924.565232][T24259] alloc_slab_page+0x3a/0x3a0 [ 1924.569881][T24259] ? cred_has_capability+0x2cc/0x410 [ 1924.575138][T24259] new_slab+0x408/0x450 [ 1924.579270][T24259] ? should_fail+0x18e/0x860 [ 1924.583829][T24259] ___slab_alloc+0x2e0/0x450 [ 1924.588403][T24259] ? cap_capable+0x23f/0x280 [ 1924.592975][T24259] ? proc_pid_stack+0x1d5/0x1f0 [ 1924.598316][T24259] ? proc_pid_stack+0x8e/0x1f0 [ 1924.603049][T24259] ? proc_pid_stack+0x8e/0x1f0 [ 1924.607791][T24259] kmem_cache_alloc_trace+0x25b/0x280 [ 1924.613132][T24259] proc_pid_stack+0x8e/0x1f0 [ 1924.617705][T24259] proc_single_show+0xd3/0x130 [ 1924.622439][T24259] seq_read+0x4aa/0xd30 [ 1924.626580][T24259] do_iter_read+0x43b/0x550 [ 1924.631054][T24259] do_preadv+0x213/0x350 [ 1924.635268][T24259] ? do_writev+0x5b0/0x5b0 [ 1924.639663][T24259] do_syscall_64+0xcb/0x150 [ 1924.644159][T24259] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1924.650023][T24259] RIP: 0033:0x45d189 [ 1924.653888][T24259] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1924.673462][T24259] RSP: 002b:00007f76464a2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 1924.681845][T24259] RAX: ffffffffffffffda RBX: 0000000000024ac0 RCX: 000000000045d189 [ 1924.689799][T24259] RDX: 0000000000000375 RSI: 00000000200017c0 RDI: 0000000000000005 [ 1924.697747][T24259] RBP: 000000000118d0d0 R08: 0000000000000000 R09: 0000000000000000 [ 1924.705700][T24259] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118d08c [ 1924.713644][T24259] R13: 00007ffd47501b1f R14: 00007f76464a39c0 R15: 000000000118d08c [ 1924.764554][T24259] Mem-Info: [ 1924.768072][T24259] active_anon:1412125 inactive_anon:6774 isolated_anon:0 [ 1924.768072][T24259] active_file:356 inactive_file:354 isolated_file:47 [ 1924.768072][T24259] unevictable:0 dirty:59 writeback:4 unstable:0 [ 1924.768072][T24259] slab_reclaimable:8826 slab_unreclaimable:76624 [ 1924.768072][T24259] mapped:57994 shmem:6853 pagetables:39467 bounce:0 [ 1924.768072][T24259] free:11471 free_pcp:135 free_cma:0 [ 1924.816377][T24259] Node 0 active_anon:5648500kB inactive_anon:27096kB active_file:1168kB inactive_file:1216kB unevictable:0kB isolated(anon):0kB isolated(file):88kB mapped:231476kB dirty:236kB writeback:16kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1924.925919][T24259] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1925.016651][T24259] lowmem_reserve[]: 0 2912 6416 6416 [ 1925.042028][T24259] DMA32 free:18580kB min:4644kB low:7624kB high:10604kB active_anon:2810572kB inactive_anon:3540kB active_file:60kB inactive_file:2100kB unevictable:0kB writepending:36kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14944kB pagetables:31652kB bounce:0kB free_pcp:108kB local_pcp:0kB free_cma:0kB [ 1925.074283][T24259] lowmem_reserve[]: 0 0 3504 3504 [ 1925.084430][T24259] Normal free:16924kB min:21976kB low:25564kB high:29152kB active_anon:2830484kB inactive_anon:23556kB active_file:992kB inactive_file:796kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32192kB pagetables:126100kB bounce:0kB free_pcp:176kB local_pcp:116kB free_cma:0kB [ 1925.114930][T24259] lowmem_reserve[]: 0 0 0 0 [ 1925.120956][T24259] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1925.135851][T24259] DMA32: 9*4kB (UMEH) 41*8kB (UMEH) 35*16kB (UEH) 77*32kB (UMEH) 42*64kB (UMEH) 31*128kB (UMH) 15*256kB (UM) 4*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 19004kB 22:39:35 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xcf) 22:39:35 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1925.152679][T24259] Normal: 456*4kB (UMEH) 539*8kB (UMEH) 145*16kB (UMEH) 173*32kB (UME) 41*64kB (UM) 4*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17384kB [ 1925.176147][T24259] 8254 total pagecache pages [ 1925.183381][T24259] 0 pages in swap cache [ 1925.239051][T24259] Swap cache stats: add 0, delete 0, find 0/0 [ 1925.261519][T24259] Free swap = 0kB [ 1925.273397][T24259] Total swap = 0kB [ 1925.285711][T24259] 1965979 pages RAM [ 1925.294048][T24259] 0 pages HighMem/MovableOnly [ 1925.306483][T24259] 318829 pages reserved [ 1925.319847][T24259] 0 pages cma reserved [ 1925.329651][T24259] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=24228,uid=0 22:39:35 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) syz_open_procfs(0x0, &(0x7f0000000280)='net/netfilter\x00') sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1925.382365][ T378] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 1925.426664][ T378] CPU: 0 PID: 378 Comm: syz-executor.3 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1925.436657][ T378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1925.446705][ T378] Call Trace: [ 1925.449998][ T378] dump_stack+0x14a/0x1ce [ 1925.454326][ T378] ? devkmsg_release+0x11c/0x11c [ 1925.459259][ T378] ? show_regs_print_info+0x12/0x12 [ 1925.464447][ T378] ? radix_tree_cpu_dead+0x160/0x160 [ 1925.469707][ T378] ? _raw_spin_lock+0xa1/0x170 [ 1925.474451][ T378] ? _raw_spin_trylock_bh+0x190/0x190 [ 1925.479795][ T378] dump_header+0xdb/0x700 [ 1925.484098][ T378] oom_kill_process+0xd3/0x280 [ 1925.488830][ T378] out_of_memory+0x5b6/0x890 [ 1925.493389][ T378] ? unregister_oom_notifier+0x20/0x20 [ 1925.498817][ T378] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1925.504337][ T378] ? get_page_from_freelist+0x7c0/0x7c0 [ 1925.509851][ T378] ? __zone_watermark_ok+0x91/0x280 [ 1925.515019][ T378] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1925.520378][ T378] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1925.525910][ T378] ? copy_process+0x5a4/0x5110 [ 1925.530647][ T378] ? copy_process+0x5a4/0x5110 [ 1925.535383][ T378] ? kmem_cache_alloc+0x1d5/0x260 [ 1925.540377][ T378] copy_process+0x5f3/0x5110 [ 1925.544939][ T378] ? _raw_spin_unlock+0x5/0x20 [ 1925.549684][ T378] ? do_swap_page+0x1560/0x1560 [ 1925.554505][ T378] ? fork_idle+0x290/0x290 [ 1925.558893][ T378] _do_fork+0x196/0x920 [ 1925.563019][ T378] ? finish_fault+0x230/0x230 [ 1925.567666][ T378] ? dup_mm+0x300/0x300 [ 1925.571808][ T378] ? ktime_get_raw+0x130/0x130 [ 1925.576544][ T378] __x64_sys_clone+0x25e/0x2c0 [ 1925.581366][ T378] ? __ia32_sys_vfork+0x110/0x110 [ 1925.586358][ T378] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1925.592067][ T378] ? do_user_addr_fault+0x55c/0x9f0 [ 1925.597234][ T378] do_syscall_64+0xcb/0x150 [ 1925.601708][ T378] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1925.607568][ T378] RIP: 0033:0x45b75a [ 1925.611434][ T378] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 1925.631020][ T378] RSP: 002b:00007ffdc5ab06d0 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1925.639407][ T378] RAX: ffffffffffffffda RBX: 00007ffdc5ab06d0 RCX: 000000000045b75a [ 1925.647350][ T378] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1925.655296][ T378] RBP: 00007ffdc5ab0710 R08: 0000000000000001 R09: 000000000171b940 [ 1925.663236][ T378] R10: 000000000171bc10 R11: 0000000000000246 R12: 0000000000000001 [ 1925.671181][ T378] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffdc5ab0760 [ 1925.685071][ T378] Mem-Info: [ 1925.689114][ T378] active_anon:1410921 inactive_anon:6774 isolated_anon:0 [ 1925.689114][ T378] active_file:571 inactive_file:881 isolated_file:56 [ 1925.689114][ T378] unevictable:0 dirty:10 writeback:0 unstable:0 [ 1925.689114][ T378] slab_reclaimable:8826 slab_unreclaimable:76589 [ 1925.689114][ T378] mapped:58478 shmem:6853 pagetables:39407 bounce:0 [ 1925.689114][ T378] free:12089 free_pcp:99 free_cma:0 22:39:36 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x20, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) request_key(&(0x7f0000000040)='user\x00', &(0x7f00000000c0)={'syz', 0x3, 0xc}, &(0x7f0000001fee)='R\tXus\xac\x84c-D\x97', 0x0) keyctl$negate(0xd, 0x0, 0x4, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1925.792049][ T378] Node 0 active_anon:5643684kB inactive_anon:27096kB active_file:2132kB inactive_file:2788kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:233112kB dirty:40kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1925.852329][ T378] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1925.879836][ T378] lowmem_reserve[]: 0 2912 6416 6416 [ 1925.886065][ T378] DMA32 free:22684kB min:4644kB low:7624kB high:10604kB active_anon:2810580kB inactive_anon:3540kB active_file:512kB inactive_file:4kB unevictable:0kB writepending:4kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14816kB pagetables:31636kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1925.915688][ T378] lowmem_reserve[]: 0 0 3504 3504 [ 1925.921549][ T378] Normal free:13652kB min:5592kB low:9180kB high:12768kB active_anon:2833500kB inactive_anon:23556kB active_file:472kB inactive_file:764kB unevictable:0kB writepending:36kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32160kB pagetables:125992kB bounce:0kB free_pcp:328kB local_pcp:112kB free_cma:0kB [ 1925.956058][ T378] lowmem_reserve[]: 0 0 0 0 [ 1925.962955][ T378] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1925.978153][ T378] DMA32: 152*4kB (UMEH) 112*8kB (UMEH) 112*16kB (UMEH) 100*32kB (UMEH) 48*64kB (UMEH) 33*128kB (UMH) 15*256kB (UM) 4*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 22752kB [ 1925.996457][ T378] Normal: 42*4kB (UMEH) 230*8kB (UMEH) 153*16kB (UMEH) 173*32kB (UME) 38*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12424kB [ 1926.012287][ T378] 7474 total pagecache pages [ 1926.021129][ T378] 0 pages in swap cache [ 1926.034302][ T378] Swap cache stats: add 0, delete 0, find 0/0 [ 1926.055330][ T378] Free swap = 0kB [ 1926.064647][ T378] Total swap = 0kB [ 1926.098483][ T378] 1965979 pages RAM [ 1926.114276][ T378] 0 pages HighMem/MovableOnly [ 1926.129162][ T378] 318829 pages reserved [ 1926.134796][ T378] 0 pages cma reserved 22:39:36 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) [ 1926.143889][ T378] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=24262,uid=0 [ 1926.158780][ T378] Out of memory: Killed process 24262 (syz-executor.0) total-vm:85480kB, anon-rss:16568kB, file-rss:34920kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 22:39:36 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000280)="212e265704f7f5a2f2515370895e7f1aa0a3d0bab5b1eb390f54c5281b329d3d89fe432cc351bd2500056381726a4bed2bcca48614e931c637f821a6edb881e632d54915e2639900100000b348fb965eb00700000000000000f0ae3d12968415fc703ef975970c30954ad50e7bc567413852944c07e8a8affa658f3592d4f375c04a7289213f3a308140651f38d7806c10aaba369a76f6a83c28a681eb0acc9d03f30bba2438c420e608f87c5a3246a87bc84dbe105bee3f7e7f9e952f55ea74b1e880abe15558190620cf2a727d637c9031cf76238fc25dd55802e129067fb50a850135f8f9adac28869fa0ea144c87a7e848e226d469058bc6f5343a86010df91ceb125ee5bd46077d9f9488d874134d42dfd67a20dcc5fd295da4f36b895ee391896120b1f3d98a8a1040689a6f474a89c3354ab2c98cf0ce5ee80405b3afceb0", 0x142) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) r4 = socket$inet_udplite(0x2, 0x2, 0x88) flock(r4, 0x0) 22:39:36 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) timerfd_gettime(r5, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000140)={0x1, {{0xa, 0x4e21, 0x2, @loopback, 0x8}}}, 0x88) setsockopt$netlink_NETLINK_CAP_ACK(r5, 0x10e, 0xa, &(0x7f0000000040)=0x5e214cc9, 0x4) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:39:37 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1926.617766][T24291] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1926.630571][T24291] CPU: 0 PID: 24291 Comm: syz-executor.3 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1926.640713][T24291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1926.650781][T24291] Call Trace: [ 1926.654065][T24291] dump_stack+0x14a/0x1ce [ 1926.658389][T24291] ? devkmsg_release+0x11c/0x11c [ 1926.663323][T24291] ? show_regs_print_info+0x12/0x12 [ 1926.668517][T24291] ? radix_tree_cpu_dead+0x160/0x160 [ 1926.673794][T24291] ? _raw_spin_lock+0xa1/0x170 [ 1926.678554][T24291] ? _raw_spin_trylock_bh+0x190/0x190 [ 1926.683922][T24291] dump_header+0xdb/0x700 [ 1926.688255][T24291] oom_kill_process+0xd3/0x280 [ 1926.693102][T24291] out_of_memory+0x5b6/0x890 [ 1926.697688][T24291] ? unregister_oom_notifier+0x20/0x20 [ 1926.703145][T24291] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1926.708698][T24291] ? get_page_from_freelist+0x7c0/0x7c0 [ 1926.714244][T24291] ? __zone_watermark_ok+0x91/0x280 [ 1926.719441][T24291] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1926.724813][T24291] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1926.730358][T24291] ? copy_process+0x5a4/0x5110 [ 1926.735119][T24291] ? kmem_cache_alloc+0x1d5/0x260 [ 1926.740138][T24291] copy_process+0x5f3/0x5110 [ 1926.744729][T24291] ? search_process_keyrings_rcu+0x260/0x260 [ 1926.750703][T24291] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 1926.756757][T24291] ? fork_idle+0x290/0x290 [ 1926.761168][T24291] ? keyctl_keyring_move+0x5a/0x100 [ 1926.766350][T24291] _do_fork+0x196/0x920 [ 1926.770493][T24291] ? __x64_sys_keyctl+0xc0/0xc0 [ 1926.775313][T24291] ? dup_mm+0x300/0x300 [ 1926.779438][T24291] ? ktime_get_raw+0x130/0x130 [ 1926.784169][T24291] __x64_sys_clone+0x25e/0x2c0 [ 1926.788912][T24291] ? __ia32_sys_vfork+0x110/0x110 [ 1926.793904][T24291] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1926.799506][T24291] do_syscall_64+0xcb/0x150 [ 1926.803982][T24291] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1926.809844][T24291] RIP: 0033:0x45d189 [ 1926.813710][T24291] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1926.833283][T24291] RSP: 002b:00007fde32b30c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1926.841677][T24291] RAX: ffffffffffffffda RBX: 0000000000001f40 RCX: 000000000045d189 [ 1926.849636][T24291] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000103 [ 1926.857578][T24291] RBP: 000000000118cf90 R08: ffffffffffffffff R09: 0000000000000000 [ 1926.865520][T24291] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cf4c [ 1926.873466][T24291] R13: 00007ffdc5ab04df R14: 00007fde32b319c0 R15: 000000000118cf4c [ 1927.046681][T24291] Mem-Info: [ 1927.049859][T24291] active_anon:1411134 inactive_anon:6774 isolated_anon:0 [ 1927.049859][T24291] active_file:136 inactive_file:191 isolated_file:25 [ 1927.049859][T24291] unevictable:0 dirty:11 writeback:2 unstable:0 [ 1927.049859][T24291] slab_reclaimable:8826 slab_unreclaimable:76757 [ 1927.049859][T24291] mapped:57575 shmem:6853 pagetables:39455 bounce:0 [ 1927.049859][T24291] free:12155 free_pcp:660 free_cma:0 [ 1927.087729][T24291] Node 0 active_anon:5644536kB inactive_anon:27096kB active_file:444kB inactive_file:764kB unevictable:0kB isolated(anon):0kB isolated(file):100kB mapped:230300kB dirty:44kB writeback:8kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1927.112199][T24291] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1927.148071][T24291] lowmem_reserve[]: 0 2912 6416 6416 [ 1927.154186][T24291] DMA32 free:19056kB min:4644kB low:7624kB high:10604kB active_anon:2812216kB inactive_anon:3540kB active_file:500kB inactive_file:140kB unevictable:0kB writepending:68kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14752kB pagetables:31812kB bounce:0kB free_pcp:1348kB local_pcp:676kB free_cma:0kB [ 1927.197482][T24291] lowmem_reserve[]: 0 0 3504 3504 [ 1927.203134][T24291] Normal free:13592kB min:5592kB low:9180kB high:12768kB active_anon:2832356kB inactive_anon:23556kB active_file:664kB inactive_file:840kB unevictable:0kB writepending:12kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32128kB pagetables:126168kB bounce:0kB free_pcp:976kB local_pcp:272kB free_cma:0kB [ 1927.235454][T24291] lowmem_reserve[]: 0 0 0 0 22:39:37 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) [ 1927.240971][T24291] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1927.255032][T24291] DMA32: 122*4kB (UMEH) 97*8kB (UMEH) 112*16kB (UMEH) 51*32kB (UMEH) 49*64kB (UMEH) 33*128kB (UMH) 15*256kB (UM) 4*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 21008kB [ 1927.335615][T24291] Normal: 37*4kB (ME) 26*8kB (UME) 54*16kB (UE) 82*32kB (UME) 38*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6276kB [ 1927.384044][T24291] 7952 total pagecache pages [ 1927.394660][T24291] 0 pages in swap cache [ 1927.413059][T24291] Swap cache stats: add 0, delete 0, find 0/0 [ 1927.436291][T24291] Free swap = 0kB [ 1927.440022][T24291] Total swap = 0kB [ 1927.443864][T24291] 1965979 pages RAM [ 1927.455525][T24291] 0 pages HighMem/MovableOnly [ 1927.460213][T24291] 318829 pages reserved [ 1927.475548][T24291] 0 pages cma reserved [ 1927.480017][T24291] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=24266,uid=0 [ 1927.494919][T24291] Out of memory: Killed process 24284 (syz-executor.2) total-vm:85744kB, anon-rss:16572kB, file-rss:34888kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1927.517250][ T23] oom_reaper: reaped process 24284 (syz-executor.2), now anon-rss:0kB, file-rss:34820kB, shmem-rss:0kB 22:39:38 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:38 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f0000000480)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000001c0)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x20008, 0x6, 0x0, 0x0, 0x976}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$fscrypt_provisioning(&(0x7f0000000280)='fscrypt-provisioning\x00', &(0x7f00000002c0)={'syz', 0x1}, &(0x7f0000000300)=ANY=[@ANYBLOB="026921b659212ad3c4a8f45c80bf0a84efbbfc1174bb66548e73964fcb993316040000000000000071c6100c4c14e11abb5d6ac4439abaa7cfefb511d82df81c52672c5122f84a81163583e61da73e3a16c7ca0269aac3e59ed7b98b8c5013f240f200"/134], 0x86, 0x0) keyctl$KEYCTL_PKEY_ENCRYPT(0x19, &(0x7f00000003c0)={r4, 0x0, 0x32}, &(0x7f0000000400)={'enc=', 'oaep', ' hash=', {'tgr128\x00'}}, &(0x7f0000000480), &(0x7f00000004c0)=""/50) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x0, 0x0, 0x0) 22:39:38 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1928.707192][T24305] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1928.719685][T24305] CPU: 0 PID: 24305 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1928.729826][T24305] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1928.739875][T24305] Call Trace: [ 1928.743148][T24305] dump_stack+0x14a/0x1ce [ 1928.747455][T24305] ? devkmsg_release+0x11c/0x11c [ 1928.752367][T24305] ? show_regs_print_info+0x12/0x12 [ 1928.757549][T24305] ? radix_tree_cpu_dead+0x160/0x160 [ 1928.762812][T24305] ? _raw_spin_lock+0xa1/0x170 [ 1928.767544][T24305] ? _raw_spin_trylock_bh+0x190/0x190 [ 1928.772888][T24305] dump_header+0xdb/0x700 [ 1928.777189][T24305] oom_kill_process+0xd3/0x280 [ 1928.781921][T24305] out_of_memory+0x5b6/0x890 [ 1928.786507][T24305] ? unregister_oom_notifier+0x20/0x20 [ 1928.791937][T24305] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1928.797453][T24305] ? get_page_from_freelist+0x7c0/0x7c0 [ 1928.802975][T24305] ? __zone_watermark_ok+0x91/0x280 [ 1928.808144][T24305] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1928.813487][T24305] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1928.819003][T24305] ? copy_process+0x5a4/0x5110 [ 1928.823737][T24305] ? kmem_cache_alloc+0x1d5/0x260 [ 1928.828731][T24305] copy_process+0x5f3/0x5110 [ 1928.833293][T24305] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1928.838981][T24305] ? _raw_spin_lock+0xa1/0x170 [ 1928.843711][T24305] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1928.849488][T24305] ? __lru_cache_add+0x1a1/0x1f0 [ 1928.854393][T24305] ? fork_idle+0x290/0x290 [ 1928.858779][T24305] _do_fork+0x196/0x920 [ 1928.862906][T24305] ? finish_fault+0x230/0x230 [ 1928.867551][T24305] ? up_write+0xa1/0x190 [ 1928.871762][T24305] ? dup_mm+0x300/0x300 [ 1928.875887][T24305] __x64_sys_clone+0x25e/0x2c0 [ 1928.880632][T24305] ? __ia32_sys_vfork+0x110/0x110 [ 1928.885625][T24305] ? do_user_addr_fault+0x55c/0x9f0 [ 1928.890791][T24305] do_syscall_64+0xcb/0x150 [ 1928.895272][T24305] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1928.901131][T24305] RIP: 0033:0x45fb59 [ 1928.905015][T24305] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1928.924587][T24305] RSP: 002b:00007ffc8d239e88 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1928.932965][T24305] RAX: ffffffffffffffda RBX: 00007fe26cb9e700 RCX: 000000000045fb59 [ 1928.940906][T24305] RDX: 00007fe26cb9e9d0 RSI: 00007fe26cb9ddb0 RDI: 00000000003d0f00 [ 1928.948846][T24305] RBP: 00007ffc8d23a0b0 R08: 00007fe26cb9e700 R09: 00007fe26cb9e700 [ 1928.956799][T24305] R10: 00007fe26cb9e9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1928.964740][T24305] R13: 00007ffc8d239f3f R14: 00007fe26cb9e9c0 R15: 000000000118d08c [ 1928.973454][T24305] Mem-Info: [ 1928.977098][T24305] active_anon:1413209 inactive_anon:6774 isolated_anon:0 [ 1928.977098][T24305] active_file:147 inactive_file:166 isolated_file:0 [ 1928.977098][T24305] unevictable:0 dirty:12 writeback:8 unstable:0 [ 1928.977098][T24305] slab_reclaimable:8826 slab_unreclaimable:76690 [ 1928.977098][T24305] mapped:57560 shmem:6853 pagetables:39523 bounce:0 [ 1928.977098][T24305] free:10629 free_pcp:113 free_cma:0 [ 1929.025894][T24305] Node 0 active_anon:5652836kB inactive_anon:27096kB active_file:588kB inactive_file:2064kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:231040kB dirty:48kB writeback:32kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1929.079016][T24305] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1929.105543][T24305] lowmem_reserve[]: 0 2912 6416 6416 [ 1929.111102][T24305] DMA32 free:18308kB min:4644kB low:7624kB high:10604kB active_anon:2813028kB inactive_anon:3540kB active_file:328kB inactive_file:708kB unevictable:0kB writepending:36kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14880kB pagetables:31812kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1929.140392][T24305] lowmem_reserve[]: 0 0 3504 3504 [ 1929.145764][T24305] Normal free:5924kB min:5592kB low:9180kB high:12768kB active_anon:2839808kB inactive_anon:23556kB active_file:1268kB inactive_file:324kB unevictable:0kB writepending:44kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32192kB pagetables:126280kB bounce:0kB free_pcp:616kB local_pcp:0kB free_cma:0kB [ 1929.175966][T24305] lowmem_reserve[]: 0 0 0 0 [ 1929.181113][T24305] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1929.195079][T24305] DMA32: 73*4kB (UMEH) 35*8kB (UMEH) 35*16kB (UEH) 16*32kB (UEH) 50*64kB (UMEH) 37*128kB (UMH) 15*256kB (UM) 5*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 19052kB [ 1929.212293][T24305] Normal: 67*4kB (UE) 129*8kB (UME) 60*16kB (UME) 34*32kB (UME) 36*64kB (M) 1*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5780kB [ 1929.230763][T24305] 7369 total pagecache pages [ 1929.236080][T24305] 0 pages in swap cache [ 1929.240636][T24305] Swap cache stats: add 0, delete 0, find 0/0 [ 1929.254049][T24305] Free swap = 0kB [ 1929.259602][T24305] Total swap = 0kB [ 1929.264371][T24305] 1965979 pages RAM [ 1929.273561][T24305] 0 pages HighMem/MovableOnly [ 1929.278953][T24305] 318829 pages reserved [ 1929.283609][T24305] 0 pages cma reserved [ 1929.288331][T24305] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=24281,uid=0 [ 1929.303022][T24305] Out of memory: Killed process 24281 (syz-executor.5) total-vm:85480kB, anon-rss:16540kB, file-rss:34480kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1929.325002][ T23] oom_reaper: reaped process 24281 (syz-executor.5), now anon-rss:0kB, file-rss:34620kB, shmem-rss:0kB 22:39:39 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x300) 22:39:39 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) sendmsg$AUDIT_LIST_RULES(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x4a44000}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x10, 0x3f5, 0x1, 0x70bd28, 0x25dfdbff, "", ["", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x4000}, 0x4801) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) pkey_alloc(0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:39 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:39 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000080)=[{&(0x7f0000000040)}, {&(0x7f0000000240)="0dc00ad8fe06fe374f2e8712ba86896d5e3e770fb8a7c906f5f34fc300e70972665e0c220aef7b040084c35535c04e04057b5a9cece73c41eff31cf3367b68889f6c2988f829c220771c9e1744932b25dd450ac0641865e857063e510717751c5070bba930b11bb9278ee5fa60da42c8cbf90422b5d6eb04f2d956ba2dcc99aeb77e659fd38e3dbd1dcf6a6ca29ecddb9a7ef970e1f4c86b1e8f63c5352249c40a794daedbea6eb88ac11d93a0c0df0df2c311ad029bf58929ee77a549fec413c82b50df9447a1c89910bd4a9d3ac9ef5d9f61e1b953d91cfd5af2d33145584e73a1a7066351a6e7c61ae8147e07956df81c3d662e1b90503382c42c27fa5b84f0ddc9ebf843ba56739101039b8ded66114d4c473fb5885076e03a606e5ece24b4ae277f933030acb38a3bf4dbba278a2766fa65db1b080a59a36f73d0d21db9552e8dd5edbac136d19bf98e3b4b4f221d73b776666a6184db744c9b764811c55fd1", 0x162}], 0x2, 0x3) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) r6 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)={0x5, 0x6, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r6, 0x0, 0x0}, 0x20) ioctl$LOOP_CHANGE_FD(r5, 0x4c06, r6) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:39:40 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x500) 22:39:40 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1929.807300][T24331] syz-executor.1 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1929.828709][T24331] CPU: 1 PID: 24331 Comm: syz-executor.1 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1929.838867][T24331] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1929.848900][T24331] Call Trace: [ 1929.852180][T24331] dump_stack+0x14a/0x1ce [ 1929.856489][T24331] ? devkmsg_release+0x11c/0x11c [ 1929.861401][T24331] ? show_regs_print_info+0x12/0x12 [ 1929.866566][T24331] ? radix_tree_cpu_dead+0x160/0x160 [ 1929.871820][T24331] ? _raw_spin_lock+0xa1/0x170 [ 1929.876550][T24331] ? _raw_spin_trylock_bh+0x190/0x190 [ 1929.881889][T24331] dump_header+0xdb/0x700 [ 1929.886189][T24331] oom_kill_process+0xd3/0x280 [ 1929.890922][T24331] out_of_memory+0x5b6/0x890 [ 1929.895496][T24331] ? unregister_oom_notifier+0x20/0x20 [ 1929.900923][T24331] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1929.906441][T24331] ? get_page_from_freelist+0x7c0/0x7c0 [ 1929.911954][T24331] ? __zone_watermark_ok+0x91/0x280 [ 1929.917125][T24331] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1929.922468][T24331] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1929.927991][T24331] ? copy_process+0x5a4/0x5110 [ 1929.932722][T24331] ? copy_process+0x5a4/0x5110 [ 1929.937452][T24331] ? kmem_cache_alloc+0x1d5/0x260 [ 1929.942444][T24331] copy_process+0x5f3/0x5110 [ 1929.947006][T24331] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1929.952694][T24331] ? _raw_spin_lock+0xa1/0x170 [ 1929.957425][T24331] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1929.963199][T24331] ? __lru_cache_add+0x1a1/0x1f0 [ 1929.968103][T24331] ? fork_idle+0x290/0x290 [ 1929.972487][T24331] _do_fork+0x196/0x920 [ 1929.976612][T24331] ? finish_fault+0x230/0x230 [ 1929.981258][T24331] ? up_write+0xa1/0x190 [ 1929.985470][T24331] ? dup_mm+0x300/0x300 [ 1929.989607][T24331] __x64_sys_clone+0x25e/0x2c0 [ 1929.994340][T24331] ? __ia32_sys_vfork+0x110/0x110 [ 1929.999332][T24331] ? do_user_addr_fault+0x55c/0x9f0 [ 1930.004498][T24331] do_syscall_64+0xcb/0x150 [ 1930.008970][T24331] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1930.014830][T24331] RIP: 0033:0x45fb59 [ 1930.018694][T24331] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1930.038266][T24331] RSP: 002b:00007ffc48160ff8 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1930.046643][T24331] RAX: ffffffffffffffda RBX: 00007f76f00ab700 RCX: 000000000045fb59 [ 1930.054594][T24331] RDX: 00007f76f00ab9d0 RSI: 00007f76f00aadb0 RDI: 00000000003d0f00 [ 1930.062550][T24331] RBP: 00007ffc48161220 R08: 00007f76f00ab700 R09: 00007f76f00ab700 [ 1930.070490][T24331] R10: 00007f76f00ab9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1930.078429][T24331] R13: 00007ffc481610af R14: 00007f76f00ab9c0 R15: 000000000118cf4c [ 1930.415317][T24331] Mem-Info: [ 1930.418584][T24331] active_anon:1413803 inactive_anon:6774 isolated_anon:0 [ 1930.418584][T24331] active_file:53 inactive_file:45 isolated_file:6 [ 1930.418584][T24331] unevictable:0 dirty:23 writeback:0 unstable:0 [ 1930.418584][T24331] slab_reclaimable:8826 slab_unreclaimable:76686 [ 1930.418584][T24331] mapped:57383 shmem:6853 pagetables:39515 bounce:0 [ 1930.418584][T24331] free:9688 free_pcp:813 free_cma:0 [ 1930.456280][T24331] Node 0 active_anon:5655308kB inactive_anon:27096kB active_file:32kB inactive_file:136kB unevictable:0kB isolated(anon):0kB isolated(file):68kB mapped:229512kB dirty:16kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1930.481416][T24331] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1930.507796][T24331] lowmem_reserve[]: 0 2912 6416 6416 [ 1930.513187][T24331] DMA32 free:18448kB min:4644kB low:7624kB high:10604kB active_anon:2815220kB inactive_anon:3540kB active_file:16kB inactive_file:36kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14720kB pagetables:31856kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1930.542677][T24331] lowmem_reserve[]: 0 0 3504 3504 [ 1930.548214][T24331] Normal free:6792kB min:5592kB low:9180kB high:12768kB active_anon:2840120kB inactive_anon:23556kB active_file:248kB inactive_file:208kB unevictable:0kB writepending:20kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32256kB pagetables:126240kB bounce:0kB free_pcp:556kB local_pcp:184kB free_cma:0kB [ 1930.578129][T24331] lowmem_reserve[]: 0 0 0 0 [ 1930.582825][T24331] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1930.596477][T24331] DMA32: 244*4kB (UMEH) 44*8kB (UMEH) 43*16kB (UMEH) 13*32kB (UEH) 20*64kB (UMEH) 38*128kB (UMH) 15*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 18560kB [ 1930.613785][T24331] Normal: 259*4kB (UME) 159*8kB (UME) 111*16kB (UME) 11*32kB (UME) 28*64kB (M) 1*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6356kB [ 1930.628839][T24331] 6961 total pagecache pages [ 1930.634185][T24331] 0 pages in swap cache [ 1930.638907][T24331] Swap cache stats: add 0, delete 0, find 0/0 [ 1930.645235][T24331] Free swap = 0kB [ 1930.649305][T24331] Total swap = 0kB [ 1930.653460][T24331] 1965979 pages RAM [ 1930.657694][T24331] 0 pages HighMem/MovableOnly [ 1930.662830][T24331] 318829 pages reserved [ 1930.667357][T24331] 0 pages cma reserved [ 1930.671427][T24331] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=24310,uid=0 [ 1930.685552][T24331] Out of memory: Killed process 24310 (syz-executor.0) total-vm:85348kB, anon-rss:14696kB, file-rss:34840kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1930.707153][ T23] oom_reaper: reaped process 24310 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 22:39:41 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:41 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:41 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) getpid() r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r3 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r3, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) ioctl$FS_IOC_ADD_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0506617, &(0x7f0000000280)={{0x0, 0x0, @reserved="be4224e7c2b1b0a8dee8cd363d65b809684107fdb268b87503db6881f8667a71"}, 0x84, 0x0, [], "b0cd1c66b81690fcb0a800bac6e3c4a5f65a811161d1e9ce8c4e7c07e07e2aa52653d61c1aa7a842fb1f112a76b924e863e45d79c0755a8152d85592674aea03ce26da5459b62535d7473d9642fdcdeb7cfd14cda7f28ba10b28059e3a1ce318eddb003a6f889d204a37da23af6d00c2c48ba7116cd30d545cab0771dcf184f920ff8d34"}) keyctl$describe(0x6, r4, &(0x7f0000000380)=""/233, 0xe9) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:41 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000), 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) 22:39:41 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x6, 0xfff) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) clock_gettime(0x0, &(0x7f00000002c0)={0x0, 0x0}) setitimer(0x0, &(0x7f0000000300)={{r2, r3/1000+10000}}, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @mcast1, 0x156aec58}, 0x1c) fcntl$setpipe(r5, 0x407, 0x0) write(r5, &(0x7f0000000340), 0x41395527) vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000380)=""/22, 0xfffffcc6) r6 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r6, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(0xffffffffffffffff, &(0x7f00000017c0), 0x0, 0x4, 0x8) 22:39:41 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x600) 22:39:41 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:41 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x700) 22:39:41 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:41 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:41 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x900) [ 1931.217247][T24371] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1931.234131][T24371] CPU: 0 PID: 24371 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1931.244290][T24371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1931.254337][T24371] Call Trace: [ 1931.257626][T24371] dump_stack+0x14a/0x1ce [ 1931.261952][T24371] ? devkmsg_release+0x11c/0x11c [ 1931.266886][T24371] ? show_regs_print_info+0x12/0x12 [ 1931.272083][T24371] ? radix_tree_cpu_dead+0x160/0x160 [ 1931.277360][T24371] ? _raw_spin_lock+0xa1/0x170 [ 1931.282120][T24371] ? _raw_spin_trylock_bh+0x190/0x190 [ 1931.287491][T24371] dump_header+0xdb/0x700 [ 1931.291821][T24371] oom_kill_process+0xd3/0x280 [ 1931.296599][T24371] out_of_memory+0x5b6/0x890 [ 1931.301191][T24371] ? unregister_oom_notifier+0x20/0x20 [ 1931.306651][T24371] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1931.312202][T24371] ? get_page_from_freelist+0x7c0/0x7c0 [ 1931.317746][T24371] ? __zone_watermark_ok+0x91/0x280 [ 1931.322948][T24371] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1931.328323][T24371] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1931.333878][T24371] ? copy_process+0x5a4/0x5110 [ 1931.338909][T24371] ? kmem_cache_alloc+0x1d5/0x260 [ 1931.343932][T24371] copy_process+0x5f3/0x5110 [ 1931.348532][T24371] ? search_process_keyrings_rcu+0x260/0x260 [ 1931.354545][T24371] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 1931.360619][T24371] ? fork_idle+0x290/0x290 [ 1931.365040][T24371] _do_fork+0x196/0x920 [ 1931.369202][T24371] ? switch_mm+0x100/0x100 [ 1931.373648][T24371] ? dup_mm+0x300/0x300 [ 1931.377802][T24371] ? ktime_get_raw+0x130/0x130 [ 1931.382563][T24371] __x64_sys_clone+0x25e/0x2c0 [ 1931.387334][T24371] ? __ia32_sys_vfork+0x110/0x110 [ 1931.392358][T24371] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1931.397990][T24371] do_syscall_64+0xcb/0x150 [ 1931.402493][T24371] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1931.408379][T24371] RIP: 0033:0x45d189 [ 1931.412266][T24371] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1931.431947][T24371] RSP: 002b:00007f76464a2c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1931.440330][T24371] RAX: ffffffffffffffda RBX: 0000000000001f40 RCX: 000000000045d189 [ 1931.448280][T24371] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000103 [ 1931.456236][T24371] RBP: 000000000118d0d0 R08: ffffffffffffffff R09: 0000000000000000 [ 1931.464191][T24371] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118d08c [ 1931.472228][T24371] R13: 00007ffd47501b1f R14: 00007f76464a39c0 R15: 000000000118d08c [ 1931.525274][T24371] Mem-Info: [ 1931.528698][T24371] active_anon:1412160 inactive_anon:6774 isolated_anon:0 [ 1931.528698][T24371] active_file:226 inactive_file:251 isolated_file:32 [ 1931.528698][T24371] unevictable:0 dirty:7 writeback:0 unstable:0 [ 1931.528698][T24371] slab_reclaimable:8825 slab_unreclaimable:76807 [ 1931.528698][T24371] mapped:57848 shmem:6853 pagetables:39520 bounce:0 [ 1931.528698][T24371] free:11224 free_pcp:176 free_cma:0 [ 1931.566855][T24371] Node 0 active_anon:5648640kB inactive_anon:27096kB active_file:904kB inactive_file:932kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:231292kB dirty:28kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1931.591551][T24371] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1931.619365][T24371] lowmem_reserve[]: 0 2912 6416 6416 [ 1931.625093][T24371] DMA32 free:18580kB min:4644kB low:7624kB high:10604kB active_anon:2812868kB inactive_anon:3540kB active_file:328kB inactive_file:244kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14944kB pagetables:31948kB bounce:0kB free_pcp:184kB local_pcp:32kB free_cma:0kB [ 1931.654805][T24371] lowmem_reserve[]: 0 0 3504 3504 [ 1931.660328][T24371] Normal free:10916kB min:13784kB low:17372kB high:20960kB active_anon:2835772kB inactive_anon:23556kB active_file:844kB inactive_file:1024kB unevictable:0kB writepending:28kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32160kB pagetables:126132kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1931.690421][T24371] lowmem_reserve[]: 0 0 0 0 [ 1931.695312][T24371] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1931.709432][T24371] DMA32: 277*4kB (UMEH) 87*8kB (UMEH) 35*16kB (UEH) 24*32kB (UMEH) 30*64kB (UME) 33*128kB (UMH) 15*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 19260kB [ 1931.727262][T24371] Normal: 43*4kB (ME) 35*8kB (ME) 230*16kB (UME) 127*32kB (UME) 36*64kB (UM) 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 10500kB [ 1931.751320][T24371] 7360 total pagecache pages [ 1931.756466][T24371] 0 pages in swap cache [ 1931.761162][T24371] Swap cache stats: add 0, delete 0, find 0/0 [ 1931.767990][T24371] Free swap = 0kB [ 1931.772038][T24371] Total swap = 0kB [ 1931.776447][T24371] 1965979 pages RAM [ 1931.781433][T24371] 0 pages HighMem/MovableOnly [ 1931.791021][T24371] 318829 pages reserved [ 1931.795465][T24371] 0 pages cma reserved [ 1931.799808][T24371] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=31524,uid=0 22:39:42 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:42 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') syz_open_pts(r1, 0x4001) r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) [ 1931.814519][T24371] Out of memory: Killed process 31524 (syz-executor.0) total-vm:85480kB, anon-rss:9956kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 1931.850115][ T23] oom_reaper: reaped process 31524 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 22:39:42 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:42 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) signalfd4(r1, &(0x7f00000002c0)={[0x3]}, 0x8, 0x80000) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:42 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:42 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xa00) 22:39:42 executing program 4: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) timerfd_gettime(r5, 0x0) setsockopt$inet6_MCAST_JOIN_GROUP(r1, 0x29, 0x2a, &(0x7f0000000140)={0x1, {{0xa, 0x4e21, 0x2, @loopback, 0x8}}}, 0x88) setsockopt$netlink_NETLINK_CAP_ACK(r5, 0x10e, 0xa, &(0x7f0000000040)=0x5e214cc9, 0x4) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:39:43 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:43 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)={0x5, 0x6, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r4, 0x0, 0x0}, 0x20) r5 = socket$inet_udplite(0x2, 0x2, 0x88) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) sendmsg$NFNL_MSG_CTHELPER_GET(r6, &(0x7f0000000200)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x20, 0x1, 0x9, 0x201, 0x0, 0x0, {0xa}, [@NFCTH_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x4040000}, 0x8801) fcntl$lock(r4, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xaf6, 0x3ff, 0xffffffffffffffff}) 22:39:43 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1932.805520][T24409] syz-executor.4 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 1932.845052][T24409] CPU: 0 PID: 24409 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1932.855252][T24409] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1932.865388][T24409] Call Trace: [ 1932.868695][T24409] dump_stack+0x14a/0x1ce [ 1932.873032][T24409] ? devkmsg_release+0x11c/0x11c [ 1932.878021][T24409] ? show_regs_print_info+0x12/0x12 [ 1932.883222][T24409] ? radix_tree_cpu_dead+0x160/0x160 [ 1932.888503][T24409] ? _raw_spin_lock+0xa1/0x170 [ 1932.893271][T24409] ? _raw_spin_trylock_bh+0x190/0x190 [ 1932.898649][T24409] dump_header+0xdb/0x700 [ 1932.902985][T24409] oom_kill_process+0xd3/0x280 [ 1932.907726][T24409] out_of_memory+0x5b6/0x890 [ 1932.912289][T24409] ? unregister_oom_notifier+0x20/0x20 [ 1932.917721][T24409] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1932.923243][T24409] ? get_page_from_freelist+0x7c0/0x7c0 [ 1932.928758][T24409] ? __schedule+0x920/0xef0 [ 1932.933237][T24409] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1932.938586][T24409] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1932.944103][T24409] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1932.949794][T24409] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1932.955575][T24409] ? __lru_cache_add+0x1a1/0x1f0 [ 1932.960484][T24409] wp_page_copy+0x1cb/0x1120 [ 1932.965045][T24409] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 1932.971102][T24409] ? add_mm_rss_vec+0x270/0x270 [ 1932.975926][T24409] ? perf_pmu_sched_task+0x370/0x370 [ 1932.981185][T24409] ? switch_mm_irqs_off+0x4d7/0x9a0 [ 1932.986356][T24409] ? vm_normal_page+0x1c9/0x1d0 [ 1932.991178][T24409] do_wp_page+0x4c1/0x1530 [ 1932.995567][T24409] ? _raw_spin_unlock_irq+0x5/0x20 [ 1933.000650][T24409] ? _raw_spin_lock+0xa1/0x170 [ 1933.005385][T24409] ? do_swap_page+0x1560/0x1560 [ 1933.010207][T24409] ? __schedule+0x920/0xef0 [ 1933.014685][T24409] handle_mm_fault+0xfa5/0x41e0 [ 1933.019512][T24409] ? finish_fault+0x230/0x230 [ 1933.024159][T24409] ? switch_mm+0x100/0x100 [ 1933.028807][T24409] ? vmacache_find+0x21c/0x4b0 [ 1933.033550][T24409] ? vmacache_find+0x278/0x4b0 [ 1933.038285][T24409] ? vmacache_find+0x2d2/0x4b0 [ 1933.043023][T24409] do_user_addr_fault+0x48a/0x9f0 [ 1933.048025][T24409] page_fault+0x2f/0x40 [ 1933.052157][T24409] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 1933.058718][T24409] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 1933.078294][T24409] RSP: 0018:ffff88815ca9f888 EFLAGS: 00010206 [ 1933.084335][T24409] RAX: ffffffff81f86901 RBX: 0000000020796500 RCX: 0000000000000500 [ 1933.092280][T24409] RDX: 0000000000001000 RSI: ffff888027055b00 RDI: 0000000020796000 [ 1933.100237][T24409] RBP: ffff88815ca9fda8 R08: dffffc0000000000 R09: ffffed1004e0ac00 [ 1933.108183][T24409] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 1933.116127][T24409] R13: 0000000000001000 R14: ffff888027055000 R15: 0000000020795500 [ 1933.124687][T24409] ? copyout+0x51/0xb0 [ 1933.128729][T24409] copyout+0x8e/0xb0 [ 1933.132598][T24409] copy_page_to_iter+0x393/0xbd0 [ 1933.137528][T24409] pipe_to_user+0xa3/0x130 [ 1933.141916][T24409] __splice_from_pipe+0x2d3/0x870 [ 1933.146920][T24409] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 1933.152458][T24409] do_vmsplice+0x252/0xee0 [ 1933.156853][T24409] ? avc_ss_reset+0x3a0/0x3a0 [ 1933.161501][T24409] ? write_pipe_buf+0x1d0/0x1d0 [ 1933.166496][T24409] ? __rcu_read_lock+0x50/0x50 [ 1933.171229][T24409] ? check_stack_object+0x5a/0x90 [ 1933.176225][T24409] ? _copy_from_user+0xa4/0xe0 [ 1933.180966][T24409] ? rw_copy_check_uvector+0x2b3/0x310 [ 1933.186400][T24409] ? import_iovec+0x1c2/0x380 [ 1933.191048][T24409] ? dup_iter+0x110/0x110 [ 1933.195348][T24409] ? do_vfs_ioctl+0x780/0x1750 [ 1933.200183][T24409] __se_sys_vmsplice+0x1fb/0x300 [ 1933.205092][T24409] ? __x64_sys_vmsplice+0xa0/0xa0 [ 1933.210094][T24409] ? put_timespec64+0x109/0x150 [ 1933.214918][T24409] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1933.220540][T24409] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 1933.226231][T24409] do_syscall_64+0xcb/0x150 [ 1933.230711][T24409] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1933.236599][T24409] RIP: 0033:0x45d189 [ 1933.240467][T24409] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1933.260059][T24409] RSP: 002b:00007fe26cbbec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 1933.268442][T24409] RAX: ffffffffffffffda RBX: 0000000000035800 RCX: 000000000045d189 [ 1933.276664][T24409] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003 [ 1933.284610][T24409] RBP: 000000000118d028 R08: 0000000000000000 R09: 0000000000000000 [ 1933.292557][T24409] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cfec [ 1933.300505][T24409] R13: 00007ffc8d239f3f R14: 00007fe26cbbf9c0 R15: 000000000118cfec [ 1933.374802][T24409] Mem-Info: [ 1933.388570][T24409] active_anon:1413958 inactive_anon:6774 isolated_anon:0 [ 1933.388570][T24409] active_file:369 inactive_file:403 isolated_file:32 [ 1933.388570][T24409] unevictable:0 dirty:44 writeback:0 unstable:0 [ 1933.388570][T24409] slab_reclaimable:8824 slab_unreclaimable:76715 [ 1933.388570][T24409] mapped:58119 shmem:6853 pagetables:39571 bounce:0 [ 1933.388570][T24409] free:9288 free_pcp:44 free_cma:0 [ 1933.428856][T24409] Node 0 active_anon:5655832kB inactive_anon:27096kB active_file:1476kB inactive_file:1468kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:232376kB dirty:176kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1933.454260][T24409] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1933.480613][T24409] lowmem_reserve[]: 0 2912 6416 6416 [ 1933.486203][T24409] DMA32 free:17296kB min:4644kB low:7624kB high:10604kB active_anon:2815848kB inactive_anon:3540kB active_file:108kB inactive_file:96kB unevictable:0kB writepending:4kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14720kB pagetables:31896kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1933.524243][T24409] lowmem_reserve[]: 0 0 3504 3504 [ 1933.529484][T24409] Normal free:5144kB min:5592kB low:9180kB high:12768kB active_anon:2840100kB inactive_anon:23556kB active_file:1288kB inactive_file:1312kB unevictable:0kB writepending:172kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32544kB pagetables:126288kB bounce:0kB free_pcp:400kB local_pcp:400kB free_cma:0kB [ 1933.582528][T24409] lowmem_reserve[]: 0 0 0 0 [ 1933.587700][T24409] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1933.601788][T24409] DMA32: 98*4kB (UMEH) 52*8kB (UMEH) 36*16kB (UME) 14*32kB (UE) 17*64kB (UME) 33*128kB (UMH) 16*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 17384kB [ 1933.618811][T24409] Normal: 302*4kB (UME) 94*8kB (UME) 33*16kB (UME) 7*32kB (UME) 3*64kB (M) 2*128kB (M) 1*256kB (M) 2*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 5464kB [ 1933.634631][T24409] 7332 total pagecache pages [ 1933.639818][T24409] 0 pages in swap cache [ 1933.644523][T24409] Swap cache stats: add 0, delete 0, find 0/0 [ 1933.651178][T24409] Free swap = 0kB [ 1933.655482][T24409] Total swap = 0kB [ 1933.659732][T24409] 1965979 pages RAM [ 1933.664115][T24409] 0 pages HighMem/MovableOnly [ 1933.669433][T24409] 318829 pages reserved [ 1933.674158][T24409] 0 pages cma reserved [ 1933.678797][T24409] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=24396,uid=0 [ 1933.693538][T24409] Out of memory: Killed process 24396 (syz-executor.2) total-vm:85744kB, anon-rss:13920kB, file-rss:35100kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 22:39:43 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x94], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:44 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) r4 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) request_key(&(0x7f0000000040)='user\x00', &(0x7f00000000c0)={'syz', 0x3, 0xc}, &(0x7f0000000300)='\xba>\x0f\x0et\xe3JZM\xaa\xcc\xdbmo\xec\xbey21XcI\xcf\xd4W6\xd6\x9c\x9eJU\xa49\x96\xb1\xef7\n\x1e1\xbc', r4) keyctl$read(0xb, 0x0, &(0x7f00000002c0)=""/14, 0xfdf9) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1934.749439][T24415] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=0, oom_score_adj=0 [ 1934.761410][T24415] CPU: 1 PID: 24415 Comm: syz-executor.3 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1934.771579][T24415] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1934.781607][T24415] Call Trace: [ 1934.784878][T24415] dump_stack+0x14a/0x1ce [ 1934.789183][T24415] ? devkmsg_release+0x11c/0x11c [ 1934.794088][T24415] ? show_regs_print_info+0x12/0x12 [ 1934.799255][T24415] ? radix_tree_cpu_dead+0x160/0x160 [ 1934.804506][T24415] ? _raw_spin_lock+0xa1/0x170 [ 1934.809238][T24415] ? _raw_spin_trylock_bh+0x190/0x190 [ 1934.814579][T24415] dump_header+0xdb/0x700 [ 1934.818885][T24415] oom_kill_process+0xd3/0x280 [ 1934.823626][T24415] out_of_memory+0x5b6/0x890 [ 1934.828205][T24415] ? unregister_oom_notifier+0x20/0x20 [ 1934.833665][T24415] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1934.839220][T24415] ? get_page_from_freelist+0x7c0/0x7c0 [ 1934.844778][T24415] ? __zone_watermark_ok+0x91/0x280 [ 1934.849984][T24415] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1934.855354][T24415] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1934.860881][T24415] ? __rcu_read_lock+0x50/0x50 [ 1934.865616][T24415] pte_alloc_one+0x1b/0xb0 [ 1934.870004][T24415] handle_mm_fault+0x1ba9/0x41e0 [ 1934.874917][T24415] ? finish_fault+0x230/0x230 [ 1934.879571][T24415] ? memset+0x1f/0x40 [ 1934.883587][T24415] ? down_read_trylock+0x17a/0x1d0 [ 1934.888683][T24415] ? vmacache_update+0x9f/0xf0 [ 1934.893420][T24415] do_user_addr_fault+0x48a/0x9f0 [ 1934.898421][T24415] page_fault+0x2f/0x40 [ 1934.902545][T24415] RIP: 0033:0x45b75a [ 1934.906418][T24415] Code: Bad RIP value. [ 1934.910454][T24415] RSP: 002b:00007ffdc5ab06d0 EFLAGS: 00010246 [ 1934.916488][T24415] RAX: 0000000000000000 RBX: 00007ffdc5ab06d0 RCX: 000000000045b75a [ 1934.924427][T24415] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1934.932390][T24415] RBP: 00007ffdc5ab0710 R08: 0000000000000001 R09: 000000000171b940 [ 1934.940353][T24415] R10: 000000000171bc10 R11: 0000000000000246 R12: 0000000000000001 [ 1934.948326][T24415] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffdc5ab0760 [ 1934.957608][T24415] Mem-Info: [ 1934.960887][T24415] active_anon:1414559 inactive_anon:6774 isolated_anon:0 [ 1934.960887][T24415] active_file:15 inactive_file:16 isolated_file:0 [ 1934.960887][T24415] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1934.960887][T24415] slab_reclaimable:8824 slab_unreclaimable:76814 [ 1934.960887][T24415] mapped:57374 shmem:6853 pagetables:39521 bounce:0 [ 1934.960887][T24415] free:9605 free_pcp:117 free_cma:0 [ 1935.007987][T24415] Node 0 active_anon:5659336kB inactive_anon:27096kB active_file:160kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):100kB mapped:229596kB dirty:0kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1935.049406][T24415] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1935.081583][T24415] lowmem_reserve[]: 0 2912 6416 6416 [ 1935.086934][T24415] DMA32 free:17496kB min:4644kB low:7624kB high:10604kB active_anon:2816120kB inactive_anon:3540kB active_file:0kB inactive_file:8kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14624kB pagetables:31912kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1935.127569][T24415] lowmem_reserve[]: 0 0 3504 3504 [ 1935.136115][T24415] Normal free:3972kB min:5592kB low:9180kB high:12768kB active_anon:2843312kB inactive_anon:23556kB active_file:92kB inactive_file:272kB unevictable:0kB writepending:8kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32352kB pagetables:126176kB bounce:0kB free_pcp:368kB local_pcp:260kB free_cma:0kB [ 1935.165645][T24415] lowmem_reserve[]: 0 0 0 0 [ 1935.170168][T24415] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1935.183628][T24415] DMA32: 34*4kB (UME) 46*8kB (UME) 36*16kB (UE) 19*32kB (UME) 21*64kB (UME) 33*128kB (UM) 16*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 17496kB [ 1935.199824][T24415] Normal: 143*4kB (UE) 38*8kB (UME) 32*16kB (UME) 3*32kB (ME) 3*64kB (M) 4*128kB (UM) 1*256kB (M) 1*512kB (M) 1*1024kB (M) 0*2048kB 0*4096kB = 3980kB [ 1935.214977][T24415] 6885 total pagecache pages [ 1935.219554][T24415] 0 pages in swap cache [ 1935.223691][T24415] Swap cache stats: add 0, delete 0, find 0/0 [ 1935.229855][T24415] Free swap = 0kB [ 1935.233565][T24415] Total swap = 0kB [ 1935.237263][T24415] 1965979 pages RAM [ 1935.241034][T24415] 0 pages HighMem/MovableOnly [ 1935.247646][T24415] 318829 pages reserved [ 1935.251810][T24415] 0 pages cma reserved [ 1935.255880][T24415] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=24406,uid=0 [ 1935.273401][T24415] Out of memory: Killed process 24406 (syz-executor.5) total-vm:85348kB, anon-rss:13108kB, file-rss:34388kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1935.318516][ T23] oom_reaper: reaped process 24406 (syz-executor.5), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 22:39:46 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) prctl$PR_MPX_ENABLE_MANAGEMENT(0x2b) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:46 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000), 0x0, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) mkdir(&(0x7f0000000300)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000280)='tmpfs\x00', 0x0, 0x0) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) r5 = dup2(r4, r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) lsetxattr$system_posix_acl(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000200)='system.posix_acl_default\x00', &(0x7f0000000340)={{}, {}, [], {}, [{}]}, 0x2c, 0x0) chdir(&(0x7f0000000100)='./file0\x00') open$dir(&(0x7f0000000080)='./file0\x00', 0xe0, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:39:46 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:46 executing program 4: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xcf) 22:39:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:46 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xb00) 22:39:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:46 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) r4 = add_key$keyring(&(0x7f00000004c0)='keyring\x00', &(0x7f0000000180)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe) request_key(&(0x7f0000000040)='user\x00', &(0x7f00000000c0)={'syz', 0x3, 0xc}, &(0x7f0000000300)='\xba>\x0f\x0et\xe3JZM\xaa\xcc\xdbmo\xec\xbey21XcI\xcf\xd4W6\xd6\x9c\x9eJU\xa49\x96\xb1\xef7\n\x1e1\xbc', r4) keyctl$read(0xb, 0x0, &(0x7f00000002c0)=""/14, 0xfdf9) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:46 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1936.036064][T24442] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1936.075115][T24442] CPU: 1 PID: 24442 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1936.085269][T24442] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1936.095313][T24442] Call Trace: [ 1936.098607][T24442] dump_stack+0x14a/0x1ce [ 1936.102951][T24442] ? devkmsg_release+0x11c/0x11c [ 1936.107888][T24442] ? show_regs_print_info+0x12/0x12 [ 1936.113086][T24442] ? radix_tree_cpu_dead+0x160/0x160 [ 1936.118377][T24442] ? _raw_spin_lock+0xa1/0x170 [ 1936.123139][T24442] ? _raw_spin_trylock_bh+0x190/0x190 [ 1936.128510][T24442] dump_header+0xdb/0x700 [ 1936.132861][T24442] oom_kill_process+0xd3/0x280 [ 1936.137634][T24442] out_of_memory+0x5b6/0x890 [ 1936.142226][T24442] ? unregister_oom_notifier+0x20/0x20 [ 1936.147689][T24442] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1936.153241][T24442] ? get_page_from_freelist+0x7c0/0x7c0 [ 1936.158786][T24442] ? __zone_watermark_ok+0x91/0x280 [ 1936.163992][T24442] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1936.169369][T24442] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1936.174915][T24442] ? copy_process+0x5a4/0x5110 [ 1936.179684][T24442] ? kmem_cache_alloc+0x1d5/0x260 [ 1936.184712][T24442] copy_process+0x5f3/0x5110 [ 1936.189304][T24442] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1936.195014][T24442] ? _raw_spin_lock+0xa1/0x170 [ 1936.199755][T24442] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1936.205532][T24442] ? __lru_cache_add+0x1a1/0x1f0 [ 1936.210440][T24442] ? fork_idle+0x290/0x290 [ 1936.214830][T24442] _do_fork+0x196/0x920 [ 1936.218956][T24442] ? finish_fault+0x230/0x230 [ 1936.223605][T24442] ? up_write+0xa1/0x190 [ 1936.227820][T24442] ? dup_mm+0x300/0x300 [ 1936.231946][T24442] __x64_sys_clone+0x25e/0x2c0 [ 1936.236682][T24442] ? __ia32_sys_vfork+0x110/0x110 [ 1936.242372][T24442] ? do_user_addr_fault+0x55c/0x9f0 [ 1936.247540][T24442] do_syscall_64+0xcb/0x150 [ 1936.252543][T24442] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1936.258493][T24442] RIP: 0033:0x45fb59 [ 1936.262619][T24442] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1936.282197][T24442] RSP: 002b:00007ffd47501a68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1936.290577][T24442] RAX: ffffffffffffffda RBX: 00007f76464a3700 RCX: 000000000045fb59 [ 1936.298540][T24442] RDX: 00007f76464a39d0 RSI: 00007f76464a2db0 RDI: 00000000003d0f00 [ 1936.306502][T24442] RBP: 00007ffd47501c90 R08: 00007f76464a3700 R09: 00007f76464a3700 [ 1936.314447][T24442] R10: 00007f76464a39d0 R11: 0000000000000202 R12: 0000000000000000 [ 1936.322389][T24442] R13: 00007ffd47501b1f R14: 00007f76464a39c0 R15: 000000000118d08c [ 1936.352678][T24442] Mem-Info: [ 1936.356140][T24442] active_anon:1412961 inactive_anon:6774 isolated_anon:0 [ 1936.356140][T24442] active_file:837 inactive_file:736 isolated_file:100 [ 1936.356140][T24442] unevictable:0 dirty:29 writeback:0 unstable:0 [ 1936.356140][T24442] slab_reclaimable:8824 slab_unreclaimable:76686 [ 1936.356140][T24442] mapped:58968 shmem:6853 pagetables:39518 bounce:0 [ 1936.356140][T24442] free:9419 free_pcp:58 free_cma:0 [ 1936.394059][T24442] Node 0 active_anon:5651844kB inactive_anon:27096kB active_file:3244kB inactive_file:2836kB unevictable:0kB isolated(anon):0kB isolated(file):260kB mapped:235572kB dirty:116kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1936.544772][T24442] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1936.644503][T24442] lowmem_reserve[]: 0 2912 6416 6416 [ 1936.665249][T24442] DMA32 free:17088kB min:4644kB low:7624kB high:10604kB active_anon:2816120kB inactive_anon:3540kB active_file:544kB inactive_file:144kB unevictable:0kB writepending:28kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14752kB pagetables:31944kB bounce:0kB free_pcp:96kB local_pcp:72kB free_cma:0kB [ 1936.728917][T24442] lowmem_reserve[]: 0 0 3504 3504 [ 1936.745377][T24442] Normal free:6592kB min:9688kB low:13276kB high:16864kB active_anon:2838496kB inactive_anon:23556kB active_file:1184kB inactive_file:648kB unevictable:0kB writepending:180kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32512kB pagetables:126464kB bounce:0kB free_pcp:424kB local_pcp:236kB free_cma:0kB [ 1936.813345][T24442] lowmem_reserve[]: 0 0 0 0 [ 1936.825249][T24442] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1936.847133][T24442] DMA32: 127*4kB (UME) 42*8kB (UMEH) 35*16kB (UME) 26*32kB (UME) 12*64kB (UME) 33*128kB (UM) 16*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 17468kB [ 1936.863689][T24442] Normal: 325*4kB (UME) 186*8kB (UME) 89*16kB (UME) 31*32kB (UME) 6*64kB (UM) 3*128kB (U) 2*256kB (U) 1*512kB (U) 1*1024kB (U) 0*2048kB 0*4096kB = 8020kB [ 1936.879281][T24442] 6991 total pagecache pages [ 1936.883850][T24442] 0 pages in swap cache [ 1936.888007][T24442] Swap cache stats: add 0, delete 0, find 0/0 [ 1936.894069][T24442] Free swap = 0kB [ 1936.897799][T24442] Total swap = 0kB [ 1936.901509][T24442] 1965979 pages RAM [ 1936.905321][T24442] 0 pages HighMem/MovableOnly [ 1936.909984][T24442] 318829 pages reserved [ 1936.914129][T24442] 0 pages cma reserved [ 1936.918205][T24442] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=8021,uid=0 [ 1936.932210][T24442] Out of memory: Killed process 8021 (syz-executor.2) total-vm:85348kB, anon-rss:9908kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 1936.965157][ T23] oom_reaper: reaped process 8021 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1937.296815][ T349] syz-fuzzer invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 1937.307561][ T349] CPU: 0 PID: 349 Comm: syz-fuzzer Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1937.317174][ T349] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1937.327207][ T349] Call Trace: [ 1937.330479][ T349] dump_stack+0x14a/0x1ce [ 1937.334780][ T349] ? devkmsg_release+0x11c/0x11c [ 1937.339705][ T349] ? show_regs_print_info+0x12/0x12 [ 1937.344886][ T349] ? radix_tree_cpu_dead+0x160/0x160 [ 1937.350150][ T349] ? _raw_spin_lock+0xa1/0x170 [ 1937.354907][ T349] ? _raw_spin_trylock_bh+0x190/0x190 [ 1937.360252][ T349] dump_header+0xdb/0x700 [ 1937.364554][ T349] oom_kill_process+0xd3/0x280 [ 1937.369291][ T349] out_of_memory+0x5b6/0x890 [ 1937.373856][ T349] ? unregister_oom_notifier+0x20/0x20 [ 1937.379287][ T349] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1937.384809][ T349] ? get_page_from_freelist+0x7c0/0x7c0 [ 1937.390328][ T349] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1937.395671][ T349] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1937.401187][ T349] pagecache_get_page+0x50f/0x880 [ 1937.406374][ T349] filemap_fault+0x14cb/0x1a30 [ 1937.411109][ T349] ? __down_read+0xf1/0x210 [ 1937.415586][ T349] ? generic_file_read_iter+0x20b0/0x20b0 [ 1937.421275][ T349] ? ___preempt_schedule+0x16/0x20 [ 1937.426452][ T349] ext4_filemap_fault+0x7b/0x90 [ 1937.431274][ T349] handle_mm_fault+0x29ca/0x41e0 [ 1937.436183][ T349] ? finish_fault+0x230/0x230 [ 1937.440856][ T349] ? preempt_schedule_irq+0xe7/0x140 [ 1937.446130][ T349] ? retint_kernel+0x1b/0x1b [ 1937.450693][ T349] ? do_user_addr_fault+0x46d/0x9f0 [ 1937.456399][ T349] do_user_addr_fault+0x48a/0x9f0 [ 1937.461396][ T349] page_fault+0x2f/0x40 [ 1937.465570][ T349] RIP: 0033:0x453c90 [ 1937.469439][ T349] Code: 40 48 89 6c 24 38 48 8d 6c 24 38 8b 44 24 58 85 c0 7d 12 c7 44 24 70 ff ff ff ff 48 8b 6c 24 38 48 83 c4 40 c3 48 8b 4c 24 48 <39> 41 20 7e e4 48 8d 51 27 48 63 c0 48 8d 04 82 48 8d 40 01 8b 00 [ 1937.489103][ T349] RSP: 002b:000000c000057878 EFLAGS: 00010246 [ 1937.495141][ T349] RAX: 0000000000000000 RBX: 0000000000b3d980 RCX: 0000000000d8ac38 [ 1937.503095][ T349] RDX: 000000000078dae0 RSI: 000000000078dae0 RDI: 000000000078dbd0 [ 1937.511076][ T349] RBP: 000000c0000578b0 R08: 0000000000001f39 R09: 0000000000203001 [ 1937.519029][ T349] R10: 0000000000000002 R11: 0000000000000011 R12: 00000000000000f1 [ 1937.526977][ T349] R13: 0000000000000000 R14: 0000000000ad7152 R15: 0000000000000000 [ 1937.536220][ T349] Mem-Info: [ 1937.539481][ T349] active_anon:1413974 inactive_anon:6774 isolated_anon:0 [ 1937.539481][ T349] active_file:277 inactive_file:316 isolated_file:24 [ 1937.539481][ T349] unevictable:0 dirty:23 writeback:11 unstable:0 [ 1937.539481][ T349] slab_reclaimable:8824 slab_unreclaimable:76808 [ 1937.539481][ T349] mapped:57915 shmem:6853 pagetables:39592 bounce:0 [ 1937.539481][ T349] free:9490 free_pcp:0 free_cma:0 [ 1937.577261][ T349] Node 0 active_anon:5655896kB inactive_anon:27096kB active_file:1108kB inactive_file:1160kB unevictable:0kB isolated(anon):0kB isolated(file):96kB mapped:231560kB dirty:92kB writeback:44kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1937.601834][ T349] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1937.627980][ T349] lowmem_reserve[]: 0 2912 6416 6416 [ 1937.633482][ T349] DMA32 free:18008kB min:4644kB low:7624kB high:10604kB active_anon:2816128kB inactive_anon:3540kB active_file:8kB inactive_file:16kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14656kB pagetables:31944kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1937.662510][ T349] lowmem_reserve[]: 0 0 3504 3504 [ 1937.667728][ T349] Normal free:4720kB min:9688kB low:13276kB high:16864kB active_anon:2839828kB inactive_anon:23556kB active_file:988kB inactive_file:1140kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32416kB pagetables:126368kB bounce:0kB free_pcp:248kB local_pcp:0kB free_cma:0kB [ 1937.697366][ T349] lowmem_reserve[]: 0 0 0 0 [ 1937.702018][ T349] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1937.715588][ T349] DMA32: 196*4kB (UME) 41*8kB (UMEH) 36*16kB (UME) 34*32kB (UMEH) 12*64kB (UME) 33*128kB (UM) 16*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 18008kB [ 1937.732280][ T349] Normal: 172*4kB (UME) 97*8kB (UME) 42*16kB (UME) 13*32kB (UME) 5*64kB (UM) 4*128kB (M) 2*256kB (UM) 1*512kB (U) 1*1024kB (M) 0*2048kB 0*4096kB = 5432kB [ 1937.748020][ T349] 7248 total pagecache pages [ 1937.752757][ T349] 0 pages in swap cache [ 1937.757074][ T349] Swap cache stats: add 0, delete 0, find 0/0 [ 1937.763299][ T349] Free swap = 0kB [ 1937.767190][ T349] Total swap = 0kB [ 1937.771033][ T349] 1965979 pages RAM [ 1937.821539][ T349] 0 pages HighMem/MovableOnly [ 1937.830933][ T349] 318829 pages reserved [ 1937.839935][ T349] 0 pages cma reserved [ 1937.846250][ T349] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=24432,uid=0 [ 1937.860590][ T349] Out of memory: Killed process 24432 (syz-executor.2) total-vm:85876kB, anon-rss:15236kB, file-rss:34352kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1937.887088][ T23] oom_reaper: reaped process 24432 (syz-executor.2), now anon-rss:0kB, file-rss:34212kB, shmem-rss:0kB 22:39:48 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:48 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xc00) 22:39:48 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20) ioctl$EXT4_IOC_MOVE_EXT(0xffffffffffffffff, 0xc028660f, &(0x7f00000002c0)={0x0, 0xffffffffffffffff, 0x7, 0xfffffffffffff000, 0x8, 0x800}) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:48 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:48 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000040)=[{&(0x7f0000000140)="54a30580e8cd9db51d239db022e884c13cfb9cf104abb0130231c95a13178adf10358e327b46ef4d6e713c8bd619e37ee47bb6bf9a7c5eeac39a17a37b528c4a2b2c2e1b45a1340ca8ae386a8a9d7788114d11918d587aaafeee2bff256031889feec08a51ca86952cf2ddbe28bde049d04b3f755754286ce13e51e913b72d914d571ce53d33370272e09608a08525eb3b1e1c0b5720513d9414faa303276b06bf20ef7686e2fb4dea60ae344bf4d7970aafe874afadf5e716b50ff149a998374ccd05349e216abe5a43b2385aeef68d063513efc9100c76417effa2525b42ee60e79bfce0d532a1b15d2a07781c93ff0d3433aa9b90861db3348c8ae163cf3cf186290c9a24d3af7975bf6845ef05fe05dd7e54aa5b08646962333387960150b4f22a962b096467f46f4be46c66fd9eb0150a9e1f4a62f9ad79d59e27075d29d73c9ec4ae", 0x145}, {&(0x7f00000002c0)="6167b59e68970c58ebf45085460030feef31daf07bf847800543dbab71634d2ace361d8d58933a2036764252ab1eaa24de5a50cf04e1e2d2756a6f8c097ccabd09a8ffa5e75fd681d5dbc120b42730bacfc82913deb34136cb2732fda22d5b41e604930de2b7bea4e91a6211c722529e661f0cf2048e9a5c28b2af95872317574c9342e257f039a099d297119502cdecaff529e113c6ea2e614b2031ce379a967d", 0xa1}], 0x2, 0x0) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/route\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) [ 1939.198430][T24483] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1939.224543][T24483] CPU: 0 PID: 24483 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1939.234688][T24483] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1939.244722][T24483] Call Trace: [ 1939.248622][T24483] dump_stack+0x14a/0x1ce [ 1939.252958][T24483] ? devkmsg_release+0x11c/0x11c [ 1939.257882][T24483] ? show_regs_print_info+0x12/0x12 [ 1939.263160][T24483] ? radix_tree_cpu_dead+0x160/0x160 [ 1939.268607][T24483] ? _raw_spin_lock+0xa1/0x170 [ 1939.273380][T24483] ? _raw_spin_trylock_bh+0x190/0x190 [ 1939.278733][T24483] dump_header+0xdb/0x700 [ 1939.283042][T24483] oom_kill_process+0xd3/0x280 [ 1939.287793][T24483] out_of_memory+0x5b6/0x890 [ 1939.292370][T24483] ? unregister_oom_notifier+0x20/0x20 [ 1939.297808][T24483] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1939.303335][T24483] ? get_page_from_freelist+0x7c0/0x7c0 [ 1939.308945][T24483] ? __zone_watermark_ok+0x91/0x280 [ 1939.314134][T24483] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1939.319502][T24483] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1939.325024][T24483] ? copy_process+0x5a4/0x5110 [ 1939.329758][T24483] ? copy_process+0x5a4/0x5110 [ 1939.334491][T24483] ? kmem_cache_alloc+0x1d5/0x260 [ 1939.339515][T24483] copy_process+0x5f3/0x5110 [ 1939.344078][T24483] ? search_process_keyrings_rcu+0x260/0x260 [ 1939.350075][T24483] ? __up_read+0x6f/0x1b0 [ 1939.354559][T24483] ? fork_idle+0x290/0x290 [ 1939.358957][T24483] ? keyctl_keyring_move+0x5a/0x100 [ 1939.364130][T24483] _do_fork+0x196/0x920 [ 1939.368453][T24483] ? __x64_sys_keyctl+0xc0/0xc0 [ 1939.373274][T24483] ? dup_mm+0x300/0x300 [ 1939.377404][T24483] ? ktime_get_raw+0x130/0x130 [ 1939.382153][T24483] __x64_sys_clone+0x25e/0x2c0 [ 1939.386891][T24483] ? __ia32_sys_vfork+0x110/0x110 [ 1939.391888][T24483] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1939.397493][T24483] do_syscall_64+0xcb/0x150 [ 1939.401970][T24483] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1939.407834][T24483] RIP: 0033:0x45d189 [ 1939.411733][T24483] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1939.431308][T24483] RSP: 002b:00007fe26cb9dc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1939.439690][T24483] RAX: ffffffffffffffda RBX: 0000000000001f40 RCX: 000000000045d189 [ 1939.447630][T24483] RDX: 9999999999999999 RSI: 0000000000000000 RDI: 0000000000000103 [ 1939.455591][T24483] RBP: 000000000118d0d0 R08: ffffffffffffffff R09: 0000000000000000 [ 1939.463536][T24483] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118d08c [ 1939.471480][T24483] R13: 00007ffc8d239f3f R14: 00007fe26cb9e9c0 R15: 000000000118d08c [ 1939.480446][T24483] Mem-Info: [ 1939.483922][T24483] active_anon:1413134 inactive_anon:6774 isolated_anon:0 [ 1939.483922][T24483] active_file:63 inactive_file:64 isolated_file:4 [ 1939.483922][T24483] unevictable:0 dirty:4 writeback:0 unstable:0 [ 1939.483922][T24483] slab_reclaimable:8824 slab_unreclaimable:77413 [ 1939.483922][T24483] mapped:57454 shmem:6853 pagetables:39629 bounce:0 [ 1939.483922][T24483] free:10256 free_pcp:10 free_cma:0 [ 1939.521795][T24483] Node 0 active_anon:5652536kB inactive_anon:27096kB active_file:252kB inactive_file:128kB unevictable:0kB isolated(anon):0kB isolated(file):144kB mapped:229816kB dirty:16kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1939.547416][T24483] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1939.574513][T24483] lowmem_reserve[]: 0 2912 6416 6416 [ 1939.580747][T24483] DMA32 free:17560kB min:4644kB low:7624kB high:10604kB active_anon:2816944kB inactive_anon:3540kB active_file:8kB inactive_file:84kB unevictable:0kB writepending:4kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14656kB pagetables:31944kB bounce:0kB free_pcp:56kB local_pcp:4kB free_cma:0kB [ 1939.621559][T24483] lowmem_reserve[]: 0 0 3504 3504 [ 1939.639573][T24483] Normal free:6864kB min:5592kB low:9180kB high:12768kB active_anon:2835724kB inactive_anon:23556kB active_file:196kB inactive_file:120kB unevictable:0kB writepending:8kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32576kB pagetables:126572kB bounce:0kB free_pcp:692kB local_pcp:544kB free_cma:0kB [ 1939.697436][T24483] lowmem_reserve[]: 0 0 0 0 [ 1939.701946][T24483] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1939.724454][T24483] DMA32: 74*4kB (UMEH) 35*8kB (UMEH) 34*16kB (UME) 42*32kB (UMEH) 8*64kB (UME) 33*128kB (UM) 16*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 17440kB [ 1939.755180][T24483] Normal: 39*4kB (UME) 42*8kB (MEH) 27*16kB (EH) 4*32kB (UME) 8*64kB (H) 15*128kB (UMH) 5*256kB (UMH) 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 5276kB [ 1939.784412][T24483] 7099 total pagecache pages [ 1939.789008][T24483] 0 pages in swap cache [ 1939.793138][T24483] Swap cache stats: add 0, delete 0, find 0/0 [ 1939.804537][T24483] Free swap = 0kB [ 1939.808965][T24483] Total swap = 0kB [ 1939.813167][T24483] 1965979 pages RAM [ 1939.819913][T24483] 0 pages HighMem/MovableOnly [ 1939.825249][T24483] 318829 pages reserved [ 1939.830080][T24483] 0 pages cma reserved [ 1939.845199][T24483] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=24484,uid=0 [ 1939.876468][T24483] Out of memory: Killed process 24484 (syz-executor.0) total-vm:85348kB, anon-rss:12084kB, file-rss:34768kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 1939.920453][ T23] oom_reaper: reaped process 24484 (syz-executor.0), now anon-rss:0kB, file-rss:34740kB, shmem-rss:0kB 22:39:51 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:51 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:51 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) r4 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)={0x5, 0x6, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r4, 0x0, 0x0}, 0x20) ioctl$int_in(r4, 0x5452, &(0x7f0000000040)=0x7) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:39:51 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) clock_gettime(0x0, &(0x7f0000000340)={0x0, 0x0}) utimensat(r3, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000380)={{}, {r4, r5/1000+10000}}, 0x100) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/3, 0x3) r6 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r6, 0x0) r7 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r7, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:51 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:51 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:51 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:51 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xd00) 22:39:51 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1941.376442][T24495] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1941.401476][T24495] CPU: 0 PID: 24495 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1941.411717][T24495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1941.421769][T24495] Call Trace: [ 1941.425039][T24495] dump_stack+0x14a/0x1ce [ 1941.429342][T24495] ? devkmsg_release+0x11c/0x11c [ 1941.434252][T24495] ? show_regs_print_info+0x12/0x12 [ 1941.439420][T24495] ? radix_tree_cpu_dead+0x160/0x160 [ 1941.444674][T24495] ? _raw_spin_lock+0xa1/0x170 [ 1941.449406][T24495] ? _raw_spin_trylock_bh+0x190/0x190 [ 1941.454749][T24495] dump_header+0xdb/0x700 [ 1941.459056][T24495] oom_kill_process+0xd3/0x280 [ 1941.463790][T24495] out_of_memory+0x5b6/0x890 [ 1941.468379][T24495] ? unregister_oom_notifier+0x20/0x20 [ 1941.473810][T24495] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1941.479327][T24495] ? get_page_from_freelist+0x7c0/0x7c0 [ 1941.485130][T24495] ? __zone_watermark_ok+0x91/0x280 [ 1941.490305][T24495] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1941.495650][T24495] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1941.501176][T24495] ? copy_process+0x5a4/0x5110 [ 1941.505924][T24495] ? copy_process+0x5a4/0x5110 [ 1941.510678][T24495] ? kmem_cache_alloc+0x1d5/0x260 [ 1941.515685][T24495] copy_process+0x5f3/0x5110 [ 1941.520256][T24495] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1941.525949][T24495] ? _raw_spin_lock+0xa1/0x170 [ 1941.530683][T24495] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1941.536460][T24495] ? __lru_cache_add+0x1a1/0x1f0 [ 1941.541365][T24495] ? fork_idle+0x290/0x290 [ 1941.545750][T24495] _do_fork+0x196/0x920 [ 1941.549878][T24495] ? finish_fault+0x230/0x230 [ 1941.554522][T24495] ? up_write+0xa1/0x190 [ 1941.558735][T24495] ? dup_mm+0x300/0x300 [ 1941.562861][T24495] __x64_sys_clone+0x25e/0x2c0 [ 1941.567595][T24495] ? __ia32_sys_vfork+0x110/0x110 [ 1941.572591][T24495] ? do_user_addr_fault+0x55c/0x9f0 [ 1941.577762][T24495] do_syscall_64+0xcb/0x150 [ 1941.582237][T24495] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1941.588101][T24495] RIP: 0033:0x45fb59 [ 1941.591996][T24495] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1941.611570][T24495] RSP: 002b:00007ffd47501a68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1941.619952][T24495] RAX: ffffffffffffffda RBX: 00007f76464a3700 RCX: 000000000045fb59 [ 1941.627894][T24495] RDX: 00007f76464a39d0 RSI: 00007f76464a2db0 RDI: 00000000003d0f00 [ 1941.635836][T24495] RBP: 00007ffd47501c90 R08: 00007f76464a3700 R09: 00007f76464a3700 [ 1941.643779][T24495] R10: 00007f76464a39d0 R11: 0000000000000202 R12: 0000000000000000 [ 1941.651732][T24495] R13: 00007ffd47501b1f R14: 00007f76464a39c0 R15: 000000000118d08c [ 1941.674420][T24495] Mem-Info: [ 1941.677695][T24495] active_anon:1413346 inactive_anon:6774 isolated_anon:0 [ 1941.677695][T24495] active_file:194 inactive_file:176 isolated_file:39 [ 1941.677695][T24495] unevictable:0 dirty:25 writeback:0 unstable:0 [ 1941.677695][T24495] slab_reclaimable:8824 slab_unreclaimable:77384 [ 1941.677695][T24495] mapped:57748 shmem:6853 pagetables:39700 bounce:0 [ 1941.677695][T24495] free:9270 free_pcp:271 free_cma:0 [ 1941.715607][T24495] Node 0 active_anon:5653384kB inactive_anon:27096kB active_file:776kB inactive_file:704kB unevictable:0kB isolated(anon):0kB isolated(file):56kB mapped:230992kB dirty:100kB writeback:0kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1941.740063][T24495] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1941.788940][T24495] lowmem_reserve[]: 0 2912 6416 6416 [ 1941.824994][T24495] DMA32 free:17376kB min:4644kB low:7624kB high:10604kB active_anon:2818088kB inactive_anon:3540kB active_file:20kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14752kB pagetables:32164kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1941.854634][T24495] lowmem_reserve[]: 0 0 3504 3504 [ 1941.860673][T24495] Normal free:6080kB min:5592kB low:9180kB high:12768kB active_anon:2835356kB inactive_anon:23556kB active_file:552kB inactive_file:584kB unevictable:0kB writepending:16kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32448kB pagetables:126332kB bounce:0kB free_pcp:284kB local_pcp:24kB free_cma:0kB [ 1941.891052][T24495] lowmem_reserve[]: 0 0 0 0 [ 1941.896398][T24495] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1941.910671][T24495] DMA32: 36*4kB (UMEH) 26*8kB (UMEH) 30*16kB (UMEH) 61*32kB (UMEH) 10*64kB (UME) 29*128kB (UM) 16*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 17376kB [ 1941.935088][T24495] Normal: 266*4kB (UME) 157*8kB (UME) 49*16kB (UME) 20*32kB (ME) 8*64kB (M) 0*128kB 6*256kB (M) 1*512kB (M) 0*1024kB 0*2048kB 0*4096kB = 6304kB [ 1941.962598][T24495] 7249 total pagecache pages [ 1941.968610][T24495] 0 pages in swap cache [ 1941.973584][T24495] Swap cache stats: add 0, delete 0, find 0/0 [ 1941.980431][T24495] Free swap = 0kB [ 1941.984923][T24495] Total swap = 0kB [ 1941.989423][T24495] 1965979 pages RAM [ 1941.994083][T24495] 0 pages HighMem/MovableOnly [ 1941.999664][T24495] 318829 pages reserved [ 1942.004350][T24495] 0 pages cma reserved [ 1942.008788][T24495] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=5947,uid=0 [ 1942.023175][T24495] Out of memory: Killed process 5947 (syz-executor.0) total-vm:85348kB, anon-rss:9868kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 1942.063348][ T23] oom_reaper: reaped process 5947 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1942.225831][T24517] syz-executor.3 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1942.236916][T24517] CPU: 0 PID: 24517 Comm: syz-executor.3 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1942.247045][T24517] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1942.257189][T24517] Call Trace: [ 1942.260474][T24517] dump_stack+0x14a/0x1ce [ 1942.264876][T24517] ? devkmsg_release+0x11c/0x11c [ 1942.269810][T24517] ? show_regs_print_info+0x12/0x12 [ 1942.275123][T24517] ? radix_tree_cpu_dead+0x160/0x160 [ 1942.280402][T24517] ? _raw_spin_lock+0xa1/0x170 [ 1942.285202][T24517] ? _raw_spin_trylock_bh+0x190/0x190 [ 1942.290568][T24517] dump_header+0xdb/0x700 [ 1942.294896][T24517] oom_kill_process+0xd3/0x280 [ 1942.299657][T24517] out_of_memory+0x5b6/0x890 [ 1942.304243][T24517] ? unregister_oom_notifier+0x20/0x20 [ 1942.309705][T24517] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1942.315252][T24517] ? get_page_from_freelist+0x7c0/0x7c0 [ 1942.320777][T24517] ? __zone_watermark_ok+0x91/0x280 [ 1942.325951][T24517] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1942.331297][T24517] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1942.336815][T24517] alloc_slab_page+0x3a/0x3a0 [ 1942.341461][T24517] new_slab+0x408/0x450 [ 1942.345610][T24517] ___slab_alloc+0x2e0/0x450 [ 1942.350179][T24517] ? getname_flags+0x16c/0x610 [ 1942.354920][T24517] ? getname_flags+0xb8/0x610 [ 1942.359571][T24517] ? getname_flags+0xb8/0x610 [ 1942.364218][T24517] kmem_cache_alloc+0x23f/0x260 [ 1942.369051][T24517] getname_flags+0xb8/0x610 [ 1942.373523][T24517] do_symlinkat+0xd0/0x420 [ 1942.377914][T24517] ? __fpregs_load_activate+0x2d3/0x390 [ 1942.383428][T24517] ? vfs_symlink+0x30/0x30 [ 1942.387815][T24517] do_syscall_64+0xcb/0x150 [ 1942.392290][T24517] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1942.398155][T24517] RIP: 0033:0x45ceb7 [ 1942.402035][T24517] Code: Bad RIP value. [ 1942.406075][T24517] RSP: 002b:00007ffdc5ab0718 EFLAGS: 00000206 ORIG_RAX: 0000000000000058 [ 1942.414470][T24517] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045ceb7 [ 1942.422440][T24517] RDX: 00007ffdc5ab07b7 RSI: 00000000004c2c36 RDI: 00007ffdc5ab07a0 [ 1942.430383][T24517] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000017 [ 1942.438347][T24517] R10: 0000000000000075 R11: 0000000000000206 R12: 0000000000000001 [ 1942.446301][T24517] R13: 00007ffdc5ab0750 R14: 0000000000000000 R15: 00007ffdc5ab0760 [ 1942.475222][T24517] Mem-Info: [ 1942.486525][T24517] active_anon:1413805 inactive_anon:6774 isolated_anon:0 [ 1942.486525][T24517] active_file:34 inactive_file:303 isolated_file:41 [ 1942.486525][T24517] unevictable:0 dirty:0 writeback:2 unstable:0 [ 1942.486525][T24517] slab_reclaimable:8824 slab_unreclaimable:77404 [ 1942.486525][T24517] mapped:57539 shmem:6853 pagetables:39597 bounce:0 [ 1942.486525][T24517] free:9306 free_pcp:141 free_cma:0 [ 1942.567321][T24517] Node 0 active_anon:5655272kB inactive_anon:27096kB active_file:264kB inactive_file:632kB unevictable:0kB isolated(anon):0kB isolated(file):108kB mapped:230248kB dirty:0kB writeback:12kB shmem:27412kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1942.598419][T24517] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1942.624546][T24517] lowmem_reserve[]: 0 2912 6416 6416 [ 1942.630029][T24517] DMA32 free:17444kB min:4644kB low:7624kB high:10604kB active_anon:2818088kB inactive_anon:3540kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14752kB pagetables:32164kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1942.658906][T24517] lowmem_reserve[]: 0 0 3504 3504 [ 1942.664129][T24517] Normal free:3672kB min:5592kB low:9180kB high:12768kB active_anon:2837276kB inactive_anon:23556kB active_file:268kB inactive_file:912kB unevictable:0kB writepending:4kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32448kB pagetables:126232kB bounce:0kB free_pcp:1512kB local_pcp:676kB free_cma:0kB [ 1942.693931][T24517] lowmem_reserve[]: 0 0 0 0 [ 1942.698617][T24517] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1942.717044][T24517] DMA32: 47*4kB (UMEH) 25*8kB (UMEH) 32*16kB (UMEH) 61*32kB (UMEH) 10*64kB (UME) 29*128kB (UM) 16*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 17444kB [ 1942.734142][T24517] Normal: 86*4kB (UEH) 78*8kB (UMEH) 35*16kB (UMEH) 7*32kB (EH) 2*64kB (H) 6*128kB (H) 2*256kB (H) 1*512kB (H) 0*1024kB 0*2048kB 0*4096kB = 3672kB [ 1942.749457][T24517] 6941 total pagecache pages [ 1942.754246][T24517] 0 pages in swap cache [ 1942.758547][T24517] Swap cache stats: add 0, delete 0, find 0/0 [ 1942.764873][T24517] Free swap = 0kB [ 1942.769523][T24517] Total swap = 0kB [ 1942.773376][T24517] 1965979 pages RAM [ 1942.778874][T24517] 0 pages HighMem/MovableOnly [ 1942.783712][T24517] 318829 pages reserved [ 1942.788039][T24517] 0 pages cma reserved [ 1942.792267][T24517] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=24496,uid=0 [ 1942.806674][T24517] Out of memory: Killed process 24496 (syz-executor.5) total-vm:85348kB, anon-rss:14896kB, file-rss:33944kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1942.827917][ T23] oom_reaper: reaped process 24496 (syz-executor.5), now anon-rss:0kB, file-rss:33936kB, shmem-rss:0kB 22:39:53 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000040)=[{&(0x7f0000000500), 0x3528a9c0}], 0x10000007, 0xa) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:39:53 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:54 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xe00) 22:39:54 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:54 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:54 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000002c0)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1944.383238][T24540] syz-executor.2 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1944.404068][T24540] CPU: 0 PID: 24540 Comm: syz-executor.2 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1944.414226][T24540] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1944.424456][T24540] Call Trace: [ 1944.427745][T24540] dump_stack+0x14a/0x1ce [ 1944.432088][T24540] ? devkmsg_release+0x11c/0x11c [ 1944.437196][T24540] ? show_regs_print_info+0x12/0x12 [ 1944.442395][T24540] ? radix_tree_cpu_dead+0x160/0x160 [ 1944.447677][T24540] ? _raw_spin_lock+0xa1/0x170 [ 1944.452445][T24540] ? _raw_spin_trylock_bh+0x190/0x190 [ 1944.457819][T24540] dump_header+0xdb/0x700 [ 1944.462146][T24540] oom_kill_process+0xd3/0x280 [ 1944.466912][T24540] out_of_memory+0x5b6/0x890 [ 1944.471502][T24540] ? unregister_oom_notifier+0x20/0x20 [ 1944.476960][T24540] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1944.482624][T24540] ? get_page_from_freelist+0x7c0/0x7c0 [ 1944.488175][T24540] ? __zone_watermark_ok+0x91/0x280 [ 1944.493380][T24540] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1944.498754][T24540] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1944.504297][T24540] ? copy_process+0x5a4/0x5110 [ 1944.509053][T24540] ? copy_process+0x5a4/0x5110 [ 1944.513810][T24540] ? kmem_cache_alloc+0x1d5/0x260 [ 1944.518832][T24540] copy_process+0x5f3/0x5110 [ 1944.523421][T24540] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1944.529146][T24540] ? _raw_spin_lock+0xa1/0x170 [ 1944.533912][T24540] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1944.539712][T24540] ? __lru_cache_add+0x1a1/0x1f0 [ 1944.544646][T24540] ? fork_idle+0x290/0x290 [ 1944.549059][T24540] _do_fork+0x196/0x920 [ 1944.553213][T24540] ? finish_fault+0x230/0x230 [ 1944.557882][T24540] ? up_write+0xa1/0x190 [ 1944.562125][T24540] ? dup_mm+0x300/0x300 [ 1944.566279][T24540] __x64_sys_clone+0x25e/0x2c0 [ 1944.571040][T24540] ? __ia32_sys_vfork+0x110/0x110 [ 1944.576055][T24540] ? do_user_addr_fault+0x55c/0x9f0 [ 1944.581226][T24540] do_syscall_64+0xcb/0x150 [ 1944.585701][T24540] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1944.591739][T24540] RIP: 0033:0x45fb59 [ 1944.595604][T24540] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1944.615192][T24540] RSP: 002b:00007ffffd03cc78 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1944.623579][T24540] RAX: ffffffffffffffda RBX: 00007fdec7ad6700 RCX: 000000000045fb59 [ 1944.631534][T24540] RDX: 00007fdec7ad69d0 RSI: 00007fdec7ad5db0 RDI: 00000000003d0f00 [ 1944.639481][T24540] RBP: 00007ffffd03cea0 R08: 00007fdec7ad6700 R09: 00007fdec7ad6700 [ 1944.647439][T24540] R10: 00007fdec7ad69d0 R11: 0000000000000202 R12: 0000000000000000 [ 1944.655382][T24540] R13: 00007ffffd03cd2f R14: 00007fdec7ad69c0 R15: 000000000118cf4c [ 1944.698125][T24540] Mem-Info: [ 1944.701609][T24540] active_anon:1410120 inactive_anon:8822 isolated_anon:0 [ 1944.701609][T24540] active_file:135 inactive_file:138 isolated_file:23 [ 1944.701609][T24540] unevictable:0 dirty:9 writeback:0 unstable:0 [ 1944.701609][T24540] slab_reclaimable:8824 slab_unreclaimable:77348 [ 1944.701609][T24540] mapped:57944 shmem:8901 pagetables:39597 bounce:0 [ 1944.701609][T24540] free:11117 free_pcp:31 free_cma:0 [ 1944.739754][T24540] Node 0 active_anon:5640480kB inactive_anon:35288kB active_file:540kB inactive_file:444kB unevictable:0kB isolated(anon):0kB isolated(file):92kB mapped:231776kB dirty:36kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1944.764479][T24540] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1944.796670][T24540] lowmem_reserve[]: 0 2912 6416 6416 [ 1944.802457][T24540] DMA32 free:19072kB min:4644kB low:7624kB high:10604kB active_anon:2817600kB inactive_anon:3540kB active_file:4kB inactive_file:44kB unevictable:0kB writepending:4kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14592kB pagetables:31952kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1944.838708][T24540] lowmem_reserve[]: 0 0 3504 3504 [ 1944.846565][T24540] Normal free:9492kB min:9688kB low:13276kB high:16864kB active_anon:2822880kB inactive_anon:31748kB active_file:376kB inactive_file:468kB unevictable:0kB writepending:32kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32352kB pagetables:126436kB bounce:0kB free_pcp:88kB local_pcp:0kB free_cma:0kB [ 1944.876262][T24540] lowmem_reserve[]: 0 0 0 0 [ 1944.880995][T24540] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1944.894538][T24540] DMA32: 127*4kB (UMEH) 39*8kB (UMEH) 32*16kB (UEH) 90*32kB (UMEH) 17*64kB (UME) 29*128kB (UM) 16*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 19252kB [ 1944.911411][T24540] Normal: 703*4kB (UMEH) 182*8kB (UME) 40*16kB (UME) 8*32kB (UME) 2*64kB (UM) 21*128kB (UM) 6*256kB (UM) 1*512kB (U) 0*1024kB 0*2048kB 0*4096kB = 10028kB [ 1944.954881][T24540] 9078 total pagecache pages [ 1944.977769][T24540] 0 pages in swap cache [ 1944.994538][T24540] Swap cache stats: add 0, delete 0, find 0/0 [ 1945.010410][T24540] Free swap = 0kB [ 1945.014500][T24540] Total swap = 0kB [ 1945.018712][T24540] 1965979 pages RAM [ 1945.023005][T24540] 0 pages HighMem/MovableOnly [ 1945.028006][T24540] 318829 pages reserved [ 1945.032748][T24540] 0 pages cma reserved [ 1945.037361][T24540] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=24531,uid=0 [ 1945.052269][T24540] Out of memory: Killed process 24531 (syz-executor.0) total-vm:85348kB, anon-rss:12660kB, file-rss:34840kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1945.071476][ T23] oom_reaper: reaped process 24531 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1946.375213][T24536] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1946.387357][T24536] CPU: 1 PID: 24536 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1946.397484][T24536] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1946.407523][T24536] Call Trace: [ 1946.410798][T24536] dump_stack+0x14a/0x1ce [ 1946.415117][T24536] ? devkmsg_release+0x11c/0x11c [ 1946.420038][T24536] ? show_regs_print_info+0x12/0x12 [ 1946.425203][T24536] ? radix_tree_cpu_dead+0x160/0x160 [ 1946.430456][T24536] ? _raw_spin_lock+0xa1/0x170 [ 1946.435189][T24536] ? _raw_spin_trylock_bh+0x190/0x190 [ 1946.440528][T24536] dump_header+0xdb/0x700 [ 1946.444829][T24536] oom_kill_process+0xd3/0x280 [ 1946.449573][T24536] out_of_memory+0x5b6/0x890 [ 1946.454135][T24536] ? unregister_oom_notifier+0x20/0x20 [ 1946.459570][T24536] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1946.465089][T24536] ? get_page_from_freelist+0x7c0/0x7c0 [ 1946.470603][T24536] ? __zone_watermark_ok+0x91/0x280 [ 1946.475791][T24536] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1946.481143][T24536] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1946.486658][T24536] ? copy_process+0x5a4/0x5110 [ 1946.491391][T24536] ? kmem_cache_alloc+0x1d5/0x260 [ 1946.496396][T24536] copy_process+0x5f3/0x5110 [ 1946.500956][T24536] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1946.506644][T24536] ? _raw_spin_lock+0xa1/0x170 [ 1946.511375][T24536] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1946.517215][T24536] ? __lru_cache_add+0x1a1/0x1f0 [ 1946.522227][T24536] ? fork_idle+0x290/0x290 [ 1946.526637][T24536] _do_fork+0x196/0x920 [ 1946.530765][T24536] ? finish_fault+0x230/0x230 [ 1946.535502][T24536] ? up_write+0xa1/0x190 [ 1946.539730][T24536] ? dup_mm+0x300/0x300 [ 1946.543855][T24536] __x64_sys_clone+0x25e/0x2c0 [ 1946.548592][T24536] ? __ia32_sys_vfork+0x110/0x110 [ 1946.553597][T24536] ? do_user_addr_fault+0x55c/0x9f0 [ 1946.558785][T24536] do_syscall_64+0xcb/0x150 [ 1946.563259][T24536] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1946.569120][T24536] RIP: 0033:0x45fb59 [ 1946.572988][T24536] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1946.592562][T24536] RSP: 002b:00007ffc8d239e88 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1946.600959][T24536] RAX: ffffffffffffffda RBX: 00007fe26cb9e700 RCX: 000000000045fb59 [ 1946.608900][T24536] RDX: 00007fe26cb9e9d0 RSI: 00007fe26cb9ddb0 RDI: 00000000003d0f00 [ 1946.616852][T24536] RBP: 00007ffc8d23a0b0 R08: 00007fe26cb9e700 R09: 00007fe26cb9e700 [ 1946.625314][T24536] R10: 00007fe26cb9e9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1946.633254][T24536] R13: 00007ffc8d239f3f R14: 00007fe26cb9e9c0 R15: 000000000118d08c [ 1946.650239][T24536] Mem-Info: [ 1946.653388][T24536] active_anon:1412117 inactive_anon:8822 isolated_anon:0 [ 1946.653388][T24536] active_file:29 inactive_file:6 isolated_file:0 [ 1946.653388][T24536] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1946.653388][T24536] slab_reclaimable:8825 slab_unreclaimable:77416 [ 1946.653388][T24536] mapped:57694 shmem:8901 pagetables:39547 bounce:0 [ 1946.653388][T24536] free:9347 free_pcp:6 free_cma:0 [ 1946.694505][T24536] Node 0 active_anon:5648468kB inactive_anon:35288kB active_file:56kB inactive_file:44kB unevictable:0kB isolated(anon):0kB isolated(file):0kB mapped:230756kB dirty:0kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? yes [ 1946.720969][T24536] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1946.751807][T24536] lowmem_reserve[]: 0 2912 6416 6416 [ 1946.757274][T24536] DMA32 free:17848kB min:4644kB low:7624kB high:10604kB active_anon:2819652kB inactive_anon:3540kB active_file:4kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14624kB pagetables:31992kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1946.786909][T24536] lowmem_reserve[]: 0 0 3504 3504 [ 1946.792156][T24536] Normal free:4036kB min:5592kB low:9180kB high:12768kB active_anon:2828816kB inactive_anon:31748kB active_file:56kB inactive_file:56kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32416kB pagetables:126196kB bounce:0kB free_pcp:256kB local_pcp:4kB free_cma:0kB [ 1946.821609][T24536] lowmem_reserve[]: 0 0 0 0 [ 1946.826620][T24536] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1946.840837][T24536] DMA32: 71*4kB (UME) 47*8kB (UME) 44*16kB (UME) 97*32kB (UME) 9*64kB (UE) 20*128kB (UM) 16*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 17844kB [ 1946.857718][T24536] Normal: 119*4kB (UEH) 65*8kB (UEH) 27*16kB (UMEH) 3*32kB (EH) 3*64kB (MH) 13*128kB (MH) 2*256kB (MH) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 3892kB [ 1946.873383][T24536] 9015 total pagecache pages [ 1946.878489][T24536] 0 pages in swap cache [ 1946.883027][T24536] Swap cache stats: add 0, delete 0, find 0/0 [ 1946.889304][T24536] Free swap = 0kB [ 1946.893111][T24536] Total swap = 0kB [ 1946.896923][T24536] 1965979 pages RAM [ 1946.900810][T24536] 0 pages HighMem/MovableOnly [ 1946.905580][T24536] 318829 pages reserved [ 1946.909820][T24536] 0 pages cma reserved [ 1946.914345][T24536] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=24536,uid=0 [ 1946.928693][T24536] Out of memory: Killed process 24536 (syz-executor.4) total-vm:85348kB, anon-rss:15684kB, file-rss:33760kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1946.966983][ T23] oom_reaper: reaped process 24536 (syz-executor.4), now anon-rss:0kB, file-rss:33760kB, shmem-rss:0kB 22:39:57 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:57 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x1100) 22:39:57 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:57 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f00000002c0)={0x38, 0x2, 0x10000060, 0x1, 0x1}, 0x0) r1 = socket$inet6(0xa, 0x2, 0xfffffff9) recvmmsg(0xffffffffffffffff, &(0x7f0000002580)=[{{&(0x7f0000000700)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @broadcast}}}, 0x80, &(0x7f0000001bc0)=[{&(0x7f0000000780)=""/50, 0x32}, {&(0x7f0000001b40)=""/11, 0xb}, {&(0x7f0000001b80)=""/3, 0x3}], 0x3}, 0xc42}, {{&(0x7f0000001c00)=@alg, 0x80, &(0x7f0000001e80)=[{&(0x7f0000001c80)=""/183, 0xb7}, {&(0x7f0000001d40)=""/184, 0xb8}, {&(0x7f0000001e00)=""/104, 0x68}], 0x3, &(0x7f0000001ec0)=""/198, 0xc6}, 0x4}, {{&(0x7f0000001fc0)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, 0x80, &(0x7f0000002480)=[{&(0x7f0000002040)=""/149, 0x95}, {&(0x7f0000002100)=""/183, 0xb7}, {&(0x7f00000021c0)}, {&(0x7f0000002200)=""/25, 0x19}, {&(0x7f0000002240)=""/142, 0x8e}, {&(0x7f0000002300)=""/95, 0x5f}, {&(0x7f0000002380)=""/24, 0x18}, {&(0x7f00000023c0)=""/169, 0xa9}], 0x8, &(0x7f0000002500)=""/125, 0x7d}, 0x771}], 0x3, 0x7d5aac3f5dacf0b4, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) vmsplice(r1, &(0x7f0000000400), 0x0, 0x4) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x80000000, 0x6, 0x0, 0x0, 0x0, 0x0, 0x200004}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r3 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r3, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20) fcntl$notify(0xffffffffffffffff, 0x402, 0x8000000b) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r4, &(0x7f00000017c0), 0x375, 0x0, 0x0) process_vm_writev(0x0, &(0x7f0000000840)=[{&(0x7f0000000300)=""/94, 0x5e}, {&(0x7f0000000040)=""/36, 0x24}, {&(0x7f0000000200)=""/61, 0x3d}, {&(0x7f0000000380)=""/54, 0x36}, {&(0x7f00000003c0)=""/176, 0xb0}, {&(0x7f0000000480)=""/84, 0x54}, {&(0x7f0000000500)=""/200, 0xc8}, {&(0x7f0000000600)=""/226, 0xe2}, {&(0x7f0000001a80)=""/144, 0x90}, {&(0x7f00000007c0)=""/73, 0x49}], 0xa, &(0x7f0000001a40)=[{&(0x7f0000000900)=""/35, 0x23}, {&(0x7f0000000940)=""/4096, 0x1000}, {&(0x7f0000001940)=""/243, 0xf3}], 0x3, 0x0) 22:39:57 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x1200) 22:39:57 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:57 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x1de5) 22:39:57 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:57 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:58 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:58 executing program 4: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) r0 = socket$inet_udplite(0x2, 0x2, 0x88) dup(r0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f00000002c0)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r1 = getpid() sched_setattr(r1, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r2 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r2, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r4, 0x407, 0x0) write(r4, &(0x7f0000000340), 0x41395527) vmsplice(r3, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:58 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x2500) 22:39:58 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:58 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:58 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x4000) [ 1947.974345][T24609] syz-executor.0 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=0, oom_score_adj=1000 [ 1947.985841][T24609] CPU: 1 PID: 24609 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1947.995997][T24609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1948.006041][T24609] Call Trace: [ 1948.009339][T24609] dump_stack+0x14a/0x1ce [ 1948.013667][T24609] ? devkmsg_release+0x11c/0x11c [ 1948.018604][T24609] ? show_regs_print_info+0x12/0x12 [ 1948.023803][T24609] ? radix_tree_cpu_dead+0x160/0x160 [ 1948.029086][T24609] ? _raw_spin_lock+0xa1/0x170 [ 1948.033856][T24609] ? _raw_spin_trylock_bh+0x190/0x190 [ 1948.039223][T24609] dump_header+0xdb/0x700 [ 1948.043529][T24609] oom_kill_process+0xd3/0x280 [ 1948.048265][T24609] out_of_memory+0x5b6/0x890 [ 1948.052825][T24609] ? unregister_oom_notifier+0x20/0x20 [ 1948.058254][T24609] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1948.063870][T24609] ? get_page_from_freelist+0x7c0/0x7c0 [ 1948.069389][T24609] ? __zone_watermark_ok+0x91/0x280 [ 1948.074559][T24609] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1948.079903][T24609] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1948.085432][T24609] alloc_slab_page+0x3a/0x3a0 [ 1948.090081][T24609] ? cred_has_capability+0x2cc/0x410 [ 1948.095345][T24609] new_slab+0x408/0x450 [ 1948.099483][T24609] ? should_fail+0x18e/0x860 [ 1948.104046][T24609] ___slab_alloc+0x2e0/0x450 [ 1948.108604][T24609] ? cap_capable+0x23f/0x280 [ 1948.113163][T24609] ? proc_pid_stack+0x1d5/0x1f0 [ 1948.117981][T24609] ? proc_pid_stack+0x8e/0x1f0 [ 1948.122711][T24609] ? proc_pid_stack+0x8e/0x1f0 [ 1948.127451][T24609] kmem_cache_alloc_trace+0x25b/0x280 [ 1948.132806][T24609] proc_pid_stack+0x8e/0x1f0 [ 1948.137375][T24609] proc_single_show+0xd3/0x130 [ 1948.142105][T24609] seq_read+0x4aa/0xd30 [ 1948.146236][T24609] do_iter_read+0x43b/0x550 [ 1948.150710][T24609] do_preadv+0x213/0x350 [ 1948.154921][T24609] ? do_writev+0x5b0/0x5b0 [ 1948.159312][T24609] do_syscall_64+0xcb/0x150 [ 1948.163803][T24609] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1948.169665][T24609] RIP: 0033:0x45d189 [ 1948.173529][T24609] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1948.193189][T24609] RSP: 002b:00007f76464c3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 1948.201573][T24609] RAX: ffffffffffffffda RBX: 0000000000024ac0 RCX: 000000000045d189 [ 1948.209527][T24609] RDX: 0000000000000375 RSI: 00000000200017c0 RDI: 0000000000000005 [ 1948.217467][T24609] RBP: 000000000118d030 R08: 0000000000000000 R09: 0000000000000000 [ 1948.225410][T24609] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cfec [ 1948.233365][T24609] R13: 00007ffd47501b1f R14: 00007f76464c49c0 R15: 000000000118cfec [ 1948.241548][T24609] Mem-Info: [ 1948.244864][T24609] active_anon:1412712 inactive_anon:5849 isolated_anon:0 [ 1948.244864][T24609] active_file:348 inactive_file:361 isolated_file:24 [ 1948.244864][T24609] unevictable:0 dirty:20 writeback:0 unstable:0 [ 1948.244864][T24609] slab_reclaimable:8826 slab_unreclaimable:77823 [ 1948.244864][T24609] mapped:53196 shmem:8901 pagetables:39708 bounce:0 [ 1948.244864][T24609] free:10241 free_pcp:92 free_cma:0 [ 1948.282773][T24609] Node 0 active_anon:5650848kB inactive_anon:23396kB active_file:1256kB inactive_file:1444kB unevictable:0kB isolated(anon):0kB isolated(file):96kB mapped:212684kB dirty:80kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1948.331211][T24609] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1948.385013][T24609] lowmem_reserve[]: 0 2912 6416 6416 [ 1948.390538][T24609] DMA32 free:17620kB min:4644kB low:7624kB high:10604kB active_anon:2816388kB inactive_anon:3032kB active_file:20kB inactive_file:160kB unevictable:0kB writepending:8kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15008kB pagetables:32816kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1948.419577][T24609] lowmem_reserve[]: 0 0 3504 3504 [ 1948.424791][T24609] Normal free:7436kB min:9688kB low:13276kB high:16864kB active_anon:2834956kB inactive_anon:20364kB active_file:936kB inactive_file:976kB unevictable:0kB writepending:172kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32096kB pagetables:126016kB bounce:0kB free_pcp:108kB local_pcp:0kB free_cma:0kB [ 1948.473859][T24609] lowmem_reserve[]: 0 0 0 0 [ 1948.481697][T24609] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1948.513666][T24609] DMA32: 115*4kB (UMEH) 68*8kB (UMEH) 41*16kB (UME) 81*32kB (UMEH) 27*64kB (UME) 19*128kB (UM) 15*256kB (M) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 18396kB [ 1948.548547][T24609] Normal: 175*4kB (UME) 90*8kB (UME) 81*16kB (UME) 23*32kB (UME) 22*64kB (UM) 19*128kB (UM) 2*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 7804kB [ 1948.571798][T24609] 9207 total pagecache pages [ 1948.576553][T24609] 0 pages in swap cache [ 1948.580819][T24609] Swap cache stats: add 0, delete 0, find 0/0 [ 1948.587298][T24609] Free swap = 0kB [ 1948.591164][T24609] Total swap = 0kB [ 1948.595049][T24609] 1965979 pages RAM [ 1948.599357][T24609] 0 pages HighMem/MovableOnly [ 1948.604512][T24609] 318829 pages reserved [ 1948.609859][T24609] 0 pages cma reserved [ 1948.618373][T24609] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=24590,uid=0 22:39:59 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xcf00) 22:39:59 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:59 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:39:59 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:39:59 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) sendmsg$NL80211_CMD_GET_KEY(r3, &(0x7f00000003c0)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000300)={0x48, 0x0, 0x8, 0x70bd2b, 0x25dfdbfc, {}, [@NL80211_ATTR_KEY={0x34, 0x50, 0x0, 0x1, [@NL80211_KEY_DATA_WEP104={0x11, 0x1, "8be009d16e192c80429d31ca83"}, @NL80211_KEY_DEFAULT_TYPES={0x18, 0x8, 0x0, 0x1, [@NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_UNICAST={0x4}, @NL80211_KEY_DEFAULT_TYPE_MULTICAST={0x4}]}, @NL80211_KEY_DEFAULT_MGMT={0x4}]}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4004000) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:39:59 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xe51d) [ 1949.769502][T24615] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1949.802142][T24615] CPU: 1 PID: 24615 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1949.812307][T24615] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1949.822356][T24615] Call Trace: [ 1949.825648][T24615] dump_stack+0x14a/0x1ce [ 1949.829972][T24615] ? devkmsg_release+0x11c/0x11c [ 1949.834905][T24615] ? show_regs_print_info+0x12/0x12 [ 1949.840097][T24615] ? radix_tree_cpu_dead+0x160/0x160 [ 1949.845370][T24615] ? _raw_spin_lock+0xa1/0x170 [ 1949.850109][T24615] ? _raw_spin_trylock_bh+0x190/0x190 [ 1949.855451][T24615] dump_header+0xdb/0x700 [ 1949.859752][T24615] oom_kill_process+0xd3/0x280 [ 1949.864491][T24615] out_of_memory+0x5b6/0x890 [ 1949.869052][T24615] ? unregister_oom_notifier+0x20/0x20 [ 1949.874482][T24615] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1949.880006][T24615] ? get_page_from_freelist+0x7c0/0x7c0 [ 1949.885522][T24615] ? __zone_watermark_ok+0x91/0x280 [ 1949.890695][T24615] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1949.896038][T24615] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1949.901554][T24615] ? copy_process+0x5a4/0x5110 [ 1949.906289][T24615] ? copy_process+0x5a4/0x5110 [ 1949.911025][T24615] ? kmem_cache_alloc+0x1d5/0x260 [ 1949.916019][T24615] copy_process+0x5f3/0x5110 [ 1949.920581][T24615] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1949.926272][T24615] ? _raw_spin_lock+0xa1/0x170 [ 1949.931007][T24615] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1949.936781][T24615] ? __lru_cache_add+0x1a1/0x1f0 [ 1949.941686][T24615] ? fork_idle+0x290/0x290 [ 1949.946074][T24615] _do_fork+0x196/0x920 [ 1949.950199][T24615] ? finish_fault+0x230/0x230 [ 1949.954843][T24615] ? up_write+0xa1/0x190 [ 1949.959057][T24615] ? dup_mm+0x300/0x300 [ 1949.963185][T24615] __x64_sys_clone+0x25e/0x2c0 [ 1949.967919][T24615] ? __ia32_sys_vfork+0x110/0x110 [ 1949.972913][T24615] ? do_user_addr_fault+0x55c/0x9f0 [ 1949.978082][T24615] do_syscall_64+0xcb/0x150 [ 1949.982557][T24615] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1949.988431][T24615] RIP: 0033:0x45fb59 [ 1949.992299][T24615] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1950.011890][T24615] RSP: 002b:00007ffc8d239e88 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1950.020272][T24615] RAX: ffffffffffffffda RBX: 00007fe26cbbf700 RCX: 000000000045fb59 [ 1950.028490][T24615] RDX: 00007fe26cbbf9d0 RSI: 00007fe26cbbedb0 RDI: 00000000003d0f00 [ 1950.036433][T24615] RBP: 00007ffc8d23a0b0 R08: 00007fe26cbbf700 R09: 00007fe26cbbf700 [ 1950.044377][T24615] R10: 00007fe26cbbf9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1950.052316][T24615] R13: 00007ffc8d239f3f R14: 00007fe26cbbf9c0 R15: 000000000118cfec [ 1950.061410][T24615] Mem-Info: [ 1950.064921][T24615] active_anon:1414001 inactive_anon:5849 isolated_anon:0 [ 1950.064921][T24615] active_file:44 inactive_file:79 isolated_file:25 [ 1950.064921][T24615] unevictable:0 dirty:3 writeback:0 unstable:0 [ 1950.064921][T24615] slab_reclaimable:8827 slab_unreclaimable:77552 [ 1950.064921][T24615] mapped:52607 shmem:8901 pagetables:39658 bounce:0 [ 1950.064921][T24615] free:9839 free_pcp:411 free_cma:0 [ 1950.102844][T24615] Node 0 active_anon:5656004kB inactive_anon:23396kB active_file:176kB inactive_file:112kB unevictable:0kB isolated(anon):0kB isolated(file):100kB mapped:210428kB dirty:12kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1950.127200][T24615] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1950.153697][T24615] lowmem_reserve[]: 0 2912 6416 6416 [ 1950.159096][T24615] DMA32 free:18264kB min:4644kB low:7624kB high:10604kB active_anon:2818252kB inactive_anon:3032kB active_file:16kB inactive_file:0kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14784kB pagetables:32220kB bounce:0kB free_pcp:432kB local_pcp:248kB free_cma:0kB [ 1950.252552][T24615] lowmem_reserve[]: 0 0 3504 3504 [ 1950.257666][T24615] Normal free:10496kB min:9688kB low:13276kB high:16864kB active_anon:2829008kB inactive_anon:20364kB active_file:112kB inactive_file:236kB unevictable:0kB writepending:20kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32352kB pagetables:126420kB bounce:0kB free_pcp:1552kB local_pcp:60kB free_cma:0kB [ 1950.287467][T24615] lowmem_reserve[]: 0 0 0 0 [ 1950.291990][T24615] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1950.305330][T24615] DMA32: 207*4kB (UMEH) 145*8kB (UMEH) 105*16kB (UME) 113*32kB (UMEH) 36*64kB (UME) 19*128kB (UM) 15*256kB (M) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 22004kB [ 1950.323255][T24615] Normal: 1648*4kB (UME) 474*8kB (UME) 132*16kB (UME) 38*32kB (UME) 24*64kB (UM) 19*128kB (UM) 1*256kB (U) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17936kB [ 1950.340702][T24615] 9769 total pagecache pages [ 1950.345507][T24615] 0 pages in swap cache [ 1950.349841][T24615] Swap cache stats: add 0, delete 0, find 0/0 [ 1950.358564][T24615] Free swap = 0kB [ 1950.376574][T24615] Total swap = 0kB [ 1950.382794][T24615] 1965979 pages RAM [ 1950.386774][T24615] 0 pages HighMem/MovableOnly [ 1950.391597][T24615] 318829 pages reserved [ 1950.396011][T24615] 0 pages cma reserved [ 1950.400219][T24615] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=24616,uid=0 22:40:01 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) r4 = syz_open_dev$loop(&(0x7f0000000340)='/dev/loop#\x00', 0xffffffff80000000, 0x2b4000) write(r4, &(0x7f0000000440)="ef7c53aad8038c9bfb90255af72f1008ad9936e6dfca08c585b6324dcb3a852af275fd2dd1d897bf00024fd2743330a2eb6dc64be9549aff2bae3b7c86b3cc93895df7a6697f0100008000009dae2f27062771d644ecf11039d4d682d3f8e87c90ace2f8911eeae2fe1c41fa500a7bb983e5c4e8a9d0d99437a2980bbe9949812496835a839d4a8d44b5fc57bab1499b8cd9a515ed4be1831d1ee2ca0c73882fa6b54b5e4bc0d719de01cb684530b2d4166f6fa5a14a381944025dff165428cf46e9da4e921ae7476f236bdc6e7f1be3b8b783b99480a2ab1da4340dd0e1da0fd4c838b9b46990a9d95b6ac727e798d2ea5c3634ab8ba830a883752a61aa2742f7132a4c544d2f565244167dd80e48c579", 0xfffffffffffffe78) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r5 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r5, 0x0) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:40:01 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:01 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ppp\x00', 0x80000101005, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r4 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r3, r4) r5 = fcntl$dupfd(r2, 0x0, r3) r6 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000480)='NLBL_CALIPSO\x00') sendmsg$NLBL_CALIPSO_C_ADD(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, r6, 0x20, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x88000}, 0x48000) sendmsg$NLBL_CALIPSO_C_ADD(r5, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x94}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, r6, 0x1, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x2402c080}, 0x4) sendmsg$NLBL_CALIPSO_C_LISTALL(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0x54, r6, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0xfffffffffffffead}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x4) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$USBDEVFS_CONNECTINFO(r3, 0x40085511, &(0x7f0000000300)) r8 = dup(r7) timerfd_gettime(r8, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:40:01 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x100000) 22:40:01 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, 0x0, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:01 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xf0ff7f) 22:40:01 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:01 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x1000000) 22:40:01 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, 0x0, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) [ 1951.329316][T24659] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1951.368478][T24659] CPU: 1 PID: 24659 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1951.378641][T24659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1951.388689][T24659] Call Trace: [ 1951.391981][T24659] dump_stack+0x14a/0x1ce [ 1951.396305][T24659] ? devkmsg_release+0x11c/0x11c [ 1951.401239][T24659] ? show_regs_print_info+0x12/0x12 [ 1951.406434][T24659] ? radix_tree_cpu_dead+0x160/0x160 [ 1951.411731][T24659] ? _raw_spin_lock+0xa1/0x170 [ 1951.416489][T24659] ? _raw_spin_trylock_bh+0x190/0x190 [ 1951.421943][T24659] dump_header+0xdb/0x700 [ 1951.426274][T24659] oom_kill_process+0xd3/0x280 [ 1951.431043][T24659] out_of_memory+0x5b6/0x890 [ 1951.435629][T24659] ? unregister_oom_notifier+0x20/0x20 [ 1951.441082][T24659] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1951.446627][T24659] ? get_page_from_freelist+0x7c0/0x7c0 [ 1951.452169][T24659] ? __zone_watermark_ok+0x91/0x280 [ 1951.457365][T24659] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1951.462735][T24659] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1951.468280][T24659] ? copy_process+0x5a4/0x5110 [ 1951.473039][T24659] ? kmem_cache_alloc+0x1d5/0x260 [ 1951.478058][T24659] copy_process+0x5f3/0x5110 [ 1951.482630][T24659] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1951.488320][T24659] ? _raw_spin_lock+0xa1/0x170 [ 1951.493050][T24659] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1951.498837][T24659] ? __lru_cache_add+0x1a1/0x1f0 [ 1951.503744][T24659] ? fork_idle+0x290/0x290 [ 1951.508132][T24659] _do_fork+0x196/0x920 [ 1951.512262][T24659] ? finish_fault+0x230/0x230 [ 1951.516919][T24659] ? up_write+0xa1/0x190 [ 1951.521148][T24659] ? dup_mm+0x300/0x300 [ 1951.525290][T24659] __x64_sys_clone+0x25e/0x2c0 [ 1951.530025][T24659] ? __ia32_sys_vfork+0x110/0x110 [ 1951.535105][T24659] ? do_user_addr_fault+0x55c/0x9f0 [ 1951.540270][T24659] do_syscall_64+0xcb/0x150 [ 1951.544742][T24659] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1951.550603][T24659] RIP: 0033:0x45fb59 [ 1951.554468][T24659] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1951.574039][T24659] RSP: 002b:00007ffc8d239e88 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1951.582417][T24659] RAX: ffffffffffffffda RBX: 00007fe26cbe0700 RCX: 000000000045fb59 [ 1951.590364][T24659] RDX: 00007fe26cbe09d0 RSI: 00007fe26cbdfdb0 RDI: 00000000003d0f00 [ 1951.598305][T24659] RBP: 00007ffc8d23a0b0 R08: 00007fe26cbe0700 R09: 00007fe26cbe0700 [ 1951.606246][T24659] R10: 00007fe26cbe09d0 R11: 0000000000000202 R12: 0000000000000000 [ 1951.614189][T24659] R13: 00007ffc8d239f3f R14: 00007fe26cbe09c0 R15: 000000000118cf4c [ 1951.847697][T24659] Mem-Info: [ 1951.851125][T24659] active_anon:1411538 inactive_anon:5849 isolated_anon:0 [ 1951.851125][T24659] active_file:506 inactive_file:467 isolated_file:45 [ 1951.851125][T24659] unevictable:0 dirty:41 writeback:2 unstable:0 [ 1951.851125][T24659] slab_reclaimable:8828 slab_unreclaimable:77510 [ 1951.851125][T24659] mapped:53447 shmem:8901 pagetables:39708 bounce:0 [ 1951.851125][T24659] free:11480 free_pcp:180 free_cma:0 [ 1951.951225][T24659] Node 0 active_anon:5649152kB inactive_anon:23396kB active_file:2964kB inactive_file:2936kB unevictable:0kB isolated(anon):0kB isolated(file):224kB mapped:215088kB dirty:64kB writeback:8kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1952.016096][T24659] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1952.099492][T24659] lowmem_reserve[]: 0 2912 6416 6416 [ 1952.104986][T24659] DMA32 free:18292kB min:4644kB low:7624kB high:10604kB active_anon:2816636kB inactive_anon:3032kB active_file:448kB inactive_file:324kB unevictable:0kB writepending:12kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14784kB pagetables:32316kB bounce:0kB free_pcp:832kB local_pcp:176kB free_cma:0kB [ 1952.134634][T24659] lowmem_reserve[]: 0 0 3504 3504 [ 1952.139666][T24659] Normal free:6008kB min:5592kB low:9180kB high:12768kB active_anon:2835768kB inactive_anon:20364kB active_file:148kB inactive_file:876kB unevictable:0kB writepending:160kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32416kB pagetables:126516kB bounce:0kB free_pcp:800kB local_pcp:0kB free_cma:0kB [ 1952.169208][T24659] lowmem_reserve[]: 0 0 0 0 [ 1952.173820][T24659] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1952.187142][T24659] DMA32: 49*4kB (UMEH) 41*8kB (UMEH) 45*16kB (UMEH) 99*32kB (UMEH) 37*64kB (UME) 19*128kB (UM) 15*256kB (M) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 19196kB [ 1952.204548][T24659] Normal: 80*4kB (UME) 110*8kB (UME) 56*16kB (UME) 35*32kB (UME) 21*64kB (M) 12*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6096kB [ 1952.219073][T24659] 9137 total pagecache pages [ 1952.223676][T24659] 0 pages in swap cache [ 1952.227815][T24659] Swap cache stats: add 0, delete 0, find 0/0 [ 1952.233995][T24659] Free swap = 0kB [ 1952.237700][T24659] Total swap = 0kB [ 1952.241402][T24659] 1965979 pages RAM [ 1952.245221][T24659] 0 pages HighMem/MovableOnly [ 1952.249969][T24659] 318829 pages reserved [ 1952.254219][T24659] 0 pages cma reserved [ 1952.258354][T24659] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=13499,uid=0 [ 1952.272581][T24659] Out of memory: Killed process 13499 (syz-executor.2) total-vm:85348kB, anon-rss:9844kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:148kB oom_score_adj:1000 [ 1952.291983][ T23] oom_reaper: reaped process 13499 (syz-executor.2), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 22:40:03 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() fcntl$setstatus(0xffffffffffffffff, 0x4, 0x102800) ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, &(0x7f0000000200)=0x7ff) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f00000002c0)={0xa, 0x0, 0x6, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:40:03 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:03 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000002200)="7ca185a144c7558a0725f0c2cf7e1d99589a363da0fdff63e1d3522278d03568439d29215ad725b14e6c248b2977fc12946ccd6a01b70d9b9ed5ab85b2024d3c3e5d791d02a84604fa45d575a7b6e399c6f9ed1da8657824c383f7ab0549f842de1dd9c818939d19fed41f34bb96a4e1c1857355d27cf98c8acf2de8684ceadc115c3d223111967deef498d432956b67c9f06003ec17f34b9e1f55427376ab8a157339e502cbc61e46b1190bf6f32c44fcde368f1e00669ffa2057291a3903189d1079b77c3e56b9bf6116b6f77075c636a0c19ba14c16d738129bc3de1feda42f9b448a6111a561ea8a4946a99720c8e2d0a521be7beba4f939c2591fec33a4ccef56e00c83b6c5c1f09e267d2fa04a8ed462d91f3a260df888a036b98ba35d7d06f4d483bc5b67a65a052ce7fbda91d739b786d7f8d97c16eddef7184cd52e339d6d5f3de0d10390617b64c36230ed51244c8d69bab1638e19dab0ec3215c59791d79c55fc55c4140917460629ce475b08e5ca56d508111b2c8d60e3f2248d08f16a31996eb57c3ea6b50f50dbf8014b394ed95c8d56c268ebff67c6d8a2bb683f15b3cc5b2fbf051ba02b687f0be4d6cab88652ac98fa4c1c959728af67a62baf22bc612b86611060648bb26d25cb762a30c31e7e5199bd3498aab9e5ed27c23937701f337ec1e938b3023280e87d60264486727ccb97539215def8b9668acc2fccc2011198cb531e00f005e06faf26c856c01108b276d0e9096aa815d07be4c357e0bc3b4b337ccc1eb2a48bd81531daa7735c24b7c5893364fcf3c7c0f0d70f341e3549dae58a5b64b79795eeb03f422d12de55f938ea2b6d247ce994ad8ed7c69154bf44b8897edbaa2e09cb6d5fcdce779a54603697672b8f173c9111e484293fa27b87567d3fb8b7d7e004b9fad55c6ce8a70a5451e92b68129d17365ec5565181a29250083e60a71daa7268b5565cbd18457ff342fcc6a67561c2e902af92d019efc696ce6c51502dcc90292b9e04f5395bb710303d48cdd79d493628b34c62d5b5fc408e5608ca3f244cb617223c2387127f1de03f7b2778dd0bfdf0990b4652389b11486c9d0bd125fd626903bfeac267b092ecab471a2908f90cc09f80d2fe67c271d8e7a001da1ddb061ba55ef82dd2138346178ffcd2923008b0766409840186a250d27a0e941390a3c07d30f29a21edd41f4db584a4cb39bb9f96233a96941aba288951ea541c332382f1b0e6cb7bcd3d4129b49535d167497353a25234f5bc07919d93138bf1cd694b9c0b01387cf79d435c37d003ad0f385668349a4dbaaa9ab5cd4defcb438a695baa52c00c32062169e3ee4dd9336f09fa8cf3b1ba6e0a94fc5942cdcf44a81df1e77ae9a62100e2c35ccc3443525a981a96d09e63eed7f5b7e64d98a9cf9e956f778ca8f02b78642b8ebdcfa3e2e0b5f52dd5097fb6d18438816be4a783c2e1c7a91f5ef3eb32e72ede03c5bb39cb29118bc0201649c9c0f35136f9874ed46f36f1639f5150017fa6719159e6c7459d3f53157d2cab94fcbcf919c27dba0f902ef5fdd6865099d93465b173c7fa9e5dd38c3f310332ed41f21f3dba64137b6084f5573443480beba432f3fa00249818e6d9d16d2116af49095fdb59210ee699231bc7ff76ecba453af69a86da4be1a57880ba414a126182f9a813cf66f25d4f7a847a12ef46f294c523f1cad860f11940213ba68050ea8f9f458d1c57a4a0cfd7c9038d051aa5a2fb28e9590961568da21b271c652d787e217b13a415470b556e7702b9466e4229dfe24e5f36c006fc5ac6c90e4b837c80a28c35db7a154b960b52ebee4efea91481ff27e145696cc4915a79394dba8201547f2e31924b63f7c81680f97bcd5af9fe3b1f0e96d085fc23825339544d908fd6af3cd17e337e5dc07c779d90acc9753c3820929f88b7ff293a3b4f0e2161e145d2718398c55d076092770198b4c5daec393966c35d1f3b0005c7559c05bae3d34534ce18db2bb4bd45d2fe40349af561995caeeb5117970f87254b00fc8e0b18b4042e9a6befa122a872556337e680d0ae2db89aa0aefde59ebe10a70a011b1e170e46e70c83730af10806224d8d2bb954dac3edbeed1423791b3882c221363f8e3b744ad7caa129ad1c5f995dcabcda594c1751248062bda3114f73f008f8f62dd11aa3c02961a6ac86d54051a4e56491d90e0eea1f4622fe04a55c5892a66ec3ccf725ee875eac0b44205b4e9c455e20b47183ede47d8d98b5e4e753c311e04cd4c8dd3565f474af2b4364cdb2bc1d947fdfb45fe9748b9685f654613102f7a71cc71561697fa849982f3b41098fc048982cbc64ee6f9320b28d4b6174b82c2333c0b597cd562c64a419a69d856054659f1a965e796b07d3c3feaad43156ee7b5bd968fae2468c0c5dab9c99d6c370c927cb2939c8c22d62da76885178d9a00d6891cb150032f23cd20159b2f6a64e11110e6b7f246a4cdb5e291cd196978b95adfcd2d4571030ea7992243d075c2cd91516c02b7d4221e4ef6672fae0c364ee28b20aae73fae637b601966685ce1be8f8aa7a94d96a83e25307252ae1442bf2ad30b3afbaf60f268b0ac001fa8ece571dd6597b0000000028a94dd3ccbec172c5c9b98f4253f59051fb522a7ca3f32fac0a89e331bfba3dbe77c6e04e5548536ff9f5fff5f4c67684d4f5fe75b2011f8962318226fada2283e6e9bd435d0eee792b781f5bb786141a2e5aa55b73f44b32ca063a94f0d9809df966362d5b1090361e4e14bb39e87f7153ab734a6d8f0f0dfb6120fa0c80c85c6ccdfd7b1b96e24dc09086412954a464732a4e2b6513d9742befeb510037ba926e071396c9ec82e02ae99634e2af1eda9e5db6c6f731e743994ee96c67985536798fb24820113008b081b0cda0eb943a529e597bb07291a6c252b8ab5999a5485d0b9881a3e52a2edfb6fe07e45b8b70a242a0da0c9187dd4e43e7a35911fae87554b3569a9806b59befa1c3dd702b5e0ecce2373a1d09cc67ae231da5d79633c106188fa7170d8916ee39f200f606e0c5ec5b2273d0c5494fcab245d86c4113fec96bc6b2e622617ee4154518f3ca1be12c88a4e476cd17ae51b8e1d2061e42de358602a17ec360fd185d9de94f3bf902811eb63cbfc8130ffff62f08a005c402c619f34bef8f70eb7d378847cf6d75c5b5dc754115acd7235dcba0a35619f797aed68d3b632e0e09247ff5d5490631afd59f065789479a2ac3bc417e65dcd3380c8c74eb2e8b9d768862023bb5731d84738e0db5728cc0ac94302ff973f501d2136576b9ea39fc31ea4972fb02c60ac2a417321cbeda2371d852eb9e966ba6a110023fd0b5f7389a5fdb6854c0b9b50546eb4be22f4602887047b2f3c7e9bd824bd43e641433208d932c663f89c7fca6bce7dcf4953fbf94c56234d838ad07772b722a3e5bc870c4e3a41dc8babf483929aaaff1a49352152d9e0c543e7fd4dce22716733b93a47029cde25aa62fc890b10244c413438c1a8d5bb09279a1374c2cfec1aa6b6bd29cf331b6e9465e7c8ae3146e3b9e5f8866ea722c4fbd53426ac32b8e76619e0f09a583c67bc6d900e154f1349c2add5afeffffff7ce964358c543113faa2bb112c6457ac1afe02d53a6f39e7847b65a9ec8a449ceabb27c7c8f8bdfc9dc5808822cd8e3db0c1cf62cecf8f800d9b37f98db82b72c69f66393510cf7d46f53206135c2a53235928daadb4a7cc2b539522223093bd18739a5812bc0ce27cc972e05072dcae4a49fd634d3594f44f941ce3a13d60cc52d3c31a9b0038974e863b02124d71bbce7d800a130fac150f688aa826c2eb887854a3359cec7f4447f75a2f42b6f07b7d809d8ea1be1a62337d08fb53934772baf0d9f0cfa840a95cd19d5a7b547f5ba6995a6623a84f719170b5bb9d4f3809222b5a5c45f5a9c7545dffdd6d7b2f8a201ad9346ff2680f0544784c60c28656cc9908b735685793b35f8bda72e4c76986b7e366b7aa0a6dd2c3b6cb112393604d20c2049c536385d713ec502724138b6b5830ec7da56dff11499ca3e5ee6d3293cab96710a55dcbe43baa411d0dae00bccdd1150ed51727068d905cc9cf9ea8b8ff2d61e63a2992fab7f10baa8433cf738c901fcba1cac255098a1f7481a2d622404bcf77b2ac4dde88914dcdebaf5bce18de86beb232545529aaaddb653810513924211b154f7dcb07a12407012b3f493209a97b883761748efae29f8a68e442663d20d975fc7e76669d958e7ffa86fc81ed80adb684353e9c91311fdd89589354a0d19195d28dcd5ae0799e426c01c4e2739385efa49b6be8b0150a0b8784c9a0efb5179609db4b98e9e8762da4e1fcfb62986837ad1ba6f6eba667cd945ae327ee2f92b56bb5d93e9552be43d97da7ab9c4de7b0c29e23379c523b99506348bf9a9bb0a934e460b058a64869b4e8f86cca9bbb02daf9f6c195316b9e432aea20025e6a3fe812cac29fbcc1217cb9a7bbd568d12022ad0d6061dd96ef211d8a9a535917889d6787d591adec02be5298f2a2821e05f95e76fb355114968d30794a882fbd0906b85c697a14d2d6c2e17ad06029c3559bbf44b2e38a1c65886bb32be76e4b557c38b32d40ca8b566d694c13924a3ed3ef4b4c5ac09b8980e64ed3bb799fa37e909857d6135eb3e13eabe2f65702073c8acbe556681710800534ec93c617f2cbfa870404672e907332f83d5853933c7cbda05fd2d6ec3141a9e009ed435166fbe7293bf33d8e12d8e126fd258ff933a1f74dfca80108e243917817fc231409ce6b24717e22f4098e19b83929d8fcb968cfbf81820024000313958d58819c08163208c9e1cd86b90875adbbd5808eb0df5581c9d96ac071bc34a5f9c1f9b18801aa7a8c75bb87d1fe8588afb02479779b5934521c5259b3bffcd118f59356a02bb3fa1a43cd4a60e9aeb53706dbe5f98da8ae715c97dcfa0cff54dc32c16cd448886b32d1430355be2f4ac0bdb506e2ccf7525bf37810413d02bb48d5a4e0182a834b1a6438465a3cb33ba3fc65267a08b7a0ea91fb357ac930bb76e9977b0a0968c9141760119398b767a97a8da9b67c34dfc96b4288080570b06fa4f5e922bb76449de1c0569ae8c6df1fa57e7570438440bc8f940e1fa8aa6ff357050998750ef811df1c948dd2e82de4ffac381e1556efee116dd70ba097f504d212c173e70db0bb7ce5998c38b12e3c84442704d6ab8debf1d0fd196e742a87f96ad24cf3b9d3297576b8a8227ed3c9305d4cec21520dc34b0f56377a3269e85f09cac1e04f422dbee7ed15b59af6c7da8bc5c13e6fdde43b462bb49fd1c07ff9a598a71a0962562c3200ae1b2ead623d939f02c369a5f5cc249d1add5c97d1964e62f2e58b4aea4d9693b04871bca45d57c3e61288f9464fb64ddde76c2c862c2c233080c1140a65a5cd0c3cabab8cd7135ad1a5c8ad7cf8a17c761b036b9390e8d8fe33b5e70c0a36cdde766fbcc401ee34bc1107c29e5d7d49d68036999a984522f401dcdc16d0ee47ef5e538c664b590c462240f34f79f62d159306d5c0aa179f04199c5bf45540fd4a3e99d44d58664f3d31876c83926916db3619ba1b80d5aa23ecffe681297fe2d5fb95714f16f39e744440b67c2a7d58fb399b95cfec45671a5746c38be54019e451336b93c15cc23291a0d0c52de3e8f1284b274e497793dbf44639bfb2c2ff342a4d8c95ff885678fd9cd33bc0eda4bce3c1286e5cee1ba0ad3df51bb154f69ba0650b48f60fc5fe4c1add673c3ba666c4284897cba5f68511db851a770be131b79168e2075e3f5c2126d7a4d78589bcda9500bfbf2aaba1c76d110669112019ca76fdc76316aeec550aaf8b8ac5ccfbb04f4d54ce1c38f966c737dd4803bbee08784341880bb375244e43e803fea11538609af546eea72cbc7615389f8a806a89c8551f8b13823d529599bf0b2ae4677f957c25647c714734d5f9bc4cb97c46373ea683cfa93f415c4daac77020a25687ab92717b69", 0x10a2}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) r4 = socket$inet_udplite(0x2, 0x2, 0x88) r5 = dup(r4) ioctl$PERF_EVENT_IOC_ENABLE(r5, 0x8912, 0x400200) getpeername$tipc(r5, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:40:03 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:03 executing program 4: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ppp\x00', 0x80000101005, 0x0) r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) r4 = perf_event_open(&(0x7f0000000180)={0x6, 0x70, 0x0, 0x0, 0x0, 0x0, 0xfffffff6}, 0x0, 0x0, 0xffffffffffffffff, 0x0) dup2(r3, r4) r5 = fcntl$dupfd(r2, 0x0, r3) r6 = syz_genetlink_get_family_id$netlbl_calipso(&(0x7f0000000480)='NLBL_CALIPSO\x00') sendmsg$NLBL_CALIPSO_C_ADD(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000400)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000500)={&(0x7f00000004c0)={0x1c, r6, 0x20, 0x70bd2a, 0x25dfdbfd, {}, [@NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x1c}, 0x1, 0x0, 0x0, 0x88000}, 0x48000) sendmsg$NLBL_CALIPSO_C_ADD(r5, &(0x7f0000000280)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x94}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)={0x14, r6, 0x1, 0x70bd2a, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x2402c080}, 0x4) sendmsg$NLBL_CALIPSO_C_LISTALL(r0, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)={0x54, r6, 0x200, 0x70bd2d, 0x25dfdbfe, {}, [@NLBL_CALIPSO_A_MTYPE={0xfffffffffffffead}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x3}, @NLBL_CALIPSO_A_DOI={0x8, 0x1, 0x1}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}, @NLBL_CALIPSO_A_MTYPE={0x8}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x4) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$USBDEVFS_CONNECTINFO(r3, 0x40085511, &(0x7f0000000300)) r8 = dup(r7) timerfd_gettime(r8, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:40:03 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:03 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x2000000) [ 1953.109521][T24681] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1953.136955][T24681] CPU: 0 PID: 24681 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1953.147117][T24681] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1953.157164][T24681] Call Trace: [ 1953.160460][T24681] dump_stack+0x14a/0x1ce [ 1953.164785][T24681] ? devkmsg_release+0x11c/0x11c [ 1953.169715][T24681] ? show_regs_print_info+0x12/0x12 [ 1953.174905][T24681] ? radix_tree_cpu_dead+0x160/0x160 [ 1953.180180][T24681] ? _raw_spin_lock+0xa1/0x170 [ 1953.185891][T24681] ? _raw_spin_trylock_bh+0x190/0x190 [ 1953.191258][T24681] dump_header+0xdb/0x700 [ 1953.195587][T24681] oom_kill_process+0xd3/0x280 [ 1953.200348][T24681] out_of_memory+0x5b6/0x890 [ 1953.204935][T24681] ? unregister_oom_notifier+0x20/0x20 [ 1953.210391][T24681] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1953.215935][T24681] ? get_page_from_freelist+0x7c0/0x7c0 [ 1953.221475][T24681] ? __zone_watermark_ok+0x91/0x280 [ 1953.226668][T24681] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1953.232033][T24681] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1953.237579][T24681] ? copy_process+0x5a4/0x5110 [ 1953.242334][T24681] ? kmem_cache_alloc+0x1d5/0x260 [ 1953.247350][T24681] copy_process+0x5f3/0x5110 [ 1953.251942][T24681] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1953.257653][T24681] ? _raw_spin_lock+0xa1/0x170 [ 1953.262411][T24681] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1953.268197][T24681] ? __lru_cache_add+0x1a1/0x1f0 [ 1953.273114][T24681] ? fork_idle+0x290/0x290 [ 1953.277502][T24681] _do_fork+0x196/0x920 [ 1953.281626][T24681] ? finish_fault+0x230/0x230 [ 1953.286271][T24681] ? up_write+0xa1/0x190 [ 1953.290481][T24681] ? dup_mm+0x300/0x300 [ 1953.294604][T24681] __x64_sys_clone+0x25e/0x2c0 [ 1953.299335][T24681] ? __ia32_sys_vfork+0x110/0x110 [ 1953.304330][T24681] ? do_user_addr_fault+0x55c/0x9f0 [ 1953.309510][T24681] do_syscall_64+0xcb/0x150 [ 1953.313985][T24681] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1953.319861][T24681] RIP: 0033:0x45fb59 [ 1953.323725][T24681] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1953.343307][T24681] RSP: 002b:00007ffd47501a68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1953.351691][T24681] RAX: ffffffffffffffda RBX: 00007f76464a3700 RCX: 000000000045fb59 [ 1953.359649][T24681] RDX: 00007f76464a39d0 RSI: 00007f76464a2db0 RDI: 00000000003d0f00 [ 1953.367592][T24681] RBP: 00007ffd47501c90 R08: 00007f76464a3700 R09: 00007f76464a3700 [ 1953.375545][T24681] R10: 00007f76464a39d0 R11: 0000000000000202 R12: 0000000000000000 [ 1953.383498][T24681] R13: 00007ffd47501b1f R14: 00007f76464a39c0 R15: 000000000118d08c [ 1953.571695][T24681] Mem-Info: [ 1953.575250][T24681] active_anon:1411713 inactive_anon:5849 isolated_anon:0 [ 1953.575250][T24681] active_file:243 inactive_file:485 isolated_file:13 [ 1953.575250][T24681] unevictable:0 dirty:5 writeback:0 unstable:0 [ 1953.575250][T24681] slab_reclaimable:8839 slab_unreclaimable:77300 [ 1953.575250][T24681] mapped:53192 shmem:8901 pagetables:39736 bounce:0 [ 1953.575250][T24681] free:11736 free_pcp:142 free_cma:0 [ 1953.614018][T24681] Node 0 active_anon:5646852kB inactive_anon:23396kB active_file:772kB inactive_file:1900kB unevictable:0kB isolated(anon):0kB isolated(file):52kB mapped:212268kB dirty:20kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1953.643244][T24681] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1953.694760][T24681] lowmem_reserve[]: 0 2912 6416 6416 [ 1953.702961][T24681] DMA32 free:29656kB min:4644kB low:7624kB high:10604kB active_anon:2804408kB inactive_anon:3032kB active_file:1288kB inactive_file:2248kB unevictable:0kB writepending:8kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14976kB pagetables:32356kB bounce:0kB free_pcp:2136kB local_pcp:1504kB free_cma:0kB [ 1953.735925][T24681] lowmem_reserve[]: 0 0 3504 3504 [ 1953.742851][T24681] Normal free:12700kB min:5592kB low:9180kB high:12768kB active_anon:2826316kB inactive_anon:20364kB active_file:148kB inactive_file:1712kB unevictable:0kB writepending:12kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32256kB pagetables:126588kB bounce:0kB free_pcp:1292kB local_pcp:820kB free_cma:0kB [ 1953.774434][T24681] lowmem_reserve[]: 0 0 0 0 [ 1953.780286][T24681] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB 22:40:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:04 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x3000000) 22:40:04 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) ioctl$HIDIOCGCOLLECTIONINFO(0xffffffffffffffff, 0xc0104811, &(0x7f0000000040)={0x1, 0x2, 0x8, 0x5}) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) [ 1953.796995][T24681] DMA32: 393*4kB (MH) 292*8kB (MEH) 248*16kB (UMEH) 139*32kB (UMEH) 37*64kB (UMEH) 32*128kB (UM) 17*256kB (M) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 29284kB [ 1953.814808][T24681] Normal: 385*4kB (MEH) 386*8kB (MEH) 102*16kB (MEH) 30*32kB (ME) 20*64kB (MH) 11*128kB (MH) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9908kB 22:40:04 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1953.865412][T24681] 11792 total pagecache pages [ 1953.870314][T24681] 0 pages in swap cache [ 1953.893987][T24681] Swap cache stats: add 0, delete 0, find 0/0 [ 1953.903432][T24681] Free swap = 0kB [ 1953.907190][T24681] Total swap = 0kB [ 1953.923183][T24681] 1965979 pages RAM [ 1953.927012][T24681] 0 pages HighMem/MovableOnly [ 1953.931669][T24681] 318829 pages reserved [ 1953.963175][T24681] 0 pages cma reserved [ 1953.967257][T24681] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=24671,uid=0 [ 1954.254817][ T137] systemd-journal invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1954.266566][ T137] CPU: 1 PID: 137 Comm: systemd-journal Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1954.276622][ T137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1954.286653][ T137] Call Trace: [ 1954.289924][ T137] dump_stack+0x14a/0x1ce [ 1954.294224][ T137] ? devkmsg_release+0x11c/0x11c [ 1954.299133][ T137] ? show_regs_print_info+0x12/0x12 [ 1954.304303][ T137] ? radix_tree_cpu_dead+0x160/0x160 [ 1954.309559][ T137] ? _raw_spin_lock+0xa1/0x170 [ 1954.314308][ T137] ? _raw_spin_trylock_bh+0x190/0x190 [ 1954.319659][ T137] dump_header+0xdb/0x700 [ 1954.323972][ T137] oom_kill_process+0xd3/0x280 [ 1954.328710][ T137] out_of_memory+0x5b6/0x890 [ 1954.333273][ T137] ? unregister_oom_notifier+0x20/0x20 [ 1954.338807][ T137] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1954.344340][ T137] ? 0xffffffffa00a0000 [ 1954.348470][ T137] ? get_page_from_freelist+0x7c0/0x7c0 [ 1954.353989][ T137] ? __zone_watermark_ok+0x91/0x280 [ 1954.359194][ T137] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1954.364545][ T137] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1954.370064][ T137] ? __secure_computing+0x250/0x250 [ 1954.375238][ T137] alloc_slab_page+0x3a/0x3a0 [ 1954.379888][ T137] new_slab+0x408/0x450 [ 1954.384013][ T137] ___slab_alloc+0x2e0/0x450 [ 1954.388573][ T137] ? slab_free_freelist_hook+0xd0/0x150 [ 1954.394091][ T137] ? getname_flags+0xb8/0x610 [ 1954.398749][ T137] ? getname_flags+0xb8/0x610 [ 1954.403408][ T137] kmem_cache_alloc+0x23f/0x260 [ 1954.408241][ T137] ? __secure_computing+0x1b6/0x250 [ 1954.413412][ T137] getname_flags+0xb8/0x610 [ 1954.417887][ T137] do_mkdirat+0xa1/0x310 [ 1954.422102][ T137] ? do_syscall_64+0x150/0x150 [ 1954.426833][ T137] ? vfs_mkdir+0x30/0x30 [ 1954.431056][ T137] do_syscall_64+0xcb/0x150 [ 1954.435532][ T137] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1954.441396][ T137] RIP: 0033:0x7f04faf71687 [ 1954.445794][ T137] Code: Bad RIP value. [ 1954.449834][ T137] RSP: 002b:00007fffa7943108 EFLAGS: 00000293 ORIG_RAX: 0000000000000053 [ 1954.458230][ T137] RAX: ffffffffffffffda RBX: 00007fffa7946020 RCX: 00007f04faf71687 [ 1954.466172][ T137] RDX: 00007f04fb9e2a00 RSI: 00000000000001ed RDI: 000055e38870f8c0 [ 1954.474129][ T137] RBP: 00007fffa7943140 R08: 0000000000000000 R09: 0000000000000000 [ 1954.482072][ T137] R10: 0000000000000069 R11: 0000000000000293 R12: 0000000000000000 [ 1954.490013][ T137] R13: 0000000000000000 R14: 00007fffa7946020 R15: 00007fffa7943630 [ 1954.533100][ T137] Mem-Info: [ 1954.536243][ T137] active_anon:1411696 inactive_anon:5849 isolated_anon:0 [ 1954.536243][ T137] active_file:216 inactive_file:197 isolated_file:21 [ 1954.536243][ T137] unevictable:0 dirty:27 writeback:19 unstable:0 [ 1954.536243][ T137] slab_reclaimable:8843 slab_unreclaimable:77251 [ 1954.536243][ T137] mapped:52880 shmem:8901 pagetables:39692 bounce:0 [ 1954.536243][ T137] free:12387 free_pcp:30 free_cma:0 [ 1954.590771][ T137] Node 0 active_anon:5646784kB inactive_anon:23396kB active_file:1096kB inactive_file:1552kB unevictable:0kB isolated(anon):0kB isolated(file):200kB mapped:212120kB dirty:108kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1954.615855][ T137] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1954.642487][ T137] lowmem_reserve[]: 0 2912 6416 6416 [ 1954.648324][ T137] DMA32 free:22240kB min:4644kB low:7624kB high:10604kB active_anon:2816444kB inactive_anon:3032kB active_file:332kB inactive_file:8kB unevictable:0kB writepending:28kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14976kB pagetables:32304kB bounce:0kB free_pcp:212kB local_pcp:12kB free_cma:0kB [ 1954.678309][ T137] lowmem_reserve[]: 0 0 3504 3504 [ 1954.684039][ T137] Normal free:10184kB min:5592kB low:9180kB high:12768kB active_anon:2830340kB inactive_anon:20364kB active_file:460kB inactive_file:756kB unevictable:0kB writepending:156kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32192kB pagetables:126464kB bounce:0kB free_pcp:1680kB local_pcp:192kB free_cma:0kB [ 1954.715905][ T137] lowmem_reserve[]: 0 0 0 0 [ 1954.721117][ T137] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1954.735034][ T137] DMA32: 356*4kB (UMH) 149*8kB (UMEH) 74*16kB (UMEH) 43*32kB (UMEH) 39*64kB (UMEH) 32*128kB (UM) 17*256kB (M) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 22264kB [ 1954.752161][ T137] Normal: 102*4kB (UME) 407*8kB (UME) 136*16kB (UME) 31*32kB (UME) 20*64kB (UM) 12*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9648kB [ 1954.808358][ T137] 9685 total pagecache pages [ 1954.817663][ T137] 0 pages in swap cache [ 1954.826471][ T137] Swap cache stats: add 0, delete 0, find 0/0 [ 1954.836607][ T137] Free swap = 0kB [ 1954.840756][ T137] Total swap = 0kB [ 1954.848287][ T137] 1965979 pages RAM [ 1954.852229][ T137] 0 pages HighMem/MovableOnly [ 1954.857080][ T137] 318829 pages reserved [ 1954.861385][ T137] 0 pages cma reserved [ 1954.865633][ T137] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=24686,uid=0 22:40:05 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, 0x0, 0x0) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:05 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$PPPIOCATTCHAN(0xffffffffffffffff, 0x40047438, &(0x7f00000002c0)=0x2) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:40:05 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:05 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x4000000) 22:40:05 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:05 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x94], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:05 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x5000000) 22:40:05 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:05 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r1 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r1, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r2, &(0x7f00000017c0), 0x375, 0x0, 0x0) r3 = dup(0xffffffffffffffff) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r4, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r4, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) [ 1955.269307][ T371] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=0 [ 1955.294519][ T371] CPU: 1 PID: 371 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1955.304504][ T371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1955.314549][ T371] Call Trace: [ 1955.317839][ T371] dump_stack+0x14a/0x1ce [ 1955.322164][ T371] ? devkmsg_release+0x11c/0x11c [ 1955.327093][ T371] ? show_regs_print_info+0x12/0x12 [ 1955.332286][ T371] ? radix_tree_cpu_dead+0x160/0x160 [ 1955.337650][ T371] ? _raw_spin_lock+0xa1/0x170 [ 1955.342408][ T371] ? _raw_spin_trylock_bh+0x190/0x190 [ 1955.347952][ T371] dump_header+0xdb/0x700 [ 1955.352278][ T371] oom_kill_process+0xd3/0x280 [ 1955.357038][ T371] out_of_memory+0x5b6/0x890 [ 1955.361655][ T371] ? unregister_oom_notifier+0x20/0x20 [ 1955.367109][ T371] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1955.372658][ T371] ? get_page_from_freelist+0x7c0/0x7c0 [ 1955.378201][ T371] ? __zone_watermark_ok+0x91/0x280 [ 1955.383396][ T371] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1955.388761][ T371] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1955.394301][ T371] ? copy_process+0x5a4/0x5110 [ 1955.399056][ T371] ? kmem_cache_alloc+0x1d5/0x260 [ 1955.405289][ T371] copy_process+0x5f3/0x5110 [ 1955.409875][ T371] ? _raw_spin_unlock+0x5/0x20 [ 1955.414633][ T371] ? do_swap_page+0x1560/0x1560 [ 1955.419468][ T371] ? mm_trace_rss_stat+0x41/0x1a0 [ 1955.424465][ T371] ? fork_idle+0x290/0x290 [ 1955.428851][ T371] _do_fork+0x196/0x920 [ 1955.432975][ T371] ? finish_fault+0x230/0x230 [ 1955.437624][ T371] ? dup_mm+0x300/0x300 [ 1955.441748][ T371] ? ktime_get_raw+0x130/0x130 [ 1955.446482][ T371] __x64_sys_clone+0x25e/0x2c0 [ 1955.451230][ T371] ? __ia32_sys_vfork+0x110/0x110 [ 1955.456239][ T371] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1955.461850][ T371] ? do_user_addr_fault+0x55c/0x9f0 [ 1955.467020][ T371] do_syscall_64+0xcb/0x150 [ 1955.471497][ T371] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1955.477446][ T371] RIP: 0033:0x45b75a [ 1955.481311][ T371] Code: f7 d8 64 89 04 25 d4 02 00 00 64 4c 8b 0c 25 10 00 00 00 31 d2 4d 8d 91 d0 02 00 00 31 f6 bf 11 00 20 01 b8 38 00 00 00 0f 05 <48> 3d 00 f0 ff ff 0f 87 f5 00 00 00 85 c0 41 89 c5 0f 85 fc 00 00 [ 1955.500902][ T371] RSP: 002b:00007ffd47501d10 EFLAGS: 00000246 ORIG_RAX: 0000000000000038 [ 1955.509906][ T371] RAX: ffffffffffffffda RBX: 00007ffd47501d10 RCX: 000000000045b75a [ 1955.517859][ T371] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000001200011 [ 1955.525812][ T371] RBP: 00007ffd47501d50 R08: 0000000000000001 R09: 000000000196f940 [ 1955.533760][ T371] R10: 000000000196fc10 R11: 0000000000000246 R12: 0000000000000001 [ 1955.541891][ T371] R13: 0000000000000000 R14: 0000000000000000 R15: 00007ffd47501da0 [ 1955.633136][ T371] Mem-Info: [ 1955.636920][ T371] active_anon:1413677 inactive_anon:5849 isolated_anon:0 [ 1955.636920][ T371] active_file:492 inactive_file:550 isolated_file:78 [ 1955.636920][ T371] unevictable:0 dirty:3 writeback:0 unstable:0 [ 1955.636920][ T371] slab_reclaimable:8844 slab_unreclaimable:77346 [ 1955.636920][ T371] mapped:53619 shmem:8901 pagetables:39765 bounce:0 [ 1955.636920][ T371] free:9180 free_pcp:205 free_cma:0 [ 1955.675258][ T371] Node 0 active_anon:5654708kB inactive_anon:23396kB active_file:1968kB inactive_file:2200kB unevictable:0kB isolated(anon):0kB isolated(file):192kB mapped:214376kB dirty:12kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1955.707807][ T371] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1955.759102][ T371] lowmem_reserve[]: 0 2912 6416 6416 [ 1955.764965][ T371] DMA32 free:17132kB min:4644kB low:7624kB high:10604kB active_anon:2818856kB inactive_anon:3032kB active_file:724kB inactive_file:232kB unevictable:0kB writepending:100kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15072kB pagetables:32636kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1955.795497][ T371] lowmem_reserve[]: 0 0 3504 3504 [ 1955.806770][ T371] Normal free:4692kB min:5592kB low:9180kB high:12768kB active_anon:2835492kB inactive_anon:20364kB active_file:1396kB inactive_file:1712kB unevictable:0kB writepending:176kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32224kB pagetables:126424kB bounce:0kB free_pcp:56kB local_pcp:56kB free_cma:0kB [ 1955.866877][ T371] lowmem_reserve[]: 0 0 0 0 [ 1955.871743][ T371] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1956.075977][ T371] DMA32: 91*4kB (UM) 66*8kB (UMEH) 26*16kB (UMEH) 16*32kB (UME) 8*64kB (UME) 32*128kB (UM) 19*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 17436kB [ 1956.119969][ T371] Normal: 601*4kB (UME) 101*8kB (UME) 31*16kB (UME) 3*32kB (UME) 18*64kB (UM) 12*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6492kB [ 1956.164221][ T371] 9179 total pagecache pages [ 1956.169093][ T371] 0 pages in swap cache [ 1956.173575][ T371] Swap cache stats: add 0, delete 0, find 0/0 [ 1956.179964][ T371] Free swap = 0kB [ 1956.183971][ T371] Total swap = 0kB [ 1956.188005][ T371] 1965979 pages RAM [ 1956.192031][ T371] 0 pages HighMem/MovableOnly [ 1956.197118][ T371] 318829 pages reserved [ 1956.201595][ T371] 0 pages cma reserved [ 1956.205993][ T371] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=24706,uid=0 [ 1956.220479][ T371] Out of memory: Killed process 24706 (syz-executor.5) total-vm:85348kB, anon-rss:10408kB, file-rss:33984kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 1956.244069][ T23] oom_reaper: reaped process 24706 (syz-executor.5), now anon-rss:0kB, file-rss:33948kB, shmem-rss:0kB [ 1956.505059][ T347] syz-fuzzer invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=0 [ 1956.516338][ T347] CPU: 1 PID: 347 Comm: syz-fuzzer Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1956.525955][ T347] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1956.535987][ T347] Call Trace: [ 1956.539258][ T347] dump_stack+0x14a/0x1ce [ 1956.543561][ T347] ? devkmsg_release+0x11c/0x11c [ 1956.548466][ T347] ? show_regs_print_info+0x12/0x12 [ 1956.553630][ T347] ? radix_tree_cpu_dead+0x160/0x160 [ 1956.558883][ T347] ? _raw_spin_lock+0xa1/0x170 [ 1956.563627][ T347] ? _raw_spin_trylock_bh+0x190/0x190 [ 1956.568968][ T347] dump_header+0xdb/0x700 [ 1956.573280][ T347] oom_kill_process+0xd3/0x280 [ 1956.578014][ T347] out_of_memory+0x5b6/0x890 [ 1956.582572][ T347] ? unregister_oom_notifier+0x20/0x20 [ 1956.588001][ T347] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1956.593520][ T347] ? get_page_from_freelist+0x7c0/0x7c0 [ 1956.599036][ T347] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1956.604389][ T347] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1956.609908][ T347] pagecache_get_page+0x50f/0x880 [ 1956.614902][ T347] filemap_fault+0x14cb/0x1a30 [ 1956.619635][ T347] ? __down_read+0xf1/0x210 [ 1956.624106][ T347] ? generic_file_read_iter+0x20b0/0x20b0 [ 1956.629794][ T347] ext4_filemap_fault+0x7b/0x90 [ 1956.634612][ T347] handle_mm_fault+0x29ca/0x41e0 [ 1956.639519][ T347] ? finish_fault+0x230/0x230 [ 1956.644165][ T347] ? __ia32_sys_sigaltstack+0x60/0x60 [ 1956.649508][ T347] ? down_read_trylock+0x17a/0x1d0 [ 1956.654585][ T347] ? fput_many+0x42/0x1a0 [ 1956.658883][ T347] ? vmacache_find+0x205/0x4b0 [ 1956.663617][ T347] do_user_addr_fault+0x48a/0x9f0 [ 1956.668611][ T347] page_fault+0x2f/0x40 [ 1956.672735][ T347] RIP: 0033:0x79929b [ 1956.676600][ T347] Code: 48 8b 5c 24 70 48 8d 35 43 cf 37 00 48 39 f3 0f 85 4b 02 00 00 48 8b 58 70 48 8b 78 68 4c 8b 40 60 48 85 ff 0f 86 2c 02 00 00 <49> 8b 00 49 83 78 08 07 75 1a 81 38 73 79 73 63 75 12 66 81 78 04 [ 1956.696172][ T347] RSP: 002b:000000c0110b5920 EFLAGS: 00010202 [ 1956.702206][ T347] RAX: 00000000012d1740 RBX: 0000000000000001 RCX: 0000000000b1bcc0 [ 1956.710164][ T347] RDX: 0000000000000000 RSI: 0000000000b161c0 RDI: 0000000000000001 [ 1956.718117][ T347] RBP: 000000c0110b59c8 R08: 0000000000ece500 R09: 000000c0110b5a90 [ 1956.726059][ T347] R10: 0000000000000000 R11: 0000000000000011 R12: 00000000000000f1 [ 1956.734000][ T347] R13: 0000000000000000 R14: 0000000000ad7152 R15: 0000000000000000 [ 1956.775546][ T347] Mem-Info: [ 1956.779206][ T347] active_anon:1408755 inactive_anon:5849 isolated_anon:0 [ 1956.779206][ T347] active_file:771 inactive_file:783 isolated_file:32 [ 1956.779206][ T347] unevictable:0 dirty:21 writeback:0 unstable:0 [ 1956.779206][ T347] slab_reclaimable:8845 slab_unreclaimable:77450 [ 1956.779206][ T347] mapped:53925 shmem:8901 pagetables:39789 bounce:0 [ 1956.779206][ T347] free:13219 free_pcp:628 free_cma:0 [ 1956.824787][ T347] Node 0 active_anon:5635220kB inactive_anon:23396kB active_file:3336kB inactive_file:3896kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:216200kB dirty:84kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1956.859353][ T347] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1956.886144][ T347] lowmem_reserve[]: 0 2912 6416 6416 [ 1956.892450][ T347] DMA32 free:25348kB min:4644kB low:7624kB high:10604kB active_anon:2806828kB inactive_anon:3032kB active_file:1264kB inactive_file:1060kB unevictable:0kB writepending:40kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:14944kB pagetables:32724kB bounce:0kB free_pcp:2484kB local_pcp:1152kB free_cma:0kB [ 1956.923487][ T347] lowmem_reserve[]: 0 0 3504 3504 [ 1956.929434][ T347] Normal free:8980kB min:5592kB low:9180kB high:12768kB active_anon:2828580kB inactive_anon:20364kB active_file:1440kB inactive_file:2920kB unevictable:0kB writepending:44kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32192kB pagetables:126432kB bounce:0kB free_pcp:1272kB local_pcp:352kB free_cma:0kB [ 1956.960344][ T347] lowmem_reserve[]: 0 0 0 0 [ 1956.965653][ T347] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1956.979754][ T347] DMA32: 364*4kB (UMEH) 188*8kB (UMEH) 98*16kB (UMEH) 110*32kB (UMEH) 39*64kB (UME) 33*128kB (UM) 19*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 25776kB 22:40:07 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:07 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) socket$netlink(0x10, 0x3, 0x5) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0xffffffff, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:40:07 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r1 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r1, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r2, &(0x7f00000017c0), 0x375, 0x0, 0x0) r3 = dup(0xffffffffffffffff) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r4, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r4, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) [ 1957.021913][ T347] Normal: 55*4kB (MEH) 347*8kB (MEH) 132*16kB (MEH) 40*32kB (MEH) 16*64kB (MH) 11*128kB (MH) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8820kB [ 1957.037588][ T347] 11385 total pagecache pages [ 1957.043328][ T347] 0 pages in swap cache [ 1957.067549][ T347] Swap cache stats: add 0, delete 0, find 0/0 [ 1957.107812][ T347] Free swap = 0kB [ 1957.121759][ T347] Total swap = 0kB [ 1957.134565][ T347] 1965979 pages RAM [ 1957.144044][ T347] 0 pages HighMem/MovableOnly [ 1957.157874][ T347] 318829 pages reserved [ 1957.168928][ T347] 0 pages cma reserved [ 1957.179925][ T347] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=24718,uid=0 22:40:07 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = accept4$packet(r0, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f00000001c0)=0x14, 0x800) ioctl$F2FS_IOC_RESIZE_FS(r2, 0x4008f510, &(0x7f0000000200)=0x81) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) timerfd_gettime(r4, 0x0) setxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='com.apple.FinderInfo\x00', &(0x7f0000000140)='fd/4\x00', 0x5, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) [ 1957.634683][T24717] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1957.656503][T24717] CPU: 0 PID: 24717 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1957.666663][T24717] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1957.676708][T24717] Call Trace: [ 1957.680000][T24717] dump_stack+0x14a/0x1ce [ 1957.684322][T24717] ? devkmsg_release+0x11c/0x11c [ 1957.689255][T24717] ? show_regs_print_info+0x12/0x12 [ 1957.694445][T24717] ? radix_tree_cpu_dead+0x160/0x160 [ 1957.699717][T24717] ? _raw_spin_lock+0xa1/0x170 [ 1957.704472][T24717] ? _raw_spin_trylock_bh+0x190/0x190 [ 1957.709862][T24717] dump_header+0xdb/0x700 [ 1957.714187][T24717] oom_kill_process+0xd3/0x280 [ 1957.718943][T24717] out_of_memory+0x5b6/0x890 [ 1957.723553][T24717] ? unregister_oom_notifier+0x20/0x20 [ 1957.729006][T24717] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1957.734556][T24717] ? get_page_from_freelist+0x7c0/0x7c0 [ 1957.740101][T24717] ? __zone_watermark_ok+0x91/0x280 [ 1957.745303][T24717] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1957.750678][T24717] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1957.756216][T24717] ? copy_process+0x5a4/0x5110 [ 1957.760972][T24717] ? kmem_cache_alloc+0x1d5/0x260 [ 1957.765989][T24717] copy_process+0x5f3/0x5110 [ 1957.770575][T24717] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1957.776288][T24717] ? _raw_spin_lock+0xa1/0x170 [ 1957.781044][T24717] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1957.786847][T24717] ? __lru_cache_add+0x1a1/0x1f0 [ 1957.791781][T24717] ? fork_idle+0x290/0x290 [ 1957.796198][T24717] _do_fork+0x196/0x920 [ 1957.800348][T24717] ? finish_fault+0x230/0x230 [ 1957.805019][T24717] ? up_write+0xa1/0x190 [ 1957.809271][T24717] ? dup_mm+0x300/0x300 [ 1957.813422][T24717] __x64_sys_clone+0x25e/0x2c0 [ 1957.818181][T24717] ? __ia32_sys_vfork+0x110/0x110 [ 1957.823197][T24717] ? do_user_addr_fault+0x55c/0x9f0 [ 1957.828388][T24717] do_syscall_64+0xcb/0x150 [ 1957.832888][T24717] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1957.838768][T24717] RIP: 0033:0x45fb59 [ 1957.842663][T24717] Code: Bad RIP value. [ 1957.846723][T24717] RSP: 002b:00007ffc8d239e88 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1957.855122][T24717] RAX: ffffffffffffffda RBX: 00007fe26cb7d700 RCX: 000000000045fb59 [ 1957.863085][T24717] RDX: 00007fe26cb7d9d0 RSI: 00007fe26cb7cdb0 RDI: 00000000003d0f00 [ 1957.871048][T24717] RBP: 00007ffc8d23a0b0 R08: 00007fe26cb7d700 R09: 00007fe26cb7d700 [ 1957.879046][T24717] R10: 00007fe26cb7d9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1957.887007][T24717] R13: 00007ffc8d239f3f R14: 00007fe26cb7d9c0 R15: 000000000118d12c [ 1957.900759][T24717] Mem-Info: [ 1957.904081][T24717] active_anon:1411795 inactive_anon:5849 isolated_anon:0 [ 1957.904081][T24717] active_file:36 inactive_file:123 isolated_file:5 [ 1957.904081][T24717] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1957.904081][T24717] slab_reclaimable:8846 slab_unreclaimable:77329 [ 1957.904081][T24717] mapped:52657 shmem:8901 pagetables:39811 bounce:0 [ 1957.904081][T24717] free:12160 free_pcp:100 free_cma:0 [ 1957.942135][T24717] Node 0 active_anon:5647180kB inactive_anon:23396kB active_file:416kB inactive_file:2804kB unevictable:0kB isolated(anon):0kB isolated(file):148kB mapped:212628kB dirty:0kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1957.967612][T24717] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1957.994094][T24717] lowmem_reserve[]: 0 2912 6416 6416 [ 1957.999887][T24717] DMA32 free:21752kB min:4644kB low:7624kB high:10604kB active_anon:2813236kB inactive_anon:3032kB active_file:564kB inactive_file:784kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15104kB pagetables:32720kB bounce:0kB free_pcp:372kB local_pcp:240kB free_cma:0kB [ 1958.029931][T24717] lowmem_reserve[]: 0 0 3504 3504 [ 1958.035411][T24717] Normal free:7992kB min:5592kB low:9180kB high:12768kB active_anon:2833844kB inactive_anon:20364kB active_file:496kB inactive_file:1620kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32160kB pagetables:126524kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1958.065814][T24717] lowmem_reserve[]: 0 0 0 0 [ 1958.070501][T24717] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1958.084214][T24717] DMA32: 77*4kB (UMEH) 113*8kB (MEH) 99*16kB (UMEH) 46*32kB (UMEH) 38*64kB (UME) 33*128kB (UM) 19*256kB (UM) 6*512kB (UM) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 21932kB [ 1958.101131][T24717] Normal: 536*4kB (UME) 98*8kB (UME) 75*16kB (UME) 41*32kB (UME) 17*64kB (UM) 11*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 7936kB [ 1958.116038][T24717] 9643 total pagecache pages [ 1958.120809][T24717] 0 pages in swap cache [ 1958.125262][T24717] Swap cache stats: add 0, delete 0, find 0/0 [ 1958.131516][T24717] Free swap = 0kB [ 1958.135529][T24717] Total swap = 0kB [ 1958.139409][T24717] 1965979 pages RAM [ 1958.153143][T24717] 0 pages HighMem/MovableOnly [ 1958.160421][T24717] 318829 pages reserved [ 1958.169475][T24717] 0 pages cma reserved [ 1958.178356][T24717] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=24717,uid=0 [ 1958.226028][T24717] Out of memory: Killed process 24717 (syz-executor.4) total-vm:85480kB, anon-rss:16548kB, file-rss:34312kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1958.268972][ T23] oom_reaper: reaped process 24717 (syz-executor.4), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB 22:40:08 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:08 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x0, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:09 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1958.610881][T24761] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1958.662128][T24761] CPU: 0 PID: 24761 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1958.672289][T24761] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1958.682695][T24761] Call Trace: [ 1958.685986][T24761] dump_stack+0x14a/0x1ce [ 1958.690310][T24761] ? devkmsg_release+0x11c/0x11c [ 1958.695236][T24761] ? show_regs_print_info+0x12/0x12 [ 1958.700432][T24761] ? radix_tree_cpu_dead+0x160/0x160 [ 1958.705685][T24761] ? _raw_spin_lock+0xa1/0x170 [ 1958.710418][T24761] ? _raw_spin_trylock_bh+0x190/0x190 [ 1958.715778][T24761] dump_header+0xdb/0x700 [ 1958.720078][T24761] oom_kill_process+0xd3/0x280 [ 1958.724808][T24761] out_of_memory+0x5b6/0x890 [ 1958.729367][T24761] ? unregister_oom_notifier+0x20/0x20 [ 1958.734799][T24761] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1958.740335][T24761] ? get_page_from_freelist+0x7c0/0x7c0 [ 1958.745850][T24761] ? __zone_watermark_ok+0x91/0x280 [ 1958.751017][T24761] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1958.756359][T24761] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1958.761875][T24761] ? copy_process+0x5a4/0x5110 [ 1958.766620][T24761] ? copy_process+0x5a4/0x5110 [ 1958.771351][T24761] ? kmem_cache_alloc+0x1d5/0x260 [ 1958.776345][T24761] copy_process+0x5f3/0x5110 [ 1958.780907][T24761] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1958.787027][T24761] ? _raw_spin_lock+0xa1/0x170 [ 1958.791770][T24761] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1958.797547][T24761] ? __lru_cache_add+0x1a1/0x1f0 [ 1958.802463][T24761] ? fork_idle+0x290/0x290 [ 1958.806852][T24761] _do_fork+0x196/0x920 [ 1958.810979][T24761] ? finish_fault+0x230/0x230 [ 1958.815625][T24761] ? up_write+0xa1/0x190 [ 1958.819848][T24761] ? dup_mm+0x300/0x300 [ 1958.823988][T24761] __x64_sys_clone+0x25e/0x2c0 [ 1958.828729][T24761] ? __ia32_sys_vfork+0x110/0x110 [ 1958.833735][T24761] ? do_user_addr_fault+0x55c/0x9f0 [ 1958.839060][T24761] do_syscall_64+0xcb/0x150 [ 1958.843551][T24761] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1958.849429][T24761] RIP: 0033:0x45fb59 [ 1958.853306][T24761] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1958.872877][T24761] RSP: 002b:00007ffc8d239e88 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1958.881255][T24761] RAX: ffffffffffffffda RBX: 00007fe26cbe0700 RCX: 000000000045fb59 [ 1958.889200][T24761] RDX: 00007fe26cbe09d0 RSI: 00007fe26cbdfdb0 RDI: 00000000003d0f00 [ 1958.897167][T24761] RBP: 00007ffc8d23a0b0 R08: 00007fe26cbe0700 R09: 00007fe26cbe0700 [ 1958.905127][T24761] R10: 00007fe26cbe09d0 R11: 0000000000000202 R12: 0000000000000000 [ 1958.913073][T24761] R13: 00007ffc8d239f3f R14: 00007fe26cbe09c0 R15: 000000000118cf4c [ 1958.932852][T24761] Mem-Info: [ 1958.936166][T24761] active_anon:1412419 inactive_anon:5849 isolated_anon:0 [ 1958.936166][T24761] active_file:541 inactive_file:550 isolated_file:74 [ 1958.936166][T24761] unevictable:0 dirty:32 writeback:0 unstable:0 [ 1958.936166][T24761] slab_reclaimable:8850 slab_unreclaimable:77398 [ 1958.936166][T24761] mapped:53488 shmem:8901 pagetables:39867 bounce:0 [ 1958.936166][T24761] free:10220 free_pcp:179 free_cma:0 [ 1958.983188][T24761] Node 0 active_anon:5649676kB inactive_anon:23396kB active_file:1880kB inactive_file:1784kB unevictable:0kB isolated(anon):0kB isolated(file):276kB mapped:213552kB dirty:128kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1959.012217][T24761] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1959.038565][T24761] lowmem_reserve[]: 0 2912 6416 6416 [ 1959.046395][T24761] DMA32 free:17528kB min:4644kB low:7624kB high:10604kB active_anon:2817440kB inactive_anon:3032kB active_file:956kB inactive_file:784kB unevictable:0kB writepending:72kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15200kB pagetables:32832kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1959.075803][T24761] lowmem_reserve[]: 0 0 3504 3504 [ 1959.081124][T24761] Normal free:8960kB min:13784kB low:17372kB high:20960kB active_anon:2831484kB inactive_anon:20364kB active_file:952kB inactive_file:968kB unevictable:0kB writepending:56kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32160kB pagetables:126636kB bounce:0kB free_pcp:80kB local_pcp:0kB free_cma:0kB [ 1959.123040][T24761] lowmem_reserve[]: 0 0 0 0 [ 1959.127831][T24761] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1959.166594][T24761] DMA32: 143*4kB (UMH) 65*8kB (UMEH) 44*16kB (UMEH) 35*32kB (UMEH) 18*64kB (UMEH) 31*128kB (UM) 19*256kB (UM) 4*512kB (M) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 18020kB [ 1959.202743][T24761] Normal: 930*4kB (UME) 165*8kB (UME) 68*16kB (UME) 42*32kB (ME) 16*64kB (UM) 11*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9904kB [ 1959.223608][T24761] 9428 total pagecache pages [ 1959.228653][T24761] 0 pages in swap cache [ 1959.233304][T24761] Swap cache stats: add 0, delete 0, find 0/0 [ 1959.239778][T24761] Free swap = 0kB [ 1959.243929][T24761] Total swap = 0kB [ 1959.248043][T24761] 1965979 pages RAM [ 1959.252274][T24761] 0 pages HighMem/MovableOnly [ 1959.257435][T24761] 318829 pages reserved [ 1959.261958][T24761] 0 pages cma reserved [ 1959.277371][T24761] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=24750,uid=0 [ 1959.314485][T24761] Out of memory: Killed process 24750 (syz-executor.5) total-vm:85348kB, anon-rss:11760kB, file-rss:34520kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 1959.336905][ T23] oom_reaper: reaped process 24750 (syz-executor.5), now anon-rss:0kB, file-rss:34224kB, shmem-rss:0kB 22:40:09 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x6000000) 22:40:10 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r0, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r1 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r1, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r2, &(0x7f00000017c0), 0x375, 0x0, 0x0) r3 = dup(0xffffffffffffffff) getsockname$packet(r3, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r4, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r4, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:10 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x7000000) 22:40:10 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = open(&(0x7f0000000040)='./file0\x00', 0x82, 0x6dd317e7e51d2bc2) ioctl$PERF_EVENT_IOC_RESET(r2, 0x2403, 0x3d34) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) dup(0xffffffffffffffff) ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000080)={'syztnl1\x00', &(0x7f0000000100)={'gre0\x00', 0x0, 0x20, 0x7800, 0x9, 0x3, {{0xc, 0x4, 0x2, 0x1f, 0x30, 0x65, 0x0, 0x3e, 0x4, 0x0, @multicast2, @multicast1, {[@noop, @noop, @ssrr={0x89, 0x7, 0xad, [@remote]}, @ssrr={0x89, 0xf, 0xf, [@private=0xa010102, @private=0xa010100, @broadcast]}, @noop]}}}}}) sendmsg$BATADV_CMD_GET_BLA_BACKBONE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)=ANY=[@ANYBLOB='\x00\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="20002abd7000fbdbdf250c00000008000b00ff7f000005002a0000000000050038000000000008003100ff0f000008000600", @ANYRES32=r5, @ANYBLOB="05002f000000000008003a00c50700000500380001000000"], 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x8000001) sendmsg$BATADV_CMD_SET_MESH(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x34, 0x0, 0x2, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x81}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x9}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x8}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x7e}]}, 0x34}, 0x1, 0x0, 0x0, 0x40000}, 0x4040044) r6 = socket$inet6(0xa, 0x800000000000002, 0x0) sendmmsg$inet6(r6, &(0x7f0000004cc0)=[{{&(0x7f0000001480)={0xa, 0x4e21, 0x0, @empty}, 0x1c, 0x0}}, {{&(0x7f0000004900)={0xa, 0x4e22, 0x0, @private0}, 0x1c, 0x0, 0x0, &(0x7f0000004bc0)=[@rthdr={{0x18, 0x29, 0x34}}], 0x18}}], 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADD6RD(r6, 0x89f9, &(0x7f00000000c0)={'ip6_vti0\x00', &(0x7f0000000040)={'syztnl0\x00', 0x0, 0x2f, 0xa4, 0x3f, 0x5, 0x1a, @dev={0xfe, 0x80, [], 0x38}, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x8, 0x71d0, 0xfffffffe, 0x800}}) sendmsg$BATADV_CMD_GET_DAT_CACHE(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000180)={&(0x7f0000000100)={0x44, 0x0, 0x4, 0x70bd25, 0x25dfdbfe, {}, [@BATADV_ATTR_DISTRIBUTED_ARP_TABLE_ENABLED={0x5}, @BATADV_ATTR_BRIDGE_LOOP_AVOIDANCE_ENABLED={0x5, 0x2e, 0x1}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x1}, @BATADV_ATTR_GW_MODE={0x5, 0x33, 0x1}, @BATADV_ATTR_GW_SEL_CLASS={0x8, 0x34, 0x8001}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r7}]}, 0x44}, 0x1, 0x0, 0x0, 0x844}, 0x0) sendmsg$BATADV_CMD_GET_BLA_CLAIM(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0xbf1b46b42d251a20}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x34, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@BATADV_ATTR_ORIG_INTERVAL={0x8}, @BATADV_ATTR_ISOLATION_MASK={0x8, 0x2c, 0x13}, @BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x6}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0x10000}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) timerfd_gettime(r4, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:40:10 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:10 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) getpid() sched_setattr(0x0, &(0x7f00000002c0)={0x38, 0x6, 0x20, 0xd3000000, 0x9, 0x0, 0x0, 0x0, 0x4000000}, 0x0) prctl$PR_SET_KEEPCAPS(0x8, 0x1) r0 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r0, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r2, 0x407, 0x0) write(r2, &(0x7f0000000340), 0x41395527) ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x8955, &(0x7f0000000300)={{0x2, 0x4e21, @rand_addr=0x64010101}, {0x306, @multicast}, 0x2, {0x2, 0x4e23, @broadcast}, 'vlan1\x00'}) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r3 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r3, 0x0) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r4, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:40:10 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:10 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) close(0xffffffffffffffff) ioctl$TIOCL_SETVESABLANK(0xffffffffffffffff, 0x541c, &(0x7f0000000280)) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:40:10 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1959.806847][T24793] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1959.831447][T24793] CPU: 0 PID: 24793 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1959.841626][T24793] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1959.852371][T24793] Call Trace: [ 1959.855661][T24793] dump_stack+0x14a/0x1ce [ 1959.859986][T24793] ? devkmsg_release+0x11c/0x11c [ 1959.864919][T24793] ? show_regs_print_info+0x12/0x12 [ 1959.870112][T24793] ? radix_tree_cpu_dead+0x160/0x160 [ 1959.875429][T24793] ? _raw_spin_lock+0xa1/0x170 [ 1959.880190][T24793] ? _raw_spin_trylock_bh+0x190/0x190 [ 1959.885557][T24793] dump_header+0xdb/0x700 [ 1959.889886][T24793] oom_kill_process+0xd3/0x280 [ 1959.894651][T24793] out_of_memory+0x5b6/0x890 [ 1959.899243][T24793] ? unregister_oom_notifier+0x20/0x20 [ 1959.904785][T24793] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1959.910349][T24793] ? get_page_from_freelist+0x7c0/0x7c0 [ 1959.915879][T24793] ? __zone_watermark_ok+0x91/0x280 [ 1959.921064][T24793] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1959.926426][T24793] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1959.931959][T24793] ? copy_process+0x5a4/0x5110 [ 1959.936704][T24793] ? kmem_cache_alloc+0x1d5/0x260 [ 1959.941710][T24793] copy_process+0x5f3/0x5110 [ 1959.946271][T24793] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1959.951959][T24793] ? _raw_spin_lock+0xa1/0x170 [ 1959.956696][T24793] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1959.962556][T24793] ? __lru_cache_add+0x1a1/0x1f0 [ 1959.967462][T24793] ? fork_idle+0x290/0x290 [ 1959.971848][T24793] _do_fork+0x196/0x920 [ 1959.975973][T24793] ? finish_fault+0x230/0x230 [ 1959.980617][T24793] ? up_write+0xa1/0x190 [ 1959.984827][T24793] ? dup_mm+0x300/0x300 [ 1959.988952][T24793] __x64_sys_clone+0x25e/0x2c0 [ 1959.993685][T24793] ? __ia32_sys_vfork+0x110/0x110 [ 1959.998678][T24793] ? do_user_addr_fault+0x55c/0x9f0 [ 1960.003847][T24793] do_syscall_64+0xcb/0x150 [ 1960.008322][T24793] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1960.014197][T24793] RIP: 0033:0x45fb59 [ 1960.018061][T24793] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1960.037633][T24793] RSP: 002b:00007ffd47501a68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1960.046012][T24793] RAX: ffffffffffffffda RBX: 00007f76464c4700 RCX: 000000000045fb59 [ 1960.057010][T24793] RDX: 00007f76464c49d0 RSI: 00007f76464c3db0 RDI: 00000000003d0f00 [ 1960.064966][T24793] RBP: 00007ffd47501c90 R08: 00007f76464c4700 R09: 00007f76464c4700 [ 1960.072907][T24793] R10: 00007f76464c49d0 R11: 0000000000000202 R12: 0000000000000000 [ 1960.080847][T24793] R13: 00007ffd47501b1f R14: 00007f76464c49c0 R15: 000000000118cfec [ 1960.177757][T24793] Mem-Info: [ 1960.181119][T24793] active_anon:1411576 inactive_anon:5849 isolated_anon:0 [ 1960.181119][T24793] active_file:467 inactive_file:459 isolated_file:73 [ 1960.181119][T24793] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1960.181119][T24793] slab_reclaimable:8855 slab_unreclaimable:77313 [ 1960.181119][T24793] mapped:53557 shmem:8901 pagetables:39809 bounce:0 [ 1960.181119][T24793] free:10984 free_pcp:443 free_cma:0 [ 1960.219508][T24793] Node 0 active_anon:5646304kB inactive_anon:23396kB active_file:1740kB inactive_file:1836kB unevictable:0kB isolated(anon):0kB isolated(file):292kB mapped:214028kB dirty:0kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1960.244325][T24793] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1960.270775][T24793] lowmem_reserve[]: 0 2912 6416 6416 [ 1960.276573][T24793] DMA32 free:18480kB min:4644kB low:7624kB high:10604kB active_anon:2815156kB inactive_anon:3032kB active_file:664kB inactive_file:1080kB unevictable:0kB writepending:4kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15232kB pagetables:32696kB bounce:0kB free_pcp:1028kB local_pcp:112kB free_cma:0kB [ 1960.306639][T24793] lowmem_reserve[]: 0 0 3504 3504 [ 1960.312148][T24793] Normal free:9552kB min:9688kB low:13276kB high:16864kB active_anon:2830812kB inactive_anon:20364kB active_file:1520kB inactive_file:1560kB unevictable:0kB writepending:72kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32256kB pagetables:126540kB bounce:0kB free_pcp:1328kB local_pcp:160kB free_cma:0kB [ 1960.342616][T24793] lowmem_reserve[]: 0 0 0 0 [ 1960.347296][T24793] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1960.360892][T24793] DMA32: 24*4kB (UMH) 36*8kB (UMEH) 31*16kB (UMEH) 28*32kB (UMEH) 48*64kB (UMEH) 32*128kB (UM) 19*256kB (UM) 4*512kB (M) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 18928kB [ 1960.381196][T24793] Normal: 220*4kB (UMEH) 365*8kB (UME) 148*16kB (UME) 49*32kB (UME) 17*64kB (UM) 10*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 10104kB [ 1960.413377][T24793] 9491 total pagecache pages [ 1960.424050][T24793] 0 pages in swap cache [ 1960.433187][T24793] Swap cache stats: add 0, delete 0, find 0/0 [ 1960.439856][T24793] Free swap = 0kB [ 1960.443942][T24793] Total swap = 0kB [ 1960.447995][T24793] 1965979 pages RAM [ 1960.452136][T24793] 0 pages HighMem/MovableOnly [ 1960.457289][T24793] 318829 pages reserved [ 1960.461874][T24793] 0 pages cma reserved [ 1960.472819][T24793] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=32709,uid=0 [ 1960.492815][T24793] Out of memory: Killed process 32709 (syz-executor.5) total-vm:85612kB, anon-rss:9840kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 22:40:11 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) [ 1961.304892][T24800] syz-executor.1 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1961.342475][T24800] CPU: 0 PID: 24800 Comm: syz-executor.1 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1961.352639][T24800] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1961.362687][T24800] Call Trace: [ 1961.365976][T24800] dump_stack+0x14a/0x1ce [ 1961.370303][T24800] ? devkmsg_release+0x11c/0x11c [ 1961.375238][T24800] ? show_regs_print_info+0x12/0x12 [ 1961.380428][T24800] ? radix_tree_cpu_dead+0x160/0x160 [ 1961.385708][T24800] ? _raw_spin_lock+0xa1/0x170 [ 1961.390464][T24800] ? _raw_spin_trylock_bh+0x190/0x190 [ 1961.395836][T24800] dump_header+0xdb/0x700 [ 1961.400163][T24800] oom_kill_process+0xd3/0x280 [ 1961.404926][T24800] out_of_memory+0x5b6/0x890 [ 1961.409541][T24800] ? unregister_oom_notifier+0x20/0x20 [ 1961.414994][T24800] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1961.420538][T24800] ? get_page_from_freelist+0x7c0/0x7c0 [ 1961.426077][T24800] ? __zone_watermark_ok+0x91/0x280 [ 1961.431274][T24800] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1961.436644][T24800] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1961.442195][T24800] alloc_slab_page+0x3a/0x3a0 [ 1961.446866][T24800] new_slab+0x408/0x450 [ 1961.451019][T24800] ___slab_alloc+0x2e0/0x450 [ 1961.455650][T24800] ? __check_object_size+0x2e5/0x3b0 [ 1961.460939][T24800] ? getname_flags+0xb8/0x610 [ 1961.465743][T24800] ? getname_flags+0xb8/0x610 [ 1961.470415][T24800] kmem_cache_alloc+0x23f/0x260 [ 1961.475264][T24800] getname_flags+0xb8/0x610 [ 1961.479759][T24800] do_symlinkat+0xd0/0x420 [ 1961.484172][T24800] ? vfs_symlink+0x30/0x30 [ 1961.488585][T24800] ? do_user_addr_fault+0x55c/0x9f0 [ 1961.493773][T24800] do_syscall_64+0xcb/0x150 [ 1961.498275][T24800] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1961.504160][T24800] RIP: 0033:0x45ceb7 [ 1961.508055][T24800] Code: Bad RIP value. [ 1961.512109][T24800] RSP: 002b:00007ffc481612e8 EFLAGS: 00000206 ORIG_RAX: 0000000000000058 [ 1961.520507][T24800] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 000000000045ceb7 [ 1961.528468][T24800] RDX: 00007ffc48161383 RSI: 00000000004c2c4c RDI: 00007ffc48161370 [ 1961.536430][T24800] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000013 [ 1961.544391][T24800] R10: 0000000000000075 R11: 0000000000000206 R12: 0000000000000001 [ 1961.552352][T24800] R13: 00007ffc48161320 R14: 0000000000000000 R15: 00007ffc48161330 [ 1961.630688][T24800] Mem-Info: [ 1961.634229][T24800] active_anon:1413085 inactive_anon:5849 isolated_anon:0 [ 1961.634229][T24800] active_file:271 inactive_file:239 isolated_file:32 [ 1961.634229][T24800] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1961.634229][T24800] slab_reclaimable:8857 slab_unreclaimable:77377 [ 1961.634229][T24800] mapped:53114 shmem:8901 pagetables:39920 bounce:0 [ 1961.634229][T24800] free:9861 free_pcp:562 free_cma:0 [ 1961.672680][T24800] Node 0 active_anon:5652340kB inactive_anon:23396kB active_file:944kB inactive_file:828kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:212256kB dirty:0kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1961.698047][T24800] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1961.724327][T24800] lowmem_reserve[]: 0 2912 6416 6416 [ 1961.730245][T24800] DMA32 free:18364kB min:4644kB low:7624kB high:10604kB active_anon:2818172kB inactive_anon:3032kB active_file:4kB inactive_file:384kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15104kB pagetables:33012kB bounce:0kB free_pcp:1328kB local_pcp:140kB free_cma:0kB [ 1961.802011][T24800] lowmem_reserve[]: 0 0 3504 3504 [ 1961.824225][T24800] Normal free:5488kB min:5592kB low:9180kB high:12768kB active_anon:2834116kB inactive_anon:20364kB active_file:300kB inactive_file:580kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32416kB pagetables:126668kB bounce:0kB free_pcp:916kB local_pcp:212kB free_cma:0kB [ 1961.902628][T24800] lowmem_reserve[]: 0 0 0 0 [ 1961.907568][T24800] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1961.921518][T24800] DMA32: 67*4kB (UMH) 57*8kB (UMEH) 51*16kB (UEH) 26*32kB (UEH) 27*64kB (UMEH) 32*128kB (UM) 19*256kB (UM) 4*512kB (M) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 18180kB [ 1961.938507][T24800] Normal: 84*4kB (UMEH) 144*8kB (UMEH) 61*16kB (UEH) 32*32kB (UME) 19*64kB (M) 9*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 5856kB [ 1961.953859][T24800] 9055 total pagecache pages [ 1961.959055][T24800] 0 pages in swap cache [ 1961.963752][T24800] Swap cache stats: add 0, delete 0, find 0/0 [ 1961.970509][T24800] Free swap = 0kB [ 1961.982962][T24800] Total swap = 0kB [ 1961.990471][T24800] 1965979 pages RAM [ 1962.000501][T24800] 0 pages HighMem/MovableOnly [ 1962.027394][T24800] 318829 pages reserved [ 1962.036595][T24800] 0 pages cma reserved [ 1962.043972][T24800] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=24785,uid=0 [ 1962.058689][T24800] Out of memory: Killed process 24785 (syz-executor.5) total-vm:85480kB, anon-rss:16540kB, file-rss:34240kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1962.080416][ T23] oom_reaper: reaped process 24785 (syz-executor.5), now anon-rss:0kB, file-rss:34608kB, shmem-rss:0kB 22:40:12 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) syz_open_dev$loop(&(0x7f0000000040)='/dev/loop#\x00', 0x80000001, 0x2) timerfd_gettime(r5, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(r5, 0x5201) 22:40:12 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:12 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:12 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:12 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x8000000) 22:40:12 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, 0x0, 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) [ 1962.674562][T24810] syz-executor.4 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1962.694951][T24810] CPU: 0 PID: 24810 Comm: syz-executor.4 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1962.705102][T24810] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1962.715149][T24810] Call Trace: [ 1962.718421][T24810] dump_stack+0x14a/0x1ce [ 1962.722721][T24810] ? devkmsg_release+0x11c/0x11c [ 1962.727627][T24810] ? show_regs_print_info+0x12/0x12 [ 1962.732796][T24810] ? radix_tree_cpu_dead+0x160/0x160 [ 1962.738064][T24810] ? _raw_spin_lock+0xa1/0x170 [ 1962.742813][T24810] ? _raw_spin_trylock_bh+0x190/0x190 [ 1962.748155][T24810] dump_header+0xdb/0x700 [ 1962.752455][T24810] oom_kill_process+0xd3/0x280 [ 1962.757188][T24810] out_of_memory+0x5b6/0x890 [ 1962.761750][T24810] ? unregister_oom_notifier+0x20/0x20 [ 1962.767199][T24810] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1962.772716][T24810] ? get_page_from_freelist+0x7c0/0x7c0 [ 1962.778241][T24810] ? __zone_watermark_ok+0x91/0x280 [ 1962.783430][T24810] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1962.788771][T24810] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1962.794286][T24810] ? copy_process+0x5a4/0x5110 [ 1962.799024][T24810] ? copy_process+0x5a4/0x5110 [ 1962.803757][T24810] ? kmem_cache_alloc+0x1d5/0x260 [ 1962.808751][T24810] copy_process+0x5f3/0x5110 [ 1962.813314][T24810] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1962.819002][T24810] ? _raw_spin_lock+0xa1/0x170 [ 1962.823734][T24810] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1962.829507][T24810] ? __lru_cache_add+0x1a1/0x1f0 [ 1962.834418][T24810] ? fork_idle+0x290/0x290 [ 1962.838892][T24810] _do_fork+0x196/0x920 [ 1962.843046][T24810] ? finish_fault+0x230/0x230 [ 1962.847692][T24810] ? up_write+0xa1/0x190 [ 1962.851990][T24810] ? dup_mm+0x300/0x300 [ 1962.856139][T24810] __x64_sys_clone+0x25e/0x2c0 [ 1962.860874][T24810] ? __ia32_sys_vfork+0x110/0x110 [ 1962.865869][T24810] ? do_user_addr_fault+0x55c/0x9f0 [ 1962.871049][T24810] do_syscall_64+0xcb/0x150 [ 1962.875524][T24810] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1962.881386][T24810] RIP: 0033:0x45fb59 [ 1962.885254][T24810] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1962.904837][T24810] RSP: 002b:00007ffc8d239e88 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1962.913217][T24810] RAX: ffffffffffffffda RBX: 00007fe26cb9e700 RCX: 000000000045fb59 [ 1962.921159][T24810] RDX: 00007fe26cb9e9d0 RSI: 00007fe26cb9ddb0 RDI: 00000000003d0f00 [ 1962.929101][T24810] RBP: 00007ffc8d23a0b0 R08: 00007fe26cb9e700 R09: 00007fe26cb9e700 [ 1962.937068][T24810] R10: 00007fe26cb9e9d0 R11: 0000000000000202 R12: 0000000000000000 [ 1962.945009][T24810] R13: 00007ffc8d239f3f R14: 00007fe26cb9e9c0 R15: 000000000118d08c [ 1963.072431][T24810] Mem-Info: [ 1963.075944][T24810] active_anon:1412400 inactive_anon:5849 isolated_anon:0 [ 1963.075944][T24810] active_file:60 inactive_file:46 isolated_file:14 [ 1963.075944][T24810] unevictable:0 dirty:13 writeback:0 unstable:0 [ 1963.075944][T24810] slab_reclaimable:8856 slab_unreclaimable:77353 [ 1963.075944][T24810] mapped:52680 shmem:8901 pagetables:39924 bounce:0 [ 1963.075944][T24810] free:11061 free_pcp:496 free_cma:0 [ 1963.115771][T24810] Node 0 active_anon:5649600kB inactive_anon:23396kB active_file:136kB inactive_file:276kB unevictable:0kB isolated(anon):0kB isolated(file):56kB mapped:210620kB dirty:52kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1963.142719][T24810] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1963.169581][T24810] lowmem_reserve[]: 0 2912 6416 6416 [ 1963.179856][T24810] DMA32 free:21132kB min:4644kB low:7624kB high:10604kB active_anon:2815600kB inactive_anon:3032kB active_file:328kB inactive_file:8kB unevictable:0kB writepending:12kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15200kB pagetables:33140kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1963.210026][T24810] lowmem_reserve[]: 0 0 3504 3504 [ 1963.216001][T24810] Normal free:7632kB min:5592kB low:9180kB high:12768kB active_anon:2833620kB inactive_anon:20364kB active_file:464kB inactive_file:372kB unevictable:0kB writepending:36kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32288kB pagetables:126556kB bounce:0kB free_pcp:280kB local_pcp:116kB free_cma:0kB [ 1963.246833][T24810] lowmem_reserve[]: 0 0 0 0 [ 1963.252179][T24810] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1963.266423][T24810] DMA32: 228*4kB (UMH) 188*8kB (UMEH) 96*16kB (UMEH) 37*32kB (UMEH) 41*64kB (UMEH) 32*128kB (UM) 19*256kB (UM) 4*512kB (M) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 21840kB [ 1963.283869][T24810] Normal: 109*4kB (UME) 147*8kB (UE) 63*16kB (UME) 39*32kB (UME) 20*64kB (M) 9*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6300kB [ 1963.299061][T24810] 9284 total pagecache pages [ 1963.304440][T24810] 0 pages in swap cache [ 1963.309268][T24810] Swap cache stats: add 0, delete 0, find 0/0 [ 1963.316069][T24810] Free swap = 0kB [ 1963.320435][T24810] Total swap = 0kB [ 1963.324879][T24810] 1965979 pages RAM [ 1963.329415][T24810] 0 pages HighMem/MovableOnly [ 1963.334827][T24810] 318829 pages reserved [ 1963.339786][T24810] 0 pages cma reserved [ 1963.344831][T24810] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=24792,uid=0 [ 1963.359719][T24810] Out of memory: Killed process 24792 (syz-executor.2) total-vm:85744kB, anon-rss:14968kB, file-rss:34560kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1963.382214][ T23] oom_reaper: reaped process 24792 (syz-executor.2), now anon-rss:0kB, file-rss:34548kB, shmem-rss:0kB [ 1963.704126][ T378] syz-executor.3 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1963.715417][ T378] CPU: 0 PID: 378 Comm: syz-executor.3 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1963.725386][ T378] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1963.735533][ T378] Call Trace: [ 1963.738821][ T378] dump_stack+0x14a/0x1ce [ 1963.743148][ T378] ? devkmsg_release+0x11c/0x11c [ 1963.748110][ T378] ? show_regs_print_info+0x12/0x12 [ 1963.753305][ T378] ? radix_tree_cpu_dead+0x160/0x160 [ 1963.758669][ T378] ? _raw_spin_lock+0xa1/0x170 [ 1963.763429][ T378] ? _raw_spin_trylock_bh+0x190/0x190 [ 1963.769342][ T378] dump_header+0xdb/0x700 [ 1963.773756][ T378] oom_kill_process+0xd3/0x280 [ 1963.778526][ T378] out_of_memory+0x5b6/0x890 [ 1963.783117][ T378] ? unregister_oom_notifier+0x20/0x20 [ 1963.788576][ T378] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1963.794136][ T378] ? get_page_from_freelist+0x7c0/0x7c0 [ 1963.799776][ T378] ? _raw_spin_lock_irqsave+0xfc/0x1e0 [ 1963.805232][ T378] ? __zone_watermark_ok+0x91/0x280 [ 1963.810438][ T378] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1963.815955][ T378] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1963.821529][ T378] ? avc_has_perm_noaudit+0x30c/0x400 [ 1963.826896][ T378] ? avc_denied+0x1c0/0x1c0 [ 1963.831405][ T378] alloc_slab_page+0x3a/0x3a0 [ 1963.836080][ T378] new_slab+0x408/0x450 [ 1963.840234][ T378] ? should_fail+0x18e/0x860 [ 1963.844821][ T378] ___slab_alloc+0x2e0/0x450 [ 1963.849582][ T378] ? getname_flags+0xb8/0x610 [ 1963.854258][ T378] ? getname_flags+0xb8/0x610 [ 1963.859017][ T378] kmem_cache_alloc+0x23f/0x260 [ 1963.863867][ T378] getname_flags+0xb8/0x610 [ 1963.868372][ T378] user_path_mountpoint_at+0x22/0x40 [ 1963.873663][ T378] ksys_umount+0x167/0xff0 [ 1963.878108][ T378] ? __down_read+0x210/0x210 [ 1963.882778][ T378] ? ksys_write+0x24c/0x2c0 [ 1963.888504][ T378] ? namespace_unlock+0x4e0/0x4e0 [ 1963.893535][ T378] ? do_user_addr_fault+0x55c/0x9f0 [ 1963.898873][ T378] __x64_sys_umount+0x56/0x60 [ 1963.903539][ T378] do_syscall_64+0xcb/0x150 [ 1963.908019][ T378] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1963.913886][ T378] RIP: 0033:0x45fbb7 [ 1963.917764][ T378] Code: Bad RIP value. [ 1963.921804][ T378] RSP: 002b:00007ffdc5aaf628 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1963.930192][ T378] RAX: ffffffffffffffda RBX: 00000000001df174 RCX: 000000000045fbb7 [ 1963.938146][ T378] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffdc5ab0760 [ 1963.946094][ T378] RBP: 0000000000003a50 R08: 0000000000000001 R09: 000000000171b940 [ 1963.954041][ T378] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdc5ab0760 [ 1963.962006][ T378] R13: 00007ffdc5ab0750 R14: 0000000000000000 R15: 00007ffdc5ab0760 [ 1963.992267][ T378] Mem-Info: [ 1963.995468][ T378] active_anon:1412158 inactive_anon:5849 isolated_anon:0 [ 1963.995468][ T378] active_file:105 inactive_file:1005 isolated_file:72 [ 1963.995468][ T378] unevictable:0 dirty:3 writeback:0 unstable:0 [ 1963.995468][ T378] slab_reclaimable:8856 slab_unreclaimable:77381 [ 1963.995468][ T378] mapped:53460 shmem:8901 pagetables:39896 bounce:0 [ 1963.995468][ T378] free:10131 free_pcp:344 free_cma:0 [ 1964.049224][ T378] Node 0 active_anon:5648632kB inactive_anon:23396kB active_file:1520kB inactive_file:2988kB unevictable:0kB isolated(anon):0kB isolated(file):396kB mapped:214040kB dirty:12kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1964.073817][ T378] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1964.099804][ T378] lowmem_reserve[]: 0 2912 6416 6416 [ 1964.105144][ T378] DMA32 free:18348kB min:4644kB low:7624kB high:10604kB active_anon:2818036kB inactive_anon:3032kB active_file:816kB inactive_file:276kB unevictable:0kB writepending:8kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15168kB pagetables:33048kB bounce:0kB free_pcp:1060kB local_pcp:0kB free_cma:0kB [ 1964.134672][ T378] lowmem_reserve[]: 0 0 3504 3504 [ 1964.139712][ T378] Normal free:6272kB min:5592kB low:9180kB high:12768kB active_anon:2830616kB inactive_anon:20364kB active_file:2040kB inactive_file:2048kB unevictable:0kB writepending:4kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32224kB pagetables:126536kB bounce:0kB free_pcp:736kB local_pcp:184kB free_cma:0kB [ 1964.187807][ T378] lowmem_reserve[]: 0 0 0 0 [ 1964.192363][ T378] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1964.205692][ T378] DMA32: 155*4kB (UMH) 105*8kB (UMEH) 55*16kB (UMEH) 22*32kB (UEH) 30*64kB (UMEH) 32*128kB (UM) 19*256kB (UM) 4*512kB (M) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 19044kB [ 1964.222594][ T378] Normal: 55*4kB (UME) 156*8kB (UME) 66*16kB (UE) 42*32kB (UME) 22*64kB (UM) 7*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 6172kB [ 1964.237885][ T378] 10015 total pagecache pages [ 1964.242573][ T378] 0 pages in swap cache [ 1964.246720][ T378] Swap cache stats: add 0, delete 0, find 0/0 [ 1964.252887][ T378] Free swap = 0kB [ 1964.256595][ T378] Total swap = 0kB [ 1964.260301][ T378] 1965979 pages RAM [ 1964.264191][ T378] 0 pages HighMem/MovableOnly [ 1964.268855][ T378] 318829 pages reserved [ 1964.283140][ T378] 0 pages cma reserved [ 1964.287224][ T378] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=24813,uid=0 22:40:14 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f0000000340)={0x0, @multicast2, @private=0xa010100}, 0xc) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(r2, 0x10e, 0x8, &(0x7f00000002c0)=0x2c87, 0x4) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) [ 1964.301353][ T378] Out of memory: Killed process 24813 (syz-executor.5) total-vm:85348kB, anon-rss:12256kB, file-rss:33936kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1964.329394][ T23] oom_reaper: reaped process 24813 (syz-executor.5), now anon-rss:0kB, file-rss:33924kB, shmem-rss:0kB 22:40:14 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:14 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x9000000) 22:40:14 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) close(0xffffffffffffffff) ioctl$TIOCL_SETVESABLANK(0xffffffffffffffff, 0x541c, &(0x7f0000000280)) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:40:15 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x318d6509}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:40:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:15 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:15 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:15 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xa000000) [ 1964.805581][T24864] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1964.817726][T24864] CPU: 1 PID: 24864 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1964.827876][T24864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1964.837922][T24864] Call Trace: [ 1964.841214][T24864] dump_stack+0x14a/0x1ce [ 1964.845539][T24864] ? devkmsg_release+0x11c/0x11c [ 1964.850471][T24864] ? show_regs_print_info+0x12/0x12 [ 1964.855669][T24864] ? radix_tree_cpu_dead+0x160/0x160 [ 1964.860949][T24864] ? _raw_spin_lock+0xa1/0x170 [ 1964.865709][T24864] ? _raw_spin_trylock_bh+0x190/0x190 [ 1964.871078][T24864] dump_header+0xdb/0x700 [ 1964.875409][T24864] oom_kill_process+0xd3/0x280 [ 1964.880171][T24864] out_of_memory+0x5b6/0x890 [ 1964.884753][T24864] ? unregister_oom_notifier+0x20/0x20 [ 1964.890210][T24864] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1964.895845][T24864] ? get_page_from_freelist+0x7c0/0x7c0 [ 1964.901390][T24864] ? __zone_watermark_ok+0x91/0x280 [ 1964.906671][T24864] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1964.912046][T24864] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1964.917582][T24864] ? copy_process+0x5a4/0x5110 [ 1964.922340][T24864] ? kmem_cache_alloc+0x1d5/0x260 [ 1964.927359][T24864] copy_process+0x5f3/0x5110 [ 1964.931949][T24864] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1964.937750][T24864] ? _raw_spin_lock+0xa1/0x170 [ 1964.942518][T24864] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1964.948322][T24864] ? __lru_cache_add+0x1a1/0x1f0 [ 1964.953253][T24864] ? fork_idle+0x290/0x290 [ 1964.957662][T24864] _do_fork+0x196/0x920 [ 1964.961817][T24864] ? finish_fault+0x230/0x230 [ 1964.966484][T24864] ? up_write+0xa1/0x190 [ 1964.970723][T24864] ? dup_mm+0x300/0x300 [ 1964.974870][T24864] __x64_sys_clone+0x25e/0x2c0 [ 1964.979634][T24864] ? __ia32_sys_vfork+0x110/0x110 [ 1964.984652][T24864] ? do_user_addr_fault+0x55c/0x9f0 [ 1964.989868][T24864] do_syscall_64+0xcb/0x150 [ 1964.994373][T24864] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1965.000257][T24864] RIP: 0033:0x45fb59 [ 1965.004125][T24864] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1965.023700][T24864] RSP: 002b:00007ffd47501a68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1965.032076][T24864] RAX: ffffffffffffffda RBX: 00007f76464e5700 RCX: 000000000045fb59 [ 1965.040018][T24864] RDX: 00007f76464e59d0 RSI: 00007f76464e4db0 RDI: 00000000003d0f00 [ 1965.047968][T24864] RBP: 00007ffd47501c90 R08: 00007f76464e5700 R09: 00007f76464e5700 [ 1965.055913][T24864] R10: 00007f76464e59d0 R11: 0000000000000202 R12: 0000000000000000 [ 1965.063855][T24864] R13: 00007ffd47501b1f R14: 00007f76464e59c0 R15: 000000000118cf4c [ 1965.185625][T24864] Mem-Info: [ 1965.193384][T24864] active_anon:1412850 inactive_anon:5849 isolated_anon:0 [ 1965.193384][T24864] active_file:436 inactive_file:761 isolated_file:32 [ 1965.193384][T24864] unevictable:0 dirty:4 writeback:0 unstable:0 [ 1965.193384][T24864] slab_reclaimable:8856 slab_unreclaimable:77274 [ 1965.193384][T24864] mapped:53619 shmem:8901 pagetables:39998 bounce:0 [ 1965.193384][T24864] free:9481 free_pcp:457 free_cma:0 [ 1965.332859][T24864] Node 0 active_anon:5651400kB inactive_anon:23396kB active_file:1928kB inactive_file:2036kB unevictable:0kB isolated(anon):0kB isolated(file):268kB mapped:214076kB dirty:16kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1965.357652][T24864] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1965.383979][T24864] lowmem_reserve[]: 0 2912 6416 6416 [ 1965.401094][T24864] DMA32 free:18252kB min:4644kB low:7624kB high:10604kB active_anon:2818380kB inactive_anon:3032kB active_file:788kB inactive_file:408kB unevictable:0kB writepending:12kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15328kB pagetables:32900kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1965.439798][T24864] lowmem_reserve[]: 0 0 3504 3504 [ 1965.461754][T24864] Normal free:17212kB min:9688kB low:13276kB high:16864kB active_anon:2818684kB inactive_anon:20364kB active_file:2260kB inactive_file:1272kB unevictable:0kB writepending:104kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32352kB pagetables:127092kB bounce:0kB free_pcp:1040kB local_pcp:588kB free_cma:0kB [ 1965.502057][T24864] lowmem_reserve[]: 0 0 0 0 [ 1965.507761][T24864] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1965.531304][T24864] DMA32: 262*4kB (UMEH) 129*8kB (UMEH) 53*16kB (UMEH) 17*32kB (UMEH) 21*64kB (UMEH) 36*128kB (UM) 18*256kB (M) 4*512kB (M) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 19152kB [ 1965.548936][T24864] Normal: 1200*4kB (ME) 578*8kB (UMEH) 159*16kB (UME) 24*32kB (UMEH) 21*64kB (MH) 7*128kB (UMH) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 14976kB [ 1965.564646][T24864] 9969 total pagecache pages [ 1965.570051][T24864] 0 pages in swap cache [ 1965.575229][T24864] Swap cache stats: add 0, delete 0, find 0/0 [ 1965.583367][T24864] Free swap = 0kB [ 1965.588049][T24864] Total swap = 0kB [ 1965.593676][T24864] 1965979 pages RAM [ 1965.605056][T24864] 0 pages HighMem/MovableOnly [ 1965.610827][T24864] 318829 pages reserved [ 1965.615726][T24864] 0 pages cma reserved [ 1965.624291][T24864] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.0,pid=30097,uid=0 [ 1965.639267][T24864] Out of memory: Killed process 30097 (syz-executor.0) total-vm:85480kB, anon-rss:9836kB, file-rss:34816kB, shmem-rss:0kB, UID:0 pgtables:152kB oom_score_adj:1000 [ 1965.699943][ T23] oom_reaper: reaped process 30097 (syz-executor.0), now anon-rss:0kB, file-rss:34816kB, shmem-rss:0kB [ 1965.814023][T24864] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1965.835294][T24864] CPU: 0 PID: 24864 Comm: syz-executor.0 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1965.845454][T24864] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1965.855501][T24864] Call Trace: [ 1965.858798][T24864] dump_stack+0x14a/0x1ce [ 1965.863126][T24864] ? devkmsg_release+0x11c/0x11c [ 1965.868056][T24864] ? show_regs_print_info+0x12/0x12 [ 1965.873320][T24864] ? radix_tree_cpu_dead+0x160/0x160 [ 1965.878601][T24864] ? _raw_spin_lock+0xa1/0x170 [ 1965.883368][T24864] ? _raw_spin_trylock_bh+0x190/0x190 [ 1965.888738][T24864] dump_header+0xdb/0x700 [ 1965.893069][T24864] oom_kill_process+0xd3/0x280 [ 1965.897866][T24864] out_of_memory+0x5b6/0x890 [ 1965.902450][T24864] ? unregister_oom_notifier+0x20/0x20 [ 1965.907908][T24864] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1965.913455][T24864] ? get_page_from_freelist+0x7c0/0x7c0 [ 1965.918996][T24864] ? __zone_watermark_ok+0x91/0x280 [ 1965.924202][T24864] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1965.929584][T24864] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1965.935667][T24864] ? copy_process+0x5a4/0x5110 [ 1965.940416][T24864] ? kmem_cache_alloc+0x1d5/0x260 [ 1965.945416][T24864] copy_process+0x5f3/0x5110 [ 1965.949989][T24864] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1965.955676][T24864] ? _raw_spin_lock+0xa1/0x170 [ 1965.960431][T24864] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1965.966217][T24864] ? __lru_cache_add+0x1a1/0x1f0 [ 1965.971121][T24864] ? fork_idle+0x290/0x290 [ 1965.975509][T24864] _do_fork+0x196/0x920 [ 1965.979635][T24864] ? finish_fault+0x230/0x230 [ 1965.984278][T24864] ? up_write+0xa1/0x190 [ 1965.988487][T24864] ? dup_mm+0x300/0x300 [ 1965.992613][T24864] __x64_sys_clone+0x25e/0x2c0 [ 1965.997343][T24864] ? __ia32_sys_vfork+0x110/0x110 [ 1966.002339][T24864] ? do_user_addr_fault+0x55c/0x9f0 [ 1966.007504][T24864] do_syscall_64+0xcb/0x150 [ 1966.011977][T24864] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1966.017838][T24864] RIP: 0033:0x45fb59 [ 1966.021738][T24864] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1966.041322][T24864] RSP: 002b:00007ffd47501a68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1966.049702][T24864] RAX: ffffffffffffffda RBX: 00007f76464e5700 RCX: 000000000045fb59 [ 1966.057641][T24864] RDX: 00007f76464e59d0 RSI: 00007f76464e4db0 RDI: 00000000003d0f00 [ 1966.065592][T24864] RBP: 00007ffd47501c90 R08: 00007f76464e5700 R09: 00007f76464e5700 [ 1966.073540][T24864] R10: 00007f76464e59d0 R11: 0000000000000202 R12: 0000000000000000 [ 1966.081509][T24864] R13: 00007ffd47501b1f R14: 00007f76464e59c0 R15: 000000000118cf4c [ 1966.103639][T24864] Mem-Info: [ 1966.107306][T24864] active_anon:1411683 inactive_anon:5849 isolated_anon:0 [ 1966.107306][T24864] active_file:152 inactive_file:242 isolated_file:96 [ 1966.107306][T24864] unevictable:0 dirty:15 writeback:0 unstable:0 [ 1966.107306][T24864] slab_reclaimable:8852 slab_unreclaimable:77303 [ 1966.107306][T24864] mapped:53037 shmem:8901 pagetables:39955 bounce:0 [ 1966.107306][T24864] free:11740 free_pcp:61 free_cma:0 [ 1966.145622][T24864] Node 0 active_anon:5646732kB inactive_anon:23396kB active_file:708kB inactive_file:880kB unevictable:0kB isolated(anon):0kB isolated(file):252kB mapped:212048kB dirty:60kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1966.171355][T24864] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1966.197607][T24864] lowmem_reserve[]: 0 2912 6416 6416 [ 1966.203256][T24864] DMA32 free:19708kB min:4644kB low:7624kB high:10604kB active_anon:2818224kB inactive_anon:3032kB active_file:0kB inactive_file:36kB unevictable:0kB writepending:12kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15264kB pagetables:32924kB bounce:0kB free_pcp:120kB local_pcp:80kB free_cma:0kB [ 1966.241570][T24864] lowmem_reserve[]: 0 0 3504 3504 [ 1966.247193][T24864] Normal free:11696kB min:9688kB low:13276kB high:16864kB active_anon:2828076kB inactive_anon:20364kB active_file:780kB inactive_file:668kB unevictable:0kB writepending:100kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32352kB pagetables:126876kB bounce:0kB free_pcp:612kB local_pcp:280kB free_cma:0kB [ 1966.277568][T24864] lowmem_reserve[]: 0 0 0 0 [ 1966.282634][T24864] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1966.296506][T24864] DMA32: 276*4kB (UMEH) 115*8kB (UMEH) 44*16kB (UMEH) 29*32kB (UMEH) 30*64kB (UMEH) 36*128kB (UM) 18*256kB (M) 4*512kB (M) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 19912kB [ 1966.313772][T24864] Normal: 492*4kB (UMEH) 196*8kB (UME) 78*16kB (UMEH) 53*32kB (ME) 65*64kB (M) 10*128kB (UM) 2*256kB (M) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12432kB [ 1966.329597][T24864] 9184 total pagecache pages [ 1966.334839][T24864] 0 pages in swap cache [ 1966.339317][T24864] Swap cache stats: add 0, delete 0, find 0/0 [ 1966.346061][T24864] Free swap = 0kB [ 1966.350097][T24864] Total swap = 0kB [ 1966.358496][T24864] 1965979 pages RAM [ 1966.362848][T24864] 0 pages HighMem/MovableOnly [ 1966.367905][T24864] 318829 pages reserved [ 1966.372909][T24864] 0 pages cma reserved [ 1966.377857][T24864] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=24846,uid=0 [ 1966.392879][T24864] Out of memory: Killed process 24846 (syz-executor.5) total-vm:85612kB, anon-rss:16284kB, file-rss:34912kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1966.415178][ T23] oom_reaper: reaped process 24846 (syz-executor.5), now anon-rss:0kB, file-rss:34704kB, shmem-rss:0kB 22:40:17 executing program 4: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xe) 22:40:17 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xb000000) 22:40:17 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:17 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000), 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$TIOCSSOFTCAR(r3, 0x541a, &(0x7f0000000040)=0x2) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:40:17 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000340), 0x12) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) getsockopt$inet_udp_int(r2, 0x11, 0x65, &(0x7f00000002c0), &(0x7f0000000300)=0x4) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f0000001380)=[{&(0x7f0000000380)=""/4096, 0x1000}], 0x1, 0x0, 0x0) 22:40:17 executing program 4: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xe) 22:40:17 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xc000000) 22:40:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:17 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000), 0x0, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:17 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xd000000) 22:40:17 executing program 4: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xe) 22:40:17 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1967.287767][T24920] ================================================================== [ 1967.295862][T24920] BUG: KASAN: out-of-bounds in unwind_next_frame+0x155f/0x2330 [ 1967.303393][T24920] Read of size 8 at addr ffff888017e36ad8 by task syz-executor.3/24920 [ 1967.311635][T24920] [ 1967.313961][T24920] CPU: 1 PID: 24920 Comm: syz-executor.3 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1967.324091][T24920] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1967.334137][T24920] Call Trace: [ 1967.337428][T24920] dump_stack+0x14a/0x1ce [ 1967.341753][T24920] ? show_regs_print_info+0x12/0x12 [ 1967.346944][T24920] ? printk+0xd2/0x114 [ 1967.351014][T24920] print_address_description+0x93/0x620 [ 1967.356556][T24920] ? preempt_schedule+0x110/0x130 [ 1967.361578][T24920] ? schedule_preempt_disabled+0x20/0x20 [ 1967.367209][T24920] __kasan_report+0x16d/0x1e0 [ 1967.371881][T24920] ? unwind_next_frame+0x155f/0x2330 [ 1967.377160][T24920] kasan_report+0x36/0x60 [ 1967.381487][T24920] unwind_next_frame+0x155f/0x2330 [ 1967.386627][T24920] ? retint_kernel+0x1b/0x1b [ 1967.391213][T24920] ? unwind_get_return_address_ptr+0x130/0x130 [ 1967.397360][T24920] ? unwind_next_frame+0x2330/0x2330 [ 1967.400380][T24915] syz-executor.3 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1967.402634][T24920] ? retint_kernel+0x1b/0x1b [ 1967.402642][T24920] ? __schedule+0x918/0xef0 [ 1967.402648][T24920] ? in_sched_functions+0x9/0x40 [ 1967.402657][T24920] ? stack_trace_save_tsk+0x490/0x490 [ 1967.402669][T24920] arch_stack_walk+0xf4/0x120 [ 1967.440494][T24920] ? retint_kernel+0x1b/0x1b [ 1967.445071][T24920] stack_trace_save_tsk+0x2e7/0x490 [ 1967.450264][T24920] ? stack_trace_consume_entry+0x230/0x230 [ 1967.456057][T24920] ? _raw_spin_lock+0xa1/0x170 [ 1967.460810][T24920] ? __mutex_lock_interruptible_slowpath+0x10/0x10 [ 1967.467299][T24920] ? __ptrace_may_access+0x2b4/0x530 [ 1967.472574][T24920] ? kmem_cache_alloc_trace+0xc3/0x280 [ 1967.478023][T24920] proc_pid_stack+0x12f/0x1f0 [ 1967.482701][T24920] proc_single_show+0xd3/0x130 [ 1967.487454][T24920] seq_read+0x4aa/0xd30 [ 1967.491604][T24920] ? do_iter_read+0x4a1/0x550 [ 1967.496272][T24920] do_iter_read+0x43b/0x550 [ 1967.500763][T24920] do_preadv+0x213/0x350 [ 1967.504996][T24920] ? do_writev+0x5b0/0x5b0 [ 1967.509422][T24920] do_syscall_64+0xcb/0x150 [ 1967.513925][T24920] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1967.519806][T24920] RIP: 0033:0x45d189 [ 1967.523690][T24920] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1967.543278][T24920] RSP: 002b:00007fde32b30c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000127 [ 1967.551681][T24920] RAX: ffffffffffffffda RBX: 0000000000024ac0 RCX: 000000000045d189 [ 1967.559642][T24920] RDX: 0000000000000375 RSI: 00000000200017c0 RDI: 0000000000000005 [ 1967.567604][T24920] RBP: 000000000118cf90 R08: 000000000d000000 R09: 0000000000000000 [ 1967.575565][T24920] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cf4c [ 1967.583521][T24920] R13: 00007ffdc5ab04df R14: 00007fde32b319c0 R15: 000000000118cf4c [ 1967.591479][T24920] [ 1967.591489][T24915] CPU: 0 PID: 24915 Comm: syz-executor.3 Not tainted 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1967.591497][T24915] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1967.593803][T24920] The buggy address belongs to the page: [ 1967.604014][T24915] Call Trace: [ 1967.614048][T24920] page:ffffea00005f8d80 refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 [ 1967.619655][T24915] dump_stack+0x14a/0x1ce [ 1967.622983][T24920] flags: 0x4000000000000000() [ 1967.632060][T24915] ? devkmsg_release+0x11c/0x11c [ 1967.636351][T24920] raw: 4000000000000000 0000000000000000 dead000000000122 0000000000000000 [ 1967.640994][T24915] ? show_regs_print_info+0x12/0x12 [ 1967.645895][T24920] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 1967.654446][T24915] ? radix_tree_cpu_dead+0x160/0x160 [ 1967.659603][T24920] page dumped because: kasan: bad access detected [ 1967.668332][T24915] ? _raw_spin_lock+0xa1/0x170 [ 1967.673577][T24920] [ 1967.679971][T24915] ? _raw_spin_trylock_bh+0x190/0x190 [ 1967.684692][T24920] Memory state around the buggy address: [ 1967.686997][T24915] dump_header+0xdb/0x700 [ 1967.692326][T24920] ffff888017e36980: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1967.697926][T24915] oom_kill_process+0xd3/0x280 [ 1967.702215][T24920] ffff888017e36a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1967.710261][T24915] out_of_memory+0x5b6/0x890 [ 1967.714986][T24920] >ffff888017e36a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1967.723018][T24915] ? unregister_oom_notifier+0x20/0x20 [ 1967.727567][T24920] ^ [ 1967.735599][T24915] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1967.741016][T24920] ffff888017e36b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1967.747921][T24915] ? get_page_from_freelist+0x7c0/0x7c0 [ 1967.753423][T24920] ffff888017e36b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 1967.761472][T24915] ? __zone_watermark_ok+0x91/0x280 [ 1967.766974][T24920] ================================================================== [ 1967.775008][T24915] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1967.780168][T24920] Disabling lock debugging due to kernel taint [ 1967.788213][T24915] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1967.805235][T24915] ? copy_process+0x5a4/0x5110 [ 1967.809995][T24915] ? copy_process+0x5a4/0x5110 [ 1967.814752][T24915] ? kmem_cache_alloc+0x1d5/0x260 [ 1967.819764][T24915] copy_process+0x5f3/0x5110 [ 1967.824331][T24915] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1967.830018][T24915] ? _raw_spin_lock+0xa1/0x170 [ 1967.834771][T24915] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1967.840544][T24915] ? __lru_cache_add+0x1a1/0x1f0 [ 1967.845450][T24915] ? fork_idle+0x290/0x290 [ 1967.849835][T24915] _do_fork+0x196/0x920 [ 1967.853961][T24915] ? finish_fault+0x230/0x230 [ 1967.858622][T24915] ? up_write+0xa1/0x190 [ 1967.862844][T24915] ? dup_mm+0x300/0x300 [ 1967.866971][T24915] __x64_sys_clone+0x25e/0x2c0 [ 1967.871718][T24915] ? __ia32_sys_vfork+0x110/0x110 [ 1967.876712][T24915] ? __fpregs_load_activate+0x2d3/0x390 [ 1967.882226][T24915] ? do_user_addr_fault+0x55c/0x9f0 [ 1967.887406][T24915] do_syscall_64+0xcb/0x150 [ 1967.891881][T24915] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1967.897747][T24915] RIP: 0033:0x45fb59 [ 1967.901612][T24915] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1967.921184][T24915] RSP: 002b:00007ffdc5ab0428 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1967.929563][T24915] RAX: ffffffffffffffda RBX: 00007fde32b10700 RCX: 000000000045fb59 [ 1967.937504][T24915] RDX: 00007fde32b109d0 RSI: 00007fde32b0fdb0 RDI: 00000000003d0f00 [ 1967.945445][T24915] RBP: 00007ffdc5ab0650 R08: 00007fde32b10700 R09: 00007fde32b10700 [ 1967.953385][T24915] R10: 00007fde32b109d0 R11: 0000000000000202 R12: 0000000000000000 [ 1967.961324][T24915] R13: 00007ffdc5ab04df R14: 00007fde32b109c0 R15: 000000000118cfec [ 1968.000421][T24915] Mem-Info: [ 1968.015105][T24915] active_anon:1412177 inactive_anon:5849 isolated_anon:0 [ 1968.015105][T24915] active_file:446 inactive_file:474 isolated_file:61 [ 1968.015105][T24915] unevictable:0 dirty:30 writeback:0 unstable:0 [ 1968.015105][T24915] slab_reclaimable:8850 slab_unreclaimable:77531 [ 1968.015105][T24915] mapped:53494 shmem:8901 pagetables:40059 bounce:0 [ 1968.015105][T24915] free:10433 free_pcp:0 free_cma:0 [ 1968.059429][T24915] Node 0 active_anon:5648708kB inactive_anon:23396kB active_file:1764kB inactive_file:1716kB unevictable:0kB isolated(anon):0kB isolated(file):144kB mapped:213976kB dirty:120kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1968.084262][T24915] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1968.110889][T24915] lowmem_reserve[]: 0 2912 6416 6416 [ 1968.127820][T24915] DMA32 free:22444kB min:4644kB low:7624kB high:10604kB active_anon:2813052kB inactive_anon:3032kB active_file:644kB inactive_file:944kB unevictable:0kB writepending:24kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15200kB pagetables:33132kB bounce:0kB free_pcp:1272kB local_pcp:1264kB free_cma:0kB [ 1968.161541][T24915] lowmem_reserve[]: 0 0 3504 3504 [ 1968.166828][T24915] Normal free:16488kB min:9688kB low:13276kB high:16864kB active_anon:2820152kB inactive_anon:20364kB active_file:644kB inactive_file:120kB unevictable:0kB writepending:196kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32384kB pagetables:127104kB bounce:0kB free_pcp:1756kB local_pcp:1640kB free_cma:0kB [ 1968.197021][T24915] lowmem_reserve[]: 0 0 0 0 [ 1968.202133][T24915] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1968.215807][T24915] DMA32: 287*4kB (UMEH) 290*8kB (UMEH) 120*16kB (UMEH) 58*32kB (UMEH) 27*64kB (UMEH) 39*128kB (UM) 18*256kB (M) 4*512kB (M) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 23692kB [ 1968.232994][T24915] Normal: 463*4kB (UME) 667*8kB (UME) 152*16kB (UME) 58*32kB (UME) 58*64kB (UM) 8*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 16212kB [ 1968.251331][T24915] 9878 total pagecache pages [ 1968.256299][T24915] 0 pages in swap cache [ 1968.260824][T24915] Swap cache stats: add 0, delete 0, find 0/0 [ 1968.267259][T24915] Free swap = 0kB [ 1968.271541][T24915] Total swap = 0kB [ 1968.275726][T24915] 1965979 pages RAM [ 1968.279858][T24915] 0 pages HighMem/MovableOnly [ 1968.285127][T24915] 318829 pages reserved [ 1968.289661][T24915] 0 pages cma reserved [ 1968.294078][T24915] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=24874,uid=0 [ 1968.308515][T24915] Out of memory: Killed process 24874 (syz-executor.4) total-vm:85744kB, anon-rss:16580kB, file-rss:35256kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 22:40:18 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() keyctl$get_security(0x11, 0x0, &(0x7f0000000440)=""/146, 0x92) sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) personality(0x5000007) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000002c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:40:18 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:19 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xe000000) 22:40:19 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:19 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:19 executing program 4: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xd000000) 22:40:19 executing program 5: ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(0xffffffffffffffff, 0xc0406618, &(0x7f0000000040)={{0x3, 0x0, @reserved="60bf9dc7872e87d96d839514054f6360ba9f58dee03cbc285fe76012e596d4a2"}}) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r1 = dup(r0) timerfd_gettime(r1, 0x0) r2 = open_tree(r1, &(0x7f00000001c0)='./file0\x00', 0x80000) r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000000c0)='TIPCv2\x00') r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$TIPC_NL_BEARER_ENABLE(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000840)={0x6c, r3, 0xc573de0d27bdfe6f, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x58, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz1\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x0, 0x0, @loopback={0x3a, 0x2e}}}, {0x20, 0x2, @in6={0xa, 0x0, 0xfffffffd, @mcast2}}}}]}]}, 0x6c}}, 0x0) sendmsg$TIPC_NL_BEARER_ENABLE(r2, &(0x7f0000000480)={&(0x7f0000000200), 0xc, &(0x7f0000000440)={&(0x7f00000008c0)={0x1c4, r3, 0x300, 0x70bd2a, 0x25dfdbff, {}, [@TIPC_NLA_BEARER={0x134, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0x12, 0x1, @l2={'ib', 0x3a, 'syzkaller0\x00'}}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x1, @dev={0xfe, 0x80, [], 0x41}, 0x20}}, {0x14, 0x2, @in={0x2, 0x4e23, @initdev={0xac, 0x1e, 0x0, 0x0}}}}}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x101}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1e}]}, @TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x5, @dev={0xfe, 0x80, [], 0x30}, 0x2}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x4, @rand_addr=' \x01\x00', 0x1ff}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x401}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xd6fa}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x17}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x3}]}, @TIPC_NLA_BEARER_NAME={0xf, 0x1, @l2={'ib', 0x3a, 'ip6tnl0\x00'}}]}, @TIPC_NLA_LINK={0x7c, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_PROP={0x2c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x80000000}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}]}, @TIPC_NLA_LINK_NAME={0x9, 0x1, 'syz0\x00'}]}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x20000001}, 0x20040011) getsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x1, &(0x7f0000000080), &(0x7f0000000140)=0x4) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r6, &(0x7f0000000340), 0x41395527) vmsplice(r5, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) setrlimit(0x0, &(0x7f0000000180)={0x10000, 0x8001}) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r7 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r8 = dup(r7) timerfd_gettime(r8, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:40:19 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x10000000) 22:40:19 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:19 executing program 4: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xd000000) 22:40:19 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x11000000) 22:40:19 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x12], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1968.759705][T24962] tipc: Started in network mode [ 1968.776021][T24962] tipc: Own node identity , cluster identity 4711 [ 1968.783475][T24962] tipc: Failed to set node id, please configure manually [ 1968.791239][T24962] tipc: Enabling of bearer rejected, failed to enable media 22:40:19 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x32], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:19 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{0x0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:19 executing program 4: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xd000000) 22:40:19 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x12000000) 22:40:19 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(r0, &(0x7f00000002c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:40:19 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) timerfd_gettime(r5, 0x0) sendto$inet(r5, &(0x7f0000000040)="eaf8b2729a6c3515e72c2239afdd21e733f49b77028164260be7724921c9496611d3e4d908e4762998d5eeb3de0325a4ce4107560e4c9921ed5f9fca48ea81a57c0524ab4f", 0x45, 0x8080, &(0x7f0000000140)={0x2, 0x4e22, @local}, 0x10) [ 1969.293530][T24962] tipc: Started in network mode [ 1969.299350][T24962] tipc: Own node identity , cluster identity 4711 [ 1969.308161][T24962] tipc: Failed to set node id, please configure manually [ 1969.315665][T24962] tipc: Enabling of bearer rejected, failed to enable media 22:40:19 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:19 executing program 4: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = syz_open_dev$usbmon(&(0x7f0000000280)='/dev/usbmon#\x00', 0x0, 0x0) r5 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r6 = dup(r5) ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200) ioctl$MON_IOCH_MFLUSH(r4, 0x4018920a, 0x74a000) r7 = dup(r3) timerfd_gettime(r7, 0x0) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={0xffffffffffffffff, 0x0, 0x0}, 0x20) r8 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)={0x5, 0x6, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r8, 0x0, 0x0}, 0x20) r9 = io_uring_setup(0x5333, &(0x7f0000003fc0)={0x0, 0x4ad4, 0x4, 0x2, 0x15a, 0x0, r7}) sendmmsg$unix(r2, &(0x7f0000004100)=[{&(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e, &(0x7f0000000200)=[{&(0x7f0000000080)="54ce4f62f4b2", 0x6}, {&(0x7f00000001c0)="615b1d027ef70f23b0578b19f778528600fa42b946d6814e40f61c81b3b345141b4fcc3a4b88c64a873f9108560b7f4942b1b536e7", 0x35}, {&(0x7f00000002c0)="6445c6c40e2873a5c1ed6392ef0373da4857bf4b6ca11fa8dafef934b5e7d2bc620c7de77f6bc91d58d16103b1d5e24e302db0afa01acb27c5d00e120faeb7ea3b1b6b5f7bea9bd41754824cd84dce982adafecfac4dec0b9cb95887e9d80e01d72179236946fc21055f962de1b3b64313af51a7a2d2226d2661c53fe2c814c962691fd048fc8a8bdf56d207cb9e69044430dc7fc3cd63f3a2fc3a70efd07e7259960338f899518ef688a9362d5207fa3166e3b3", 0xb4}, {&(0x7f0000000380)="c307b5af71ae3337cd6d47a70569eb30c10ca46b8598e11fc5628e93c28036ac80e0cd8ac1f3a0c722b721013e7adb51606e8b3a59b3c4b3196112dd25b2aca21e38e70a159ab7146dce49387d398d1b05a025e7a7d89fa817c224f344606092ef3d74fa18c8cad909e58326c0d8ae6599acb71369528258124dd8b43f92e67afbf2e6f6a34b96f3b0e76b1c3488fef312d5d73fc7105832c80ce691831396082933896ed51cebe64ef2e2cc75124ce760ce6f437e48a2bb1bc4486bfed19e8b1ff8b5642138854767ca", 0xca}, {&(0x7f0000000480)="4fc979ed8b32a6ff1a1d251313bff60317440428db297b4d6dbc72422dff671b69a89b179a91a727d973ff5dd13d05ef2285b303800caca0882649caa8649b99e1095134525ee1f00fcd32b11a14675d39d353ede79206d4ec3a7734d0bd3f4bcda50887c205e8f89916998c733854822e7efb0a80c4c14d6be814b235a14a687037a5b2ecffb2d409bbc1829526b0c23d57ce815bae5f5a27dff376662518a6dc0496f44b5a76780fd8ee8a60709c1e382b346694ef705a3fd4d198086a5967f2d8fb964bbf21422b11e17bf0787473400847", 0xd3}], 0x5, &(0x7f00000007c0)=[@rights={{0x10}}, @cred={{0x1c}}, @rights={{0x30, 0x1, 0x1, [r6, 0xffffffffffffffff, 0xffffffffffffffff, r3, r6, r7, 0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x28, 0x1, 0x1, [r7, r5, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0xe8, 0x20004000}, {&(0x7f00000008c0)=@abs={0x1, 0x0, 0x4e20}, 0x6e, &(0x7f0000000a80)=[{&(0x7f0000000940)="8cebe4e34b6e3d08206e4c3f45fdae4965b0c3e374f400406fca1b64191bf188530346655ee36e489c7c97c80bf061dccacbe495377c34723f36f1464bf07f9e091c2ab727f1caa2ab11644623761867d3e1cdb0e38bee47c5270895b365ad972e389d75e4136e0621306d7929eb11216e4aa7467c1b410608eb435a4c315d3edc14fd3acf", 0x85}, {&(0x7f0000000a00)="cd1fff751f0d2367e0fe6c9a85b627deff3fa5116ca30591", 0x18}, {&(0x7f0000000a40)="524a9aadf6c5b85136d12681bec3258367654315e0c7493d06d0469f01f3a2e1711b75ebaee8711b6fa00f43c2", 0x2d}], 0x3, &(0x7f0000001cc0)=[@rights={{0x34, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}, @cred={{0x1c}}, @rights={{0x20, 0x1, 0x1, [r3, r0, 0xffffffffffffffff, r5]}}, @rights={{0x1c, 0x1, 0x1, [r2, r4, 0xffffffffffffffff]}}, @rights={{0x10}}, @cred={{0x1c}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0x0, 0xee01}}}], 0x100}, {&(0x7f0000001e00)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002440)=[{&(0x7f0000001e80)="b2fca5e5", 0x4}, {&(0x7f0000001ec0)="a5b3d51859fb71c06f5acd45ec8544d68463f81bfaa5c85b2e95c14d5eaac780161bcd332f040c723c680b182abafd652eabca36c2909b33fc756fb8d3e80b6760f360b2a32dc57a93a8df6c720b9e6f43192bcc9baca1", 0x57}, {&(0x7f0000001f40)="e5b41c", 0x3}, {&(0x7f0000001f80)="67a225055371698d35820deb4f28c01740dac084fbfbe5cbe3c28995b3e916fdf93c1e285e3a0c3906bb84863d4a288bf04656b257dc1fdbba70d84ebd7eb47d6a4531b628ce9a31728adbc4fdf7d616958d643aba5774ef81bbdfd5fcbb654e9885096010c6c5ff9100f73b049678c5b5afabe88bdc4bdec652ca8b40656393da47d5963df0840d4773cf63b5a2ddb706e9de1ddfe3c5cf9a335c72ecd9437a418266943ad175a75b3e359a42763e558b92ce26630655c0af200201da4eab049c309bb919e89add61406791a68de72eaa34759215406e227a75779737083c8b89ec48c26d17abd3f2539172bcf7125add4ba0f06bbaa769", 0xf8}, {&(0x7f0000002080)="bcf664d874263dfba6e394de7eb6bd74a422032ceed66dfe7d8990cfa675e788407df23436db6dd85935adcc35188cddd52ecb43a8419f1a9089b01b04668ec98d9779e0838df5cff21d197ce26a4ce6e275edb9d2d02d7f7d1ef3f9980102db57a294dec50eb711622b9748f11f032f20e459f8936fdf39bd09537e97da915273fd478c1ebe5a25c4143d9a76d4d33476b34c9a76611324d8bf4ee1918896d218b4710fa59e5ba3f392fede63121429158c2ed65ceb5c08700b97f651cbd9d1da389a5a3e346760203301a152a9a61a109ead251bba792dd24bc07999a8", 0xde}, {&(0x7f0000002180)="c9bf599c50506578bb5bbc2e3c769f7151adc92b0c579146d6b200af86eff876dd1d4fb80db363faebdd7b17c4b3d4cb413a3a5cd71e58f64bacef0d14780bd34fea834309a4a02d8296020b0f80ffb3fa7a5763e2a5a49be9d1e0c8aa8745b1be3a33a39ba252bebe4f2bafac45fa3c9935e9249cb9c26a9ebeeb", 0x7b}, {&(0x7f0000002200)="00038a2ce62174f533d2ee88812e1a0fed2b7f62ab1fa0cf3b0c5d11632bb4a898e20afa56f1cf8e0897f7158c84525e178fbe26d27d64140c7ca1341854e7ad22f2f468ca04bc92c94da65a7f531c", 0x4f}, {&(0x7f0000002280)="0f8b87a53303955e4b06ed601ef1ea25d0f17c6fe1f4bd1936d0968852c315d570b05f0feddf4febfd7fe067a573315b760140ff63900f6ac2cfcec00c778bf01da77660852e6e445c812a576198e88c4b95280bad72ebcc184c5a5bedbc8a3bed1c73db4adcdac600409e2b37c7b5ae19ed3ed78c73d872dee689514e7b0ab26136182e777f37b66ef0b97d80861837bb3606e04f2a6811b394a4d21c3bfa01a9d09411ef3c92be7965b9103d8b02f1a171a90f619860a6ff7d3da1fe5bf32207b61abd8e7373bd63bd2ef616a34f", 0xcf}, {&(0x7f0000002380)="99878c792871ba2a467cb7927dc7ae4da29790ea1f91481319f3121cebaf099ea9607333062a961d1682a0ce8f97e0ae3a9a323b0fe8409ff28056f7bafd63ed51965c4465c1f693f80d634e12ce7ec884ec4e1ab2c66cb5677019a437131cfdce1d6a13a3642897f6b43bdae9e5a81078a1128868cfb8a3615656de8f40612c4c15bb282201423ae43c6b8aad74ba22f11368b6e2f7630f9e2635be96c2d6475aa742aafc0ec8a29347d152d8535b3e09f950ba", 0xb4}], 0x9, &(0x7f0000003800)=[@cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x14, 0x1, 0x1, [0xffffffffffffffff]}}, @rights={{0x20, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x78, 0x4000000}, {&(0x7f0000003880)=@abs={0x0, 0x0, 0x4e21}, 0x6e, &(0x7f0000003a40)=[{&(0x7f0000003900)="e867daa823a8534fc196d373b05c669064ce378ce26b53a2feef3e930d4455ee40d4fc083867185c845ffc8503c735cde29c8a9da4f0361164ea0479a14e2f2dd85b254ec2f779cd004dc5be63fdd9859c1572b62ad481ea8b2d40167cd39212e86e3f4a9047b07f8b0f9912ea5c8caa345ded35e0baa630783af63f03a2048d48c2320f96d502a81c76c1f5d203b0d8cfbec995eb484c7c2b9ebf4656973b419b6a920f1bdc32a05b3c914132d9fd58fa4fbdd6414965", 0xb7}, {&(0x7f00000039c0)="041794f6b38efa6e5c37e387dd897c58c333a0cc8d0d6dba7d46ab5338fa2ae6667c457746279a83b31f84976869a9f73bb2758d1c1798c9584618ed34b4a31932eb99a5f4417de3d7704b00399d26a95213fa8b83c1d93c494a8677325aa8dd52c45cf61777310877a96e", 0x6b}], 0x2, &(0x7f0000003bc0)=[@cred={{0x1c}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r6]}}, @cred={{0x1c}}, @rights={{0x10}}], 0x68, 0x20004830}, {&(0x7f0000003c40)=@abs={0x1, 0x0, 0x4e21}, 0x6e, &(0x7f0000003d40)=[{&(0x7f0000003cc0)="c4877caf558049effd4f4ee844a1c9891bf11427c67ce24cdebe17769f7e65", 0x1f}, {&(0x7f0000003d00)="ca9a21b41fdc78fce38b12df9d4a4faf68a54f1ffe9a64126dc173880056c3e469491a624cc04714b928f69090", 0x2d}], 0x2, &(0x7f0000004040)=[@cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}, @rights={{0x2c, 0x1, 0x1, [r1, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r4, r8, r9]}}], 0xb0, 0x1}], 0x5, 0x8000) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) ioctl$FS_IOC_FSSETXATTR(r6, 0x401c5820, &(0x7f0000000040)={0x100, 0x5, 0x8, 0x4, 0x4}) 22:40:19 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x1bd2ff7f) 22:40:19 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x94], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:19 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, 0x0, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:19 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:20 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x25000000) [ 1969.733106][T25017] syz-executor.4 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 1969.771773][T25017] CPU: 1 PID: 25017 Comm: syz-executor.4 Tainted: G B 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1969.783323][T25017] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1969.793356][T25017] Call Trace: [ 1969.796655][T25017] dump_stack+0x14a/0x1ce [ 1969.800956][T25017] ? devkmsg_release+0x11c/0x11c [ 1969.805863][T25017] ? show_regs_print_info+0x12/0x12 [ 1969.811030][T25017] ? radix_tree_cpu_dead+0x160/0x160 [ 1969.816284][T25017] ? _raw_spin_lock+0xa1/0x170 [ 1969.821018][T25017] ? _raw_spin_trylock_bh+0x190/0x190 [ 1969.826370][T25017] dump_header+0xdb/0x700 [ 1969.830681][T25017] oom_kill_process+0xd3/0x280 [ 1969.835416][T25017] out_of_memory+0x5b6/0x890 [ 1969.839977][T25017] ? unregister_oom_notifier+0x20/0x20 [ 1969.845427][T25017] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1969.850948][T25017] ? get_page_from_freelist+0x7c0/0x7c0 [ 1969.856468][T25017] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1969.861825][T25017] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1969.867428][T25017] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1969.873116][T25017] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1969.878902][T25017] ? __lru_cache_add+0x1a1/0x1f0 [ 1969.883808][T25017] wp_page_copy+0x1cb/0x1120 [ 1969.888368][T25017] ? add_mm_rss_vec+0x270/0x270 [ 1969.893190][T25017] ? _raw_spin_unlock_irq+0x5/0x20 [ 1969.898268][T25017] ? finish_task_switch+0x235/0x4c0 [ 1969.903436][T25017] ? vm_normal_page+0x1c9/0x1d0 [ 1969.908254][T25017] do_wp_page+0x4c1/0x1530 [ 1969.912657][T25017] ? _raw_spin_lock+0xa1/0x170 [ 1969.917391][T25017] ? do_swap_page+0x1560/0x1560 [ 1969.922210][T25017] handle_mm_fault+0xfa5/0x41e0 [ 1969.927028][T25017] ? perf_pmu_sched_task+0x370/0x370 [ 1969.932285][T25017] ? finish_fault+0x230/0x230 [ 1969.936929][T25017] ? switch_mm+0x100/0x100 [ 1969.941327][T25017] ? down_read_trylock+0x17a/0x1d0 [ 1969.946414][T25017] ? vmacache_find+0x47a/0x4b0 [ 1969.951146][T25017] do_user_addr_fault+0x48a/0x9f0 [ 1969.956138][T25017] page_fault+0x2f/0x40 [ 1969.960266][T25017] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 1969.966834][T25017] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 1969.986503][T25017] RSP: 0018:ffff888017d07888 EFLAGS: 00010206 [ 1969.992539][T25017] RAX: ffffffff81f86901 RBX: 000000002034b500 RCX: 0000000000000500 [ 1970.000480][T25017] RDX: 0000000000001000 RSI: ffff8880184f4b00 RDI: 000000002034b000 [ 1970.008423][T25017] RBP: ffff888017d07da8 R08: dffffc0000000000 R09: ffffed100309ea00 [ 1970.016363][T25017] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 1970.024304][T25017] R13: 0000000000001000 R14: ffff8880184f4000 R15: 000000002034a500 [ 1970.032250][T25017] ? copyout+0x51/0xb0 [ 1970.036290][T25017] copyout+0x8e/0xb0 [ 1970.040167][T25017] copy_page_to_iter+0x393/0xbd0 [ 1970.045075][T25017] pipe_to_user+0xa3/0x130 [ 1970.049474][T25017] __splice_from_pipe+0x2d3/0x870 [ 1970.054470][T25017] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 1970.059984][T25017] do_vmsplice+0x252/0xee0 [ 1970.064373][T25017] ? avc_ss_reset+0x3a0/0x3a0 [ 1970.069017][T25017] ? write_pipe_buf+0x1d0/0x1d0 [ 1970.073836][T25017] ? __rcu_read_lock+0x50/0x50 [ 1970.078655][T25017] ? check_stack_object+0x5a/0x90 [ 1970.083647][T25017] ? _copy_from_user+0xa4/0xe0 [ 1970.088391][T25017] ? rw_copy_check_uvector+0x2b3/0x310 [ 1970.093817][T25017] ? import_iovec+0x1c2/0x380 [ 1970.098476][T25017] ? dup_iter+0x110/0x110 [ 1970.102773][T25017] ? do_vfs_ioctl+0x780/0x1750 [ 1970.107505][T25017] __se_sys_vmsplice+0x1fb/0x300 [ 1970.112413][T25017] ? __x64_sys_vmsplice+0xa0/0xa0 [ 1970.117407][T25017] ? put_timespec64+0x109/0x150 [ 1970.122229][T25017] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1970.127831][T25017] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 1970.133521][T25017] do_syscall_64+0xcb/0x150 [ 1970.137995][T25017] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1970.143857][T25017] RIP: 0033:0x45d189 [ 1970.147721][T25017] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1970.167293][T25017] RSP: 002b:00007fe26cbbec78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 1970.175673][T25017] RAX: ffffffffffffffda RBX: 0000000000035800 RCX: 000000000045d189 [ 1970.183615][T25017] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003 [ 1970.191653][T25017] RBP: 000000000118d028 R08: 0000000000000000 R09: 0000000000000000 [ 1970.199595][T25017] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cfec [ 1970.207534][T25017] R13: 00007ffc8d239f3f R14: 00007fe26cbbf9c0 R15: 000000000118cfec [ 1970.281733][T25017] Mem-Info: [ 1970.285154][T25017] active_anon:1407262 inactive_anon:5849 isolated_anon:0 [ 1970.285154][T25017] active_file:381 inactive_file:391 isolated_file:32 [ 1970.285154][T25017] unevictable:0 dirty:70 writeback:0 unstable:0 [ 1970.285154][T25017] slab_reclaimable:8849 slab_unreclaimable:77237 [ 1970.285154][T25017] mapped:53400 shmem:8901 pagetables:40233 bounce:0 [ 1970.285154][T25017] free:14457 free_pcp:906 free_cma:0 [ 1970.323674][T25017] Node 0 active_anon:5629048kB inactive_anon:23396kB active_file:1524kB inactive_file:1416kB unevictable:0kB isolated(anon):0kB isolated(file):128kB mapped:213400kB dirty:280kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no 22:40:20 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1970.372928][T25017] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB 22:40:20 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000340)={0x38, 0x2, 0x10000007, 0x47, 0x9, 0x0, 0x0, 0x0, 0x800}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000000680)=[{{0x0, 0x0, 0x0}, 0x1de5}, {{&(0x7f0000000380)=@in={0x2, 0x0, @initdev}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000400)=""/227, 0xe3}, {&(0x7f0000000040)=""/36, 0x24}, {&(0x7f0000000500)=""/245, 0xf5}, {&(0x7f0000000600)=""/30, 0x1e}], 0x4}, 0x9}], 0x2, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x5251) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = dup(0xffffffffffffffff) timerfd_gettime(r5, 0x0) setsockopt$IPT_SO_SET_ADD_COUNTERS(r5, 0x0, 0x41, &(0x7f00000002c0)=ANY=[@ANYBLOB="72617700000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000100"/72], 0x8c) r6 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r6, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:40:20 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x40000000) [ 1970.418435][T25017] lowmem_reserve[]: 0 2912 6416 6416 [ 1970.424531][T25017] DMA32 free:21964kB min:4644kB low:7624kB high:10604kB active_anon:2814076kB inactive_anon:3032kB active_file:80kB inactive_file:2524kB unevictable:0kB writepending:16kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15488kB pagetables:33080kB bounce:0kB free_pcp:308kB local_pcp:4kB free_cma:0kB [ 1970.454151][T25017] lowmem_reserve[]: 0 0 3504 3504 [ 1970.459248][T25017] Normal free:17292kB min:13784kB low:17372kB high:20960kB active_anon:2815112kB inactive_anon:20364kB active_file:1100kB inactive_file:3964kB unevictable:0kB writepending:268kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32352kB pagetables:127736kB bounce:0kB free_pcp:1720kB local_pcp:1352kB free_cma:0kB 22:40:21 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1970.658255][T25017] lowmem_reserve[]: 0 0 0 0 [ 1970.677711][T25017] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1970.721690][T25017] DMA32: 91*4kB (UMEH) 52*8kB (UMEH) 26*16kB (UMEH) 40*32kB (UMEH) 28*64kB (UMEH) 35*128kB (UM) 21*256kB (UM) 4*512kB (M) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 19244kB [ 1970.751466][T25017] Normal: 186*4kB (UMEH) 323*8kB (UMEH) 154*16kB (UME) 128*32kB (UME) 53*64kB (UM) 6*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 14048kB [ 1970.768900][T25017] 10014 total pagecache pages [ 1970.775808][T25017] 0 pages in swap cache [ 1970.780767][T25017] Swap cache stats: add 0, delete 0, find 0/0 [ 1970.787422][T25017] Free swap = 0kB [ 1970.792730][T25017] Total swap = 0kB [ 1970.796921][T25017] 1965979 pages RAM [ 1970.801188][T25017] 0 pages HighMem/MovableOnly [ 1970.806453][T25017] 318829 pages reserved [ 1970.811429][T25017] 0 pages cma reserved [ 1970.816068][T25017] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=24987,uid=0 [ 1970.843680][ T368] syz-executor.1 invoked oom-killer: gfp_mask=0x40cc0(GFP_KERNEL|__GFP_COMP), order=1, oom_score_adj=0 [ 1970.861665][ T368] CPU: 0 PID: 368 Comm: syz-executor.1 Tainted: G B 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1970.873033][ T368] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1970.883074][ T368] Call Trace: [ 1970.886358][ T368] dump_stack+0x14a/0x1ce [ 1970.890664][ T368] ? devkmsg_release+0x11c/0x11c [ 1970.895570][ T368] ? show_regs_print_info+0x12/0x12 [ 1970.900735][ T368] ? radix_tree_cpu_dead+0x160/0x160 [ 1970.905989][ T368] ? _raw_spin_lock+0xa1/0x170 [ 1970.910720][ T368] ? _raw_spin_trylock_bh+0x190/0x190 [ 1970.916061][ T368] dump_header+0xdb/0x700 [ 1970.920363][ T368] oom_kill_process+0xd3/0x280 [ 1970.925096][ T368] out_of_memory+0x5b6/0x890 [ 1970.929653][ T368] ? unregister_oom_notifier+0x20/0x20 [ 1970.935119][ T368] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1970.940637][ T368] ? get_page_from_freelist+0x7c0/0x7c0 [ 1970.946148][ T368] ? _raw_spin_lock_irqsave+0xfc/0x1e0 [ 1970.951751][ T368] ? __zone_watermark_ok+0x91/0x280 [ 1970.956918][ T368] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1970.962261][ T368] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1970.967774][ T368] ? avc_has_perm_noaudit+0x30c/0x400 [ 1970.973123][ T368] ? avc_denied+0x1c0/0x1c0 [ 1970.977598][ T368] alloc_slab_page+0x3a/0x3a0 [ 1970.982243][ T368] new_slab+0x408/0x450 [ 1970.986368][ T368] ? should_fail+0x18e/0x860 [ 1970.991038][ T368] ___slab_alloc+0x2e0/0x450 [ 1970.995628][ T368] ? getname_flags+0xb8/0x610 [ 1971.000282][ T368] ? getname_flags+0xb8/0x610 [ 1971.004932][ T368] kmem_cache_alloc+0x23f/0x260 [ 1971.009770][ T368] getname_flags+0xb8/0x610 [ 1971.014243][ T368] user_path_mountpoint_at+0x22/0x40 [ 1971.019499][ T368] ksys_umount+0x167/0xff0 [ 1971.023884][ T368] ? __down_read+0x210/0x210 [ 1971.028445][ T368] ? ksys_write+0x24c/0x2c0 [ 1971.032922][ T368] ? namespace_unlock+0x4e0/0x4e0 [ 1971.037915][ T368] ? do_user_addr_fault+0x55c/0x9f0 [ 1971.043082][ T368] __x64_sys_umount+0x56/0x60 [ 1971.047727][ T368] do_syscall_64+0xcb/0x150 [ 1971.052214][ T368] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1971.058079][ T368] RIP: 0033:0x45fbb7 [ 1971.061945][ T368] Code: 64 89 04 25 d0 02 00 00 58 5f ff d0 48 89 c7 e8 2f be ff ff 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 a6 00 00 00 0f 05 <48> 3d 01 f0 ff ff 0f 83 fd 89 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1971.081607][ T368] RSP: 002b:00007ffc481601f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6 [ 1971.089988][ T368] RAX: ffffffffffffffda RBX: 00000000001e11b0 RCX: 000000000045fbb7 [ 1971.097932][ T368] RDX: 000000000000000c RSI: 0000000000000002 RDI: 00007ffc48161330 [ 1971.105881][ T368] RBP: 000000000000394b R08: 0000000000000001 R09: 000000000233c940 [ 1971.113821][ T368] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc48161330 [ 1971.121775][ T368] R13: 00007ffc48161320 R14: 0000000000000000 R15: 00007ffc48161330 [ 1971.130461][ T368] Mem-Info: [ 1971.170703][ T368] active_anon:1411666 inactive_anon:5849 isolated_anon:0 [ 1971.170703][ T368] active_file:315 inactive_file:384 isolated_file:34 [ 1971.170703][ T368] unevictable:0 dirty:23 writeback:0 unstable:0 [ 1971.170703][ T368] slab_reclaimable:8853 slab_unreclaimable:77192 [ 1971.170703][ T368] mapped:53271 shmem:8901 pagetables:40188 bounce:0 [ 1971.170703][ T368] free:11049 free_pcp:227 free_cma:0 [ 1971.227240][ T368] Node 0 active_anon:5647064kB inactive_anon:23396kB active_file:1156kB inactive_file:1068kB unevictable:0kB isolated(anon):0kB isolated(file):136kB mapped:212384kB dirty:92kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1971.252358][ T368] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1971.278854][ T368] lowmem_reserve[]: 0 2912 6416 6416 [ 1971.284732][ T368] DMA32 free:18188kB min:4644kB low:7624kB high:10604kB active_anon:2818936kB inactive_anon:3032kB active_file:600kB inactive_file:844kB unevictable:0kB writepending:24kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15456kB pagetables:33104kB bounce:0kB free_pcp:1120kB local_pcp:504kB free_cma:0kB [ 1971.314796][ T368] lowmem_reserve[]: 0 0 3504 3504 [ 1971.320403][ T368] Normal free:10412kB min:5592kB low:9180kB high:12768kB active_anon:2826760kB inactive_anon:20364kB active_file:1004kB inactive_file:872kB unevictable:0kB writepending:268kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32416kB pagetables:127648kB bounce:0kB free_pcp:24kB local_pcp:0kB free_cma:0kB [ 1971.352505][ T368] lowmem_reserve[]: 0 0 0 0 [ 1971.357896][ T368] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1971.371898][ T368] DMA32: 119*4kB (UMEH) 56*8kB (UMEH) 22*16kB (UMEH) 36*32kB (UMEH) 28*64kB (UMEH) 35*128kB (UM) 21*256kB (UM) 4*512kB (M) 1*1024kB (M) 1*2048kB (M) 0*4096kB = 19196kB [ 1971.389394][ T368] Normal: 72*4kB (UMEH) 70*8kB (UMEH) 44*16kB (UME) 113*32kB (UME) 53*64kB (UM) 6*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9328kB [ 1971.404599][ T368] 9361 total pagecache pages [ 1971.409882][ T368] 0 pages in swap cache [ 1971.414424][ T368] Swap cache stats: add 0, delete 0, find 0/0 [ 1971.420625][ T368] Free swap = 0kB [ 1971.424621][ T368] Total swap = 0kB [ 1971.428531][ T368] 1965979 pages RAM [ 1971.441759][ T368] 0 pages HighMem/MovableOnly [ 1971.449761][ T368] 318829 pages reserved [ 1971.460501][ T368] 0 pages cma reserved [ 1971.470333][ T368] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=24995,uid=0 [ 1971.498884][ T368] Out of memory: Killed process 24995 (syz-executor.5) total-vm:85480kB, anon-rss:16480kB, file-rss:33860kB, shmem-rss:0kB, UID:0 pgtables:164kB oom_score_adj:1000 [ 1971.550384][ T23] oom_reaper: reaped process 24995 (syz-executor.5), now anon-rss:0kB, file-rss:33796kB, shmem-rss:0kB 22:40:22 executing program 5: r0 = socket$inet_udplite(0x2, 0x2, 0x88) r1 = dup(r0) ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200) sendmsg$nl_route_sched(r1, &(0x7f0000001580)={&(0x7f00000014c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000001540)={&(0x7f0000001500)=@gettaction={0x38, 0x32, 0x20, 0x70bd2b, 0x25dfdbfd, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x0, 0x1}}, @action_gd=@TCA_ACT_TAB={0x10, 0x1, [{0xc, 0x10, 0x0, 0x0, @TCA_ACT_INDEX={0x8, 0x3, 0x7316}}]}, @action_dump_flags=@TCA_ROOT_TIME_DELTA={0x8, 0x4, 0x4}]}, 0x38}, 0x1, 0x0, 0x0, 0x20008880}, 0x48001) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) timerfd_gettime(r5, 0x0) sendmsg$nl_generic(r5, &(0x7f00000002c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="709900003000020001000000fddbdf251500000029e203b3fca4ba030f7cdf071e8e6ff9cc1800308014009400fc0200000000000000000000000000018d1a7df00d5883303a3dc3429f8a9d2d53802a30544e39e2305a51aede1f29324684afd218635b697e1aa18cc6084be5a22ad1e5cbbe6f85f78fd1ab4d03cdf712074e4371dd08009600f7ffffff08009500", @ANYRES32=r3, @ANYBLOB="a5de31c25f5318143e039cdaa32cb41b35793672da38ad8056c7fd2bd7f1a6c2957f8c7be077dfff341e44b6d71b930b3a9c3cbeead03acb89808bc85f6bed563a1a234d881618a1a33570a34fab58b3526d907146f5183afbf5037bebe42b8af4dfa5917971010357cd98bc964b4f42b7813cb8fe0932ec3264a4264af33939c84fb1870fe964d7f5d35a52376faf453bf26c0477730b2d11f465f1df90225701cc44362dd1ffd76a29b593d8caa7584669e7a2f9ca50638d18300a03e459a3b0189557ad0ac2be1892b91a2cbe54bf36f26c6ca033b0076339f92d00"], 0x170}, 0x1, 0x0, 0x0, 0x20048880}, 0x40) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) sendmsg$NFT_BATCH(r3, &(0x7f0000001480)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000001440)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_DELSET={0x108c, 0xb, 0xa, 0xd04, 0x0, 0x0, {0x5, 0x0, 0x1}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x29}, @NFTA_SET_OBJ_TYPE={0x8, 0xf, 0x1, 0x0, 0x9}, @NFTA_SET_USERDATA={0x51, 0xd, 0x1, 0x0, "341e66c46f9dabe185a7ac1764debe33f6d5eb3d68dc0f743c50be7b0e6f9ead007da29ee2caab39844dc0f5b930c9dd6e2d1029a203d3ea44a5c4a8feed7078d51165205e4229a52052a18358"}, @NFTA_SET_USERDATA={0x1004, 0xd, 0x1, 0x0, "e29130b49bc9b48f1c696f4beb56f66e0a669c9510112172c99d7d0fd8ec53c27c6b61ef866d663d72b5810949dad98e416249a323a7d39163ac3afa6ec53b646100a740897b1b4cf5b07e157f88f8522ff50f04f9cda3d7a1ec1d6ad234b9c3004364f22ef3e08dd1bed13b757485899e4cd83a57c92dc73dcd20f448c3353ef413a4012272935200473405de2fce429fe9b049f6b2404b33b1a528fdb8bfcefdbd3c20508bf639e8732d72445aaeacdbca1b88176b3851ac720a4f8385e19fbc8c6cc882d32c694196f05a9eabd5d4205cac92e790d05cf8184b2d897e3b492b1f6d920aa471a4fb10dd7d52f486cfb35f13a722959d5916158f5fb66eee4b611562be158a4cdc9562fe0057643e9666b029ec4ae618f7479da52749f588e2a06f0bc3df034b5a3b184f041ec1512ab84fc6b427f51cab7864228681bce507a036c73b83b3ca2a922ff0702740c513ce8ab53a18532273925e97210f49d95bdf48261907de274788b9827517dcf678db93fc7f1fec47a0c4c32b3edca9248dedd845050cd4da0533158ea24a6e96ee581a1f2e0f15e41296d7bc606644917828afb84e98801a4b3943312b03a28fd0ec6b3d59e87a004a8c08471432c5ad14e2ea50feea2039807a11e92237beadfd31b6609beaf721a068d080d1a5b8b60741b4c11110f01cc9a05d223ddb561e0cc5dc8e645867e706a0abf5e413ea924d4d61d3522a590d962cf3bedc93d5d4b2baffc04344bc366340742031f62d507bff42c09d299ba59305b63c5328c79727c56a1a44472dc440146be22d734cd17bcdbc22b1f8ccb9c4aa66d49b5b93220665e2606d5cd5554d82010de3adba4ea7a4fe3e5003cde23fdd01a9837705b7e4c27bdd372a2951f0e406c95b626a9f72e33d8282ec852aba5545cd7418b53766ef377c68ade0653eb26d10fd6785d2f7ee005aa8a92a61d9c215ed3ce85e96c16e37b4b21c3c58bb3857ad0360bd659013515e6b4cc908d1095e44bc88b74f4b61ba24a8c817e8774d9b0631e56cfda111d5b8830e7e4a21e79dd55e0073fa55f0f2fdb8c4513b4f7b468620f59b241cca01fddfef4ea1cf79cd1e3a3ec1976e1868e9eabe62abb908364241627574903f27c74316702578fa31cebfdccc0271d8acd4a72dfaf89eac51e3c5d16410c34632fd25e9b9d1bf50f1e93422fa1b84dae16445479626d0da39c58a0949df841bc7a075f8a8b2ebb080016548eb51b458ceeb89371cc429dc8329f37900e85753cd3fbd3b75838c09330be81cb39558c1aaf1a9780831a31f78cb4e30febcd89db773ff1c780bf76ea2dd373d2d99a082a43a72fccc9ef4375a36fc85c2b976099450bb904383e075bbccc4e05635412310d07d589469cc94349c2065ad453d23a6c0317ca31d1b8ddb3d50a07b5b56bb3004c799f291e1f9a4fd3ba391ec2304a9409639de9d7592ac718ac2846b1188075be65af0992dd8c0e25000ebd679596867d30bf8e226cbf25879ff0f73a547a0c2b23a37108e497a03747792d4432599bde5974ac398fcce8ebf1bf071d5a0d597558dd1c0716b46d5fd1eb44868e6ae348e9f542d52c39916595fddfc9a83dc0ae4312f0bf35fd0b2f893996750f7186c1425ddb0cae019d752ba1127aec16e1186eaffb697f8eb607e34ee2e6214e45cea7632cddc0af41326e1530421bafe25cfd571c68ef87b868bf28bd53d9fc1f53e40de0b7bf5e0dead023da67cf1e7cb7be5e23468e73e162e2f7fc9197ea592bc03834fbf1161a9b5d59d1434759f0f6e12e1e1cf889dd9a5d673734a5616d9adf2fbcb54f6e6e0e69a3a535a5ab85c5cd29199d5cc40b0d14727157e62e673a7b062c1a38b1d7d6b08503637337d1030ebf36f30c1d1243ee6fdb1847a0024d1318558f82c1fd903e872e8c53523528137d39a3edf82ef835a400d3bd79eb587a42fa0393f898114bfb52260d0cf99f2f14a0e368906da79ced46e3cc14b20215557a805252d8f8ec5950a3ffccbbf9a0e1d7b5c1bc3dea9b7cad46de0bf94fb40bcbf0789e22082784f730943782aa3809c03a716d07f1c70c0d720e95b731d77875c760ffae1cf7643402d0c8a4a2d5b0408e8fe1ed357adeb95fa4930a406f1696e3e9bf22633e2c4d78bc4704f0bc435266e37ddb0dab39275b2ece89f2ce61dd94f7266d416d27013f5ee9089d57a90ef02af2de266a854b05cefab74eca055720e90980491287d68388f3364cb3c1a2f56d7273de2194d8e5adef3af8dd3090efc0bfe22c4ba41536db57ec7bdc3c366519c295b7c95d495ed6e75b98b5fd4492deb500db108c551954332840f773d5c79fa21da81ff962e7bc938a2a4ebd470da28e280da894279b6dc83fd5b5866e6f28028a1072199d82fd9b9b157e4d2b6772ba982f99928a07543781522cc002d2a4d5fdf3e37c1b859b77807c9f8aeefc7402c29dffa6c5a5bfdf440a54d827bbc47c1f37568dd943745789e700a0bcee801d6718e68d59957695ab78f06a701672afc705b211027ec6f205bc63e921130624b04922db7b430b011b7749dacabd2cbf9f1c6a2a8aeb3b6e4cfc9b4860ce5e38ddae5a44fd0a244bb265acfd5bd594da7c73310f196e7de21ef684e8bd940b880dc13802d8203faee61c16fb4d99799e5a4f9372d8ba9838e2cbab98f185d387d10f5b6e82ff0a6cad28b1df9a9156d9c2255d91d44b47cb6da357239e0e796778ce2d236ce62f9da688e985b0432ac4c2166d73bc6f4b600552fe0b15e1211592c897a0a5e0e522c3be82b7e1195fa1a2cdc3aa6637813f8ffb9516c396cb4ce739ff45a218929506af91307e479cd1ba6f8b369a81ca61d1595fdf588a0e9d750b80a721c91030512ad8e8567e9ace07f28593d427916fe55f74bc5ae8a494a7fe9ab95196b6599c4dc6341392800e168745205d89d8b242f2efcfa23bacdacc8680ae3d5ba3d01112acdbc6f0b04b7e588d0394a19d3e9c217c33d13594b74daa9f8e87c5a582e2db49d75f9111e685b90a5f6e06eeb991a48df49034bfe6efb77694b237a3a0c64a74aa892c78a1be4b94967451f9b1bb772e18f083aae722d4bd24256d3e8e081164fa18fb80fd45aa52f6090ac56a9673b97a7581030cf11dba72ba87c737ebe19f24703fa3c6cd6c25e10f8cd840bb79abd74acfce607cc35a28c3ca7ab980877f7aee6348e8e50733523d5eac1cbf556cd84e10c5b4df62f3a2d2084a0a4786dfbe3e809c88bdf7252e3a1f64bb55cf67f44fd92932eda1850f9b386f22b2121f879f0fcea2989b7aa63efd1e36c63bd8a52087a542ac163e0ad60d591cbca7cb177b66a7cc02230459f1a1a32dc711b359ca571e175454e5d6990b4748b78c9bfc4a43e56bccffcba1fd4ec7bb4f46b46afa55c5c22fa88485a269180a20eb8f58b1bce45ef359e1f17feda5e09d6182d578e7555650088081a098adac17586489fe955e175a63d3c692a34f5d849d0a128e24839ece7dad3b1638b9bb86bd6ef703ef2f5d5c8480933d42c0b9f3877a80aa43b774c628dab8d009e985697d594678a1999095da552e640b85d85cd7ab0d8957dab1a7022aa0385cfc4295a8db1d1b68d597cb3ce6a0121d685f5d3581f59f6f962f515597cb1f1f322869d887590daf7adbf0b14bfb472c67ef1e4738e31e6a4cb5ec87e11ccec18224e6677c46eccd696fb2274cc88ca06f2a661c7723a18a042cc792ca362301e1f448affa19d865151609d9e8ca0e3a7b2ca82c48e6e4fee88d6a57b91d38a39863f9057ad80d7a63ec4964d8d20f7b2b6afd10bb31846e87b0d574081f4d13cdb6f34a4d59d62922c3beed0c15333dc739dd939c45bf934c9bc1f9e25b9c48363238ce6459b3900b1947c8dd1b3204f24b5004a1ff3bc3c60f04c32942cad0f396f4783203bd22f575b05abf4f0ac9bba50c979649ca1388bc6542fe7a9ba2999df9c1c1c4091a55106c09f833bb0dc792c65f13509e1e75c6a585bf9137d9454440ec69f2254326639b7736a757e76ffda205bfd218dc1ff79f4ada0fc5b1d5f8669dc21756674321cd1fea1e7b6aee318a433fca57a27238c2b5da1ec0d6aaa6a145cab5a43e12c213fcc0f44587bd37c3b0a449e3019802c79ee983f26d5d2d3ec7b3d7e6a3917128d50de80a56ea6e9fc1aaab5fb2cd0ff2777fbedf5897e802c82836a83c2a99d3e9ddf9c0f04194c8b6a407b0e440772894c395207a867ec6698fd699950f199b8d9befaa63f37578ed396ebf89623ac1dc4e7f745a0f1336ef6d53bc1012c968f6c4a93060c190f8875daaeb0279457e40ec6fd7b875d30d612184ef183ae3104919912deaf01e2af3e45fe89ca9139e09451e6c64b94e402556274fbd7bd25b3618ecd4088348dbcb7d1445ecc7fc8c662016a1417cc97afb5c2873b26ca5c1e4794e1b4b8a32c0019b4b7f3118fa23f7b0127b67bd83ea65505b233d4a4d75a965ec3c3935f7ec333b6a154a6d6417abb7d01387a017105b19b1e96ded98b4039a20b06a5c7b7477bac23233697df909e1ccb98c7bc0c61c088768b9128f374f400c5f4e830df489ebd9b0bc58f22c9e2000fba2f48a34c2d08c6cd60a4a51016ec1cf9b972eab0f5064c57222697144aad49332d7fc7af3b536e92365abafaaae5dfaafb4fc33e210f1b233d0f84d610611ccfe27c4db45d123d41dd628228a662f9daee2536699b6d1283bb40cdcf2a4b5d9541d28dc9f5d97eff3a5f0ec7b2487135ea01952e22481eb05bc80957478e3cdd7af77b10dcf2a373b5278574ba53ae06ce679610145164bfc6ed1e8c06f14e0a4e973f491d5a455c45174f42c2b6b2032fa73d30db5ee79a8f3efc3353aadb5718d76e4563560ad3badf8eb5e531fc77385422cc02d328e09557ce38e135fe28652b309468f01398555269dd3185d3797cdf603f5d66039eaf1d535015e10e309f53443bf3f9007d37e6ceeed926588b8dac83ad91cc38e04d8c1e94a95613f2cc8d5e65ee7471866e35b3e7f3cb53b7d9177be159f14f9b62368231f698da68287b7b46c18c92decdda4e22b5ac7020e92f07b8f4d92181484fecce61f869a242da8bcf670407627455f9a78d24f19ccc98616160e0d11523e67cd3aeaa8d12271e6f8b045d0a20ddf25776a2da9548f6897ff0ea8ba3cb080c0c933ab8ce3563ff3ea8296243e76ef8f1af2519cffe0b31477d8e1be310ee7ef8e494a87cfd9814aa93924f59be57b5f25ec221ea638ba5932616a8b4d65382a5f1b74f451344cf04d78e890e4faaf27615cdc2eab7cc922c4a481fe32427f891e5df593c4e51bb86b5451099d8438778e9aed9a5a18f1d1678f1944da65379618a6cdb5fd38cfeb13548b06317b9d8cd5737b45cb9b984d4d9121297a81d4dc55104be641a73e6783c6ad07de0c356aa7632bb8dc39907c41a035d97576df0a43022c567a0698c7b35c0bba68226ee5f03bb7ef223142d8b80d6b45b2a880b6a4355d6581f1b93479db5ce73086fdde027b88e548862ea5c919a1f81473062c868d7beaa77c4433edd0227cc802e8a34b2f53492bd5b9a69d9163be5ff273cc81cfb82ae11d199fa3d570d1b1e6ffd45ab2c06de67ff2e42ccdcb100b586610d39ecfefe645b06b57018ba1c6afed8f660446556137bdbe01829f249d53cc87e7d071bcd384f0bdb49a48e7c283c773b539c915d6cf68feb61132caa291740bbcb938a30bd79fe627acffc680786e22f46bb68539827afcbb4087190f86e8711ae8d35ddc2e5e9183dca25aaecfa872bf7d7d738e1fa"}, @NFTA_SET_KEY_TYPE={0x8, 0x4, 0x1, 0x0, 0xf}, @NFTA_SET_GC_INTERVAL={0x8, 0xc, 0x1, 0x0, 0x80}]}, @NFT_MSG_NEWSET={0x24, 0x9, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0x2}, [@NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x50}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x1}]}], {0x14}}, 0x10d8}}, 0x40080) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r7 = dup(r6) timerfd_gettime(r7, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:40:22 executing program 4: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = dup(r2) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) r4 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r5 = dup(r4) timerfd_gettime(r5, 0x0) sendto$inet(r5, &(0x7f0000000040)="eaf8b2729a6c3515e72c2239afdd21e733f49b77028164260be7724921c9496611d3e4d908e4762998d5eeb3de0325a4ce4107560e4c9921ed5f9fca48ea81a57c0524ab4f", 0x45, 0x8080, &(0x7f0000000140)={0x2, 0x4e22, @local}, 0x10) 22:40:22 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x7fffd21b) 22:40:22 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0x7ffff000) 22:40:22 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xcf000000) 22:40:22 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xe51d0000) 22:40:22 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, 0x0, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:22 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:22 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r0, &(0x7f0000000340), 0x41395527) r1 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)={0x5, 0x6, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r1, 0x0, 0x0}, 0x20) vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1000014f, 0x1) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0) ioctl$TCSETS(r3, 0x40045431, &(0x7f00005befdc)) r4 = syz_open_pts(r3, 0x0) fcntl$setstatus(r4, 0x4, 0x102800) ioctl$TIOCSISO7816(r4, 0xc0285443, &(0x7f0000000040)={0x1ff, 0x1, 0x6, 0x800, 0x5}) r5 = dup(r2) timerfd_gettime(r5, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) [ 1972.723511][T25067] syz-executor.0 invoked oom-killer: gfp_mask=0x400dc0(GFP_KERNEL_ACCOUNT|__GFP_ZERO), order=3, oom_score_adj=1000 [ 1972.748929][T25067] CPU: 1 PID: 25067 Comm: syz-executor.0 Tainted: G B 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1972.760492][T25067] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1972.770521][T25067] Call Trace: [ 1972.773788][T25067] dump_stack+0x14a/0x1ce [ 1972.778085][T25067] ? devkmsg_release+0x11c/0x11c [ 1972.784391][T25067] ? show_regs_print_info+0x12/0x12 [ 1972.789566][T25067] ? radix_tree_cpu_dead+0x160/0x160 [ 1972.794821][T25067] ? _raw_spin_lock+0xa1/0x170 [ 1972.799553][T25067] ? _raw_spin_trylock_bh+0x190/0x190 [ 1972.804909][T25067] dump_header+0xdb/0x700 [ 1972.809244][T25067] oom_kill_process+0xd3/0x280 [ 1972.813977][T25067] out_of_memory+0x5b6/0x890 [ 1972.818536][T25067] ? unregister_oom_notifier+0x20/0x20 [ 1972.823977][T25067] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1972.829495][T25067] ? get_page_from_freelist+0x7c0/0x7c0 [ 1972.835012][T25067] ? __zone_watermark_ok+0x91/0x280 [ 1972.840182][T25067] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1972.845530][T25067] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1972.851044][T25067] ? copy_process+0x5a4/0x5110 [ 1972.855775][T25067] ? copy_process+0x5a4/0x5110 [ 1972.860506][T25067] ? kmem_cache_alloc+0x1d5/0x260 [ 1972.865498][T25067] copy_process+0x5f3/0x5110 [ 1972.870059][T25067] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1972.875748][T25067] ? _raw_spin_lock+0xa1/0x170 [ 1972.880480][T25067] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1972.886254][T25067] ? __lru_cache_add+0x1a1/0x1f0 [ 1972.891175][T25067] ? fork_idle+0x290/0x290 [ 1972.895560][T25067] _do_fork+0x196/0x920 [ 1972.899684][T25067] ? finish_fault+0x230/0x230 [ 1972.904331][T25067] ? up_write+0xa1/0x190 [ 1972.908544][T25067] ? dup_mm+0x300/0x300 [ 1972.912671][T25067] __x64_sys_clone+0x25e/0x2c0 [ 1972.917419][T25067] ? __ia32_sys_vfork+0x110/0x110 [ 1972.922426][T25067] ? do_user_addr_fault+0x55c/0x9f0 [ 1972.927592][T25067] do_syscall_64+0xcb/0x150 [ 1972.932070][T25067] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1972.937932][T25067] RIP: 0033:0x45fb59 [ 1972.941798][T25067] Code: ff 48 85 f6 0f 84 87 8a fb ff 48 83 ee 10 48 89 4e 08 48 89 3e 48 89 d7 4c 89 c2 4d 89 c8 4c 8b 54 24 08 b8 38 00 00 00 0f 05 <48> 85 c0 0f 8c 5e 8a fb ff 74 01 c3 31 ed 48 f7 c7 00 00 01 00 75 [ 1972.961373][T25067] RSP: 002b:00007ffd47501a68 EFLAGS: 00000202 ORIG_RAX: 0000000000000038 [ 1972.969751][T25067] RAX: ffffffffffffffda RBX: 00007f76464a3700 RCX: 000000000045fb59 [ 1972.978214][T25067] RDX: 00007f76464a39d0 RSI: 00007f76464a2db0 RDI: 00000000003d0f00 [ 1972.986167][T25067] RBP: 00007ffd47501c90 R08: 00007f76464a3700 R09: 00007f76464a3700 [ 1972.994123][T25067] R10: 00007f76464a39d0 R11: 0000000000000202 R12: 0000000000000000 [ 1973.002064][T25067] R13: 00007ffd47501b1f R14: 00007f76464a39c0 R15: 000000000118d08c [ 1973.072746][T25067] Mem-Info: [ 1973.080555][T25067] active_anon:1409488 inactive_anon:5849 isolated_anon:0 [ 1973.080555][T25067] active_file:210 inactive_file:977 isolated_file:64 [ 1973.080555][T25067] unevictable:0 dirty:0 writeback:0 unstable:0 [ 1973.080555][T25067] slab_reclaimable:8851 slab_unreclaimable:77247 [ 1973.080555][T25067] mapped:53554 shmem:8901 pagetables:40294 bounce:0 [ 1973.080555][T25067] free:12542 free_pcp:258 free_cma:0 [ 1973.119305][T25067] Node 0 active_anon:5622052kB inactive_anon:23396kB active_file:940kB inactive_file:3572kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:214216kB dirty:0kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1973.144406][T25067] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1973.171545][T25067] lowmem_reserve[]: 0 2912 6416 6416 [ 1973.178340][T25067] DMA32 free:29580kB min:4644kB low:7624kB high:10604kB active_anon:2808820kB inactive_anon:3032kB active_file:76kB inactive_file:312kB unevictable:0kB writepending:0kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15296kB pagetables:33064kB bounce:0kB free_pcp:1580kB local_pcp:196kB free_cma:0kB [ 1973.218761][T25067] lowmem_reserve[]: 0 0 3504 3504 [ 1973.234941][T25067] Normal free:16484kB min:9688kB low:13276kB high:16864kB active_anon:2813912kB inactive_anon:20364kB active_file:1276kB inactive_file:4984kB unevictable:0kB writepending:0kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32640kB pagetables:128112kB bounce:0kB free_pcp:1912kB local_pcp:488kB free_cma:0kB [ 1973.270767][T25067] lowmem_reserve[]: 0 0 0 0 [ 1973.276844][T25067] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1973.291270][T25067] DMA32: 469*4kB (UMEH) 379*8kB (UMEH) 249*16kB (UMEH) 134*32kB (UMEH) 31*64kB (MEH) 35*128kB (UM) 21*256kB (UM) 5*512kB (UM) 2*1024kB (UM) 0*2048kB 0*4096kB = 29628kB [ 1973.308629][T25067] Normal: 29*4kB (E) 454*8kB (UME) 290*16kB (UME) 117*32kB (UME) 44*64kB (M) 2*128kB (M) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 15204kB [ 1973.324072][T25067] 11017 total pagecache pages [ 1973.329430][T25067] 0 pages in swap cache [ 1973.334782][T25067] Swap cache stats: add 0, delete 0, find 0/0 [ 1973.342254][T25067] Free swap = 0kB [ 1973.347001][T25067] Total swap = 0kB [ 1973.351819][T25067] 1965979 pages RAM [ 1973.356736][T25067] 0 pages HighMem/MovableOnly [ 1973.362493][T25067] 318829 pages reserved [ 1973.368215][T25067] 0 pages cma reserved 22:40:23 executing program 4: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x9000000, 0x0) 22:40:23 executing program 5: pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_udp(0x2, 0x2, 0x0) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ttyS3\x00', 0x14b900, 0x0) r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1) r4 = dup(r3) timerfd_gettime(r4, 0x0) ioctl$ION_IOC_ALLOC(r2, 0xc0184900, &(0x7f0000000080)={0x1, 0x2, 0x0, r4}) open(&(0x7f0000000140)='./file0\x00', 0x0, 0x20) socketpair(0xf, 0x800, 0xffffffff, &(0x7f0000000180)) epoll_create(0x9) r5 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)={0x5, 0x6, 0x4, 0x4, 0x0, 0xffffffffffffffff, 0x0, [0x0, 0x0, 0x0, 0x0, 0x2000000]}, 0x40) bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f00000001c0)={r5, 0x0, 0x0}, 0x20) r6 = dup(r5) timerfd_gettime(r6, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:40:23 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:23 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r0, &(0x7f00000017c0), 0x375, 0x0, 0xffffff7f) 22:40:23 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x7f}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200) ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, &(0x7f00000002c0)={0x0, 0x1, {0x1e, 0x3, 0x2, 0xe, 0x3, 0x8000, 0x6, 0x15a}}) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x10000040, 0x0, 0x6, 0xfffffffffffffffe}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:40:23 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, 0x0, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:23 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1973.375268][T25067] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.4,pid=25040,uid=0 22:40:23 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:23 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:24 executing program 4: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{0x0, 0x0, 0x81}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) syz_genetlink_get_family_id$tipc(&(0x7f0000000280)='TIPC\x00') vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:40:24 executing program 3: recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)) write(0xffffffffffffffff, &(0x7f0000000340), 0x41395527) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, 0x0, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x0, 0x5}, 0x0) r1 = syz_open_procfs(r0, &(0x7f0000000080)='numa_maps\x00') preadv(r1, &(0x7f00000017c0), 0x375, 0x0, 0x0) 22:40:24 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1973.771968][T25111] syz-executor.1 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000 [ 1973.799371][T25111] CPU: 1 PID: 25111 Comm: syz-executor.1 Tainted: G B 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1973.810915][T25111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1973.820946][T25111] Call Trace: [ 1973.824215][T25111] dump_stack+0x14a/0x1ce [ 1973.828538][T25111] ? devkmsg_release+0x11c/0x11c [ 1973.833449][T25111] ? show_regs_print_info+0x12/0x12 [ 1973.838618][T25111] ? radix_tree_cpu_dead+0x160/0x160 [ 1973.843872][T25111] ? _raw_spin_lock+0xa1/0x170 [ 1973.848607][T25111] ? _raw_spin_trylock_bh+0x190/0x190 [ 1973.853951][T25111] dump_header+0xdb/0x700 [ 1973.858268][T25111] oom_kill_process+0xd3/0x280 [ 1973.863031][T25111] out_of_memory+0x5b6/0x890 [ 1973.867602][T25111] ? unregister_oom_notifier+0x20/0x20 [ 1973.873033][T25111] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1973.878556][T25111] ? get_page_from_freelist+0x7c0/0x7c0 [ 1973.884072][T25111] ? __schedule+0x920/0xef0 [ 1973.888549][T25111] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1973.893896][T25111] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1973.899413][T25111] wp_page_copy+0x1fe/0x1120 [ 1973.903975][T25111] ? prep_new_page+0x11a/0x380 [ 1973.908728][T25111] ? add_mm_rss_vec+0x270/0x270 [ 1973.913547][T25111] do_wp_page+0x68b/0x1530 [ 1973.917956][T25111] ? do_swap_page+0x1560/0x1560 [ 1973.922789][T25111] handle_mm_fault+0xfa5/0x41e0 [ 1973.927614][T25111] ? switch_mm_irqs_off+0x4d7/0x9a0 [ 1973.932790][T25111] ? finish_fault+0x230/0x230 [ 1973.937439][T25111] ? preempt_schedule_irq+0xe7/0x140 [ 1973.942883][T25111] ? preempt_schedule_notrace+0x130/0x130 [ 1973.948589][T25111] ? vmacache_update+0x9f/0xf0 [ 1973.953414][T25111] do_user_addr_fault+0x48a/0x9f0 [ 1973.958419][T25111] page_fault+0x2f/0x40 [ 1973.962552][T25111] RIP: 0033:0x40f608 [ 1973.966420][T25111] Code: d9 48 8b 47 78 48 83 f8 ff 0f 84 0b 01 00 00 48 8b 73 18 48 83 fe ff 74 29 48 81 fe e7 03 00 00 0f 87 5e 01 00 00 48 c1 e6 04 86 a0 90 18 01 01 48 89 86 a8 90 18 01 66 2e 0f 1f 84 00 00 00 [ 1973.985998][T25111] RSP: 002b:00007ffc48161100 EFLAGS: 00010246 [ 1973.992037][T25111] RAX: 0000000000000003 RBX: 000000000118cf40 RCX: 0000000000000001 [ 1973.999980][T25111] RDX: 0000000000000001 RSI: 0000000000000000 RDI: 000000000118cf40 [ 1974.007924][T25111] RBP: 000000000118cf40 R08: 0000000000000000 R09: 0000000000000000 [ 1974.015884][T25111] R10: 00007ffc48161210 R11: 0000000000000246 R12: 00000000000003e8 [ 1974.023829][T25111] R13: 00000000001e1d82 R14: 00000000001e1d55 R15: 000000000118cf4c [ 1974.038985][T25111] Mem-Info: [ 1974.042500][T25111] active_anon:1410804 inactive_anon:5849 isolated_anon:0 [ 1974.042500][T25111] active_file:290 inactive_file:261 isolated_file:51 [ 1974.042500][T25111] unevictable:0 dirty:29 writeback:0 unstable:0 [ 1974.042500][T25111] slab_reclaimable:8854 slab_unreclaimable:77278 [ 1974.042500][T25111] mapped:53208 shmem:8901 pagetables:40384 bounce:0 [ 1974.042500][T25111] free:11308 free_pcp:527 free_cma:0 [ 1974.080444][T25111] Node 0 active_anon:5643216kB inactive_anon:23396kB active_file:1160kB inactive_file:1044kB unevictable:0kB isolated(anon):0kB isolated(file):204kB mapped:212832kB dirty:116kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1974.105100][T25111] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1974.131223][T25111] lowmem_reserve[]: 0 2912 6416 6416 [ 1974.136700][T25111] DMA32 free:17096kB min:4644kB low:7624kB high:10604kB active_anon:2821024kB inactive_anon:3032kB active_file:36kB inactive_file:340kB unevictable:0kB writepending:8kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15520kB pagetables:33200kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1974.173035][T25111] lowmem_reserve[]: 0 0 3504 3504 [ 1974.183540][T25111] Normal free:12232kB min:13784kB low:17372kB high:20960kB active_anon:2821552kB inactive_anon:20364kB active_file:1084kB inactive_file:1208kB unevictable:0kB writepending:308kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32544kB pagetables:128336kB bounce:0kB free_pcp:2516kB local_pcp:1104kB free_cma:0kB [ 1974.217429][T25111] lowmem_reserve[]: 0 0 0 0 [ 1974.222778][T25111] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1974.240200][T25111] DMA32: 121*4kB (UMEH) 79*8kB (UMEH) 17*16kB (UEH) 17*32kB (EH) 25*64kB (UMEH) 35*128kB (UM) 21*256kB (UM) 4*512kB (M) 2*1024kB (UM) 0*2048kB 0*4096kB = 17484kB [ 1974.257577][T25111] Normal: 797*4kB (UME) 399*8kB (UME) 94*16kB (UME) 100*32kB (UME) 45*64kB (UM) 1*128kB (U) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 14092kB [ 1974.273776][T25111] 9393 total pagecache pages [ 1974.278842][T25111] 0 pages in swap cache [ 1974.283596][T25111] Swap cache stats: add 0, delete 0, find 0/0 [ 1974.290196][T25111] Free swap = 0kB [ 1974.294440][T25111] Total swap = 0kB [ 1974.298656][T25111] 1965979 pages RAM [ 1974.303029][T25111] 0 pages HighMem/MovableOnly [ 1974.308237][T25111] 318829 pages reserved [ 1974.312947][T25111] 0 pages cma reserved [ 1974.317542][T25111] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.5,pid=25083,uid=0 [ 1974.333291][T25111] Out of memory: Killed process 25083 (syz-executor.5) total-vm:85348kB, anon-rss:11992kB, file-rss:34464kB, shmem-rss:0kB, UID:0 pgtables:156kB oom_score_adj:1000 [ 1974.354903][ T23] oom_reaper: reaped process 25083 (syz-executor.5), now anon-rss:0kB, file-rss:33904kB, shmem-rss:0kB 22:40:25 executing program 2: prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0) getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000180)={0x1, &(0x7f0000000140)=[{}]}) r0 = getpid() sched_setattr(r0, &(0x7f0000000040)={0x38, 0x2, 0x0, 0x1, 0x9}, 0x0) r1 = socket$inet6(0xa, 0x2, 0x0) recvmmsg(r1, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r3, 0x407, 0x0) write(r3, &(0x7f0000000340), 0x41395527) vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x1, 0x1, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r4 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r4, 0x0) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r5, &(0x7f0000000400)=[{&(0x7f00000003c0)=""/51, 0x33}, {&(0x7f0000000300)=""/192, 0xc0}], 0x2, 0x0, 0x0) 22:40:25 executing program 5: bpf$OBJ_GET_MAP(0x7, &(0x7f0000000140)={&(0x7f0000000080)='./file0\x00', 0x0, 0x28}, 0x10) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) syz_open_procfs(0x0, &(0x7f00000000c0)='fd/4\x00') r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1) socket$inet_udp(0x2, 0x2, 0x0) r3 = dup(r2) ioctl$BLKALIGNOFF(r0, 0x127a, &(0x7f0000000040)) timerfd_gettime(r3, 0x0) ioctl$RFKILL_IOCTL_NOINPUT(0xffffffffffffffff, 0x5201) 22:40:25 executing program 0: getsockname$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @multicast}, &(0x7f0000000240)=0x14) getpid() recvmmsg(0xffffffffffffffff, &(0x7f0000002bc0)=[{{0x0, 0x0, 0x0}, 0x1de5}], 0x1, 0x0, 0x0) pipe(&(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvfrom$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000200)={0xa, 0x0, 0x5, @remote, 0x156aec58}, 0x1c) fcntl$setpipe(r1, 0x407, 0x0) write(r1, &(0x7f0000000340), 0x41395527) vmsplice(r0, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0) sched_setattr(0x0, &(0x7f0000000080)={0x38, 0x0, 0x10000003, 0x0, 0x6}, 0x0) keyctl$read(0xb, 0x0, &(0x7f0000000000)=""/24, 0x18) r2 = add_key$keyring(0x0, 0x0, 0x0, 0x0, 0x0) keyctl$KEYCTL_MOVE(0x1e, 0x0, 0x0, r2, 0x0) clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='stack\x00') preadv(r3, &(0x7f00000017c0), 0x375, 0x0, 0x0) r4 = dup(0xffffffffffffffff) getsockname$packet(r4, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140)=0x14) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=ANY=[@ANYBLOB="240000001800010000000000000000000a000000000000060000000008000400", @ANYRES32=r5, @ANYBLOB="3c6671af21410200e0f495bb25d61506f448e5de78cf02710d78751a06e6e205000000000013ce344cc9a1e919c0e2dcd7000019e79582153740f00c8373fb3320985a94a1d66f6f000000000000040000000000000000"], 0x24}}, 0x0) sendmsg$NL80211_CMD_GET_MESH_CONFIG(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="eb909066d893be38c26971271c961e03c96950def219c569c5e523df531c591e37216ce562d6e9e78d7ce3a2523c4b89aac4a6c936d654d32a26e5f962175f", @ANYRES16=0x0, @ANYBLOB="100027bd7000fcdbdf251c0000000c009900030000000100000008000300", @ANYRES32=r5, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x4005}, 0x0) 22:40:25 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) 22:40:25 executing program 1: r0 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x2, 0x3, 0x288, 0x0, 0xe8, 0xe8, 0xe8, 0xe8, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x1f0, 0x3, 0x0, {[{{@ip={@loopback, @rand_addr, 0x0, 0x0, 'vlan0\x00', 'syz_tun\x00'}, 0x0, 0xb8, 0xe8, 0x0, {}, [@common=@unspec=@limit={{0x48, 'limit\x00'}, {0x40000, 0x6004800}}]}, @common=@unspec=@CONNMARK={0x30, 'CONNMARK\x00'}}, {{@ip={@empty, @multicast1, 0x0, 0x0, 'vlan1\x00', 'vlan0\x00'}, 0x0, 0xa0, 0x108, 0x0, {}, [@common=@addrtype={{0x30, 'addrtype\x00'}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp\x00', 'syz0\x00'}}}], {{[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x28d) [ 1975.161439][T25137] syz-executor.0 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 1975.178098][T25137] CPU: 1 PID: 25137 Comm: syz-executor.0 Tainted: G B 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1975.189658][T25137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1975.199710][T25137] Call Trace: [ 1975.203007][T25137] dump_stack+0x14a/0x1ce [ 1975.207339][T25137] ? devkmsg_release+0x11c/0x11c [ 1975.212365][T25137] ? show_regs_print_info+0x12/0x12 [ 1975.217564][T25137] ? radix_tree_cpu_dead+0x160/0x160 [ 1975.223803][T25137] ? _raw_spin_lock+0xa1/0x170 [ 1975.228571][T25137] ? _raw_spin_trylock_bh+0x190/0x190 [ 1975.233944][T25137] dump_header+0xdb/0x700 [ 1975.238286][T25137] oom_kill_process+0xd3/0x280 [ 1975.243058][T25137] out_of_memory+0x5b6/0x890 [ 1975.247656][T25137] ? unregister_oom_notifier+0x20/0x20 [ 1975.253125][T25137] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1975.258698][T25137] ? get_page_from_freelist+0x7c0/0x7c0 [ 1975.264225][T25137] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1975.269573][T25137] ? memcg_check_events+0x1ab/0x520 [ 1975.274745][T25137] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1975.280278][T25137] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1975.286057][T25137] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 1975.292119][T25137] ? __perf_event_task_sched_in+0x4f7/0x560 [ 1975.297984][T25137] wp_page_copy+0x1cb/0x1120 [ 1975.302549][T25137] ? perf_pmu_sched_task+0x370/0x370 [ 1975.307821][T25137] ? switch_mm_irqs_off+0x2bf/0x9a0 [ 1975.312990][T25137] ? add_mm_rss_vec+0x270/0x270 [ 1975.317811][T25137] ? _raw_spin_unlock_irq+0x5/0x20 [ 1975.322892][T25137] ? finish_task_switch+0x235/0x4c0 [ 1975.328062][T25137] ? vm_normal_page+0x1c9/0x1d0 [ 1975.332883][T25137] do_wp_page+0x4c1/0x1530 [ 1975.337271][T25137] ? _raw_spin_lock+0xa1/0x170 [ 1975.342062][T25137] ? do_swap_page+0x1560/0x1560 [ 1975.346886][T25137] ? ttwu_do_wakeup+0x154/0x5b0 [ 1975.351722][T25137] handle_mm_fault+0xfa5/0x41e0 [ 1975.356545][T25137] ? finish_fault+0x230/0x230 [ 1975.361196][T25137] ? down_read_trylock+0x17a/0x1d0 [ 1975.366371][T25137] ? vmacache_find+0x205/0x4b0 [ 1975.371109][T25137] do_user_addr_fault+0x48a/0x9f0 [ 1975.376107][T25137] page_fault+0x2f/0x40 [ 1975.380239][T25137] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 1975.386799][T25137] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 1975.406461][T25137] RSP: 0018:ffff88806fc4f888 EFLAGS: 00010206 [ 1975.412501][T25137] RAX: ffffffff81f86901 RBX: 00000000200fa500 RCX: 0000000000000500 [ 1975.420457][T25137] RDX: 0000000000001000 RSI: ffff88817ef04b00 RDI: 00000000200fa000 [ 1975.428416][T25137] RBP: ffff88806fc4fda8 R08: dffffc0000000000 R09: ffffed102fde0a00 [ 1975.436359][T25137] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 1975.444301][T25137] R13: 0000000000001000 R14: ffff88817ef04000 R15: 00000000200f9500 [ 1975.453815][T25137] ? copyout+0x51/0xb0 [ 1975.458651][T25137] copyout+0x8e/0xb0 [ 1975.462622][T25137] copy_page_to_iter+0x393/0xbd0 [ 1975.467531][T25137] pipe_to_user+0xa3/0x130 [ 1975.471919][T25137] __splice_from_pipe+0x2d3/0x870 [ 1975.476921][T25137] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 1975.482440][T25137] do_vmsplice+0x252/0xee0 [ 1975.486832][T25137] ? avc_ss_reset+0x3a0/0x3a0 [ 1975.491482][T25137] ? write_pipe_buf+0x1d0/0x1d0 [ 1975.496303][T25137] ? __rcu_read_lock+0x50/0x50 [ 1975.501045][T25137] ? check_stack_object+0x5a/0x90 [ 1975.506045][T25137] ? _copy_from_user+0xa4/0xe0 [ 1975.510865][T25137] ? rw_copy_check_uvector+0x2b3/0x310 [ 1975.516318][T25137] ? import_iovec+0x1c2/0x380 [ 1975.520978][T25137] ? dup_iter+0x110/0x110 [ 1975.525304][T25137] ? do_vfs_ioctl+0x780/0x1750 [ 1975.530047][T25137] __se_sys_vmsplice+0x1fb/0x300 [ 1975.534961][T25137] ? __x64_sys_vmsplice+0xa0/0xa0 [ 1975.539968][T25137] ? put_timespec64+0x109/0x150 [ 1975.544792][T25137] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1975.550401][T25137] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 1975.556178][T25137] do_syscall_64+0xcb/0x150 [ 1975.560654][T25137] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1975.566533][T25137] RIP: 0033:0x45d189 [ 1975.570400][T25137] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1975.589974][T25137] RSP: 002b:00007f76464c3c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 1975.598355][T25137] RAX: ffffffffffffffda RBX: 0000000000035800 RCX: 000000000045d189 [ 1975.606299][T25137] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003 [ 1975.614415][T25137] RBP: 000000000118d028 R08: 0000000000000000 R09: 0000000000000000 [ 1975.622373][T25137] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cfec [ 1975.630315][T25137] R13: 00007ffd47501b1f R14: 00007f76464c49c0 R15: 000000000118cfec [ 1975.647067][T25137] Mem-Info: [ 1975.650443][T25137] active_anon:1412486 inactive_anon:5849 isolated_anon:0 [ 1975.650443][T25137] active_file:302 inactive_file:445 isolated_file:62 [ 1975.650443][T25137] unevictable:0 dirty:59 writeback:1 unstable:0 [ 1975.650443][T25137] slab_reclaimable:8857 slab_unreclaimable:77011 [ 1975.650443][T25137] mapped:53268 shmem:8901 pagetables:40303 bounce:0 [ 1975.650443][T25137] free:9977 free_pcp:263 free_cma:0 [ 1975.711986][T25137] Node 0 active_anon:5650540kB inactive_anon:23396kB active_file:1228kB inactive_file:1096kB unevictable:0kB isolated(anon):0kB isolated(file):232kB mapped:212324kB dirty:288kB writeback:4kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1975.771230][T25137] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1975.802277][T25137] lowmem_reserve[]: 0 2912 6416 6416 [ 1975.807987][T25137] DMA32 free:17888kB min:4644kB low:7624kB high:10604kB active_anon:2822492kB inactive_anon:3032kB active_file:68kB inactive_file:100kB unevictable:0kB writepending:24kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15296kB pagetables:33088kB bounce:0kB free_pcp:144kB local_pcp:144kB free_cma:0kB [ 1975.838684][T25137] lowmem_reserve[]: 0 0 3504 3504 [ 1975.850020][T25137] Normal free:8492kB min:9688kB low:13276kB high:16864kB active_anon:2828056kB inactive_anon:20364kB active_file:840kB inactive_file:540kB unevictable:0kB writepending:208kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32704kB pagetables:128220kB bounce:0kB free_pcp:332kB local_pcp:48kB free_cma:0kB [ 1975.880174][T25137] lowmem_reserve[]: 0 0 0 0 [ 1975.892852][T25137] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1975.916293][T25137] DMA32: 250*4kB (UMEH) 86*8kB (UMEH) 21*16kB (UMEH) 39*32kB (UMEH) 13*64kB (UEH) 33*128kB (UMH) 21*256kB (UM) 5*512kB (UM) 2*1024kB (UM) 0*2048kB 0*4096kB = 18312kB [ 1975.933448][T25137] Normal: 957*4kB (UME) 117*8kB (UME) 91*16kB (UME) 17*32kB (UME) 34*64kB (M) 2*128kB (UM) 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 9196kB [ 1975.948539][T25137] 9167 total pagecache pages [ 1975.953613][T25137] 0 pages in swap cache [ 1975.958205][T25137] Swap cache stats: add 0, delete 0, find 0/0 [ 1975.964772][T25137] Free swap = 0kB [ 1975.968945][T25137] Total swap = 0kB [ 1975.973096][T25137] 1965979 pages RAM [ 1975.977429][T25137] 0 pages HighMem/MovableOnly [ 1975.982551][T25137] 318829 pages reserved [ 1975.987137][T25137] 0 pages cma reserved [ 1975.992626][T25137] oom-kill:constraint=CONSTRAINT_NONE,nodemask=(null),cpuset=/,mems_allowed=0,global_oom,task_memcg=/,task=syz-executor.2,pid=25125,uid=0 [ 1976.008935][T25137] Out of memory: Killed process 25125 (syz-executor.2) total-vm:85744kB, anon-rss:16028kB, file-rss:35064kB, shmem-rss:0kB, UID:0 pgtables:160kB oom_score_adj:1000 [ 1976.030999][ T23] oom_reaper: reaped process 25125 (syz-executor.2), now anon-rss:0kB, file-rss:34768kB, shmem-rss:0kB [ 1976.604925][T25134] syz-executor.5 invoked oom-killer: gfp_mask=0x1100dca(GFP_HIGHUSER_MOVABLE|__GFP_ZERO|0x1000000), order=0, oom_score_adj=1000 [ 1976.628426][T25134] CPU: 1 PID: 25134 Comm: syz-executor.5 Tainted: G B 5.4.58-syzkaller-00207-g00dc5af368b7 #0 [ 1976.640091][T25134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 [ 1976.650138][T25134] Call Trace: [ 1976.653420][T25134] dump_stack+0x14a/0x1ce [ 1976.657725][T25134] ? devkmsg_release+0x11c/0x11c [ 1976.662633][T25134] ? show_regs_print_info+0x12/0x12 [ 1976.667802][T25134] ? radix_tree_cpu_dead+0x160/0x160 [ 1976.673057][T25134] ? _raw_spin_lock+0xa1/0x170 [ 1976.677788][T25134] ? _raw_spin_trylock_bh+0x190/0x190 [ 1976.683136][T25134] dump_header+0xdb/0x700 [ 1976.687438][T25134] oom_kill_process+0xd3/0x280 [ 1976.692173][T25134] out_of_memory+0x5b6/0x890 [ 1976.696995][T25134] ? unregister_oom_notifier+0x20/0x20 [ 1976.702428][T25134] __alloc_pages_slowpath+0x16c2/0x1e50 [ 1976.707967][T25134] ? get_page_from_freelist+0x7c0/0x7c0 [ 1976.713484][T25134] ? _raw_spin_lock+0xa1/0x170 [ 1976.718222][T25134] __alloc_pages_nodemask+0x5cb/0x7c0 [ 1976.723581][T25134] ? gfp_pfmemalloc_allowed+0x130/0x130 [ 1976.729098][T25134] ? mem_cgroup_commit_charge+0x1cc/0x2a0 [ 1976.734789][T25134] ? mem_cgroup_try_charge_delay+0x10/0x10 [ 1976.740565][T25134] ? __lru_cache_add+0x1a1/0x1f0 [ 1976.745474][T25134] wp_page_copy+0x1cb/0x1120 [ 1976.750038][T25134] ? add_mm_rss_vec+0x270/0x270 [ 1976.754860][T25134] ? __perf_event_task_sched_in+0x4f7/0x560 [ 1976.760723][T25134] ? vm_normal_page+0x1c9/0x1d0 [ 1976.765545][T25134] do_wp_page+0x4c1/0x1530 [ 1976.769938][T25134] ? _raw_spin_lock+0xa1/0x170 [ 1976.774673][T25134] ? do_swap_page+0x1560/0x1560 [ 1976.779512][T25134] handle_mm_fault+0xfa5/0x41e0 [ 1976.784335][T25134] ? __perf_event_task_sched_out+0xfe4/0x1110 [ 1976.790387][T25134] ? finish_fault+0x230/0x230 [ 1976.795037][T25134] ? down_read_trylock+0x17a/0x1d0 [ 1976.800118][T25134] ? _raw_spin_unlock_irq+0x5/0x20 [ 1976.805198][T25134] ? finish_task_switch+0x235/0x4c0 [ 1976.810383][T25134] ? vmacache_find+0x2d2/0x4b0 [ 1976.815119][T25134] do_user_addr_fault+0x48a/0x9f0 [ 1976.820115][T25134] page_fault+0x2f/0x40 [ 1976.824245][T25134] RIP: 0010:copy_user_enhanced_fast_string+0xe/0x30 [ 1976.830802][T25134] Code: 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 1f 00 c3 0f 1f 80 00 00 00 00 0f 1f 00 83 fa 40 0f 82 70 ff ff ff 89 d1 a4 31 c0 0f 1f 00 c3 66 2e 0f 1f 84 00 00 00 00 00 89 d1 f3 a4 [ 1976.850376][T25134] RSP: 0018:ffff888165d4f888 EFLAGS: 00010206 [ 1976.856859][T25134] RAX: ffffffff81f86901 RBX: 0000000020f80500 RCX: 0000000000000500 [ 1976.864804][T25134] RDX: 0000000000001000 RSI: ffff888197308b00 RDI: 0000000020f80000 [ 1976.872760][T25134] RBP: ffff888165d4fda8 R08: dffffc0000000000 R09: ffffed1032e61200 [ 1976.880705][T25134] R10: 0000000000000000 R11: 0000000000000000 R12: 00007ffffffff000 [ 1976.888650][T25134] R13: 0000000000001000 R14: ffff888197308000 R15: 0000000020f7f500 [ 1976.896601][T25134] ? copyout+0x51/0xb0 [ 1976.900640][T25134] copyout+0x8e/0xb0 [ 1976.904505][T25134] copy_page_to_iter+0x393/0xbd0 [ 1976.909413][T25134] pipe_to_user+0xa3/0x130 [ 1976.913797][T25134] __splice_from_pipe+0x2d3/0x870 [ 1976.918794][T25134] ? user_page_pipe_buf_steal+0xc0/0xc0 [ 1976.924313][T25134] do_vmsplice+0x252/0xee0 [ 1976.928700][T25134] ? avc_ss_reset+0x3a0/0x3a0 [ 1976.933362][T25134] ? write_pipe_buf+0x1d0/0x1d0 [ 1976.938184][T25134] ? __rcu_read_lock+0x50/0x50 [ 1976.942920][T25134] ? check_stack_object+0x5a/0x90 [ 1976.948003][T25134] ? _copy_from_user+0xa4/0xe0 [ 1976.952757][T25134] ? rw_copy_check_uvector+0x2b3/0x310 [ 1976.958186][T25134] ? import_iovec+0x1c2/0x380 [ 1976.962852][T25134] ? dup_iter+0x110/0x110 [ 1976.967151][T25134] ? do_vfs_ioctl+0x780/0x1750 [ 1976.971885][T25134] __se_sys_vmsplice+0x1fb/0x300 [ 1976.976793][T25134] ? __x64_sys_vmsplice+0xa0/0xa0 [ 1976.981789][T25134] ? put_timespec64+0x109/0x150 [ 1976.986614][T25134] ? __x64_sys_clock_gettime+0x20d/0x260 [ 1976.992219][T25134] ? __ia32_sys_clock_settime+0x2a0/0x2a0 [ 1976.997911][T25134] do_syscall_64+0xcb/0x150 [ 1977.002388][T25134] entry_SYSCALL_64_after_hwframe+0x44/0xa9 [ 1977.008266][T25134] RIP: 0033:0x45d189 [ 1977.012133][T25134] Code: 5d b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 2b b4 fb ff c3 66 2e 0f 1f 84 00 00 00 00 [ 1977.032142][T25134] RSP: 002b:00007f3e1612cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000116 [ 1977.040522][T25134] RAX: ffffffffffffffda RBX: 0000000000035800 RCX: 000000000045d189 [ 1977.048642][T25134] RDX: 0000000000000001 RSI: 0000000020000000 RDI: 0000000000000003 [ 1977.056585][T25134] RBP: 000000000118d028 R08: 0000000000000000 R09: 0000000000000000 [ 1977.064529][T25134] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000118cfec [ 1977.072489][T25134] R13: 00007ffd6eaa910f R14: 00007f3e1612d9c0 R15: 000000000118cfec [ 1977.085463][T25134] Mem-Info: [ 1977.089266][T25134] active_anon:1412291 inactive_anon:5849 isolated_anon:0 [ 1977.089266][T25134] active_file:250 inactive_file:686 isolated_file:32 [ 1977.089266][T25134] unevictable:0 dirty:4 writeback:0 unstable:0 [ 1977.089266][T25134] slab_reclaimable:8857 slab_unreclaimable:76874 [ 1977.089266][T25134] mapped:53406 shmem:8901 pagetables:40296 bounce:0 [ 1977.089266][T25134] free:10158 free_pcp:491 free_cma:0 [ 1977.127788][T25134] Node 0 active_anon:5649164kB inactive_anon:23396kB active_file:1200kB inactive_file:3144kB unevictable:0kB isolated(anon):0kB isolated(file):256kB mapped:213924kB dirty:16kB writeback:0kB shmem:35604kB writeback_tmp:0kB unstable:0kB all_unreclaimable? no [ 1977.153138][T25134] DMA free:15904kB min:24kB low:36kB high:48kB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15904kB mlocked:0kB kernel_stack:0kB pagetables:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 1977.186697][T25134] lowmem_reserve[]: 0 2912 6416 6416 [ 1977.192476][T25134] DMA32 free:18560kB min:4644kB low:7624kB high:10604kB active_anon:2819168kB inactive_anon:3032kB active_file:16kB inactive_file:1788kB unevictable:0kB writepending:4kB present:3129332kB managed:2983768kB mlocked:0kB kernel_stack:15264kB pagetables:33076kB bounce:0kB free_pcp:48kB local_pcp:0kB free_cma:0kB [ 1977.222554][T25134] lowmem_reserve[]: 0 0 3504 3504 [ 1977.227965][T25134] Normal free:5504kB min:5592kB low:9180kB high:12768kB active_anon:2828752kB inactive_anon:20364kB active_file:812kB inactive_file:1700kB unevictable:0kB writepending:12kB present:4718592kB managed:3588928kB mlocked:0kB kernel_stack:32608kB pagetables:128108kB bounce:0kB free_pcp:556kB local_pcp:496kB free_cma:0kB [ 1977.260692][T25134] lowmem_reserve[]: 0 0 0 0 [ 1977.265402][T25134] DMA: 0*4kB 0*8kB 0*16kB 1*32kB (U) 2*64kB (U) 1*128kB (U) 1*256kB (U) 0*512kB 1*1024kB (U) 1*2048kB (U) 3*4096kB (M) = 15904kB [ 1977.279006][T25134] DMA32: 129*4kB (UMEH) 107*8kB (UMEH) 42*16kB (UMEH) 39*32kB (UMEH) 16*64kB (UMEH) 38*128kB (UMH) 21*256kB (UM) 5*512kB (UM) 2*1024kB (UM) 0*2048kB 0*4096kB = 19164kB